Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Crime

Ask Slashdot: Dealing With VoIP Fraud/Phishing Scams? 159

Posted by timothy
from the our-menu-options-have-recently-changed dept.
An anonymous reader writes I run the IT department for a medium-sized online retailer, and we own a set of marketing toll-free numbers that route to our VoIP system for sales. Yesterday we began receiving dozens and now hundreds of calls from non-customers claiming that we're calling out from our system and offering them $1 million in prizes and asking for their checking account details (a classic phishing scheme). After verifying that our own system wasn't compromised, we realized that someone was spoofing the Caller ID of our company on a local phone number, and then they were forwarding call-backs to their number to one of our 1-800 numbers. We contacted the registered provider of the scammer's phone number, Level3, but they haven't been able to resolve the issue yet and have left the number active (apparently one of their sub-carriers owns it). At this point, the malicious party is auto-dialing half of the phone book in the DC metro area and it's causing harm to our business reputation. Disabling our inbound 800 number isn't really possible due to the legitimate marketing traffic. Do you have any suggestions?
IT

Ask Slashdot: Who's the Doctors Without Borders of Technology? 112

Posted by timothy
from the trespassers-mostly dept.
danspalding writes I'm transitioning into full time tech work after 10 years in education. To that end, after years of tooling around with command line and vim, I'm starting a programming bootcamp in early December. I used to think I wanted to go into ed tech. But the more I think about it, the more I just want to contribute to the most important work I can using my new skills — mostly JavaScript (with a strong interest in graph databases). Ideally an organization that does bold, direct humanitarian work for the people who need it most. So where should I apply to work when I finish bootcamp next March? Who's the MSF of the tech world?
China

Ask Slashdot: Is Non-USB Flash Direct From China Safe? 178

Posted by timothy
from the ask-all-its-previous-partners dept.
Dishwasha (125561) writes I recently purchased a couple 128GB MicroSDXC card from a Chinese supplier via Alibaba at 1/5th the price of what is available in the US. I will be putting one in my phone and another in my laptop. A few days after purchased, it occurred to me there may be a potential risk with non-USB flash devices similar to USB firmware issues. Does anybody know if there are any known firmware issues with SD or other non-USB flash cards that could effectively allow a foreign seller/distributor to place malicious software on my Android phone or laptop simply on insertion of the device with autoplay turned off?
Network

Ask Slashdot: Getting Around Terrible Geolocation? 100

Posted by timothy
from the ok-but-does-this-get-you-irish-citizenship? dept.
First time accepted submitter AvitarX writes W3C has the IP address where I work as showing up in Ireland (we are in the USA). This is a nuisance for a lot of reasons (many dates now display in European format, prices are listed in euros, search results redirect to google.ie). Some of these issues can be worked around, but it's frustrating. I have searched as best as I can, and only can find information on the geolocation API in HTML5. The office is on a static IP address from Comcast. When I visit whatismyipaddress.com all info is correct except for W3C's result. I have submitted that it is inaccurate; is there anything else I can do? Googling, I have only managed to find usage examples for web developers/designers.
Network

Ask Slashdot: How To Unblock Email From My Comcast-Hosted Server? 405

Posted by timothy
from the why-not-hand-deliver-those-messages? dept.
New submitter hawkbug writes For the past 15 years, I have hosted my own email server at home and it's been pretty painless. I had always used a local Denver ISP on a single static IP. Approximately two years ago, I switched to a faster connection, which now is hosted on Comcast. They provide me 5 static IPs and much faster speeds. It's a business connection with no ports blocked, etc. It has been mostly fine these last two years, with the occasional outage due to typical Comcast issues. About two weeks ago, I came across a serious issue. The following email services started rejecting all email from my server: Hotmail, Yahoo, and Gmail. I checked, and my IP is not on any real time blacklists for spammers, and I don't have any security issues. My mail server is not set as an open relay, and I use SPF records and pass all SPF tests. It appears that all three of those major email services started rejecting email from me based on a single condition: Comcast. I can understand the desire to limit spam — but here is the big problem: I have no way to combat this. With Gmail, I can instruct users to flag my emails as "not spam" because the emails actually go through, but simply end up in the spam folder. Yahoo and Hotmail on the other hand, just flat out reject the traffic at lower level. They send rejection notices back to my server that contain "tips" on how to make sure I'm not an open relay, causing spam, etc. Since I am not doing any of those things, I would expect some sort of option to have my IP whitelisted or verified. However, I can not find a single option to do so. The part that bugs me is that this happened two weeks ago with multiple major email services. Obviously, they are getting anti-spam policies from a central location of some kind. I don't know where. If I did, I could possibly go after the source and try to get my IP whitelisted. When I ask my other tech friends what they would do, they simply suggest changing ISPs. Nobody likes Comcast, but I don't have a choice here. I'm two years into a three-year contract. So, moving is not an option. Is there anything I can do to remedy this situation?
Databases

