Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Ask Slashdot: Best Dedicated Low Power Embedded Dev System Choice?

Morgaine A10-OLinuXino-LIME and BBB are both Cortex-A8 (183 comments)

One of my favorites out there today is the A10-OLinuXino-LIME. ...

The Beagle Bone was good in its day, but it is kind of over the hill. The processor is underpowered compared to other ARMs

Just to be clear, the A10-OLinuXino-LIME, BeagleBone white and BeagleBone Black all contain a single Cortex-A8 core, and the TI AM3359 runs at the same 1GHz speed in the BBB as the Allwinner A10 does in the LIME.

The original BeagleBone (white) ran its AM3359 at 720MHz so its CPU performance is a bit less, but the BeagleBone Black (BBB) superceded it a year ago and at a much lower price. As a result, the reasonable current-day comparison is between A10-OLinuXino-LIME and BBB, and on CPU power their similar speed Cortex-A8 cores make them pretty much identical.

I have all of these boards and many other similar ones, and my assessment is that BBB is much more capable for embedded projects because of its additional dual realtime 200MHz PRU cores (which are quite unrivalled), while the A10-OLinuXino-LIME is more suitable as an extremely low end desktop-style "computer" because of its dual USB2 host sockets and rather more capable MALI-400 GPU.

This assessment doesn't change when the just-released A20-OLinuXino-LIME is brought into the comparison, except that the dual Cortex-A7 cores in the A20 make it a far better general purpose "computer" than its A10 sibling for a mere 3 euro more in price.

about a month and a half ago
top

Traffic Optimization: Cyclists Should Roll Past Stop Signs, Pause At Red Lights

Morgaine You misunderstand Idaho Stop (490 comments)

It doesn't matter if you SHOULD have right of way.

You misunderstand Idaho Stop, as it never gives right of way to cyclists. The most they get is right of movement when there is no conflicting traffic, in other words when there is no right of way issue. If conflicting traffic is present then that traffic always has right of way over the cyclist at a stop sign or red light.

It certainly doesn't make cyclists "own the road", as you put it, since that's synonymous with having right of way.

about 3 months ago
top

Vint Cerf: CS Programs Must Change To Adapt To Internet of Things

Morgaine You miss the point --- it's about security focus (163 comments)

You teach core and theory and you apply it to whatever the current fad is.

He's not really saying that CompSci programmes should be tailored for Internet of Things. What he's saying indirectly but perfectly clearly to those who are aware of the appalling state of networking security in recent years is that university-level tuition needs to buck up and face the music, because the people they have been releasing into the field are totally inept at designing secure systems. The hundreds of thousands of security problems spread right across the whole Internet speak for themselves.

It's a very important message, and hopefully it will resonate with more than a few CompSci departments. IoT is just being used as an excuse for releasing a high-profile message from a respected person about the very unsatisfactory state of developer competence in the area of secure systems.

Regarding your second point about education versus vocational training, you are right about that, but secure software design and cryptogtaphy are not subjects for vocational training, but very strongly in the domain of CompSci. You have to understand the fundamentals, not just know which functions to call.

about 5 months ago
top

Facebook Being Sued Over Mining of Private Messages

Morgaine Corporations are not above the law (170 comments)

When Facebook or Google mine your data ('you are the product' as people say), you have nothing to fall back on. It's in their ToS

Only in some corporatist's wet dreams are corporations above the law. Whatever it may say on a ToS that they've pulled out of their asses, it does not change the facts one iota. The ToS cannot override the law of the land.

There is no means by which a person can sell themselves into slavery to a company by clicking on a web page. And by the same token, a company cannot decide that your personal data is theirs for them to do as they please just because it says so in the ToS they've written.

You seem to think that corporations are sovereign countries and are in their total right to own you. Sorry, but it doesn't work that way. You are NOT a product of a company, no matter how much some people like that cute phrase. You are, funnily enough, a person, and your rights as a person extend to the personal data that you entrust to third parties.

about 8 months ago
top

Apple Now Relaying All FaceTime Calls Due To Lost Patent Dispute

Morgaine The disaster of allowing software patents (179 comments)

The patents in question describe nothing more than perfectly normal combinations of Internet services that any software engineer who knows basic networking would be expected to create as a matter of course. Combining such services into higher protocols is simply algorithmic construction in network programming.

This patent suit illustrates well the chilling effect that software patents have on our ability to use computers and the Internet to best effect. When you allow software algorithms to be locked away in patents, the ability of engineers to use computers and networks as an enabling technology decreases dramatically, to the extreme detriment of our ability to improve our systems.

