38 posts • joined 31 Jul 2007
Not enabled by default
The auth-user-pass-verify option is not used by default. It is something you would need to configure. Not only that, but it has two different 'modes'. You can either pass the credentials via an environment variable, or via a temporary file. The docs have always indicated the security issues with these approaches. I'm not sure if the 'by temp file' way also sets environment variables to the shell anyway.
e.g. we use it to pass the username/password to a small python script to check the details against a RADIUS database. We use OpenBSD though, so it's a moot point anyway.
Don't you remember when Amazon first started? Buy a book online?! wtf are you smoking?! Why the hell would someone buy a *book* from an 'online bookstore'? It seemed like a completely insane idea at the time. Yet I know from looking at the pile of Amazon branded boxes sat outside our house on recycling day how much they have changed our lives. So delivery by drones? Why not. If anyone can, I'd imagine Amazon could.
Same with VPNs
I'm forced to use a Java applet based VPN for a client. Had same issue this week. Browser updated Java version and suddenly VPN stopped and no work could be done. :(
"Apple could do that, as part of the production process, but has shown no inclination to do so."
Or they have, but are off by 5 degrees.
Wonder how this affects the likes of Crypho.com. They do end-to-end client-side crypto in their chat/file transfer system. Hosted in Norway, so at least a bit further away from the clutches of the govt of the 'land of the free'.
And if you look at the University of Bristol 'leak' all they have is the schema for a database in the Geology dept detailing dinosaur species.
Re: What's so special about software???
The difference being that when Toyota stopped manufacturing your car there were no doubt dozens of other companies out there still producing pattern and OEM parts for it for as long as the demand was there. You will find owners groups online with workshop manuals and peer support. You will find Haynes manuals, you will find youtube videos from enthusiasts.
Alas, this is changing as the automotive world gets more and more proprietary and relies more on proprietary tools and software in their vehicles to lock you into their way of doing things and only using their authorised suppliers.
With software in this case they are shipping compiled binaries. There is no source code, their is no 3rd party support groups. This is why it is so important the the NHS move more to Open Source software as it will help protect them from risks such as shown here.
Re: re. Matt Hamilton picture
No, I'm afraid there was no grand piano of pianists in that photo and it was just a boat being launched on the beach.
Re: You bastards.
I have to give my wife credit for adding black pudding to the sarnie. But my god it was delicious. It was black pudding from some little town in mid-wales... best I've ever had. Need to try and work out where it was!
History of OSS at Moorfields
Glad to see Moorfields continuing their use of OSS software. They moved to Zope for their public website about a decade ago and still using it to this day. Good to see OSS getting more recognition within actual processes within the NHS. There is quite a few case studies worldwide of using Open Source Software in this way in which one dept produces something and then others adopt it. This is really where the cost savings can be had, and you don't end up beholden to a single supplier.
Re: Probably debug logs
Then just use a hash of the UDID and not the UDID itself.
Just use multiple DNS servers?
This thing no-one has yet to point out is that the DNS system is already more than capable of dealing with attacks like this. It already has redundancy in place. You need to have at least 2 DNS servers for each domain. Just put those two DNS servers on different networks. Ie. have one with Go Daddy and one with someone else.
Why does no-one do this?
1) Cost. You no doubt will end up paying twice and everyone is a skinflint
2) Management. Any DNS changes will need to be made in more than one place in more than one interface on more than one system.
Alas there isn't really a secure, trusted, usable standard around for passing DNS zone information from one DNS server to another. No, zone transfers don't count.
An extra second?
Seems NASA get an extra second more than the rest of us. Watch the timeline in the video player. It goes 5:58... 5:59... 5:60.... 6:00.... 6:01
Them boffins are clever!
Meanwhile, I confess that I visited the well-known Daily Mail website last night, and was "appalled" by what I found there.
And Usain Bolt was seen wandering around shiftily in the vicinity wearing a false beard and a pair of RJ45 crimpers.
SSL / IMAP?
Umm... we have exactly that on our iPhones. It's called IMAP over SSL. Been around for ages. Its a standard, its cross platform. What more do you want? It syncs with my desktop mail client. Its hosted on a server sat next to me.
Biker gang? A bunch of 16 year old chavs on scooters is hardly Sons of Anarchy!
Is it just me or did it actually *miss* the truck at 1:00?
OMG... works on El Reg too!
We are all dooooomed!
So some new developer found the sleep(0.01) code they put in a decade ago when they found out that the new servers were running their code too fast and they got race conditions ;)
FreeBSD and Plone as two counter-examples
The two main Open Source projects I have direct experience with are the FreeBSD operating system and the Plone content management system. Neither of which are directly linked to large corporate interests.
For example Plone has over 300 core committers, and whilst many of them work for institutions and companies that may pay their wage to develop the features they need, the majority of the community is either sole developers or small development companies that directly develop the software in order to better it and serve their customers. None of this is done with the 'support' of proprietary license fees.
Matt, you came from Alfresco recently, so I guess your view might be different. 90% of Alfresco development is done by the employees of one single company, Alfresco itself. And it sells license fees to its 'commercial' version of its software... which in turn pays for the Open Source side of the development... but not all Open Source software is developed using that model.
Software is a Liability not an Asset
As told to me many years ago by Paul Everitt, then CEO of Zope Corporation:
"Software is a liability, not an asset".
(unless of course your sole business is actually developing software, but that is only a small minority of companies)
It amazed me working in a high street bank, just how much software they had written in house for general admin stuff (I'm not talking trading here, I'm talking general business process stuff). Most of it the orignal author had left and no-one knew how it worked. Yet at the same time they were vary wary of Open Source, as they thought it a risk... HELLO??!!
