Wow, this costs more than a Chromebook!

It has some impressive specs, though. The 1.2 GHz processor may finally be able to write to a HDD at full USB 2.0 speeds without getting overloaded.

Hey, it comes with a cooling fan even! ;)

So it has USB 2.0 + 3.0 and eSATA. According to this chart, r/w performance seems quite good (and certainly above USB 2.0): http://core0.staticworld.net/images/article/2014/04/wrt1900a...

I'd willingly pay that price if it delivers on what they said in the marketing. But it appears we'll have to wait.

Xubuntu is the simpliest,light-weight choice that still has a lot of functionality available if you want to turn it on.

I am grateful for this choice.

I know upgrades are supposed to work, but they almost never go 100% percent right.

Use dpkg/synaptic to backup your installed packages and backup your /home...then commit to the time to going fresh install. If you use LTS releases, you'll only be doing it at most every other year.

IMHO, it is worth the time.

I've had very good luck lately simply adjusting my sources file and typing apt-get dist-upgrade lately - though this is using Mint as the base distro (which in turn uses Ubuntu too).

Ciphers to avoid DSS, MD5/RC4, SHA-1.

Ciphers to prefer ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256

A pretty good source/guide:

https://hynek.me/articles/hardening-your-web-servers-ssl-cip...

You'll need apache 2.4+[I think], or nginx. And possibly fresh certs to use DHE/EC.

A quick rundown of a fairly secure setup:

Cipher Priority list:

ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:!RSA+3DES:!aNULL:!MD5:!DSS:!SHA:AEAD

==========================================================

Generate the cert and private key:

openssl req -x509 -sha256 -nodes -days 3650 -newkey rsa:4096 -keyout serverkey.pem -out servercert.pem

==========================================================

Generate the DH parameters:

openssl dhparam -out dh2048.pem -outform PEM -2 2048

==========================================================

How to List Elliptic Curves:

openssl ecparam -list_curves

===========================================================

Note: Generating DH parameters is gonna take a while. If you are implementing this on a slowish machine like a Raspberry Pi, you might want to use a faster machine to do the DH step, then copy file the key over.

Note to the mods: this comment breaks formatting on mobile, forcing the min page width to be much wider than usual and even more difficult to read on a phone.

This is generally helpful, but generally avoid advice from people who refer to signature algorithms or cryptographic hash functions as ciphers.

It should also be mentioned how you came up with your ordering of TLS cipher suites, in declining priority

  1. Forward security is preferred (ECDH|DH > RSA)
  2. AESGCM > AES256 > AES|AES128 > 3DES
  3. ECDH > DH

Another reminder to use strong, non-default credentials on something that is the edge of your network.

I'm still amazed by how many people drive around leaving their cars unlocked.

I leave my keys in the car sometimes when I'm running errands in my home town. I care a whole lot more about my network security at home than I do my car. It's just a car.

You are potentially exposing yourself to liability should your car be stolen and involved in an accident:

http://courses2.cit.cornell.edu/sociallaw/student_projects/E...

(IANAL, it looks like a court is not likely to find you liable, but you're still exposing yourself to the hassle of a law suit.)

In my country, it's illegal to leave the keys in your car when you're not in it (a child could get in it to play and hurt themselves or others)

The reason to secure your network is a good reason to secure your car.

Your network and your car can/will be used by bad guys to do bad things.

You should care.

somehow i'm less worried about people stealing my car when I'm driving around at 60kmph.

You are part of a society in which you have an obligation to protect and preserve the safety of others through reasonable and responsible actions.

I don't think that locking your car while it is parked or not leaving your keys in it while it is unattended is too much to ask.

FFS.

Yeah, but the American dreams is to have one good idea and milk it for the rest of your natural life, then pass on the rights to your offspring who can milk it...and so on.

That way you can exponentially create useless people.

Yeah, but the American dream does not function to much longer this way. Because more and more people are born in bad situations, they have to take jobs to earn some money to start -- sign such contracts ... and you are enslaved.

Even if you get rid of these ... Than you have a good idea, only to find, that your idea violates dozens of corporate patents ... and your idea is waste.

Thus the dream is just a shadow of the past ... and propaganda for a system that does not hold its promises any more.

We don't know how much oil exists,but we do know it is finite.

The sun's energy will out last us all, millions of times over. Plants have it figured out. We should ask them.

Plus what happens when we are ready to leave Earth? Surely we'll need a way to feed off of the stars then anyway, so why not start now.

The supply of sand is also finite, but we aren't likely to run out any time soon.

Just because the supply is finite, doesn't automatically mean we will exhaust it.

Actually, as stupid as it sounds, we do start to run out of sand to make concrete in some areas.

A quick search about "sand shortage" will show you.

True, but I would guess that oil is used at a much higher rate than sand, especially considering the relative availability of each.

The question is whether we will use it all up before renewables become cheaper though.

Vote with your bits[and dollars] if you disagree.

Nerd rage alone is fruitless without tangible follow-thru.

Slashdot beta, a new redesign, is causing quite a stir these days amongst the vocal majority.