Slashdot Mirror


User: Alioth

Alioth's activity in the archive.

Stories
0
Comments
5,690
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,690

  1. So much cluelessness on MSN Cuts Unmonitored Chatrooms Around the Globe · · Score: 4, Interesting

    At luchtime, I was listening to Jeremy Vine's programme on Radio 2. This programme covers many current events things, and indeed the main topic of conversation was this MSN decision.

    It was astounding how incredibly clueless the top brass of childrens charities were. In fact, the word "incredibly" is simply inadequate to describe their cluelessness - "breathtakingly clueless" would probably be a better description. They were praising MSN, and saying how this helped solve so many problems, as if MSN removing their chat feature would suddenly mean there's no such thing as Internet chat any more. You don't even need to know how the Internet works to know only an idiot would think this. You now have pent-up massive demand for chat rooms with no where to go - so guess what, just as if there was massive demand for $RANDOM_GOOD in the bricks and mortar world, someone else will set up to fulfil this massive chunk of unfulfilled demand.

    As it happens, you only need slightly more knowledge of the Internet than a concussed bee to know that alternatives _already_ exist, starting with the granddaddy of them all, IRC. The only reason MSN Chat had the popularity it did was that it's the path of least resistance - for IRC you have to download a client, but I assume for MSN Chat everything's just provided. This unfulfilled demand will start downloading IRC clients no doubt (probably mIRC, so those who host mIRC downloads are probably in for the MSN equivalent of a Slashdotting).

    This is the reason why we shouldn't let these people have _any_ sort of power to legislate or make changes to the Internet - their understanding is so incredibly inadequate, they shouldn't even be allowed to run a high street store, let alone be involved in Internet legislation.

  2. Re:Smug. on Remote Root Exploit In lsh · · Score: 1

    Just because there hasn't been one for years doesn't mean there isn't one that's going to come out next week. If you call someone a troll because they express the view that all software is potentially buggy and may need security patches, you have a very hazardous attitude to security indeed. Perhaps we really do need to license MTA operators sooner rather than later.

  3. RANT: The net has gone so downhill. on Microsoft "Swen" Worm Squiggles Into Sight · · Score: 1

    The last two months have been bloody hell on the internet. Between SoBig, Blaster, this new one, VeriSlime it's just getting too much to fucking bear. What used to be fun and enjoyable is becoming a chore after worm after worm sprays gigabytes of malware at my system.

    This latest one put 100MB in my mailspool in less than 24 hours. I was getting several of these worms _per minute_ at about 150K each. Since I run the MX, I put yet another anti-malware measure: not only do I have to waste time installing and keeping SpamAssassin up to date, I now have to add Exim system filters to reject all Windows executables (even though I can't run them) because the sheer level of traffic is getting overwhelming.

    Email has become a useless burden.

    The time has come for change. I think the following needs to be done.

    1. All operators of mail exchangers - anyone who runs an MTA should be licensed.
    2. MTAs should only accept mail from other MTAs being run by a licensed operator. Mail from unlicensed MTAs should be rejected. Instantly kills the problem of malware being spread by non-MTA computers.
    3. The MTA operator should risk having their license suspended or revoked if they allow spam to be sent via their MTA.
    4. Licensing should consist of a course of education in non-MTA specifics (i.e. the principles of running an MTA, the laws, what traffic you should allow, what traffic you should reject) rather than be courses for particular pieces of software. It will be up to the licensed MTA operator to figure out their particular software, just like it is up to a car owner to figure out their new car. The fact that they can lose their MTA license should mean that operators will be very careful about learning about their specific software and setting it up correctly.
    5. It is the operator's sole responsibility to keep their MTA secure. Bug in sendmail and you didn't hear about it/patch it? Tough shit. Your MTA operator's license gets suspended. Your MTA is configured so it will let worms/viruses out from people at your ISP or your user group? You get your license suspended. That will be a good incentive for MTA opers to do everything in their power to stop malware and spam.

    I admit that I don't know a good way to go around the implementation specifics (who is the licensing authority? National governments? The people in charge of the TLD you want to have an MX in?) but this free-for-all MUST end.

    In the short term, it would be good if *all* ISPs blocked outbound port 25, and blocked Windows executable attachments at their MTA to slow this shit down. The Internet quite frankly has gone from being fun, and a medium where anyone can publish for pennies to a swirling cesspit of shite. These last two months have been the _worst_ I've ever seen since first being on the internet in 1991.

  4. Smug. on Remote Root Exploit In lsh · · Score: 4, Insightful

    Serves those smug bastards right who were gloating the other day about how they use lsh and how it is so much better than OpenSSH. Hoist by their own petard, so it seems.

