Slashdot Mirror


User: ls671

ls671's activity in the archive.

Stories
0
Comments
2,940
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 2,940

  1. Re:Crazy people on English DJ Claims Wi-Fi Allergy · · Score: 2, Insightful

    Well many syndromes have just been recently identified, for many centuries people suffering from them were considered crazy.

    This guy problem might be psychosomatic, but I would be prudent before drawing any conclusion and keep an open mind. Further research on the topic could bring new knowledge. Wi-Fi is pretty new by comparison with man evolution ;-)

  2. Re:That's because security warnings are stupid. on Security Certificate Warnings Don't Work · · Score: 1

    > It prompts you to confirm it ...

    Sorry, you are correct when using password auth, I use keys so the behavior is a little different.

    alsls@jks11:~$ ssh athena.google.net
    Warning: Permanently added 'athena.google.net' (RSA) to the list of known hosts.
    Warning: No xauth data; using fake authentication data for X11 forwarding.
    Last login: Wed Jul 22 07:44:21 2009 from 217.226.228.142
    [alsls@athena ~]$ exit
    logout
    Connection to athena.google.net closed.

    See it automatically accepted the host key, then after tampering with the host key in .ssh/hnown_hosts, if I try to connect again:

    alsls@jks11:~$ ssh athena.google.net
    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
    Someone could be eavesdropping on you right now (man-in-the-middle attack)!
    It is also possible that the RSA host key has just been changed.
    The fingerprint for the RSA key sent by the remote host is
    Please contact your system administrator.
    Add correct host key in /home/alsls/.ssh/known_hosts to get rid of this message.
    Offending key in /home/alsls/.ssh/known_hosts:54
    Password authentication is disabled to avoid man-in-the-middle attacks.
    Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
    X11 forwarding is disabled to avoid man-in-the-middle attacks.
    Last login: Mon Jul 27 00:35:08 2009 from cpu678.google.net
    [alsls@athena ~]$ exit
    Connection to athena.google.net closed.

  3. Re:Mac on Security Certificate Warnings Don't Work · · Score: 1

    If Facebook presents a valid cert to you for the domain you are connecting to, then you could look at who signed the certificate (which certificate was used to sign the certificate Facebook presents to you).

    The certificate that was used to sign the Facebook certificate is called a CA (certificate authority) cert. Then, you could import that CA cert in Firefox or look for updates from Firefox regarding CA certs, many CA certs are already installed in the Firefox version you are running but maybe the CA cert used to sign the Facebook certificate isn't installed in your Firefox.

  4. Re:That's because security warnings are stupid. on Security Certificate Warnings Don't Work · · Score: 1

    > which means the only viable certificate warning is one indicating a certificate has changed

    This kind of make sense I guess, at least it is the default behavior for Open-SSH, it will accept any host public key when connecting to a host for the first time but it will warn you if that public key then changes to prevent a man in the middle attack.

    If it's good for ssh I guess it could work too for web browsing. This way, a warning might have more success in preventing a man in the middle attack. By showing up too many warnings, users will tend to ignore them more I guess !;-))

    Of course, people making money signing certs would oppose this idea I would assume...

  5. Re:nice. i have similar technology on Mobile Phone Technology and Developing Nations · · Score: 1

    I understand, note that nothing stops you from installing the server in a safe location.

    IVR:

    -press 1 for water heater in village home.

    -please wait while Astersik connects to water heater.

    Asterisk dials water heater...

    I guess you do not need Asterisk if you manage to remember all your codes or that you carry them with you ;-))

    With Asterisk, one would only have to remember one password to access the IVR and manage quite a complex setup. Of course a web interface with a central Asterisk server to dial into the devices would do the trick to. But I like to be able to control stuff from a payphone or any phone if I need to, they are more available than network connectivity in some places. Obviously your setup already allows that ;-))

    Sorry if I did not suggest anything simpler than your setup, I was just mentioning Asterisk has a nice component in these types of setups.

    Cheers ;-)
     

  6. Re:nice. i have similar technology on Mobile Phone Technology and Developing Nations · · Score: 1

    Asterisk is nice as a voice interface to your switches and sensors.

    Dial into Asterisk:

    IVR answer: Hello press 1 for temperature, 2 for lights, 3 for water heater.

    etc...

    X10 standard is nice also:

    http://en.wikipedia.org/wiki/X10_(industry_standard)

  7. Re:Break out the random dialer... on Hacking Nuclear Command and Control · · Score: 1

    I only play Windows game...

  8. Re:I am surprised on Keeping Up With DoD Security Requirements In Linux? · · Score: 1

    Another poster has stated it better than I did :

    "the sweet-spot between security and stability *is* using back-ported security fixes."

    No need to upgrade to the most recent version ! ;-))

    In fact the most recent version is considered less safe because of new holes that might have been just recently introduced and that nobody had a chance to discover yet.

  9. Re:I am surprised on Keeping Up With DoD Security Requirements In Linux? · · Score: 1

    I think you missed the point my post was trying to make. I was talking about software. It applies as well when newer versions of Windows come out. This is a principle above the OS that you are using that is pretty well known.

