Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



Government Recommends Cars With Smarter Brakes

ChumpusRex2003 Re:Not a fan (304 comments)

You raise an interesting point that the interaction of various sensor assist systems can be erratic

In your example, your description cannot be technically correct, although I am not denying that it introduces a degree of instability that would not otherwise exist. Traction control does not, and cannot, apply the brakes. It also does not assume you are or are not in a spin, only that one wheel has lost grip. More advanced systems, e.g. ESC, do detect spin, but they do it with a yaw rate sensor, so it is directly measured, not assumed. The normal operation of traction control is to detect one of the drive wheels spinning faster than the other wheels, and when activated it reduces engine torque (through triggering fuel cut, ignition retard, and/or electronic throttle closure).

One of the things that OEMs found after integrating systems like traction control, stability control, ABS, etc. was that at the boundaries of slip/acceleration/yaw between the systems and normal operation, there were discontinuities in the vehicle dynamics. So, that if you were accelerating, and a drive wheel slipped, there would be a sudden, dramatic reduction in engine torque; or in the event of an impending spin, there would be a dramatic braking of the inside wheel, which could lead to an overcorrection.

Over the last 5 years, the OEMs have realised this, and they have been working very hard to smooth the discontinuities that these systems create. There are all sorts of marketing words for this, e.g. Toyota have "Vehicle dynamics integrated management". All this means is that the sensitivity and power of these systems has been carefully matched to the car and each other, to avoid sudden shocks.

about a week ago

Man Saves Wife's Sight By 3D Printing Her Tumor

ChumpusRex2003 Re:Anyone else concerned? (164 comments)

You have made my point (which admittedly I didn't make very clearly). What is useful is a knowledge of anatomy, and knowing what the potential problems are, and careful examination of the raw data of the CT scan. A skilled doctor would have specifically looked for the optic nerve in relation to the tumor. For whatever reason, this was not detected, or not communicated appropriately, resulting in a delayed treatment.

Complex 3D rendering or printing, while it looks impressive, generally isn't all that useful for making the diagnosis - the raw (or minimally processed) data tends to show the anatomical relations most clearly. The raw volumetric data shows everything; a 3D rendering depends upon some sort of thresholding, and the 3D projection necessarily results in occlusion and obscuration of objects. The thing about 3D rendering is that it is immediately recognisable by the lay person, or doctors without specific training in interpretation of CT, whereas the appearance of the anatomy is rather alien to most people when presented as cross-sectional raw data.

As for treating tumors, I'm afraid you're wrong about that. Watch and wait is very important for tumours around the eye and base of skull, because the anatomy here is so complex and fragile that the whole tumor may not be removable, or may be removable only at significant cost (loss of vision, facial disfigurement, risk of infections due to bone holes, etc.) For this reason, if a tumour is only causing minor symptoms, and there is good reason to suspect a benign tumor (i.e. not cancer liable to spread elsewhere in the body), there are often good reasons to delay surgery, until such time as the symptoms resulting from side effects of surgery are likely to be less than the symptoms from the tumor.

about two weeks ago

The Legacy of CPU Features Since 1980s

ChumpusRex2003 Can some explain the puzzles? (180 comments)

Can someone explain why in the example race condition code given, the theoretical minimum count is 2, and not n_iters?.

about two weeks ago

Man Saves Wife's Sight By 3D Printing Her Tumor

ChumpusRex2003 Re:Anyone else concerned? (164 comments)

3D visualisation is pretty standard on medical imaging software, but it's not really that useful for most situations. The issue here appears to have been the missed diagnosis of optic nerve compression by the tumor. As it is, a 3D rending/print of a CT scan won't help with that, as both the nerve and tumor will have similar appearances and very low background contrast to normal tissues. Where 3D rendering or printing of CT is useful is for examining the bone. It sounds like the 3D printing is an interesting factoid tacked onto a story about a misdiagnosis which was corrected after the patient/relatives asked for a 2nd opinion. This, of course, assumes that the diagnosis was wrong in the first place. "Watch and wait" is often far preferable to surgery for slow growing tumours in awkward places.

about two weeks ago

South Korean Power Plants To Conduct Cyber-Attack Drills Following Hack

ChumpusRex2003 Nukes should already be hardened (39 comments)

Most national regulators require that any safety-critical computer systems in nuclear facilities are formally proven correct. Due to the difficulty in producing absolutely bug-free code, and proving that you have done so, a lot of systems continue to rely on pure analog control.

For example, nuclear-grade UPS systems typically offer a feature such as the following: "Digital logic free. 100% analog control with fully verified behavior. No need for expensive and time consuming software verification"

Similar validation is available for nuclear grade diesel generators and their control systems.