    I _never_ gloat about running different software to $COMPROMISED_SW of the day. Just because I run exim, I don't think I'm magically more secure than a sendmail user. Exim users must keep up with the patches as well. Same goes for qmail. If you sit there smugly saying how superior your piece of software is, you're going to get bitten in the ass sooner or later, or at least end up looking very silly after all the gloating to find you're vulnerable too.

    Dudes, doesn't matter what you run: don't gloat about it - be paranoid about the security of what you run, and keep up with the patches.

  5. Re:Sneaky on ICANN, IAB Ask VeriSign to Suspend SiteFinder · · Score: 1

    They did tell the IAB about it at least. The IAB told them it was not a good idea and why it wasn't a good idea (RFC violations etc). They went ahead and did it anyway, despite being told not to by the IAB.

  6. Re:Application programming is a dying paradigm on Ford To Move To Linux · · Score: 1

    Socket code is stupefyingly easy to write (especially in Perl with IO::Socket::INET and IO::Select).

    The real issue is GUI coding. Although writing a GUI is not mentally demanding when compared to something, like, say, implementing a compression algorithm, GUI coding is tedious in the extreme whears implementing a compression algorithm is challenging and interesting. You have to do a lot of piss-farting around to make the GUI work properly. GUI coding is stultifying in the extreme. With a web application, someone's done all the piss-farting around for you by providing the browser. Processing form data becomes easy - you don't have to go through the tedium of handling hundreds of events, all you do is wait for the data to come back when the user presses Submit, and use CGI.pm to get the data.

  7. Re:What about Transputers? on Grid Processing · · Score: 1

    I believe there was a Unix-like OS for transputer systems (IIRC). I went to college at the UWE, where we had the Bristol Transputer Centre, and Inmos itself was quite nearby (I think I did either a 1st or 2nd year undergraduate project which involved Inmos). I remember they said that they tried to present an image that Inmos was a US firm in the US to help with marketing, since home grown stuff apparently sells better in the US.

    Back to the OS. I think it was in use by Southampton University, and IIRC the main problem with it was that it couldn't handle a segmentation fault - the entire machine would crash if a program died with SIGSEGV. I'm sure the administrators really enjoyed running that system...

  8. Cellphones DO intefere on Electronics & Planes Don't Mix? · · Score: 1

    Cellphones DO intefere with avionics, I've got first hand experience.

    Whilst intercepting the localizer in a Grumman Cheetah on a dark and rainy night, my friend's GSM cellphone (which he had forgotten to turn off) started ringing. Although it didn't intefere with the GS/loc indications, it most certainly intefered with the intercom/radios - all audio was blotted out by an extremely loud "Bip b b bip b b bip b b bip b b bip b b brrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr " which continued until he managed to shut the thing off. If ATC had said anything, we'd have not heard it.

  9. Re:Hi. on UK RIP Bill Reintroduced · · Score: 1

    It's all a question of your outlook I suppose. I think of Ramsey in the north as being a long way away. People in the UK commute greater distances than that.

    Ironically, I had a shorter daily commute when I lived in Texas (about 10 minutes - my current daily commute is about 15 minutes).

    We have a saying here, in Manx Gaelic - "Traa dy lioor", which sums up the attitude to life here. It means "time enough".

  10. Re:Hi. on UK RIP Bill Reintroduced · · Score: 1

    Judging by the ads for the Gay And Lesbian Switchboard that appear around the "Personals" section of the Manx Independent, no.

    Birching has also gone away too.

    However, apparently there's still a law on the books making it legal to kill a Scotsman if you catch him on the beaches wearing a kilt.

  11. Re:Hi. on UK RIP Bill Reintroduced · · Score: 3, Informative

    More expensive than the UK (bandwidth is generally more expensive due to the monopoly that Manx Telecom holds), but by the end of the year every exchange will be ADSL enabled, including the rural ones with only a couple of hundred subscribers. The South has good coverage, and as you'd expect, the capital, Douglas also has good coverage.

    People whine about lag on Manx.net (Manx Telecom's ISP) connections, but I've not had a problem - it probably varies by location depending on who you share the contended backhaul with - I suspect people's connections in Douglas will be the worst off due to the population density - living in the south I probably don't have to contend with so many Kazaa leeches). Since I've moved from my Dad's place into my own, I changed my ISP to mcb.net where I have nice things like a static IP, and an ISP that's not RFC-ignorant. We have four ISPs. We now have "wires only" service (MT insisted on sending an engineer out in the past).

