Slashdot: News for Nerds


Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



UK Computing Student Jailed After Failing To Hand Over Crypto Keys

ChumpusRex2003 Re:Seems appropriate (353 comments)

This would not help. The exact offence is "failing to make readable encrypted data". In order to convict, the prosecution only have to prove that the data is encrypted, that you had control over that encryption and that they have not been able to read it. Loss of damage of the encryption keys is not a defence. The law was specifically designed this way in order to discourage self-destructing encryption keys, etc. The only defence against such a prosecution is to keep a backup of the encryption keys available, so that they can be handed over on request.

about two weeks ago

Qualcomm Takes Down 100+ GitHub Repositories With DMCA Notice

ChumpusRex2003 Re:Counter-notice! (349 comments)

Once the ISP receives a "put back" notice, they must pass to the original complainant in a timely manner.

The ISP must then wait for 10 days, to give the original complainant time to consider the "put back" notice, and decide whether a court case should commence. After the 10 day waiting period, if the ISP has not received notice of a restraining order blocking the put back because of an impending court hearing, then it is allowed to restore the content.

In order to avoid liability to their customer, the content must be restored with 14 days of receiving the "put back" notice, provided that the complainant has not obtained a restraining order blocking the put back.

about three weeks ago

EU's Online Shoppers Get an Extended "Cooling Off Period"

ChumpusRex2003 Re:Wait what? (140 comments)

The change to digital data is welcome.

At least in the UK's interpretation of this EC directive (the Distance Selling Regulations), digital downloads were NOT excluded. The purchase could cancel the purchase at any time up to 7 days after purchase and receive a full refund. Technically, you could download a software package or a movie, and then change your mind and claim a full refund.

While the Distance Selling Regulations specifically excluded copyright material such as computer software, movies, music, etc. - they do so only in physical form i.e. CDs, DVDs, etc. Downloads are treated as a "contract for a service" which do not fall in the scope of this very limited exclusion.

The ambiguity over digital downloads has caused a lot of heartache for a couple of small software developers that I know - albeit not enough to try to take it to court. I'm not sure that there is any caselaw actually addressing this loophole in the current system.

about a month ago

Did the Ignition Key Just Die?

ChumpusRex2003 Re:I don't like the control it takes away from you (865 comments)

That's correct, but the same system also has lots of other complex behaviours which could cause confusion.

How do you turn the car off but leave the radio on for the passenger - e.g. at a gas station?
A: Come to a stop. Put the transmission in neutral. Press start/stop button. Engine turns off, and the power system is switched to "accessories" mode.

Q: How do you turn the power off completely?
A: Put transmission in Park. Then press start/stop button

Q: What if I want to turn the power off and leave the car in neutral e.g. for maintenance?
A: You have to switch into Park first. The press start/stop. Then use the transmission shift override to select Neutral.

Q: How do you turn the car off in an emergency - e.g. stuck accelerator pedal?
A: You can't just press start/stop, as the vehicle speed sensor inhibits the button, so you can't turn off the ignition whilie the vehicle is moving. This isn't even in the manual. However, pressing and holding start/stop for 10 seconds will cause the ignition to turn off completely. This is a surprisingly long time in an emergency. In fact, in several "unintended acceleration" episodes, the drivers said they tried to turn off the push-button ignition, but couldn't turn it off.

Q: How do you give a prolonged crank, if the car fails to start (e.g. poor fuel, or cold weather)?
A: You have to let the computer attempt 3 failed starts. After that, the behaviour of the start/stop sequence changes. After the 3rd attempt, a momentary push of the button, will make the computer crank the engine for up to 30 seconds, for as long as the brake pedal remains depressed.

about 3 months ago

Why Are We Made of Matter?

ChumpusRex2003 Re:Ah, antimatter (393 comments)

That's almost right. Nuclear fission reactions have a mass -> energey conversion of ~ 0.1%.

about 4 months ago

Blender Foundation Video Taken Down On YouTube For Copyright Violation

ChumpusRex2003 Re:I don't get it (306 comments)

The summary is quite clear.
Blender produced the video, Sintel, and publish it to Youtube under the creative commons license.
Sony reuses the video as part of their 4k marketing material.
Sony provides youtube with a "reference" copy of their marketing material, and tells youtube to find copies of the material and to exercise Sony's rights over it.
Youtube finds the original Sintel video and matches it to a "reference" copyrighted work (Sony's marketing material).
Youtube arranges for forced commercial licensing of the Blender video with proceeds going to Sony.

about 4 months ago

Blender Foundation Video Taken Down On YouTube For Copyright Violation

ChumpusRex2003 Re:Stop using Youtube (306 comments)

Which is more or less exactly what happens with the DMCA.

