Honestly, it scares me that vanilla FTP is so widely used and the defacto way to transfers files for so many services. Its completely unencrypted.
Er, not everything needs to be encrypted. Having it as an option is great, but for non-sensitive data (e.g., source code that I'm already making available to the world) I'll take the protocol with the lower overhead.
remember how they said that we'll all be using Netbooks??
Yep. This post it being written from one, and it's really rather nice. That said, I'm running Xubuntu, as Windows 7 crawled when I had it on here. MS really does need to remember how to make a lean, fast, and usable OS. Right now they've got market share, but the only way to keep that is to stay ahead of the game. As they say, complacency kills.
Netbooks were killed by the simple fact that I can now get a full-size notebook for $350, so why would I want a DVD-less netbook for the same price?
Because it's half the size and the battery lasts longer. Though with Intel's crappy Atom chipsets perhaps the second part is no longer true.
Quite the contrary - I got one of the newish Atom netbooks (dual core), and its battery life is just perfect, provided I don't do anything really squirrelly, like sudo renice -19 -p $$ && sudo ionice -c 1 -p $$ && make -j12. At which point, I'd reasonably expect the battery life to drop on just about anything, given a complex enough code base.
I cheat. I write python code that writes its own plain C code, compiles it then executes it. this way, I work once to write a C template, that I then reuse through a high level language. and when I combine the advantages of python (sympy for instance) with the speed of C, I get stuff that is ridiculously faster than what I did before. in the sense that I don't work a lot to write it, and I don't wait around a lot for it to actually run afterwards.
working with numerical simulations, I'm allowed to cheat this way...
Might be a silly question, but have you given Cython a shot? It sounds like you're doing something very similar to what their project was built to do.
So basically, you get around Python's performance limitations... by using C instead.
Way to go!
Why not? Use the right tool for the job. Though I'm curious if the parent has tried Cython. It seems like it might be a better fit for what they're doing.
Indeed, D2 looks amazing. And as I've said before, I love C++.
I'm curious as to how the C and C++ interop fronts are for D, though. I mean, one of the big reasons C++ hasn't gone away is the enormous amount of libraries written in it. Lua has Luabind, Python has Boost.Python... how does one connect D to these marvelous wonders that keep us from diving head first into NIH syndrome?
Serious question - I haven't had a chance to look into it myself.
Indeed. Add onto all of those the fact that, AFAIK, on Linux, completely static linking a project is damn near impossible.
If you know otherwise, please let me know. I love the hell out of the language (yes, yes, I'm insane) but this kind of shit kills me. Is it so much to ask, to want to be able to compile a program and simply drop it onto another machine, without having to worry about what version of the standard libraries that machine has installed?
I can understand the issue with network libraries - C has issues with those, as well. But for basic applications - a non-networked game, for instance - this sort of limitation is annoying.
just hook into a repository for your distro and let it do the work for you.
This works, until you find that the version of $LIBRARY available in your distribution's repo is old as dirt - and the unofficial ones floating around online aren't much better - and you want to write software that has the latest features, bug fixes, etc. Then it's back to compiling and dependency tracking...:D
But, because there is a large influx of semi-skilled people who think that the fact they installed Ubuntu on their PC at home makes them a sever admin
While I won't say that it does make them a server admin, everyone has to start somewhere, and a lot of schools these days leave out a lot when it comes to technology. A friend of mine graduated with a Comp Sci degree a few years ago, and had barely touched anything *nix at all. I think they might have had them log into an old RHEL VM and use pico, perhaps start and stop apache, but that was it. This isn't to say that he wasn't smart, it's just that they didn't teach him anything outside of VB.NET and (how it use it to work with) XML.
I've since met and worked with others who had similar experience, if you s/VB.NET/Java/
Not precisely what I'd consider a broad range of education.
- require https over http to devices, yet still have telnet access enabled.
I'm sure I have several devices on my network with telnet enabled. Why should I bother disabling it? I don't use it, so its vulnerability to password sniffing is irrelevant.
I'm curious as to why you wouldn't disable telnet on those devices, if you don't use it.
I had a test OSX server at my last job I was at. Pretty much closed all ports except for 80 and whatever port Apple RDP ran on (actually, I closed that down at first, oops, had take a macbook into the server room to fix that), then opened up ports as needed.