    Another poster has stated it better than I did :

    "the sweet-spot between security and stability *is* using back-ported security fixes."

    Linux and Firefox were only examples, the holes did NOT exist in previous versions of Linux, same for Firefox. They are newly introduced holes that go with newer releases of software. Back-ported security fixes ensure that you only fix the existing holes without introducing new ones. ;-))

  10. I am surprised on Keeping Up With DoD Security Requirements In Linux? · · Score: 4, Interesting

    I thought the DoD would forbid to run newer versions that haven't been ran and scrutinized enough by a lot of people.

    I though they would do like many big iron companies that run older versions with security patches applied. I mean if I remember right, no later than last week, exploits were found in newer versions like Linux kernel 2.6.30 and Firefox 3.5. I think this is more likely to happen with newer releases of software than with older releases tested through the years.

       

  11. Re:Big deal on Undercover Cameras Catch PC Repair Scams, Privacy Violations · · Score: 4, Interesting

    Well, I tell people that I am outdated with regards to fixing computers, I used to do it when I started to play with computers but now the time I would spend fixing my aunt virus infected computer would make me loose too much money compared to spending that time on my regular work.

    So maybe competent people do not want to do this kind of work, I don't anyway...

    They have stopped to call me since a while and this is a good thing, charging them more than the price of the computer to fix it wouldn't fly and that is what it costs me in lost income ;-))

  12. Re:Copypaste on 'Vanish' Makes Sensitive Data Self-Destruct · · Score: 1

    Just look at the dates in the server headers in the message source if you need to catch somebody trying to fool you. Client headers have been very easy to falsify since the beginning of email. (e.g. From:, Date:, Subject: , etc...)

  13. Re:Use subversion either hosted or your own server on Collaborative Software For Pair Programming? · · Score: 1

    Well I have come to realize that and this is what I posted :

    http://slashdot.org/comments.pl?sid=1308949&cid=28761879&art_pos=7

    Then I thought about it some more and here is my final post:

    http://slashdot.org/comments.pl?sid=1308949&cid=28766925&art_pos=4

    Basically I think I question the pertinence of the requirement, which a good consultant should do when he feels it needs to be done ;-))

    Note that once I have expressed my concerns, I will respect the needs of the customer if he decides to stick with his first idea ;-)

  14. Re:So Fake on Entire Moon Added To Google Earth · · Score: 2, Informative

    > I have no idea what this is called but I am sure
    > someone who is more gifted in physics can explain better.

    Well the poster just above your post explained it quite well, I also found this link which tends to confirm the other poster explanation ;-)

    http://www.physicsforums.com/showthread.php?t=289183

    Basically, tidal forces leading to a lock-step. The periods would not have to be the same in the beginning.

    I hope that you will forgive me, but I haven't had time to try your marble experience, thanks anyway ;-)

    Cheers ;-)

  15. Re:So Fake on Entire Moon Added To Google Earth · · Score: 2, Informative

    I think the term existed before the music album ;-)

  16. Re:So Fake on Entire Moon Added To Google Earth · · Score: 1, Interesting

    > There is no dark side of the moon really

    Very true, like any other planet, there is sunlight on half of the surface of the moon at all times unless the Earth hides part of that sunlight ( moon eclipse ).

    When we only see half of the moon in the sky, it means that half of what we call "the dark side of the moon" is actually under sunlight.

    When we can't see the moon, it means that 100% of "the dark side of the moon" is actually under sunlight. Only at full moon is it actually completely dark on the "the dark side of the moon".

    We always see the same face of the moon because:
    its rotation period around the Earth = its rotation period on itself

    I have always wondered what were the odds of such an equality in the 2 periods. I do not know, maybe this could be due to the moon actually be fragments of planet Earth as it is generally accepted now. But then again, doesn't this suggest intelligent planning rather than a random cataclysm ?

    We cal "the dark side of the moon" the face that we never see...

  17. So who was it ?? on Most Expensive JavaScript Ever? · · Score: 3, Interesting

    I browsed the comments on the Opera blog and I could not find any definitive answer although HP and Dell are mentioned as possible culprits.

    So who was the culprit company ??

    Now that it is on /., I am sure that a member of the Slashdot intelligence community could come up with the answer. I offer a reward that will be paid in SMP currency, not in NOK. Sorry about that but I do not have any NOK at my disposal.

    currencies:
    NOK = Norwegian krone
    SMP = Slashdot Mod Points

  18. Re:Use subversion either hosted or your own server on Collaborative Software For Pair Programming? · · Score: 1

    > Using a version control system should be mandatory anyways

    You would be surprised how many projects I have seen that did not have source control. When I work on such a project, I just use my own CVS repository to store project files. I just can't seem to be able to work without source control.

    Well, this could be a good time to teach the students the importance of source control as you stated above.

    Some other posters have mentioned David might be looking for something more like VNC or screen to better simulate pair programming. Well I think real pair programming should be done in person.

