Slashdot Mirror


User: dgatwood

dgatwood's activity in the archive.

Stories
0
Comments
14,277
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 14,277

  1. Re:Use-case? on A FreeBSD "Spork" With Touches of NeXT and OS X: NeXTBSD · · Score: 2

    Perhaps you don't understand what the word "harbor" means. It means to give a home or shelter to someone; in this usage, it implies doing so in secret. Allowing someone to contribute code openly (not in secret) is precisely the opposite. It keeps the person talking, thus revealing that person's location, and making it easier to bring that person to justice.

    Besides, it's a bit like the ethical question of "tainted" money. If someone earns money through doing bad things, is it ethical to use that money for good? Maybe. To me, the answer comes down to whether doing so would encourage continued bad behavior. For example, it would be unethical to accept evidence obtained through an illegal search (fruit of the poisonous tree) because doing so would encourage police to ignore the legal process and get the evidence through any means necessary. But in this case, if what you described is accurate, it is one step removed from that, even. The coding wasn't gained through illegal or unethical means; accepting the code would probably not make the person more likely to do bad things in his personal life, because the two are largely unconnected aspects of the person in question.

  2. Re:Bureaucracy on Oakland Changes License Plate Reader Policy After Filling 80GB Hard Drive · · Score: 2

    I thought this was going an entirely different direction.

    Thank you for your request for a citation. Please fill out form 132-B if you would like a citation for a traffic offense, 132-G if you would like a citation for a parking violation, or form 132-Q if you would like a citation for improperly posted signage outside your place of business. We would be happy to issue you a citation, and we thank you for your self-reporting. The fees from these citations for self-reported infractions help fund our department.

    If you would like to report an infraction being committed by someone else, please call us on the phone at 555-555-5555. We apologize that third-party reporting cannot be done online or by mail at this time.

  3. Re:Ulterior motive implied on Why Google Wants To Sell You a Wi-Fi Router · · Score: 5, Insightful

    Yeah, I was thinking much the same, except slightly more cynically:

    1. Develop a faster negotiation scheme for 802.11 with encryption that involves extra data in the beacon frame plus a single ARP with shortened delay waiting for a response
    2. Make changes to improve handoff speed between 802.11 and LTE
    3. Become an MVNO for Android devices
    4. Silently introduce a software update that automatically shares a portion of your bandwidth with Android cell phones for voice call purposes
  4. Re:Filtering on Reflection DDoS Attacks Abusing RPC Portmapper · · Score: 1

    Your traffic, yes. The average user's traffic, no. The average computer user has Windows file sharing turned on for the root volume, with the relevant ports wide open to the outside world, and with an empty admin password.

    Unfortunately, the vast majority of people are simply not equipped to protect their own networks, and need their ISPs to do it for them. As long as that is the case, network connections that allow unfiltered inbound traffic should be by request, not by default. If you know enough to ask, you probably know enough to set it up correctly, and if you don't, you probably aren't missing anything by being limited to the handful of end-user server-like apps that support NAT-PMP.

  5. Re:Filtering on Reflection DDoS Attacks Abusing RPC Portmapper · · Score: 1

    Yes, though it might also break things for larger customers who have more than one ISP, whose IP ranges should at least ostensibly be advertised as routable through both networks. Mind you, that's a fairly small percentage of users out there, so yes, the default policy for such traffic should almost certainly be "drop".

    Of course, you could do the port blocking at the ISP level and be done with it. IMO, an ISP should port filter everything into the ground by default; a customer should have to explicitly request that his or her connection be fully open to incoming requests. Doing so would have basically the same effect as blocking based on source address, but you'd just have a short list of open incoming ports (22, 80, 443, and the ephemeral range, give or take) instead of a potentially long list of IP ranges.

  6. Re:Filtering on Reflection DDoS Attacks Abusing RPC Portmapper · · Score: 3, Informative

    In case you're not joking, the problem is that by the time it reaches the customer premises equipment (your router), it has already wasted bandwidth on the slowest link (the one between the home/business and the ISP). So if you are the target, the damage is already done before you can filter it. That's why amplification attacks have to be prevented by blocking the ports of the systems participating in the amplification, rather than by blocking ports at the victim's site.

