Slashdot Mirror


User: JWSmythe

JWSmythe's activity in the archive.

Stories
0
Comments
6,545
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,545

  1. Re:Just off the top of my head on How Do You Evaluate a Data Center? · · Score: 1

        Work for a company with a money and an intention of moving into a DC. Sales folks will usually get you the tour. They don't always just offer it, because lots of people who are just negotiating the contract wouldn't know the difference between a datacenter and a broom closet. It depends on the facility though. For example, Rackspace only does managed hosting. They don't let anyone on the floor. I assume they aren't running out of a broom closet, but even though I've been a customer in a couple of their facilities. I was told customers were never allowed in.

  2. Re:The most secure place on Best Tool For Remembering Passwords? · · Score: 1

        I went fancy with my password on here. Oddly enough, it's your UID. :)

  3. Re:The most secure place on Best Tool For Remembering Passwords? · · Score: 2, Insightful

        That's not the best idea. If a secure location becomes compromised, you just gave up access to everything you do. Not to say people don't do it, but people also set their passwords to "password".

        Here's an old post I did here 4 years ago on the subject. Users haven't gotten any smarter. Just poorer when their bank account gets compromised.

  4. Re:Xmarks, KeePass and Encrypted Zip combination on Best Tool For Remembering Passwords? · · Score: 1

        Did you ever play with AccessDiver? If I remember right, that was one of the default brute force cracking schemes.

  5. Never store your passwords! on Best Tool For Remembering Passwords? · · Score: 1

        Never ever ever ever (EVER!) store your passwords where they can be retrieved by unauthorized 3rd parties! That includes password storing utilities, scraps of paper under your keyboard, or a little note in your wallet.

        Written down, in a lockbox, in a safe, in the floor of your basement, under a rug, in your house that has an active alarm system (that you use), in a armed guard and gated community is ok. Ok, most of us can be a bit less secure than that, but I don't recommend it. :)

        Choose your passwords intelligently. Then they'll be easier to remember.

    "W)Wg#jwe9^)SEG" is pretty hard to remember.

    "BankPass" is a terrible password, but easy to remember. Don't use it.

    "Wh3rzIzM!M0ny?" (Where is my money?) is easier to remember, even though it's a nice secure password. I dare any brute force attack to get that one. :)

        For the sake of legacy access (like, when you get hit by a bus, and your wife needs to get into your accounts), make sure a second *TRUSTWORTHY* person knows the combination to the safe in your basement.

  6. Re:And now thanks to /. and microsoft on Microsoft Tries To Censor Bing Vulnerability · · Score: 1

        Aw, you haven't read enough civil lawsuits, have you.

        It's rarely about who's right or wrong. It's about who can screw who for how much.

        In your car analogy, there would be plenty of other lawsuits.

        The car manufacturer would be sued for not providing a warning label on the keys.

        The key manufacturer (if not the car manufacturer) would be sued for providing an insecure system.

        The conference center would be sued for not providing adequate security to protect against said theft.

        Wackenhut (the security company for said conference center) would be sued for allowing the car to be stolen.

        The local police department would be sued because they failed to stop the theft.

        The list could go on and on, but you see it. Usually the prime targets are those with lots of money. Why go after the people attending the conference, when the real money lies with the car manufacturer, Wackenhut, and (possibly) the local government.

  7. Re:Just off the top of my head on How Do You Evaluate a Data Center? · · Score: 1

    I'm really happy to see when people know what they're talking about. :)

    At one datacenter, I worked closely with the site engineer Our cage was fairly stuffed, and he used ours as an example to newbie customers on how to do some things. The center of our cage was our cold "aisle". The outside was our hot side (just two rows of servers). He'd bring his infrared temperature sensor along, and point out the back of our rack was only about 10 degrees hotter than the front, because we did account for good air flow. They had a much more robust customer (several thousand machines) who followed our lead as they were populating their cages, and they never had heat problems. I could actually walk around their area, and barely feel the temperature difference.

