×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

How Does Heartbleed Alter the 'Open Source Is Safer' Discussion?

Savage-Rabbit Re:Wat? (582 comments)

You seriously think that black hats bother with reading millions of lines of code in the hope of finding an exploit when all they have to do is play with the data sent to services/applications and see if it misbehaves. Which is why exploits are equally found among closed and open softwares.

Generally I still think that open source projects have an advantage over closed source because there are more eyes on the code in a FOSS project. That being said shit does and will happen and unfortunately even in open source projects sometimes a whole lot of shit manages to pile up before it finally hits the fan which of course then results in a particularly big and very stinky mess like Heartbleed. What the OpenSSL team seems to have failed to do is to perform a really serious amount of destructive testing on their library which, as you pointed out is essentially what black hats do to find these kinds of vulnerabilities anyway. This is not surprising since quality assurance and testing seems to be a bit of a poor relations many FOSS projects just like it is in the closed source community. Another thing I'd try if I was a black hat is to run some kind of static code analyser on the codebase that can identify this kind of problem so that might be another thing the OpenSSL team can try if they aren't doing it already. Finally, when something is as widely used and fundamental to the workings of the internet and online commerce as OpenSSL is one would expect that perhaps some of the big beneficiaries of the OpenSSL project like Google, Apple, Amazon, Facebook etc. could foot the bill to do some suitably paranoid amount of quality assurance on it and other such FOSS projects. After all it's not like any of them is short of cash now is it and maybe these corporations could invest some of that cash they avoid paying in taxes to make everybody's digital lives a little safer by offering bounties for OpenSSL bugs? (...and yes, I know that expecting corporations to show communal responsibility is a long shot but hope springs eternal)

about a week ago
top

Obama Says He May Or May Not Let the NSA Exploit the Next Heartbleed

Savage-Rabbit Re:Well, yeah (134 comments)

Spy agency's job is to spy. It'd be remiss of them not to use such a security hole.

The question is, would he allow the NSA to exploit a similar vulnerability against Americans. And I think we already know the answer to that one too.

No, the role of the NSA is not just to gather SIGINT, the NSA iis also tasked with preventing unfriendly entities from gathering SIGINT which is why the NSA initiated and open sourced SE Linux just to cite one example. So the question here is should the NSA put every single American SSL using business at risk for years on end to protect a single source of SIGINT? After all, foreign intelligence services may not have to budget of the NSA but they are not stupid either, they can discover bugs like Heartbleed just as easily as the NSA can and might well use it sufficiently stealthily for the NSA not to notice that they aren't the only ones sitting on this vulnerability. When do the costs of spying outweigh the benefits?

about two weeks ago
top

IRS Misses XP Deadline, Pays Microsoft Millions For Patches

Savage-Rabbit Re:Audit time (322 comments)

So the IRS missed a deadline they knew was coming... I wonder what they would do to any of us in a similar but different situation?

he IRS isn't the only SNAFU out there by any stretch of the imagination. They are in good company along with many members of the much vaunted and ever efficient private sector when it comes to missing this particular deadline.

about two weeks ago
top

93 Harvard Faculty Members Call On the University To Divest From Fossil Fuels

Savage-Rabbit Re:Especially solar cells and carbon fiber windmil (214 comments)

The average person's ability to "invest tomorrow" is piss poor, that's why they need a push sometimes. Investing in the short term now in renewable energy is going to result in significant price decreases in the future, especially when you consider the likely future path of oil prices.

The people who made a killing on Google/Apple stocks were the ones who got in early and took a risk. Is it any different with renewables? The ones who get in early are the ones who reap the most benefits. Whoever invests in renewables research and development now, when it is painful and expensive, will be the one who comes out on top later when everybody else is forced to make that transition in a third of the time and with much more pain than you can do it now because these early adopters will be sitting on mature technology and the means to mass produce it and everybody else will either be doing lots of business with them or frantically playing catch-up.

Case in point: http://en.wikipedia.org/wiki/E...

Renewables also have a political dimension. If anybody in Germany thought the Energiewende was expensive (and a lot of people do), they have now had cause to reconsider as they watch Vlad Putin sitting in Moscow with his hand on the gas valve threatening to shut it off unless the NATO powers feed him the Ukraine on a plate.

about two weeks ago
top

Navy Debuts New Railgun That Launches Shells at Mach 7

Savage-Rabbit Re:IANA Physicist, So... (630 comments)

Oxygen, it's in the air...

fine vaporized particles of metal...

*poof*

And that, ladies and gentlemen, is a demonstration of what we science nerds like to call 'simple science for senators". The amazing thing about it is that you can actually get billions of dollars in funding using this simplified approach when brilliantly researched and written scientific papers fail miserably. Go figure!?!?

about two weeks ago
top

Most Expensive Aviation Search: $53 Million To Find Flight MH370

Savage-Rabbit Re:Tracking` (233 comments)

And yet, people stated that "it would be soooo expensive" to add proper tracking to planes.