  7. Re:And, it's spreading to more companies in Seattl on Debate Over Amazon Working Conditions Goes Back Years · · Score: 1

    And, that is now the new normal at Seattle tech companies. When I first moved here seven years ago, I asked how to notify the company of planned vacation time. I couldn't find it in the HR system. I got screamed at for using the word "notify" rather than "request." Our HR director called me "an arrogant little sh--" for that. Because she also bitched at my boss, he told me no vacation time for one year. The jerk was serious.

    I'm pretty sure I would have handed in my resignation the next day. Life's too short to put up with an abusive sociopath as a boss and coworkers who create a hostile work environment. That's simply inexcusable behavior, period.

    And as much as I hate to say it, have you ever thought about forming a union? Because it sounds like your company is precisely the sort of abusive company whose workers are most in need of that sort of protection.

  8. Re:There is no reason for any drought to continue on How California Is Winning the Drought · · Score: 1

    Er, no. Residential use is barely over 10% of the state's water consumption, and much of that goes into swimming pools and golf courses for the 1%. 80% of the water is used by agriculture, which makes up 2% of the state's GDP.

    That's technically true, but at the same time, it isn't a very accurate picture. 80% of the water that is actually consumed (which ends up being only about 39% of the total water supply) is used by agriculture, but even in the worst-case watering scheme, at least half of that water ends up soaking into the ground, where much of it eventually goes back into aquifers, where it later gets pulled back out by pumps and used to water other crops or provide drinking water.

    By contrast, the water that we use in our households (ignoring the small percentage of houses with septic tanks) typically ends up getting dumped into rivers, where nearly all of it ends up either evaporating or flowing out into the ocean. In effect, most of that water is basically lost until the next time it rains. So the real impact of agriculture is likely considerably less than that 80% number suggests.

    Also, remember that agriculture is, at least to some degree, proportional to the population. So population growth increases agricultural water consumption, assuming all other factors remain the same.

    You're certainly correct that reducing agricultural water consumption can help as a short-term means of reducing our state's water needs. However, as I understand it, the general consensus is that we are already past the point where the added cost of reducing that consumption through changes in farming techniques and technology exceeds the cost of simply bringing in more water through other means (e.g. massive desalination). So the only really practical way to reduce agricultural consumption is not through improved technology, but rather by growing crops that require less water.

    Unfortunately, that's easier said than done. The reason California grows many of those water-hungry crops is that it has fertile enough soil and high enough rainfall to make it practical, which isn't true for most of the planet's surface. That's why 80% of the world's almonds are grown here, for example. And, of course, by some measures, meat and dairy make up about half of California's water use by themselves.

    So basically, we have a choice: Give up a lot of foods that people like (no more meat, no more dairy, no more almonds) or we find ways to ensure that we can produce enough water to continue producing those water-hungry foods. Want to keep eating meat and drinking milk? Then those animals are going to still need water.

  9. Re:There is no reason for any drought to continue on How California Is Winning the Drought · · Score: 3, Insightful

    The idiots are the ones who actually believe that the drought is the root cause of our water shortage. It isn't. It just made the real problem harder to ignore. The real problem is that California's population has grown by about 30% in the past 20 years, and the water system hasn't kept up. That's a staggering rate of growth. Keeping people out isn't realistic, which means the water system absolutely must be expanded in every respect—more water storage (whether dams or otherwise), more desalination plants, etc. to meet the growing needs of that growing population. We haven't been doing that adequately; we've been cutting corners to save money, allowing the safety margins to get smaller and smaller, and now we're paying the piper. We need to not make that mistake again going forward.

    The problem with conservation is that people mistakenly try to treat it as the final solution to problems. It isn't; it can't be. When it comes to a limited resource, conservation can only be effective as a stop-gap workaround until either an alternate source for a scarce resource can be found or an alternative to that resource can be found. Otherwise, population growth alone will eventually exceed the limits of conservation, at which point you are totally and completely screwed. And when you're in your fourth consecutive year of drought and some people are still saying, "We don't need to build desalination plants because the drought has to end eventually, and the next one might be far away", you have to start wondering about their sanity, because yes, the next one might be in thirty years, or it might be in three.