Similar design principles are often applied to the reactor instrumentation, although reactor control is usually digital and verified to the highest level. That typically means no inputs to the system, except the core sensors and core controls. The software uses only a minimal subset of language and OS features - e.g. no memory allocation, no dynamic linking or binding, etc. Calibration and model data must be built into code using a validated code generator and then statically linked into the binary, all memory must be statically allocated at compile time, etc.

The risk is whether less critical systems may be at risk - SCADA and similar systems may be in use for alternator controls, or in switchyard controls. The risk is that grid power to the plant could be interrupted, forcing the plant onto generator power. Or perhaps, other plant might be degraded - non-critical water pumps or plant controls, could mean that under degraded conditions, the plant has less tolerance to a reactor accident.

Realistically, unless you have schematics which detail the control systems in use, it is not possible to determine the severity of a particular attack. Further the interaction between different plant systems may be difficult to predict.

Even if the only realistic target for a cyber attack is the switchyard, that is still highly disruptive and degrades the safety margin of the plant by removing grid power as an energy source.

about a month ago

Profanity-Laced Academic Paper Exposes Scam Journal

ChumpusRex2003 Reject (137 comments)

As a reviewer, I would have rejected the paper because I don't see where either of the references given are cited in the text. However, they would get a point for being up-to-date in citing RFC2821 rather than RFC 821.

about 2 months ago

Employers Worried About Critical Thinking Skills

ChumpusRex2003 Re:What is critical thinking? (553 comments)

Which is exactly why the "establishment" has been trying to ban it.

No, really! The Republican party had the opposition of "teaching of higher-order thinking skills, critical thinking skills and similar programs" in schools written in their platform document as one of their policy aims.

Wash post

about 3 months ago

FTDI Removes Driver From Windows Update That Bricked Cloned Chips

ChumpusRex2003 Re:Computer Missues Act 1990 (572 comments)

Why would FTDI have to ensure their driver doesn't break chips that aren't theirs? There's no agreement, licensing, or goodwill. The problem is that this was not accidental. The FTDI anti-clone code in the driver is very sophisticated and actually performs a "preimage" cryptographic attack, to ensure that the clone chip doesn't detect the invalid configuration and auto-reset to factory defaults. Deliberately and with premeditation setting out to "damage" (which in legal terms includes temporary malfunction or impaired function) hardware is not legal without a court order or similar legal basis. The 2nd issue, is that of ensuring that they do not inconvenience wholly innocent parties. They failed at this. The FTDI anti-clone code will also deactivate genuine FTDI chips which have been configured with an external configuration memory in certain circumstances. This has been reported by a company which build development boards with numerous FTDI chips in different configurations; they found that the chip with an external EEPROM would get corrupted by new driver, even though the components were obtained from an authorized distributor.

about 3 months ago

FTDI Reportedly Bricking Devices Using Competitors' Chips.

ChumpusRex2003 Re:"Reasonable" my ass (700 comments)

However, a lot of manufacture is contracted out. If you're buying 10 or 20 chips for internal R&D you'll likely get genuine ones.

However, when you find a contract manufacturer and ask them to make 100,000. You require an XYZ, Inc. ABC123 chip and ask the manufacturing contractor to source it. Unbeknown to you, they obtain a counterfeit source. The chip is virtually identical externally, and functionally very similar, so that your product passes validation testing.

You as the device designer and seller may have no idea that you have fake chips on your device. Perhaps, your RMA rate is higher than you expected due to chip failures, or perhaps you are getting a lot of bug reports from the field which are not reproducible on your prototypes, but are on production devices.

This isn't the first time a USB->UART vendor has taken vigilante action against fakes. The vendor Prolific had major problems with low-quality, buggy and slow fake chips, causing major support headaches for customers and themselves. I believe they ended up discontinuing their main product and replacing it with an incompatible version, while poisoning the drivers so that they would BSOD/Kernel panic if they detected a fake chip.

about 3 months ago

FTDI Reportedly Bricking Devices Using Competitors' Chips.

ChumpusRex2003 Re:The good news (700 comments)

Yes. A company called Supereal is selling enormous volumes of "FTDI" chips into the Chinese market. The chips are labelled with the FTDI name and logo and during the USB negotiation, they announce themselves using the FTDI vendor unique ID, in order to use the ubiquitous and flexible FTDI driver (rather than require any development work for their own driver).

See http://zeptobars.ru/en/read/FT... for an example of a fake chip - labelled FTDI on the outside, but supereal on the silicon.

