Slashdot: News for Nerds


Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



WikiLeaks Publishes Cable Archive In Full

abulafia Re:Guardian covering their ass (296 comments)

Well, no, not exactly. The Guardian published the password. Wikileaks failed to secure the encrypted payload. They both had to fail for the security breach to have happened. Irresponsibility is shared there, and as best I can tell, Julian is embarrassed and attempting to salvage ego with a dumb "I meant to do that" sort of maneuver.

The Guardian is being a bit silly in complaining now, after the data is already out there - anyone with an interest has already found a torrent.

But really, the whole thing is silly, given that the cables were available very widely to (as I understand it) millions of US folks already. I simply don't believe that documents shared with 7 figures of people, security cleared or no, don't find their way to people who have an interest in such things.

Most of the hot air being puffed about this has to do with what is public-public, instead of private-public. It makes a difference. (To pick a different example: "everybody knows" that many cops in the US arrest routinely people who annoy them on bullshit charges. This is private-public knowledge. Now imagine documents hypothetical leaking about this being policy. That would make it public-public.

more than 2 years ago

Rob "CmdrTaco" Malda Resigns From Slashdot

abulafia Best to you, Taco (1521 comments)

End of an era.

I don't know why this particular change feels so big, but it does. /. has been a big constant in my life for over 10 years now, and /. has always been, to a significant degree, Taco.

I know you're not dying or anything, but golly.

Thanks for making the joint the kind of joint it has been.

more than 2 years ago

Climate Unit Releases Virtually All Remaining Data

abulafia Re:Refuse Permission? (507 comments)

You can't copyright/patent/trademark facts.

In the U.S. You might notice that Trinidad and Tobago (and England, for that matter) happen to not yet be an official vassal of the empire, and is still a sovereign nation that makes its own rules.

It isn't clear from the article what rules and agreements govern here, but it certainly isn't U.S. copyright.

more than 2 years ago

More Oracle Patents Declared Invalid

abulafia Eat Poop! (150 comments)

Who the hell cares about corporate winners (modulo folks with stock, or other stakes)?

I care about good tech.

Eat it. It tastes good, if you chew a bit. No, there's a bit on your chin, see, there. No, well, let me help.

Jim, me need a helmet.

I'm sure this is just an episode.

Well, whatever, then. We'll need VB coders until we can't pay the cooling bills on those boxes, so... Can't fix everything.

about 3 years ago

OpenID Warns of Serious Remote Bug, Urges Upgrade

abulafia Re:The concept of OpenID doesn't seem very secure (45 comments)

Of course it does. That's exactly where I want the risk for my passwords.

I'm not writing this from the perspective of an enterprise architect or a protocol designer, I'm talking about risk and incentives wearing the hat of an individual user.

more than 3 years ago

OpenID Warns of Serious Remote Bug, Urges Upgrade

abulafia Re:The concept of OpenID doesn't seem very secure (45 comments)

Put all your eggs in one basket with an OpenID provider that *does* take security seriously (Google, Yahoo, etc. can function as OpenID relying parties - and you can also use two factor authentication with Google now), so that basket is extremely well protected, and dodge the issue of giving random sites on the internet a password entirely?

That's easy. I would rather use per-site passwords.

Even if you trust Google's security without qualification, which you shouldn't, as they've been compromised before both internally and externally, there is the problem of interest alignment. Your interests are not the same as Google's.

As for deducing per-site passwords, well, if you can, then I'm doing it wrong, or you have either my master key or broken SHA2. And I don't remember any of them That is what password managers are for.

Final thought- if you've convinced yourself of the wisdom depending on the almighty Google (or Yahoo, or whoever), you might want to watch and see if they happen to upgrade their OpenID system in the next little bit. Just a thought.

more than 3 years ago

Dropbox Can't See Your Dat– Er, Never Mind

abulafia Re:Hmmm... (333 comments)

How does Dropbox define "valid legal process"?

Well, you'd have to ask Dropbox about their definitions. And I am not a lawyer. But in terms of various things to answer your questions, you might want to read up on National Security Letters, which allow demands for metadata pretty much on nothing more than the FBI thinking they want to see it. (Yeah, I know that's not what the law says, but read up on how NSLs have actually been used.) Of course, metadata in this context doesn't require decrypting the documents - it likely is going to refer to file names, IP addresses and times of connection, etc.. Also of note is the Stored Communications Act. The rules are complex and are being contested in various ways, but among other things documents held in storage for over six months can be grabbed simply on a court order, no warrant or subpoena required. It isn't clear to me if "held in storage" would mean unmodified since uploaded - the rules were written primarily to cover email, which it typically not modified after reciept, other than changes to metadata.

more than 3 years ago

FSF Suggests That Google Free Gmail Javascript

abulafia Re:In other news.. (413 comments)

You simply don't know what you're talking about, on any of those topics, except for your opinion on why they failed (which, as an opinion, just is).