    The mind-boggling thing is that the people who support anthropogenic global warming tend to be the very same folks who are saying that we don't need desalination plants because we're going to get back to normal levels of wetness soon. We might, but there's at least as good a chance that this is the new normal. If we aren't prepared for that, we're signing our own death sentences.

    So yes, conservation might get us through the drought. Then again, if the folks predicting the weather are right, the drought might end this winter anyway, making any further reductions in usage largely moot. And if the AGW folks are right, we might go right back into a drought in a couple of years. No matter which of those possible scenarios pans out, the true underlying problem—a water system whose capacity has not kept up with the population growth—will still be there.

    My biggest concern when it comes to our water system is that a year from now, people will say, "The drought is over. There's no need to build this expensive infrastructure. That money can better be spent on [insert more short-term need here]." And then just as before, nothing will get done, and we'll end up in the same boat a decade or two down the line, only at that point, everybody will be conserving as much as they can without causing serious problems, so the conservation efforts will become more and more draconian.

    Folks need to take a serious look at the projected population growth, assume that we're rapidly approaching peak conservancy already, and do the math. Then, the infrastructure needs to get out ahead of the curve instead of being behind it. Anything less than that is just asking for a disaster down the road. After all, you don't build a computer system to handle your capacity needs right now, because you'll be screwed in a year. You build a computer system to handle your projected capacity needs over the next several years. Our water system is fundamentally no different.

    And just to be clear, I was being facetious about wasting as much water as you can. Doing it for a week might be an interesting way to protest and cause the water board folks to wet their pants, panic, and get more insistent about building the additional infrastructure we need, but doing it long-term would obviously be catastrophic, because we'd run out of water before the winter. The point of that bit of satire

  10. Re:There is no reason for any drought to continue on How California Is Winning the Drought · · Score: 1

    There's no rage there. I'm not quite sure how you read it that way.

  11. Re:There is no reason for any drought to continue on How California Is Winning the Drought · · Score: 1

    Angry? No. Cynical? Yes.

  12. Re:Management Principles for the "Best" is Wrong on The Challenge of Working At Amazon · · Score: 1

    Oops. Missed a comma after "still". My bad.

  13. Re:Management Principles for the "Best" is Wrong on The Challenge of Working At Amazon · · Score: 1

    Not incorrect English, but incorrect heading capitalization. Still it isn't half as bad as "Are Right, A Lot". I don't know which is worse there—the completely baffling heading or the total load of crap below it.

  14. Re:"Recorded history" on How California Is Winning the Drought · · Score: 3, Interesting

    It reminds me of the joke about the CEO who was talking with his departing predecessor. The predecessor handed him three envelopes, with instructions to open them whenever things got bad enough that his job was on the line. One day, things got bad, so he opened the first envelope. The note inside read, "Blame your predecessor." He did, and things were okay for a while. Then, things got bad again, so he opened the second envelope. The note inside read, "Restructure the company." He did, and again, the crisis was averted. Finally, things went badly wrong a third time, so he opened the final envelope. Inside it, the note read, "Prepare three envelopes."

  15. Re:"Recorded history" on How California Is Winning the Drought · · Score: 1

    Anyone who wasn't expecting a multi year drought in California obviously didn't study history.

    They expected it; they just all hoped that the other party would be in office when it happened, so they could blame them for not building the infrastructure to prevent it from turning into a disaster.

  16. Re:There is no reason for any drought to continue on How California Is Winning the Drought · · Score: -1, Flamebait

    The response to the drought by people and local governments has been great. If you go outside in a residential area of the bay area, you'll see plenty of brown lawns.

    How is that great? One major reason that people have lawns in California is to serve as a buffer zone from fires. Now, there are millions of homes across the state whose lawns are a tinderbox, ready to ignite. When the rains finally do come, lightning comes with it, and this season promises to be an especially brutal fire season because of under-irrigation.

