Slashdot Mirror


User: John+Hasler

John+Hasler's activity in the archive.

Stories
0
Comments
8,663
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,663

  1. Re:sync is one thing, but what about freq? on Do You Have The Time? · · Score: 2


    Once the clock is synchronized, why rely on a
    relatively imprecise crystal to beat the drum?

    Chrony measures the accuracy of the crystal and uses that information to "dead-reckon" when the Net connection is down. Thus the crystal only needs to be stable, not precise.

    The 60hz AC line frequency is more accurate, or
    so i've been told.

    How accurate do you think the 60Hz from your UPS is?

  2. Don't Do That on Do You Have The Time? · · Score: 5, Informative

    "...my home firewall gets the time every hour from the NIST servers,..."

    Don't use stratum one servers for your home network. It's wasteful and unnecessary. Use a stratum 2 or higher server or your ISP's server.

  3. apt-get install chrony on Do You Have The Time? · · Score: 4, Informative

    The default configuration works with a dialup.

  4. Re:Law was amended by DMCA on RIAA to Sue You Now · · Score: 2


    By running a file-sharing app, aren't you
    effectively promised music in exchange for your
    music?

    What if I install such a program, download something from your machine, and immediately uninstall the program. Can you sue me for failing to give you something in return for the file I got from you?

  5. Re:Law was amended by DMCA on RIAA to Sue You Now · · Score: 2


    Now the definition of "financial gain" includes
    the "receipt or expectation of receipt of
    copyrighted works." In other words, they amended
    the law to forbid "trading."

    I would think that in order to make that stick they would have to show that by downloading a file from your machine I would incur a contractual obligation to give you something in return.

    assuming file sharing on computers is even
    protected by AHRA, which it probably isn't.

    I believe that the courts have determined that it isn't.

  6. Not Likely on RIAA to Sue You Now · · Score: 2

    "...go after the people who are actually doing it"...

    But instead they will go after anyone running P2P regardless of whether they are infringing any copyrights.

  7. Re:30 billion earth like planets!? on 30 Billion Earth Sized Planets? · · Score: 2

    "If radio civilzations last an average of 10,000 years, there is one radio civilization currently for every 5 billion stars."

    Most likely they only transmit narrow-band signals for a century or so before moving on to UWB or something even harder to detect.

    "So there may be several in our galaxy."

    If I am right ours may be the only one sending out easily-detected signals. Interesting question: if each civilization emits a 100 light-year thick shell of narrow-band rf, what are the chances that we are in at least one such shell now?

    "But communicating with them is probably pointless because they would most likely be thousands of lightyears away."

    We find it interesting to study stars at such distances: why not civilizations?

  8. Universe != Galaxy on 30 Billion Earth Sized Planets? · · Score: 2

    "The BBC is running a story about a prediction that there are around 30 billion earthlike planets in the universe."

    Make that 30 billion earthlike planets in our _galaxy_. If there are only 30 billion in the universe it's probably pretty lonely around here.

  9. Re:REQUEST REMOVAL!! on All Sourceforge.net Being Blocked by SmartFilter · · Score: 2

    "Remember, they're going to have to take a look at this page to decide whether or not to unblock it..."

    You're assuming that they ever look at any sites.

  10. Re:A Question on OpenSSH Vulnerability Disclosed, Version 3.4 Released · · Score: 2

    So how long did it take you to find the bug? And why didn't you tell us about it?

  11. Re:Why was it kept hush hush? on OpenSSH Vulnerability Disclosed, Version 3.4 Released · · Score: 2

    "the moment that the openssh team stands up and says to set challengeresponse to no, everyone knows what the bug is."

    All had to do was tell us that pre-3.0 versions weren't vulnerable.

    "it was iss that released the details a week early with less then a day's notice."

    It was Theo who sent out a notice telling us we had _four_ _hours_ to package 3.3 while neglecting to mention that our stable distribution was not vulnerable.

  12. Re:Why was it kept hush hush? on OpenSSH Vulnerability Disclosed, Version 3.4 Released · · Score: 2

    "The distributions (who couldn't get any information about the nature of the bug, just the suggestion that they fix the pain in the ass way of using sshd) correctly figured that they were being railroaded and balked. "

    The Debian security team just about killed themselves getting the upgrade out for all eleven architectures and patching and backporting it to Potato.