Ask Slashdot: Choosing a Data Warehouse Server System? 147

Posted by timothy
from the index-cards-and-an-actual-warehouse dept.
New submitter puzzled_decoy writes The company I work has decided to get in on this "big data" thing. We are trying to find a good data warehouse system to host and run analytics on, you guessed it, a bunch of data. Right now we are looking into MSSQL, a company called Domo, and Oracle contacted us. Google BigQuery may be another option. At its core, we need to be able to query huge amounts of data in sometimes rather odd ways. We need a strong ETLlayer, and hopefully we can put some nice visual reporting service on top of wherever the data is stored. So, what is your experience with "big data" servers and services? What would you recommend, and what are the pitfalls you've encountered?
Power

Ask Slashdot: Minimizing Oil and Gas Dependency In a Central European City? 250

Posted by timothy
from the neighbor's-wifi-problem-solved dept.
An anonymous reader writes I live in a big city in central Europe. As most of you know from recent news, most of Europe's (and quite a bit of China's) gas supply comes from Russia and is very likely to be cut off several times during the next few winters (China's time will come in later years). What many might not know is that not just our natural gas supply, but also our petrol ('gas' for the Americans in the audience) often comes partly from Russia and some of our electricity comes from gas powered stations. Most of our leaders, at least in Germany and Hungary, are in bed with the Russians and likely won't do anything about fuel security. I live in an building with a south-facing roof and I own the roof space but I don't have enough land here to put a wind turbine or something similar on. Can anyone make good suggestions for ways to cut down my dependence on unreliable power supplies? Extra points for environmentalism, but I am even willing to pay more to be sure the heating is there in winter and my server keeps running.
Google

Ask Slashdot: Single Sign-On To Link Google Apps and Active Directory? 168

Posted by timothy
from the all-in-the-same-gang dept.
trazom28 writes to seek answers to a problem faced by many businesses (and, as in this case, schools): "We are looking for a solution to a single sign on to coordinate Active Directory and Google. You can sync the passwords easily enough with Google Apps Password Sync, but ideally we would like the students and staff to be able to sign in once and be done. Additionally, the Google login requires the @domain.k12.wi.us so it would have to take the AD username, pass it along and tack on the domain to log into Google.

Has anyone seen any solution for this that actually works, or is this the Holy Grail of all IT? Please hold off on any Google haters, that's a different discussion for a different forum.
Communications

Ask Slashdot: How Useful Are DMARC and DKIM? 139

Posted by timothy
from the survey-says dept.
whoever57 writes How widely are DKIM and DMARC being implemented? Some time ago, Yahoo implemented strict checks on DKIM before accepting email, breaking many mailing lists. However, Spamassassin actually assigns a positive score (more likely to be spam) to DKIM-signed emails, unless the signer domain matches the from domain. Some email marketing companies don't provide a way for emails to be signed with the sender's domain — instead, using their own domain to sign emails. DMARC doesn't seem to have a delegation mechanism, by which a domain owner could delegate other domains as acceptable signatures for emails their emails. All of these issues suggest that the value of DKIM and DMARC is quite low, both as a mechanism to identify valid emails and as a mechanism to identify spam. In fact, spam is often dkim-signed. Are Slashdot users who manage email delivery actually using DKIM and DMARC?
Linux