    And don't forget the economic damage caused by allowing all those lawns to die, which then have to be either replanted or replaced with something else, at a tremendous cost to the state's economy (remember your broken window fallacy), all for no real reason other than because our government was too freaking cheap to build the water infrastructure we needed in a timely fashion.

    The biggest problem is the state government. The state government manages water like it manages money: when a good year comes, they find some project to use it on, ignoring that there will not always be so much water/money. When the bad year inevitably comes, the resources have been allocated too many places, and there is a deficit. Unfortunately you can't borrow water the way you can borrow money.

    State and local. And then, they come up with clever catch phrases to try to shame people into using less water because of their own poor planning, all of which just pushes the problem a little farther down the road, in the hopes that by the time it becomes an unavoidable crisis, somebody else will be in office and will have to take the blame for the government's inaction.

    I've said it before during the power crisis, and I'm sure I'll say it again about some other crisis in the future: The best thing Californians can do is to water their lawns three times a day. Use ten times as much water as normal. Leave their faucets dripping all day. Shower for an hour or longer. Bring the whole water system into such a state of impending collapse that the shortsighted fools who run our state have no choice but to act, and to act quickly and decisively, to prevent a total disaster of biblical proportions by building the water infrastructure that the state should have built twenty or thirty years ago.

    Conserving only encourages these people to say, "See, we can handle the problem. It isn't a crisis. We don't need to fix it." Unfortunately, for the moment, that is true, it will keep being true until the day that it isn't, and then it will be too late.

    And suddenly, I have the urge to run for office....

  17. Re:"Challenge", a politically correct word for "He on The Challenge of Working At Amazon · · Score: 1

    Not just Amazon. Most big companies are that way to varying degrees. I remember hearing from some folks who worked at Apple around the turn of the century that one of the big things that Steve Jobs did when he returned to Apple was jerking a knot in a lot of people for such behavior. But even in companies that aggressively try to combat it, you'll still find a fair amount of politics lying just beneath the surface, ready to turn a great workplace into a hostile work environment at the drop of a hat.

    I don't think any big company can be completely free of such problems, if only because nobody can monitor everything that's going on, and it is hard to avoid occasionally hiring the sort of person who feels that the best way to get ahead is to pull somebody else back. With that said, if you're running a company, there are some common sense things you can do to minimize the damage it causes:

    HR policies:

    • Do exit interviews whenever someone leaves a job for another job (whether within the company or not) and record the results. Make that information available to future hiring managers as a matter of course.
    • Monitor the number of people leaving a department for any reason.
    • Correlate the two when you see departure numbers that are abnormally high, and take action to fix the problem, whatever it might be (understaffing, bad management, bad working conditions, etc.).
    • Give your HR staff the power to intervene when they suspect that something is seriously wrong. And when you hire workers for your HR department, choose people who will be strong advocates for your workers, not pencil pushers who are merely recording information for future reference.
    • Design programs for employee retention that encourage internal transfers as a first course of action when any manager claims that an employee is exhibiting performance problems, so that if those performance problems are caused by problems in the work environment (or worse, are distortions or outright fabrications), the problems will go away, and you'll have a solid employee again—one who will appreciate your company even more for having treated him or her with respect and dignity rather than like a replaceable cog in a giant machine.
    • With the possible exception of brand new employees, never allow any manager to terminate any employee for performance reasons unless that employee has failed to live up to the standards of managers in two different departments (provided that another suitable department exists).

    Manager training:

    • Encourage hiring managers to look at an employee's entire history rather than just looking at recent performance reviews, because even good employees can end up with bad reviews when put in a bad environment, and some employees resist stepping outside of their box to try to get away from even the worst environments, trying to convince themselves that things will get better, even as they keep getting worse.
    • Discuss the psychology behind workers staying in jobs long past the point where they truly fit as part of your manager training, so that good managers can spot those problems before they become serious, can recognize the difference between a bad environment and a bad worker while deciding whether to approve a transfer, and so on.
    • Design programs that encourage workers to return to your company with seniority, without arbitrary limits on how long they can stay away. This discourages rapid job switching between competitors (which harms worker performance), and reduces the risk of people fired for political reasons finding themselves unable to return without taking a huge cut in benefits.

