Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

What Would Have Happened If Philae Were Nuclear Powered?

dutchwhizzman but orbital reentry? (493 comments)

Sure, it's designed to not fall apart in an explosion. But what would happen if it would be heated up and worn down in a low angle orbital reentry? It could be subjected to melting/burning temperatures for many minutes. I wouldn't be surprised if that would end up in plutonium dust in a big trail in our atmosphere, waiting for living creatures to ingest it some way....

3 days ago
top

Ask Slashdot: Who's the Doctors Without Borders of Technology?

dutchwhizzman Saving lives with JavaScript? (111 comments)

Doctors Without Borders risk their lives giving medical aid to people that are in such dire conditions that "normal" medical people can't or won't work there anymore. They do it without asking the people they treat for any compensation.

How would you put the ability to write JavaScript anywhere in the same ball park? If you want to help out in any way, learn a medical skill and go out in the field with MSF. Don't ride on those heroes names in your arm chair with your covert job seeking advertisement. While you may want to do good, JavaScript can be written anywhere on the planet and used elsewhere. Stopping some four year old kid from bleeding to death because they just got shelled with a "barrel bomb" dropped from a helicopter can't.

This may seem a bit harsh, but my girlfriend works for MSF. She left last Friday to go on a "field trip".

about a week ago
top

Nevada Earthquake Swarm Increases Chance of Larger Quake

dutchwhizzman No? (65 comments)

There is contradicting evidence of series of small earth quakes are an indication for a bigger one to follow. Whether the actual earth quakes have an effect on the likelyhood of a bigger one happening is even a step further in the kind of science we are only starting to figure out. Causation, correlation and chance when it comes to earth quakes so far has been historical statistics and no significant trustworthy method has yet been discovered. Sure, we've made progress and statistics are favorable, but right now there's nothing you can trust on in terms of magnitude or time of earth quakes in the (near) future.

about two weeks ago
top

Study: Body Weight Heavily Influenced By Heritable Gut Microbes

dutchwhizzman 1g food isn't 1g weight gain (297 comments)

If you eat certain food, you could theoretically gain more than 1 gram of weight for every gram of food you eat. The human body is mostly made out of water and you can't go on a "drink less fluids" diet. That means that if you add 1 gram of solids from your food, you could very well add more than one gram of water to your body weight, even if that water holds no calories at all.

about two weeks ago
top

Eben Upton Explains the Raspberry Pi Model A+'s Redesign

dutchwhizzman Olympic size swimming pools (107 comments)

Olympic size swimming pools filled with Starbucks coffee for large quantities.

about two weeks ago
top

Car Thieves and Insurers Vote On Keyless Car Security

dutchwhizzman Liability (221 comments)

This problem is easily solved by placing the liability of a "proper" locking system on the manufacturer and vendor of the car. If the system gets hacked, the manufacturer should be made liable to come up with a fix for that, or buy the car back from the owner at the original price of sale. In the UK most of the provisions for such a system are already in place. It will just take a relatively small and easy law where the party responsible for sale and/or manufacture of a device that later turns out to be fundamentally broken be made liable for the costs of replacing, reparing or taking back the goods.

This will probably turn in to a discussion of what "fundamentally broken" is, but I'm sure the courts will be able to take care of that.

about a month ago
top

Debate Over Systemd Exposes the Two Factions Tugging At Modern-day Linux

dutchwhizzman benefits vs risks (863 comments)

Systemd has it's downsides. The real downside is that you have so much complex code running as root. most other complaints can be dealt with.

Binary logfiles: You're not supposed to keep important log files on the local machine. Send them to your central logging facility where they are stored in a database. If the machine is still running, you can use the appropriate tools to look at the binary log files for debug. All your logging, stats and alerting should be centralized anyway.

Doesn't feel unixy: Get with the times. It's scriptable and tweakable more than ever. Just get used to the way it works.

Solution looking for a problem: Just not true, see the benefits.

Systemd is one of the options to solve some problems that have been pestering unix for a long time.

Dependency in services: Systemd can restart all dependencies on a service in the right sequence if you have to meddle with one part of a stack

long startup times: Systemd has the possibility to start up things in parallel. No long waits for earlier systems that your service doesn't depend on. Mostly useful for mobile users, but HA systems benefit too due to shorter maintenance downtime

Location/circumstances specific profiles: Depending on where you are and what kind of facilities you have available, your system can "adapt" by changing power profiles, network connectivity, firewalling and whatnot. Primary benefits are for mobile users, but servers changing load depending on things like overheating, having to run on UPS power and such are also quite useful.

