Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

CloudFlare Announces Free SSL Support For All Customers

Animats The illusion of security (45 comments)

OK, so now you're encrypted from user to Cloudflare, in plaintext within Clouflare, and possibly in plaintext from Cloudflare to the destination site. That's more an illusion of security than real security. Even worse, if they have an SSL cert for your domain, they can impersonate you. Worst case, they have some cheezy cert with a huge number of unrelated domains, all of which can now impersonate each other.

8 hours ago
top

Man Walks Past Security Screening Staring At iPad, Causing Airport Evacuation

Animats LAX has this solved. (140 comments)

LAX just runs people through huge powered revolving doors to enforce one-way traffic. They used to have a sign that said "Once you have passed this point you cannot return".

yesterday
top

Former GM Product Czar: Tesla a "Fringe Brand"

Animats Re:It's true (233 comments)

It's a fringe brand in that Ferrari is a fringe brand. I don't think most people wouldn't want one but I don't know a soul who has one. Very few have seen them.

We get a warped view here in Silicon Valley. Lots of Teslas. No Supercharger stations, though. There are a fair number of electric car outlets around, of too many varieties.

yesterday
top

Google To Require As Many As 20 of Its Apps Preinstalled On Android Devices

Animats Re:Disabled (343 comments)

True. My Android phone has no Google account, so I disabled Google Account Manager, Google Bookmarks Sync, Google Contact Sync, Google One Time Init, Google Play Magazines, Google Play Movies and TV, Google Play Music, Google Play Store, Google+, Market Feedback Agent, and Picasa Uploader. No major problems.

yesterday
top

Piracy Police Chief Calls For State Interference To Stop Internet "Anarchy"

Animats Re:Security force owned by a corporation (286 comments)

Quite literally in this little square miles CORPORATIONS *ARE* PEOPLE. The corps vote like they are people, and the City of London police are their enforcement arm, giving the corporations police powers.

That's quite correct, and not an exaggeration. The "City of London" (now a tiny part of London) has a governmental structure left over from the Middle Ages. (It was codified in 1189AD, but is older than that.) It's one of the few holdovers from the feudal era that hasn't been modernized. The City of London Police should have been absorbed into the Metropolitan Police decades ago, but haven't been.

yesterday
top

Nixie Wearable Drone Camera Flies Off Your Wrist

Animats That's beautiful. (61 comments)

That's a beautiful little project.

2 days ago
top

When Everything Works Like Your Cell Phone

Animats Re:Works like a cellphone? (170 comments)

We've gone from "So clear you can hear a pin drop" to "Can you hear me now?!?"

Right. Cellular telephony just barely works now. There's lag as long as a second, even when the call supposedly isn't going over VoIP. (Sprint seems to have that problem.) There's occasional echo when the lag exceeds what the echo suppressors can handle. Background noise kills the cellular compression algorithm.

Why don't we have CD-quality audio on phones?

2 days ago
top

Consumer Reports: New iPhones Not As Bendy As Believed

Animats Get a real phone. (299 comments)

Apple needs to get their ruggedness act together. Meanwhile, here's a real phone, the Caterpillar B15.

Cat B15 tested by users. Dragged behind car. Used to play basketball. (As the ball, not as a computer game.) Dropped off bridge. Run through cement mixer. Frozen in bucket of ice. Run over by car. No problem.

Cat B15 tested by Caterpillar. Dropped into pool of water. Scooped out with heavy equipment. Run over by front end loader. (One of Cat's smaller front end loaders.) No problem.

It's an Android phone. The B15 runs Android 4.2; the new B15Q runs Android 4.4. Price around $300. Available in the US at Home Depot. Unlocked; pick any GSM carrier. T-Mobile works. No annoying carrier-provided apps. Caterpillar preloads apps for ordering Caterpillar heavy equipment parts and renting heavy equipment.

If you have one of these in a pocket, you will break before it will. I carry one of these horseback riding.

2 days ago
top

Marc Merlin's 2014 Burning Man Report For Tech Geeks

Animats The climate there sucks. (54 comments)

I know lots of people who go, but have no desire to go myself.

3 days ago
top

Ask Slashdot: Swift Or Objective-C As New iOS Developer's 1st Language?

Animats Don't do apps. (307 comments)

You say you're an experienced embedded-systems developer. Those are rare. Stay with that and get better at it. There are already a huge number of people grinding out appcrap, more than the app market can support. Soon there will be a glut of former phone app programmers, if there isn't already.