    Vacation policies:

    • Give employees reasonable time off at a level that is at least as good as the rest of the industry, and mandate that they take it (not just "time off will stop accruing", but "you must take the time off, and will be subject to disciplinary action if you set foot on the premises or attempt to work from h
  18. Re:Thoughtcrime on FBI: Retweeting a Terrorist's Tweet Could Land You In Trouble · · Score: 2

    To me, the only things that can really be justified in response to terrorism are actions that actually make terrorism harder. Right now, there's nothing stopping them from renting a private plane, advertising cheap airfare to some popular destination on some particularly busy day, and crashing a plane filled with people into a building, so if preventing that is your goal, then we've failed miserably.

    And really, except for the hardened cockpit doors, little to none of what our government has done in response to 9/11 has plausibly made terrorism significantly harder. At least I can use my terrorist-repelling rock to hit a terrorist on the head in the event of an emergency, which makes it better at preventing terrorism than, for example, the full-body scanners. After all, terrorists had already made a couple of failed attempts that clearly demonstrated that the sorts of bombs that don't involve any metal are impractical. That means the metal detectors, by themselves, were enough to keep us reasonably safe, making those new privacy-invading scanners completely superfluous expenses that do little or nothing to improve actual security.

  19. Re:And the purpose of this exercise is? on Epic Mega Bridge To Connect America With Russia Gets Closer To Reality · · Score: 1

    Ha ha ha ha ha ha, did you just compare damage to a 'bridge inside borders' to a bridge over the ocean?

    I compared a bridge across a large body of water to a bridge across an only slightly larger body of water. Whether the bridge goes from one country to another is largely irrelevant unless the leaders of one country or the other are idiots. After all, they would both have to pay part of the cost of any future repairs to that bridge, which is a powerful disincentive to bombing it in a fit of stupidity. If anything, the nature of such a bridge might even serve to stabilize relations between the two countries.

    The only bottleneck there is a port and ports are much easier and faster to build than additional bridges to increase throughput.

    Ports can only increase bandwidth. What shippers care about is latency. The only way you can improve latency with boats is to build faster boats, and the faster the boat, the less it can carry (and the more fuel it takes), so there are very real practical limitations involved.

    A burning bridge stops all cargo from being moved, while a burning ship only stops that ship. Shipping docks are a scalable solution, while a bridge is a fixed throughput solution that cannot be scaled without building a second bridge.

    A burning dock stops all cargo from being moved. Your point? You think that after Russia and the U.S. build a multi-billion-dollar bridge, one of them is going to suddenly decide to blow it up on a whim? Periods of international tension might very well close the bridge, but I can't imagine them being shortsighted enough to blow it up.

    Also, bridges can be repaired pretty quickly these days, for the most part. When a tanker fire destroyed an elevated road segment in San Francisco back in 2007 and caused it to fall on top of another elevated road segment (requiring significant repairs), they had the lower segment repaired in eight days, and the upper one rebuilt in just 25 days. And with the floating bridge I described, assuming you build some extra segments, damage could be repaired in hours simply by towing another identical segment into place and fastening it to the adjacent segments. You just have to provide enough of a financial incentive to grease the wheels of the bridge building company. :-)

  20. Re:And the purpose of this exercise is? on Epic Mega Bridge To Connect America With Russia Gets Closer To Reality · · Score: 1

    And how long does it take two trucks to ship the same amount of goods as a fully loaded freighter?

    I'm not sure how that's relevant unless your company needs to ship a full freighter-load of goods. I'm not talking about the biggest companies here. I'm talking about the myriad companies that routinely use international shipping in much lower volume. For those companies, what matters is latency—how long they must wait for something to arrive stateside—not bandwidth.

    If you're one of those rare companies that can fill a freighter, then your company is clearly in the category that can afford to bring in its first two weeks' supply by air while the boats are carrying the next month's supply, and the boat latency doesn't matter (unless you're a shipping company). But even for those big companies, it could still cut out the second week of air shipments, which could be a significant financial win. And for shipping companies that provide services to smaller companies, being able to offer a level of service between "very expensive" and "glacial" would be a significant win, too.

