Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Google Offers a Million Bucks For a Better Inverter

Animats About 4x beyond current production. (161 comments)

As an actual product available right now, there's this 250 watt inverter. from Enphase, intended to work with one solar panel. That's 54 cubic inches, or 12W/cubic inch. Google wants 50W/cubic inch, so Google is asking for 4x the power density. This one happens to be configured for 48VDC input, but that's not hard to change. It exceeds the efficiency limit set by Google.

Enphase sells those little inverters for a one-inverter-per-solar-panel system, where power is combined on the AC side. The inverter, at 171 mm x 173 mm x 30 mm, is a lot smaller than the panel it sits behind. Making it smaller won't have any effect on system size.

One big difference: Enphase offers a 25 year warranty on that unit. Google only wants to run for 100 hours. They'll probably get something that will pass their tests but wouldn't last a year in a real solar installation.

7 hours ago
top

UK Users Overwhelmingly Spurn Broadband Filters

Animats "Christian ISPs" are available. (85 comments)

The US has "Christian ISPs", with server side porno filtering. They're very small. And very retro. One has terms that say they reserve the right to disconnect your dial-up connection after 10 minutes of inactivity.

11 hours ago
top

The "Rickmote Controller" Can Hijack Any Google Chromecast

Animats Secure pairing is hard (131 comments)

This is a general problem with devices that are "paired". How do you securely establish the initial connection, when neither side knows anything about the other?

The secure solutions involve some shared secret between the two devices. This requires a secure transmission path between the devices, such as typing in a generated key (like a WPA2 key) or physically carrying a crypto key carrier to each device (this is how serious cryptosystems work).

Semi-secure systems involve things like creating a short period of temporary vulnerability (as with Bluetooth pairing). There's a scheme for sharing between cellphones where you bump the phones together, and they both sense the deceleration at close to the same time.

yesterday
top

Researcher Finds Hidden Data-Dumping Services In iOS

Animats Re:DROPOUTJEEP backdoor (93 comments)

Apple's reputation management service is reacting faster now. It used to take them an hour to mod criticism down. Now it only takes 15 minutes. Who are they using?

yesterday
top

Researcher Finds Hidden Data-Dumping Services In iOS

Animats DROPOUTJEEP backdoor (93 comments)

This may be the backdoor known as DROPOUTJEEP, which was described in some Snowden-leaked documents last year.

Looks like Apple sold out, put in a backdoor, and then lied about it.

yesterday
top

Linux Needs Resource Management For Complex Workloads

Animats This is a job for QNX (159 comments)

Consider trying QNX, the message-passing real time OS, for this. This is a message passing problem, and Linux doesn't do message passing well. QNX has a scheduler optimized for message passing. You should be able to handle the UDP front end and fan-out without any problems. You can give the front-end process a higher priority than the other processes, which should let you get all the UDP packets into the fan-out program without losing any. That's what real-time OSs are for.

Trying to do anything high-performance with CPython's threads is hopeless. Watch this presentation on performance issues with Python's Global Interpreter Lock, Python has an internal scheduler, and it behaves very badly under load.

So each Python process should be single-thread. Have as many as you need, set up to get work via MsgReceive and reply by MsgReply. Don't set them up as "resource managers".

Python under QNX is being used by the robotics community, where real-time matters for some things, but not others.

QNX - great technology, marketing operation from hell.

2 days ago
top

Linux Needs Resource Management For Complex Workloads

Animats This belongs in the cluster manager (159 comments)

That level of control probably belongs at the cluster management level. We need to do less in the OS, not more. For big data centers, images are loaded into virtual machines, network switches are configured to create a software defined network, connections are made between storage servers and compute nodes, and then the job runs. None of this is managed at the single-machine OS level.

With some VM system like Xen managing the hardware on each machine, the client OS can be minimal. It doesn't need drivers, users, accounts, file systems, etc. If you're running in an Amazon AWS instance, at least 90% of Linux is just dead weight. Job management runs on some other machine that's managing the server farm.

2 days ago
top

Dealing With 'Advertising Pollution'

Animats Tax advertising (381 comments)

There is a serious bipartisian proposal in Congress to reduce the tax deduction for advertising. Call your Congressional representative and tell them you support the elimination of tax deductions for advertising.

Because the US savings rate is so low (most people are spending almost all they earn), advertising does not increase demand. It just moves it around a bit. All advertising does is increase prices. There are many products, from movies to medications, where the advertising cost exceeds the cost of production. Let's put the brakes on advertising.