It is. As a manufacturer you have to machete your way through a jungle of red tape, get all manner of safety assessments etc. to even be allowed to install the ADSC-B/C equipment on the aircraft. This is very time consuming and expensive, which is one reason why all aircraft avionics and generally anything that goes into an aircraft is by definition obscenely expensive to buy (right down to LCD screens and coffee makers) and why old airliner designs get reworked (it's a smaller bureaucratic workload to get a new variant of an existing design flying than a totally new design). If this seems like dumb bureaucracy keep in mind that aircraft have been lost to crappy installation of retrofitted electronics (a good example being Swissair Flight 111). To install the equipment your airline has to ground the aircraft for at least a week (installation costs and lost revenue). Depending on the type of aircraft you operate and its age there may not even have been provision for the ADSC-B/C equipment which means airframe modifications and more downtime (yet more lost revenue and expenses) followed by more certifications and inspections. On top of that different ATC areas sometimes require you to have different equipment. Even simple stuff like software upgrades only happen at a glacial pace so if you think that fixing a simple software bug on an airliner is as simple as downloading an install package from the support section of the Boeing/Airbus website, uploading it to your USB stick, plugging it into a USB socket in the dashboard of your Boeing 777 airliner and selecting "Update firmware" on the FMS screen you have another thing coming. Airliners are one of the safest modes of transportation but that comes at a cost in time and money.

about three weeks ago
top

DARPA Embraces Nature With Establishment of Biological Technologies Office

Savage-Rabbit Re:Android Body Needed (40 comments)

> a new division that aims to 'merge biology, engineering, and computer science to harness the power of natural systems for national security

In other words, Dick Cheney needs an android body urgently.

Is that a good idea? He was dangerous enough with a shotgun, he will be a walking disaster when he can shoot laser beams form his eyes.

about three weeks ago
top

Fukushima Photo Essay: a Drone's Eye View

Savage-Rabbit Re:Just to be clear (66 comments)

Just to be clear here: the devastation is all due to the tsunami, not to the reactor failure. Foreign media seem to often forget or ignore that the disaster was the earthquake and tsunami. That's what killed almost 20k people dead and destroyed the homes of many hundreds of thousands of people.

It seems to me that the root of the Fukushima disaster was the decision to build a nuclear power plant in a place where there was even the remotest chance of Tsunami damage. The government of a country whose history is littered with Tsunami disasters should have known better. The design basis for tsunamis at Fukushima was 5.7 meters, it should have been: "Don't build a nuclear plant within 20-30km of the coast and even then put it on high ground" and keep in mind that this restriction does not account for earthquakes although the Fukushima plant survived a magnitude 7.7 quake rather well so at least in that regard it was better designed..

about three weeks ago
top

A Third of Consumers Who Bought Wearable Devices Have Ditched Them

Savage-Rabbit Re:Annoying cable wrangling (180 comments)

Wearable devices will not be massively popular unless they will be as simple to use as headphones.

Maybe you are different but I don't carry headphones either and frankly I think headphones are a huge PITA. Headphones require all kinds of annoying cable wrangling or if wireless all kinds of unreliable setups that you are constantly dicking around with. Useful? Yes. Simple? Not so much.

I carry precisely 3 items 99% of the time - phone, wallet and keys - and I'd do away with any of them if I had a reasonable way to do so. I don't mind carrying a fitness tracker if I'm actually doing exercise but otherwise the phone should serve that purpose. I don't want to wear a special purpose device unless I'm doing something rather specific. I don't wear a watch except on rare occasions because they serve little purpose these days (clocks are everywhere) and are annoying to wear if you don't have to.

Generally I agree with you and I can see your point with corded headphones but cordless (Bluetooth) ones work fine for me. I used to go through a ton of corded headphones. Usually they'd wear out due to metal fatigue just above the plug to save money. For years I used to shorten the chord and solder it back to the plug like a true penny pinching geek. Then I finally gave up and spent an obscene amount of money on a set of Sennheiser MM 550-X Bluetooth headphones. So far they have, well .... just worked. I also have a couple of sets of Sennheiser MM200 earplugs phones, also Bluetooth. Same story here, they just work. The first set finally wore out after three years of daily use so I bought a second one on sale since this model is out of production now. The only complaint I have so far is that the audio quality suffers a bit because of the Bluetooth link but not so much that I'd forgo the comfort of being wireless.

Speaking of special purpose devices, what I'd really like for safety reasons is a __proper__ HUD for my car. There are after market ones but most of the suck, a HUD should be standard equipment in every car.

about three weeks ago
top

Department of Transportation Makes Rear View Cameras Mandatory

Savage-Rabbit Re:Yeah right. (518 comments)

It's April 1st. You're not fooling anyone.

