Slashdot Mirror


User: s.petry

s.petry's activity in the archive.

Stories
0
Comments
6,967
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,967

  1. Broken thinking on Ask Slashdot: Can a Felon Work In IT? · · Score: 1

    I'm not a feminist, nor am a a misogynist. I have no problem attacking either when necessary, and in this case your claim is absolutely false.

    The reason a person who has committed adultery can't get a clearance (or at least has a greatly reduced chance) is that it demonstrates dishonesty and disloyalty. A women guilty of cheating on her husband would have the same issues, so there is no gender bias.

    In all cases, assuming you are completely honest with investigators you might still possibly get a clearance.

  2. Ahh fuck, the ole "it's too hard" line again... on Ask Slashdot: Convincing My Company To Stop Using Passwords? · · Score: 1

    No, it's not too hard. I'm really sorry that you can't figure out how to train users on how to use strong passwords, but this is not an overly complex thing to do. It does take persistent training because nobody walking into the company will have received such training but passwords are not "bad" or "too hard".

    14 years ago I implemented a full Unix based LDAP system enforcing complex passwords with aging, history, and controls on admins that could change passwords without being "Directory Admin". I have since set up and run this system at numerous other companies. Linux used to suck a bit at it's PAM LDAP configurations, but today it's not so bad.

    Around the same time, I developed some methods for users to generate "STRONG" passwords with reasonable lengths. I still teach these today, and amazingly we use passwords very effectively. No, you don't pay me so can't have my methods. I'm telling you it's possible if you actually stop and do the work.

    2FA is still going to require a password for any reasonable system. If you go with the average 4 digit pin shame on you, but many people seem to believe this is protection somehow and better than a strong password.

    Certainly I'm not against 2FA, nor even 3FA and locks on doors. I'm against it for the common user because it does not save anything and adds a huge amount of overhead and work to reissue all the devices to users constantly. If you are in a small shop, maybe not a big deal but in a company of reasonable size it's a full time job just dealing with the Token/Badge/Whatever you have for the 2nd factor.

  3. Except it's not just about marketing, it's also about influence and control of agencies over every aspect of your life. Think of all the doors this opens for control. Example: You can use a web cam to see the contents of your Fridge to know what to order. Someone else wishing to portray you as an alcoholic can look in your fridge and see you have beer and use this for evidence (even if it's not true), and the now mandated Government Health insurance can use the contents of your fridge to deny payments due to your diet.

    Oh I know, that would never happen in the USA where we have already seen internet communications hijacked by governments and mega-corporations right?

  4. Who said it "started" with Stuxnet? on Iranian Hackers Compromised Airlines, Critical Infrastructure Companies · · Score: 4, Insightful

    Stuxnet/Duqu/FLAME and several other exploits were easily tracked to US 3 letter agencies and Israel. Stuxnet was the first Virus created by Government agencies (from any country) specifically intended to cause physical damage, not just perform non-destructive information gathering. Any idiot looking at the facts can make this determination.

    Lets not neglect the fact that the US sponsors the largest group of black hat hackers in the world and claims "national security" when people complain about being hacked by them. I'm not talking about the porn spammers like we see out of Russia, I'm talking about people who actually cause physical, social, and financial damage to anyone and everyone including our "Allies".

    Now compare what the NSA has done with what these "evil Iranian terrorist haxxors" did in terms of damage. There is no evidence that they did really anything except prove that they can behave like script kiddies. They stole a few files and some personal information, but this is what spear phishing does all the time and with much greater success than this group's 50 companies in a few years time frame. There is no evidence that they damaged anything at all, just a wild speculation which reads like typical fear mongering.

    Before you ask for a citation, I'll simply point you to everything Snowden leaked. Not that empirical evidence is of any interest to you or anything...

  5. Remove != Improve on Microsoft's Age-Old Image Library 'Clip Art' Is No More · · Score: 1, Interesting

    You could already insert images into documents, so your statement is a fabrication. This removes an internal set of images which allowed you to insert images without an internet connection. This is not an improvement as you claim, because this simply removes a feature and does not add anything.