The accuser sends a notice to the hosting company saying they believe they are publishing infringing material.
Hosting company informs customer, and will remove content if no reply is received within 24 hours.
Customer responds, that they own the copyright, and once done hosting company restores the content, if removed, or does not remove it if the time period has not elapsed.

Once that stage is reached, the accuser must pay all costs and the video stays up until the case is closed.

The issue is that most providers will remove the material fist, and ask questions later - even though, they are permitted to leave the material for 24 hours to allow the accused to respond.
The other issue is that there is no penalty or cost for an accuser to make false claims under the DMCA. A malicious accuser can easily cause huge administrative headaches for hosting companies and content creators, and face no penalty or cost for it. Things get a lot more expensive and risky for the accuser at the 2nd phase once, and the number of copyright cases that progress after a DMCA counter-claim is very small indeed.

about 4 months ago

UK Government Pays Microsoft £5.5M For Extended Support of Windows XP

ChumpusRex2003 Re:Why not use GNU/Linux? (341 comments)

There may not be a satisfactory alternative.

I was last month negotiating over the purchase of a results reporting and communication system. I spoke to one of the biggest suppliers and asked what platforms they supported: "We support Windows 7 with IE 8." "We're increasing moving to mobile devices, what support do you have for Windows 8, IE9, Mac OS, Android, iOS and other browsers such as Safari, Chrome and firefox". "We will be adding Windows 8 support in our next annual update, which will be available for the standard version upgrade fee. There are no plans to support any other browsers or OSs".

There are a variety of other products in this field, but they all have widely different features, integration capability (can it integrate with neighbouring hospitals systems, or primary care physician systems), etc.

If the only product which can provide your "core specification" is restricted like this, then you can't just go elsewhere.

about 4 months ago

UK Government Pays Microsoft £5.5M For Extended Support of Windows XP

ChumpusRex2003 Re:Proprietary (341 comments)

Actually, they often do care about open-source, but in the wrong way.

I was recently purchasing some specialist medical software, and one of the key terms in the contract specified by senior management, was "the software should not contain any open-source components, except where no close-source alternative exists, and the vendor must ensure that appropriate restrictions over access to the source code are maintained at all times during the duration of the contract".

I managed to get that one negotiated to something less unrealistic (i.e. open source 3rd party libraries permitted), as the only realistic product choice made heavy use of technologies such as xuggler, libpng, openjpeg, etc.

The reason for this, "security". The management were adamant that "open source" was a catastrophic security risk, because "it exposed vulnerabilities in the software". They could/would not be educated on this matter.

about 4 months ago

UK Government Pays Microsoft £5.5M For Extended Support of Windows XP

ChumpusRex2003 Re:Why not use GNU/Linux? (341 comments)

This is exactly it. I know one hospital that recently "refreshed" their hardware to new Quad core 4th generation i5 desktops. The OS - Windows XP SP1. Why?

The specialist medical applications that they run are too expensive to upgrade, and the version they run doesn't support XP SP2. Medical software is not cheap - something like a "results reporting system" which aggregates test results from multiple departments (e.g. blood chemistry, hematology, MRI, ultrasound, physiology, cardiology, etc.) and presents them to a physician - can cost $1million for the license. For a PACS (X-ray viewing and archiving) software, the license could easily cost $10 million for a large hospital (or group of hospitals).

If it would cost you $2 million to replace a specialist app, then you may be stuck with having to use an older OS - especially, if the app developer has gone out of business and you no longer have any support (very, very common in the medical industry).

Some of the more forward thinking IT departments have started rolling out Windows 7, and using some sort of virtualization service, to run the specialist apps under the appropriate OS/IE version/Java runtime/.NET runtime that each one needs. The difficulty with this, is that you essentially have not just your Win7 environment to manage, but also all the individual virtualized run time environments. The administrative burden that this requires can be substantial.

about 4 months ago

MtGox Finds 200,000 Bitcoins In Old Wallet

ChumpusRex2003 Re:Smelling more fishy every day. (227 comments)

Yes. It is practical, and if you have a bitcoin client (with knowledge of your public key) running, it will show your balance in real time.