The problem is that the fake chips are buggy and slow compared to the genuine article, causing headaches for USB peripheral designers and support and reputation headaches for FTDI. There is a huge market for USB UART chips, and it is quite competitive, but few of the products on the market are actually as reliable, fast and robust as you would expect them to be. The FTDI FT232RL is one of the best in terms of reliability and has the best drivers, while also providing some handy bonus functionality.

It appears that FTDI have reverse engineered the fake chips and found that they can be reprogrammed. When their driver detects a fake chip, it uses the internal configuration commands to erase the EEPROM memory containing the Vendor Unique ID. With this EEPROM blanked, the chip is unable to complete the device detection process in the OS's USB stack.

about 3 months ago

Snowflake-Shaped Networks Are Easiest To Mend

ChumpusRex2003 Re:no? (38 comments)

The aim was not to find the "best network", but the "best network without redundancy".

The point was that most networks are designed with redundancy in mind, but not all networks require that degree of reliability. For those networks where reliability is not necessary, it would be helpful to know what the lowest cost configurations are.

about 4 months ago

Miss a Payment? Your Car Stops Running

ChumpusRex2003 Re:Oh good (907 comments)

one or both of them are full of something. Not necessarily. They could both be right. The interlock device only defeats the starter. However, if the car lessee is defaulting on lease payments, then it is likely that they are also cutting back on scheduled maintenance and repairs. It is entirely possible that the engine is unreliable and idles poorly, being prone to stall when idling. It is perfectly possible in such a case, for a driver to reach an intersection, have the engine stall, and then be unable to restart it because the interlock has defeated the starter.

about 4 months ago

Data Archiving Standards Need To Be Future-Proofed

ChumpusRex2003 Re:Keep your important data on current storage. (113 comments)

And only one variant of one JPEG protocol ever found widespread use. JPEG actually published both a lossless and a lossy compression algorithm and accompanying file format. The lossless format faded into near total obscurity, apart from some medical software, where the lossless JPEG data would be encapsulated in a medical (DICOM) container. Technically, lossless JPEG is a mandatory part of the DICOM specification, but not every product (free or commercial) supports it, and it's virtually impossible to find an opensource implementation of lossless JPEG outside of limited implementations as part of medical imaging tools. There have also been a variety of extensions published to the JPEG lossy algorithm - notably extension to 12 or 16 bit depths. Good luck finding any support for these, at all. Again, these formats were nominally supported in the DICOM standard for medical imaging, but were very poorly supported. A flurry of naive new-entrant machine vendors, ended up embracing these "novel" formats, only to cause total chaos for their customers, as they found that the files were unviewable on incumbent viewing software or untransmittable to other systems.

about 4 months ago

2 Galileo Satellites Launched To Wrong Orbit

ChumpusRex2003 Re:Interesting difference between GPS and Galileo (140 comments)

The SAR component of galileo is a separate service to the positioning service. The intention is that it can operate as an EPIRB receiver. Conventional emergency beacons can be located by satellites, but the resolution is poor (tens of miles) and the time to fix is long (30-60 minutes). The beacon transmits a signal, and suitably equipped satellites detect the beacon, and relay it to ground stations, which then compute the location of the beacon by measuring the change in Doppler shift as the satellite flies by. The SAR component of galileo was designed with the intention that the overhead satellites would detect the time-of-arrival of the beacon signal and cross reference it with the satellites' atomic clocks, effectively performing a reverse GPS-fix. Such a system would be able to obtain a fix within minutes or seconds, and such a fix would likely have a resolution of 1-2 miles. The SAR component is not a mandatory service. You can use the passive location service without implementing SAR in a device. You would only use the SAR service, in an emergency locator beacon device. At the time the galileo SAR system was designed, feedback was a problem with locator beacons. The user had no idea if the signal had been received. Later revisions to the system mean that modern beacons and satellites now offer two big upgrades - the beacons can contain a passive GPS reciever, and can embed the location data in the beacon signal; and the satellite system can transmit feedback to a compatible receiver telling it that it's signal has been received and a position fix made. The Galileo SAR function is therefore rather redundant, but it's often helpful to have a 2nd independent and redundant safety system available, so I can see that it would still get used.

about 5 months ago

Network Hijacker Steals $83,000 In Bitcoin

ChumpusRex2003 Re:Where is the validation? (101 comments)

The mining hardware/software will report a realtime hash rate, based upon the operation of the hardware/software.

However, the process of mining is a stochastic random process. Essentially, the job of a miner is to find a partial "hash collision" - essentially, the miner hashes the transaction data and a random nonce, and aims to find a hash as close to 000000000....00 as possible. The bitcoin/alternative network agrees a priori, what threshold counts as a "hit". The miner essentially tries random nonces, until it either gets a hit, or is told that its transaction data is stale, and needs to be refreshed.