Systemd isn't the only project that wants to work this way. Upstart is another one that at least wants to deal with the startup concurrency and dependency problems of classical init. Sun (Oracle) Solaris SMF is also a good example of this line of thinking.

While you can have doubts about the amount of complex code and forks to 3rd party code done by systemd while running as root, I don't think it's useful to complain that someone moved your cheese and took away the init scripts you used to use in the old days. Once you figure out how to work with the new tools, you'll find it's way more tweakable and controllable than classical init. If in the end you choose for init or a different alternative, that's up to you, but at least investigate and educate yourself, before you start complaining with arguments that just aren't true.

about a month ago
top

"Police Detector" Monitors Emergency Radio Transmissions

dutchwhizzman they are illegal in most of Europe (215 comments)

they are illegal in most of Europe, which is why this company went through the trouble to make "Cop Detectors".

No, they can't and won't ban these, since they are passive receivers and they detect *any* emergency person carrying a radio. I do suspect that the mobile speed trap teams will switch off their 2-way when working and use their cell phones for connecting with home base. Radar detectors only have a single purpose and because of that purpose they get to ban them for "hindring police investigation". You can come up with semi-legit reasons for having a device that will detect if someone with an emergency service radio, but you can't come up with a single one that will detect speed trap radar signals.

Speed traps with their radios switched off, will only leave unmarked civilian police cars with cameras on board and special "ProVida" brand equipment that are used to film evidence of people speeding by driving behind them that can be detected. Those can't be detected with radar detectors and will be detectable by this system. Still, the amount of speeding people that get caught will be so large with these systems for sale, that I doubt they ar worried much.e

This system has been in "testing phase" for quite a while, I remember reading about beta tests probably over a year ago, so it's hardly news. If they'd be worried, there would have been something happening already.

about a month ago
top

Italian Supreme Court Bans the 'Microsoft Tax'

dutchwhizzman OEMs and MicroSofts risk for the price (353 comments)

It's up to the OEM and MicroSoft to risk bundling the OS with the machine. It's up to the OEM to add crapware that they actually get paid for to install on the machine. If a consumer wants the machine without the software, they should get the retail price of the software discounted off the price of the bundle.

Who pays for the price difference between the money the consumer gets back their money is between the OEM and MicroSoft. Maybe this will teach both to price stuff reasonably since the consumer now will be able to make a more informed and concious desision on actually paying for the OS, or getting a cheap(er) or free alternative.

Sure, you'll see more people pirating Windows. But right now, many companies have to pay twice for a windows license. Once when they buy the machine and once when they install the enterprise version they have a volume license for. That's just as much theft in my book. Upgraded your main board? Pay again for the windows license. You can't have your cake and eat it too. If you sell software, it's not fair to force people to buy it even if they don't use it, just because otherwise someone might pirate your alternative if the computer is sold without an OS. You want to sell, you take the risk.

about a month ago
top

Passwords: Too Much and Not Enough

dutchwhizzman NTLM and LANMAN (223 comments)

Disclosure: I work as a penetration tester In my line of work, we often go for passwords, encrypted or not. Especially on office networks, we go for the LANMAN (yes, we do get to see those on a regular basis still) or NTLM password hashes. Even NTLMv2 are useful to us, although cracking those requires more time.

The reason that LANMAN and NTLM are so useful to us, is that we can just use the hashes to authenticate against remote servers. That's right, knowing the password isn't required, just having the hash is enough for the remote server to authorize us as the person that the hash belongs to. This is "fixed" in NTLMv2 and if you properly implement Kerberos for your AD authentication. However, since legacy systems are abundant, in practically every office network we encounter, the older systems are still in place because of "backwards compatibility requirements".

No amount of password complexity helps against the above problem. Several commercial 2-factor vendors solutions aren't even a solution. Why? Because they replace the password prompt for a prompt for a token generated by their device and once that reply is satisfactory, they simply send the hash themselves. Their solution replaces the password, but not the real weakness, the hash itself.

