Slashdot: News for Nerds


Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Judge (Tech) Advice By Results

feenberg There is a name for that (162 comments)

Economists and doctors have been using the WABR concept for many years now. They call it judging results by "intention to treat". So if 100 people are offered a training program or medicine, and only 90 complete the course of "treatment", the base for the percentage successes is 100, not 90. This is a pretty important idea when judging any experimental treatment on humans who can decline after enrolling. It wasn't so much a problem when the treatment was fertilizer on a field.

about 4 months ago

Shutdown Illustrates How Fast US Gov't Can Update Its Websites

feenberg It isn't a technical question (77 comments)

There is a great misunderstanding in all these comments. The question isn't "How long does it take to change 3 lines of code", of course that only takes a few minutes. The question is: "How long does permission to change 3 lines of code take to wend its way through the agency from the Secretary to the contractor?" That typically takes weeks or months, but in this case was done quickly because no one between the Secretary and the coder thought to interfere. That is very unusual. Another question (not answered) is how long does it take for a request from the coder to the Secretary? Typically that would be "forever", which is why most things never get done. It would help if someone below the secretary were authorized to make a decision, but typically that isn't the case.

about 9 months ago

Somebody Stole 7 Milliseconds From the Federal Reserve

feenberg Who is on the other end of that trade? (740 comments)

It would seem foolish to trade within milliseconds of 2pm without knowledge of the Fed decision, since the other party could be in DC and in legitimate possession of the information. So it is surprising that the criminal got a counterparty to accept the trade. This trick will probably only work once. There was a time when this sort of information was released after the close of markets.

about 10 months ago

NSF Audit Finds Numerous Cases of Alleged Plagiarism

feenberg "suspected" (44 comments)

It isn't really a scandal until the cases of plagiarism are confirmed. I once tested some plagiarism software on published academic economics, and it produced many false positives, many of which required some knowledge to interpret. Notice that a grant application may seem to be a somewhat "safer" place to plagiarize, since only a few people will see the application. However, those few might well include the borrowed from author - the granting agency will be sending the proposal for review to many researchers who have written on the topic before..

about a year ago

'This Is Your Second and Final Notice' Robocallers Revealed

feenberg Re:Why not base in California? Or Texas? (235 comments)

I don't know if it is still true, but in years past the Florida AG had a reputation for ignoring scams where the victim was out of state.

about a year and a half ago

Cloud-Powered Facial Recognition Is Terrifying

feenberg Hysteria (286 comments)

They say the false accept rate is .001, or one in a thousand. That is, they can extract about 10 bits of information from a picture. From those 10 bits they claim to get the SSN? Or, they have the picture of a person, and need to identify them in a sample of a million people, they will get back 1000 possible matches.

The complaints about privacy seem greatly overblown. In essence they are saying that if you post a picture with your name, and then another picture without your name, someone with a million dollars of software might recognize the similarities. Of course they might without the computer too. This is just another in the long line of "security" scares which presume that items of public knowledge such as your appearance, name, DOB and SSN can be turned into a secret passwords after 40 years of being public knowledge. The security experts should be spending their time convincing banks not to pretend an SSN is a secret, rather than enabling them by agitating for legislation to make it so.

more than 2 years ago

Court Case To Test GNU GPL

feenberg It is more subtle than you think (371 comments)

According to the article, the defendent is not distributing code containing GPL code. Rather, they are distributing a program that reads from a DSL router and modifies the (perfectly legal) GPL code on the router, reinstalling the modified code. The defendent doesn't think this is a violation, since he does not distribute any GPL code to users, only the binary "diffs". The modified code is never "distributed", only installed on the individuals own router. Since the GPL limits distribution, but doesn't affect "internal" use, there is an argument that the GPL is not violated. However, there is a further section in the GPL that takes up just this point, which is quite orthogonal to any of the arguments posted here. Even if this section of the GPL was not enforced in Germany, it wouldn't be the end of the GPL, as this is an extremely inconvinient way to distribute software, and the liklihood that the "diffs" didn't include GPL code is very small.

more than 3 years ago

If You Think You Can Ignore IPv6, Think Again

feenberg No crisis (551 comments)

IPv6 will be very slow in coming, and there will be no crisis. As ISPs run our of v4 address space, they will offer natted rfc1918 space by default, and charge a few dollars extra for public addresses. Only a few people prefer a public address if charged $5/month for it, and they won't miss anything either. While lots of public servers will be offered in both v4 and v6 space, nothing interesting will require v6. v6 will grow slowly based on its use in purely internal networks. The things lusers need will always be available in v4 and there aren't enough clued users to create a real shortage.

more than 3 years ago

DC Internet Voting Trial Attacked 2 Different Ways

feenberg Re:A solution to a problem that doesn't exist (123 comments)

Maybe sweeps are in November because that is when the elections are? Anyway the problem with electronic voting is not only that it is hard to do right, but also that it is impossible to show the average voter that it has been done right. With paper ballots and each party having a representative at the polling place and at the counting, voters are willing to believe the count is accurate. The offer to examine the source code is less convincing. Saying that the source code has been examined by someone paid for by the company that wrote the code is nothing at all.

more than 3 years ago

OLPC Gets $5.6M Grant To Develop Tablet With Marvell

feenberg OLPC software isn't attractive to parents (100 comments)

The good news is that the Marvel chip won't support Windows.

