Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Ebola Does Not Require an "Ebola Czar," Nor Calling Up the National Guard

dgatwood Re:It may not be a *significant* factor ... (209 comments)

Ebola's almost complete lack of aerosol transmission is and will remain a substantial barrier to the population risk the disease poses

The thing is, what you're saying there is just plain implausible unless the air itself kills the viruses with remarkable efficiency, in which case it would survive for only minutes on a hard surface (like HIV), rather than hours (like influenza). From what I've read, it survives for hours on hard surfaces, which lends serious doubt to any claim that Ebola exhibits an "almost complete lack of aerosol transmission".

Just to be clear, I'm not saying that Ebola is airborne. It currently is not (or at least it is not currently believed to be). However, it is unsafe to assume that the way a virus behaves in Africa (hot weather, high humidity, little use of HVAC, mostly rural, families that stay home to care for the sick) will match the way it would behave in the United States (highly variable air temperatures, potentially low humidity because of the use of HVAC, heavily urban, people who go to work even when sick). Such a conclusion would be fundamentally invalid because it doesn't control for an absolutely insane number of variables.

In particular, with airborne diseases, propagation by aerosol transmission increases rather dramatically when the air is cold and the humidity is low (particularly when it is insanely low because of HVAC). That's one reason why the cold and flu season in the U.S. spikes markedly during the winter. In the parts of Africa where Ebola is currently found, the hot air temperature and relatively high humidity don't lend themselves to aerosol transmission. So there's a distinct possibility that the exact same strain of disease that is not airborne in Africa would be airborne in the United States.

Such temperature-dependent and humidity-dependent behavior would also be consistent with researchers' conclusions after an October 1989 lab incident in which the closely related Ebola Reston virus spread rapidly among physically isolated populations of lower primates. "Due to the spread of infection to animals in all parts of the quarantine facility, it is likely that Ebola Reston may have been spread by airborne transmission." (Beltz, Lisa. Emerging Infectious Diseases. 253)

5 hours ago
top

China Staging a Nationwide Attack On iCloud and Microsoft Accounts

dgatwood Re: I believe you missed who the adversary is (107 comments)

https is and always was broken by design. It is, and never was, safe against a government adversary and it never will be.

Other than certificate pinning (which you can do with CA certs and SSL/TLS just as easily), describe a scheme that doesn't have this problem. No?

At some point, you have to have a trusted party to provide trust in a cert. Otherwise, you have nothing. And that trusted party can be compromised, at which point you have nothing.

Web of trust:

The closest thing I'm aware of to avoiding that involves a web of trust, where trust is distributed more, but without a central authority, there's no consistency in how well different parts of that web perform validation of the identity of the requestor, which results in even weaker trust than with a central authority.

Of course, you could set a trust policy that requires multiple signatures to trust a certificate, but at some point, you're still trusting random websites that you don't know, and whatever limit you set, a government could always exceed it. If you say that three sites must sign something for you to trust it, the government can find three sites that can be bribed, or even use their own sites to sign it.

Mind you, you could carefully craft trust policies, and then manually evaluate every certificate that fails to decide whether you trust it, and that would be more secure for people who are highly skilled at crypto, but for the average person, such a scheme would be much, much weaker.

DNS-based security:

Another proposal for reducing the importance of the CAs is putting the certs in DNS records. This ensures that only those who can mess with DNS can change the certs.

Unfortunately, most users rely on external DNS servers for recursion. If the government substitutes their own, they can refuse all DNSSec queries, and most users will be none the wiser. This effectively makes DNSSec useless until OS vendors make it mandatory by showing errors when it gets an unsigned response.

8 hours ago
top

Manga Images Depicting Children Lead to Conviction in UK

dgatwood Re:Moral Imperialism (452 comments)

Since you don't seem to be able to recognize that drawings of children are not children, it seems to me that you're part of the problem.

Video games encourage you to (in character) kill other people. Do we see hundreds of gamers going out every day and killing people? Of course not. Why? Because normal, healthy people are capable of separating fantasy from reality. Anyone who can't is clinically insane—more specifically, psychotic.

