Slashdot Mirror


User: swillden

swillden's activity in the archive.

Stories
0
Comments
18,006
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 18,006

  1. Re:Easy on How To Prove Someone Is Female? · · Score: 1

    Guevedoche means "balls at twelve"

    Are you sure that's not "Huevedoce"? I'm not very familiar with the Dominicano dialect of Spanish, but "Guevedoche" seems like a very unusual variant.

  2. Re:What do you mean? on Criminals Prefer Firefox, Opera Web Browsers · · Score: 1

    Plugins and cookies are a huge problem. Cookies are a major privacy concern, and plugins well just depends on how much you trust the external plugin.

    NoScript blocks plugins as well, including Java, Flash, Silverlight, etc. And it blocks XSS attacks, even for pages you are allowing to run JS.

    It doesn't block cookies, but there are other tools for that. And cookies aren't really that significant anyway, especially if you disable third-party cookies and configure FF to lose them every time the browser is closed.

  3. Re:What do you mean? on Criminals Prefer Firefox, Opera Web Browsers · · Score: 1

    Okay, then since I don't use FF, I'm honestly confused as to the utility of NoScript, if it's possible to disable scripting without it. Elucidate?

    NoScript allows you to turn off scripting in general, but to allow it for specific sites. By default, with NoScript turned on, no Javascript is executed, but there's an icon in the status bar that will allow you to allow this site, or a portion of this site, to execute scripts, either temporarily or permanently, and when you change the permissions it automatically reloads the affected page elements.

    It also does things like blocking cross-site scripting attacks, even when you are allowing a site to execute Javascript, and setting different rules for HTTPS sites, allowing sites to execute JS only if using a secure connection. Further, it goes beyond just blocking Javascript, it can block Java, Flash, Silverlight, XSLT, other plugins, web bugs, bookmarklets, certain meta redirections, frames and ifames, etc. and for many of those things it replaces the page element with an icon which you can click on to unblock it, either temporarily or permanently.

    There's a huge difference between what NoScript does and just turning off Javascript.

  4. Re:slashdot.org _DOES_ have AAAA records on IPv6 Challenges and Opportunities · · Score: 1

    I should write out 1000 times "I should spend more time reading carefully", rather making sure the formatting is correct... :-(

    :-)

    I see you did realize that slashdot has no AAAA record, and that those AAAA records in the dig response were for a couple of the root servers.

  5. Re:Gotta love statistics on Criminals Prefer Firefox, Opera Web Browsers · · Score: 4, Insightful

    What does this article even mean?

    Easy: This article means that this set of computer criminals primarily uses Firefox and Opera.

    The problem with statistics isn't with statistics, it's with people drawing conclusions unsupported by the statistics.

  6. Re:IpV6 reality check on IPv6 Challenges and Opportunities · · Score: 1

    > The transition plan is solid, and works very well in practice ... What's lacking is the ISP motivation,

    The very definition of a "solid plan" is that ISPs would have "motivation".

    They will have motivation, as the IPv4 address space limitations begin to constrain their operations. Thanks to much effort and cleverness, this has taken longer than expected, but it's coming.

    I think what is likely to happen if the US and European ISPs delay the shift too long is that other parts of the world which are even more constrained with respect to v4 address space will make the move first. In particular, I wouldn't be surprised if China were to be the first to move to a primarily IPv6 network, with plenty of Chinese-only services (web sites, etc.) which are v6-only.

    Eventually, though, even North American and European ISPs will be forced to transition. We may for a while see two pricing tiers, where you pay a base fee for a connection, which includes v6 only, but can pay a surcharge to get the use of a v4 address. That's some time away, though.

    Note that using the v4-in-v6 subset of the v6 address space, as Dan Bernstein recommended, would not significantly change this dynamic. It would still be the case that if services want to be accessible to everyone, they have to have a v4 address and if users want access to everything, they have to have a v4 address.

  7. Re:Readiness test checklist on IPv6 Challenges and Opportunities · · Score: 1

    If a tech-savvy site like /. cannot support IPv6, then what hope is there for more ordinary sites?

    Slashdot would seem to be a good example of a tech-savvy site, but it's really not. Look at how long it took Slashdot to use CSS, for example. It really tends to lag well behind the curve, rather than leading, in spite of the topics discussed.

    However, your point that few sites support IPv6 is valid. The reason they don't is because there's no value in it. As ISPs deploy IPv6 support, this will change, a little. It won't become really critical for sites to support IPv6 until there are users who don't have IPv4 connectivity -- and that won't happen until nearly all sites support IPv6, so there is a chicken-and-egg problem there.

  8. Re:Readiness test checklist on IPv6 Challenges and Opportunities · · Score: 1

    until common, popular web sites support IPv6 and only ipv6 there is no reason for the average person to have it

    And I'm going to go out on a limb and predict that will never happen.

