Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Why No One Trusts Facebook To Power the Future

autocracy Re:Because you think Google is any better? (218 comments)

Google doesn't (as far as I know) sell user information to advertisers. They exclusively use their own analytics; all an advertiser can do is submit their target demographics and keywords, and let Google do the math.

s/Google/Facebook/ and that's true. Anybody with a Facebook account can create an advertising account and see what any advertiser sees for targeting options. Try it out, it's eye-opening. You can only provide ads to Facebook users through Facebook. Here's one step further from the company's 10-K filing with the SEC:

We generate a substantial majority of our revenue from advertising. The loss of marketers, or reduction in spending by marketers with Facebook, could seriously harm our business. The substantial majority of our revenue is currently generated from third parties advertising on Facebook. For 2013, 2012, and 2011, advertising accounted for 89% , 84% and 85%, respectively, of our revenue.

We generate the substantial majority of our revenue from selling advertising placements to marketers.

In 2013, developers received more than $2.1 billion from transactions enabled by our Payments infrastructure. While mobile applications can also integrate with Facebook, mobile applications do not process transactions using our Payments infrastructure.

(*.3 = 630 million).

If I compare that to Facebook's income statement, that leaves 235 million (3% of revenue) in loose change revenue. So basically, Facebook isn't running around making money except by selling ad placement. Fair disclaimers: I work for Facebook as a backend engineer for nearly a year now. I pulled all these numbers from the publicly available 10-K report.

I think that Facebook has matured into better respecting privacy from its early days through the years before I started there and I'm very happy with seeing how things are treated internally. I'm further certain that the idea of Facebook selling personally identifiable information about its users would massively undermine the point of having an advertising delivery platform. The attitude of everybody I'm around is about trying to make something that enriches the world.

about 4 months ago
top

Why It's So Hard To Make a Phone Call In Emergency Situations

autocracy Re:Cells in ADSL modems (179 comments)

Your assumption is that you'll give me hardware and I won't alter it or use a software radio to MITM my own equipment. Neither of those is a safe bet.

about a year ago
top

Why It's So Hard To Make a Phone Call In Emergency Situations

autocracy Re:Cells in ADSL modems (179 comments)

Because I'd put something behind the modem and rate-limit, filter, or otherwise alter the traffic. The quality of the service still isn't guaranteed without some agreement.

about a year ago
top

MariaDB and MySQL Authentication Bypass Exploit

autocracy Re:Could have told us what it is (73 comments)

Well, let's explain it right: the compare function uses a variable type cast that paired with certain compiler flags will improperly reduce a larger number storage to an 8 bit interger. memcmp returns 0 when there's a match, any other value otherwise. When some larger number is interpreted as a character and that number is mod(256), then you get a zero when you truncate the leading numbers.

Since the hashing function in MySQL has some variable used every time, you get a different number every time that returns a mismatch. 1 in 256 of those mismatches gets reduced to a number that is represented by a zero... which is appropriate to the cast function, but causes issues when used with memcmp.

more than 2 years ago
top

IT Positions Some of the Toughest Jobs To Fill In US

autocracy Re:Two part problem (886 comments)

3. There has been, up until 2008, and attitude in the U.S. that any college degree is good enough. My state only graduated 40,000 people from community colleges/trade schools this year. Everyone with higher aspirations just went to a 4 year school. To do less is to view oneself as a failure(and employers do too).

There has been too much emphasis on college degrees, I think. This idea that everybody should start with getting a degree out of school seems to lead to many folks with a load of debt who may not be in the field that suits them at the end of the degree. Further, a degree in CS seems to have little correlation with the ability to effectively program. I'm sure there exist some programs that might relate to other fields of IT, but I don't personally know of any that properly convey the skills required for other IT disciplines.

more than 2 years ago
top

Ask Slashdot: What Is an Acceptable Broadband Latency?

autocracy Latency maps and looking glass servers (396 comments)

Latency depends on your destination. It is limited by the speed of light, and governed by how lousy the link itself is. It's how you sometimes get stories like the 500 mile emailFor some reference points:

A map of expected United States latency from some place in Texas.

Often times your first hop on DSL will be slower... my own network right now shows 40ms to my ISP's gateway. 300ms is my ping time from Maine in the US to Australia.

Another helpful source of references are looking glass servers that will let you drop right into another provider's system and see ping times from their perspective.

more than 2 years ago
top

GitHub Hacked

autocracy Re:Linux security or trust (202 comments)

This was brought up when kernel.org was compromised last year. The decentralized nature of git makes that really hard to sneak by, especially if you use the kind of process controls that the Linux kernel uses. Legitimate commits go through maintainers, and maintainers will definitely flip if they see code pulls into their repository that they didn't commit. Some deeper discussion about how you can't just sneak things into the past history is here: http://security.stackexchange.com/a/6771/836

more than 2 years ago
top

How To Sneak In To a Security Conference

autocracy Easy if you know what to do (189 comments)

Hell, I joined the Ops team at Shmoocon this year without any credentials or signup. I tell you that isn't part of their plan. http://storyinmemo.com/?p=48

I spent a day at my first DEFCON missing my badge and managed to keep going all over the conference. Every year at DEFCON I make it a point to get into a guest-listed party that I didn't have access to. Why would RSA be different? I guarantee the DEFCON goons care more and the RSA ticket funds aren't going to making the conference more secure.

