Slashdot Mirror


User: tepples

tepples's activity in the archive.

Stories
0
Comments
68,260
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 68,260

  1. Power management in new CPUs on Windows 10 Will Download Some Updates Even Over a Metered Connection (winsupersite.com) · · Score: 1

    Unlike Windows 7, Windows 10 gets drivers for the power management features in newer CPUs, such as Kaby Lake and Ryzen.

  2. I get better hardware support on Linux than I do on windows.

    I guess it really depends on which particular make and model of laptop you have. Recent Ubuntu on an ASUS Transformer Book T100TA still has broken suspend, broken camera, and broken Bluetooth.

  3. Re:You don't have a choice. on Windows 10 Will Download Some Updates Even Over a Metered Connection (winsupersite.com) · · Score: 1

    Can't find non-locked down hardware? Learn how or find someone who can.

    So here's my question to those Slashdot comment section users who can:

    Which current 10" laptop models are currently recommended for running X11/Linux, with working Wi-Fi, webcam, screen brightness, and suspend, without presenting a "Please press Space then Enter to wipe everything" prompt at every boot that others won't know how to skip? Or must one just accept the increased bulk and weight of a 14" model from System76?

  4. Re: Really, Microsoft? on Windows 10 Will Download Some Updates Even Over a Metered Connection (winsupersite.com) · · Score: 1

    Windows 7 still has about three years of "extended support" left, which includes security updates to Windows. Which software that you're required to use for work has dropped support for Windows 7 or 8.1?

  5. What is and isn't a human right on Indiana Considers Prohibiting Cities From Banning Airbnb (usnews.com) · · Score: 0

    I support trans rights but shall here argue the opposite side in order to encourage presentation of the strongest arguments:

    trans rights are a debate about human rights.

    And people disagree as to what is and isn't a human right. Just as not everybody believes that the right to appear naked in public is a human right, not everybody believes that the right to pass in public as the gender opposite that assigned at birth is a human right.

    Conservatives recognize the following as basic human rights: A. the right to present oneself publicly in accordance with the gender on his or her birth certificate, and B. the right of a parent to live without fear of someone fraudulently presenting himself or herself in accordance with the opposite gender in order to gain access to sexually abuse the child of said parent. So-called "bathroom bills" purport to preserve right B.

    Either transgender people are people, and thus deserver full and equal rights

    A cis person is a person and therefore has the right to present himself or herself publicly in accordance with the gender on his or her birth certificate. Likewise, a trans person is a person and therefore has the right to present himself or herself publicly in accordance with the gender on his or her birth certificate. The right to present oneself publicly in accordance with the gender on his or her birth certificate is therefore equal, despite this not being the trans person's preferred gender.

    So what's the solution when a majority of people in one region recognize a particular right as a basic human right, and a majority of people in a different region do not? How does the purported right to present as the opposite gender differ in this sense from the purported right to appear naked in public, which the law already recognizes for every species other than H. sapiens?

  6. Re:Preventing Ludited on Indiana Considers Prohibiting Cities From Banning Airbnb (usnews.com) · · Score: 1

    Typo for "Luddites", in a broad sense meaning those who oppose technological progress because of foreseen negative social consequences.

  7. Re:I am curious if people think this is good or ba on Indiana Considers Prohibiting Cities From Banning Airbnb (usnews.com) · · Score: 2

    If they want to be able to absolve themselves of such responsibilities then they need to establish their location as a purely commerical property away from residential areas.

    Separation by zoning boards between residential use and light commercial use makes cities less walkable. Or do you consider car culture a good thing?

  8. Re:Hefty Fees... on Indiana Considers Prohibiting Cities From Banning Airbnb (usnews.com) · · Score: 1

    What is relevant case law for whether an intentionally prohibitive tax rate contravenes the Eighth Amendment protection against "excessive fines"?

  9. Is it overreach both ways? on Indiana Considers Prohibiting Cities From Banning Airbnb (usnews.com) · · Score: 1

    It is a gross overreach when a city votes to protect trans-rights and a state-law then not only changes the default law in the state to one that denies trans rights but also invalidates the local municipal law and prohibits municipalities from making such laws themselves.

    Is it also "a gross overreach" when vice versa, that is, when a city votes to deny trans-rights and a state-law then not only changes the default law in the state to one that protects trans rights but also invalidates the local municipal law and prohibits municipalities from making such laws themselves?