  21. Re:And the purpose of this exercise is? on Epic Mega Bridge To Connect America With Russia Gets Closer To Reality · · Score: 1

    Of course, I did forget to mention one other thing, which is the need to build roads to that bridge, which would no doubt add considerably to the total cost.

  22. Re:And the purpose of this exercise is? on Epic Mega Bridge To Connect America With Russia Gets Closer To Reality · · Score: 1

    Nobody can predict what will happen between the U.S. and Russia, but I'd be really surprised if things got so bad that U.S. companies didn't feel comfortable shipping goods through Russia. It's not like we're talking about a third-world country or anything.

    And what you say about damage is downright silly, because the same concern applies equally for a bridge inside our borders. In fact, by your standards, the docks where those boats load their cargo should never have been built, because if one of the minimum-wage immigrants carrying cargo on his shoulders out to a small boat in waist-deep water dies of a heart attack, it doesn't prevent other workers from loading cargo, whereas if a dock collapses, it does, and those workers can be used for other things if we suddenly no longer need boat shipping. I mean, the only way that logic even starts to make sense is if a serious failure is highly probable, and if that's the case, then it means they got the design wrong.

    Besides, the cost of a Bering Strait bridge could be a lot lower than you might think. They would need one segment of it to be tall enough to let shipping traffic through—possibly between the two Diomede Islands—but the rest of it could ostensibly be a simple pontoon bridge, which is relatively cheap.

    Most of the cost of the project would likely be for that one span between the two islands that's tall enough to let ships pass under it. That would cost several billion dollars, in all likelihood. The remaining 55 miles, assuming other pontoon bridges are any indication of cost, should be the neighborhood of $5 million to $10 million per lane-mile. At 55 miles long, a four-lane pontoon bridge should cost a couple of billion dollars, give or take, which is about as much money as we waste on a single B-2 bomber.

    Of course, a pontoon bridge in that area would have to be specifically designed to withstand the rather severe storms that the Bering sea experiences, which could drive the cost way up. On the other hand, the project is so huge that economies of scale would kick in and bring the component cost way, way down (because you'd be building over 18,000 identical 16-foot segments), which would probably balance that out to a large extent.

    Of course, I am not a bridge engineer, so my estimates could be way off, but I wouldn't be at all surprised if someone were able to come up with a design that fell under the $10 billion mark, or about twice the cost of the Bay Bridge. Heck, the tunnel that Russia proposed was only sixty or seventy billion, so that estimate probably isn't too far off the mark.

  23. Re: Just goes to show you UNIX SUX on Critical BIND Denial-of-Service Flaw Could Take Down DNS Servers · · Score: 1

    I'm not forgetting. Then again, that was also true for telnet back when I started setting up DNS zone transfers.... Just saying. :-)

  24. Re:And the purpose of this exercise is? on Epic Mega Bridge To Connect America With Russia Gets Closer To Reality · · Score: 2

    But not cheaper and faster. A boat from China or Japan takes 10-14 plus loading and unloading time (which, if you're sharing a boat with a bunch of other companies, can potentially add weeks of delay before the boat leaves the dock), and air shipping is relatively expensive. With two or drivers trading off, you could potentially do California to Japan by truck in about a week.

    Having a bridge between North America and Asia could be absolutely huge for shipping, as a potential midpoint between the two shipping methods. Whether it will be or not is another question.

  25. Re: Just goes to show you UNIX SUX on Critical BIND Denial-of-Service Flaw Could Take Down DNS Servers · · Score: 1

    So if you are an ISP providing a secondary DNS service, you're happy to create accounts with ssh/rsync access for 10 000 customers who all have more lax security than you do?

    Sure. You give them all a shell account with access to their own zone files, and you require them to provide a public key for authentication (no passwords to attack). Then, you have a separate process that watches for changes and updates the official zone files that the daemon reads. Clearly, a daemon that has write access to all of the zone files is inherently less safe than a series of ssh accounts, each with access to only a single user's files, coupled with a daemon that has only read-only access to copies of the original zone files.