I'm sure you realize this now, but for the sake of anyone else reading this you could have saved yourself a trip to the server room had you left 22 open; most OSX services can stopped and started via command line, just like any other *nix. I could be wrong (I don't use Mac's often), but I think they stick them in/System/Library/CoreServices, or somewhere similar.
As far as not using sudo, I think it depends on what you're doing. For example, if you're just running a single command, it makes sense to sudo (e.g., editing/etc/hosts, restarting a service, etc), but if you're going to be working with root privileges for a while, it just makes more sense, and saves you some keystrokes, to use su.
You do... for now. I fear the day when people track our purchases closely enough to notice when we aren't buying DVDs or cable. It's a small logical jump to come to the conclusion that because we are not buying we must (obviously) be torrenting, instead. The jackboots will then be dispatched forthwith.
Think it can't happen?
I'm not. Anyone familiar with medical records and computer security issues considers the security portions of HIPAA a joke.
The primary reason is that medical records are pretty much universally kept on MS Windows systems.
I guess I was lucky. Most of the medical software I've worked on has run on CentOS or RHEL systems.
There are several reasons why this makes data security a joke. The main one has been discussed here at/. several times: Windows has an automatic update feature, which you can turn off for "application" level software. However, it can't be turned off for "system" level software. MS has admitted that this has been true since XP. Their excuse is that kernel security issues are taken seriously, and updates are mandatory.
However, if you think about this for a few seconds, it obviously means that any time your Windows system is connected to the Internet, MS can silently install any new software they like. If your machine isn't reporting the contents of selected files to a.microsoft.com site now, it could be by the time you read this, and unless you're a real Windows security guru, you'd never suspect.
So if you're running Windows, you must assume that anyone who has "socially engineered" a connection at MS has access to all of your data.
And, less you think this is all spurious, you might look around in the records of the internet back in the 1990s when MS was first supplying systems with internet access. There are multiple reports of people getting curious about why their modem's lights were flickering when the machine was idle. Attaching a line monitor showed that the traffic was a list of the contents of the disk, being sent to a.microsoft.com address. The server on the other end could obviously also ask for the contents of files. This was ignored by the media and most managers, but it was noticed by the geeks among us with even minimal understanding of network security. Similar behavior has been reported for most releases of Windows.
This all has obvious application to HIPAA rules. My wife has worked with medical data for several decades now, at several employers. Every one of them worked exclusively on Windows systems. She has a Windows partition on her Mac "for work", and uses it a lot. She also has a work-supplied take-home Windows laptop. It's true that they use VPN to connect to the office computer systems. But this does nothing for the above issues. Since her Windows partition and laptop are connected to our home network, VPN just supplies an internet connection to her office machines, so their "silent upgrade" feature can work any time she's connected. This shoots down any claims that her office is protected from malicious sites (such as microsoft's;-) by VPN. We've verified that both her Windows systems can easily access.microsoft.com web sites while connected via VPN, showing that there is a data path for MS's silent update software to work.
This is hardly a secret. We've discussed it here on/., and it's been discussed in lots of other forums. Microsoft has a clear and obvious silent path to any medical data stored on their systems, any time they have an internet connection, which is almost all medical systems in the US. Anyone who can bribe the right people at MS also has such access.
So the fact that HIPAA rules don't forbid the use of MS Windows makes those rules a joke. I'd bet that many medical records people understand all this. It should be no surprise that they treat HIPAA data security as a joke.
Oh, that's actually pretty simple. Block Microsoft's sites via firewall rules (not on a per-machine basis, that would be silly, but at the point of entry). You can still have machines outside of the network download all the security updates that a machine might need, put them on a DVD, and make that available to the workstations (
how do I test software for IPv6 compatibility without any IPv6 connections?
That would be like coding for Y2K compliance and never setting the clock on your test machine to anything after 1975
Well, Linux has been able to act as a router for a very long time; the same can be said about its ability to handle IPv6. So, to answer your question, you just have a section in your test suite that checks the software's ability to work with IPv6, just like you should have a section that tests handling IPv4 connections. With virtual interfaces, one doesn't even need to have multiple machines or network cards.
