Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Watch a Cat Video, Get Hacked: the Death of Clear-Text

AaronLS Re:https is useless (166 comments)

1. AC said SSL is magic, implying that they believe it is a hoax. I am simply pointing out they are an idiot who understands nothing about cryptography.
2. Saying that someone has identified a potential weakness in a cryptography algorithm doesn't change the fact that it is deterministic and well understood among cryptography experts. There is still nothing magic about it.
3. Your rebuttal implies that I was trying to claim that the NSA was innocent in some way or defend them. Obviously you have the worst reading comprehension in the history of mankind because no where in the two sentences do I make any such claim.
4. There are documents that indicate NSA was looking for potential weaknesses in various security protocols and possibly tampering with devices, but there is no evidence that they influenced the SSL standard itself to introduce weaknesses. Tampering with a device to break its implementation of SSL is seperate concept from the SSL standard itself. Could they have influenced the standard? They could be powering their headquarters with goat fetuses for all we know. It's all wild speculation in the absence of evidence. All evidence points to them pouring large amounts of manpower and computing power into breaking SSL. If they did indeed influence the standard, then whatever influence that had had no negligible effect based on what we know of the kind of efforts they've had to throw at SSL. Evidence of their efforts doesn't show any significant success. Their only successes in any relation to SSL have been more traditional techniques that involve circumventing SSL, such as compromising a server so they can capture data before it is encrypted, since SSL is such a tough nut to crack. More evidence that they haven't cracked SSL. Besides, influencing the standard in that way would have required more foresight than most governments are capable of.

Only one point is needed to show you're an idiot. The evidence is overwhelming.

2 days ago
top

Watch a Cat Video, Get Hacked: the Death of Clear-Text

AaronLS Re:https is useless (166 comments)

Your response doesn't invalidate how cryptography works. It's solid math and there's no magic about it.

5 days ago
top

Ask Slashdot: Why Are Online Job Applications So Badly Designed?

AaronLS Re: Standardize (274 comments)

This appears to be for the posting, not for the submission of applicant/resume. But essentially the same concept. I build my resume using a GUI, it generates XML submission as needed, employer parses what information they are interested in or throws feedback indicating missing required info.

5 days ago
top

Where are the Flying Cars? (Video; Part Two of Two)

AaronLS Re:As a private pilot... (66 comments)

A good car has down force and sticks to the road. A good plane does the opposite. I was at a flight museum that had a flying car on display and it was described as something like a "Mediocre car, and mediocre plane" Not that it's impossible, but the most basic attributes of a plane and car are contradictory.

about a week ago
top

Ask Slashdot: Why Are Online Job Applications So Badly Designed?

AaronLS Standardize (274 comments)

The reentering of resume information is ridiculous.

What if there was a common XML format that represented your resume? You created this using a desktop GUI and just upload the resume.xml to potential employees.

about a week ago
top

2D To 3D Object Manipulation Software Lends Depth to Photographs

AaronLS Carnegie Melloned (76 comments)

No longer is it Photoshopped, but instead we say it's been Carnegie Melloned.

about two weeks ago
top

Alleged Massive Account and Password Seizure By Russian Group

AaronLS Re:because writing propet software (126 comments)

Apparently writing itself is hard, much less writing propet software.

about two weeks ago
top

How Google Map Hackers Can Destroy a Business

AaronLS Re:Wikipedia survives it (132 comments)

I think the challenge is identifying bad edits. Once you identify a bad edit, you can bulk undo everything from that source. With google maps, a phone number change might not be apparently a bad edit until you call it, and even then if it was setup with the sole purpose of misrepresenting a business, then it will be difficult to verify. With wikipedia, identifying a bad edit is usually simple as "hey this link goes to this third party place it shouldn't" or it's clear bias or vandalism.

about a month ago
top

Normal Humans Effectively Excluded From Developing Software

AaronLS Re:WTF are they talking about? (608 comments)

Indeed, no matter what language you allow people to use, from C++ to English, it comes down to communicating intent clearly and unambiguously. In just about every programming language, you have bugs resulting from a gap in what someone actually wrote, versus what they intended to write. If you don't think analytically and logically, then you are going to make this mistake alot.