    The library has been hidden from users for a while, so it's not a shock that people don't use it as often today. Having the product depend on their search engine seems like another anti-trust case waiting to happen.

  6. Welcome back to the Dark Ages on UK Police To Publicly Shame Drunk Drivers On Twitter This Christmas · · Score: 1

    This seems to be the modern version of the Stocks. Public shame and display of those people daring to break the law. In the US at least, this should be considered cruel and inhumane punishment. Though it would take a decade to see the light of day in court, and yeah people back then didn't want to do away with the stockades either.

    Does the UK have any laws regarding overly cruel punishment?

    Sure, arrest records are publicly records but not normally without a request (I.E. Not posted on a public facing web site until a conviction) at least in the US. A few counties in the US that have similar policies regarding putting mug shots for arrests on web sites may be under scrutiny for cruel punishment soon (my hope at least), primarily due to people taking advantage of the data.

  7. Re:Definition - "Microaggression" on Interviews: Adora Svitak Answers Your Questions · · Score: 1

    Ah, but now I learned that I have to phrase my questions in the USA more carefully if I see a very white woman with very black curly hair and black eyes: 'where are you from?' might be considerd an insult by her ... (*facepalm*)

    What hits media as this bullshit "microaggression" is not something most people abide by, so don't worry.

    As I said (and you agreed with), the question is not offensive on its own. If you were to ask conversationally "Where are you from?" most people would recognize that and answer "My family is from Cambodia." or "My parents were from India" even though they themselves are American and are not offended. Luckily the people that invent these terms and ridiculous claim regarding a simple question are not the normal.

    Guten Abend!

  8. Re:What kind of a "study" is this? on In UK Study, Girls Best Boys At Making Computer Games · · Score: 1

    You are somehow conflating more triggers with a "richer experience". More triggers has no meaning, because it is the implementation that counts. Take the Tomb Raider games as examples of each (simple, nagging, poor, or overly complex). Some of those games were good and others were extremely frustrating and poorly received.

    The results I don't disagree with, it's the measure that I question for TFA's claim of "girls are better programmers".

  9. Re:Definition - "Microaggression" on Interviews: Adora Svitak Answers Your Questions · · Score: 1

    I agree, but the answer is in this case to address the disrespect not the question itself. Saying "Good Morning" can be done in a tone that is rude and dismissive, but we don't attempt to ban the phrase because people can use terminology to be offensive. People will use any and all terminology to be offensive if that's their goal.

  10. Definition - "Microaggression" on Interviews: Adora Svitak Answers Your Questions · · Score: 2

    The current politically correct method of declaring something politically incorrect.

    "Where are you from?" is normally a question associated with getting to know someone. It's a conversation starter, not a personal attack on it's own. Today, you can't even ask the question and be politically correct. Sad state of affairs.

  11. Re:A feature of Western *democracy*? on Probe Into NSA Activity Reveals Germany Spying On Germans · · Score: 2

    You are leaving out the collusion that all these Western "Democracies" have. The US's NSA provided data to UK's GCHQ and Germany's BND when they wanted it, and exchange each of those agencies provided data to the NSA that they wanted. In some cases they could not acquire data legally, so they intentionally circumvented the law by making these back room deals. I'd not take issue if this was against China or Russia who are traditionally enemies of the "West", they did this against normal Joe Shmoes in their own damn country.

    Each of these countries has used the data for illegal means, such as shutting down free speech and rights to assemble. For example the US used this data to shut down groups like OWS, and the BND has used this data to shut down anti-NSA protests in Germany just last year. Each country has claimed rights to this data due to "OMFG Teh Terrorists!!1!!!" but none of them have used this data to our knowledge to catch a single terrorist or stop a single terrorist act.

    As someone mentions above, the way to start forcing changes is to pull everyone from the chains of approval and start prosecuting. Offer whistle blower protection for people that were not the decision makers. Law makers may need to do some tuning, but that should not prevent action to stop the behavior.

