Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

3-D Printing Comes To Amazon

Miamicanes Re:Strength (61 comments)

Something like a phone case needs to be tough enough to resist abrasion or it will shred in contact with hard objects

Depends. If the case's destruction allowed it to dissipate enough instantaneous kinetic energy to save your phone's display from an expensive repair job, the loss of that 99c case might not necessarily be a bad thing. I've seen drops bad enough to crack the hard inner shell of an Otterbox Defender. Like the time my brother put his phone down on the roof of his car, then forgot about it before driving away. It hit the ground at a *minimum* of 20mph. The case was destroyed, but the phone inside was unscathed.

yesterday
top

Old Apache Code At Root of Android FakeID Mess

Miamicanes Re:Thankfully those will be patched right in a jif (127 comments)

Find a popular ROM at XDA derived from whatever version you want to stick with and flash it (with a compatible kernel) to your phone.

Until you have a few months of reflashing experience, DO NOT attempt to flash any ROM that requires repartitioning the flash, and don't ask the recovery manager to wipe /system unless you really know what can happen & have a plan for dealing with it. This goes DOUBLE for anybody with a Samsung Galaxy S3.

Long story short: the eMMC is kind of like a SSD controller, and there are MAJOR known bugs (and plenty of poorly-understood ones, too) in the firmware. Basically, it's as if you tried to use Linux to create a new filesystem, but a bug caused it to just make all the old directories owned by some undefined user with impossible permissions instead... and do it in a way that made the drive initially LOOK reformatted, but spontaneously resurrect those corrupted files as more and more writes occurred.

Now for the bad news (if you have a Galaxy S3) -- the eMMC firmware installed with stock roms older than 4.3 is dangerously buggy with AOSP-derived ROMs, and getting rid of enough of those bugs to semi-safely do wholesale repartitioning almost requires installing a stock-derived (but hacked so it doesn't enforce Knox) ROM first to get the eMMC firmware updated. More confusingly, the eMMC firmware is part of the radio modem firmware, even though it doesn't really have anything to do with the radio modem itself. So, if you're running a 4.1 stock ROM and want to install a 4.1 AOSP-derived ROM, tread VERY carefully, and pay special attention to any warnings at XDA that involve the word "eMMC".

yesterday
top

Ask Slashdot: Open Hardware/Software-Based Security Token?

Miamicanes Re:You can create a token but keep it off nets (110 comments)

Strictly speaking, a USB (or bluetooth, or whaver) device has the potential to be MORE secure... IF it meets the following criteria:

* Negotiates directly with the remote service requesting authentication credentials, and has robust logic to detect MITM situations. For the purposes of this example, the local operating system is merely a bucket-brigade dumb transport layer that facilitates the delivery of packets between the token and remote login service.

* Has its own onboard hardkeys under the exclusive control of the token, with some degree of logic to verify that the user is deliberately consenting to the login attempt... preferably, enough to implement some kind of secondary authentication. I'm totally not a fan of biometrics, but if there's anyplace where a fingerprint sensor might be appropriate as the equivalent of a residential keyed non-deadbolt lock that says 'no' to casual attackers, without even pretending it could survive a full-on attack from someone willing to do something drastic (like break the door down), it's probably HERE.

* Has its own display, under the exclusive control of the token, and logic to display an appropriate level of concern to alert the user to unusual situations. For example, being asked to authenticate to ${some-specific-server} for ${limited-purpose} might merit full-on warnings the first time you authenticate, but require little more than a finger swipe or button press for subsequent uses that don't exceed some user-defined threshold.

Unfortunately, I've never even SEEN a hardware token available to non-enterprise customers even REMOTELY in the same ballpark as the feature set I've listed. Manufacturers just can't resist the temptation to eliminate the cost of an expensive dedicated display, or multiple hardkeys, or some comparable dedicated input and output hardware that's sealed, self-contained, and has no dependencies upon the security of anything beyond the token itself. It also assumes at least minimally-savvy users who'll take the time to at least read the first-time/threshold-exceeded warnings, and won't just blindly swat them away without independently contemplating their possible implications.

Ideally, the token would also have some additional security layer that causes it to be disabled permanently if the person with whom it's associated ceases to be alive (to ensure that a robber couldn't force you to tell him your access code at gunpoint, then shoot you anyway. If he knows that his free fountain of money shuts down the moment you die, he'll have more incentive to employ heroic means to keep you alive even if he's the reason you're in danger of death to begin with.