On the other hand, I certainly agree that sometimes learning curves and programming hassles are steeper and more common than necessary. Poor documentation, and lack of cookbooks/guides for common scenarios, poorly communicated errors, shoddy development tooling, unintuitive tooling, etc. I hate getting pulled off onto a tangent because something isn't working as it should and having to delve into something I shouldn't have to.

about a month and a half ago
top

Airbus Patents Windowless Cockpit That Would Increase Pilots' Field of View

AaronLS Re:Power? We dont need no stink'n power! (468 comments)

One word: pinball wizard. Wait that's two words, or is it three?

about a month and a half ago
top

Austrian Tor Exit Node Operator Found Guilty As an Accomplice

AaronLS Re:It'll come down to an opinion (255 comments)

You are taking the hardline "murica fuh yuh" FREEDOM stance. You need to start thinking about what freedoms you are protecting. It's not as cut and dry as you would like it to be. Don't children have a right to be free from being sexual assaulted, raped, and abused? When did your right to use Tor to download torrents exceed their right to be treated with some humanity?

about a month and a half ago
top

Austrian Tor Exit Node Operator Found Guilty As an Accomplice

AaronLS Re:Everyone is guilty (255 comments)

No that is not the logic being applied. You are ignoring certain factors in the sake of making a very silly argument. A car manufacturer is not an accomplice because someone used one of their cars to commit a crime, because the design and typical use of a car is for legitimate purposes. If however, the car manufacturer provided features designed specifically to aid criminals, or features which happenstance had more common criminal uses than legitimate, then they would be an accomplice be cause the knowingly continued to provide these features without taking corrective action. It seems wrong that I am a criminal because I provide some product/service, and happenstance without my foresight it is used for criminal purposes. One would be expected to take responsible action to make amends to the product/service to eliminate or track this usage. For example, ISPs providing a physical link are capable of identifying the source of criminal activity.

So the distinction is when you provide a product/service that is known to have primary illegal usages. You can make arguments for Tor on a non-legal basis such as freedom, right to anonymity, anti regime, anti oppressive government arguments. However, from the standpoint of law, there is a certain distinction on what makes someone an accomplice.

about a month and a half ago
top

Austrian Tor Exit Node Operator Found Guilty As an Accomplice

AaronLS Re:It'll come down to an opinion (255 comments)

Agreed. There are some very noble uses of Tor, but when you operate an exit node you are basically allowing any scum to use your connection to hide their activities, and some are really sick. I wish there were a good solution to allow an exit node to be operated, but prevent some of the more nefarious uses. In the absence of that, it is pretty irresponsible to contribute such a powerful component(the exit node) without discretion for what it will be used for. At least an ISP providing a physical link has the capability to identify households, whereas the Tor exit node prevents that, and exit node operators know this. So I think in that respect the ISP is not an accomplice, as they know and are willing to help catch criminals(although there is an argument to be made in oppressive regimes abusing this power). Where as an exit node operator should be knowledgeable that they are preventing the prosecution of criminals, some of which are towards the extreme of being really disgusting, and thus are knowingly acting as an accomplice.

There was a FreeNET that basically was an encrypted distributed WWW that hosted parts on different people's machines. It was encrypted to absolve hosts from responsibility, but it was used quite a bit for child pornography.

Of course even without Tor, when you identify a household sourcing criminal activities, you still have the grey area of things like unsecured Wifi. Is someone an accomplice because they left their Wifi open for anyone to connect to? It is a slippery slope and the tech illiteracy of judges contributes to some bad rulings in cases like this.

about a month and a half ago
top

FTC Says T-Mobile Made Hundreds of Millions From Bogus SMS Charges

AaronLS Re:It was SO wrong, he had to say it twice (110 comments)

Was it wrong for a company like T-Mobile to profit from scams against its customers when there were clear warning signs the charges it was imposing were fraudulent?

about a month and a half ago
top

Ask Slashdot: Choosing a Web Language That's Long-Lived, and Not Too Buzzy?

AaronLS Re:.Net / Typescript (536 comments)

C# has optional parameters now. Long story short, they resisted adding them because they have the potential to introduce breaking changes across library versions as they are bound at he callsite.

If you looked at job listings C# is by far the majority. I reallize that doesn't prove anything, but I think it's a strong indicator that C# is the more prevalent of the .NET languages.

about a month and a half ago
top

Ask Slashdot: Choosing a Web Language That's Long-Lived, and Not Too Buzzy?

