Watch a Cat Video, Get Hacked: the Death of Clear-Text
Staying in HTTPS but requesting HTTP resources has to be done carefully to avoid browsers from throwing cross domain violations. It's more trouble than it's worth.
I think that is the real crux... I was stunned to recently see that, in a completely clean browser, just going to the Slashdot root page loads 45 third-party domain cookies. That is excluding slashdot.org and dice.com properties....
Supreme Court Rejects Appeal By Google Over Street View Data Collection
its Street View cars were accessing email, web history and other data on unencrypted Wi-Fi networks. A Google spokesman said the company was disappointed that the Supreme Court had declined to hear the case.
Boo hoo Google. By their logic, if I leave my door unlocked, the Google Street View car driver can stop his vehicle, open my door, and read the documents on my desk? Hey, I left my door unlocked so I was asking for it!
The summary is a BS deceptive description of what happened and your analogy is a BS comparison. Google never "open[ed] your door and read the documents". Google drove around mapping streets AND had a wireless sniffer running to capture/correlate access point beacons with location data. Access point beacons are publicly broadcast, not encypted. Google saved this captured data to a file...
Oh, and by the way, it turns out countless morons are running unsecured public access points and transmitting their sensitive information over these public access points (user names/passwords/email/etc). Google inadvertently captured this very public data in the same stream as the public access point beacons.
A more fitting analogy would be:
Thousands of morons walk down the street repeatedly shouting out their user names and passwords for anyone to hear. Google happened to be driving by at the time, dictating notes into a recorder about what features are on the street, which also captured these people shouting in the background. Morons now want Google to be held liable for "wiretapping their private communications".
The Coming IT Nightmare of Unpatchable Systems
Beta sucks... and completely screwed the above quoting and formating....
The Coming IT Nightmare of Unpatchable Systems
Companies aren't "cheapskates", customers are.
Here, I'll prove my point,. You can buy something for $15 today, and have it supported until tomorrow(or whenever) or you can pay $300 for the same exact thing, only support will go for a guaranteed 10 years.
And here is a counterpoint: I was evaluating a piece of robust hardware for installation at remote sites (~$5k). The hardware has a built in micro that monitors all the functions and provides configuration, it is programmed via DIP switches and a serial port, and output status on LEDs and relays (good). The company offers a $700 "TCP/IP" option that provides SNMP monitoring and configuration over IP, as well as uploads all the site info "to the cloud"... because that is all the rage these days.
... The $700 option is a rebadged BeagleBoard connected to the serial port. Do you really think this is going to be supported more than a year or two?
Weird Asteroid Itokawa Has a Dual Personality
For everyone complaining about the beta format. They put a link right up on top of the pages now. Don't just post rants here (personally I doubt anyone in charge reads the comments here) send them emails telling them how much of an abomination it is.
No one is willing to do that any more because it is quite clear that they do not read the emails. By all appearances, by sending an email you are sending your comments to /dev/null. As a side affect, no one else (read: the general Slashdot user base) will know that you also do not approve of the beta abomination. Emails to a dead mailbox, uncounted or analyzed for content, can easily be dismissed as a vocal minority.
In contrast, posting comments in the stories is a very public statement that everyone sees, everyone knows about, and can not be denied later when it is a complete failure. And the "editors" (I use that term very lightly) most definately do read the story comments... they themselves frequently comment on stories.
Over and over again for the last several months you will see long comment strings speaking very explicitly to the problems with the beta redesign, including:
- Massive waste of screen space. Do Slashdot readers really need to see "Latest Tech Jobs" and "Top SourceForge Downloads" taking up 1/3+ of every screen? What about the massive whitespacce this leaves down in the comment sections.... you know, the portion people actually look at? What is next in the beta, to fill these areas with massive flashing/dancing graphics 'ala a Japanese bulletin board site?
- Useless graphics that contribute nothing to content or understanding articles. Huge pictures, often taking more screen space than the story summary itself.
- Complete disruption of comment readability and flow. With the existing format one can easily scan 15-30 comments in a single pageframe and scroll for more. The new format lets you see 3-5 at most in the page frame and you continually have to click "Load More" to see additional comments... a format that completely breaks page refresh and following a link off-page and then back.
And the many, many other insightful analysis of the existing beta problems brought up by other regular readers for months. To date, as far as I can tell, Slashdot has failed to address any of these issue, give any response to complaints, or given any accounting of acceptance rates, email/click-thru/or otherwise. Slashdot has repeatedly posted blurbs about how great the new website is, and how everyone likes it. The comments in existing stories show quite the opposite. We have all seen website crash and die, and regular readers all see Slashdot pulling a Digg death-dive with this new beta.