This may not be a significant problem on the internet, but once an attacker has gained access to your corporate network, this problem usually means doom for anything password protected. This sort of thing happens on a larger scale than most internet users realize. Advanced Persistent Threats (APTs) aren't named that for no reason and they are just a few of the many organizations and individuals attacking companies these days.

about a month ago
top

Passwords: Too Much and Not Enough

dutchwhizzman Biometrics sucks for authentication (223 comments)

Because biometrics can often be cloned, copied or otherwise be "fooled" when used for authentication. Finger print scanners are worthless since so many attacks exist to current finger print readers when someone copies your print. You can't get new finger prints once someone made a copy of yours, so as an authntication method they are worthless.

Some other authentication methods using biometrics exist, but they are generally too expensive to implement in most cases. They may not be "affordably" circumvented yet, but I have no doubt that once it's worth it to put time and effort in it, people will find ways to fool those systems too. I'd hate to have to get new eyeballs because someone copied a scan of mine onto a synthetic ball.....

Apart from this, remote authentication using biometrics replaces the biometrics with some sort of device sending some sort of signal to the remote location with either a signature of the biometric information, or just a version of "I've check this person out and they're okay". You once again transfer the problem from biometrics to some form of digital communication which obviously is just as weak to hack as the technology you are trying to augment for being weak.

about a month ago
top

Passwords: Too Much and Not Enough

dutchwhizzman Trivial to hack (223 comments)

You just created one tiny extra step for people stealing the database. If a system is so flawed that an attacker can get your database, they will most likely only take a few extra minutes to get their paws on your salt.

Granted, they need to write their own module for oclhashcat to get this cracked at a decent speed, but once that's done, your proposal isn't functional.

about a month ago
top

Passwords: Too Much and Not Enough

dutchwhizzman Nobody does that (223 comments)

You must have encountered one of the few systems where people actually pay attention to such "details". There are plenty of locations where you can brute all you want and where the entire DB of passwords or hashes is relatively easy to obtain for a hacker. Since people re-use passwords a lot, that's often enough to get into the few locations where brute-forcing is made more difficult.

about a month ago
top

Tech Firm Fined For Paying Imported Workers $1.21 Per Hour

dutchwhizzman Criminal organization (286 comments)

This is clearly a crime, thought out well in advance by a group of people. Membership of a criminal organization afaik is a felony. Are the owners and management of this company prosecuted for this?

about a month ago
top

Security Company Tries To Hide Flaws By Threatening Infringement Suit

dutchwhizzman No secret memory in his implementation (124 comments)

His implementation only uses non-secret memory and should therefor be safe from these patents. The patents described here rely on the contents of the memory of the contraptions to be "secret" to make the process "secure".

You could even say that the original implementation by INSIDE secure doesn't follow the patent since obviously, the memory content isn't that "secret" anymore.

about a month ago
top

Soda Pop Damages Your Cells' Telomeres

dutchwhizzman Other factors? (422 comments)

So maybe they also worked 10-20 hours a week longer than the control group? Maybe they ate different things? Maybe they lived in a more urban environment?

There have been so many of this sort of researches carried out that came to the wrong conclusion that while this is worrying, I doubt that there's actually any scientific value in this at all.

about a month ago
top

How Whisper Tracks Users Who Don't Share Their Location

dutchwhizzman Not everyone is on dynamic IP (39 comments)

There are plenty of people that are on a static IP that is tied to the box in the end of the street or a few streets further away. Not only that, but depending on what other characteristics they may find on your usage of the line/IP, they can still tie it to you without reasonable doubt if they have estmated location. Even "some doubt" may be enough for an employer to finger out you are behind something and things could cost you your job.

about a month ago
top

Lost Opportunity? Windows 10 Has the Same Minimum PC Requirements As Vista

dutchwhizzman No they won't (554 comments)

They will run in a VM that is hosted on a hypervisor in windows 10. 16 bit apps have been treated "special" since I believe windows 2000, where they got their own process and if you had to kill one 16 bit application, they all went with that. I'm no windows expert, but I believe that since either Windows Vista or possibly Windows 7 they got hypervisored and there was no longer a separate process but an actual VM running for them.

about 1 month ago
top

Grooveshark Found Guilty of Massive Copyright Infringement

dutchwhizzman Google Books (171 comments)