  12. Re:What kind of a "study" is this? on In UK Study, Girls Best Boys At Making Computer Games · · Score: 1

    As GP stated, "better" is a relative term and without context I can't provide an opinion on who's game I would like better. Complexity on it's own is not a measure. I have a few points of disagreement with your statements.

    For some reason, the boys only used the 1st trigger and the result was a stereotypical "prompt/respond" roleplaying game.

    Stereotypical RPG isn't bad on it's own. What experience did the kids have with RPGs and were they told to design like their favorite?

    Using the other triggers would provide a less stereotypical experience.

    It could also make for a boring game. Context is critical, because puzzles are not the same as nagging dialogue (and we have all seen both).

    Not sure why all the girls did well and all the boys did badly. That seems off.

    The whole article reads like a pro-feminism bias article, not an unbiased piece. Look at some of the other claims in the article, such as women playing more video games than men based on cell phone downloads. And even a mention of Gamergate and a victims name, with the slant that claims it's only misogyny.

  13. Re:How about transfer rate and reliability? on Consortium Roadmap Shows 100TB Hard Drives Possible By 2025 · · Score: 1

    Some people like to save their pr0n for watching later

  14. Re:A probing question on Ask Slashdot: Best Biometric Authentication System? · · Score: 1

    Well, I would surely shit myself if I was told that I had to jab my finger with a lance every time I needed to log in...

  15. Bad advice on Ask Slashdot: Best Biometric Authentication System? · · Score: 1

    I don't agree with any kind of single Auth mechanism even inside the network, except for personal workstations. A single keylogger on a compromised machine can ruin your business pretty quickly this way, and it has happen(s|ed) often enough that people should know better by now. Maybe 1FA on your workstation, but any server access should be 2FA all the time regardless of your location and connection type. At least as important, if you are using 1FA for a workstation the LDAP infrastructure should be completely separate from your server's LDAP infrastructure.

    That said, I would only use Biometrics as a 3rd factor unless you are dumping millions into the technology, monitoring, and maintenance. Even in Government work you won't find too much for biometric authentication. Retina scans can be spoofed with a photo, fingerprints can be lifted and spoofed (not enough data points to be accurate) even with some very expensive hardware, etc... "Normal" security is a strong password (with some strict rules) plus RSA like tokens. Even high end security uses controlled equipment in a secure location with at least 3 different lock mechanisms on the door as the primary control. Once inside, you will still normally find 2 factor Auth (depending on the classification).

    Biometrics has a cool factor, but not a very good authentication system without pumping lots of money into it.

  16. Re:Flip Argument on Officer Not Charged In Michael Brown Shooting · · Score: 1

    Huh? No. I just think it is clear what I meant from context and don't see the point of you picking it out other than being pedantic.

    You claimed that the cop would be a scapegoat if the Grand Jury returned a verdict that he could be charged. It does not take a lawyer to figure out that this does not imply guilt, nor does it imply what charge a prosecutor would decide to file. It is impossible that the Grand Jury decision makes anyone a scape goat, a full trial would have to occur after that decision for what ever charges the prosecutor decided to file.

    I'll grant you that I _COULD_ go out and educate myself enough not to sound like a wannabe on topics such as grand jury investigations, forensics, and autopsies. I have not done so, and do not intend to do so for the purpose of a Slashdot discussion. My "state of mind" is called "humility". It's the same reason I don't levy half-assed criticism a bunch of people who have spent their entire lives creating climate models.

    Yet you are defending the current decision as if you already knew all of this information, so the appeal to authority appears to be only a matter of convenience.

    I was referring specifically to your claim that "Police violence against civilians has escalated, not the other way around."

    I gave the information, you will need to do the homework.

    That does not accurately describe my postilion. Action is important, but it has to be the right kind of action. Anarchy in particular is the wrong kind of action.

    Holding a person accountable for their actions is the absolute opposite of anarchy.

  17. Re:Flip Argument on Officer Not Charged In Michael Brown Shooting · · Score: 1

    ...some non-specific charge that you believe they missed.