Because, in the case of bitcoin, the network sets the target such that on average 1 "hit" is found every 10 minutes worldwide. This means that an individual miner might have to run for weeks or months to get a win and be awarded the (currently) 25 BTC reward for successfully computing a hash below target. In practice, therefore most miners operate on "pools", where a central server coordinates multiple diverse pieces of mining hardware operated by multiple individual operators. The pool operator when they receive a 25 BTC reward, then divides it up amongst the contributors.

The way the individual pool servers account for hash rate is to set a lower hash target, and count the number of "hits" each miner gets. E.g. if the main bitcoin network has target is Because pools can only detect hashrate by the rate at which "hits" are delivered, the reported hashrate will necessarily vary by virtue of the statistical properties of a stochastic process. The degree of variation depends upon the "difficulty" (target) set by the pool operator, the degree of "smoothing" that the pool operator applies to the displayed statistics, your hash contribution (a bigger contributor, will have a smaller coefficient of variation in their displayed hashrate, again for statistical reasons) etc.

Things are further complicated because many of the affected pools are "multi-coin" pools. The pool server automatically scans multiple cryptocoin networks, and various cryptocoin exchanges, to work out which coin is most profitable, the server will then jump between coins every few seconds or minutes as needed. For various technical reasons, different coins have different "stale" and "orphan" rates - "hits" which should have resulted in new coin creation, but where the hit was rejected (either immediately - stale) or initially accepted, then rolledback (orphan). Some of the alternative coins had rather dubious technical designs which could lead to massive reject rates, and this too could result in displayed hash rates fluctuating like mad.

The final issue is that many pools were often run by rank amateurs, and were targets for hackers/DDos like red-rags are to a bull. DDoSes, random server crashes, bandwidth exceeds, etc. were all common place, as well as various software bugs in "multi-pool" backend software would cause miners to end up disconnected from servers. Smarter miners would have typically have several pools configured on their mining hardware, so that the software could fail-over to another server. However, even that wasn't always successful. I once left my mining hardware unattended for a week, and configured it with 8 pools. When I checked the logs when I got back, there was a period of about 24 hours when the mines were idle, as all servers were off line.

about 6 months ago

TEPCO: Nearly All Nuclear Fuel Melted At Fukushima No. 3 Reactor

ChumpusRex2003 Communications and knowledge were a problem (255 comments)

This is the crux of the problem. No one knew what was going on and what to do. Investigations over the last few years have shown that typical TEPCO safety drills were very limited and basic; there was little planning or rehearsal of complex accident scenarios, just basic minor incidents.

There were poor decisions and communication between various designers and operators. Take for example, the situation at reactor 1. After the generators started, the emergency reactor cooling condensers should have switched on to provide cooling. However, operators had found that they were very effective and being unfamiliar with their use were concerned that they would cause thermal shock to the reactor. Not familiar with the operation of this system, the operators decided to manually switch off the condenser system to arrest the temperature drop. They would then switch them on again manually as reactor temp rose again. This worked fine, until the generators failed, removing control and monitoring from this system.

Operators at emergency control, in a separate quake-proof building asked for confirmation of operation, but the control room could not give it. So,workers went out to inspect the reactor building for steam rising from the condenser stacks. They reported some steam rising, and it was assumed that the system was operational. However, the condenser system had never been used or tested since the plants were constructed 40 years ago. No one knew how they worked and how quickly they could cool the reactor, no one knew how much steam was produced during operation. It turns out that the workers sent out for reconnaissance saw only faint steam trickling from the stacks, consistent with the system having been switched off for many minutes, but still containing some residual heat. Had the system been switched on, the clouds of steam would have been so profuse and so dense that the it would have been impossible even to see the reactor building, let alone identify the condenser stacks.

On the assumption that the system was operational, other attempts to provide emergency cooling were suspended or delayed. A steam/battery powered pump system was available to deliver fresh water to the reactor, but without a heatsink (condenser) available, the reactor temperature rapidly rose and so did reactor pressure, eventually overcoming the maximum discharge pressure of the coolant injection system. After a few hours, the UPS controlling this system discharged and it also failed.

After 24 hours, reactor pressure unexpectedly dropped. Operators realised that this might permit external coolant injection and fire engines were called in. There was a huge delay, as the fire engines were unable to reach the site due to debris and some had been destroyed by the tsunami. Subsequent investigation showed that despite massive coolant injection, coolant did not rise in the reactor. The cause was thought to be due to damage to the reactor vessel or a pipe. In retrospect, it probably indicated damage to the reactor following meltdown of the fuel.