YouTube was purchased, Google's own initiative Google Books is has been using this exact method. Even though YouTube is now mostly annnoying it's users and mostly paying people for ads served, not for content, before Google bought it it was doing the same thing.

about 2 months ago
top

Analyzing Silk Road 2.0

dutchwhizzman Average price? (68 comments)

236 dollars buys you what? A boatload of cocain? One MDMA pill? That's no way to get any relevant information out of research.

about 2 months ago

Submissions

top

Facebook breaks net neutrality to buy users

dutchwhizzman dutchwhizzman writes  |  about 9 months ago

dutchwhizzman (817898) writes "Facebook is convincing partner mobile operators in third world countries to unlock not the entire internet, but just facebook for it's subscribers with a special "facebook only" subscription. By doing so, they are promoting a model where an ISP or operator can charge a fee per web site, instead of flat access rates to the entire network. With the recent agreement between Netflix and Comcast where netflix has to pay Comcast to provide proper service to it's already paying subscribers, we're seeing a worrisome future for flat fee data plans emerge."
top

New Super Doping Winter Olympics undetectable?

dutchwhizzman dutchwhizzman writes  |  about 10 months ago

dutchwhizzman (817898) writes "A journalist bought a substance known as "full size MGF" that is said to be undetectable by current doping detection methods. The substance has only been used in clinical animal trials and is supposed to reinforce muscle tissue. The press in Europe is running a big story that the drug can't be detected and people that spend 100,000 dollars will have an unfair advantage at the Winter Olympics. While current methods may not be able to detect the substance used, it is inevitable that future detection will be possible. Shouldn't the question be rephrased to "Will the samples taken from athletes at the 2014 Winter Olympics contain traces of full size MGF?""
Link to Original Source
top

Hackers vs Police paintball match

dutchwhizzman dutchwhizzman writes  |  about a year and a half ago

dutchwhizzman (817898) writes "In a small town in the Netherlands, people from the hacking scene, police, cyber soldiers and several government agencies gathered to discuss their differences. (https://www.opcyberpaint.nl/ Dutch Language, as well as the video link below) This time, not only words were used, but paint ball guns were chosen to make arguments that words just could not bring across. Pictures can be found at http://www.flickr.com/photos/40532667@N08/sets/72157633705123865/"
Link to Original Source
top

Oracle knew for months about java 7 zeroday

dutchwhizzman dutchwhizzman writes  |  more than 2 years ago

dutchwhizzman (817898) writes "Polish security researcher Adam Gowdiak submitted bug reports for the current Java 7 zero day exploit that's wreaking havoc all over the Internet months ago. It seems that Oracle can't or won't take such reports seriously? Is it really time to ditch Oracle's java and go for an open source VM?"
Link to Original Source
top

Kimble out on bail

dutchwhizzman dutchwhizzman writes  |  more than 2 years ago

dutchwhizzman (817898) writes "Kim Dotcom, Also known as the hacker Kimble, owner of MegaUpload has just been released on bail. The judge thought he wouldn't be able to flee, because he won't have access to his money. The question is now, if someone has dozens of bank accounts and a safe room, wouldn't he be burying some maple leafs around the globe as well?"
Link to Original Source
top

Monty Python to reunite for movie

dutchwhizzman dutchwhizzman writes  |  more than 2 years ago

dutchwhizzman (817898) writes "The surviving members of Monty Python have announced they will make a new movie. It will be titled "Absolutely Anything". Graham Chapman won't be there to join them anymore, but they think the movie will still be in the spirit of "Life of Brian", "The meaning of Life" and other movies they made in the past."
Link to Original Source
top

TomTom reorganizes 10% of staff away

dutchwhizzman dutchwhizzman writes  |  more than 2 years ago

dutchwhizzman (817898) writes "Today, Tomtom, fabricator of location and route planning software and devices, announced a big reorganization. Once the biggest player in the market, TomTom is now one of the many companies offering a little box or an app that guides you to where you want to go. Also the built in navigation features of many new cars eat away at TomToms empire, it seems. Roughly 10% of the staff will have to find employment elsewhere. About half of them will be fired, the other half will not be replaced when their contracts end."
Link to Original Source
top

Southern hemisphere yellowstone sized caldera foun

dutchwhizzman dutchwhizzman writes  |  about 3 years ago

dutchwhizzman (817898) writes "Uturuncu is a Bolivian supervolcano. Research suggests that it has an eruption frequency of roughly 300.000 years and the last eruption was, give or take a few years, 300.000 years ago. Research suggests that it started raising in a 70 km circumference by 1 to 2 centimeters per year, making it the fastest growing volcano on the planet.