2 days ago
top

The Improbable Story of the 184 MPH Jet Train

Animats Track-train dynamics (194 comments)

That jet-powered locomotive was neverintended as a useful means of propulsion. It was just to test track-train dynamics at higher speed. Not much was done with the info, since Amtrak wasn't into high speed rail.

The next big advances in high speed rail were Japan's Tokaido line and San Francisco's BART, both around 1970. The original Tokaido trains had conventional wheel arrangements, and required a very good and very high maintenance roadbed. The SF BART system had the first trains with an active suspension, with each car body supported on a triangle of three air bags controlled by electronic controls. This allowed a higher body height at higher speed, allowing more wheel travel and a softer suspension. Also, all wheels were powered, as is normal in transit operations.

The French TGV brought both of those ideas together - high speed plus active suspension with more suspension travel, with all wheels powered. This allowed high speed trains without excessive track wear. (That's a big problem with high speed rail. A French test in 1955 reached 331 km/h, but damaged the track seriously in only one run. There were serious doubts for years whether steel wheel on steel rail could ever go that fast in routine operation.)

As with cars, there's been more than enough power to go fast for decades. Wheel and suspension issues are what limit speed.

5 days ago
top

Is the Software Renaissance Ending?

Animats The appcrap boom is over (170 comments)

What "software renaissance"? The writer means the appcrap boom - millions of small bad programs, with a few good ones. Many, maybe most, "apps" could just as well be web pages.

The appcrap boom seems to be winding down. Developers realize that writing a quickie app has roughly the success percentage of starting a garage band. That's a good thing.

It's a great time to code, if you have a problem to solve. The tools are cheap if not free, the online resources are substantial, and there's vast amounts of cheap computing power available on every platform from wrist to data center. If you don't have a problem to solve, coding is sort of pointless.

about a week ago
top

Ask Slashdot: Future-Proof Jobs?

Animats HVAC (507 comments)

Heating, ventilating, and air conditioning. The job sucks, but it's steady. Automation of ductwork installation and repair is a long way off. Unlike construction, there's maintenance work; someone always needs their A/C fixed.

about a week ago
top

Critical Vulnerabilities In Web-Based Password Managers Found

Animats They had one job (114 comments)

A "web based password manager" has one job - keeping the passwords secure. That's all it does. If anyone easily finds a vulnerability in that, the service is a failure.

about a week ago
top

Home Depot Begins Retail Store Pilot Program To Sell MakerBot 3-D Printers

Animats A lot of them will be returned (126 comments)

MakerBot has never before sold through a retail outlet that takes returns. A lot of those machines will come back.

about a week ago
top

How To Fix The Shortage of K-5 Scholastic Chess Facilitators

Animats It's a joke article (128 comments)

Come on. The article is a joke. " A chess facilitator brain implant would be wired between perception and cognition. You would just look at the board and know if it is checkmate." Did the original poster not realize this?

about two weeks ago
top

Scientists Have Developed a Material So Dark That You Can't See It

Animats Re:Inside of cameras (238 comments)

I didn't research so forgive my ignorance

It gets this property from its fine surface structure, which is a forest of tubes. Incoming light has to be reflected many times before it gets back out, so a black material is effectively made even less reflective. It's the optical-scale version of the pointed absorbers used in anechoic chambers.

It probably is not going to retain its blackness when exposed to water, dirt, or wear. Superhydrophobic coatings such as Never Wet have the same problem - they work because they're composed of tiny points, so droplets of liquid don't have a surface they can grab. But after some wear, the effect stops working. (See any of the many "NeverWet fails" videos on YouTube.)

This is likely to be great for protected environments, such as inside optical systems. It should be useful for optical sensors in space, too. But it's probably an inherently fragile surface. That limits its uses. (The "stronger than steel" probably refers to the individual carbon nanotubes, not the bulk material.)

This s a problem with a lot of surface chemistry stuff touted as "nanomaterials". They have interesting surface properties, but the surfaces are fragile, because they're some very thin surface layer with an unusual structure. If you protect that structure with some coating, you lose the effect.

about two weeks ago
top

Scientists Have Developed a Material So Dark That You Can't See It

Animats Inside of cameras (238 comments)

This is going to be useful for the insides of optical systems, lens hoods, and such. Other than that, probably not that significant.

about two weeks ago
top

Source Code Leaked For Tinba Banking Trojan

Animats Windows DLL injection attack vector. (75 comments)

Remind me again why Windows has the capability to "inject" a new DLL into a running process from outside the process.

about two weeks ago
top

A Skeptical View of Israel's Iron Dome Rocket Defense System

Animats Hard to tell if it's working. (368 comments)

Here's the promotional video from Rafael, the system's maker. If the Iron Dome launchers are in a position to hit incoming rockets when they're still in boost phase, they're clearly effective. When they hit, the ascending rocket's flare disappears. Israel has Iron Dome launchers both forward postioned near Gaza, for boost phase defense, and near cities, for terminal defense. For terminal defense, it's harder to tell if they worked. The incoming rockets are just falling at that point, and success requires blowing up their warhead, not their rocket engine.