    The charge of excessive force is absolutely specific. It is not only missed here, but in every grand jury trial in the last few decades. I already covered some of the "why" it is missed, and rough statistics to back "that" it is missed. Go back and re-read what I wrote, and if you don't like the statistic the show I heard that on was 910AM SF, Gil Gross, and he was pulling data from the US DOJ for the topic (between 5:30-6:05PM 11/25/14).

    I'm not a lawyer so to me the difference between "charge" and "indict" is not very significant to our discussion. If you want a pedantic discussion then you are probably engaged with the wrong guy.

    Why do you continually claim that you need to be in a specific profession to be able to read, comprehend, and make decisions? Here you imply that you need to be a Lawyer to figure two dictionary words. Previously you stated that can't read and understand testimony unless you are a lawyer, and that you can't understand forensics without being a forensic scientist. I honestly don't understand that frame of mind. I see it as a repeated appeal to authority and not a rational defense for your position.

    You can read what grand juries do here. I should not have to also provide the definitions for indict and charge. It is prudent to the discussion since you keep claiming that "we are throwing him under the bus", further claiming we can't hold an individual accountable for individual actions.

    Where did you see those numbers?

    Pick a topic and search for it. http://www.prisonpolicy.org/gr... was the first link when searching for "incarceration by race", but militarization and psychological profiling for police officers were linked way up in the thread. I don't normally trust one places statistics, but these can usually be corroborated with various other agencies such as US Census, US DOJ, DEA, etc..

    Yes, I think we agree on the ends but not the means.

    I wish history backed your theory of change without action, but I can't find any history to back it. Corruption will not just get up and walk away happy, never has and never will.

  18. Re:Flip Argument on Officer Not Charged In Michael Brown Shooting · · Score: 1

    You overlook the possibility that it might be perfectly legal to run down a suspect and shoot them if they become aggressive. In other words, you might find that the officer was 100% at fault here, but still acted completely lawfully.

    I did not overlook this at all, you are inventing something that never happened to continue your belief.

    No. I'm arguing that if you can't even get the grand jury to charge the man, you have absolutely no hope of convicting him in a criminal court.

    The grand jury does not charge a man, sorry. You need to do some homework on what a Grand Jury is responsible for and what their role is.

    I still don't think it is worth throwing the officer under the bus to achieve the systemic change.

    Holding someone accountable for their actions is not throwing him under the bus, stop repeating this same untrue statement in various forms. Nobody forced the officer to chase down and fire bullets into the guy. The first and probably the second are not being questioned. Perhaps even three we can say was justifiable defense. The remaining 9-10 bullets are the excessive force, and pretty obvious excessive force which you seemed to agree with above. This is amplified in his interview yesterday where he says flat out "he was a very large black guy and I was in fear" followed by "I felt it was my duty to chase and keep firing at him" (those are rough quotes, not verbose but you can check their validity).

    History also shows that we are moving in a general direction towards better rights for minorities. Maybe it won't be this event - the rioting and unsympathetic victim makes it hard for Obama to find political cover. But I'm optimistic that eventually police departments will be reformed.

    Only if you are cherry pick. Police violence against civilians has escalated, not the other way around.. and yes most of this violent behavior is against minorities. Compare the amount of minorities in the criminal justice system to whites and you see a huge disparity. Compare economic opportunity between cultures, etc... Sure, some of the problems are self generated but not all of them and not even most of them.

    For posterity, I don't support either end of the extreme. The cop in this case was not angelic, and the crowds are not altruistic. If you study Hegalian dialectic, the reason for these things is obvious.

  19. Re: Ob on The Schizophrenic Programmer Who Built an OS To Talk To God · · Score: 1

    this one explains that portion of the etymology as well, but thanks for the info! Funny how this comment, which I thought was obviously poking fun at a mistake due to the TSR reference, has turned into being stalked and trolled by what appears to be GPs sock puppets.

  20. Re:Flip Argument on Officer Not Charged In Michael Brown Shooting · · Score: 1

    I'm not a lawyer, so you are getting way beyond me. I think focusing on the individuals in this case misses the point completely.

    I don't believe you need to be a lawyer to see that you are incorrect in your opinion. Let me present why I believe this way, feel free to correct the logic if you believe I am incorrect.