    The bad site I mentioned, I felt the heat walking through areas that shouldn't have even been warm.

    If anyone wants to know the site, email me. I won't post it. They were bad though. They were pretty bad about other things too. Like, "I'm bound by contract not to say who's in that space, but they are the huge search engine, who's name rhymes with zoogle". Come on guys, how am I suppose to trust that you won't disclose anything about my company now?

    Needless to say, we never moved in there.

  8. Re:Just off the top of my head on How Do You Evaluate a Data Center? · · Score: 1

        That's another whole story. :) Don't make me tell you about the Catalyst 5000 switch I bought on eBay, just to find it was still configured for the classified network it was on.

  9. Re:Just off the top of my head on How Do You Evaluate a Data Center? · · Score: 5, Informative

        I noticed something when touring one datacenter. They had a neat conference room that overlooked the whole datacenter. You could see the heat rising off of one area (Google's room). They went on and on about the wonders of their cooling, and how they had so much capacity.

        We later took the guided tour. The person I was with was talking to our guide, and I was paying careful attention to our environment. There were tremendous hotspots on the floor. We're not talking about 78 degrees. It was closer to the 90's. Other spots were downright cold. Why? Because they had all this capacity, and no real planning. The circulation was insufficient, even though the capacity was available. A well populated rack will always be hot at the back, but it's expected that they will draw the air off of that area rather quickly. I've even seen datacenters that enforce their hot/cold aisles, but then there isn't much of a reason for it. There is no air return on the hot side, and it's just blowing at another aisle's cold side.

        Sometimes it's good to just walk the floor with a tech (not a salesman), and ask questions about the operation. What kind of fiber do you have coming in? How many providers? How good are your generators really? Do you test them on a regular basis? I've found a sales minion will say there are a dozen providers coming in, but it will turn out that only one has substantial fiber, and the others are sharing that. {sigh} Sometimes they will have generators, but they've never test fired them. Sometimes the tech is just frustrated at the nonsense at that datacenter, and that's indicative of how it's going to be to work with them.

           

  10. Re:Good luck with that on Massive Power Outages In Brazil Caused By Hackers · · Score: 1

        Ya, I know that any box can be hacked. You just don't run into the trouble of someone putting a USB drive on your Linux machine, and it getting a virus. :)

        I'm sure you already know, most *nix boxes that are exploited are because the owners did something stupid. They didn't properly secure their machines, or they didn't keep up with the patches. I know of some machines that were exploited, because they ran SSH on port 22, and they set the root password to "password" before shipping them to the datacenter. They had the intention of changing the passwords before they went into production use, but it was frequently a month or two between the time they were put online, and the time someone bothered to do something with the box.

        Good security would say to only run the necessary services, and only allow those services to be connected to by trusted networks. Additionally, and public facing software should be properly audited for security considerations. I an always amazed that some people think that putting in something like passthru("$_REQUEST[query]"); would be ok. Heck, I've even see people include files with stupid stuff like $template = `cat $_REQUEST[filename]`;, which is easily exploited with something like "myuri.php?filename=foo; rm /etc/passwd". It's not the fault of the OS for stupid developers putting stupid code up.

  11. Re:Your body doesn't have a 100% conversion factor on Why Doesn't Exercise Lead To Weight Loss? · · Score: 1

        I've been like this for years, and haven't died yet. :)

  12. Re:Houston Has Similar Plans on Vermont City Almost Encased In a 1-Mile Dome · · Score: 1

        I'd see a bigger problem of lack of rainfall inside the dome. Are they going to irrigate the whole dome area??

        It's still funny to think of the methane explosion that could happen when those people living inside have passed enough gas. Are they going to outlaw beans? :)

  13. Re:Houston Has Similar Plans on Vermont City Almost Encased In a 1-Mile Dome · · Score: 1

        There's a difference in a skyscraper. They pressurize the building with outside air, and it's constantly replenished. If you get a chance, have a building engineer escort you to the roof (or whereever their HVAC equipment is). You'll see huge blower fans which are sucking in outside air, and blowing it inside. That's also why you'll see the lower doors frequently blow themselves open, or at very least when you open a lower door, air will come rushing out. Some building use rotating doors to alleviate that problem.