Ask Slashdot: Can You Say Something Nice About Systemd? 928

Posted by samzenpus
from the use-your-words dept.
ewhac writes: "I'm probably going to deeply deeply regret this, but every time a story appears here mentioning systemd, a 700-comment thread of back-and-forth bickering breaks out which is about as informative as an old Bud Light commercial, and I don't really learn anything new about the subject. My gut reaction to systemd is (currently) a negative one, and it's very easy to find screeds decrying systemd on the net. However, said screeds haven't been enough to prevent its adoption by several distros, which leads me to suspect that maybe there's something worthwhile there that I haven't discovered yet. So I thought it might be instructive to turn the question around and ask the membership about what makes systemd good. However, before you stab at the "Post" button, there are some rules...

Bias Disclosure: I currently dislike systemd because — without diving very deeply into the documentation, mind — it looks and feels like a poorly-described, gigantic mess I know nothing about that seeks to replace other poorly-described, smaller messes which I know a little bit about. So you will be arguing in that environment."

Nice Things About systemd Rules:
  1. Post each new Nice Thing as a new post, not as a reply to another post. This will let visitors skim the base level of comments for things that interest them, rather than have to dive through a fractally expanding tree of comments looking for things to support/oppose. It will also make it easier to follow the next rule:
  2. Avoid duplication; read the entire base-level of comments before adding a new Nice Thing. Someone may already have mentioned your Nice Thing. Add your support/opposition to that Nice Thing there, rather than as a new post.
  3. Only one concrete Nice Thing about systemd per base-level post. Keep the post focused on a single Nice Thing systemd does. If you know of multiple distinct things, write multiple distinct posts.
  4. Describe the Nice Thing in some detail. Don't assume, for example, that merely saying "Supports Linux cgroups" will be immediately persuasive.
  5. Describe how the Nice Thing is better than existing, less controversial solutions. systemd is allegedly better at some things than sysvinit or upstart or inetd. Why? Why is the Nice Thing possible in systemd, and impossible (or extremely difficult) with anything else? (In some cases, the Nice Thing will be a completely new thing that's never existed before; describe why it's good thing.)

We will assume out of the gate that systemd boots your system faster than ${SOMETHING_ELSE}, so no points for bringing that up. Bonus points are awarded for:

  • Personal Experience. "I actually did this," counts for way more than, "The docs claim you can do this."
  • Working Examples. Corollary to the above — if you did a Nice Thing with systemd, consider also posting the code/script/service file you wrote to accomplish it.
  • Links to Supporting Documentation. If you leveraged a Nice Thing, furnish a link to the docs you used that describe the Nice Thing and its usage.
Build

Ask Slashdot: How Do I Make a High-Spec PC Waterproof? 202

Posted by Soulskill
from the lots-of-duct-tape dept.
jimwormold writes: I need to build a system for outdoor use, capable of withstanding a high pressure water jet! "Embedded PC," I hear you cry. Well, ideally yes. However, the system does a fair bit of number crunching on a GPU (GTX970) and there don't appear to be any such embedded systems available. The perfect solution will be as small as possible (ideally about 1.5x the size of a motherboard, and the height will be limited to accommodate the graphics card). I'm U.K.- based, so the ambient temperature will range from -5C to 30C, so I presume some sort of active temperature control would be useful.

I found this helpful discussion, but it's 14 years old. Thus, I thought I'd post my question here. Do any of you enlightened Slashdotters have insights to this problem, or know of any products that will help me achieve my goals?
Data Storage