    1. The individual took an action and is responsible for their action. There are no reports that indicate that anyone from his department ordered him to chase and shoot an unarmed suspect. The only case that could possibly be presented is the officer's action.
    a. Was training, department policy, culture, or other factors are involved in the officer's decision?
    i. If yes, change in the factors involved should occur (revamp training, counseling to change culture, etc... (would most likely result in charges being dropped against the officer.)
    ii. If "no", the officer should be charged with some criminal offense.
    2. If the officer had received orders we would loop back to the first item with the issuing officer on the hook, but that did not happen so we can not argue that case.

    Where we seem to have a disconnect is that you appear to assume that if an officer is charged, he is automatically guilty of the charge. The purpose of the grand jury is not to determine guilt or innocence, it's to issue a finding for whether or not the officer can face charges and define what the officer can be charged with. (Interestingly, Federal grand juries return 99.9% of the time for some charges to proceed while all other Law enforcement agencies return less than .1% to proceed with some charge.

    In cases where there are institutional problems which were impacting to an event, charges are generally dropped against individuals and moved to the institutions (this is how the legal process works). Institutions fight hard to prevent that from happening, because this places them in civil liability for wrong doing.

    In other words, with no charges filed against the officer there will be no action, no change, business as usual. No determination will, or can, be made as to whether or not institutional problems resulted in the officer actions. The next time a cop feels it's his duty to gun down a suspect we will be back to the same arguments. We have effectively changed nothing and blocked dialogue because of the grand jury decision.

    Claiming that the DOJ is going to take any action after the fact runs contrary to nearly all history (including recent history). Nothing is impossible, but history demonstrates that unless there is incentive to make change it won't happen.

  21. Re: Ob on The Schizophrenic Programmer Who Built an OS To Talk To God · · Score: 1

    "Older"? How about "only" spelling, when dealing with a computer program (primarily in Unix systems) as was referenced. The word has a meaning going pretty far back, but has never changed. https://kb.iu.edu/d/aiau>Daemon stands for Disk and Execution Monitor.

    A daemon is a long-running background process that answers requests for services. The term originated with Unix, but most operating systems use daemons in some form or another. In Unix, the names of daemons conventionally end in "d". Some examples include inetd, httpd, nfsd, sshd, named, and lpd.

  22. Re:Shyeah, right. on Is LTO Tape On Its Way Out? · · Score: 1

    I didn't miss the point at all. The economics of tape backup has _never_ favored home users over businesses. Tapes have never been that expensive, but the drives are a huge amount of capital.

    I think you missed my point regarding VTL though, which is that multi-site replication of virtual tapes is subject to the same issues of corruption as replicated volumes, or any other backup file format that remains only on disk. For economics, we have moved some of our backups to VTL but these are the convenience backups and not our data that needs real DR (long retention and guaranteed data integrity).

  23. Re:Fuck That Shit on The People Who Are Branding Vulnerabilities · · Score: 1

    The people doing the branding of these things are often vultures trying to scavenge money. (You could say garnering reputation, but the ultimate purpose is identical). Media latches on to anything that sounds catchy and pushes today's agenda. Fear mongering is a good thing to the authoritarians who offer us a rescue from the bogey man at every turn.

    We had the one guy this year claiming to have billions of email addresses and passwords he "stole" acquired from "Russian Hackers!!!11!!!ONE!!". To see if you were on the list you had to PAY HIM MONEY, in addition to providing him your credentials! Some of the vulnerabilities were valid and long overdue in terms of needing a fix, but others were mostly noise like the Bash scare.

    IT pros need to just boycott these people trying to maximize personal profit from a vulnerability. Don't use the names these clowns assign to them, and treat the bugs and exploits for what they really are. Again, sometimes valid and sometimes not. I would have much rather seen people posting fixes and tests for the SSL heartbeat bug than read people bickering about who they thought was the most important person in the world for finding the bug, or who the worst developer in the world was for not implementing the fix.

    .

  24. Re:Shyeah, right. on Is LTO Tape On Its Way Out? · · Score: 1

    You're absolutely right. Just a few weeks ago I decided to look into backing up my home storage to tape.