    The bad points: the Island is very Windows-centric. No commercial IT organizations seem to be even vaguely aware of open source software, especially the Isle of Man Government, but I'm trying to correct that at my place of work. Pay in the IT sector is probably a little lower than the UK and the opportunities are somewhat limited and there's rather too much MCSE and Visual Basucks kind of jobs (after trying to use VB a little, I've decided if push came to shove and someone expected me to be a VB code monkey I'd get my HGV license and drive a lorry instead). (However, on the flip side, lower pay is more than compensated for by the lower income tax and NI - I spent most of my working life in the United States, and my taxation rate here is less than half of what it was in the USA)

    We do have a Linux User Group, although our current activities seem to revolve more around beer drinking than anything else. Not surprising with three breweries and one distillery for a population of less than 80,000. We have very good beer. My local belongs to the owner of one of the breweries (http://www.bushys.com). The biggest brewery is Okells, but IMHO, Bushy's makes better beer. The other brewery is a microbrewery in Laxey.

    You need to like motorcycles. Lots of road racing (TT circuit, 37.75 miles - the famous one, plus the Billown circuit in the south and the Jurby South road circuit in the northern plains)

    We have weird cats with no tails.

  12. Re:Hi. on UK RIP Bill Reintroduced · · Score: 3, Informative

    The Isle of Man, where I live, is not part of the UK. We never implemented the RIP Act, and therefore this won't be implemented here either.

    There is one trouble: the island is full (you'll have a hard time finding somewhere to live). We've got lots of spaces, but planning regulations makes it incredibly difficult to build new houses. Unfortunately, lots of UK citizens have holiday homes here which are left empty most of the year, crimping supply for the rest of us who aren't afraid of Manx winters...

  13. Re:Not me but a friend.. on Hybrid/Electric Vehicles: Should I Buy? · · Score: 1

    Better than spending ten years or more as an elderly SUV driver dying horribly of natural causes... people tend to forget that (a) we all die and (b) dying of old age is usually far more horrific than dying in a motorcycle accident. Live a little instead of trying to be oh-so-safe in that SUV.

  14. Re:Why are H1B's not sent home in a bad economy? on No Americans Need Apply · · Score: 1

    I think you missed my point. My point was, that given this choice:

    (a) hire one H1-B worker
    (b) outsource the job

    that (a) was a great deal more beneficial for the United States. Indeed, much of the economic success of the United States can be attributed to immigration.

    If you hire an H1-B, the H1-B buys goods, services and pays taxes. It isn't a zero-sum game either. In some cases, an unscrupulous firm may be hiring an H1-B to replace a local worker, but in many more cases, the H1-B is not "taking a job". In the case of the firm I was working for at the time, all of us "filthy stinking rotten foreigners" were earning exactly the same as the locals with the same working conditions. (Since I was an intra-company transferee, not only did I keep my better home country vacation entitlement - we start off with 25 days of vacation rather than 10, but I was also being paid an international service allowance, so my conditions were actually better and it was one of the reasons I was so happy to stay for 6 years).

    One thing that is undeniable is that immigration is far better for a country than outsourcing. In outsourcing, not only does your job get replaced, but the money is flowing out of your country instead of into it. Just look around you - probably 99% of the people you know are descendents of immigrants or immigrant families. I could safely wager that your last name is of European roots, too...

  15. Re:Why are H1B's not sent home in a bad economy? on No Americans Need Apply · · Score: 1

    You wouldn't have the guts. Besides, if you did that I'd beat nine shades of shit out of you and enjoy it :-)

  16. Re:Why are H1B's not sent home in a bad economy? on No Americans Need Apply · · Score: 1

    On the flip side, I've been an H1-B employee (and before that, L-1 which is intra-company transferee). I was paid _more_ than my peers. I worked for a certain company which is ROT-1 away from HAL.

    Of course, no anti-H1-B person would ever come up to my face and say what many Slashdot posters keep blurting out. Especially since I'm white, good looking, and speak perfect English (because, well, apart from some Manx Gaelic and very rusty French, it's all I speak), just with a funny accent.

    I've since moved back home. I really enjoyed my time in the USA and I think it's a great country. I'm glad the H1-B opportunity exists. I also found it refreshing to see my own country from the view of being 4000 miles away gives you.

    If you think about it, if you have a choice of H1-B workers or outsourcing, H1-B is far better for the United States. H1-B workers will be paying tax in the US, buying goods and services in the US, and the education and skills they bring to the US will have been paid for probably by a foreign government. In many cases, the H1-B is a win. The United States is built on immigration. Judging by the majority of the US population, your family was an immigrant family too, probably less than 10 generations ago.

  17. Re:Different approach needed on Adrian Lamo Surrenders · · Score: 1

    Hardly extortion - apparently he helped the companies he hacked for free.