Why does EVERY FOSS guy think it is about Windows and Office? Hint: It is NEVER about Windows and Office, it is about all those funky ass "mission critical" apps that do not run on Linux full stop. From the charting and accounting software, to the payroll apps, damned near everything in most business will NOT run on Linux, and a good 80% of them I'd say have NO equivalent on Linux.
[...]
So in conclusion while I'm sure it'd be nice for Linux adoption if all people did at work was use a browser or make documents, but that is rarely the case. It is all those OTHER apps that are used every single day that bite you in the ass, NOT Windows and Office.
QFT.
You can make your X desktop look and feel like Windows, and you can install Open Office, Firefox, Chrome, etc, but good luck with the little vb6 app (of unknown origin, whose last known maintainer only speaks broken Swahili) that the entire company depends upon to run their day to day operations. But don't feel bad, because that same app has kept them from upgrading their Windows 2000 boxen to XP (let alone Windows 7) long before they ever heard of a "Lunix". (:
I noticed 2 things in this thread:
1. Several people got candid answers from Dell, and several got the run around.
2. The ones that got the run around were the ones that spoke to India.
This may have something to do with the fact that, in the US, many of the tech support reps are simply "doing their time". Unless they're really, really new, they don't give three shits about their job, and if a) they're at least moderately intelligent and b) happen to be speaking with someone who's at least moderately intelligent and the client is c) if not polite, then at least realistic, the rep will be quite forthcoming and helpful. This is sometimes to the detriment of the company that they work for - I consider this to be proof that karma (ENTERPRISE EDITION(TM)®!) does affect companies.
Or it might simply have something to do with my own, admittedly anecdotal, experiences.
Everyone I speak with agrees that pot should be legalised just like in the Netherlands. That way you can keep much better control over it.
I agree that it should be legalized (pursuit of happiness and all that) but I'm not so sure that I buy the "you can keep much better control over it" line. When I was a kid I had no problems getting my hands on booze or tobacco and both of those products are legal. We always knew which store we could go to that wouldn't card us, which 21+ sibling of a friend would make a straw purchase and whose parents were too lazy to lock up the liquor cabinet.
So no, I don't buy that legalizing pot would make it harder for the kiddies to get their hands on it. The only thing that will do that is parental involvement but I heard that went out of fashion a long time ago and the current trend is to rely on the TV and internet to raise your kids.....
Keep in mind that "better control over it" isn't limited to keeping it away from under-age users. It also means the application of agricultural and consumer protection laws that we enjoy in regard to our legal vices.
I like my e-cig (model DSE801, a "pen style"). I'd tried a few other models, and found that the more they look like a normal cig, the worse they operate.
I bought mine at vapor kings, if anyone else wants to try it.
The "juice" can be 0 nicotine, by the way, and can be made at home using either propylene glycol, or good old vegetable glycerine.
We haven't, though. We've landed there. We've brought a few rocks home. We've had some catastrophes and near-catastrophes. But no one has actually lived there.
It seems like it'd make more sense to colonize the moon - perhaps to the extent that we can launch from there, where we don't have to fight gravity nearly as much - before taking on another planet. We'd get a bunch of data on living (and coping with living) in near-zero G, they'd have a chance to work out any kinks in their theories on survival in a hostile climate, and still not be 9 months from home. It'd be a great way to prepare for the rest of the planets, I should think. I mean, if we can make a rock with no atmosphere habitable, that'd be a big freaking breakthrough.
I don't work for NASA, however; nor have I memorized every mission they've publicized. So maybe I'm missing something. If that's the case, by all means, enlighten me.
Also, about the muscles degenerating in a (far) lower gravity situation, as long as it's not zero G, couldn't they wear weights (i.e., like weighted vests, pants, whatever) to offset the lower gravity? We do that now, on Earth, for resistance training. It would seem like they would just need to add more weight - again, so long as it's not zero gravity.
Slashdot Mirror
Honestly, it scares me that vanilla FTP is so widely used and the defacto way to transfers files for so many services. Its completely unencrypted.
Er, not everything needs to be encrypted. Having it as an option is great, but for non-sensitive data (e.g., source code that I'm already making available to the world) I'll take the protocol with the lower overhead.
remember how they said that we'll all be using Netbooks??