This type of setup is often called a "watch wallet" and a number of bitcoin exchanges have these set up as a method of auditing their transactions against their deposit/withdrawal database (to detect intrusions, database bugs, and to detect insider thefts).

about 4 months ago

MtGox Finds 200,000 Bitcoins In Old Wallet

ChumpusRex2003 Re:What does "stealing" bitcoins mean anyway? (227 comments)

That is correct. There is no such thing as "a bitcoin" - instead, all you have are balances in a distributed public ledger.

Each balance has an associated public key pair. A payment instruction in bitcoin simply consists of a digitally signed message effectively saying "1Alice56789 pays 1.234 BTC to 1Bob12345 ". This message propagates around the network, and if Alice has sufficent funds to cover the transaction, and the signature is genuine, then the network will, in due course, add it to the ledger. If Alice doesn't have sufficient funds or the signature is invalid, then it will not be added to the ledger and the transaction will fail.

If you possess the private key associated with a particular "account", then you effectively control its spending power. All you need is the private key to the relevant "address" to control all the bitcoin held in it, or that may arrive in it, for all time.

It is not possible to transfer BTC without someone knowing. As soon as the transfer is confirmed, it appears in the public ledger. Similarly, because the ledger is public, if you know who holds the private key to a particular address, you know how many BTC they control.

In fact, on the day that Mt Gox claimed to have lost all their BTC, the general public knew that this was BS. Mt Gox had a couple of years ago, revealed the identity of some of their "cold" addresses. On the day of their bankruptcy, the bitcoin community had identified 200k BTC still held within these addresses, hence why the announcement was widely disbelieved. A competeing hypothesis to "transaction malleability theft" was that Mt Gox had simply lost their private keys to the BTC effectively resulting the in those BTC being forever lost. The fact that Mt Gox had started reorganising and moving these BTC to new addresses a couple of weeks ago, also had not gone unnoticed.

about 4 months ago

Utilities Fight Back Against Solar Energy

ChumpusRex2003 Re:There must be a very good reason... (579 comments)

This is true. However, you cannot install grid-connected solar in the UK without permission from your local electricity distribution network operator (DNO).

There are now significant parts of the county where the DNOs routinely deny permission because the grid is saturated.

about 7 months ago

Utilities Fight Back Against Solar Energy

ChumpusRex2003 Re:There must be a very good reason... (579 comments)

Because it is exceedingly expensive to do so.

The issue is that of voltage tolerance. The grid is designed to supply power form central to peripheral. The central voltage is held higher than peripheral, so that the expected voltage drop through supply impedance will result in a voltage at the customer premises which is within tolerance.

If current flow is reversed through the high impedance "last mile", then you can get severe voltage elevation at the point of connection of the generation. This can result in equipment damage (usually the customers) and legal problems for the electricity network operator.

The only way to deal with this problem is to increase the "prospective fault current" of the customer circuit by reducing the system impedance. This isn't something simple like replacing transformers, it is extremely expensive and requires repalcement of cabling with heavier gauge wire, upgrade of safety equipment to withstand the higher fault currents, and may require uprating of transformers and switchgear to handle the magnetic and thermal forces of a fault on the now upgraded circuit.

There are other issues too. Grid transformers are often not designed to operate in reverse power - the tappings are designed for voltage drop in the direction of HV to LV. Under reverse power, there may be insufficient tap range to get satisfactory voltages. Only way around this is to replace the transformer.

Finally, there are second order effects, such as reduced efficiency of transformers when operated in reverse power, due to higher levels of flux leakage from the secondary (primary windings usually go nearest the core, so that stray flux cuts through the secondary and transfers power).

about 7 months ago

Online Shopping: Hazardous To Junk Food's Health

ChumpusRex2003 Re:Or, maybe (151 comments)

Actually, as cereals/grains make up a large part of the modern diet, the fact that they are poor sources of certain vitamins becomes relevant. For example, breakfast cereal commonly has folic acid added, not because it was lost during process (although some is), but because it is an important public health measure. Same for flour for bread making.

Additionally, some nutrients will be lost from processing - usually cooking, as most breakfast cereals are baked. Many vitamins are heat unstable and are therefore added back by the manufacturers.

about 8 months ago

Can the US Be Weaned Off Ethanol?

ChumpusRex2003 Re:Ethanol is a crock nobody wants (330 comments)

Ethanol can be a big problem with certain modern cars.

Toyota and its luxury devision, Lexus, have this problem with models up to 2008. For example, the 2008 Lexus IS (built during calendar year 2007) is not E10 compatible. In areas where E10 fuel was legally mandated, lexus noticed a high rate of warranty replacements of the fuel injection pump and fuel injector failure, as well as fuel leaks from the fuel injection manifold. This was found to be ethanol induced corrosion of the metal alloys used in the injection pump and manifolds. Oxidation and debris from the corrosion would also clog injectors or cause them to leak.