  18. Why did he turn himself in? on Adrian Lamo Surrenders · · Score: 3, Insightful

    Wonder why he turned himself in? If I was in his shoes, I'd go on the run because:
    * it seems like anything to do with hacking == terrorism. Justice won't be served, long prison sentence
    * being obviously young, not particularly bad looking and probably not physically strong means almost certain prison rape.
    * already leading a nomadic lifestyle so why not continue.

    However, in his position, I'd probably no longer publicise what I was up to. I think he has made some grave tactical errors in letting his identity being so publically known (and this is why he probably decided not to stay on the run, because his photograph has already been so widely published).

    I hope his punishment is in proportion to the crime though - not some arbitrary "war on terror" sentence.

  19. Password change policies on Users feel Password Rage · · Score: 4, Insightful

    The worst is the password policy that not only requires you to have a password that resembles line noise and is a minimum of 9 characters long, but also requires a change every 28 days.

    The unintended consequence of this policy is instead of users bothering to choose a good quality password and making the effort to remember it, they either write it down and stick it on a post-it to their monitor (!) or they use something as a password that's on a book by their desk (such as a book name + part of its ISBN). The result is that the password is orders of magnitude easier to crack than if they weren't forced to change it as often or faced with a bizarrely complex password policy. And of course, when they change it, all they do is increment or decrement the trailing digit or character anyway.

    Then there's password synchronization. On one network at $ORK, the password has to be synced in (a) a Novell netware tree (b) M Sexchange server, (c) web proxy (d) Windows domain. There are frequent failures with this synchronization (usually (a) (c) and (d) synchronize fine, but the M Sexchange server doesn't. The only solution is to reset the password which will resync it on all. It would be much nicer to have a passphrased public/private key pair, and use those to authenticate with everything.

  20. Re:I gave up mail lists for forums on E-mail Newsletters Switching To RSS · · Score: 1

    This is why the bulletin board I've got for our small gaming community not only works as a web board...but has an NNTP server too.

    Some prefer using the web interface, some prefer the NNTP interface. Everyone's happy. The web interface threads like a USENET reader would though (I can't stand UBB etc.)

  21. Re:Never underestimate on Sunday Newspapers, Now With CDs · · Score: 1

    Never underestimate the packet loss of a paper-boy on a bicycle, not to mention the latency :-)

  22. Re:Changes to the Workplace from the Dot Com days on Dotcom Era Fads · · Score: 1

    Nothing negative about H1B visas. Well, not from my point of view anyway. I had a very enjoyable stay in the United States thanks to a fairly unique skill set and first L1, then a H1 visa. I made some very good friends in the US, and I'm sure I'll visit reasonably often.

  23. No change here. on NZ Spammer Shutdown Makes Big Difference · · Score: 3, Informative

    I haven't noticed a difference outside of what can be considered 'statistical noise' in my daily spam load. SpamAssassin (or rather the procmail filter that catches what's flagged) puts spam sent to me in a spam trap, from there it's easy to count the number coming in. SpamAssassin is still catching a veritable torrent of spam.

    Funnily enough, SpamAssassin is also flagging the Win32/SoBig worm as spam. It's in the DCC (distributed checksum clearinghouse) and has a number of other 'spammy' features, such as obviously forged From: address and malformed datestamps. Not that it'd run on Linux anyway :-]

  24. Re:Another tidbit about SCO on SCO: FSF Reply To GPL Claims, Conference Sponsors Back Off? · · Score: 1

    And www.sco.com runs Linux/Apache too...

  25. Re:We are up to a million lines of code! on SCO: FSF Reply To GPL Claims, Conference Sponsors Back Off? · · Score: 1

    None of the code belongs to SCO, though. This is the whole basis of SCO's action:

    IBM makes AIX.
    AIX is a SysV derivative.
    IBM added NUMA, JFS, RCU to AIX.
    Therefore, NUMA, JFS and RCU are also now SysV derivatives, even though SysV doesn't have any of those things and even though SCO doesn't hold the copyrights. But it means this code which SCO didn't design, write, test or sell is tainted by SysV and becomes SCO IP.
    IBM added NUMA, JFS and RCU to Linux.
    Therefore, IBM added SCO IP to Linux.

    If you signed the NDA with SCO, I bet what you'd get is "infringing" code written and copyrighted by IBM from JFS, NUMA and RCU, and then pointed to where it's in the 2.4.x kernel source. Sure enough, the code would be exact, line for line, comments and all. But it wasn't written, designed or copyright by SCO - but because it was put in AIX at some point, it automatically becomes SCO IP. Therefore Linux is now an infringing SysV derivative, even though it contains no code written or copyright by SCO.

    SCO's action can be summed up as:

    Our cat has four legs.
    IBM's dog has four legs.
    Therefore, IBM's dog is a cat.
    IBM added the dog's sense of smell to a penguin.
    Therefore, a penguin is a cat.