I managed to get them to at least switch to an Open Source content management system for their Intranet (Plone) but they still very much had the culture of keeping things under their belt. It wasn't the developers as such, but more the management. If anything was to be released outside the bank then they'd need to get their legal department to take a look at it (which invariable didn't know code from a cucumber) and so the process would just stall.
They in the end ended up with an internal fork and a lot more maintenance than they would have done had they been able to commit their work back to the main community and not have to maintain it all themselves.
Well it now no longer displays a competitor's logo on search results for our company, which was a bit of a snafu to start with.
Apple Powerbooks of past (1998) have had this feature too. The G3 Powerbooks used to have a hot swap bay that could take an extra battery, optical drive, zip drive, hard drive, etc.:
Acre feet? What's that in funbags?
I'm not sure they are 'PEFC' but Efoy has been selling fuel cells to the public for a number of years now - www.efoy.de.
As mentioned above, all the DAB radios seem to be retro styled and seem to be trying to win on style over substance. The bit I really don't understand is if DAB was meant to be so good, why sell a whole load of radios with just a single, mono, speaker? Stereo has been invented since the designs for those radios were first done way back when. I know that stereo speakers on such a small system might be a moot point, but all non-DAB units have stereo speakers.
Not to mention the fact that I'll have to pay £100 LEZ charge to drive to Heathrow airport in my campervan (my only vehicle). I think the irony there is lost on the planners. So others in the area that have older perfectly good campervans are being encouraged to buy a new vehicles... hrmm... very green.
Channel Tunnel @Ken
Just make sure you have Steven Segal on board!
This is what we did a few years back in Bristol for the Media industry - www.bmex.net basically we couldn't get what we wanted, at a price we wanted, so we clubbed together and get a bunch of fibre managed ethernet circuits and connected up our own network with our own kit. We all chucked some money in the hat and just did it. Ten years later and we have a meeting this week in which we might finally get the local bodies responsible for investment in the area to understand the value of supporting projects like this.
@Richard Austin (BioFuels)
I think the problem with using veg oil in mass production is that you would end up needing more space than we have available for the crops (I'm sure someone else will dig up the numbers). Also you displace food crop production, which is more valuable (us humans need energy too!). The cost of corn/wheat/etc has already been reported to be going up in South America due to North America's demand for it for ethanol production for vehicle fuel. The result is the cost of bread products in South America has gone up.
So its an object oriented database? Like many already out there. Like the Zope Object DB for instance -- you know, the one that has been out there in use for over a decade and is transactional etc. It has always amazed me why web developers insist on mapping *everything* to a RDBMS when what they are doing is rarely relational.
A lot have commented here on user-generated randomness. FreeBSD has for a long time had an 'entropy pool' which is 'stirred' but a number of IRQs. So things like disk controllers, and network controllers provide a fairly good source of randomness to help stir things up a bit.
"Well, here's a lesson to would be parents - name your child something obscure to avoid this happening!"
That is what the parents of Elmer Fudrucker did.... look what happened there!
The Anatomy of a Large-Scale Hypertextual Web Search Engine
Brin and Page's paper "The Anatomy of a Large-Scale Hypertextual Web Search Engine" was published in 1998, so a year after this patent was filed. This is the paper that talks about the notion of 'barrels', in which the index is effectively segmented. The idea being you can invert each index independently so you don't need a single machine with the memory/processor power to invert the whole index at once.
The side-effect of this is also that you can distribute your query across multiple servers too. So sounds like there could be a basis for the patent infringement. But 'backrub' as google used to be (backrub.standford.edu) was probabaly around before this patent.
Great, but still don't tell you the most useful thing...
The most useful thing that an analogue clock tells you and what *most* people want to know, is not how long *past* the hour it is, but how long *to* the next hour. ie. if you look at an analogue clock you can at a glance see how long you have until lunch/meeting/home/etc. With a digital watch you have to mentally work out how long you have.
I guess this goes back to looking at *why* people want to know the time. In most cases the fact is is 16:33 is not an answer unto itself, but really most people are asking a question eg. 'how long until X?' or 'how long since Y?' These questions are so much easier to answer looking at an analog face, and also allow the user to gain an arbitrary amount of precision as required ie 'roughly half an hour until lunch'.
But I have to say, those watches do have a certain geeky cool factor to them :D
From my experience of Plone (open source CMS) development sprints and conferences there is about a 50/50 mix of Mac and PC laptops. As Plone itself runs on Linux/Unix, MacOS and Windows, it is healthy to see a mix of development environments in use. I personally use a Macbook Pro for development, not so much for the OS itself, but for the whole package. It 'just works' and I like the unix-ness of the underneath (I cut my teeth on BSD) but with a good productivity layer on top. ie. I can switch between editing an image in photoshop, checking something into svn on the command line, compiling something, and viewing a MS Word doc from a client, all on the same machine. Yes, there are OSS variants of the productivity apps, but I'd rather spend my time developing the bit that puts bread on my table (Plone) rather than tinkering endlessly with the OS.
Or just not buy a new car....
Unless your car is a complete wreck, sticking with it, or buying a second hand car will ultimately be more environmentally friendly than the worlds car producers building yet another car.
- YARR! Pirates walk the plank: DMCA magnets sink in Google results
- Pics Whisper tracks its users. So we tracked down its LA office. This is what happened next
- Review Xperia Z3: Crikey, Sony – ANOTHER flagship phondleslab?
- OnePlus One cut-price Android phone on sale to all... for 1 HOUR
- UNIX greybeards threaten Debian fork over systemd plan