Their cost / benefit for tightening things down would be basically nothing.

more than 2 years ago
top

Tech Billionaire-Backed Charter School Under Fire In Chicago

autocracy Re:Diversity in systems (326 comments)

As this school is not part of the public school system, there are other public schools as an alternative for the student to attend.

Compulsion to attend a school is different from compulsion to attend this school.

more than 2 years ago
top

Tech Billionaire-Backed Charter School Under Fire In Chicago

autocracy Diversity in systems (326 comments)

This has a very military / boot camp feel to it, and it is obviously have some sort of affect.

Students aren't required to go to the school, and the fines are relatively small. $5 seems enough to be discouraging to the students without breaking anybody's back.

More than anything, somebody is experimenting with a system, and education needs that. I don't know if it's right, but it's not a compulsory place to be and it's not wrong. Good on them.

more than 2 years ago
top

Automated Machines To Recycle Phones For Money

autocracy Re:shut up (135 comments)

Using it to knowingly misrepresent for fraud, even to a vending machine or kiosk, definitely isn't legal. I doubt advertising a tool as such is acceptable either.

more than 2 years ago
top

AT&T Officially Ends Plans To Acquire T-Mobile USA

autocracy Re:HA! (176 comments)

Europe.

more than 2 years ago
top

AT&T Officially Ends Plans To Acquire T-Mobile USA

autocracy HA! (176 comments)

Bite me, AT&T. Auto repair is competitive.

  * Cell phones in the US have a small pool of providers, especially the nation-wide crowd.
  * They primarily operate with 2 year contracts, and it's hard to get a phone without one.
  * There's a financial disincentive for buying a phone without a contract.
  * Text message rates (for which there is very little data usage, being measured in bytes) have been increasing.
  * Data plans have been increasing in price and providing tighter bandwidth restrictions at the same time.

I loathe AT&T, and I'm stuck with them. Competitive? I'd get out in a heartbeat if I felt I had somewhere to go. T-Mobile has been the closest saving grace to AT&T, so I really don't want to see that absorbed.

Thanks to the Fed did -- they did one right there.

more than 2 years ago
top

Ask Slashdot: How To Securely Share Passwords?

autocracy Use of PGP (402 comments)

  • Private PGP key printed out as a QR code and placed in a safety deposit box. Why? Because it's a durable medium and the electronics can't go bad. You can put it on a USB key too for convenience.
  • Publish your list encrypted with the public keypair of that somewhere your relatives know and can get to.
  • Bank will keep them from snooping by only letting them access your box with a death cert.

more than 2 years ago
top

AWS Load Balancer Sends 2 Million Netflix API Reqs To Wrong Customer

autocracy Re:Whodunnit? (58 comments)

... "there" isn't a mixup on their part. Honestly, it'd be great if the Slashdot API reacted in the same year that I clicked on preview.

more than 2 years ago
top

AWS Load Balancer Sends 2 Million Netflix API Reqs To Wrong Customer

autocracy Whodunnit? (58 comments)

Does this story come with any indication that their isn't a mixup on Netflix's part?

more than 2 years ago
top

Your Tech Skills Have a Two Year Half-Life

autocracy Re:What about languages? (289 comments)

With what libraries and languages what you worked in C? Won't those change? If you're a games person, are you up on DX9? DX10? 11? Database backends? SQL? NOSQL? Have your version control skills expanded to match existing systems? Still using CVS? SVN? Git? "The Cloud" ... have any of your applications been designed with that kind of focus in mind of starting and stopping at any point and being part of a model with dynamically changing resource allocations?

Evolving skills are a demonstration of the ability to continue tackling new problems. I personally don't care less what knowledge you're exhibiting as long as I see things that are on the leading edge still showing up on your resume.

more than 2 years ago
top

US Launches Criminal Probe in eBay-Craigslist Trade Secrets Case

autocracy Re:Uh... (59 comments)

I suppose I mis-stated myself. They have nothing special in the trade-secret sense; ostensibly nothing that can't be derived from looking at their website.

more than 2 years ago
top

US Launches Criminal Probe in eBay-Craigslist Trade Secrets Case

autocracy Uh... (59 comments)

What the hell could EBay have possibly stolen from Craigslist? The site only charges for job postings in a few cities, and that's an easy and publicly declared business model. The webpages are statically generated on a periodic basis, and that's as dumb-down simple as it gets. Unless Ebay walked off with Craiglist's super-secret-neverf-get-spam-through implementation (which I don't think they have), I don't get it.

Craigslist is nothing special, just simplicity done right.

more than 2 years ago
top

Rogue SSL Certs Issued For CIA, MI6, Mossad

autocracy Alternatives (152 comments)

There has been a lot of push at the recent DEFCON conferences, and associated conversation since, to look at alternatives to the current CA system. Moxie Marlinspike has been pushing a remote-view notary system called which is currently a Firefox plug, and Dan Kaminsky has been pushing for DNSSEC.

There has been an awful lot of discussion about the technical details of SSL certificates on the Security StackExchange (Stack Overflow cousin) website, including the related blog post I penned: A Risk-Based Look at Fixing the Certificate Authority Problem.

more than 2 years ago

Submissions

top

Pakistan Telecom hijacks Youtube's netblock

autocracy autocracy writes  |  more than 6 years ago

autocracy writes "Pakistan Telecom, in their zest to comply with the national Pakistan block of Youtube, has begun exporting the route to Youtube worldwide via BGP. This has affected ISPs all over the world depending on which route they think is the shorter connection to Google's popular video hosting site. Some of the more technical information about the routes has been posted on Wikinews"

Journals

autocracy has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>