Ask Slashdot: Smarter Disk Space Monitoring In the Age of Cheap Storage? 170

Posted by timothy
from the percentages-matter-too-though dept.
relliker writes In the olden days, when monitoring a file system of a few 100 MB, we would be alerted when it topped 90% or more, with 95% a lot of times considered quite critical. Today, however, with a lot of file systems in the Terabyte range, a 90-95% full file system can still have a considerable amount of free space but we still mostly get bugged by the same alerts as in the days of yore when there really isn't a cause for immediate concern. Apart from increasing thresholds and/or starting to monitor actual free space left instead of a percentage, should it be time for monitoring systems to become a bit more intelligent by taking space usage trends and heuristics into account too and only warn about critical usage when projected thresholds are exceeded? I'd like my system to warn me with something like, 'Hey!, you'll be running out of space in a couple of months if you go on like this!' Or is this already the norm and I'm still living in a digital cave? What do you use, on what operating system?
Open Source

Ask Slashdot: Aging and Orphan Open Source Projects? 155

Posted by Soulskill
from the try-craigslist dept.
osage writes: Several colleagues and I have worked on an open source project for over 20 years under a corporate aegis. Though nothing like Apache, we have a sizable user community and the software is considered one of the de facto standards for what it does. The problem is that we have never been able to attract new, younger programmers, and members of the original set have been forced to find jobs elsewhere or are close to retirement. The corporation has no interest in supporting the software. Thus, in the near future, the project will lose its web site host and be devoid of its developers and maintainers. Our initial attempts to find someone to adopt the software haven't worked. We are looking for suggestions as to what course to pursue. We can't be the only open source project in this position.
Software

Ask Slashdot: Event Sign-Up Software Options For a Non-Profit? 104

Posted by timothy
from the which-con-do-you-mean? dept.
New submitter don_e_b writes I have been asked by a non-profit to help them gather a team of volunteer developers, who they wish to have write an online volunteer sign-up site. This organization has a one large event per year with roughly 1400 volunteers total.I have advised them to investigate existing online volunteer offerings, and they can afford to pay for most that I've found so far. In the past two years, they have used a site written by a volunteer that has worked fine for them, but that volunteer is unavailable to maintain or enhance his site this year. They believe the existing online volunteer sign-up sites are not quite right — they feel they have very specific sign-up needs, and can not picture using anything other than their own custom software solution. I am convinced it's a mistake for this non-profit to create a software development team from a rotating pool of volunteers to write software upon which it is critically dependent. How would you convince them to abandon their plan to dive into project management and use an existing solution?
Network

Ask Slashdot: LTE Hotspot As Sole Cellular Connection? 107

Posted by timothy
from the points-of-contact dept.
New submitter iamacat writes I am thinking of canceling my regular voice plan and using an LTE hotspot for all my voice and data needs. One big draw is ability to easily use multiple devices without expensive additional lines or constantly swapping SIMs. So I can have an ultra compact Android phone and an iPod touch and operate whichever has the apps I feel like using. Or, if I anticipate needing more screen real estate, I can bring only a Nexus 7 or a laptop and still be able to make and receive VoIP calls. When I am home or at work, I would be within range of regular WiFi and not need to eat into the data plan or battery life of the hotspot.

Has anyone done something similar? Did the setup work well? Which devices and VoIP services did you end up using? How about software for automatic WiFi handoffs between the hotspot and regular home/work networks?
The Internet

Ask Slashdot: Good Hosting Service For a Parody Site? 115

Posted by timothy
from the just-keep-backups dept.
An anonymous reader writes "Ok, bear with me now. I know this is not PC Mag 2014 review of hosting services. I am thinking of getting a parody website up. I am mildly concerned about potential reaction of the parodee, who has been known to be a little heavy handed when it comes to things like that. In short, I want to make sure that the hosting company won't flake out just because of potential complaints. I checked some companies and their TOS and AUPs all seem to have weird-ass restrictions (Arvixe, for example, has a list of unacceptable material that happens to list RPGs and MUDS ). I live in U.S.; parodee in Poland. What would you recommend?"
Open Source

