Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Multipath TCP Introduces Security Blind Spot

amorsen Re:Design Issue (37 comments)

First off, it seems unlikely as the phone will either be a corporate device, including BYOD, or a personal device. In the first case the traffic will have to flow across the network (including the firewall)

What stops a BYOD from using multipath? It will have to use the 4G connection when it isn't on the corporate wifi, so what keeps it from using both?

2 hours ago
top

Multipath TCP Introduces Security Blind Spot

amorsen Re:Network-based IPS and IDS are obsolete (37 comments)

Your IDS/IPS cannot look inside SSL traffic

Sure it can. You just push a new root certificate to your devices and intercept away.

2 hours ago
top

"BadUSB" Exploit Makes Devices Turn "Evil"

amorsen Re:Minimal Alert (196 comments)

USB device drivers are not of sufficient quality to make that mitigation very viable. Just exploit the broken drivers instead; on most operating systems device drivers have the equivalent of root privileges.

yesterday
top

Tesla and Panasonic Have Reached an Agreement On the Gigafactory

amorsen Re:Can't Wait! (93 comments)

Personally I am much more excited about a gigatesla than a Tesla Giga.

2 days ago
top

Ridley Scott to Produce Philip K Dick's The Man In the High Castle

amorsen Re:Considering his history... (141 comments)

Wrong way around surely: The test audience found the movie confusing and sad and so the internal monologue and the happy ending was added. Later came the director's cut which attempted (unsuccessfully) to outdo 2001: A Space Odyssey for longest CGI scene with nothing happening.

2 days ago
top

Enraged Verizon FiOS Customer Seemingly Demonstrates Netflix Throttling

amorsen Re: Alternative explanation (394 comments)

The reason why routers are so underpowered is that nobody uses multicast. If there was a strong demand for multicast I'm sure that the manufacturers would increase the capacity of their hardware.

If you build it and it costs less than 6 figures USD, you will drown in customers. It would not be used primarily for multicast at first, it would be used to get BGP working better, but every major ISP would want your router.

Using P2P does not lower the total load on the network, it just spreads it out more evenly.

Correctly done P2P sends traffic through the best route, typically from someone on the same ISP as the recipient and preferably from the same neighbourhood. That lowers total load a lot. Most current P2P networks do not particularly worry about optimal routing; they are much more constrained by traffic shaping or (often artificially) limited last-mile upstream capacity. It would be fairly easy to give priority to low-latency peers.

Besides, P2P can solve the problem of subscribers not watching at exactly the same time. Multicast breaks as soon as someone presses pause.

5 days ago
top

Enraged Verizon FiOS Customer Seemingly Demonstrates Netflix Throttling

amorsen Re: Alternative explanation (394 comments)

Multicast is not a viable technology for truly large scale deployments (more than a few hundred thousand hosts perhaps). Routers and switches do not have the required resources to maintain multicast routing/switching tables for millions of multicast sessions.

The correct way to solve the problem is to push it to the end nodes. They have much more CPU power and memory than routers and switches. The technology to do so has existed for a long time: P2P.

about a week ago
top

Enraged Verizon FiOS Customer Seemingly Demonstrates Netflix Throttling

amorsen Re:Alternative explanation (394 comments)

Thats how the internet is paid for. The sending provider pays the receiving provider for the bandwidth, and this is the only rational way it can be.

No. That is not how it works. The truth is that the smaller provider pays the larger provider, no matter which direction the traffic flows. Some companies, like Netflix, are nice enough to not use their size as an excuse to charge people -- they offer free peering at internet exchanges. Other companies are maximally greedy.

about a week ago
top

Cable Companies: We're Afraid Netflix Will Demand Payment From ISPs

amorsen Re:What? (200 comments)

Netflix limited the highest bandwidth streams to direct peers for a while. Everyone going through transit could not get the highest quality.