    What do you predict will happen?

  9. Re:IpV6 reality check on IPv6 Challenges and Opportunities · · Score: 1

    End users don't need to know or do anything. At this point, all we really need is for ISPs to provide IPv6 and the rest will happen without users doing -- or knowing -- a thing.

    100% WRONG . That little thing you have between your cable/dsl modem and your computers -- called "a router" (and that's being generous) -- will have to be upgraded at best, and replaced at worst.

    Yes, I addressed that issue in my comment, if you read it.

    The cheapy netgear, dlink, linksys, et. al. routers/gateways/etc. for the most part don't have the memory or processing power to support IPv6.

    That's nonsense. IPv6 is easier and cheaper to route/manage than IPv4. For example, with v6 and it's stateless autoconfiguration, there's no need to keep track of DHCP leases. All the router has to do is periodically broadcast a router advertisement. And all of those cheapy routers and gateways ALREADY HAVE IPv6 stacks, because they're all running Linux (most of them), QNX or other embedded OSes that support IPv6. What's lacking is just attention to the upper layers to properly use v6 -- stuff like actually broadcasting those advertisements.

    Finally, most of those cheapy routers can be updated with user-provided firmware RIGHT NOW to give them full v6 support. I've upgraded the two Linksys routers in my house. I'm not suggesting that the average user will do this, they won't. They'll buy a new router. But my point is that the hardware is perfectly capable.

    No they don't. IPv6 support in Windows XP is "experimental" and lacks just about everything found in modern (i.e. windows 7) implementations.

    Works fine for me.

    "Stop using IPv4 and start using IPv6." (not necessarily in that order) Is not a "plan".

    The "not necessarily in that order" is a crucial part of the plan. The plan is "Start using IPv6 in addition to IPv4 and eventually transition most traffic to the new protocol".

    I was around back in the early days... people had appletalk and IPX networks and wanted to "get on the internet". None of them were happy with the requirement to add a completely new network layer (IPv4) to their network and thus new software on every machine.

    So was I, but I don't recall any heartburn over the issue. We were mostly all running thinnet or Token Ring at the time, and it carried the multiple protocols just fine. It was a bit of a pain to install Trumpet (or whatever) IP stacks on the machines, but they coexisted nicely with the other software, and didn't consume much of the (then very precious) RAM, but not a huge issue.

    IPv6 is the same mess. IPv4 and IPv6 share only the first two letters. At the core, they are completely, utterly, fundamentally different. People will be running "dual stack" for many years to come due to this incompatibilty and simple fact that a great number of devices/systems will NEVER support IPv6. (for example, I still have IPX only print servers.)

    And those print servers still work just fine, don't they? I don't think people will be running dual IPv4/IPv6 stacks for "years", I think the dual stacks will be there essentially forever, long after, for example, Linux no longer supports IPX. And, actually, the IPv4/IPv6 issue is much less intrusive because AppleTalk and IPX are different at every layer. IPv6 only replaces the datagram transport layer. TCP, UDP, etc. don't have to be modified, nor do any other protocols that don't deal with addresses.

    Also, IPv4 and IPv6 *are* very similar. Go look at the Linux or *BSD implementations and you'll notice that 90% of the IP-level code is shared. It turns out that adding v6 support to a well-designed v4 stack adds only a very small amount of code -- and removing v4 support removes only a very small amount of code. Might as well keep them both.

    I find your comm

  10. Re:IpV6 reality check on IPv6 Challenges and Opportunities · · Score: 1

    Hi. I'm an end user. I don't have an IPv6 address because it is too much work and I have to know too much.

    No, you don't have an IPv6 address because your ISP hasn't given you one. There's no need for you to know anything or do anything.

    if IPv4 were just a subset of IPv6, we'd all have IPv6 [compatible] addresses already.

    That would perhaps have smoothed the transition a little, at non-trivial expense to IPv6. These are engineering tradeoffs, and I'm not sufficiently knowledgeable of the issues (and neither is Dan) to judge which approach is better. Regardless, unless we want to go out and create IPv7, the fact is that what Dan wishes for is not how IPv6 works, and IPv6 does in fact work just fine. All that's really required is for the ISPs to begin supporting it. Earthlink has for several years, and Comcast has announced their plans to support it, so things are moving, if not as fast as we'd like.

  11. Re:Readiness test checklist on IPv6 Challenges and Opportunities · · Score: 3, Interesting

    I can do everything in your list just fine -- if you pick a web site that actually supports v6. There is no AAAA record for slashdot.org. Were Slashdot to configure their servers for IPv6 and add appropriate AAAA records, then it would be reachable. Of course, most sites don't bother with v6 support, because few users have v6 addresses, which is because most ISPs don't support v6.

    When the ISPs move, everything else will follow.