There were also design oversights in the emergency systems for the plants. One of the final backup schemes for reactor cooling was the ability to connect fire engines to the reactor to inject coolant. It subsequently became apparent that in units 2 and 3, this water didn't reach the reactor, and collected in a condenser unit instead. This was always going to happen, due to the way in which the water pipes were connected. There was a pump connected between the storage tank and the injection flow pipe. Under normal injection conditions, the pump would have been running, and any additional water from the fire engine would likely have gone towards the reactor, and this presumably was the assumption under which the water injection protocol was developed. However, under power failure conditions, the pump was unpowered. Due to the design of the pump - a rotodynamic (impeller) pump. this pump would have offered little or no resistance to reverse flow when unpowered.

about 6 months ago

UK Computing Student Jailed After Failing To Hand Over Crypto Keys

ChumpusRex2003 Re:Seems appropriate (353 comments)

This would not help. The exact offence is "failing to make readable encrypted data". In order to convict, the prosecution only have to prove that the data is encrypted, that you had control over that encryption and that they have not been able to read it. Loss of damage of the encryption keys is not a defence. The law was specifically designed this way in order to discourage self-destructing encryption keys, etc. The only defence against such a prosecution is to keep a backup of the encryption keys available, so that they can be handed over on request.

about 7 months ago

Qualcomm Takes Down 100+ GitHub Repositories With DMCA Notice

ChumpusRex2003 Re:Counter-notice! (349 comments)

Once the ISP receives a "put back" notice, they must pass to the original complainant in a timely manner.

The ISP must then wait for 10 days, to give the original complainant time to consider the "put back" notice, and decide whether a court case should commence. After the 10 day waiting period, if the ISP has not received notice of a restraining order blocking the put back because of an impending court hearing, then it is allowed to restore the content.

In order to avoid liability to their customer, the content must be restored with 14 days of receiving the "put back" notice, provided that the complainant has not obtained a restraining order blocking the put back.

about 7 months ago

EU's Online Shoppers Get an Extended "Cooling Off Period"

ChumpusRex2003 Re:Wait what? (140 comments)

The change to digital data is welcome.

At least in the UK's interpretation of this EC directive (the Distance Selling Regulations), digital downloads were NOT excluded. The purchase could cancel the purchase at any time up to 7 days after purchase and receive a full refund. Technically, you could download a software package or a movie, and then change your mind and claim a full refund.

While the Distance Selling Regulations specifically excluded copyright material such as computer software, movies, music, etc. - they do so only in physical form i.e. CDs, DVDs, etc. Downloads are treated as a "contract for a service" which do not fall in the scope of this very limited exclusion.

The ambiguity over digital downloads has caused a lot of heartache for a couple of small software developers that I know - albeit not enough to try to take it to court. I'm not sure that there is any caselaw actually addressing this loophole in the current system.

about 8 months ago

Did the Ignition Key Just Die?

ChumpusRex2003 Re:I don't like the control it takes away from you (865 comments)

That's correct, but the same system also has lots of other complex behaviours which could cause confusion.

How do you turn the car off but leave the radio on for the passenger - e.g. at a gas station?
A: Come to a stop. Put the transmission in neutral. Press start/stop button. Engine turns off, and the power system is switched to "accessories" mode.

Q: How do you turn the power off completely?
A: Put transmission in Park. Then press start/stop button

Q: What if I want to turn the power off and leave the car in neutral e.g. for maintenance?
A: You have to switch into Park first. The press start/stop. Then use the transmission shift override to select Neutral.

Q: How do you turn the car off in an emergency - e.g. stuck accelerator pedal?
A: You can't just press start/stop, as the vehicle speed sensor inhibits the button, so you can't turn off the ignition whilie the vehicle is moving. This isn't even in the manual. However, pressing and holding start/stop for 10 seconds will cause the ignition to turn off completely. This is a surprisingly long time in an emergency. In fact, in several "unintended acceleration" episodes, the drivers said they tried to turn off the push-button ignition, but couldn't turn it off.

Q: How do you give a prolonged crank, if the car fails to start (e.g. poor fuel, or cold weather)?
A: You have to let the computer attempt 3 failed starts. After that, the behaviour of the start/stop sequence changes. After the 3rd attempt, a momentary push of the button, will make the computer crank the engine for up to 30 seconds, for as long as the brake pedal remains depressed.

about 9 months ago


ChumpusRex2003 hasn't submitted any stories.


ChumpusRex2003 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?