In the same way, arousing sexual lust towards a drawing in a fantasy universe, regardless of the supposed age of the character in that drawing, does not result in any increased risk of people attacking actual children. People are either inclined to sexually abuse children or they aren't. The ones who are will do so even without being exposed to drawings of kids. The ones who are not so inclined won't sexually abuse children even if they are exposed to it.

IMO, simulated child porn is no different from simulated rape porn, simulated torture porn, or any number of other similarly disgusting things. It's fake, and the people who like it know that it is fake, but they derive sexual pleasure from the taboo act of pretending to do something that would be horrible if it were real. As far as I know, there's no evidence that such groups have a higher percentage of people who actually commit those acts than the general population. Thus, criminalizing those fantasies, no matter how disgusting you might personally consider them to be, does not serve a legitimate public interest.

9 hours ago
top

Manga Images Depicting Children Lead to Conviction in UK

dgatwood Re:Ridiculous (452 comments)

It's still perfectly legal to want the President dead. You just can't say you want it to happen. Speaking isn't a thought, it's an action.

Actually, you can legally say that you want it to happen, at least based on my understanding of the law in question. Where it becomes a crime is when there is both an expressed desire to actually cause that harm (or a call for others to do so) and a reasonable expectation that it might be feasible for you (or those others) to do so in the manner suggested.

Here are a couple of examples that illustrate the difference:

  • Lack of intent: In theory, you could legally say that you wish the President would get beaten to death by a gang dressed in clown suits while smoking bananas and drinking cheap beer. If you did so, such a statement would not be committing a crime, because wanting someone to die is not the same thing as threatening to kill someone.

    With that said, if someone actually expressed such an interest, the Secret Service would take a very close interest in that person's background, looking to see if (for example) he or she had ever bought a clown costume, bananas, or cheap beer.

    Additionally, it should be noted that if you then went on to say, "And if I ever get the chance, I'll be part of that gang," then you would almost certainly go to prison, because that statement of personal intent would cross the legal threshold for being a threat. Similarly, if you asked others to harm the President, or said things that appeared to advocate the assassination of the President, that would also be considered a true threat.

  • Implausible means: Most people could legally say that they want to hit the President with a giant meteor from space without committing a crime, because to the best of my knowledge, even our best scientists have no real means of making a meteor fall on the White House, much less some random person who has never had any affiliation with any space program whatsoever. With that said, if you are affiliated with NASA, such a statement might be seen as a threat. Maybe.

Additionally, the following conditions must all be met before something is considered a threat:

  • The threat must be made intentionally, not accidentally.
  • The context and manner of the threat must be such that a reasonable person overhearing it would assume that it was an actual expression of intent to harm the President. (For example, snarky comments at a political rally or in a stand-up comedy routine are not likely to be seen as legitimate threats.)
  • The threat must not be made under duress, and must not be forced.

Of course, you can easily get into grey areas, and if you do, even if you don't get jail time for it, you'll probably get a lot more scrutiny than you'd like.

Finally, I'd like to add that IANAL, and this post should not be taken as legal advice.

yesterday
top

Manga Images Depicting Children Lead to Conviction in UK

dgatwood Re:Moral Imperialism (452 comments)

What society finds acceptable is irrelevant; even if they find it unacceptable, that does not mean it should be illegal.

This. The gold standard for legality is that something should be legal unless it harms someone else—as Justice Holmes put it, "The right to swing my fist ends where the other man's nose begins." Society's values are, or at least should be, utterly irrelevant in determining whether something should or should not be legal, except perhaps in defining what constitutes another person, and in defining what constitutes harm.

Then again, I'm half expecting somebody to deliberately twist that and say, "But manga characters are people, too...." And this, I fear, will be the first sign that all hope for humanity is lost....

yesterday
top

Apple Doesn't Design For Yesterday

dgatwood Re: I don't follow (368 comments)

Wait, how the heck did I misspell Egyptian? And for that matter, how the heck did Safari's spelling correction not flag it? Yikes.

I'm going to plead the "late at night" defense.

2 days ago
top

Apple Doesn't Design For Yesterday

dgatwood Re: I don't follow (368 comments)

It's general knowledge in typography that Helvetica is the most legible typeface.