Videos show the missile's warhead exploding. That's triggered by a proximity fuse. There's a spray of shrapnel from the warhead; it doesn't have to be a direct hit. Whether that sets off the incoming rocket's warhead isn't visible from the videos of terminal defense.The Patriot missiles used in the Gulf war were able to hit incoming Scud missiles, but often didn't detonate the warhead.

about two weeks ago

Submissions

top

Facebook is down, again

Animats Animats writes  |  more than 2 years ago

Animats writes "Not just the stock. The Facebook site itself is having problems this weekend.
Facebook has had intermittent outages since Friday, the Huffington Post reports. Right now, DownRightNow reports a "likely service disruption." The symptom is very slow, but valid responses from the site. So far, Facebook hasn't made any public statements."

Link to Original Source
top

Sprint discontinues phone camera support, loses pictures

Animats Animats writes  |  more than 2 years ago

Animats (122034) writes "On April 30, Sprint discontinued their "Picture Mail" site, where pictures uploaded from Sprint phones are stored. Some users report the loss of years of pictures. Sprint didn't provide a bulk download feature that worked, so some users struggled during the last hours to get pictures off the site before it went down.

Sprint's plan was that users would switch from their system to Flickr, Facebook, or some other photo uploading site. Unfortunately, the tools for doing that were on the site they just took down. The main Sprint web site now has dead links. The old system was taken down before the new system came up. So they've left their non-smart phones in limbo.

There's a privacy issue. Pictures uploaded to Sprint's site were private. Pictures uploaded to "sharing" sites tend to get "shared"."

Link to Original Source
top

CPanel installs back door into Linux servers

Animats Animats writes  |  more than 2 years ago

Animats writes "I recently leased a new dedicated server from a well-known hosting company. The server came with CPanel, a popular system administration tool, installed, and on first log-in, I was presented with a CPanel EULA, something that wasn't present on older servers. The EULA indicates that CPanel, Inc. has a back door into the server for "authentication", and can not only "copy, access, store, disclose and use cPanel Data indefinitely in its sole discretion", but can disable the server remotely. This is like CarrierIQ's back door — something that has no business being there.

This is for a fully dedicated server, not shared, not virtual, and not managed by the hosting company. I'm leasing a bare CentOS machine in a rack here. This isn't something to give a hosting company access. It allows access by a third party company that just sells system administration software. They have no need for that access whatsoever.

Here are the actual EULA terms:

*Authentication System*. The Software contains technological measures that, working in conjunction with cPanel computer servers, are designed to prevent unlicensed or illegal use of the Software (collectively, the "Authentication System"). You acknowledge and agree that such Authentication System allows cPanel to (among other things) (a) monitor use of the Software by you and Third Party Users as set forth in Section 2.5.4 (cPanel Data); (b) verify that the Software is only used on the Licensed Server; (c) suspend or disable access to the Software in whole or in part in the event of a breach of this Agreement or in the event of a breach by a Third Party User of cPanel-related provisions of a Third Party Agreement; and (d) terminate use of the Software upon the expiration or termination of this Agreement. You agree not to thwart, interfere with, circumvent or block the operation of any aspect of the Authentication System, including any communications between the Software and cPanelâ's computer servers. For the avoidance of doubt, the Software will not operate unless cPanel from time to time verifies the Software using the Authentication System which requires the exchange of information between the Licensed Server and cPanel over the Internet.

*cPanel Data*. You agree that, without further notice to you or any Third Party User, cPanel may use technological means, including the Authentication System, to (a) monitor use of the Software as may be necessary to monitor for compliance with the terms of this Agreement; (b) collect language file modifications as provided in Section 3.6 (License to Language File Modifications); and (c) collect cPanel Data. cPanel reserves the right to copy, access, store, disclose and use cPanel Data indefinitely in its sole discretion; provided, however, that in the event that cPanel collects information concerning which features of the Software are most often used by you or Third Party Users, cPanel will remove personally identifiable information (if any) from such data and copy, access, store, disclose and use such data solely for the purpose of improving the Software.

"

Link to Original Source
top

Facebook settles with FTC, admits privacy violatio

Animats Animats writes  |  more than 2 years ago

Animats writes "The social networking service Facebook has agreed to settle Federal Trade Commission charges that it deceived consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public. The settlement is soft on Facebook; there are no fines or criminal penalties.