Finally, you'll want to have the token itself be a delegate of some master token, with a reissue procedure for replacing it with a new token that has multiple layers of identity-authorization, since there's always a very real risk of loss. It's little comfort knowing a thief can't get at your money if, from your perspective, it's as gone as if it were in a concrete vault at some unknown spot on the floor of the Pacific Ocean.

2 days ago
top

Microsoft's CEO Says He Wants to Unify Windows

Miamicanes Re:Best Wishes ! (322 comments)

Within a year... yeah, most decent peripherals had drivers. At midnight on the day Windows 95 went on sale across America? They were basically nonexistent, From what I remember, soundcards were a MAJOR pain point for YEARS. Gravis totally dropped the ball with the Ultrasound (eventually releasing crippled win32 drivers that sort of worked, but if you wanted to play .mid files with wavetable instruments, you were stuck with realmode SBOS), and my dad's soundcard was a source of misery for YEARS until he threw in the towel and bought an AWE32. From what I remember, unlike a real SBpro (which set the port, irq, and DMA via jumpers), my Dad's stupid soundcard had to have the port, irq, and DMA set via realmode drivers at boot time. Yuck.

I seem to remember that CD-ROM drives were another source of realmode misery, but I'm not really sure *why*. I think it was because the drives themselves were IDE, but Adaptec held a patent on something and wouldn't allow Microsoft to bake support for CD-ROM drives into Windows without paying royalties, so Microsoft just left everyone to suffer with the Adaptec-licensed realmode drivers that came in the box with the drives (and began a 20-year tradition of always finding some petty way to cripple Windows' native handling of optical drives absent expensive thirdparty software).

about a week ago
top

Laser Eye Surgery, Revisited 10 Years Later

Miamicanes Re: Astronomy, and general poor night-time results (543 comments)

PRK also has a much higher incidence of starbursts and halos

Yes, but you're overlooking an important detail -- in the early 2000s, an average PRK (or LASEK) patient went into surgery with significantly worse vision than an average Lasik patient. Until fairly recently, the maximum amount of correction the FDA allowed for PRK & LASEK was a diopter or two HIGHER than the limit imposed for Lasik... but the maximum-allowed diameter of the ablation zone was about 2mm LESS. The net result is that patients who were disqualified for Lasik were able to get PRK/LASEK, but their blend zone was fairly steep, and was often smaller in diameter than many patients' pupils in the dark. Meanwhile, patients with milder vision problems ended up getting Lasik by default, because it healed faster & was more heavily-advertised.

In other words, the PRK/LASEK patients who had the worst problems with halos are basically the ones who wouldn't have even been ALLOWED to get Lasik back in the early 2000s. I know, because I was one of 'em (1/2 diopter more astigmatism, and I would have been disqualified from PRK/LASEK too).

The good news is that the FDA finally raised the limits allowed for both maximum correction and ablation-zone diameter, and wavefront laser surgery can now fix most of the problems caused by the old FDA limits (enlarging the fully-corrected zone so it's as big as a darkness-accommodated pupil, and eliminating the halos in the process).

about a week ago
top

Laser Eye Surgery, Revisited 10 Years Later

Miamicanes Re: Astronomy, and general poor night-time results (543 comments)

Tell your mother to consider scleral gas-permeable lenses. Few people have ever heard about them, and they look kind of scary when you first see them being put in, but they're actually one of the most comfortable types of contacts you can wear:

* Gas-permeable lenses are more permeable to oxygen than soft lenses

* GP lenses don't dry out

* By having the lens rest on the sclera instead of the cornea, there's less sensation of motion from blinking (and less motion, period). The "pumping" motion of normal GP lenses drove me insane when I tried wearing them 20 years ago, and my dad admitted the same motion drove HIM crazy when HE tried wearing traditional hard lenses in the early 70s.

* The layer of tears between the bumpy cornea and rigid lens optically bridges the two (tears have almost exactly the same index of refraction as the cornea and GP lens), so they can fix (or at least greatly help) problems that are untreatable with glasses or soft lenses.

Scleral lenses are actually an old design, but making them with gas-permeable plastic is a relatively recent development.

Their only real downsides are that you pretty much HAVE to go to a real opthamologist, and they aren't cheap. But they're an awesome option for people who either can't stand normal lenses, or have problems that normal lenses can't effectively fix.

https://www.youtube.com/watch?...

https://www.youtube.com/watch?...

about a week ago
top

Man Booted From Southwest Flight and Threatened With Arrest After Critical Tweet

Miamicanes Re:Customer service? (885 comments)

The REAL question is... why the FUCK do so many airlines seem to board planes from FRONT TO REAR? Is it just the gate crew being complete idiots, or is it an official policy dictated to them for some insane reason?