    Because that's the situation we have here: a city voted to deny homeowners' rights to make a short-term rental and a proposed state law would change the law to protect said rights, overriding city ordinances to the contrary.

  10. Lack of access to compiler on Firefox Goes PulseAudio Only, Leaves ALSA Users With No Sound (omgubuntu.co.uk) · · Score: 1

    why would you use an open-source application without compiling it yourself?

    One reason is laziness, which can be more diplomatically phrased as "having other priorities".

    Another big reason is lacking access to suitable build tools. For example, compiling an open-source application for iOS requires purchase of a Mac in addition to your iPod touch, iPhone, or iPad, as only Xcode for Mac can manage the signing key for deployment on your device. And there's no way at all for end users to build and install software on most recent retail Nintendo video game consoles, despite that the Wii U and Nintendo 3DS run web browsers based on the open-source WebKit library.

  11. VpnService; DNS over TCP on Some HTTPS Inspection Tools Actually Weaken Security (itworld.com) · · Score: 1

    But how do you do this on a phone?

    By installing an app that extends android.net.VpnService . Or by tethering your GNU/Linux laptop.

    SSH only tunnels TCP, DNS is UDP.

    DNS can run over TCP. In fact, many DNSSEC responses are so big that they have to (source).

  12. Re:What happened to the alternatives to SSL/TLS? on Some HTTPS Inspection Tools Actually Weaken Security (itworld.com) · · Score: 2

    Windows supports multiple DNSSEC trust anchors (source) and deploys them through Active Directory Domain Services (source).

  13. DMARC and Jihad with V149R4 on Could We Eliminate Spam With DMARC? (zdnet.com) · · Score: 1

    Is there a geek card to turn in?

  14. Re:This is only half the problem on Could We Eliminate Spam With DMARC? (zdnet.com) · · Score: 1

    I assume that a "legitimate email service" refers to the one provided by the same ISP that the user pays for routing messages to and from the Internet. For example, if you subscribe to Xfinity Internet at home, your "legitimate email service" has an address ending in @comcast.net.

  15. HealthCare.gov on Could We Eliminate Spam With DMARC? (zdnet.com) · · Score: 1

    Don't want spam? Don't have an e-mail account. It is 100% possible in 2017.

    I don't see how, at least for residents of Slashdot's home country. The U.S. federal health care marketplace (HealthCare.gov) requires each user to confirm ability to receive e-mail at a unique address.

  16. Re:What happened to the alternatives to SSL/TLS? on Some HTTPS Inspection Tools Actually Weaken Security (itworld.com) · · Score: 1

    Unless you replaced the root DNS trust anchor in the OS/browser on every single system on your network (something that any well-written OS/browser should make it VERY hard to do)

    I don't see how that'd work. Even if it's hardcoded into the kernel, someone who controls all endpoints on a LAN can just recompile the kernel from source with a patch that changes the trust anchor to that of the MITM.

  17. Re:Fucking DUH. on Some HTTPS Inspection Tools Actually Weaken Security (itworld.com) · · Score: 1

    Certificate pinning resolves this issue

    How should a website get its certificate pinned correctly if a user's first visit is through the corporate MITM?

    In fact, Chrome disables pinning when a certificate chains up to a user-installed CA, such as a corporate MITM (source).

  18. Certificate Transparency on Some HTTPS Inspection Tools Actually Weaken Security (itworld.com) · · Score: 1

    Would prefer a system where issuance of a CA is a matter of real-time verifiable record [...] blockchain might help here

    Such a system is being built in response to the DigiNotar fraud of 2011. It's called Certificate Transparency. And like Bitcoin, it uses a Merkle tree. Chrome already requires it for EV certificates and for certificates issued by Symantec.

  19. Modern TLS has not been SHAttered on Some HTTPS Inspection Tools Actually Weaken Security (itworld.com) · · Score: 1

    Even if a bank were to print out their certificate hash, you can technically generate another certificate with the same hash

    Good luck with that. For one thing, the existing SHA-1 attack is a collision, not a preimage, which is orders of magnitude harder. For another, web browsers aren't supporting new SHA-1 certificates, and SHA-256 isn't in foreseeable danger of even a collision.

