Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Passwords: Too Much and Not Enough

disambiguated Re:Why so high? (188 comments)

Once you have more than a half dozen passwords, your ability to remember them drastically decreased unless you are some sort of savant.

Absolutely. The fact that we (application developers) are dealing with passwords at all is the root of the problem here. The first time I wrote an app that did this (in 1997) I felt a little queasy about it. Yes you should use a three-tier design if at all possible. Ad-hoc queries cause many more issues than just this anyway; stored procedures should be the only allowed access from the middle tier. The password should be hashed a zillion times before being stored or compared.

But really, that's all just band-aids. We should not have to re-implement this for every application, and the user should not be subjected to the absolute train wreck of having to register and make up credentials for every fucking site. I would have thought something better would be here by now.

No amount of bitching at users or developers is going to help. This whole way of doing things needs to be tossed, and we need to figure out which one of these we want. Or something else if none of those are really sufficient. But something.

7 hours ago
top

Researcher Finds Tor Exit Node Adding Malware To Downloads

disambiguated Re:Downloading unsigned binaries? (113 comments)

Point taken -- thanks for the clarification. There are a few comments in this thread that seem to be saying that you can't trust that something hasn't been altered, even when the hash matches, but it's hard to tell what they're saying.

8 hours ago
top

Researcher Finds Tor Exit Node Adding Malware To Downloads

disambiguated Re:Downloading unsigned binaries? (113 comments)

Minor nit-pick: A hash is not a hash. I'm sure you are aware, but just for clarity -- Cryptographic hashes are intended to make it very hard to modify the binary stream without changing the hash. Not all hashes have that property. If you know what the cryptographic hash is supposed to be (you trust the hash) then you can be confident the stream has not been modified if the hashes match (ignoring known weaknesses, e.g. in MD5.)

yesterday
top

Favorite clickbait hook?

disambiguated Re:Am I doing something right? (238 comments)

Regarding your sig: your wife thinks the best way to solve 10% of problems is to start a fire? Nice.

5 days ago
top

Despite Patent Settlement, Apple Pulls Bose Merchandise From Its Stores

disambiguated Re:Bose is overpriced crap and always has been (328 comments)

Yep. This is really more a function of the (guest) OS than anything else. As long as the guest is OK booting under either hardware (physical and virtual) dynamically, it should work fine. It's been a long time since mainstream OSs couldn't do that. It can be a little tricky to set up the VM to use a physical partition, though. That's the part that bootcamp does for you, which is nice, but it's definitely not the only way to make this work.

about a week ago
top

Microsoft Develops Analog Keyboard For Wearables, Solves Small Display Dilemma

disambiguated Re:Microsoft re-invents graffiti (100 comments)

I don't know why everyone is confused about this, but this isn't "unique symbols." The palm pilot input method was innovative because it solved two problems with handwriting recognition. The first problem was that there was nowhere near enough processing power to run a real handwriting recognition algorithm (which existed at the time). The second was that because you are writing each letter in the same space, there is less information to work with. Without character spacing, you have no idea whether a stroke is part of the current glyph or the beginning of a new one. They solved both problems the same way: by making each character a single continuous path, and the direction/order matters. That makes the recognition easier, and it knows when you are done with a character because you lift the stylus.

The downside is that you have to invest quite a bit to learn how to do it. It's frustrating to have to learn how to do something you already know how to do: write.

This is more sophisticated. There is quite a bit of variation in the way people write letters, and without the prescribed continuous glyph, a lot of ambiguity.

Give them some credit. This isn't just a rehash of Graffiti. It's real handwriting recognition. I think that's impressive for such a small device. Not as limited as the palm pilot for sure, but still a very limited machine. It may be an incremental improvement, but that's what innovation is, literally, distinct from invention.

about two weeks ago
top

DARPA Delving Into the Black Art of Super Secure Software Obfuscation

disambiguated Re:Good luck with that. (124 comments)

Without ASLR, return to x exploits are trivial for all x. All that is needed is the address of a function (or any code -- it doesn't have to be the 'official' entry point of a function) that does something useful to the attacker, and a way to clobber the stack.