I mean, ok, fine... board first class first... then continue with passengers who'll be sitting in the rear so they won't be tripping over (and getting in the way of) passengers sitting closer to the front. The only thing I can think of is that they know they have to board first class first & they're too lazy to look up the number of rows, so they just start with first, then keep calling rows ~10 at a time until ~80% of the people mulling around near the line to board have entered the plane, then end with "all other passengers may now board".

about a week ago
top

Microsoft's CEO Says He Wants to Unify Windows

Miamicanes Re:Microsoft Linux (322 comments)

KDE: more like Windows than Windows itself ;-)

about a week ago
top

Microsoft's CEO Says He Wants to Unify Windows

Miamicanes Re:Best Wishes ! (322 comments)

Yes... and no. In theory, if you did a virgin installation of Windows 95 onto a pristine new computer whose peripherals ALL had genuine Win32 drivers capable of running in 386Enh protected mode, and you ONLY ran "true" Winapps that bent over backwards to have no dependencies on realmode, DOS was basically a Grub-like stage 2 bootloader invoked by the BIOS that loaded Windows, kicked the PC into 386enh Protected mode, and handed it over to Windows. And you probably had a pet unicorn living in the back yard ;-)

From what I remember, the compelling feature of Windows 3.11 that distinguished it from Windows 3.1 was native Win32 code for reading & writing (V)FAT filesystems on IDE hard drives (which gave it a HUGE performance boost compared to 3.1).

I believe that one of Win95's launch-time features was that Microsoft re-implemented the VESA BIOS extensions (and original VGA BIOS) as proper win32 drivers, so that manufacturers like Tseng and S3 only had to provide them with "miniport" drivers that did the grunt work that would have otherwise required them to fall back to realmode. I'm pretty sure the 386enh hooks for video BIOS emulation existed in 3.11, but the actual Microsoft-written code was given to vendors to distribute on their own disks & wasn't directly used by any video cards the day Win3.11 went to manufacturing. In a sense, Windows 3.11 existed to give videocard manufacturers a prototype platform so they could develop and test their protected-mode drivers on a released operating system.

about a week ago
top

The "Rickmote Controller" Can Hijack Any Google Chromecast

Miamicanes Re:Secure pairing is hard (131 comments)

Canonical Diffie-Hellman is vulnerable to MITM attacks when both parties are mutually-anonymous. There are ways to reduce the risk, but at the end of the day, unless at least one party knows who it's supposed to be talking to & can independently verify the other party's identity and the integrity of key-exchange traffic supposedly taking place with it, you can never know for sure that you aren't having a securely-encrypted conversation with an attacker.

AFAIK, there's no currently known way to achieve 100% mutually-anonymous key exchange that isn't also vulnerable to MITM. Every few months, someone proposes one, and someone like Schiener usually takes one look at it and casually mentions a half-dozen ways it can be defeated in between sips of coffee.

about two weeks ago
top

Dealing With 'Advertising Pollution'

Miamicanes Re:Reason I installed addblock. (394 comments)

I honestly don't know whether it was an intentional act of stupidity on Newegg's part, or maybe a XSS vulnerability exploited by a reviewer to rewrite the page DOM and embed Google ads in his account on Newegg's product pages, but I suspect it was probably just a bad decision by someone at Newegg who failed to grasp just how obnoxious ads with sound ARE.

about two weeks ago
top

Verizon Boosts FiOS Uploads To Match Downloads

Miamicanes Re:Cost of physically implementing SHDSL (234 comments)

There's two separate problems... the VDSL2 copper loop between the house and VRAD, and the fiber between the VRAD and CO/network center.

If you have two pairs & can dedicate one to each direction, getting symmetric speeds is fairly straightforward. If you're multiplexing both onto a single pair (the norm in most of AT&T-land, at least in Florida), you'd have to sacrifice about 2-3mbps of downlink speed to gain each additional 1mbps of uplink speed.

Changing the fiber link between the VRAD and central office is more problematic. For various reasons, a service like U-verse doesn't send bidirectional traffic over single fibers... they have certain fibers provisioned for downlink, and a much smaller number of fibers multiplexed via TDMA aggregating their uplink traffic. That's the REAL reason why AT&T really HATES to let people subscribe to their fastest-advertised internet product, even though they LOVE to advertise it -- every "Max Turbo" customer enjoying double the uplink speed of his slower neighbors consumes the fiber resources of two customers (in fact, I think the outside lineman told me my line card LITERALLY occupied two slots).