Residents Report Bright Streak Over Bay Area Friday Evening
... too bad we don't have quite as many dashcams going as there are in Russia.
But there are more than enough.... This showed up on Youtube late last night, I believe this is the original poster:
And then a short time later this showed up:
What Did Google Earth Spot In the Chinese Desert?
I don;t think that is very unique at all... Given a layman's construction viewpoint of the surrounding structures, this would appear to be an industrial/earthworks park, not a military base. The structure looks like a simple shed in a large "U" shape, with an entrance gate in the center. This is very reminiscent of the grand walls and entries you see in lots of Chinese structures, even in otherwise mundane industrial settings. You can see a similar structure here missing most of its roof.
Looking around the site, this seems to be a series of 4 brick making facilities, which are mostly in a state of disrepair. Lot the distinctive features:
- The site is on the edge of a plateau to two distinct soil types.
- The site has large scraped areas and ramps down into the secondary soil type to the north (many of which have subsequently been eroded away).
- The site has piles of earth (apparently from the scraped areas), adjacent to the building sites.
- There are multiple excavators and front end loaders, as well as dumptrucks and associated equipment.
- There are long rows of parallel molds set out to dry in the sun.
- There are additional areas that look to have been indoor (heated?) drying areas in now delapidated buildings.
- There are extra (unused) molds stacked in adjacent areas.
- There is an old power station which probably fed all the facilities when in full productions, but most seem to be derelict today.
- There are no apparent gaurd gates, road blocks, or fences/walls enclosing these surrounding areas... just an open road back to the farmland and local villages.
- There are no apparent army trucks, equipment, bunkers, runways, or barracks anywhere in the area.
Conclusion... This is a series of mud/clay brick making facilities, now mostly in a state of disrepair. The 2 (of about 5 or 6 separate facilities) that appear to have some remaining functionality no longer have production buildings or significant equipment remaining, just open air minimal facilities. Look at any old/disused mining sites in the American southwest deserts and you will see similar features.
ISP Data Caps Just a 'Cash Cow'
Not really. Sure, building and maintaing the *capacity* costs money. But that's a fixed cost regardless of how much of that capacity you actually use. That's very different from water.
No, not really. It is a fixed cost, but capacity is explicitly limited by that initial investment. And it is a very significant cost both to initially install and upgrade. Its costs a lot of money to rip pipes out of the ground to replace a 6" main with an 10" main. Likewise, it costs a lot of money to replace a 100Mb backbone segment with a 1Gb segment.
When a subscriber upgrades their 1.5Mb line to a 10Mb line, they expect to only pay a nominal increase (or more likely get the increase for the same price). They have no concept that actually supplying that backend (an order of magnitude increase) is an immense capital cost. And that subscriber has no intention of paying that capital cost... That means the ISP has to spread that cost out over many years. Yet somehow the user now expects orders of magnitude speed increase every year or 2??? Cost wise, equipment wise, backbone capacity wise (as far as spectrum/etc.) it simply is not feasible.
And don't give me this crap argument "well then they should have built it right in the first place". The real world has real costs. I can install a hypothetical 1Gb backbone now for, lets say, $15,000. I could also install a 10Gb link for $110,000. Spread out over 2 years with 300 customers, that 1Gb backbone (one of a dozen or more you will need) amounts to an increase of $2/month on every customers bill (excluding the cost of borrowing). That 10Gb link will cost each of my customers an additional $15.28 every month.
If I have 300Mb real bandwidth requirements on that particular segment today, does it make any sense for me to install the 10Gb link today? When I will not utilize it for years? When my customers will not pay for it today? Yet somehow several years from now customer expect that 1Gb circuit to magically upgrade itself to 10Gb without any cost.... real money, it's what its all about.
ISP Data Caps Just a 'Cash Cow'
No... As someone who works for a small ISP, and runs the backbone among other things, bandwidth is exactly a commodity like water. Bandwidth is extremely cheap at the source, but the source is not where the end users of that water are. The bandwidth must be distributed across a vast area to many, many endpoints. I can get water out of a river for (nearly) free. But as an ISP, if you want that "water" delivered to your doorstep and I have to pipe it uphill, 50miles from the source, the water is no longer "free". It costs real money to distribute...
Now, my above statements are not meant to imply that the premise of bandwidth caps are not financially sourced... they are. But to extrapolate that backbone peering is cheaper now than previously and that therefore end users are being overcharged, is a complete farce. The entire premise of the article is flawed by a complete misunderstanding of the costs an ISP experiences.