Yep. This post it being written from one, and it's really rather nice. That said, I'm running Xubuntu, as Windows 7 crawled when I had it on here. MS really does need to remember how to make a lean, fast, and usable OS. Right now they've got market share, but the only way to keep that is to stay ahead of the game. As they say, complacency kills.
Netbooks were killed by the simple fact that I can now get a full-size notebook for $350, so why would I want a DVD-less netbook for the same price?
Because it's half the size and the battery lasts longer. Though with Intel's crappy Atom chipsets perhaps the second part is no longer true.
Quite the contrary - I got one of the newish Atom netbooks (dual core), and its battery life is just perfect, provided I don't do anything really squirrelly, like sudo renice -19 -p $$ && sudo ionice -c 1 -p $$ && make -j12. At which point, I'd reasonably expect the battery life to drop on just about anything, given a complex enough code base.
I cheat. I write python code that writes its own plain C code, compiles it then executes it. this way, I work once to write a C template, that I then reuse through a high level language. and when I combine the advantages of python (sympy for instance) with the speed of C, I get stuff that is ridiculously faster than what I did before. in the sense that I don't work a lot to write it, and I don't wait around a lot for it to actually run afterwards. working with numerical simulations, I'm allowed to cheat this way...
Might be a silly question, but have you given Cython a shot? It sounds like you're doing something very similar to what their project was built to do.
So basically, you get around Python's performance limitations... by using C instead.
Way to go!
Why not? Use the right tool for the job. Though I'm curious if the parent has tried Cython. It seems like it might be a better fit for what they're doing.
Indeed, D2 looks amazing. And as I've said before, I love C++.
I'm curious as to how the C and C++ interop fronts are for D, though. I mean, one of the big reasons C++ hasn't gone away is the enormous amount of libraries written in it. Lua has Luabind, Python has Boost.Python ... how does one connect D to these marvelous wonders that keep us from diving head first into NIH syndrome?
Serious question - I haven't had a chance to look into it myself.
How is that relevant? Nobody uses C++ for OS kernels.
That's not quite true. But close.
Indeed. Add onto all of those the fact that, AFAIK, on Linux, completely static linking a project is damn near impossible.
If you know otherwise, please let me know. I love the hell out of the language (yes, yes, I'm insane) but this kind of shit kills me. Is it so much to ask, to want to be able to compile a program and simply drop it onto another machine, without having to worry about what version of the standard libraries that machine has installed?
I can understand the issue with network libraries - C has issues with those, as well. But for basic applications - a non-networked game, for instance - this sort of limitation is annoying.
just hook into a repository for your distro and let it do the work for you.
This works, until you find that the version of $LIBRARY available in your distribution's repo is old as dirt - and the unofficial ones floating around online aren't much better - and you want to write software that has the latest features, bug fixes, etc. Then it's back to compiling and dependency tracking... :D
But, because there is a large influx of semi-skilled people who think that the fact they installed Ubuntu on their PC at home makes them a sever admin
While I won't say that it does make them a server admin, everyone has to start somewhere, and a lot of schools these days leave out a lot when it comes to technology. A friend of mine graduated with a Comp Sci degree a few years ago, and had barely touched anything *nix at all. I think they might have had them log into an old RHEL VM and use pico, perhaps start and stop apache, but that was it. This isn't to say that he wasn't smart, it's just that they didn't teach him anything outside of VB.NET and (how it use it to work with) XML.
I've since met and worked with others who had similar experience, if you s/VB.NET/Java/
Not precisely what I'd consider a broad range of education.
- require https over http to devices, yet still have telnet access enabled.
I'm sure I have several devices on my network with telnet enabled. Why should I bother disabling it? I don't use it, so its vulnerability to password sniffing is irrelevant.
I'm curious as to why you wouldn't disable telnet on those devices, if you don't use it.
I had a test OSX server at my last job I was at. Pretty much closed all ports except for 80 and whatever port Apple RDP ran on (actually, I closed that down at first, oops, had take a macbook into the server room to fix that), then opened up ports as needed.
I'm sure you realize this now, but for the sake of anyone else reading this you could have saved yourself a trip to the server room had you left 22 open; most OSX services can stopped and started via command line, just like any other *nix. I could be wrong (I don't use Mac's often), but I think they stick them in /System/Library/CoreServices, or somewhere similar.