Try to get in on the back end of the "Internet of things". That crowd is overrun with appcrap people and has no clue about embedded.

3 days ago
top

How 3D Printers Went Mainstream After Decades In Obscurity

Animats The 3D printing revolution isn't quite here yet. (69 comments)

The low-end 3D printers, the ones that try to weld ABS string together, still suck. TechShop has several of them. The Jet was a a flat failure. The Replicator 2 is OK if you're not building something more than about 2cm thick. I haven't tried the Type A Machines unit. In the end, it's a slow way to make prototype plastic parts that are inferior to injection-moulded ABS. Injection moulding requires machining a die, which is a big job, but then the production rate is high and the cost is very low.

The higher end printers have much better quality and more material options, but the machine cost is high and the process is slow. The really high end printers, the ones Space-X and Lockheed use to print aerospace parts, are very impressive, but still slow.

3 days ago
top

Breakthrough In LED Construction Increases Efficiency By 57 Percent

Animats The real breakthrough - no more electrolytic caps (181 comments)

The real breakthrough in LED lighting is getting rid of electrolytic capacitors in the power supply. Those are currently the components with the shortest life. See "Elimination of an Electrolytic Capacitor in AC/DC Light-Emitting Diode (LED) Driver With High Input Power Factor and Constant Output Current" Variations on that technology are now going into production LED lighting units. This should push unit lifetimes up from 20,000 hours to that of the LEDs, 40,000 or so. (Provided the quality of the LEDs doesn't slip.)

3 days ago
top

FBI Chief: Apple, Google Phone Encryption Perilous

Animats Fourth Amendment rights. (353 comments)

It's time to demand that Fourth Amendment rights be taken as seriously as Second Amendment rights. That's starting to happen.

4 days ago
top

John Carmack's Oculus Connect Keynote Probably Had Samsung Cringing

Animats What, no positional tracking? (88 comments)

What, they're going to ship a VR headset without positional tracking? When you turn your head, nothing happens? That's not VR. That's a TV you wear on your head.

4 days ago
top

Artificial General Intelligence That Plays Video Games: How Did DeepMind Do It?

Animats How to do it. (87 comments)

That's neat. The demo takes in the video from a video game of the Pong/Donkey Kong era, can operate the controls, and in addition has the score info. It then learns to play the game. How to do that?

It's been done before, but not this generally. "Pengi", circa 1990, played Pengo using only visual input from the screen. It had hand-written heuristics, but only needed vision input from the game. So we have a starting point.

The first problem is feature extraction from vision. What do you want to take from the image of the game that you can feed into an optimizer? Motion and change, mostly. Something like an MPEG encoder, which breaks an image into moving blocks and tracks their motion, would be needed. I doubt they're doing that with a neural net.

Now you have a large number of time-varying scalar values, which is what's needed to feed a neural net. The first thing to learn is how the controls affect the state of the game. Then, how the state of the game affects the score.

I wonder how fast this thing learns, and how many tries it needs.

4 days ago
top

Flurry of Scans Hint That Bash Vulnerability Could Already Be In the Wild

Animats PHP vulnerability - don't know. (316 comments)

FastCGI implementations are supposed to execute the specified executable without any parameters from the HTTP request. The FCGI program then reads and processes multiple HTTP requests, with no shell involvement. Unless the program invoked by FCGI itself invokes the shell (which PHP scripts can do), there should be no problem. I'm not a PHP user; someone with PHP internals expertise needs to look at that world for vunerabilities. Can arguments from the HTTP request make it into the environment of subshells invoked by PHP?

4 days ago
top

Flurry of Scans Hint That Bash Vulnerability Could Already Be In the Wild

Animats How to disable CGI in Apache (316 comments)

If you're running Apache on Linux/UNIX, and don't absolutely need CGI, turn it off now.

Put a "#" in front of
LoadModule cgi_module modules/mod_cgi.so
in /etc/httpd/conf/httpd.conf. This will totally disable all CGI scripts. That's a good thing. Apache is willing to execute CGI scripts from far too many directories, and many Linux distros have some default CGI scripts lying around.

Note that this will break CPanel, but not non-CGI admin tools such as Webmin.

People are out there probing. This is from an Apache server log today from a dedicated server I run.