    Do you really believe GP was talking about a home system with a few computers worth of data? Sorry, but you are not going to be lunking around HDs for backups after manually bar-coding, labeling, and cataloging them all for a decent sized business. LTO is surely not something a home user would find much benefit in, but on the business side there are numerous benefits. Lots of factors involved, but generally for even a small business it's worth the added data security even when it may not be required.

    In the business side, some executives likes to believe that copies of data in different Datacenters are all you need for DR. It's cheap! This works great until you have a replicated corruption that you can't recover from and lose years worth of data. VTL is an option, but it's expensive and not many people are using it. And You still have the same issue with corruption using VTL as you do with real data.

  25. Hell NO! and WTF is wrong with moderation lately? on Is LTO Tape On Its Way Out? · · Score: 1

    Hang on, I'll get to the mod comment in a moment. First things first, which is a complete line of crap if you are dealing with medium to large amounts of data in your DR plan and have a long term requirement for DR. Keep in mind that the person you are responding to is talking about long term DR strategy that dates back decades.

    I'm not sure which world you are living in where 10 year old hard drives require less space than LTO, but this is not physically possible. Are you trying to claim that you are using today's higher density drives through a time warp, or that you really have no experience with legacy system DR and are only working with current technology? No matter how you slice it you are dishonest, so let me go with the first assumption. SSDs were available about 10 years ago, but there is no way anyone in a production environment used them for more than testing or highly disposable purposes. The sizes back then were the same or less than SCSI (256GB in "production" drives), reliability was atrocious, and quite honestly we banned them during testing because they lasted days maximum in our high performance compute environment where they could have been the most beneficial. The footprints for the drives were exactly that of SCSI, which is about 4 times the area of an LTO tape. Data per cubic inch did not compare, and this is simple math to check.

    So maybe you are not referring to SSD, maybe you are referring to Spindled disks from 10 years ago? If that is the case, please explain to us how you are shipping boxes of HDs off to Iron Mountain for safe keeping and ensuring that the heads are not damaged?

    Next, you are not doing much in terms of mass data DR with hard drives no matter which HDs you are using. I can buy an IBM 35xx with 8-32 read/write heads and 256 cartridges in the chassis. I can pull out LTO1 tapes from 15 years ago and read them natively and I can read and write faster than any hard drive on the market. Doing this with hard drives you are going to have to go to Ebay and hope like hell you can buy a JBOD/DAS device compatible with your drives, then hope like hell you can figure out how to import the sets if you are using something like VFS/VCS and not standard LVM. Good grief, it's not "easier" or "faster" by any stretch of the imagination unless you are responsible for very little data. Generally the people using LTO are backing up a good amount of data on average. We have 28 Petabytes on line. Probably only 5-6 Petabytes are backed up regularly, but go ahead and try this on your "removable hard drive" backup strategy.

    In other words, the only way your arguments can be valid is if you are responsible for very little data or perhaps you really don't have to worry about DR as you originally claimed. Many of us deal with Government contracts that require full scale DR, and many large businesses have similar requirements, and thes requirements include retention of 7+ years.

    Not counting legacy systems, we have been migrating some data to multi-site DR (not full DR) to save money. Plucking hard drives is _still_ a horrible idea even given the higher density newer drives. Retention on a removable HD does not, and can not match the lifespan for an LTO tape which is designed specifically for a long lifespan.

    Now to the point about moderation. I pointed this out the other day in a submission and a thread, moderation has been absolutely wretched lately. Nothing against this guys post getting moderated "Interesting" because it should generate comments. The person he responded to receives NO moderation and should be moderated as "insightful" since he is obviously involved in large scale DR. A whopping 2 posts have been moderated in this thread, and one contains wrong information for anyone curious about large scale DR.

    It's not the incorrect posts being moderate that's the problem, it's the lack of moderation on posts correcting bad information.. and the lack of moderation overall in the last week or so that is the problem. For the last week moderation has amounted to an explicit bias, of no benefit or incentive for progressive dialogue (which is the whole goddamn point of the moderation system).