The bad news is that the child with an OLPC while she may learn to do art on her computer, won't learn to do anything helpful in any labor market on earth. With a tablet, she won't even learn to touch type. I know that the project wants to prepare her for more self-actualizing career, such as poet, designer, president or CIO, very few will have that opportunity if they can't get an entry level job in the urban sector.

more than 3 years ago

Google Acquires ITA Software, Regulators May Balk

feenberg Try it out (72 comments)

You can use the ITA engine at and it is really quite good compared to most airline/agency websites. However, it won't actually sell you a ticket.

about 4 years ago

AT&T Leaks Emails Addresses of 114,000 iPad Users

feenberg Can email addresses really be confidential? (284 comments)

I have been amazed over the last few years that both the general public and security professionals think that email addresses and social security numbers can be made confidential, like passwords. Surely that is impossible to achieve. If spam is to be stopped, it will certainly be another way. If identity theft is to be stopped, it is certain to be another way.

more than 4 years ago

Diskless Booting For the Modern Age

feenberg Not limited to small files (99 comments)

I am not sure where the idea that PXE boot files are limited to 32KB comes from, but we are booting FreeBSD 8.0 with a 240KB boot file with PXE and tftp and have not had to do anything special. We also boot Linux (Fedora 11) with a 4MB initrd over tftp and that has not posed any difficulties either. Our FreeBSD experience is documented at - it works quite well for us. I looked at gPXE and it doesn't really solve any problems we have had. Actually, we have had only one problem - sometimes the OS boot code doesn't support the motherboard ethernet, and we have to add a different ethernet card for post-boot LAN access.

more than 4 years ago

Please Do Not Change Your Password

feenberg Re:Please let me use the same password (497 comments)

Yes, in fact there is no evidence that any password has ever been brute-forced, except in a demonstration. (Dictionary attack is not brute-force).

more than 4 years ago

Oracle/Sun Enforces Pay-For-Security-Updates Plan

feenberg SUN has never been easy to deal with (238 comments)

Interestingly, we had support contracts for several SPARC machines until recently, but when the time
for renewal came around SUN didn't send any notice, and we let it go. I think of this as
"passive/aggressive" behavior on their part and seems typical of our experience with the administrative
side of SUN, although past adventures (such as wrong addresses on shipments) have been worse. .

more than 4 years ago

Google Patents Country-Specific Content Blocking

feenberg No mechanism proposed (106 comments)

The patent makes no sense, because it includes no description of a mechanism for achieving the stated objective. You should be able to get a patent on a particular method of doing something, but since when can you patent all possible methods of doing something? Especially when there aren't any. We have been doing this at work for over a decade, using IP address information from whois servers. It isn't very accurate, but it works well enough for us.

Daniel Feenberg

more than 4 years ago

Why Anonymized Data Isn't

feenberg Ohm is overwrought (280 comments)

I have worked with anonymized government data extensively, and birthdate and zipcode are always considered personally identifiable information. Sometimes birth year is available, and sometimes state or (rarely) county is available, but I have never even heard of a dataset with both. Datasets with month and day of birth are never considered to be anonymized, and are not released. The author of the paper is much overwrought.

more than 4 years ago

The Homemade Hard Disk Destroyer

feenberg Gutmann was wrong (497 comments)

There is no need to physically destroy a drive to prevent data from being read. The claims of Gutmann that it was possible to read overwritten sectors were never sustained by his sources. I investigated this years ago and reported in Can Intelligence Agencies Read Overwritten Data that he was very much overwrought. I see he has gone on to tilt at other windmills since he propagated that myth.

more than 4 years ago

Voting Machine Attacks Proven To Be Practical

feenberg Re:Not a Bug (225 comments)

OK, suppose the tamper-evident seal is found to be broken at the end of the election day. What happens then? Are those votes not counted? I wouldn't expect that result. That would open a door to an intruder going to a district favoring the opponent and merely tampering with the seal. I'd expect the votes to be counted in spite of the broken seal. Is there actual experience anywhere on this point?

more than 4 years ago



feenberg has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account