  12. Re:IpV6 reality check on IPv6 Challenges and Opportunities · · Score: 1

    I have a Linux box connected to a Netgear router providing NATted connections, itself connected to a cable modem that goes out to Comcast, who provides my pipe and is my ISP. Comcast ISP, by the way, does not support IPv6. If IPv6 is here and working today, I should be able to use it. How do I do that?

    Your main obstacle is Comcast, who has announced that they are going to begin providing v6 support.

    If you want to, you *can* work around them, by using a v6 tunnel provider (like Hurricane Electric). The configuration is not hard, but isn't something Grandma could do (not my Grandma, anyway).

    When Comcast begins providing IPv6 addresses, if you connect your Linux box directly to the cable modem, you'll instantly have access to the v6 network, without losing access to the v4 network. They coexist seamlessly. Your Netgear router has an IPv6-capable IP stack and if you connect that to IPv6-enabled Comcast cable modem, it will also pick up an IPv6 address and use it. It probably is *not* configured correctly to pass v6 address announcements to your LAN, though, so your machines probably won't get v6 addresses. And you probably can't change that without installing new firmware, which Netgear probably doesn't provide even if you were willing to install new firmware.

    Those are the two big problems with v6 right now: ISPs that don't provide v6 addresses and home routers that aren't properly configured for v6 support. If ISPs start providing v6, though, router manufacturers will eventually pull their heads out and new routers will do the job correctly (and the manufacturers will probably also provide new firmware for those courageous enough to go that route).

    However, because v4 and v6 can coexist peacefully, no "big bang" transition is required. If Comcast turned on v6 support, all of their subscribers who don't use a brain-dead router would instantly start using v6 for any web site (for example) that provides an AAAA DNS record. As the rest of them got new routers with proper v6 support, they'd also start using v6.

    If you can't tell me how, than Dan's "hypothetical problems" are very real indeed.

    If you'd like more detail on how, I can point you in the right direction.

  13. Re:IpV6 reality check on IPv6 Challenges and Opportunities · · Score: 3, Informative

    So, in the current situation, everyone who switches to IPv6 needs to be a network engineer.

    That's bull. End users don't need to know or do anything. At this point, all we really need is for ISPs to provide IPv6 and the rest will happen without users doing -- or knowing -- a thing.

    Yes, the network works, but there is no decent upgrade plan.

    Also crap. The upgrade plan is for IPv4 and IPv6 to coexist for a few years. Users deal with DNS names, not IP addresses, and applications and resolvers already transparently look for both AAAA and A records and use the AAAA records if available. All of the major OSes have solid IPv6 support in place -- if you don't believe me, install a radvd server on your home network and notice how *instantly* all the machines on your LAN have IPv6 addresses (heck, they all have link-local addresses now) right next to their IPv4 addresses. Of course, if your ISP set up support for IPv6, you wouldn't have to do anything.

    The only reason that IPv6 won't currently work for most people even if their ISPs support it is that their current NATing router appliances don't support it properly. But if ISPs implemented v6 support, Linksys, D-Link, etc. would start rolling out devices with proper IPv6 in their firmware. With enough users on the v6 network, web site admins, etc., would add v6 support and AAAA DNS records, which the v6-enabled users would instantly (and transparently) begin using.

    The transition plan is solid, and works very well in practice (as you can verify by using Hurricane Electric or another v6 tunnel provider). What's lacking is the ISP motivation, and being able to use a v4 address as a v6 address wouldn't change that at all.

  14. Re:ORLY? on Leaving the GPL Behind · · Score: 1

    I propose that, for clarity's sake, people who use always the word "free" per the GPL hijacking of the word should start using "GNU/Free" instead

    There's a convention for making this distinction in place already. When referring to free-as-in-freedom, your "GNU/Free", the convention is to capitalize Free. This is actually pretty unambiguous, except when the word appears at the beginning of a sentence. In speech it's less clear, and must be qualified explicitly.

    Now how about you stop quibbling over already-settled naming and start, as you suggest, discussing real issues?

  15. Re:Umm... on GPLv2 Libraries — Is There a Point? · · Score: 1

    You can find the whole text of Title 17 in various places on the Internet, but perhaps the most authoritative is copyright.gov.

    The relevant section is at:

    http://www.copyright.gov/title17/92chap1.html#117

  16. Re:Umm... on GPLv2 Libraries — Is There a Point? · · Score: 1

    Good point, and I agree it was a bit confusing, but I had in mind that use requires copying -- and note that one court in the US at least has held that even the copy from storage to memory in ordered to run is covered by copyright

    That is true, but it caused Congress to add an explicit provision to Title 17 that exempts ephemeral copies made in the course of ordinary use, as well as backup copies.

    So use does not require permission of the copyright holder.