Similarly, it would be quite trivial for Netflix to limit non-paying ISPs to lower quality.

about a week ago
top

UK Cabinet Office Adopts ODF As Exclusive Standard For Sharable Documents

amorsen Re:Why ODF? (164 comments)

We are talking about ODF here. The encoding will be UTF-8.

about two weeks ago
top

UK Cabinet Office Adopts ODF As Exclusive Standard For Sharable Documents

amorsen Re:Why ODF? (164 comments)

ASCII is a subset of UTF-8-encoded Unicode. If you do not use anything beyond ASCII in your document, the unzipped file will only contain ASCII. If you put Korean characters into your document (and you do not have to change font to do so, if you are using a decent font), the unzipped file will contain non-ASCII characters. In both cases, the file will be a valid UTF-8-encoded Unicode XML document.

about two weeks ago
top

HP Claims Their Moonshot System is a 'New Style of IT' (Video)

amorsen Re:But Moonshot is years old (68 comments)

www.hp.com is fully moonshot-powered

That would explain why the HP site is so ridiculously slow. Except that it has been slow for years, but maybe they were always running it on prototypes.

about two weeks ago
top

Airbus Patents Windowless Cockpit That Would Increase Pilots' Field of View

amorsen Re: Failsafe? (468 comments)

If the system is down so far as needing that, then it's already crashing i'd suspect. There are no parachutes as a failsafe either.

I give you SAS flight 751. Both engines out, no power to the instruments. "Landed" using the windows and a mechanical artificial horizon. No fatalities (but a few severe injuries, unfortunately).

about three weeks ago
top

Philips Ethernet-Powered Lighting Transmits Data To Mobile Devices Via Light

amorsen Re:IPv6 (104 comments)

An autoconfig ipv6 address is the mac with some static bits shoved on.

Not anymore. Practically everyone implements the privacy extensions, and most do not generate a MAC-based IPv6 address at all.

about a month ago
top

White House May Name Patent Reform Opponent As New Head of Patent Office

amorsen Re:Classic $Politician (211 comments)

It's great that you foresaw it all. That does not really have anything to do with what I wrote.

about 1 month ago
top

White House May Name Patent Reform Opponent As New Head of Patent Office

amorsen Re:Classic $Politician (211 comments)

Obama seems to be the first mainstream US presidential candidate in a long time to "talk the talk" to the kind of people who read Slashdot. The others have been spouting ignorant crap or simply ignoring the topics that most Slashdotters care about. Therefore Obama is the first president that we can be disappointed in -- the others were known bad before they became presidents.

about a month ago
top

Are the Hard-to-Exploit Bugs In LZO Compression Algorithm Just Hype?

amorsen Re:You don't know... (65 comments)

File system drivers in general are not properly security vetted. You can do interesting stuff to a Linux box if you put ext4 on a fake device and start messing with what is on the disk while it is being read. Many device drivers have similar problems; you could find a Linux device driver with a problem and make a fake piece of hardware resembling the real thing while exploiting the bug.

This is pretty much unfixable. While most core OS code is of a high quality these days, there is just too much driver code around. A proper audit is infeasible.

Besides, Thunderbolt makes it pointless. With Thunderbolt, you do not need to exploit anything, the bus provides you with unlimited access.

It is a sad state of affairs really.

about a month ago
top

New Chemical Process Could Make Ammonia a Practical Car Fuel

amorsen Re:waste of time (380 comments)

100% electric cars with electrical-output-only generators have been proven to get unbelievable gas mileage and range in Europe so that's not a bad idea.

Name one. E.g. the BMW i3 has absolutely horrendously bad mileage on gas, and practically everything else is a parallel hybrid, not a serial.

about a month ago
top

Russia Wants To Replace US Computer Chips With Local Processors

amorsen Re:The OpenSSL Disasters were a result of attitude (340 comments)

"Memory allocation is too important to leave to the programmer" vs. "memory allocation is too important to leave to the system". Also, emacs vs. vi.

about a month ago
top

Elon Musk's Solar City Is Ramping Up Solar Panel Production

amorsen Re:Higher capacity for smaller roofs (262 comments)

No. They would not. Concentrated solar is only useful on clear days. It is not a serious option in most of Europe.

Plain old solar voltaic works fine on cloudy days.

Also, it is "Stirling".

about a month and a half ago

Submissions

amorsen hasn't submitted any stories.

Journals

amorsen has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>