89.207.135.125 - - [24/Sep/2014:23:08:56 -0700] "GET /cgi-sys/defaultwebpage.cgi HTTP/1.0" 301 338 "-" "() { :;}; /bin/ping -c 1 198.101.206.138"

4 days ago
top

Rosetta Code Study Weighs In On the Programming Language Debate

Animats Data from snippets, not real programs. (165 comments)

The problem with programming language evaluations is that they tend to be based on small snippets of code, like this one, or data from novice student programmers, or worse, popularity. Yet what really tends to matter is how much trouble a language causes in large systems and in later years. That's where high costs are incurred because changes in module A affect something way over in module Z. Undetected cross-module bugs, high costs of changing something because too much has to be recompiled, that sort of thing. How much help the language gives you then matters.

A really good programming language study should digest data from change logs on some major open source projects.

5 days ago

Submissions

top

Facebook is down, again

Animats Animats writes  |  more than 2 years ago

Animats writes "Not just the stock. The Facebook site itself is having problems this weekend.
Facebook has had intermittent outages since Friday, the Huffington Post reports. Right now, DownRightNow reports a "likely service disruption." The symptom is very slow, but valid responses from the site. So far, Facebook hasn't made any public statements."

Link to Original Source
top

Sprint discontinues phone camera support, loses pictures

Animats Animats writes  |  more than 2 years ago

Animats (122034) writes "On April 30, Sprint discontinued their "Picture Mail" site, where pictures uploaded from Sprint phones are stored. Some users report the loss of years of pictures. Sprint didn't provide a bulk download feature that worked, so some users struggled during the last hours to get pictures off the site before it went down.

Sprint's plan was that users would switch from their system to Flickr, Facebook, or some other photo uploading site. Unfortunately, the tools for doing that were on the site they just took down. The main Sprint web site now has dead links. The old system was taken down before the new system came up. So they've left their non-smart phones in limbo.

There's a privacy issue. Pictures uploaded to Sprint's site were private. Pictures uploaded to "sharing" sites tend to get "shared"."

Link to Original Source
top

CPanel installs back door into Linux servers

Animats Animats writes  |  more than 2 years ago

Animats writes "I recently leased a new dedicated server from a well-known hosting company. The server came with CPanel, a popular system administration tool, installed, and on first log-in, I was presented with a CPanel EULA, something that wasn't present on older servers. The EULA indicates that CPanel, Inc. has a back door into the server for "authentication", and can not only "copy, access, store, disclose and use cPanel Data indefinitely in its sole discretion", but can disable the server remotely. This is like CarrierIQ's back door — something that has no business being there.

This is for a fully dedicated server, not shared, not virtual, and not managed by the hosting company. I'm leasing a bare CentOS machine in a rack here. This isn't something to give a hosting company access. It allows access by a third party company that just sells system administration software. They have no need for that access whatsoever.

Here are the actual EULA terms:

*Authentication System*. The Software contains technological measures that, working in conjunction with cPanel computer servers, are designed to prevent unlicensed or illegal use of the Software (collectively, the "Authentication System"). You acknowledge and agree that such Authentication System allows cPanel to (among other things) (a) monitor use of the Software by you and Third Party Users as set forth in Section 2.5.4 (cPanel Data); (b) verify that the Software is only used on the Licensed Server; (c) suspend or disable access to the Software in whole or in part in the event of a breach of this Agreement or in the event of a breach by a Third Party User of cPanel-related provisions of a Third Party Agreement; and (d) terminate use of the Software upon the expiration or termination of this Agreement. You agree not to thwart, interfere with, circumvent or block the operation of any aspect of the Authentication System, including any communications between the Software and cPanelâ's computer servers. For the avoidance of doubt, the Software will not operate unless cPanel from time to time verifies the Software using the Authentication System which requires the exchange of information between the Licensed Server and cPanel over the Internet.

*cPanel Data*. You agree that, without further notice to you or any Third Party User, cPanel may use technological means, including the Authentication System, to (a) monitor use of the Software as may be necessary to monitor for compliance with the terms of this Agreement; (b) collect language file modifications as provided in Section 3.6 (License to Language File Modifications); and (c) collect cPanel Data. cPanel reserves the right to copy, access, store, disclose and use cPanel Data indefinitely in its sole discretion; provided, however, that in the event that cPanel collects information concerning which features of the Software are most often used by you or Third Party Users, cPanel will remove personally identifiable information (if any) from such data and copy, access, store, disclose and use such data solely for the purpose of improving the Software.

"

Link to Original Source
top

Facebook settles with FTC, admits privacy violatio

Animats Animats writes  |  more than 2 years ago

Animats writes "The social networking service Facebook has agreed to settle Federal Trade Commission charges that it deceived consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public. The settlement is soft on Facebook; there are no fines or criminal penalties.