That's only true at very large sizes—say 5% of your total field of view or larger—and it is IMO highly debatable even at those sizes.

At small sizes, particularly for people whose vision is less than perfect, Helvetica Neue makes Comic Sans look readable by comparison. It's not a question of the screen's resolution; no matter how precisely you render two letters that are separated by a distance that's less than your eye's circle of confusion, you still can't distinguish the strokes from one another.

For example, on my brand new MacBook Pro with retina display, I have no trouble whatsoever reading Courier New at 11 point. It is easily readable, and every letter is visually distinct. Same goes for any number of other fonts, including the venerable Lucida Grande. On that same hardware, my eyes struggle with Helvetica Neue even at 18 point, which means if I want it to be readable, I would get substantially less content on the screen even when comparing it with a fixed-width, serif font!

And the reason for the readability problems are a decided lack of legibility in Helvetica Neue. With Helvetica Neue 12 point, when I look at the word "pill", the "p" touches the "i" until I'm six inches from the screen. And depending on where the letter happens to fall, it may or may not be possible to tell the difference between "pom" (the juice) and "porn" (naughty stuff on the Internet) without getting ridiculously close to the screen. Sometimes the gap is visible, sometimes it isn't. In other words, the tracking is simply way, way, way too tight to qualify as legible. Remember that when designers use Helvetica, they painstakingly tweak the kerning to ensure readability at the target output size. As a general display font without that level of hand-tweaking, Helvetica and Helvetica Neue are crap.

But Helvetica Neue's problem goes way beyond over-tight tracking. The most critical requirement for a font to qualify as "legible" is that you must be able to distinguish letters from one another. Helvetica Neue fails miserably at this, though not quite as badly as Helvetica or Arial.

For example, look at a lowercase "L" and a lowercase "i" in almost any font, and you'll see that they are decidedly different heights. This is deliberate; it makes it possible to tell the difference between a pillow and a plllow, (which I believe is Ancient Egyption for an unreadable typeface, but I could be wrong).

Not in Helvetica Neue. They're the exact same height. This makes it excessively hard to read text that combines those two letters, particularly at small point sizes where the gap in the lowercase "I" is often hard to see.

And speaking of "I", is that a capital "i" or a lowercase "L"? If you're reading this in Slashdot's default font (Arial) or in Helvetica or Helvetica Neue, you probably can't be certain, because the two letters are nearly indistinguishable. So when I say I'm "Ill", do I mean that I'm sick, or that I'm three years old in Roman numerals? At 13 point, even on a Retina display, a capital "i" and a lowercase "L" can look literally identical, depending on where the letters happen to fall and how font smoothing interacts with them. And that's even with getting my corrected-to-20/20-vision eyes as close as a couple of inches from the screen.

Legible, my ass.

2 days ago
top

Despite Patent Settlement, Apple Pulls Bose Merchandise From Its Stores

dgatwood Re:One crap audio brand battling with another (323 comments)

True. On the other hand, we also go to a lot of trouble to make sure it doesn't sound like crap on systems that aren't flat, because we know that some people will listen that way. I've spent many hours doing critical listening in my car, through iPod headphones, etc.

IMO, as long as a system has reasonably smooth response, even if it isn't flat, it sounds acceptable. Where you get into trouble is when your speakers are too small, and in a misguided effort to boost the bass response, the hardware engineers put a huge bump in the lower mids, making everything sound... I guess floppy is the best word I can think of to describe that mess. But as long as your speakers are big enough to produce real bass response down to at least 30 Hz at the typical listening distance (bass tends to fall off faster than treble with distance, so listening difference is critical), flat isn't necessarily that important.

3 days ago
top

Despite Patent Settlement, Apple Pulls Bose Merchandise From Its Stores

dgatwood Re:Clueless (323 comments)

You know, I honestly don't remember. I only use them when I'm playing kit, because they're basically built into hearing protectors, and weigh about as much as my Macbook Pro. :-)

3 days ago
top

Despite Patent Settlement, Apple Pulls Bose Merchandise From Its Stores

dgatwood Re:Clueless (323 comments)

AKG's I can't speak for, but having used noise cancelling headphones I won't settle for ordinary ones. It doesn't matter how good the speaker in the earpiece is, if its competing with noise from outside, its not a clean sound.