Ask Slashdot: Stop PulseAudio From Changing Sound Settings? 286

Posted by timothy
from the sound-on-linux-still-frustrating dept.
New submitter cgdae writes Does anyone know how to stop PulseAudio/Pavucontrol from changing sound settings whenever there is a hardware change such as headphones being plugged in/out or docking/undocking my laptop ? I recently had to install PulseAudio on my Debian system because the Linux version of Skype started to require it. Ever since, whenever i dock/undock or use/stop using headphones, all sound disappears, and i have to go to Pavucontrol and make random changes to its 'Output Devices' or 'Speakers' or 'Headphones' tab, or mute/unmute things, or drag a volume slider which has inexplicably moved to nearly zero, until sound magically comes back again. I've tried creating empty PulseAudio config files in my home directory, and/or disabling the loading of various PulseAudio modules in /etc/pulse/*.conf, but i cannot stop PulseAudio from messing things up whenever there's a hardware change. It's really frustrating that something like PulseAudio doesn't have an easy-to-find way of preventing it from trying (and failing) to be clever.

[In case it's relevant, my system is a Lenovo X220 laptop, with Debian jessie, kernel 3.14-2-amd64. I run fvwm with an ancient config.]
Businesses

Ask Slashdot: Handling Patented IP In a Job Interview? 224

Posted by samzenpus
from the what's-mine-is-mine dept.
ZahrGnosis writes I'm in the midst of a rather lengthy job interview; something I haven't done for some time as I've worked as a contract employee with a much lower barrier to entry for years. Recently, I've started patenting some inventions that are applicable to my industry. One hope is that the patents look good to the prospective employer on a resume, but I don't want them to take the existing IP for granted as part of the deal. I'm worried I have the wrong attitude, however. My question is, how should I treat licensing of the patent as a topic with respect to the topic of my employment? Should I build the use of my patented ideas into my salary? Should I explicitly refuse to implement my patented IP for the company without a separate licensing fee? If I emphasize the patent during the interviews without the intent to give them the IP for free, is that an ethical lapse — a personal false advertising? At the same time, when I work for a company I feel they should get the benefit of my full expertise... am I holding back something I shouldn't by not granting a de-facto license while I work for them? I perceive a fine balance between being confrontational and helpful, while not wanting to jeopardize the job prospect nor restrict my ability to capitalize on my invention. Thoughts?
Books

Ask Slashdot: Best Books On the Life and Work of Nikola Tesla? 140

Posted by timothy
from the you-mean-the-ones-they-haven't-hidden-from-you dept.
An anonymous reader writes The internet is full of interesting nuggets of info about Nikola Tesla's life and scientific exploits: The time a young Tesla improved an electric motor for Edison, and Edison simply would not pay Tesla the monetary reward he had promised him earlier. The friction between Tesla and wealthy industrialist J.P. Morgan, and Tesla's friendship with (kinder) industrialist George Westinghouse. The 2 different times Tesla's main laboratory burned to the ground. The time a Tesla lab experiment reportedly caused a small earthquake to trigger in lower Manhattan. Tesla's (never quite fulfilled) dream of transmitting electricity across great distances without using wires or cables, etc. All this fascinating stuff, and more, about Tesla's life is out there, mostly in shortish snippets — and sometimes woven into outright conspiracy theories — on the internet for anyone to examine. Now to my question: What are the best books to read to get a fuller picture of Nikola Tesla's life and work? Preferably something well researched and factually accurate. Are there any good documentaries or movies (apart from David Bowie playing a wizard-like Tesla in "The Prestige")? Why is Thomas Edison so well known and covered in education/popular culture, and the equally prolific and ingenious Tesla a "mysterious and ghostly figure" by comparison?
Networking

Ask Slashdot: VPN Setup To Improve Latency Over Multiple Connections? 174

Posted by timothy
from the so-you-favor-internet-fast-lanes dept.
blogologue writes I've been playing Battlefield for some time now, and having a good ping there is important for a good gaming experience. Now I'm in the situation where I have mobile internet access from two telecom companies, and neither of those connections are stable enough to play games on, the odd ping in hundreds of milliseconds throws everything off. How can I setup a Windows client (my PC) and a Linux server (in a datacenter, connected to the internet) so that the same TCP and UDP traffic goes over both links, and the fastest packet on either link 'wins' and the other is discarded?

In the sciences, we are now uniquely priviledged to sit side by side with the giants on whose shoulders we stand. -- Gerald Holton

Working...