×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Google and Facebook: Unelected Superpowers?

davecb Re:Just another facet of post 'Citizens United' US (158 comments)

I'd suggest money buys a more effective microphone, as one gets on the big newspapers and the big, high-readership sites, far more easily if you have the bucks.

It's on things like IETF discussions that money doesn't help as much, as it's hard to find people to astroturf on technical subjects, and they rapidly become well-known.

5 hours ago
top

I expect to retire ...

davecb Re:Never! (256 comments)

I was born when dinosaurs walked the earth, and got an excellent job at a startup.
"Live like you'll die tomorrow, learn like you'll live forever" - Mahatma Gandhi

2 days ago
top

Click Like? You May Have Given Up the Right To Sue

davecb Re:The power of EULAs only goes so far (214 comments)

The intention is to convince the reader that they can't sue for the dead rat they found in their canned corn, so they won' t try.

A former employer shipped rat-enhanced corn once, and was both sued and fined for doing so. They became very thorough about warning the employees to watch out for furry critters in the plant (;-))

2 days ago
top

Bidding At FCC TV Spectrum Auction May Be Restricted For Large Carriers

davecb Did that in Canada (91 comments)

The bigs just squeezed the little guys, all legally, until they started to fail. Then they bought them and got the frequencies.

3 days ago
top

Ask Slashdot: System Administrator Vs Change Advisory Board

davecb Solving the wrong problem (290 comments)

In a previous life, we passed around virtual machines rather than doing paperwork. Paperwork is to be sure you have a plan to solve the explosion-and-revert problem.Managing machines instead of paper allowed us to include a process for doing an immediate revert on explosion (;-))

The VMs we passed around were Solaris zones, so they were very lightweight. If I wanted to apply an emergency patch to production, I first applied it to an image, put an instance on pre-prod, a physical machine, and varied it into test. After the smoke-test, I varied it into the pool on the load-balancer, and watched it closely. If it fixed the problem and didn't explode, I put lots of instances on the production physical servers and put them into the load-balancer, quiescing the un-patched instances but not erasing them. If the patch blew up after all, I could revert to the previous buggy release as fast as the load-balancer could disconnect people. Not quite as fast as doing an atomic change on a single server, but fast.

This is a minor variant on some old unix norms: 1) you aren't prohibited from doing even silly things, as prohibitions will keep you from doing something brilliant. 2) You can do anything, but you can't hide what you did, 3) you can change things atomically while running, and 4) if you do something dumb, you can revert it immediately.

The process is a variant/predecessor of ITIL, with pre-set apply and revert steps for emergency changes, which are the high-value part of the whole ITIL change process. Non-emergency changes were a little more heavy-weight, as we tested the patch in an instance in QA, then did a simulated UAT overnight (it was automated, but exceedingly slow), reviewed the results and then the de-facto board decided if we could release the image to production, QA and dev. Your paper-oriented CAB does approve all patches to QA and dev, right? I'll bet they missed that part (:-))

--dave
I did once have a customer where I had to do paper-based CAB approvals, but that was because we weren't funded to have a proper dev, and had no QA at all. As you might guess, we still had at least one fiasco. I shortened the contract as much as I could without doing a no-bid in the middle.

3 days ago
top

Ask Slashdot: What Good Print Media Is Left?

davecb The Atlantic Monthly (284 comments)

Published "As We May Think" soon after WWII, today is "web first" and quite timely. Perhaps a bit fluffier than it once was, but still doesn't care what you think, but cares desperately that you do think.

3 days ago
top

52 Million Photos In FBI's Face Recognition Database By Next Year

davecb Re:52 million pictures, = 2,421 false positives (108 comments)

The (supposed) grandma incident had the clerk acting robot-like and sending her for "random extra screening" and the screener, expecting an armed or bomb-carrying desparado, complaining that the clerk and/or computer was insane...

4 days ago
top

52 Million Photos In FBI's Face Recognition Database By Next Year

davecb 52 million pictures, >= 2,421 false positives (108 comments)

According the wikipedia, the number of pictures being seen as the same with probability p is =sqrt(2d * ln(1/1-p)) If d is 52,000,000 and we use a 99% probability, then for each 21,884.6 pictures we get a false positive with a perfectly accurate matcher. And there are no perfect matchers.

This is a variant of the birthday paradox, where it only takes 100 people to get a 99.9% chance of them having the same birthday, and a mere 23 people to get a 50% chance [wikipedia].

The German Federal Security Service rejected facial matching years ago, for exactly this reason, when I was working for Siemens. The Americans did not, and supposedly stopped someone's grandma for being a (younger, male) terrorist.

If they use this, expect a week or so of everyone's grandma being arrested (;-))

--dave
Mathematicians, please feel free to check me on the numbers: I suspect I'm rather low...