To AT&T's credit, I WILL say that they're MUCH better than Comcast for both consistent uptime (Comcast used to ALWAYS have multiple outages lasting a few minutes apiece throughout the day, especially during afternoons when I was working from home & kept getting disconnected because some lineman unscrewed the coax somewhere while doing a new installation), and U-verse is MUCH better about not oversubscribing their bandwidth. If you're on their 32/5 profile, your observed throughput is going to be pretty much spot-on equal to your line rate minus ~6mbps per actively-watched/recording channel. When I had Comcast, my internet service was supposedly ~50mbps down and 7-12mbps up. In reality, the fastest 1-minute sustained throughput I *ever* saw from Comcast was about 20 down & 2 up (and if it involved a server outside the US, you could cut THAT number in half). U-verse has MUCH better international connectivity than Comcast, especially to SE Asia and Europe.

about two weeks ago
top

Dealing With 'Advertising Pollution'

Miamicanes Re:Reason I installed addblock. (394 comments)

Just wait until Comcast, U-verse, and anybody else who can make sure there's a way to send data about you back to them starts to show FORCIBLY INTERACTIVE videos that quiz you about the ad content & make you re-watch the ad until you get the answers right.

By far the most obnoxious & intrusive ads I remember, though, were the UNBELIEVABLY loud Febreze ads that were shown at newegg.com for a day or two last December. I don't know WTF Newegg was thinking, but I sent them an email on the spot reminding them how many thousands of dollars worth of shit I've bought from them over the past few years... and promised them that I'd never buy another thing from Newegg again if those ads weren't gone "by tomorrow". I think they were gone by mid-afternoon.

about two weeks ago
top

Chicago Red Light Cameras Issue Thousands of Bogus Tickets

Miamicanes Re:Violation Video? (229 comments)

> There is no county in the US where a rolling turn is acceptable

Sort of. http://www.bradenton.com/2014/...

I quote:

The traffic camera law states that "A notice of violation and a traffic citation may not be issued for failure to stop at a red light if the driver is making a right-hand turn in a careful and prudent manner at an intersection where right-hand turns are permissible.

A notice of violation and a traffic citation may not be issued under this section if the driver of the vehicle came to a complete stop after crossing the stop line and before turning right if permissible at a red light, but failed to stop before crossing over the stop line or other point at which a stop is required."

These two specific exceptions were written by the legislature to combat abusive tactics by municipalities throughout the state.

Keep in mind that there are a lot of places in Florida where you have wide roads in urban areas with buildings literally 5-10 feet from the street, and there are lots of areas where the white "stop lines" are SO FAR back from the intersection, you literally can't see far enough to the left to MAKE a reasonable judgment about whether or not it's safe to proceed with the right turn until you've moved another 10-20 feet beyond it.

IMHO, the the IDEAL solution would be for FDOT to just reconfigure most of Florida's major intersections as CFIs ( https://www.youtube.com/watch?... ) and render the whole concept of a right turn on red (or green, for that matter) meaningless. By definition right-turning cars in a CFI are "go at all times, then merge to the left into what would otherwise be the right lane past the point where left-turning cars cross incoming traffic".

References:

http://en.wikipedia.org/wiki/C...

about two weeks ago
top

O3b Launches Four More Satellites To Bring Internet To 'Other 3 Billion'

Miamicanes Re:This is a very international effort: Nope (80 comments)

And aren't all Three Worlds well-covered by Inmarsat's BGAN already?

If by "well-covered" you mean, "100mb of data transfer at speeds comparable to pre-56k dialup for about $450.

Saying "all Three Worlds are well-covered by Inmarsat's BGAN" is kind of like saying, "T-Mobile has excellent coverage in rural America, because GPRS works just about everywhere".

about three weeks ago
top

O3b Launches Four More Satellites To Bring Internet To 'Other 3 Billion'

Miamicanes Re:motive? (80 comments)

These aren't exaclty lucrative potential customers...
Who's paying for this and why?

Cruise ships. Especially in the Caribbean, Mediterranean, and South China Sea. Two years from now, fast and semi-affordable shipboard internet will be a selling point and competitive advantage. Five years from now, it will be something every ship needs just to be taken seriously.

about three weeks ago
top

Qualcomm Takes Down 100+ GitHub Repositories With DMCA Notice

Miamicanes Re:IP (349 comments)

People should be more patient before blasting a company that has made many technological advances for our betterment.

