Slashdot Mirror


User: Antique+Geekmeister

Antique+Geekmeister's activity in the archive.

Stories
0
Comments
7,305
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,305

  1. Re:It's shitty science, Rei. on India Ditches UN Climate Change Group · · Score: 2, Interesting

    No. They're not. Oceanic effects of solar radiation alone, and their effects on climate, are filled with some very complex models that are _not_ complete. It's like the difference between E=MC2 and designing a fusion power plant: a lot of theory and modeling and testing lie in between, and the systems are very difficult to run full-scale tests or gather long records of extremely accurate data for.

    Reasonably well understood? Sure. But complete understanding. Be honest about it.

  2. Re:news flash on How Infighting Hampers Innovation At Microsoft · · Score: 1

    NT stole _massively_ from VMS memory management. I'm taking testimony from DEC developers who had access to NT development toolkits as evidence, and the articles from the lawsuits.

    NT on Pentium was crippled relative to VMS on Alphas, which was a powerful, robust, and relatively secure operating system. The genuine 64-bit architecture was massively useful for such work.

  3. Re:news flash on How Infighting Hampers Innovation At Microsoft · · Score: 3, Informative

    That wasn't due to innovation. That was plain old software piracy: they hired David Cutler from DEC, one of the authors of VMS, and stole its internals like a pirate robbing Spanish galleons. The resulting lawsuits are one of the reasons NT ran so well on Alphas: its internals had frankly been writen for Alphas originally by Cutler and the personal he hired away from DEC. Sadly, DEC thought they could take a lump settlement and continue to out-innovate Microsoft with their Alpha hardware and its upgrades, but Intel stole core technologies of the Alpha to make the Pentium.

    The result was the fundamentally crippled, by comparison, NT on Pentium. But it was so much cheaper and accessible for consumer grade products, and worked so much better with Microsoft's core office suite, that the results left DEC's "continuing innovation" on the scrap heap.

  4. Re:screen on Keep SSH Sessions Active, Or Reconnect? · · Score: 4, Informative

    The ability to read your sockets, directly, to steal the passphrase requires access during that action, with root privileges. It also requires a bit of programming knowledge. Conversely, the ssh-agent access merely requires stolen user level privileges at any time during the period that you have the agent loaded up. It's the difference between picking a lock, and looking under the doormat for the key the owner left there.

    A similar issue occurs with administratively privileged sessions without a screen locked, but this is exacerbated by the casual handling of $HOME contents in numerous working environments.

  5. Re:screen on Keep SSH Sessions Active, Or Reconnect? · · Score: 4, Insightful

    ssh-agent is its own profound issue: by keeping the key unlocked in a format usable by other shells or software, it makes all your unlocked keys available to anyone who can gain access to the same server as you. This means that I, as an admin, can probably borrow the ssh keys of anyone I've educated in how to use ssh-agent on any of my systems.

    Isn't that _convenient_ for me?

  6. Re:Terminology ? on Laser Fusion Passes Major Hurdle · · Score: 1

    You _are_ kidding. That "no problems in scaling it up" is the classic sort of hand-waving we've been seeing for flying cars, artificial intelligence, speech recognition, the cure for cancer, and the three-body problem for many years now. The problems may not be "known to be insurmountable", but almost none of them have actually been solved. Even simple problems such as "where are you going to get the tritium for the few fusion reactions that have worked"? The entire US supply is currently less than 100 kilograms. It's normally obtained from fusion reactors: so the "scaling up" will have to include a massive build-out of fusion plants, to supply the tritium for the fusion reactors. If you've got that many fusion plants, why would you _bother_ building far more difficult to design and far less efficient fusion reactors?

  7. Re:Why a complicated transmitter/receiver combo? on Gun With Wireless Arming Signal Goes On Sale Soon · · Score: 2, Interesting

    No. Fingerprint scanners are not reliable, and would be useless if you're wearing gloves.

    I can actually see this for crowd control weapons, hostage negotiations, and other law enforcement firearms, where the gun would be activated as the officer goes on duty much as they'd release the safety when drawing their weapon.

  8. Re:Works both ways on Getting Company Owners To Follow Their Own Rules? · · Score: 1

    This is not completely true. I've seen workplaces that stank have their recruits turned away by the word-of-mouth that is passed around the industry. It's also been a while since I went looking for work. Thank heavens: I'm appreciated where I am. But I _did_ go looking for other staff and former staff when I was hired, and heard some things that troubled me and which I did make sure I was cautious of when I started. (I've outlasted the troublesome manager I was warned of.)

    I also have recently had some fascinating conservations with recruiters and candidates for the very few positions we hired, and if possible, I found mutual contacts who could vouch for them, and vouch for my company to the candidate. A particular HR employee at a corporate partner, with whom I participated in interviews for a role interacting with my company, got extremely upset when they found out I was doing this: they wanted all the data channeled through them, ostensibly so they could "be sure to ask only legal questions", but really so that they could pick the candidates _they_ liked. This turned out to matter: I spiked their favorite candidate by speaking with several of their references, whom I happened to know, and finding out the candidate lied. Conversely, the candidate who eventually did get hired knew what to expect and what engineers to avoid for small tasks, and what kind of work hours to expect, and what crunch time was like, because they spoke with recent staffers, not just with HR.