I don't care, this is a good idea. I installed a dash cam in my car. It's just a HD webcam hooked up to a board computer that runs a C++ daemon using the OpenCV libraries but I have already captured some rather spectacular footage. Including a car that had gone off the road in icy conditions, there was a light post which the car had sheared off it's mounting resting on the car's roof (I arrived at the scene post facto). A couple of days ago I captured another bit off scary footage when I had to drive onto the shoulder of the road to avoid a frontal collision with a guy who decided it was a good idea to overhaul three other cars on blind turn in the road. If this keeps up I'll set up a YouTube channel and a website that uses the footage as a library of examples for student drivers of how not to drive.

about three weeks ago
top

Department of Transportation Makes Rear View Cameras Mandatory

Savage-Rabbit Good.... (518 comments)

They can include a dash cam and side view cameras as well along with an interface that allows me to copy filmed material to an SD card or something... That would have saved me twice from getting stuck with being 50 percent at fault (both times the other driver ignored a red light).

about three weeks ago
top

Judge Overrules Samsung Objection To Jury Instructional Video

Savage-Rabbit Re:Bad law... (232 comments)

I like the way you single out North Americans, as if they indeed are somehow more corrupt than Europeans or Africans or South Americans or Asians or Australians.....

Anybody who claims that has never been to Russia. There are other countries in Europe where corruption is rife but from talking with people who have done business there, Russia is like the wild west (along with Belarus and the Ukraine). One guy I talked to called Russia a "kleptocracy". Take a look at this map of perceived corruption around the world:
http://upload.wikimedia.org/wi...
High index is clean, a low one is corrupt. As you can see much of Eastern Europe (i.e. ex Warsaw pact) is at least two steps up from Russia. And the USA is perceived as being about as corrupt as Western Europe (i.e. W-Europe more or less as it is defied by Eurovoc).

about three weeks ago
top

UN Report: Climate Changes Overwhelming

Savage-Rabbit Re:Projections (987 comments)

So scenario A It's true and we're all fucked and can't do anything about it. Thus we're arguing over..nothing.

Science: If we can't change it, well, fuck it.

Fox New: If it hurts big coal and oil, try to convince everybody it doesn't exist.

about three weeks ago
top

U.S. Court: Chinese Search Engine's Censorship Is 'Free Speech'

Savage-Rabbit Re:What. (284 comments)

If Google was, say, a public utility then I'd back you up. But they're not. Filtering or selectively promoting things is entirely within their scope. Their rights don't change because they're popular.

However, if they're publicly viewed as abusing those rights, they very well may become much less popular.

So it's OK to abuse monopolies in any way you want just as long as you don't use them to extort money from people? If there was real competition on the search market, if there were 5-10 different search providers that all more or less equally divided the market between them I'd be perfectly inclined to agree with you because then you could choose a provider that wasn't run by a bunch of reactionary morons. The whole problem is precisely that Google is a private company that has acquired the same position as a and role as public utility by virtue of their monopoly on internet searches. They have a stranglehold on what has become the primary communications platform of the 21st century and thus there are severe limitations on the political filters they are allowed to apply to their search result. We are bloody lucky Google is run by a couple of intellectuals who have for the most part not abused their position and made the concious choice not to push their political agenda with the same unrelenting and ruthless political partisanship as Fox News does. Both conservatives and liberals have benefited from that. Would you rather have the gatekeeper of internet search controlled and run by the likes of Rupert Murdoch or the Koch brothers?

about a month ago
top

U.S. Court: Chinese Search Engine's Censorship Is 'Free Speech'

Savage-Rabbit Re:What. (284 comments)

What good is the first amendment if private entities providing essential information services to the public can effective bypass the right for people to be heard?

I fail to see the relevance. No wait - I do. If they're enforcing free speech, that means they can't regulate what a person (or corporation) can say. Or selectively not say of their own volition. Does Freedom of Speech imply that we force people/corporations to say things that they choose not to? Regardless of their motivations? If I run a web-site and there's an article somewhere that says, "China censors nothing!", do I have to provide a link to it despite the fact that I personally think it's biased?

I suspect that it depends on what your market share is, i.e. whether you are a "gatekeeper" or not. If you are just some two bit website that's one of a thousand others then the answer is that you can present whatever point of view you want and ignore others. If, however, you are Google, you handle 95% of all internet searches and you don't agree with, say the US Republican party's point of view so you start purging all links from your search results that represent a Republican point of view that you don't agree with then the game situations is a bit different and should be forced to be more neutral than you would like to be for the public good. I generally can't stand radical Republicans but I'll fight for their right to be heard, I don't have much use for communism either but I also think Commies have a right to be heard. This judge would seem to disagree with that which is IMHO quite amazing.

about a month ago
top

Microsoft Launches Office For iPad: Includes Word, Excel, and PowerPoint

Savage-Rabbit Re:Hmmm... 'Free'... (184 comments)

Not really, because Apple still takes a 30% cut if you buy the subscription as an in-app purchase. This is more about getting a constant stream of money ($10/month) rather than a one-time (or every two or three years) payment of $50 or whatever.