Bullshit. American consumers owe them zero loyalty. Qualcomm has single-handedly done more to limit consumer choice and enable American carriers to rein in their customers and impose nearly complete vendor lock-in with phone hardware than any company in existence. Qualcomm is the reason why, up until a few months ago, it was LITERALLY IMPOSSIBLE for a company like Sony to sell a carrier-agnostic phone capable of doing LTE on nominally-GSM carriers like T-Mobile and AT&T. Why? Qualcomm refused to license radio-modem firmware to manufacturers, and only allowed it to be licensed by carriers. So, as a manufacturer, you were stuck... if you wanted your phone to do LTE on AT&T, you had to actively involve AT&T in its licensing... and by definition, that phone would be locked to AT&T, even if it had hardware technically capable of doing LTE on T-Mobile. Or 1700MHz HSPA+, for that matter. Likewise, if you wanted your phone to do LTE on T-Mobile, you HAD to get T-Mobile to deal with Qualcomm... and the resulting phones would be locked to T-Mobile and restricted to firmware that refused to operate on AT&T's LTE frequencies.

Yes, CDMA was a wonderful invention that ultimately determined the future direction of GSM (even if "IS95/CDMA-2000" itself fell out of favor in most places) by becoming the modulation method used for GSM 3G (HSPA+ is basically CDMA2000-1xRTT, extended to use multiple carriers with wider bandwidth, then further extended to allow one phone to simultaneously connect to two or more towers and split the traffic between them.)

By the same logic, we should be even MORE grateful to the Soviet engineers who developed the first mobile phone system based on CDMA back in the 1960s. Google "Altai". All Qualcomm did was make it commercially viable in the US & convince Sprint it was technologically superior to GSM (which, in fact, it was).

about three weeks ago

Submissions

top

Sprint Epic4G 3G upload speeds limited to 150kbps

Miamicanes Miamicanes writes  |  more than 3 years ago

Miamicanes (730264) writes "Nearly everyone who owns a Sprint Samsung Epic 4G and has benchmarked its 3G performance has discovered that its 3G upload speeds are apparently limited to 150kbps. So far, Sprint has not officially acknowledged it as a problem, nor has it indicated whether this might be a firmware bug, a PRL issue, tower-related, or the result of a deliberate policy to cap 3G upload speeds. Regardless, the problem is causing widespread anger among Epic4G owners, many of whom have bitterly noted the irony of being charged a $10 surcharge so they can endure data transfers that are slower than they had 4 years ago (and a quarter of the speeds enjoyed by Evo owners on the same 3G network)."
Link to Original Source
top

Networked RGB Christmas lights sync'ed to music

Miamicanes Miamicanes writes  |  more than 5 years ago

Miamicanes writes "Ever want a string of Christmas lights made with RGB LEDs so all the lights can change colors? Or with their own microcontrollers, so each can act autonomously? Hell, why not go all the way, and network them while you're at it?

I did.

For the past 4 years, I've burned most of my Decembers, Novembers, and increasing chunks of October working on this project. This year, for the first time, they look like "normal" LED Christmas lights (I bought a few sets of clear LED lights on sale at Lowe's & removed the plastic diffusers from them to use on my own lights), and the controller I built last year finally works properly & reliably communicates with the lights.

Each light module has its own Atmel ATtiny25 microcontroller, linear power supply, RGB LED, and passive components. The whole thing is wired in parallel with just 3 wires... +12v, ground, and communication. One of my specific design goals was to keep the wires thin (AWG22 or smaller), which required higher supply voltage and individual power supplies for each module (not really a big deal... the regulator chip and 2 capacitors added about 50c to the cost of each light, and completely eliminated my original power problems).

The result? My favorite version of "Feliz Navidad" (recorded by Home Grown, an awesome SoCal punk band), accompanied by what's arguably one of the most sophisticated (and expensive) strings of Christmas lights in the world. Their own video (http://www.youtube.com/watch?v=MCLogsA2vMQ) is incredibly well made and hysterically funny, too! If Blink182 sang the song and made a video for it, it would ALMOST be as good as the one Home Grown made :-)

How expensive were the lights? I don't know. I've lost count. I've spent at least a kilobuck or two. If you assume my time is valueless, and you ignore the cost of the tools I've bought, the parts I've destroyed, and the crate of non-working light modules (roughly 3 or 4 for every working one that you see on the tree here), each light module has about $4-5 worth of parts (bought in hundred quantities from DigiKey and Futurlec). There are 36 on the tree today. Do the math. Then forget it, because it's too cool to care how expensive it was. Grossly over-engineered perhaps, but cool nonetheless."

Link to Original Source

Journals

Miamicanes has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>