    There was an attempt to write me up for interfering with that HR person's job: it led to a review of how their hiring policy worked, and revealed a lot of nonsense by the HR department in general, which then had 100% turnover that year.

  9. Re:There are different type of salts on Fertilizer Dump Spoils Intel's Pure Water · · Score: 1

    So they should have just sprayed a fine layer of Guinness? That would provide a nice thermal blanket for the roads, traction, and by the time the head forms you'd know it's time to spray again.

  10. Re:Not too surprising on Phone and Text Bans On Drivers Shown Ineffective · · Score: 1

    Sooner. "Cancer" describes dozens of distinct diseases with vastly different causes and behavior. Self-driving cars, while facing a variety of obstacles, are still a better defined and tractable problem in sensors, standards, and control.

  11. Re:Compliance Rates & Hands-Free Use on Phone and Text Bans On Drivers Shown Ineffective · · Score: 2, Insightful

    You chose a terrible example. Greg is physically gifted, but he's already demonstrated his ability to endanger people's lives, including his own, by stupid behavior. Namely, he contracted AIDS by having unsafe sex.

    Don't encourage people to think that their special gifts make them immune from accidents and that they can therefore take extra risks: a car can easily kill as many people as an unwrapped penis, and the people it kills are far more likely to be completely innocent of stupid behavior themselves.

  12. Re:Compliance Rates & Hands-Free Use on Phone and Text Bans On Drivers Shown Ineffective · · Score: 1

    This is "proven"? Oh, please. While someone who's smart and alert may be able to handle more distraction than someone who's nearsighted and feeble, that distraction _still increases their risks_ for whoever it happens to.

    Go to a busy intersection where children cross the street in the morning. (I was just watching one this morning, parked nearby and sipping coffee while I waited to give someone a ride.) The behavior of drivers on the cell phone, with or without an earpiece, when the crossing guard stepped out to to stop traffic was _amazingly_ bad, compared to drivers who had their hands free and who weren't moving their lips to some unseen conversation.

    Get a cup of coffee and a notepad, perhaps with some binoculars to verify that drivers don't have earbuds in use. Watch and learn what "some people can handle".

  13. Re:Did the submitter do their research at all? on Seinfeld's Good Samaritan Law Now Reality? · · Score: 2, Interesting

    No, Seinfeld was a _comedy_, making this thing called a _joke_, especially about New Yorkers and their cavalier attitudes about witnessing crime. Some of us are old enough to remember the Kitty Genovese case, before the Watchmen stories mentioned it. The ludicrous nature of the law was supposed to make it funny.

    In real life, one compelling reason for Good Samaritan laws is so that skilled people such as doctors and police, when off-duty, get legal protection from civil suits for providing aid. They can point to the law and say "I was compelled to help" rather than face liability for volunteering, especially for medical staff who may be sued for malpractice and whose insurance companies may attempt to weasel out of liability for such "volunteer" work.

    I'm glad to say I learned to help out in such situations a long time ago: it's not always been successful, but at least I can say "I tried". It seems to be common among freeware advocates that we help out strangers when we can: I just wish more of us were more practical about it. Writing a new GUI is good: investing in some tools and time and materials and working at "Bikes not Bombs" is even better.

  14. Re:backbone intercept on 80% of Cell Phone Encryption Solutions Insecure · · Score: 1

    That seeems nonsensical. Each phone has both input (at the microphone) and output (at the speaker), so it certainly has access to unencrypted access to both sides of the phone call.

    The trivial backdoors for the NSA would seem to be in the server rooms, not the phones themselves, and have been for years as demonstrated by the AT&T fiber-optic taps.

  15. Re:Simpsons Already Did It! on Man in Court Over Simpsons Porn · · Score: 1

    Or on women who've had kids, or are old enough to have kids. The fascination with small breasts is often related to the eroticization of children, particularly of girls too young to have had previous sexual partners, and who are thus "innocent".

    Think I'm kidding? Go take a look at the Sailor Moon fan club.

  16. Re:An on Scientology Attacker Will Be Sentenced To Jail · · Score: 2, Insightful

    He's not a good guy. He's ruining other people's properties to achieve a political purpose.

    The people running www.xenu.net, which documents the cult's criminal behavior in candid detail, or who published "The Scandal of Scientology" or "A Piece of Blue Sky", now _they_ are good guys.

  17. Re:Steam and Electronic Arts on Game Distribution Platforms Becoming Annoyingly Common · · Score: 1

    Getting patches online was often _painful_ before Steam. Try finding the patches for Knights of the Old Republic, for example, or for Half-Life itself. Installing and uninstalling at will, especially migrating to other systems, could often be amazingly painful. And that "if you had media" is, in fact, as problem. Digging into my pile of old games to find my old flippies for X-Com: UFO Defense is unreasonably difficult, but now I can get it on Steam for $5, and it's mine as long as Steam lasts (which seems to be a reasonable bet), and I can play it on platforms the original would never have supported (such as 64-bit Vista). And the complete X-Com pack is $15, for all the X-Com games. That's pretty reasonable.