This doesn't really have anything to do with libc, except that it is a rich source of well known addresses (without ASLR). So what in the hell are you talking about?

about three weeks ago
top

Why Apple Should Open-Source Swift -- But Won't

disambiguated Re:Article shows fundamental lack of understanding (183 comments)

You're both wrong/right. In order to supplant Objective-C, Swift would have to play well with the bazillion lines of Objective-C, and coexist with it for possibly a very long time. On the other hand, even if Apple "could not be more clear" that swift is built to supplant Objective-C, that doesn't mean it will succeed, and doesn't mean Apple won't change their mind. It's a gamble and they certainly know it. They keep that to themselves in order to encourage you to drink the cool-aid.

See also: Microsoft and .NET

about a month ago
top

New Data Center Protects Against Solar Storm and Nuclear EMPs

disambiguated Re:Protection from Nuclear EMPs (59 comments)

If only there were some way to simulate physical systems like that. Where will they find the computing power? Plus the software probably costs a fortune.

about a month ago
top

SanDisk Releases 512GB SD Card

disambiguated Re:1024-fold (210 comments)

RAM generally is, and address space always is.

about a month and a half ago
top

Information Theory Places New Limits On Origin of Life

disambiguated Re:How do you measure the entropy of life? (211 comments)

"essence of life" is an interesting choice of words. Here, read this.

Here's a few choice quotes:

Although now rejected by mainstream science, vitalism has a long history...

Vitalism is no longer philosophically and scientifically viable...

By 1931, "Biologists have almost unanimously abandoned vitalism as an acknowledged belief."

about a month and a half ago
top

Information Theory Places New Limits On Origin of Life

disambiguated Re:How do you measure the entropy of life? (211 comments)

Life is not one of the great scientific unknowns. Live and dead mice are not indistinguishable. No one today expects microbes to spontaneously come into being. Creating life from scratch is a technical problem, not a theoretical one. If stating so is pedantic then so be it.

about a month and a half ago
top

5 Million Gmail Passwords Leaked, Google Says No Evidence Of Compromise

disambiguated Re:What's email? (203 comments)

How quaint. When I need to know something, my computer travels back in time and alters history so that I always knew it.

about a month and a half ago
top

Information Theory Places New Limits On Origin of Life

disambiguated Re:How do you measure the entropy of life? (211 comments)

If all of your measurements are the same, you're either not very good at taking measurements, or you're not very good at killing mice.

about a month and a half ago
top

Information Theory Places New Limits On Origin of Life

disambiguated Re:Thermodynamic equilibrium is not required (211 comments)

You better let the Nobel people know to get his prize ready, because he's right. Entropy is unlikely to decrease in a closed system. But it can.

about a month and a half ago
top

WD Announces 8TB, 10TB Helium Hard Drives

disambiguated Re:When can we stop selling party balloons (296 comments)

I suppose it's going to be a while before we run out of alpha emitters. So the Wikipedia page is wrong then, when it says Helium is a finite resource. Last time I trust Wikipedia (yeah right:).

You said it slowly dissipates into space. That means the rate it leaves the atmosphere is low, so the rate it is replenished is low, and that's the limiting extraction rate.

According to this (that didn't take long), the rate Helium leaves the atmosphere is 50g/s, or 3e5 cm^3/s. The National Helium Reserve is 1e9 m^3. So, extracting all of the Helium from the atmosphere before it escapes, it would take 1e9 m^3 / (3e5 cm^3/s), or over 100 years to replace the reserves.

But extracting all of it is hopelessly unrealistic. I don't know, but it seems even 1% would be ambitious. So now we're looking at tens of thousands of years.

So either the national reserve is ridiculously large, or removing it from the atmosphere is not going to be a solution to the shortage. Right? Or am I missing something (else)?

about a month and a half ago
top

Device Boots Drones, Google Glass Off Wi-Fi

disambiguated Re:Device Drains Boots, Goggles and Glasses of Wat (184 comments)

That makes more sense, thanks. I mean, what's so special about booting from the network, why does it have to be wifi, and why do you need a special device?

about a month and a half ago

Submissions

disambiguated hasn't submitted any stories.

Journals

disambiguated has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?