As an ISP, we get offers of dirt cheap peering bandwidth all the time, on the order of a couple dollars per Mb per month for 1GB+ circuits.... But when you question their quoted price in depth the result is always the same... this isn;t bandwidth delivered to your door, to our POP, this is bandwidth delivered on a switch port at the datacenter the peering provider is already located in. I.e. selling me access to the river assuming I already have my feet in the muddy bank. Actually getting that river out of the banks and to my office door costs far far more than the river itself.
So yes, bandwidth is a commodity exactly like water....
NASA: Curiosity Has Found Plastic On Mars
Agreed... Once again the Slashdot editors have failed to do the most trivial investigation before posting articles. In this case the alleged JPL article is at: http://nasaupdatecenter.us/press.html.
Since when is "nasaupdatecenter.us" an official JPL website?
Why is it that this website has no content other than this article and every weblink points to the real site "marsrovers.jpl.nasa.gov"?
Why is it that this site has the "news", but no such story on the real JPL website press releases: http://marsrovers.jpl.nasa.gov/newsroom/pressreleases/
Perhaps more importantly.... do Slashdot editors enter all their bank account details on every phishing website they get any email for? What makes this any different?.....
Google Found Guilty of Libel For Search Results In Australia
It's OK... Slashdot covered it two weeks ago too... So it's not really slow, just the standard dupe.
Mysterious Algorithm Was 4% of Trading Activity Last Week
A few questions:
- Why are you allowed to cancel orders ? At an auction you owe the money once you've raised your hand.
- Why isn't there a fine on traders who happen to cancel more than X% of their orders ? X being in the order of 1.
- Why aren't transactions or even 'reservations' (which is what a canceled order looks like to me) taxed ?
Just to be clear... The above is a grossly oversimplified example of HFT. Thanks to the new world of online trading, an order isn;t really processed until both sides have confirmed the order. In the old days with a hundred guys in a trading pit, someone offering to buy at $150,000/share would obviously be wrong. Mistyping the same in an electronic order that autocompleted could have disastrous consequences, so there has to be a way to cancel a request. Why aren;t there fines or taxes? Well ask NASDAQ/etc.
In the real world the above is happening on trades with a difference of a fraction of a cent. In many cases it may be that Bob has a buy order at $25.01 and Alice has a sell order at $25.00. Eve has millisecond timing and can simply enter the orders faster than any human trader could possibly react. Eve is also taking in every market fluctuation and stock move the virtual instant it happens... meaning a well built Eve can anticipate the bounces in a stock price based on buys/sells and just announced news, before a human could recognize that news. But at the end of the trading day, Eve has no position in the market. Eve has only served to suck money out of the market by acting as an (unwanted) intermediary.
Mysterious Algorithm Was 4% of Trading Activity Last Week
So it is possible to create a large volume of "trades" without actually ever buying or selling anything? I am surprised that isn't gamed on regular basis
It is and this is the basis of high frequency trading... though on Wallstreet they call it "providing liquidity". It works like this:
Alice wants to sell 1000 shares of Acme Corp. She places an sell order for 1000 shares at $25.00 on the exchange, but she also places a minimum bid of $23.90 on the sell order. This minimum bid what Alice is willing to accept should someone counter-offer but is suppose to be secret, only the sell price will be published.
Bob is looking for 1000 shares of Acme Corp. He wants to place it in his portfolio for long-term growth, but he thinks it is currently worth less. Bob places a general buy order at $24.40 on the exchange. For the sake of simplicity we will say that is his only price, though he too could have a maximum bid he is will to pay.
So there is a sell order at $25.00 and a buy order at $24.40 pending on the exchange, nothing trades. Now Bob could make a buy offer to Alice at $24.40 and the trade would go thru, or Alice could make a sell offer to Bob at a lower price and follow thru. In a perfect world the exchange would figure it out and match the orders... but that doesn't happen without further action on the part of Alice or Bob.
Eve is a high frequency trader... Actually, Eve is a high frequency trading program at MegaTraders LLC. and has spotted that there are buy and sell orders for Acme Corp on the exchange. Eve places a bid at $24.99 for Alice's share, the exchange accepts, and then Eve immediately cancels the bid order. Eve has just learned that Alice is will to sell for less than the sell order posted. Eve then continues placing bids on Alice's stock, $24.98, $24.97, $24.96, etc., each time immediately canceling the buy when the exchange accepts the bid. Eve gets down to $23.89, at which point the exchange does not accept the bid for Alice's stock. Eve has just learned that Alice is willing to sell for as little as $23.90 and all of this has happened within 10s of milliseconds.
Remember all those articles on Slashdot about high frequency firm X laying their own fiber directly to the exchange to cut milliseconds off transit time? Having custom L2 firmware on their switches and no firewalls on their trading links to cut milliseconds off transit time? This is why they do it, so they can submit hundreds/thousands of buy/sell/cancel orders on a single stock within a fraction of a second to learn pricing differences between orders that otherwise should be secret.