    Half-Life 2, on the other hand, is a very expensive, powerful game that takes a large amount of bandwidth and is likely to take a lot of server bandwidth going forward with the various mods in play. And it's $20, which is at least a match with current gamestore prices, and it's always available for download. That's also pretty reasonable.

  18. Re:Steam and Electronic Arts on Game Distribution Platforms Becoming Annoyingly Common · · Score: 3, Insightful

    Steam usually operates fine in off-line mode for single player games. And the trade-off of getting integral patch updates, being able to delete and restore a game at will, the low cost of downloadable games (especially ancient ones) and being able to transfer games to another client without media are all big advantages for most players. They seem well worth the risk of losing the Steam servers.

  19. Re:Explain what can happen on Getting Company Owners To Follow Their Own Rules? · · Score: 5, Informative

    Oh, dear, yes. The "unemployment ballet" is nasty. A professional bureaucrat that wants to fire you will record every misstep, collect them into a file, give you a "warning" and a "recovery plan", then do everything bureaucratically possible to poison your work. Simple shock and disbelief at how ridiculous the recorded "violations" are will not save you. You need a thick folder with documented mis-steps, preferably by the bureaucrat trying to fire you, with it all documented. Sign _nothing_ that admits wrong-doing if you can avoid it: make sure that you have counterletters recorded, and get copies of everything.

    And start looking for new work if this is going on. I've had this happen, where a senior supervisor blamed the engineers for his laptop problems when he absolutely refused to swap it or surrender it for recovery, always had his disk overflowing, refused to patch, etc. He just wanted us to "fix it!" when it broke.

  20. Re:Ill bet this will happen on IPv4 Free Pool Drops Below 10%, 1.0.0.0/8 Allocated · · Score: 1

    You mean something that blocks incoming connections that you don't want, and only exposes a small number of designated services that take actual effort to open up for incoming traffic, and which forces you to think about what ports for what services to what target you open up, and that even blocks everything incoming by default? That's over half the job of a firewall right there, configured in a far safer fashion than a lot of new admins would do.

  21. Re:Ill bet this will happen on IPv4 Free Pool Drops Below 10%, 1.0.0.0/8 Allocated · · Score: 1

    I would. Taking away all that externally visible address space and routing it through a small DMZ, or a decent load balancer, is a huge security benefit. Many sensible security engineers _do not want_ their internal IP addresses visible outside. Once you've accepted that as a policy, most of the need for IPv6 evaporates.

  22. Re:Ill bet this will happen on IPv4 Free Pool Drops Below 10%, 1.0.0.0/8 Allocated · · Score: 0, Troll

    Google search it. Seriously, there are plenty of good papers on this, including modest papers such as http://www.infosecwriters.com/text_resources/pdf/IPv6_SSotillo.pdf.

    The big problem is one of change: many people _do not_ properly integrate services into their networks, but instead leave themselves wide open to external and internal scanning of various sorts. The "mobile" aspects of IPv6 encourage "mobile" nodes which may be very poorly secured, and from personal experience have been.

    The fragility of IPv6 in production is usually associated, from personal experience, with older operating systems and hardware. Some instances of it that I've seen are, unfortunately, under NDA. But others include the integration of ancient, older, even virtualized core software into a contemporary IPv4/IPv6 capable environment, and it's repeatedly broken software that I've had to backport.

  23. Re:Ill bet this will happen on IPv4 Free Pool Drops Below 10%, 1.0.0.0/8 Allocated · · Score: -1, Troll

    The timelines have been sheerest nonsense. The use of NAT, and of load-balancers, has heavily reduced the need for IPv4 address space. In fact, it's often helpful in security terms to NAT a local network away from other networks and reduce the potential for unmanaged traffic: it's even extremely helpful in blocking a lot of idiot home users from running classic SMTP, HTTP, and IRC servers without paying server-based fees.

    IPv6, on the other hand, has repeatedly proven itself fragile in production use, incompatible with critical older servers, and a genuine security issue with its tendency to advertise its hosts very broadly and act in a much more "mobile" fashion. This mobility is, in and of itself, a profound security issue. Many of these issues can be addressed with thoughtful configuration, but so far, I'm not seeing it in practice.

  24. Re:Shhhh! on Claims of Himalayan Glacier Disaster Melt Away · · Score: 0, Troll

    I'm saying that a Daily Mail "quote" is no more reliable than Fox News. Go look at their website for examples of the poor quality of their reporting, then look at the quote and see just how badly it could have been misrecorded or twisted by the Daily Mail writer.

  25. Re:Increases Fraud on Why the IRS Should Automatically Fill In Returns With What It Knows · · Score: 1

    So does your spouse, anyone who can guess your passwords, anyone who's root-kitted your PC, etc. Securing such privileged data is a big problem.