AaronLS Re:.Net / Typescript (536 comments)

There is nothing overkill about MVC. It is far simpler than webforms. Webforms is the one that is overkill. The massive view state object that is serialized with every request, the fact that it tries to emulate windows forms controls with heavy objects and non-HTML tags. You want HTML, use MVC. You want the overkill of webforms controls? MVC is far faster even for simple cases.

I did webforms for even applications ranging from simple to complex for 3 years, and I've been using MVC for almost 3 years now, and I can tell you MVC is far simpler for both cases. Webforms was designed to be familiar to people coming from a Windows Forms background, and that layer that created on top of the simple html/http request/response model of the web is overkill. The viewstate for example is designed to give the programmer the sense that state is continuous through the user's interaction, as if it were a webforms app, to hide the request/response web model from the programmer. But this is overkill and actually makes things more difficult to debug and work around. Having to tweak what goes into viewstate and what doesn't. For those who do it alot it is probably second nature, but it is an unnatural layer of abstraction over how the web works.

Try to do something as simple as a small survey that has a dynamic list of questions. On postback, even though you have no intention of showing the user the form again, in order to capture the user's response you must recreate the entire form, and make sure you do it in just the right event handler in the pipeline. In MVC, all you need is a POCO in the Action method parameter.

about a month and a half ago
top

FreeDOS Is 20 Years Old

AaronLS Re:Best DOS game... (133 comments)

Surprised to see someone mention one of my favorites. One of the few games where even losing was fun. Took a hit to the oil line? Now you've gotta get back to friendly borders before you crash.

I found the copter controls/weapons management to be a nice balance between complex and arcade. I also loved getting to pick my loadout for each mission. Was a fun game for a computer that had only 512Kb ram.

about 1 month ago
top

Ask Slashdot: Correlation Between Text Editor and Programming Language?

AaronLS Re:Uh, sure.. (359 comments)

Granted VS can be pretty annoying, it shouldn't be hanging crashing that much. Extensions, even the really cool looking ones, have stability issues. I used to have more issues until I ditched almost all the extensions I had installed.

Do you have it setup to get-latest from TFS on solution open? I only get latest before I checkin to verify that there are no conflicts. This minimizes changes and dependency rebuilds. Sure YOU didn't change anything, but if you have it configured to get latest when you open solution, you are bound to get other peoples changes in dependencies.

Why Cancel at #6? That's only going to put you back at #1. You're making an annoying problem into an impossible never ending problem. Was your plan to cancel the build, and then have a stern talking to with the compiler and ask it not to compile dependencies? Only way you are going to control that is to reference DLL's instead of projects, which obviously isn't a solution, but point being if it decides for whatever reason it wants to compile a dependency, you aren't going to make things better cancelling the build.

about 2 months ago
top

Norway Scraps Online Voting

AaronLS Re:What logic! (139 comments)

38% of voters considered it an improvement if they opted for that method over the other(that's not to assume their outcome experience was better). Probably in Netflix's beginning their subscriber base was only people who already watched movies, and simply found it more convenient. They may not have initially turned non-movie watchers into movie watchers. Obviously that wasn't Netflix's goal metric, but the point being that the preference 38% people showed could be an indicator that it could me marketable to non-voters to turn them into voters.

Sometimes your goal metric isn't realized during trials, but you can gauge user satisfaction/preference as an indication of its potential. I would say getting 38% during a trial is pretty huge. Usually when you are trying to get people on board with something new it can be much more challenging. With marketing they might increase voter turnout. Obviously you have to look at the feasibility of it, and the cost is certainly a valid decision point. I just think it's a little silly to focus on one metric and call it failure based on such a narrow slice. If the cost-benefit doesn't meet your threshold and you want to bring to an end, fine, but that doesn't mean it is a failure!

Plenty of advancements faltered on their first outing before their time because there weren't enough driving factors in place to tip the cost-benefit ratio. Some of the first hybrid trials were followed by automakers saying that it was a failure and that they'd never make one, and some of those same automakers are making them today. Never speak in terms of absolutes or history+future will make you look like an idiot. Darn, that statement was an absolute.

about 2 months ago
top

Norway Scraps Online Voting

AaronLS Re:What logic! (139 comments)

These are all valid points. I was not implying that mathematics is anything like voting, nor was I presenting an opinion for or against online voting, nor was I trying to imply that online voting is the same caliber of breakthrough as the electronic calculator.