Let's just take a look at this deal. I just bought a 356 subscription and according to the in-app purchasing wizard in the Office 365 suite on my iPad the subscription is $156 per annum. For that you are getting:

  1. Word, Excel, Powerpoint and change.
  2. License to install on up to 5 PCs/Macs
  3. Use on mobile devices.
  4. 20 GB of additional OneDrive storage.
  5. Skype world minutes (60 of them per mensem)

Which sounds like a pretty OK deal to me considering the volume of product I'm getting. As far as I can tell there are no temporal usage restrictions on the PC/Mac licenses in this this sub, according to the office 365 community forums multiple users can log into the same account and edit the same document. If that is true than this subscription will cover my office needs, my parents's, my sister's and her husband's and we can split the costs. As for corporate profits.... If Apple is taking 30% then Microsoft is getting $109,8 / 12 = $9,15 per month and they still have to deduct costs and taxes. Mind you, being a corporation, MS, like Apple, Google, IBM and the rest of that ilk probably enjoy considerably lower tax rates than what Joe Six-pack has to contend with. However, MS does have to pay developers, maintain their cloud service data-centers and pay the system administrators of their cloud service department out of that and pay for marketing and other such crap. I'm sure MS makes tons of money off of this stuff but it's not like the profit meter at Microsoft HQ goes Chi-chinggggg! and increments by $9,15 every time they sell an office subscription to an iPad followed by a spontaneous chorus of manic laughter from every MS manager in the known universe over how they are ripping off their customers.

about a month ago
top

Google Glass Signs Deal With Ray Ban's Parent Company

Savage-Rabbit Re:fuck me (125 comments)

If you're doing professional document editing in a browser, you're insane.

The portability, sharing and collaboration of Gdocs is light years ahead of the others. Nobody I know gives a rats ass about "professional" editing.

You have evidently never done a Bachelor's or Master's Thesis. If you had you'd be familiar with a group of people that places much importance on "professional" editing. Granted, scientists use TEX rather than an office suite but the 'professional' editing of scientific reports, thesis and papers is almost considered as important as the content and there are some very good and obvious reasons for that.

about a month ago
top

Google Glass Signs Deal With Ray Ban's Parent Company

Savage-Rabbit Re:fuck me (125 comments)

The iPhone UI was rather good, and was Apple's last showing of what it did really well.

A fact that is only emphasised by the fact that Google redesigned their phones and the Android UI from aping BlackBerry to aping the iPhone and it's OS. I'm not sure the iPhone and it's UI is the last time Apple will demonstrate how it does UI and design very well but it is the latest.

about a month ago
top

Drone-Assisted Hunting To Be Illegal In Alaska

Savage-Rabbit Re:What's the difference (397 comments)

What's the difference between a hunter with a drone and a factory fishing vessel with spotter planes? Is it scale? money? Both models are using airborne technology to assist in the gathering of food. If we are going to ban aerial observation, than it should be for all applications and uses of it regardless of how monied the operator is.

Actually using spotter planes for fishing (tuna for example) is forbidden in many places.

about 1 month ago
top

Drone-Assisted Hunting To Be Illegal In Alaska

Savage-Rabbit Re:Bloodlust (397 comments)

This pervasive mentality (shooting wolves from a helicopter) and now this new drone thing is what gives hunters a bad name.

Damn right. Even a high powered rifle with no other technology is a ridiculously one sided advantage when hunting. There are several perfectly practical reasons to go hunting that have nothing to do with entertainment. (food, pests, protection, environment) They even have the gall to call hunting a "sport" and euphemise their bloodlust by calling their kills "harvesting" as if it was no different than planting corn. I'm not quite sure how it is a "sport" if the other team doesn't know they are playing.

I don't have a problem with allowing hunting for practical reasons but most hunters I know (and I know lots of them) are pretty disingenuous about their motives for killing harmless animals. 99% of the time it is for no purpose other then their own amusement. I find that sort of mentality rather disturbing.

Sorry, your biased opinion of hunting aside, it is called harvesting because left to their own devices, and with no other predators available, many hunted species would populate to the point of being unable to feed and then slowly dying of starvation killing off most, if not all, of entire herds. Hunting seasons are used to cull these herds of excess population and provide food and "sport" to humans.

Here's a thought. How about re-introducing natural predators like say ... wolves rather than shooting them from helecopters? Not that I'm against hunting but wolves in particular have been demonized far beyond all sense.

about 1 month ago

Submissions

Journals

Savage-Rabbit has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...