According to the FTC, in December 2009, Facebook changed its website so certain information that users may have designated as private – such as their Friends List – was made public. Facebook didn't warn users that this change was coming, or get their approval in advance.

Facebook represented that third-party apps that users' installed would have access only to user information that they needed to operate. In fact, the apps could access nearly all of users' personal data – data the apps didn't need.

        Facebook told users they could restrict sharing of data to limited audiences – for example with "Friends Only." In fact, selecting "Friends Only" did not prevent their information from being shared with third-party applications their friends used.

        Facebook had a "Verified Apps" program & claimed it certified the security of participating apps. It didn't.

        Facebook promised users that it would not share their personal information with advertisers. It did.

        Facebook claimed that when users deactivated or deleted their accounts, their photos and videos would be inaccessible. But Facebook allowed access to the content, even after users had deactivated or deleted their accounts.

        Facebook claimed that it complied with the U.S.- EU Safe Harbor Framework that governs data transfer between the U.S. and the European Union. It didn't."

Link to Original Source
top

John McCarthy, founder of AI, dead at 84

Animats Animats writes  |  more than 2 years ago

Animats writes "John McCarthy, who established artificial intelligence as a field and created the LISP programming language, died yesterday at age 84.

(I took his "Epistemological Problems in Artificial Intelligence" class at Stanford, almost 30 years ago.)"

Link to Original Source
top

Google fined $500 million over drug ads

Animats Animats writes  |  more than 3 years ago

Animats writes "The Wall Street Journal reports: "Google Inc. is close to settling a U.S. criminal investigation into allegations it made hundreds of millions of dollars by accepting ads from online pharmacies that break U.S. laws." Google's acceptance of ads from unlicensed "online pharmacies" is considered profiting from illegal activity. The Washington Post writes the inquiry could draw more attention to how vulnerable Google's automated system has been to the machinations of shady operators."
Link to Original Source
top

Major outage at Codero

Animats Animats writes  |  more than 3 years ago

Animats (122034) writes "Codero, which is a large dedicated hosting provider, is down today due to what they claim is a distributed denial of service attack against their routing. Their main IP block for their Phoenix data center has dropped out of routing.

Their phone system is dropping calls, and their support chat system is reporting "An online representative will be with you shortly. You are number 194 in queue. Your wait time will be approximately 806 minute(s). Thank you for waiting. ""

Link to Original Source
top

SourceForge down after attack

Animats Animats writes  |  more than 3 years ago

Animats (122034) writes "SourceForge, a hosting site for many open source projects is down today. management claims they were attacked: "We detected a direct targeted attack that resulted in an exploit of several SourceForge.net servers, and have proactively shut down a handful of developer centric services to safeguard data and protect the majority of our services." Currently, CVS and SVN access to source code, even for reading, is unavailable, and there is no announced restoration time."
Link to Original Source
top

How Google uses Chrome to boost ad revenue

Animats Animats writes  |  about 5 years ago

Animats (122034) writes "Harvard Business School professor Benjamin Edelman has published a paper, How Google and Its Partners Inflate Measured Conversion Rates and Increase Advertiser Costs. The trick is that Google has interactive URL completion in its URL input box, but, unlike Firefox, interactive completion doesn't take you to the real URL. It takes you through Google Search, and through Google's pay-per-click system.

As an example, Edelman typed "expedia" into Chrome. "Expedia.com" appears as a suggestion, and pressing "Enter" accepts that default. But that doesn't take you to Expedia.com directly. There's a side trip through Google Search and a Google ad. The advertiser is then charged for an unnecessary ad click.

As Edelman puts it, "As users type web addresses into Google's Chrome web browser, Chrome's "Omnibox" address bar suggests that users run searches instead of direct navigation. If a user accepts Chrome's suggestion — the user is taken to a page of Google search results for the specified term. ... As usual, Google's most prominent search result is an advertisement. If the user clicks the ad, the advertiser pays a pay-per-click fee — even though the user was nearly at the advertiser's site, for free, before Chrome interceded with its 'Search for...' suggestion."
top

Explosion at Scaled Composites kills 2, injures 4

Animats Animats writes  |  more than 6 years ago

Animats (122034) writes "Details are scant at this time, but a explosion at the Scaled Composites rocket test facility has killed two people and seriously injured four more. The Los Angeles Times reports that the explosion was "ignited by a tank of nitrous oxide".

This is Burt Rutan's facility, and the home of SpaceShip One and Virgin Galactic spacecraft development."

Link to Original Source

Journals

Animats has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...