        There are other reasons for the rushing air too. If it's hot out, and they cool the building, the air is much denser inside the building.

      The last building I worked in was 13 stories (12 by elevator and the 13th by stairs). That problem was obvious. I worked in a 42 story building for a while, and they had strong hydraulics on the doors to keep them shut. It also leaked substantial air into the parking garage levels (1-12) from the occupied levels (14-42) 13 on that one was accessible by stairs from the 12th level. Ahh, I love the mysticism of the 13th floor, and how they are usually careful to hide it. :)

  14. Re:Your body doesn't have a 100% conversion factor on Why Doesn't Exercise Lead To Weight Loss? · · Score: 1

        I always find it funny that people will argue it. They'll find any reason for dieting and exercise to not be a workable solution. If you let them explain enough, they could eat absolutely nothing, and do 12+ hours of hard physical labor every day, and still not lose a pound.

        Your answer is right though. Energy cannot be created nor destroyed, it can only change form.

        I know I don't get as much physical exercise in as I should. I also eat one small meal per day. I maintain 150 to 155 pounds, and my BMI is comfortably in the "Normal" range. If I do more work, and expend more energy, I eat more during that period, and that's it.

  15. Re:Good luck with that on Massive Power Outages In Brazil Caused By Hackers · · Score: 1

        Sure, impenetrable security exists. Don't put your key infrastructure equipment out on the public Internet. Lax security like that will always end up being a problem.

        I won't say I'm perfect, but I'm also not getting the big bucks that the power companies are.

        I only watched part of they show, but they were talking about a DoD site (I believe) that had a security breach, because someone plugged in a virus infected USB drive. Ummmm, why was someone allowed to attach that in the first place?

        When I ran a big network, the only USB drives that people were allow to attach were provided by me, only for use on the network. They didn't go on personal machines. People didn't bring personal machines in to use on the server network. Then again, all of our servers were Linux, so it really didn't matter. :) I still had the policy in place, just as a good security practice.

  16. Re:The security cam recording might be easy on Reusing Old TiVo Hardware? · · Score: 1

        I think what he's thinking of is the series 2 DirecTiVo. It could record two satellite feeds at once. As far as I know, there was no way to work it's satellite tuners though, so if you weren't using it with DirecTV, it's a brick. I have several TiVo's, including two of the HDVR2's and a few other series 1 and 2's.

  17. Re:Floating? on Find DARPA's Balloons, Win $40K · · Score: 1

        The original topic was using the cameras to find the lost DARPA balloons.

        Interconnected corporate buildings? Well, I suppose it's possible that an expansive corporation may (may) have an interconnected CCTV system. What corp can you think of, that has visibility of every roadway in the country. Ya, the DARPA rules specify "roadway" not "highway". Hell, even if Walmart piped all of their cameras back to Bentonville, that wouldn't provide complete coverage of all the highways. I don't even know that their cameras monitor the highways. All of their cameras that I have observed are internal to the building, or aim into the parking lot but not the adjoining roads. Unless they drop the lost DARPA balloons in Walmart parking lots, you'd be hard pressed to guess the corp that you might be able to hack to get their cameras and find them.

        I think you'll find in general, buildings have multiple isolated systems based on who's interested in putting the cameras up. Your best bet would be the building security cameras, which are usually piped to an inside room (and not to the Internet).