These cars were recalled in the US, but were not recalled outside of the US. Customers with these cars who are now out of warranty are potentially SOL, if they live in an area where E10 is expected to be mandated shortly.

It's not just recent Japanese cars that have problems with E10. Recent european cars also have major problems with E10. Mercedes-Benz vehicles built between 2002 and 2005 are not E10 compatible, as are numerous post 2000 Fiat vehicles, Audi/Volkswagen/Seat/Skoda vehicles with direct injection systems built before 2006, etc. The list of non-compatible cars is very long.

about 8 months ago

NYC's 250,000 Street Lights To Be Replaced With LEDs By 2017

ChumpusRex2003 Re:How many people will die because of this? (372 comments)

I sense some exaggeration here. In the US CFLs never got that cheap in any size that I've ever seen, even at the mass discount stores. That must have been some massive government subsidy.

Not an exaggeration. Many stores would sell subsidised CFLs for about that price. Same with other energy saving products (I'd seen rolls of thermal insulation material - 10 yards, 6" thick on the shelves at hardware stores for about $2-3 each; but there were big warnings on the shelves which read something similar to the followion - warning! for personal domestic use only. Commercial use of this product is illegal. By purchasing this product, you certify that it will not be resold, used in the course of business or in the construction of a new building)

In fact, the energy suppliers had "energy reduction" targets to meet, and huge fines were levied if they didn't spend $x per year on assisting customers to use less energy. A common way for the energy companies to do this, was to buy massively cheap CFLs from China, claim the cost as a "green expense" and then just mail out unsolicited boxes full of CFLs to every customer. That really did happen, and the bulbs were the lowest possible grade available. The best bit, was that the energy companies could claim the cost of the CFLs as a "green expense", and the government would fund them. Where did the govt get the money from, it came from a surcharge on energy bills. It was even better for the energy company, if they could get a kick-back from the CFL vendor as part of a big order at list-price.

The cost of these "green projects" added to domestic energy bills comes to about $250 per household per year, accounting for about 15% of the total cost.

about 8 months ago

NYC's 250,000 Street Lights To Be Replaced With LEDs By 2017

ChumpusRex2003 Re:Cue the Unintended Consequences (372 comments)

I've had the same LED light interference problem. At work, at the exit to the car park, they have flashing warning lights. They recently switched from incandescent to LED. Now when you drive past, you lose FM reception when the lights are in the on phase.

Maybe it's a bad batch of lights, but the flashing isn't synchronised between all the bulbs, and you can hear different interference sounds on the radio and work out which bulb they relate to.

I've also had CFLs do the same thing, but those were super cheap junk ones.

That said, incandescents can also produce RF interference that in certain instances can be troublesome. I've certainly seen an incandescent bulb with a failing filament produce enough RF to render an MRI scanner unusable (this is actually a common fault found on MRI scanners with an "excessive image noise" service call). The mechanism is that a tiny develops at a weak point in the filament, but strikes an arc between filament ends. It is the arc (disturbed by vibrations in the filament, convection currents, etc.) that modulates the current in the MHz range.

about 8 months ago

Tiny Pacemaker Can Be Installed Via Catheter

ChumpusRex2003 Re:MRI (57 comments)

Probably a lot less susceptible.

The main concern with MRI and pacemakers is not so much the magnetic field but the RF field. The magnetic field is not without problems as most pacemakers contain a reed switch which is used to activate "safe mode", where the pacemaker enters a special diagnostic mode. This is largely for historical purposes, as early pacemakers used this for battery level testing. The doctor would hold a magnet to the patient's chest. The pacemaker would enter diagnostic mode and would stimulate the heart to beat a rate dependent on battery voltage. The doc would feel the patient's pulse and could look up the estimated battery level in a table.

Modern pacemakers contain rather more sophisticated NFC capability, so much more useful readouts are available with a proper scan tool (battery voltage, stimulation mode, inputs from various sensors, lead impedances, stimulation voltages and currents, etc.) as well the ability to reconfigure various modes (e.g. vibration response - where the pacemaker increases rate in response to exercise induced vibration), whether the pacemaker can sense other heart parameters (so that different chambers of the heart contract synchronously), etc. In general, however, a magnet will switch the pacemaker into a basic mode of operation. (Defibrillators are different, as basic stimulation can be very dangerous in people with severe heart disease, as it can trigger ventricular fibrillation; therefore magnet mode in implantable defibrillators usually only just tweaks some parameters, rather than anything more dramatic).