For casual listening, yeah. For serious external noise, though, noise isolation is a lot better than noise cancellation. I have a pair that lets me play back existing tracks at a manageable level while beating the ever-living crap out of a drum kit. Now that is clean sound.

3 days ago
top

Despite Patent Settlement, Apple Pulls Bose Merchandise From Its Stores

dgatwood Re:One crap audio brand battling with another (323 comments)

I always find it amazing that audiophiles want 'flat'...this is nice is you want to listen to 'audio' as opposed to music. Unless I'm doing sound design work where the stuff is intended to be in a variety of types and styles of music (i.e., owned a company that use to provide instrument samples / libraries for synth companies), I'm not going to want to listen to anything flat.

Audiophiles—at least the ones who competently seek ways to improve quality, as opposed to the pseudoaudiophiles that spend $200 on a power cord—often listen to a wide range of music. For us, flat is a virtue, because any accentuation of frequency ranges that makes one style of music sound better invariably makes another style of music sound worse.

3 days ago
top

Apple's Next Hit Could Be a Microsoft Surface Pro Clone

dgatwood Re:It's the OS, Stupid (249 comments)

It isn't the idea that is bad; it is the implementation. One device with two distinct interfaces is a recipe for epic failure. But a single, unified interface that can take input in more than one way is useful, assuming you can get developers to adopt it. Mind you, it isn't a game-changer, and it isn't something that would be useful for every app, which makes it a hard sell, but that doesn't mean the concept lacks merit.

For example, if I had a full-scale laptop with a touchscreen:

  • In audio editing apps, I could just reach up and nudge three or four sliders at once, rather than click each of them one at a time. When I need to mute every channel but one, I could reach up and drag across the buttons. And so on. Because mixing isn't something that most people do frequently, you wouldn't have the "gorilla arm" problem. With that said, if you do find yourself doing a lot of mixing, you could always spin the screen around and use it as a tablet, all without interrupting what you're doing, changing apps, moving the content from one device to another, etc.
  • In photo editing apps, you could swing the screen around flat, then treat it as a pressure-sensitive art tablet (using either finger press spread or a stylus to detect pressure). Then you could switch back to the normal mode to work with type layers, adjust layer effects, etc.

An iPad can theoretically do both of those things, but lacks the CPU power, storage capacity, and pointing precision to do aspects of either task well. And although you can buy physical control surfaces and digitizer tablets or use an iPad as a controller in conjunction with your laptop, that's nowhere near as convenient as having it all in a single package, and being able to just reach up and interact by touch occasionally.

3 days ago
top

Apple's Next Hit Could Be a Microsoft Surface Pro Clone

dgatwood Re:It's the OS, Stupid (249 comments)

Correct. With that said, although it is derived from OS X, there are some key differences that make it less than ideal for use in a laptop-like environment. In particular, pointing devices become a problem, in part because iOS doesn't really support them, and in part because apps aren't designed in ways that would work well with mice even if it did.

IMO, any usable hybrid device would really need to run the full OS X stack when in laptop mode, with UIKit running in a full-screen Simulator window when used as a tablet. Otherwise, it's just an iPad with an attached keyboard, which isn't really any more interesting than an iPad with a Bluetooth keyboard.

3 days ago
top

How Nigeria Stopped Ebola

dgatwood Re:Ebola vs HIV (381 comments)

HIV is not present in tears, sweat, saliva, or mucus. As I understand it, Ebola, by contrast, can be spread through all those fluids, though it is much less likely to spread that way than through other fluids.

So no, they aren't strictly spread through the same pathways. Ebola is quite a bit easier to catch than HIV. The saving grace is fact that with Ebola you're obviously sick by the time you're significantly contagious.

3 days ago
top

How Nigeria Stopped Ebola

dgatwood Re:It only takes one ... (381 comments)

When they get sick, they just don't go into the hospital. They ride it out at home.