  17. Re:Umm... on GPLv2 Libraries — Is There a Point? · · Score: 1

    Now whether this embedded information is *actually* a "derivative work" of the lib, or merely an "aggregate work", I don't know, those are legal terms that come from copyright law, and IANAL, but the FSF *does* think so, and so far, no court has said that they're wrong.

    Also, it appears that there aren't any companies around whose lawyers have disagreed with the FSF. Not strongly enough to actually try to bring the issue to a court for a decision, at least.

    In the case of the IBM attorneys I worked with, there is simply no question: They're pretty sure the court would side with the FSF, and in any case don't want to expose IBM to the risk that the court might side with the FSF, so they use the FSF's rules as the guideline for IBM's decisions. End of discussion, from their point of view.

  18. Re:Umm... on GPLv2 Libraries — Is There a Point? · · Score: 1

    he GPL is a distribution license, not a usage license, so one must be distributing GPL or GPL-derived code for the license to even apply

    The context of the discussion was a product that would be distributed.

  19. Re:Umm... on GPLv2 Libraries — Is There a Point? · · Score: 4, Informative

    For what it's worth, I agree with you.

    FWIW, the IP attorneys I've discussed this with don't agree with you. They take the GPL at the FSF's word with regard to the meaning of "derivative work". I asked a couple about this and the response was that because the clearly-stated intent of the license was to preclude linking except to code distributed under compatible terms, that a court would most likely agree with the copyright holder. Basically, the "linking implies derivation" notion is reasonable and well-understood by all parties, so the court would accept it.

    Of course, these were corporate attorneys looking to protect the corporations assets, and lawyers in such situations generally err on the side of an overabundance of caution.

  20. Re:Surprising on UK National ID Card Cloned In 12 Minutes · · Score: 1

    Now, a UK passport/ID card validator may not (and probably won't) know about the PKI for Tajikistan, say, so there needs to be a facility to allow offline checks of their passports/ID cards, based only on information the passport/ID card brings with it

    It would seem both sensible and simple for ID card verification devices in the UK to have the UK root CA key. That would mean they couldn't verify passports from Tajikistan, but it's silly to optimize for the rare case.

    As for the fee, that's probably related to The chancellor, Gordon Brown, [making] it clear that the ID card scheme, which is estimated to cost at least £5.8bn, has to be self-financing.

    That's probably that real reason.

  21. Re:Not a proper response on Apple's Schiller Responds To iPhone Dictionary App Fiasco · · Score: 1

    He probably never connected the dots.

    There is no connection. See my response to the GP.

  22. Re:Not a proper response on Apple's Schiller Responds To iPhone Dictionary App Fiasco · · Score: 1

    -- Safety is a tyrant's tool; no one can oppose safety.

    Aren't your post and your sig at odds with each other?

    Nope. Children are one thing. Responsible adults are quite another. Children need to be protected. As they grow up, as they learn their way around the world, you back off. If you do it right, by the time they're grown up they don't need protecting any more, because they can take care of themselves.

  23. Re:Not a proper response on Apple's Schiller Responds To iPhone Dictionary App Fiasco · · Score: 1

    Being a good parent involves teaching your children your values so that you don't *have* to monitor them.

    Certainly it does. And by the time they're teenagers, if you've done a good job, that works. With younger kids, it makes a lot more sense to simply keep some stuff away until they're able to understand it.

  24. Re:Not a proper response on Apple's Schiller Responds To iPhone Dictionary App Fiasco · · Score: 0

    The world doesn't have a responsibility to sanitize itself because you have issues with what your kid sees reguardless of how much free time you have

    You say that as though I'm the only one with an issue, but I'm not. In fact, there are a lot more of us than there are of you -- and actually, odds are that when you become a parent, you'll join the gang.

    It makes perfect sense for companies to cater to the people with the money, and that, whether you like it or not, is me, not you.

  25. Re:Not a proper response on Apple's Schiller Responds To iPhone Dictionary App Fiasco · · Score: 2, Interesting

    Naturally, the real solution should be parents acting like parents, but naturally pigs will fly before these groups put responsibility on their members.

    Are you a parent?

    I am, and in many of these cases I think the parents *are* acting like parents when they complain. I know many slashdotters live in some fantasy world where parents are able to monitor their children every waking hour, but it's not reality. Parents have a lot of stuff to do, and even those who don't work still need time to clean the house, buy the groceries, make dinner, change the oil, mow the lawn, etc. Of course, I have no sympathy for parents who buy M-rated games for their kids and are then shocked to discover that it contains content that's inappropriate for their six year-old, but as a parent I really appreciate all the parents who put up a stink and got the rating system put in place.

    Likewise, I think it's perfectly reasonable for Apple to limit the sort of content in their app store. I think the rating system is a better way, but in the absence of the rating system, I don't think it's inappropriate to refuse apps that contain profanity.