4 days ago
top

FAA Shuts Down Search-and-Rescue Drones

davecb Canada's allowed it for years. (217 comments)

Same rules as non-commercial, plus you must register and find out any local rules.

about a week ago
top

Can You Buy a License To Speed In California?

davecb Failed in Tranna (325 comments)

Toronto police union tried this, but got shut down within weeks.

about a week ago
top

'weev' Conviction Vacated

davecb Re:Or in legal parlance (148 comments)

Yup: excessive enthusiasm and pilpul don't make a good mixture.

--dave
[Hmmn, I'm thinking red/green/refactor may be something legal draftsmen may want to investigate. The conviction was RED, this is GREEN, a good case before a superior court would be the REFACTOR]

about two weeks ago
top

Canada Introduces Privacy Reforms That Encourage Warrantless Disclosure of Info

davecb Re:Eh? (99 comments)

While it didn't address the lobbying, Jean Chretien's effort to shift party funding to $x per vote cast in the previous election was an excellent first step toward taking the power to influence out of the hands of the people who also hire lobbyists. It's contraintuitive that it was the ex-Reform party members who shut it down and took the election-spending power out of the hands of their own "grass roots".

about two weeks ago
top

Canada Introduces Privacy Reforms That Encourage Warrantless Disclosure of Info

davecb Re:Eh? (99 comments)

Indeed: I notice a number of ex-reporters were caught up in the Senate scandal...

about two weeks ago
top

Canada Introduces Privacy Reforms That Encourage Warrantless Disclosure of Info

davecb Re:Eh? (99 comments)

Even if you had no parties, individuals need to get thrown out of office, if only to keep them from getting in a rut.

about two weeks ago
top

Canada Introduces Privacy Reforms That Encourage Warrantless Disclosure of Info

davecb Re:Eh? (99 comments)

We used to have four parties,
Left Left-Center Right-center Right
NDP Liberal Conservative Reform
plus a Quebec party, plus some oddballs.

We used to get lots of debate, and some very different suggestions from the NDP and Reform, which tended to keep the debate healthy.

Now we have Reform, renamed as the "Conservatives", a rump of the Liberals, and a invigorated NDP. The latter two split the left-center vote, the Reform party wins, and the policies look remarkably homogenized.

Bummer!

about two weeks ago
top

Canada Introduces Privacy Reforms That Encourage Warrantless Disclosure of Info

davecb Conversely, Judges...: (99 comments)

On April 8, 2004, the European Court of Justice – the highest court in the world’s largest economy – declared Data Retention to be an excusable violation of fundamental human rights. The court invalidated the entire directive (“EU federal law”) retroactively, making it have never existed. (courtesy Ricvk Falkvinge, https://www.privateinternetacc...

The EU and Canadian constitutions are sort of vaguely similar, so one can likely make the point that, even if the telcos are free to disclose, they're not allowed to keep much of the data the security services would want them to.

about two weeks ago
top

Theo De Raadt's Small Rant On OpenSSL

davecb Re:Summary. (301 comments)

If you're doing a workaround, you need to have a regression test for the thing it worked around, so when the bug get's fixed your test fails, someone reads the description and you can turn off the workaround for that platform. That's pretty-ordinary practice from an anal QA person. And yes, I do TDD and still have an QA person siting across the aisle from me.

about two weeks ago
top

Why There Are So Few ISP Start-Ups In the U.S.

davecb Re:Internet as a utility (including poles) (223 comments)

I like the idea of a co-op, especially down at the level of cities and towns. To avoid eliminating rural areas, it should be bootstrapped from the existing companies, with the process of "rural electrification" under a single management, so we can keep it under tight oversight initially, when the expensive mistakes and bad behaviours are likely but are large-scale, then devolve operations onto the smaller areas. In my view, nothing bigger than a county or a city should manage day-to-day operations, like water and sewer, with the province setting the rules and providing the occasional cop.

about two weeks ago

Submissions

top

Civil Liberties Association files class action for all Canadians, against spies

davecb davecb writes  |  about a week ago

davecb (6526) writes "The British Columbia CLA filed a class action on behalf of all Canadians, against our security services' collecting of metadata, because it allows for a profile to be created of the individuals involved. It's a tough class for a court to certify, but to qualify, the BCCLA needed a class that they knew contained people who were spied upon."
Link to Original Source
top

Android is almost impenetrable to malware: Google

davecb davecb writes  |  about a month and a half ago

davecb (6526) writes "Google’s Android Security chief Adrian Ludwig reported data showing that less than an estimated 0.001% of app installations on Android are able to evade the system’s multi-layered defenses and cause harm to users, seemingly contradicting F-Secure's Android Accounted For 97% of All Mobile Malware In 2013. As you might expect, they're not talking about the same thing."
Link to Original Source
top