  20. HTTP/1.1 526 Invalid Server Certificate on Some HTTPS Inspection Tools Actually Weaken Security (itworld.com) · · Score: 2

    You can't verify with your clients whether the SSL certificate is correct, so you have to either accept or deny all 'broken' SSL certificates.

    That or the proxy could return a 526 ("Invalid Server Certificate") status. (The 52x status codes are defined not by any RFC but unofficially by the Cloudflare reverse proxy service.) The response body describes the problem and displays the details of the certificate that the proxy does not trust. If the user logged into the proxy has "Allow" privileges, the body contains an "Allow" link to let this particular device use this particular upstream certificate despite its use of an unknown issuer or obsolete cipher suite. The IT department can view exceptions in effect.

  21. Re:If it's unzipping encryption it has to re-zip i on Some HTTPS Inspection Tools Actually Weaken Security (itworld.com) · · Score: 1

    DNS can be sent down the SSH tunnel.

    Even if this proxying feature were disabled, the network administrator could still see hostnames. They're in cleartext in the Server Name Indication field of the ClientHello message of any modern TLS connection.

  22. Re:You need a compiler to compile the compiler on Firefox Goes PulseAudio Only, Leaves ALSA Users With No Sound (omgubuntu.co.uk) · · Score: 1

    The topic was not, how to obtain a compiler, but whether or not to compile an application — Firefox — from source. The compiler is part of the operating system — if it is any good, anyway

    Thank you for pointing out another dimension of the actual debate: what constitutes the "operating system". By a definition of "operating system" that includes a compiler, everything in Debian main or Ubuntu main might be considered part of the "operating system". This includes everything recompiled by the distributor (Debian or Canonical) and shipped on the install disc, including Firefox. Others believe that the kernel is the "operating system" and the entire userspace is "applications".

    If all you've got on your choice of OS is either using binaries somebody else compiled for you or a completely unaided manual rebuild, your choice was really poor...

    The Debian and Fedora distribution families give users the option to download packages that contain source code instead of executable code, which can be compiled to a binary package and installed. Though the option is there, it's just rarely used by end users.

  23. Re:You need a compiler to compile the compiler on Firefox Goes PulseAudio Only, Leaves ALSA Users With No Sound (omgubuntu.co.uk) · · Score: 1

    why would you use an open-source application without compiling it yourself?

    Because you need an executable compiler to bootstrap compiling everything else yourself.

    Non sequitur.

    Your reply consists only of the name of a logical fallacy. I infer from this that you desire a more rigorous presentation of the argument.

    I can think of three ways to obtain a copy of GCC in executable form: A) to compile the source code with GCC, Clang, or another free compiler; B) to compile the source code with a proprietary compiler; or C) to download an executable compiled by someone else. Doing A first requires doing B or doing C, and doing C is "us[ing] an open-source application without compiling it yourself". What way to obtain a free compiler in executable form would you recommend? Or are you recommending the use of a proprietary compiler instead of a free compiler?

    Is that the release zip/tar-ball, that the software's author published? Why do you need a "package manager" to download it?..

    A program usually depends on the presence of several other programs, often called "libraries". One could install each library by searching for it, downloading "the release zip/tar-ball, that the software's author published", compiling it, and installing it. But most people prefer the convenience of using a program that automates finding and installing libraries on which a program depends, as well as automating repeating the process when the author publishes one or more security updates for said program.

  24. You need a compiler to compile the compiler on Firefox Goes PulseAudio Only, Leaves ALSA Users With No Sound (omgubuntu.co.uk) · · Score: 1

    why would you use an open-source application without compiling it yourself?

    Because you need an executable compiler to bootstrap compiling everything else yourself. True, you can use David A. Wheeler's diverse double-compiling (DDC) construction to reduce the probability of a trojaned compiler to near zero, but you still need binaries of three independently developed compilers for that.

    Or because the distribution that you have found to best support the hardware in your laptop has a package manager designed around the assumption that the vast majority of users would be downloading binary packages, not source packages.

  25. Great minds think alike: 695,000 results on Firefox Goes PulseAudio Only, Leaves ALSA Users With No Sound (omgubuntu.co.uk) · · Score: 1

    As of today, the verbatim search "poetterix" already has hundreds of results in Google Search, some dating back to June 2013.