For Ebola, such self-quarantining is probably a good thing. It means that they're less likely to spread it. You just have to convince their family members to do the same. That's the hard part.

3 days ago
top

How Nigeria Stopped Ebola

dgatwood Re:That works fine if you manage to nip it in the (381 comments)

Depends on how serious you are about containing it. If you consider Nigeria's response to be overkill, then you're correct. If you consider it to be a reasonable response, then I think you're drastically underestimating how badly contract tracing scales beyond a tiny number of people.

The Nigerians' response involved 18,500 in-person visits to handle the fanout from a single patient. Based on that standard, if you ended up somehow with ten patients, in the worst case, you may be talking about visiting every man, woman, and child in an average American city. At just a thousand patients, it means an in-person visit to nearly everyone in the state of Texas. If, God forbid, we end up with as many cases in the U.S. as they have had in Africa, in the worst case, a similar response level would require an in-person visit to almost half of the people in the United States! To describe that as infeasible is a gross understatement. Admittedly, people in the U.S. are more likely to be reachable through non-in-person means, and contacts are likely to have some overlap, both of which make it slightly less infeasible, but an 18,500:1 fanout still qualifies as nuts even in the best-case scenario.

Worse, there's no guarantee that the Nigerian approach will be nearly as effective here in the U.S., because conditions are so different. In Nigeria, most people (statistically) do not own cars. Contrast that with Texas, where in some parts, the average person has three of them gathering rust on the front lawn alone. :-D The more mobile the population, the harder it becomes to contain an outbreak through contact tracing.

3 days ago
top

How Nigeria Stopped Ebola

dgatwood Re:That works fine if you manage to nip it in the (381 comments)

Actually, it is probably good to wait a week. That minimizes the risk to the cleaning personnel, because there should be no live viruses by that point. Now if they had waited a week to seal it off, that would be another story.

3 days ago

Submissions

top

Richard Stallman to Start Fashion Line

dgatwood dgatwood writes  |  about a year and a half ago

dgatwood (11270) writes ""Walking down the halls of MIT, I’d often see my colleagues dressed rather shabbily, and it was then that I decided to do something about it," said Richard Stallman, 60, of Cambridge, MA. So Stallman, a leader in the Free Software community with decades of software design experience, is ready to turn that experience towards a new target: clothing. He is expected to showcase his new line at FOSSCON 2012."
Link to Original Source
top

Feds announce bailout of Kit Kat Club

dgatwood dgatwood writes  |  more than 5 years ago

dgatwood (11270) writes "Federal regulators announced today that they have decided to provide a $69 billion bailout to the financially strapped Kit Kat Club. On further questioning, regulators said that dancer Jugs Aplenty was "an American icon who is simply too big to fail" and described the chain of night clubs as "the last bastion of freedom in a sea of scandals and coverups".

The manager of one club spoke with a Slashdot indy reporter under the condition that he remain anonymous. "Things have been kind of tight for us lately. My customers keep telling me that it is hard for them to find the cash to visit nude bars with the economy in the doldrums. This bailout will ensure that Kit Kat Clubs across the nation can continue to provide quality entertainment and live dance shows that help weary investors beat the economic downturn." He went on to say that he could not think of any business more deserving, saying, "I've got a bone to pick with politicians who wasted all those billions of dollars on banks. What good have banks done for our country lately?"

As always, we will keep you abreast of the latest developments as more information becomes available."

Link to Original Source
top

NIST Announces Reverse Leap Day

dgatwood dgatwood writes  |  more than 6 years ago

dgatwood (11270) writes "The National Institute of Standards and Technology (NIST) today announced a correction as a result of small errors in leap second calculations arising out of the gradual slowing of the expansion of the universe. At precisely 1:00 A.M. Eastern Daylight Saving Time, the date will skip forward by 24 hours to Wednesday, April 2nd, 2008. Director James Turner described this as the first "reverse leap day" in recorded history. He added that he expected a similar correction each year for at least the next seven years.