The UK's porn filter is blocking the latest League of Legends update

davecb davecb writes  |  about 3 months ago

davecb (6526) writes "Courtesy of Gamasutra, we see the UK's so-called "porn" filter is blocking game updates. As well, of course, as filtering such unimportant things as political and sexual-health sites"
Link to Original Source
top

Canada (quietly) offering sanctuary to data from the U.S.

davecb davecb writes  |  about 3 months ago

davecb (6526) writes "The Toronto Star's lead article today is Canada courting U.S. web giants in wake of NSA spy scandal, an effort to convince them their customer data is safer here. This follows related moves like cisco moving R&D to Toronto. Industry Canada will neither confirm nor deny that European and U.S. companies are negotiating to move confidential data away from the U.S. This critically depends on recent blocking legislation to get around cases like U.S. v. Bank of Nova Scotia, where U.S. courts "extradited" Canadian bank records to the U.S. Contrary to Canadian law, you understand ..."
Link to Original Source
top

Canada courts, patent office warns against trying to patent mathematics

davecb davecb writes  |  about a year ago

davecb (6526) writes "The Canadian Intellectial Property Office (CIPO) warns patent examiners that ..."for example, what appears on its face to be a claim for an “art” or a “process” may, on a proper construction, be a claim for a mathematical formula and therefore not patentable subject matter.” (Courtesy of Paula Bremner at Slaw)"
Link to Original Source
top

Copyright trolls sue bloggers, defence lawyers

davecb davecb writes  |  about a year ago

davecb writes "Prenda Law has commenced three defamation, libel and conspiracy suits against the same people: defence lawyers, defendants and all the blogger and commentators at "Die Troll Die" and "Fight Copyright Trolls". The suits, in different state courts, each attempt to identify anyone who has criticized Prenda, fine them $200,000 each for stating their opinions, and prohibit them from ever criticizing Prenda again."
Link to Original Source
top

Swedish Pirate Party Presses Charges Against Banks For WikiLeaks Blockade

davecb davecb writes  |  about a year ago

davecb writes "Rick Falkvinge reports today that the Swedish Pirate Party has laid charges against at least Visa, MasterCard, and PayPal before the Finansinspektionen , for refusing to pass on money owed to Wikileaks. The overseer of bank licenses notes (in translation) that "The law states, that if there aren’t legal grounds to deny a payment service, then it must be processed.”"
Link to Original Source
top

World Conference on International Telecommunications every bi tas bad as feared

davecb davecb writes  |  about a year ago

davecb writes "Internet Society President, Lynn St. Amour, writes

At the conclusion of today's plenary, the Internet Society is concerned about the direction that the ITRs are taking with regards to the Internet. The Internet Society came to this meeting in the hopes that revisions to the treaty would focus on competition, liberalization, free flow of information, and independent regulation — things that have clearly worked in the field of telecommunications. Instead, these concepts seem to have been largely struck from the treaty text. Additionally, and contrary to assurances that this treaty is not about the Internet, the conference appears to have adopted, by majority, a resolution on the Internet. Amendments were apparently made to the text but were not published prior to agreement. This is clearly a disappointing development and we hope that tomorrow brings an opportunity for reconsideration of this approach.

[ISOC is the quasi-parental body of the IETF, the Internet Engineering Task Force]"
top

Canadian Government introduces a new, different "unlawfull access" law

davecb davecb writes  |  about 2 years ago

davecb writes "The Canadian Government may be shying away from the "lawful access" bill, but the same changes showed up in the new privacy act amendments. Someone with proper authority other than a warrant can ask and receive your confidential information from your ISP. The bill contains a lot more, and rather looks like a systematic attempt to lower privacy standards in the name of privacy, as described in the article Bill C-12: Safeguarding Canadians' Personal Information Act – Eroding Privacy in the Name of Privacy, at the Slaw legal blog."
Link to Original Source
top

The woman's whose making your privacy her business

davecb davecb writes  |  more than 3 years ago

davecb (6526) writes "The woman who faced down Facebook and was dissed by Silicon Valley business boys as "an old-fashioned scold" is really one of the early advocates for using the internet for access to information, and to open up government.

The Globe and Mail has an interview today with Jennifer Stoddart, the privacy commisioner of Canada, who went up against Facebook for all of us, and made them back down."

Link to Original Source

Journals

top

Why branch prediction doesn't help

davecb davecb writes  |  more than 5 years ago

In the discussion about IBM putatively buying Sun, we were having a side-discussion about prefetches and branch prediction.

I had forgotten why my branch prediction performance experiments had failed ("confirmed the null hypothesis") and had to go back to my notes.