Each new software patent just adds further bars to the prison. If this disease isn't stopped soon, the profession is going to be worthless except as a feeding pit for lawyers.

about a year ago
top

DIY Space Suit Testing

Morgaine Awesome dedication to sci/eng by enthusiasts (37 comments)

This is a really awesome example of dedication to science and engineering by enthusiasts.

They don't mention it (much), but these guys are risking their lives. It's certainly possible for all the tech safeguards and personal attention to safety to go wrong and for someone to die.

I bet the professionals will call this "unnecessarily risk", but that's not really accurate. Sure, it's money-limited, but that doesn't mean that the people involved aren't just as strongly concerned with safety as the professionals. As said in the video, "We have only one life". They do realize what's at risk.

Looking ahead, we will soon be a space-faring species, and that means that we will be going into space not only as a science experiment, which all NASA endeavors have been so far, but simply to go out there for whatever reasons we have. People need to make this technology their own, and that's what these enthusiasts are doing.

about a year ago
top

Google Is Bringing Chrome Remote Desktop App To Android

Morgaine Google's hatred of security and privacy (104 comments)

Client-side Javascript is already a security disaster because the unvetted JS code bypasses your perimeter defenses (firewall and proxies) and executes deep inside your privacy domain. And it's not only unvetted code but also unvettable, because it changes with every page.

15 years ago, everyone knew that only the clueless download untrusted 3rd party executable code and run it. Now with JS, all that sensible security advice has been forgotten, and everyone is required to behave clueless with their security. (Software sandboxes are no solution, because all non-trivial software like JS and the browser is riddled with bugs, this is inescapable with large software systems.) Add-ons like NoScript and Ghostery help control it a little, but technically unaware people can't be expected to use them, and more and more websites don't work at all without JS.

And now, Google wants to make it especially easy for remote 3rd parties to access other people's desktops, as if JS didn't make it easy enough already (just ask any security pen-tester). It adds to the already hopeless security in Android, where users are disallowed from blocking the wide access typically demanded by an app on installation. Google doesn't want you to be in control.

The whole Google scene is a security disaster by design. It beats me how a company with so many PhDs can be so cavalier with people's security and hostile to their privacy.

about a year ago
top

Iain Banks Dies of Cancer At 59

Morgaine Thank you Iain, you gave us hope (141 comments)

On our primitive planet with its petty preoccupations over power and money, you showed us a vision of the future in which Mankind has managed to transcend the narrow blinkers of its youth, and reaches out to the stars without material greed nor lust for power.

The Culture gave millions of us hope for the future, at a time when government, business and fanaticism seem intent on moving us back towards the barbarism of earlier ages. Your vision will live on in our hearts, come what may.

Thank you.

about a year ago
top

One Year After World IPv6 Launch — Are We There Yet?

Morgaine "Switch over to IPv6" is very misleading (246 comments)

to expect EVERYONE to switch over to IPv6 immediately is a bit naive.

"Switch over to IPv6" is a concept that detractors have pulled out of thin air, as it bears no relationship to how IPv6 rollout was planned and expected. Adding the word "immediately" just makes the misconception worse.

IPv6 was always intended to run alongside IPv4 for the foreseeable future, because old IPv4-only equipment will be around for decades until it rots and it will need to be reachable until it is replaced. So, please don't talk about needing to "switch over" to IPv6. Wherever you got that idea from, it's wrong. Talking about it is propagating an invalid concept, and calling the expectation "naive" is just knocking down a straw man.

IPv6 service merely needs to be enabled (without touching IPv4) on an IPv6-capable dual stack home router, and ISPs who offer IPv6 provide routers with it already enabled so you just need to plug them in. (If it's an old router then you'll have to enter the new IPv6 address info that the ISP gives you of course.) Simple home systems don't even need user configuration for IPv6, because IPv6 router advertisements then handle everything. It's as simple as USB for the home user, totally plug'n'play, which IPv4 never was.

And once enabled, IPv6 works totally happily and transparently alongside IPv4 in the home network and at the server end, so there are no "switch over" issues. IPv4 continues to work exactly as it did prior to enabling IPv6. Browsers in particular just use IPv6 by default on a site that has it, and IPv4 if not. It's completely seamless for the end user.

The pain and angst of "switch over" that you describe simply doesn't exist, because switching over was never planned, expected, nor even desired.

about a year ago
top

Mitigating Password Re-Use From the Other End

Morgaine Wrong approach in use. Secrets should be local (211 comments)

The sites that are calling for better password choice need to step back a bit and consider whether their design concept of storing user passwords centrally is a good one. It's not, so they should get rid of it instead of applying band aids to a bad scheme.