Break out the tin foil hats, and store plenty of canned beans, because it may just erupt before Yellowstone pops it's cork."

Link to Original Source
top

Binary usenet groups prohibited in the Netherlands

dutchwhizzman dutchwhizzman writes  |  more than 3 years ago

dutchwhizzman (817898) writes "Amsterdam based Usenet wholesale provider News Service Europe has been mandated by the court to remove all copyright infringing content on their servers, or face severe financial penalties. Dutch copyright MAFIAA organization BREIN has won a court case making the usenet provider responsible for the content posted on other platforms than their own.

Could this be the end of usenet as we know it, or will an appeal be won by NSE? Why didn't the judge make the provider that allowed the posts responsible? Why did the judge not honor the "cancel message" procedure that technically exists in the NNTP protocol?"

Link to Original Source
top

Dutch court bans Samsungs Android 2.3 devices

dutchwhizzman dutchwhizzman writes  |  more than 3 years ago

dutchwhizzman (817898) writes "Today a Dutch court banned the Galaxy S, Galaxy S2 and the Ace. The ban will only apply to these devices when running Android 2.3 and is effective starting October 15th. The ban is based on apples scrolling patent and this is "fixed" in Android 3. It is expected that Samsung will upgrade to Android 3 very soon, probably before October 15th."
Link to Original Source
top

Google to cut off most of Labs

dutchwhizzman dutchwhizzman writes  |  more than 3 years ago

dutchwhizzman (817898) writes "Bill Coughran, SVP for Research and Systems Infrastructure, announced severely limiting of Google labs. They won't pull the plug completely, but the nifty features in several google apps that were available via labs, will most likely not get updated, and fewer new ones will appear."
Link to Original Source
top

Plan to test Shakespeare remains for marijuana

dutchwhizzman dutchwhizzman writes  |  more than 3 years ago

dutchwhizzman (817898) writes "A team of scientists has submitted a formal request to test the remains of William Shakespeare for drugs. Notably, for marijuana, since remains of clay pipes found in his garden have been tested positive for four-twenty. If they get permission, we may have to adjust our view on his world famous plays quite substantially."
Link to Original Source
top

MicroSoft Office 365 goes live

dutchwhizzman dutchwhizzman writes  |  more than 3 years ago

dutchwhizzman (817898) writes "MicroSoft today officially announced the worldwide launch of their in-browser office collaboration suite. They have recently been communicating that they are planning on a cross browser, cross platform support for all their apps in the future. Now is the time to see if they can live up to that plan and if it's any good."
Link to Original Source
top

Bittorrent and uTorrent sued for protocol

dutchwhizzman dutchwhizzman writes  |  more than 3 years ago

dutchwhizzman writes "Bittorrent and uTorrent are sued for using techniques in their clients and the bittorrent protocol. From the article it appears that technologies are used that were submitted in a 1999 patent, that was approved in 2007. This itself is not uncommon, but reading what technologies are used, HTTP could very well be prior use, or violating at least part of the same protocol."
Link to Original Source
top

Fedora refuses to fix broken flashplayer in 14_64

dutchwhizzman dutchwhizzman writes  |  more than 3 years ago

dutchwhizzman (817898) writes "After over 150 entries in a bugzilla bug over Adobes' broken 64 bit flash player, there still is nobody that is fixing the problem. Even Linus Torvalds himself has given his comment that no matter who broke it, Fedora should just fix it, since the end users don't care. Fedora developers so far refuse to revert a change to glibc that triggers the bug in Adobes's software, "because the bug is in Adobes' software and Adobe knows it's in there".

In the mean time, end users are left with glitches and broken sound in their 64 bit OS experience, and only a few found the cause and remedy for this in the bug description. Right now there is even a plea to stop submitting comments to the bug, in the hope that the developer might want to revisit it and read what should have been done weeks ago. Is it really so that developers, in this time and age, can dictate what gets commented to a bug and what gets fixed in such a big community project, just because they are the ones with write access to a repository?"

Link to Original Source

Journals

dutchwhizzman has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?