It turns out that mature production software tends to be full of small blocks of error-handling and debug/logging code, which is not often used. A Smarter Colleague[TM] and I set out to test the newly-available branch prediction logic, expecting to see a significant improvement. I manually set the branch prediction bits in a large production application, only to find no detectable improvement.

The test application was Samba, so we changed the driver script to only read a few files from a ram disk, to eliminate disk I/O overheads. Still no detectable advantage from predicting the branches correctly!

Then we tried just a single few functions, under a test framework that did no I/O at all. Still nothing.

Eventually we tracjked it down to the debug/log/else logic: the branches areound it were always taken, but the branch-arounds were long enough that the next instructions were in a different icache line, and the cache-line had to be fetched.

It turned out that we had reproduced in code what our HPC colleagues see in data: the cache doesn't help if you're constantly leaping to a different cache line!

--dave

top

Capacity planning in six paragraphs

davecb davecb writes  |  more than 5 years ago

An acquaintance asked about what to measure, and what tools to use, expecting to hear about vmstar, sar or the like.

However, the really interesting measurements are of the application's performance: response time and transactions per second.

Imagine you have a web site which responds in 1/10 second on average, is known to be running on a single cpu (queuing center, to be precise) and is averaging 6 transactions per second (TPS)

From that you know that the maximum performance will be 10 TPS, because ten 1/10ths fit into one second. You also know you're at 60% of the maximum, a nice safe number.

Now correlate this with your average CPU usage, network bandwidth and IO bandwidth, and you have a little estimator for what resources are needed to maintain good performance.

You also know that things will start getting bad at >8 TPS, so if you expect more business in future, you need to add more queuing centers (CPUs) with the appropriate amounts of network and disk I/O bandwidth.

You can also now use both the resource usage figures and tools that all the other folks have suggested, and watch out for growth in each of them. If the trend in their use looks like it will soon get above the number that corresponds to 8 TPS, above, then and only then do you need to start buying resources.

--dave c-b

top

davecb davecb writes  |  more than 8 years ago This is a commonly reinvented wheel, and the version Stefan (metze) Metzmacher suggested in samba-technical is the round one (;-))

A maximally useful log message contains a number of fixed items, usually in a fixed-format header of some sort, and text for the human reader to use to understand the implications of the problem.

From memory, the fixed information includes enough to allow for mechanical sorting by nastiness and occasionally mechanical processing:

- date/time
- origin, meaning machine- or domain-name
- source, in some detail,, including the executable name and process id as a minimum, if applicable, and optionally the file, function and line, it is good to make this one token, for ease of parsing and resilience when one line has "sendmail:parse.c:parse_it:332:1948" and another has only "mconnect:1293"
- pre-classification, meaning the application type, error type and severity. DFAs can switch on this, and should.

The old ARPA format was error type source and severity as three decimal digits, which you still see when smtp says "250 ok". The 2 was permanent success, the 5 meant "the app", in this case smtp, and 0 was the severity. I prefer ascii, not numbers (;-))
- then the text for the human, saying the meaning of the error, the same way you're supposed to write the **meaning** of code in comments, not just say what the code does.

Syslog does about half of this, metze's did most of it.

top

ARPA result codes

davecb davecb writes  |  more than 8 years ago Alas, many folks don't know the old ARPAnet tricks and have to reinvent them. Often inelegantly.

One very handy pair was the ARPA command and return-code standard.

A command was four letters or less at the beginning of a line (record, packet), often monocase, so it could be treated as a 4-byte integer and switched on.

For example, smtp starts ups with
helo localhost
250 froggy Hello localhost [127.0.0.1], pleased to meet you

The "HELO" is the command, and the next line the response.

the first character is an ascii digit, where
1 means "informational message", and is rare
2 means permanent success
3 means partial success, as in a series of steps.
4 means temporary failure, such as "no space", and
5 means permanent failure

The second digit is 5 for "this app" and 9 for "the OS"

The third digit is the severity, so
599 I must close down, my CPU is on fire
is a very sever and permanent error (:-))

The fourth character is an ascii blank if the reply is complete on this line, a "-" if it continues to additional lines. For example, smtp has a help command:
help
214-2.0.0 This is sendmail version 8.12.8+Sun
214-2.0.0 Topics:
214-2.0.0 HELO EHLO MAIL RCPT DATA
214-2.0.0 RSET NOOP QUIT HELP VRFY
214-2.0.0 EXPN VERB ETRN DSN
214-2.0.0 For more info use "HELP ".
214-2.0.0 To report bugs in the implementation contact Sun Microsystems
214-2.0.0 Technical Support.
214-2.0.0 For local information send email to Postmaster at your site.
214 2.0.0 End of HELP info

The three digits and the "-" for continuation allows one to write as simple or as complex a DFA as you like, by doing trivial masking on fixed-length strings.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...