    And now we find out that we were never vulnerable.
    I think there will be a movement to put a price on Theo's head.

  13. Re:This has been around a long time, on Superfast Biodegradable Plastic · · Score: 2

    Indeed it has. What killed it the first time around was idiot ecofreaks protesting that it wasn't really biodegradeable because it wouldn't degrade in a landfill. Of course, neither would a banna peel...

  14. Re:Costing the U.S. economy? on NIST Estimates Sloppy Coding Costs $60 Billion/Year · · Score: 2

    "So actually software bugs increase the GDP by $59.5 billion each year."

    Why stop with software? Why not require every worker to do every task over two or three times? Just think what _that_ would do for the economy!

  15. Re:Debian is easier to fix on Slashback: OpenSSH, Bio, Timeliness · · Score: 2

    "If and only if someone has made up the deb."

    Someone (the Debian security team) has.

    "And then it isn't compiled from source like /usr/ports on your machine."

    Right. Instead, it was configured and packaged by someone who is an expert on that particular software. Of course, I could use 'apt-get source' to get the expert's package built on my system.

  16. Re:For FreeBSD users: on Slashback: OpenSSH, Bio, Timeliness · · Score: 2

    "In what sense it is not complete, pray tell?"

    It is the same thing as is available to *BSD users: an upgrade to 3.3.

  17. Re:ssh vulnerability disclosure? on Slashback: OpenSSH, Bio, Timeliness · · Score: 4, Insightful

    "Another interpretation would be that he wants vendors to port the privilege separated version of sshd to their platforms..."

    That is exactly what he wants.

  18. They Had _Better_ Already Know on Slashback: OpenSSH, Bio, Timeliness · · Score: 5, Insightful

    "Read it; you might need to pass the word on to your vendor, too."

    If you need to pass the word on to your vendor you need a new vendor.

  19. Re:Norton Blows on Slashback: OpenSSH, Bio, Timeliness · · Score: 2

    "Looks like some folks are joining the ranks of Windows server users ;)"

    Why? So that they can wait two months for a fix instead of four hours?

  20. Re:For FreeBSD users: on Slashback: OpenSSH, Bio, Timeliness · · Score: 5, Interesting

    "For linux users, you guys are outta luck."

    Nonsense. The Debian package is already out.

  21. Re:ssh vulnerability disclosure? on Slashback: OpenSSH, Bio, Timeliness · · Score: 3, Insightful

    "We won't tell you what the problem is, unless you're a big distributor."

    Do you have some evidence to support this claim that they have revealed the exploit to big distributors? As far as I can tell they have told no one.

  22. Re:OpenSSH on Slashback: OpenSSH, Bio, Timeliness · · Score: 2

    "How many others don't find the time for all these updates?"

    What's so time consuming about 'apt-get update; apt-get upgrade'? Oh, wait...

  23. Re:What irony? on Microsoft's 'Palladium' Privacy/DRM Scheme · · Score: 2

    "They're talking about supplying a Palladium to a Troy, which will thereby prevent things like "Trojan horses" from bringing about the downfall of that Troy."

    Troy fell. So will this one.

    "The Palladium provided security. Microsoft wants to supply a Palladium."

    The Palladium was stolen. This Palladium will be cracked.

    Offering to make my computer as secure as ancient Troy is not the way to sell me a security system. Perhaps they are too ignorant to know what they are saying, or perhaps they figure their customers are too ignorant to make the connection.

  24. Re:Opening Paragraph.. on Microsoft's 'Palladium' Privacy/DRM Scheme · · Score: 2

    "Legend has it that the safety of the city depended on that icon's preservation."

    There'll be an Odysseus out there somewhere.

  25. Re:Microsoft calling in its hardware favors on Microsoft's 'Palladium' Privacy/DRM Scheme · · Score: 2

    "Really. How can a chip that is designed for encryption and authentication prevent someone from sending spam to you@yourisp.com?"

    I think that what they mean is that the system will have the ability to refuse email not certified as being from another Palladium system. This will prove that the message is from a "respectable" business and therefor not spam. Remember that to the suits it isn't spam if it has a valid From: address and a "click to unsubscribe" link.