It doesn't matter what encryption scheme is used, if authentication secrets are stored centrally on a website then they are at risk. Good sites make it hard to crack, and poor sites make it easy, but they are all at risk, from internal employee corruption if nothing else. Those secrets will leak because when stored at a single point then they are all accessible to the attacker at a single point. Leakage is just a matter of time.

A vastly more secure approach that's been well known for decades is for the user to store their secret locally as a private key, one half of a {private,public} key pair. The server only gets to know the public key (PK), and it's pointless for an attacker to crack that because the PK is public information that can be distributed freely through keyservers. (The PGP/GnuPG keyserver network has been doing this for decades.)

When a user creates an account on some website, she provides the identifier of her chosen PK (she may have lots of them). When logging in to the account subsequently, the server looks up her PK identifier in the info for this account, fetches her PK from the keyservers, then it sends her a random string encrypted with her PK. She decrypts it with her private key (which is only held locally by the user, nowhere else) and sends the decrypted string back. The server accepts the login if the returned string matches the random string that it picked, which is not stored and varies on every login, and rejects the fraudulent login attempt if the match failed.

That's strong distributed security, and it's resistant to MITM attacks and does not store any authentication secrets on the central service so those secrets cannot leak when the service is compromised.

It's not rocket science. Why this old but secure scheme isn't used by websites is quite a mystery.

about a year ago
top

Supernova Left Its Mark In Ancient Bacteria

Morgaine One supernova of many in Local Bubble (37 comments)

Our solar system resides in an area of our galaxy called the "Local Bubble", roughly a few hundred lightyears across. This region is very empty compared to the average interstellar medium in the galaxy, as a result of a large number of supernovae that blew out a sort of cavity in our interstellar neck of the woods long ago. In actual structure it's more of an irregular "Local Chimney" going right through the galactic disc rather than a spherical bubble.

As a result, pinning the cause of TFA's observations to a single supernova is not all that simple, as supernovae were very common in the Sun's general neighborhood in our galactic past..

Here's a nice graphic of the larger features in and around our local bubble. It's a fascinating subject if you enjoy understanding our location in a galactic context.

about a year ago
top

KLyDE: Lightweight KDE Desktop In the Making

Morgaine Lightweight means small, sometimes fast (129 comments)

It's clear what lightweight means just from examining its two parts: "light" and "weight" both allude to there not being much there, little mass or volume. The words are of course a physical metaphor when applied to software.

When something has little physical mass and volume then it tends to move fast for any given force, and so as a consequence we tend to associate "lightweight" also with higher speed, but it's only a consequence, not the primary meaning.

In software, being lightweight and being fast are properties that do not always track each other. As a first rule of thumb, smaller code tends to have more locality simply through being smaller, and hence it can run faster through producing fewer cache misses. However, small code is often somewhat dumb code, and a large and complex beast of a program can be designed to have greater locality in its innermost loops and hence to be more cache friendly and run faster. As a result it is hard to generalize whether lightweight also means fast. You have to examine each case separately.

As a counter-example to "lightweight == fast", the browser Midori is extremely lightweight (very small), consisting of little more than a simple graphic Gtk+ wrapper around webkit. Firefox in contrast is a huge monster of a program and could never ever be called lightweight. However, Firefox runs much faster than Midori, because its designers have used its complexity very productively to make its performance top notch.

So, you really can't generalize beyond observing that smaller programs load faster from disk and, everything else being equal, tend to have better cache locality and hence higher speed. However. heavier programs can buck this general rule by using more complex designs and algorithms to boost their runspeed.

about a year ago
top

Microsoft: Facebook Home Is a Copycat, Windows Phone Is the 'Real Thing'

Morgaine Companies are becoming like political parties (199 comments)

[No axe to grind since I use neither MS nor FB ...]

Stories like this one remind me of politicians playing party politics and slagging off everything the opposition does and says instead of focusing on whether it's a good idea or not.

It seems that long gone are the days when the top companies competed on product and politics was (ostensibly) about doing the best for the nation. Doing good work has become quite secondary to politicking (in the worst sense of the word) in both areas.

about a year ago
top

Decade-Old Espionage Malware Found Targeting Government Computers

Morgaine A strong push for open source in government (69 comments)

I suspect that as more malware and backdoors are discovered in systems used by government, the penny will begin to drop more frequently. Closed source is incompatible with security, by definition, since you cannot validly trust what you cannot see.

Companies have the luxury to risk their security by placing their trust in a corporation and in closed source brands, and to pay the price of failure. But governments do not have this luxury, because failure compromises the security and sovereignty of a nation.

The push for open source in government will be gaining impetus in the years ahead as more national infrastructure becomes networked and the security risk becomes evident. Each report of espionage malware found is just another data point highlighting the insecurity of closed source systems.