So Eve now knows that Alice is will to sell for $23.90 and would perform the same procedure against Bob to discover his highest buy price. Once found Eve can now see a price difference advantages to herself. Eve buys the 1000 shares from Alice at $23.90 and then immediately sells the shares to Bob at $24.40, pocketing the $500 difference. On Wallstreet they call this "providing liquidity", anywhere else this would be considered insider trading and illegal. Multiple all this by several hundred firms with special inside access to the market place, each running their own competing Eve programs, and you quickly realize how the market can go into turmoil within seconds....
The Rise of the Junkweb and Why It's So Awesome
Almost all of that was done by wireless telegraph operators decades before RTTY radio geeks, probably one of the earliest being the lewd and suggestive poems inserted into the stream of Marconi's new-fangled "secure" wireless transmission device.
I see your young wipper-snapper and raise you a 1903 old timer.
Google Fiber Work Hung Up In Kansas City
Maybe I'm missing something, but fiberoptics aren't conductive. That's one of the beautiful things about it. Why would they need steel-coated cables to protect them from the electric lines?
The fiber optic cable is not conductive, but the aerial hanger wire and pole supports, to which the fiber optic is wrapped, most certainly are. This is not about protecting the fiber optic cables, this is about protecting the infrastructure (ALL of the utilities on the pole) and the life and safety of those personal working on it. This issue is very clear-cut and Google/Kansas City will lose. They tried to slip in a fast one of defining their own terms for pole placement, but issue of pole line placement is already quite well established
The highest voltage lines are placed at the top of the pole, say 25kV feeder lines. Below that on the power pole, outside the exclusion zone of the upper wire, comes the primary distribution lines, perhaps 7kV or 14.4kV, and below that exclusion zone comes the next highest voltage and so forth... At the mid pole location (and below all the above exclusion zones) comes the secondary distribution lines (120V-480V). Below that level comes the telephone lines (48V), and below that cable distribution. At the very bottom is the lowest power lines, namely being fiber optic cables.
This means that a telephone/etc. service technician never has to be within the exclusion zone of a high voltage, for which they do not have the proper equipment and training. The Google proposal would have the fiber installers working in the same space, and requiring the same training and equipment, as the power company personal who handle live high voltage lines.
Failures Mark First National Test of Emergency Alert System
Came across here at 12:02 MST and the audio stream was screwed up. The audio alerts came thru fine, but the message was extremely faint and unintelligible. About half way thru the 60sec test someone at the radio station cranked the input volume all the way up, horrible high-pitched whine of background noise, but you could at least understand what was being said then. Still, it sounded like trying to tune into a radio station a thousand miles away... The normal monthly tests have never seemed to have that problem.
Slashdot Launches Re-Design
Yep... More laptop has plenty of horsepower, yet the new design has made it useless. A single Slashdot window open and all the Ajaxy crap uses 100% of a CPU continuously. Ajax is suppose to be for enabling small updates to pages (getting more content, updating a status, etc) in response to a user action. Why do people think Web2.0 means continuously run a thread and use all the CPU when doing absolutely nothing????
Congresswoman and Staff Gunned Down
Once again, you are simply wrong. For a grammer Nazi, you seem to be having difficulties understanding the English language.
1. without formality or ceremony; casual: an informal visit.
2. not according to the prescribed, official, or customary way or manner; irregular; unofficial: informal proceedings.
3. suitable to or characteristic of casual and familiar, but educated, speech or writing
People converse using common English, no so-called "proper" English. Perhaps you should pay close attention to the third definition above: casual and familiar, but educated, speech or writing
For a troll, you are not particularly entertaining.
Congresswoman and Staff Gunned Down
How in the hell does one guy injure eighteen people and kill five at an event that surely must have had dozens of police and security personnel?
Why would there be dozens of police and security? Congresswoman Giffords is local representative, not the president. She regularly holds "Congress on Your Corner" informal meetings at shopping centers. Anyone can come up and talk with her on any subject regarding her district. You know... actually talking with your constituents about their concerns, instead of camping out in palatial gated estates where only insiders and lobbyists are invited.
The meet-and-greet event was just starting and there were a total of about 20 people waiting to talk with Giffords, dozens more walking in and out of the market. A total of eighteen people were injured, 6 of which are dead. Not all the injured were shot. The suspect reportedly had a 9mm gun with an extended 20-round clip.
Congresswoman and Staff Gunned Down
For God's sake, it's "through".
–preposition, adverb, adjective
an informal, simplified spelling of through.