As far as not using sudo, I think it depends on what you're doing. For example, if you're just running a single command, it makes sense to sudo (e.g., editing /etc/hosts, restarting a service, etc), but if you're going to be working with root privileges for a while, it just makes more sense, and saves you some keystrokes, to use su.
YI have a choice to not watch.
You do... for now. I fear the day when people track our purchases closely enough to notice when we aren't buying DVDs or cable. It's a small logical jump to come to the conclusion that because we are not buying we must (obviously) be torrenting, instead. The jackboots will then be dispatched forthwith. Think it can't happen?
It won't happen as long as they're selling books.
Oh, damn.
I'm not. Anyone familiar with medical records and computer security issues considers the security portions of HIPAA a joke.
The primary reason is that medical records are pretty much universally kept on MS Windows systems.
I guess I was lucky. Most of the medical software I've worked on has run on CentOS or RHEL systems.
There are several reasons why this makes data security a joke. The main one has been discussed here at /. several times: Windows has an automatic update feature, which you can turn off for "application" level software. However, it can't be turned off for "system" level software. MS has admitted that this has been true since XP. Their excuse is that kernel security issues are taken seriously, and updates are mandatory.
However, if you think about this for a few seconds, it obviously means that any time your Windows system is connected to the Internet, MS can silently install any new software they like. If your machine isn't reporting the contents of selected files to a .microsoft.com site now, it could be by the time you read this, and unless you're a real Windows security guru, you'd never suspect.
So if you're running Windows, you must assume that anyone who has "socially engineered" a connection at MS has access to all of your data.
And, less you think this is all spurious, you might look around in the records of the internet back in the 1990s when MS was first supplying systems with internet access. There are multiple reports of people getting curious about why their modem's lights were flickering when the machine was idle. Attaching a line monitor showed that the traffic was a list of the contents of the disk, being sent to a .microsoft.com address. The server on the other end could obviously also ask for the contents of files. This was ignored by the media and most managers, but it was noticed by the geeks among us with even minimal understanding of network security. Similar behavior has been reported for most releases of Windows.
This all has obvious application to HIPAA rules. My wife has worked with medical data for several decades now, at several employers. Every one of them worked exclusively on Windows systems. She has a Windows partition on her Mac "for work", and uses it a lot. She also has a work-supplied take-home Windows laptop. It's true that they use VPN to connect to the office computer systems. But this does nothing for the above issues. Since her Windows partition and laptop are connected to our home network, VPN just supplies an internet connection to her office machines, so their "silent upgrade" feature can work any time she's connected. This shoots down any claims that her office is protected from malicious sites (such as microsoft's ;-) by VPN. We've verified that both her Windows systems can easily access .microsoft.com web sites while connected via VPN, showing that there is a data path for MS's silent update software to work.
This is hardly a secret. We've discussed it here on /., and it's been discussed in lots of other forums. Microsoft has a clear and obvious silent path to any medical data stored on their systems, any time they have an internet connection, which is almost all medical systems in the US. Anyone who can bribe the right people at MS also has such access.
So the fact that HIPAA rules don't forbid the use of MS Windows makes those rules a joke. I'd bet that many medical records people understand all this. It should be no surprise that they treat HIPAA data security as a joke.
Oh, that's actually pretty simple. Block Microsoft's sites via firewall rules (not on a per-machine basis, that would be silly, but at the point of entry). You can still have machines outside of the network download all the security updates that a machine might need, put them on a DVD, and make that available to the workstations (
Javascript executed faster === you get attacked faster.
FTFY. :D
Yeah, lots of very smart people working on making javascript much faster.
Too bad perl, python, ruby aren't getting faster as fast.
Luckily, Lua is. :D
Though I do prefer Python, I've got to hand it to the moonies, they're fricken fast!
how do I test software for IPv6 compatibility without any IPv6 connections? That would be like coding for Y2K compliance and never setting the clock on your test machine to anything after 1975
Well, Linux has been able to act as a router for a very long time; the same can be said about its ability to handle IPv6. So, to answer your question, you just have a section in your test suite that checks the software's ability to work with IPv6, just like you should have a section that tests handling IPv4 connections. With virtual interfaces, one doesn't even need to have multiple machines or network cards.
The Japanese spent ages working on a death ray in World War 2. How long til something like this ends up in active service?