more than 3 years ago

FSF Suggests That Google Free Gmail Javascript

abulafia Re:In other news.. (413 comments)

That's not informative, that's completely wrong. Sun was open source friendly from the start. Just for starters (I think this was the first large one) where do you think nfs came from?

more than 3 years ago

RMS On Header Files and Derivative Works

abulafia Re:Really? (247 comments)

Stop trolling. Look at my comment. I was talking about lawyers. You could choose to make jokes about the relative humanity of lawyers, but you're just randomly disagreeing and being annoying. There is a song by Cake, also ca. The 90s...

more than 3 years ago

RMS On Header Files and Derivative Works

abulafia Re:Copyrights on facts (247 comments)

I am talking about humans, not integers. If you look at populations of humans, they.(roughly, true) follow a distribution that does not mimic your example, and more or less demonstrate mine.

Unless you live in Lake Wobegone. Before the Republicans kill it.

more than 3 years ago

Chinese Phone Maker ZTE Turns Down WP7

abulafia Re:When all else fails, indirection! (292 comments)

Aw, you got me excited. That isn't what I want, and I think you are aware of that. Wake me when I can run 2.2 in a vm under 2.2.

more than 3 years ago

RMS On Header Files and Derivative Works

abulafia Re:Copyrights on facts (247 comments)

The reality is a lawyer will agree with any opinion the client has to make as long as there is a pay check in it. Of course that agreement will be in politispeak that can be interpreted six ways from Sunday afterwards.

Only if you have a shitty lawyer. Good ones actually add value, help strategize and avoid risk. It helps to remember that of any cohort, half are below average.

more than 3 years ago

UN Backs Action Against Colonel Gaddafi

abulafia That works until you think (501 comments)

After about five minutes of reflection, you realize that this instability is inherent in a changing environment,

Gas ain't going down. Burning dinosaurs4cash is a time limited model, which is why people are so pissed off about it.

What is interesting is that, hey, we give proles communicatn tech, and whaddiya know, they use it. Well, it seems, and that's going to get better. The cypherpunks were not stupid.

more than 3 years ago

RSA's Servers Hacked

abulafia Re:Let me guess... (172 comments)

That was my first thought.

Probably a simpler attack than that, but still a pretty fucking serious hit for a company/brand that depends on rep as much as RSA does.

more than 3 years ago

Canonical To Divert Money From GNOME

abulafia Re:Why Slashdotters no longer love Ubuntu (374 comments)

Remember the story a few days ago about why Ubuntu no longer gets love from slashdotters and the Linux community? I think shenanigans like this says it all.

I suppose you could call it shenanigans; but it is all perfectly within the bounds of the MIT/X11 license Banshee is released under. There's nothing in there that says Canonical can't take Banshee's code and re-enable the Amazon mp3 functionality - quite the contrary, the freedom to modify it is expressly stated.

This is one reason why more mainstream commercial licenses are restrictive. You can't give people the freedom to make changes, only to complain when you don't like the changes they've made.


I can give you code, and then. Scream to hi-heaven about what you do with it.

I can give you a car, and tell you you're a fucking moron for trading it for crack.

I can give you a job, and then, well, refuse to answer questions when a new employer comes up, but that's different.

It is idiotic to presume that a permissive license also comes with a free pass from being criticized, or fought against. I don't even understand how someone can think that. Do you sign contracts with your family members about lunch?

more than 2 years ago

US Navy Breaks Laser Record

abulafia Re:ouch (294 comments)

Um, on your intuition that maybe the military should be bigger, what multiple of the rest of the world's force projection capability seems sensible to you? And why? Do you acknowledge that our spending is not static against rivals? That a large, standing army will sometimes be misused? That opportunity costs exist?

more than 3 years ago

The Prospects For Lunar Mining

abulafia Re:Energy requirements? (348 comments)

You mean all that oil on the moon, from the decaying space-dinosaurs, right?

more than 3 years ago

Recording the Police

abulafia Re:Off-topic (515 comments)

It is true - you can transmit a virus via /.

more than 3 years ago



Wall St. Spammers?

abulafia abulafia writes  |  more than 4 years ago

abulafia (7826) writes "Andrew Appel at Freedom to Tinker points to a very interesting theory about the May 6th stock market weirdness. "Competition between HFT systems today has reached the point where microseconds matter. Any edge one has to process information faster than a competitor makes all the difference in this game. If you could generate a large number of quotes that your competitors have to process, but you can ignore since you generated them, you gain valuable processing time. This is an extremely disturbing development, because as more HFT systems start doing this, it is only a matter of time before quote-stuffing shuts down the entire market from congestion. We think it played an active role in the final drop on 5/6/2010, and urge everyone involved to take a look at what is going on. Our recommendation for a simple 50ms quote expiration rule would eliminate quote-stuffing and level the playing field without impacting legitimate trading. ""
Link to Original Source


abulafia has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account