According to the FTC, in December 2009, Facebook changed its website so certain information that users may have designated as private – such as their Friends List – was made public. Facebook didn't warn users that this change was coming, or get their approval in advance.

Facebook represented that third-party apps that users' installed would have access only to user information that they needed to operate. In fact, the apps could access nearly all of users' personal data – data the apps didn't need.

        Facebook told users they could restrict sharing of data to limited audiences – for example with "Friends Only." In fact, selecting "Friends Only" did not prevent their information from being shared with third-party applications their friends used.

        Facebook had a "Verified Apps" program & claimed it certified the security of participating apps. It didn't.

        Facebook promised users that it would not share their personal information with advertisers. It did.

        Facebook claimed that when users deactivated or deleted their accounts, their photos and videos would be inaccessible. But Facebook allowed access to the content, even after users had deactivated or deleted their accounts.

        Facebook claimed that it complied with the U.S.- EU Safe Harbor Framework that governs data transfer between the U.S. and the European Union. It didn't."

Link to Original Source
top

John McCarthy, founder of AI, dead at 84

Animats Animats writes  |  more than 2 years ago

Animats writes "John McCarthy, who established artificial intelligence as a field and created the LISP programming language, died yesterday at age 84.

(I took his "Epistemological Problems in Artificial Intelligence" class at Stanford, almost 30 years ago.)"

Link to Original Source
top

Google fined $500 million over drug ads

Animats Animats writes  |  more than 3 years ago

Animats writes "The Wall Street Journal reports: "Google Inc. is close to settling a U.S. criminal investigation into allegations it made hundreds of millions of dollars by accepting ads from online pharmacies that break U.S. laws." Google's acceptance of ads from unlicensed "online pharmacies" is considered profiting from illegal activity. The Washington Post writes the inquiry could draw more attention to how vulnerable Google's automated system has been to the machinations of shady operators."
Link to Original Source
top

Major outage at Codero

Animats Animats writes  |  more than 3 years ago

Animats (122034) writes "Codero, which is a large dedicated hosting provider, is down today due to what they claim is a distributed denial of service attack against their routing. Their main IP block for their Phoenix data center has dropped out of routing.

Their phone system is dropping calls, and their support chat system is reporting "An online representative will be with you shortly. You are number 194 in queue. Your wait time will be approximately 806 minute(s). Thank you for waiting. ""

Link to Original Source
top

SourceForge down after attack

Animats Animats writes  |  more than 3 years ago

Animats (122034) writes "SourceForge, a hosting site for many open source projects is down today. management claims they were attacked: "We detected a direct targeted attack that resulted in an exploit of several SourceForge.net servers, and have proactively shut down a handful of developer centric services to safeguard data and protect the majority of our services." Currently, CVS and SVN access to source code, even for reading, is unavailable, and there is no announced restoration time."
Link to Original Source
top

How Google uses Chrome to boost ad revenue

Animats Animats writes  |  more than 5 years ago

Animats (122034) writes "Harvard Business School professor Benjamin Edelman has published a paper, How Google and Its Partners Inflate Measured Conversion Rates and Increase Advertiser Costs. The trick is that Google has interactive URL completion in its URL input box, but, unlike Firefox, interactive completion doesn't take you to the real URL. It takes you through Google Search, and through Google's pay-per-click system.

As an example, Edelman typed "expedia" into Chrome. "Expedia.com" appears as a suggestion, and pressing "Enter" accepts that default. But that doesn't take you to Expedia.com directly. There's a side trip through Google Search and a Google ad. The advertiser is then charged for an unnecessary ad click.

As Edelman puts it, "As users type web addresses into Google's Chrome web browser, Chrome's "Omnibox" address bar suggests that users run searches instead of direct navigation. If a user accepts Chrome's suggestion — the user is taken to a page of Google search results for the specified term. ... As usual, Google's most prominent search result is an advertisement. If the user clicks the ad, the advertiser pays a pay-per-click fee — even though the user was nearly at the advertiser's site, for free, before Chrome interceded with its 'Search for...' suggestion."
top

Explosion at Scaled Composites kills 2, injures 4

Animats Animats writes  |  more than 7 years ago

Animats (122034) writes "Details are scant at this time, but a explosion at the Scaled Composites rocket test facility has killed two people and seriously injured four more. The Los Angeles Times reports that the explosion was "ignited by a tank of nitrous oxide".

This is Burt Rutan's facility, and the home of SpaceShip One and Virgin Galactic spacecraft development."

Link to Original Source

Journals

Animats has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?