        That's just my opinion, and I'm a nosy bastard and ask lots of questions, and in that I've had a good look at a lot of corporate building security cameras and systems. It's amazing what a little social engineering can do, especially if you're sincere. :)

  18. Re:Report from the field: "Drivers very confused" on Computer Failure Causes Gridlock In MD County · · Score: 1

        It's worked a lot better since I installed the inertial compensators. :)

  19. Re:Report from the field: "Drivers very confused" on Computer Failure Causes Gridlock In MD County · · Score: 1

        I know exactly what you're talking about. It's either a convex glass lens, or a Fresnel lens. I've seen both. I think they're to increase range, and reduce side visibility, but ya, I've driven up on them, and depending on the angle, they may disappear or appear. Visual signals should always be visible (duh). :)

  20. Re:This is reassuring... on Computer Failure Causes Gridlock In MD County · · Score: 5, Interesting

        IANATE (I Am Not A Traffic Engineer), but I've had the opportunity to talk to some over the years. From what I recall of those conversations, most, if not all, traffic signals are failsafe. They cannot have colliding greens, and they won't generally just turn off. Even in the event of a power failure, they're suppose to stay up on batteries for a while.

        I have seen their failsafe behavior fail though. I was once driving on a dark foggy night. Visibility was very very poor. I was staying in my lane, but I couldn't see much else. I had a long drive in a rural area, and I was coming into an urban area. I expected to see street lights and traffic lights, but there were none. As I was driving, another car shot across the road just ahead of me, missing me by just a few feet. He didn't see the traffic light that wasn't working either. I called the police, so they could station an officer there. Their response was "Are you crazy? No one can see at that intersection. He'll get hit." Hmmm, good logic. At least no one got killed there that night.

  21. Re:MontCo $$ on Computer Failure Causes Gridlock In MD County · · Score: 2, Informative

        No one fixes infrastructure until it's broken. That's pretty standard everywhere.

        Los Angeles has had an increase in water main breaks also. They fix the spot as they break. If I remember their numbers, they expect about 400 to 700 main breaks per year.

        Who cares about the old mini/mainframe running the traffic lights. If it's run since the 70's or 80's, it'll run forever. I always love that intelligence. I like to laugh about it more when it fails too. :)

  22. Re:Report from the field: "Drivers very confused" on Computer Failure Causes Gridlock In MD County · · Score: 1

      I've seen some places in the US, where the green light is blue. I still haven't figured that one out, but I tend to go for the blue light, and stop for the pink one.

  23. Re:PEBAAC on Toyotas Suddenly Accelerate; Owners Up In Arms · · Score: 1

        You know, that's one of those things that I've always wondered.

        Years ago, I was driving in an old van. I had just hit the gas to accelerate from a stop. I needed to accelerate to 30mph. When I left off the gas, it didn't stop accelerating. It didn't take me more than about 2 seconds to realize what happened, bump the key down to "off" (but not "lock"), the shifter into neutral, and rolled just off the road to a nice safe stop.

        Hell, if for some mysterious reason you can't do that, stand on the brakes, and set the emergency brake until it stops. Pull it into the grass, the extra resistance will help slow it down. Or worst case, rub it against a guard rail or a wall until it stops. You can really upset some folks, and rub it down the side of parked cars. It's not as bad as head on.

        Shouldn't drivers know how to deal with emergencies? Oh ya, they are.

  24. Re:PEBAAC on Toyotas Suddenly Accelerate; Owners Up In Arms · · Score: 1

        Oddly enough, I just replaced a TPS in a friends Dodge truck. It would stall when started cold, and would sometimes stall while driving. Oh, and it ran terribly rough. There were absolutely no stored OBD-II codes. He took it to three different shops that couldn't figure it out. I noticed the computer wasn't registering my throttle position changes quite right, so I swapped the TPS. It was $35 for his.

         

  25. Re:PEBAAC on Toyotas Suddenly Accelerate; Owners Up In Arms · · Score: 1

        When I can walk at over 100mph, and not get wet in the rain, or hot when it's 100 degrees out, I'll be more than happy to walk rather than drive. :)

        But hey, you're a troll, I don't know why I'm bothering to answer.

        And ya, I suck at giving gifts for a holiday that the Christians subjugated from ... well, everyone else. I'm a lot of fun for the holidays surrounding the Winter Solstice though. Food, drinks, and gifts for all! Even for you, my blasphemous little friend... even you...