I was merely poking fun at the logic/reasoning presented in the summary of why they considered it a failure. You can list 1000 valid reasons why online voting is a bad idea, that doesn't change the humor of the particular logic presented in the summary :)

about 2 months ago

Submissions

top

Unlimited Food Stamps During System Outage

AaronLS AaronLS writes  |  about 10 months ago

AaronLS (1804210) writes "Electronic Benefits Transfer(EBT) card holders were allowed unlimited spending at some Walmart locations during an outage of the system that is used to determine spending limits. Some people hauling out multiple carts of groceries. According to system operator Xerox, there's an “agreed and documented process for retailers like Walmart to follow in response to EBT outage.” It is not clear whether or not Walmart followed this procedure or not, but Walmart spokesperson stated the decision was made to "contine[SIC] to accept EBT cards during the outage so that they could get food for their families.” Other retailers simply did not allow purchases during the outage. Xerox stated they would work to determine the cause and prevent future outages, but did not specifically state whether they would take steps to prevent unlimited spending during future outages.

Was this unlimited spending a flaw of the system and procedure, an intended procedure, or did Walmart simply not follow appropriate procedure? If Walmart took it upon themselves to allow unauthorized spending during the outage, why did they not at least impose a reasonable limit that would allow a family to get through the next day?

This news has already incited a lot of inflammatory and childish debate across the web from both those who are pro and anti-foodstamps, drowning out any intelligent analysis of the system/procedures that caused this event."
top

Disabling Java Recommended In Response to Vulnerability

AaronLS AaronLS writes  |  about a year and a half ago

AaronLS writes "US-CERT is recommending that users disable Java in their browsers due to a 0-day vulnerability which US-CERT is "currently unaware of a practical solution". They indicate that the vulnerability is being actively exploited in the wild, and is available in exploit kits."
Link to Original Source
top

The HP Memristor Debate

AaronLS AaronLS writes  |  about 2 years ago

AaronLS writes "(Note: I would have included links and appropriate formatting for quotes within the story, but I have searched and searched and found no guidelines in the FAQ or googling your site that indicate what formatting tags or HTML are valid for stories.)

There has been a debate about whether HP has or has not developed a memristor. It being something fairly different from existing technologies, and similar in many ways to a memristor, I think they felt comfortable using the term. However, there are those not happy about HP using that labeling. On the other hand, had HP created a new unique label, they would have probably gotten flack for pretending it's something new when it's not. What positive will come from the debate? Martin Reynolds sums it up nicely:

“Is Stan Williams being sloppy by calling it a ‘memristor’? Yeah, he is,” Martin Reynolds tells Wired. “Is Blaise Moutett being pedantic in saying it is not a ‘memristor’? Yeah, he is. [...] At the end of day, it doesn’t matter how it works as long as it gives us the ability to build devices with really high density storage.”"

Link to Original Source
top

Compromised Steam Data Included Credit Card Info

AaronLS AaronLS writes  |  more than 2 years ago

AaronLS writes "Steam has released additional information about a previous security breach, indicating that with the help of third party security experts they have determined no passwords were compromised, but billing information and credits cards were compromised. This information was encrypted, but no details were given on the level or type of this encryption, which would be significant since the attackers would have free reign to throw as much computing power at trying to decrypt the data, either through brute force guessing of the key or other means if the encryption has weaknesses. Also of significance, would be whether all the data shared the same key, or if each user's billing information was encrypted with a different key."
Link to Original Source
top

Flash Density Increasing w/25nm Triple Level Cells

AaronLS AaronLS writes  |  about 4 years ago

AaronLS (1804210) writes "StorageReview.com has a story indicating Intel and Micron planning production this year for Triple Level Cell flash on 25nm Lithography. This means that 3 bits instead of 2 can be stored in each cell, and the smaller 25nm Lithography generally allows more cells to be fit in the same area.
  This combination should provide a considerable improvement to the density, and hopefully cost, of flash based storage. Read more at StorageReview.com: http://www.storagereview.com/intel_and_micron_announce_25nm_triple_level_cell_nand"

Link to Original Source

Journals

AaronLS has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>