Something like this? :D
Why does EVERY FOSS guy think it is about Windows and Office? Hint: It is NEVER about Windows and Office, it is about all those funky ass "mission critical" apps that do not run on Linux full stop. From the charting and accounting software, to the payroll apps, damned near everything in most business will NOT run on Linux, and a good 80% of them I'd say have NO equivalent on Linux.
[...]
So in conclusion while I'm sure it'd be nice for Linux adoption if all people did at work was use a browser or make documents, but that is rarely the case. It is all those OTHER apps that are used every single day that bite you in the ass, NOT Windows and Office.
QFT. You can make your X desktop look and feel like Windows, and you can install Open Office, Firefox, Chrome, etc, but good luck with the little vb6 app (of unknown origin, whose last known maintainer only speaks broken Swahili) that the entire company depends upon to run their day to day operations. But don't feel bad, because that same app has kept them from upgrading their Windows 2000 boxen to XP (let alone Windows 7) long before they ever heard of a "Lunix". (:
Unless you own a PS3.
...And are willing to let Sony yank features out of your firmware. I don't honestly think that 3D is worth losing the ability to boot Linux.
I noticed 2 things in this thread:
1. Several people got candid answers from Dell, and several got the run around.
2. The ones that got the run around were the ones that spoke to India.
This may have something to do with the fact that, in the US, many of the tech support reps are simply "doing their time". Unless they're really, really new, they don't give three shits about their job, and if a) they're at least moderately intelligent and b) happen to be speaking with someone who's at least moderately intelligent and the client is c) if not polite, then at least realistic, the rep will be quite forthcoming and helpful. This is sometimes to the detriment of the company that they work for - I consider this to be proof that karma (ENTERPRISE EDITION(TM)®!) does affect companies.
Or it might simply have something to do with my own, admittedly anecdotal, experiences.
For its time, Warp 4 was neat.
That said, in this day and age, I'd rather play with haiku than some musty, old IBM OS. IMHO there's more novelty to it.
To each their own, though.
Everyone I speak with agrees that pot should be legalised just like in the Netherlands. That way you can keep much better control over it.
I agree that it should be legalized (pursuit of happiness and all that) but I'm not so sure that I buy the "you can keep much better control over it" line. When I was a kid I had no problems getting my hands on booze or tobacco and both of those products are legal. We always knew which store we could go to that wouldn't card us, which 21+ sibling of a friend would make a straw purchase and whose parents were too lazy to lock up the liquor cabinet.
So no, I don't buy that legalizing pot would make it harder for the kiddies to get their hands on it. The only thing that will do that is parental involvement but I heard that went out of fashion a long time ago and the current trend is to rely on the TV and internet to raise your kids.....
Keep in mind that "better control over it" isn't limited to keeping it away from under-age users. It also means the application of agricultural and consumer protection laws that we enjoy in regard to our legal vices.
I like my e-cig (model DSE801, a "pen style"). I'd tried a few other models, and found that the more they look like a normal cig, the worse they operate.
I bought mine at vapor kings, if anyone else wants to try it.
The "juice" can be 0 nicotine, by the way, and can be made at home using either propylene glycol, or good old vegetable glycerine.
Been there done that.
We haven't, though. We've landed there. We've brought a few rocks home. We've had some catastrophes and near-catastrophes. But no one has actually lived there.
It seems like it'd make more sense to colonize the moon - perhaps to the extent that we can launch from there, where we don't have to fight gravity nearly as much - before taking on another planet. We'd get a bunch of data on living (and coping with living) in near-zero G, they'd have a chance to work out any kinks in their theories on survival in a hostile climate, and still not be 9 months from home. It'd be a great way to prepare for the rest of the planets, I should think. I mean, if we can make a rock with no atmosphere habitable, that'd be a big freaking breakthrough.
I don't work for NASA, however; nor have I memorized every mission they've publicized. So maybe I'm missing something. If that's the case, by all means, enlighten me.
Also, about the muscles degenerating in a (far) lower gravity situation, as long as it's not zero G, couldn't they wear weights (i.e., like weighted vests, pants, whatever) to offset the lower gravity? We do that now, on Earth, for resistance training. It would seem like they would just need to add more weight - again, so long as it's not zero gravity.