Americans are advised to immediately adjust their clocks and calendars forward to April 2nd. Director Turner warned, however, that not all countries in the world have agreed to this change yet. "Americans who regularly interact with people in other countries should expect some minor confusion until this all sorts itself out," Turner said, adding that "We considered simply dropping February 29th, but decided that would be too confusing."

For more information, see the NIST Coordinated Universal Time page at http://www.nist.gov/public_affairs/faqs/time.htm."

Journals

top

Chronicles of GoDaddy: How not to run an ISP

dgatwood dgatwood writes  |  more than 5 years ago

This is a review of the GoDaddy.com ISP. For a brief period of time, I used them for both my SSL certificate provider and my hosting provider. That lasted about a week. This review chronicles my experience with GoDaddy so that others can avoid the same fate.

It's hard to know where to begin when criticizing my experience with GoDaddy. It all started with a GoDaddy SSL certificate that was expiring in mid-August. Things started going wrong when GoDaddy sent me the expiration notice in mid-June. I immediately went to their website to renew. When I got there, I got a message that said I couldn't renew it for three days. I wrote them to complain and their reply basically said, "Yes, you can't renew before a certain date." Three days later, on the day it said I should be able to renew it, it still said I couldn't renew it.

A couple of weeks later, I went back to renew. I submitted a renewal for 9 years and paid for it (almost $270). I thought it was odd that they still hadn't sent out the cert, but I figured it would happen on the billing date for the account.

In the meantime, I decided to try to speed up my website by moving large graphics to shared hosting. Since I had a GoDaddy account already, I added hosting to it. Thankfully, I only paid for two months. While uploading content to the server, I started having weird problems almost immediately, finding that the server would just suddenly block my IP (including pings) for several minutes at a time. I theorized that they were limiting the number of reconnects per minute, so I spread the load out across several IPs and finished my uploading. I did all this over the holiday weekend to minimize impact.

Well, once I had the content on the server, I switched my home server to point to the images on that server. The next night, I tried to view a page full of thumbnail images and it stalled for a very long time. The problem went away after a couple of minutes, so I ignored it. When it happened again the next night, I started becoming concerned. When it happened on the fourth night, I started running a script that requested a tiny 15K image once a minute so that I could characterize the problem.

I contacted GoDaddy at this point, and they blamed my connection. I then reproduced the problem from work (where they have multiple OC-3 connections). I contacted them again. They continued to just say "We can't reproduce this" and actually had the nerve to suggest that I call them when I have the problem. How do you call somebody about a problem that only lasts 2-3 minutes from the start of the hang to the end? That's like telling somebody, "When you see a shooting star, text me so I can look up." Yikes!

Then, it got better. GoDaddy contacted me and said that they couldn't issue my SSL certificate because they now issue them for a maximum of 5 years---this in spite of the fact that their website was perfectly willing to sell me a 9-year certificate. So they started the process of issuing a refund.

A few hours later, they denied the refund. At this point, I wrote them back, chewed them out massively, listing in detail the litany of problems I had experienced with their service, carbon copied the president of GoDaddy, and basically threatened legal action if they didn't fix this mess. They restarted processing of the refund, but continued to refuse to honor the terms of our contract.

Their servers are still performing inadequately, so I plan to drop their service entirely as soon as I figure out where to migrate the files. And my SSL cert no longer comes from GoDaddy. I didn't even wait for my existing cert to expire; I don't want GoDaddy to get the free advertising. It also helps that my new SSL cert provider is free as in beer. I figure it's worth the hassle of renewing the cert annually to save $30 a year.

The bottom line is that I was going to spend about $114/year in hosting and SSL with GoDaddy, but because of their completely inept customer support, I'm now going to spend exactly $0 with them, and I will be spending a fair amount of time over the next few weeks posting detailed, harsh, negative reviews of their hosting service on every site I can find, from FaceBook to Web Hosting Geeks....

If I did my job as well as their customer service reps did their jobs, I would have lost my job after the first day. How, precisely, do these clowns stay in business? And how have they not had their credit card merchant account revoked?

David

P.S. Does anyone know of a web hosting provider that allows SSH, is reasonably reliable, and doesn't claim the rights to produce derivative works based on anything you upload?

Slashdot Login

Need an Account?

Forgot your password?