    The next closest thing I have used in my life was using messenger, Skype or similar, cutting and pasting code snippets into the chat tool and doing a commit/update after writing say ten lines of code to the source code file so both developers would be in sync. Do we really need to watch the other developer as he types, will it be wasted time compared to spending that time in writing another method than reviewing both method together ?

    Also, I have worked with Google docs in "remote pair editing word documents" and I did not find that useful the fact that it updated the document in real time, I found it more bothering than anything else. Plus, the amount of versions, close to one version per keystroke, made the history unusable.

    Google docs seems to simply auto-commit/auto-update close to every time you hit a key ! ;-)) There might be some setting for this behavior that I am unaware of although ;-))

    Of course this is my own opinion, others may thing differently.

    As a side note: I use VNC to remotely teach people how to use Eclipse and the SVN/CVS plugins. VNC is great for that. We have never used VNC to do collaborative coding although. Turn on line numbering in your editor and you should be fine with messenger, Skype or something similar and SVN.

  19. Re:I assume the SOURCE fits into 4 kb on Hacking Hi-Def Graphics and Camerawork Into 4Kb · · Score: 1

    > Maybe you just shouldn't use a word like "source" to mean
    > "executable" when you're talking about software. It's just bound > to create confusion.

    I have learned this by now, this now seems obvious ;-)))

  20. Re:Use subversion either hosted or your own server on Collaborative Software For Pair Programming? · · Score: 2, Interesting

    > I think that you're answering a different question than what the
    > submitter asked.

    Well, I could be, sorry if I am.

    Subversion allow you to enter comment for every change you make and these comments won't go in the source code.

    For the voice/text chat part, we usually just use messenger or something similar.

    Also, I think this would be a great opportunity for the students to learn how to use a real-life tool instead of something they are less likely to reuse in the future.

    But as you said, maybe this is not what David is looking for but I answered to the best of my knowledge ;-))

  21. Use subversion either hosted or your own server on Collaborative Software For Pair Programming? · · Score: 5, Informative

    I would recommend to use Subversion. You could setup your own server but there is also hosted solutions available. I searched Google for "hosted source control" and I found this link :

    http://weblogs.asp.net/fmarguerie/archive/2005/04/27/Hosted-source-control.aspx

    The bonus would be to teach your student how to use version control and how to work together on the same files. Subversion (and older CVS) integrate into Eclipse and most other development environment. There is also standalone clients available if your students use a simpler editor like vi or notepad ;-))

  22. Re:What's Firefox? on Linux Distributions' Tracking of Upstream Projects Examined · · Score: 1

    Well I run Slackware which ranks just as bad as Debian. The upside is that most big iron companies run deprecated version of Linux, some still run kernel 2.4.X. They only patch their systems with security updates.

    The idea is that newer packages might have security bugs in them that aren't found yet. Packages which have been around for years have less chances to contain undisclosed security bugs. Recent Firefox 3.5 security bugs tend to confirm this principle.

    So it doesn't bother me at all that Slackware ranks just as bad as Debian ;-)

  23. Re:I assume the SOURCE fits into 4 kb on Hacking Hi-Def Graphics and Camerawork Into 4Kb · · Score: 2, Insightful

    What is wrong today with this burst of people taking others for imbeciles ?

    I did not quote the GP while saying it was 4 KB ! There was some confusion on this thread about 4kb vs 4KB so I just mentioned:

    "By the way, the article says it is 4 KB not 4 kb".

    You need to understand that some people may write comments in a different way that some others do when they try to prove the other poster is stupid.

    To summarize I wrote :

    1) The "executable" is 4KB but it must require much more memory than what is needed to display an icon. I used the term "source" in a video/audio context where there is usually a source involved in order to provide playback. I ain't stupid enough to ignore that the 4 KB must actually be machine code. I ain't stupid enough to ignore that 4*1024=4096 either...

    2) "By the way, the article says it is 4 KB not 4 kb" in order to clarify apparent confusion due to some other posters mentioning 4 kb and also due to the fact that 4 kb was used in the summary posted on /. front page, not to try to prove the GP stupid.

  24. Re:I assume the SOURCE fits into 4 kb on Hacking Hi-Def Graphics and Camerawork Into 4Kb · · Score: -1, Troll

    Well, I could have used executable, I used source as in an mpeg file constituting the media source for your movie as opposition to VHS tape source for example.

    I just think "Fitting into the memory used by one of your PC's desktop icons" leads to believe that it takes as much resources as displaying an icon on your PC, which I would assume is not true.

    That's all I said, I never said it wasn't a great achievement !

    By the way, the article says it is 4 KB not 4 kb.

  25. This is too bad on Company Denies Its Robots Feed On the Dead · · Score: 2, Insightful

    > Company Denies Its Robots Feed On the Dead

    Too bad, there could be use for such a robot in an epidemic scenario or on a battlefield where the many corpses laying around could cause a health hazard to the survivors ;-))))