It's a reasonable guess I think that government perceptions are changing because of this, and open source is slowly becoming non-optional.

about a year and a half ago
top

Voyager 1 Officially Exits Our Solar System

Morgaine Voyager 1 has already escaped solar system (237 comments)

To clear up any possible confusion, Voyager 1 doesn't need to enter the "sphere of influence" of another body to avoid falling back to the Sun. It has already escaped the Sun's gravitational field, long ago and by a large factor.

On September 9, 2012, Voyager 1 was measured to be 121.798 AU from the Sun and traveling at 17.043 km/s. At that distance, the escape velocity from the Sun is only 3.817 km/s, which Voyager 1's speed exceeds handsomely.

The dear thing isn't coming back, at least not without help. :-)

about a year and a half ago
top

Missouri Legislation Redefines Science, Pushes Intelligent Design

Morgaine Also educational misconduct and fraud (813 comments)

This sort of behavior from elected officials should be considered treason.

Treason may be the wrong word if one wants to be precise, but there is certainly something like treason going on. The creationists are willfully trying to undermine the country's scientific future and to infect school children's receptive minds with pure nonsense. As an analogy it's very true.

There's also some very severe professional misconduct occurring there, because non-scientists are pretending to be scientifically competent and dictating school science curricula.

Are carpenters allowed to establish guidelines for how surgeons will do heart surgery? No, they lack the professional competence so they are not accepted as having standing in the matter. What's happening in science education in a few US states is directly analogous. The creationists have no standing in science and so should have the door shut firmly in their faces.

Pretending to have scientific competency when you don't even know how science works is pretty clear fraud. Aren't there controls in education to keep charlatans from taking jobs for which they have no professional competence? Apparently not.

about a year and a half ago
top

Woz Says iPhone Features Are 'Behind'

Morgaine It's entirely normal and expected (587 comments)

In many consumer electronics industries, it's normal for the lead manufacturers to be continually leap frogging each other. At any given point in time one is ahead, and on the next product cycle their main rival is ahead.

Examples of this are common. For example in cameras Nikon and Canon are changing lead position pretty much every year, and in home theater systems the same has been occurring between Yamaha and Denon for well over a decade. In smartphones and tablets it's currently a two-horse race between Apple and Samsung, and which company has its nose slightly in front should be expected to change often. And of course other companies regularly join in the fun too.

Any "lead" that a particular company might have is actually very minor, because all high tech companies chase each other closely so it's always only by a nose.

Not much of a story really. Continual leap frogging is entirely normal in the industry.

about a year and a half ago
top

Fragmentation Leads To Android Insecurities

Morgaine Fragmentation is not to blame (318 comments)

Linux has huge diversity among its many distributions, and yet it doesn't suffer from the security problems described in the article. So-called "fragmentation" isn't really a valid technical reason for lack of security at all. If a system is designed for security then it will be secure, regardless of the number of its variations.

The real reason why Android is lacking in security is because Google hasn't focused on security. They decided not to include iptables/netfilter (the Linux firewall) as a standard facility in Android, which would have been very easy to do. And they haven't allowed users to block privileges demanded by apps after install. Instead you're offered only a package deal, either let the app do whatever it wants or don't install it, period. Android users are hence pressured into a corner, and the end result is often worse security than they would wish.

Don't blame fragmentation. Instead point a finger at Google designers who seem remarkably disinterested in supporting the Android user's security and privacy requirements.

about a year and a half ago
top

UK Court: MPAA Not Entitled To Profits From Piracy

Morgaine Stealing differs from making a replica (159 comments)

Of course it's more akin to stealing something rather than just trespass,

It's nothing like stealing something. It's like walking into an art gallery which is open to the public and making a perfect replica of an exhibit for yourself. (If there were DRM, it would be a locked gallery instead of an open one.)

Before there was one piece, and now there are two. The gallery is still in possession of its exhibit, so this is nothing like stealing an exhibit from them. It's more akin to creating new exhibits.

about a year and a half ago

Submissions

top

Morgaine Morgaine writes  |  more than 7 years ago

Morgaine writes "It's a classic Slashdot meme that geeks never get any. Well there's nothing like personal angst to fuel a good song, so why not put that bitter realization to music?

Soft Hearted Scientists seem to have done just that, in a cute but painful dittie "[I Could Never Hope To Catch] That Comet's Tail". I'm sure it's been done before, but given the bands' name I couldn't resist submitting this as appropriate for Slashdot, and it's a free download anyway.

Come on geeks and nerds, let's have more links to geeks-in-music posted here, and write your own personal anthems too! You might not be destined for Number 1, but at least it might be good therapy. :P"

Journals

Morgaine has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>