The major issue with MRI is the RF field. MRI requires a very powerful RF pulse. A typical MRI power amplifier will take up 6U of rack space, and about 5 gallons per minute of cooling water and need a 3phase 480V power supply, while providing a peak RF power output of 35-70 kW.

A modern pacemaker will typically sense the ECG as well as stimulating. It will include a watchdog timer, and if a beat is not detected before the timer expires, it will trigger a stimulation pulse. One risk with the MRI environment is that the capability of the pacemaker to sense the 1 mV ECG signal may be degraded by the pulsed transmission from the 70 kW RF transmitter 6 inches away.

There are other issues with conventional pacemakers. Being implanted near the shoulder, the pacemaker connects to the heart muscle via leads approx 8-12 inches long. These typically form an arc in shape due to the anatomy. It just so happens that this wire loop forms quite a nice 1/4 wave loop antenna tuned to the scanner's RF frequency; it can absorb the RF energy and channel RF into the tissues around the pacemaker "box" and at the electrode tips. In minor cases, the RF pulses can act as pacemaker pulses on the cardiac muscle. Fine at 1 Hz scan rate. Not so good at 5 Hz scan rate. In extreme cases, the voltage build up across the pacemaker leads can cause RF burns to the cardiac muscle or damage the pacemaker circuitry. (There are MRI compatible pacemakers around which use various tricks - upgrading from normal coax cables to coax with heavy copper screens so rigid that they actually have to be articulated in order to bend + a liberal helping of ferrite beads; or dividing the leads up into 1" segments interconnected by small ferrite transformers)

The nanostim device doesn't have any exposed leads, so it is likely to be much less susceptible to RF problems. Due to size and location, it's also likely that it doesn't feature a conventional magnet mode, relying instead completely on NFC for control and communication. It also has the option of being completely removable. Conventional pacemakers often aren't, as the leads are generally not retrievable from where they screw into the heart muscle. Because it is RF pick-up in the leads that is the No 1 hazard with MRI, simply removing the pacemaker device, but leaving the leads isn't a safe option (it may actually make it worse, as the pacemaker itself often contains clamping and termination circuits to protect itself from EMI, and this serves to absorb some of the RF pick-up from the leads).

So this looks like a very interesting device. However, by the looks of things it can only offer single "lead" functions (i.e. sense the presence or absence of a beat, and stimulate when a timer expires). This type of pacing is "asynchronous" as it is not synchornized with the top of the heart. In normal cardiac operation, the top (atria) of the heart beat first, pumping blood at low pressure to the bottom (ventricles) of the heart, where the pressure is boosted. In asynchronous pacing, cardiac function is reduced as the top and bottom stages of the heart are desynchronised. The preference with conventional pacemakers is synchronised pacing, where an atrial electrode senses the atrial ECG, and when a beat is detected, it triggers a ventricle stimulation after a physiological delay.

about 9 months ago

Hackers Reveal Nasty New Car Attacks

ChumpusRex2003 Re:Not News: They put it into brake service mode. (390 comments)

Correct. On this type of hybrid vehicle, there is a regenerative braking system.

Under normal driving conditions, while the vehicle is in motion, the motor/generator will be used to retard the vehicle. The brake pedal is connected to a electronic pressure sensor, and also mechanically to a hydraulic master cylinder.

Unlike on conventional vehicles, there is no vacuum powered booster, instead the master cylinder hydraulics are used to operate an electro-hydraulic servo, with electronic override. This way, under emergency braking, you get full hydraulic force applied to the wheel cylinders with minimal pedal effort. The electronic hydraulic control will also apply hydraulic pressure when the vehicle is stationary and the brake pedal depressed, and also periodically applies hydraulic pressure when the vehicle is stopped and the transmission in P (for self-test purposes) and when the vehicle is powered on.

The hydraulic servo mechanism can be disabled in order to permit brake maintenance (this releases hydraulic pressure in the booster and prevents automatic application of pressure to the wheel cylinders), permitting access to maintain the friction surfaces. It appears that this hack, merely consisted of transmitting the CAN bus command to put the hydraulic servo system into maintenance mode.

At low speeds, when the electrical regen isn't operative, this will result in the brake pedal travelling further than expected and loss of power assistance. However, with sufficient pedal pressure, it should be possible to slow the car using unboosted pressure.

about a year ago


ChumpusRex2003 hasn't submitted any stories.


ChumpusRex2003 has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account