Slashdot: News for Nerds


Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Verizon's Accidental Mea Culpa

hAckz0r Re:Answer needed (388 comments)

This is fine. If Verizon wants to increase *my* bill because of my bandwidth is higher, then you and I have no problem. I pay more for that bandwidth. That is an open market system. But that is based on my bandwidth usage and not by increasing the cost of a competitor. If I were instead downloading Gigabytes of anything else, again Verizon would have the right to charge *me* more money.

Charging Netflix money just to connect is anti-competitive, because both companies sell the same service, only one is the gatekeeper to the customer. If anyone gets charged more for my bandwidth it should be me, and only me. I then get to choose who I use to connect to the Internet. If Verizon raises my rate I have the right to go shopping. If they rise the rate for Netflix that is extortion, and Netflix doesn't get to go shopping for a better source of customers. it doesn't work that way, and there are laws against that sort of thing. Why Congress doesn't get it is a mystery to me.

3 days ago

Verizon's Accidental Mea Culpa

hAckz0r Re:Answer needed (388 comments)

How about because customers are paying them for Internet service, and going to Netflix is where they want to go? People don't want to pay for bad service do they? The real problem here is Verizon is a competitor to Netflix, and Verizon is not only being allowed to be anti-competitive but also hoping to get paid for it.

4 days ago

Cosmologists Show Negative Mass Could Exist In Our Universe

hAckz0r Re:We've observed and created antiparticles (214 comments)

No, I think the next step is likely that someone will 'mathematically prove' that you can have anti-energy or something cruft like that, to explain away Dark Energy. Where the word 'prove' actually means 'infer' from some magical fantasy land mathematical contortions. Once you divest yourself from the physical reality you can twist equations around to do many impossible things. Why so many people invent fantasy to try and explain away actual evidence is beyond me. At least with anti-matter we have actual evidence of it. We can create it, and experiment with it. Its physical.

You just can't do that with Dark Matter or Gravity waves, because they simply don't exist. General Relativity is thermodynamically incomplete as a theory and no amount of fantasy-like invention is going to compensate for an incorrect/incomplete theory.

5 days ago

Giant Crater Appears In Northern Siberia

hAckz0r Move along, nothing to see here... (122 comments)

Maxwel Smart agent 86 just prevented KAOS from turning their Super-laser on to the US Capital building last year. Unfortunately, as usual, he tripped over the power cord and spun the lazer around and blew a 40 meter hole in the USSR Siberian outback before his food tangled and pulled out the power cord. That incident of course caused a fair amount of damage and eventually forced the KAOS spaceship to perform an emergancy landing right behind the CONTROL building parking lot. Furtunatly 99 prevented Hyimie from repairing the craft which would have allowed the KAOS agents to excape. The Chief is in protracted negotiations with the Kremlin over the loss of the summer vacation home that was said to be on that property.

I'm guessing that less than 2% of you know probably what the heck I'm talking about here.

5 days ago

Researchers Find Evidence of How Higgs Particle Imparts Mass

hAckz0r Another giant leap? (91 comments)

By leap I mean assumptions, not 'getting ahead'. How does one go from proving that a Higgs CAN decay into fermions, in accordance to the math of the standard model, all the way to saying that the Higgs is responsible for creating mass in general? What is the proof of any connection here? Yes, a fermion will have some mass, but how do they manage to jump to the conclusion that the Higgs creates the mass of all particles? I've looked a the paper and still don't see any connection. Looks like another overly sensational headline to me.

about a week ago

Tractor Beam Created Using Water Waves

hAckz0r If we could only do this with space-time (71 comments)

Anti-gravity! But how does one perturb space-time? We can't even detect gravitational waves much less create them. I don't think we will solve this one overnight

about two weeks ago

Airbus Patents Windowless Cockpit That Would Increase Pilots' Field of View

hAckz0r Already been done before (468 comments)

The F-35 does the same video trick, the only difference is there is still a cockpit and the video is in the helmet not on a screen. It seems all you have to do is steal someone's idea and make a small modification and... Profit!!

about two weeks ago

NSA Considers Linux Journal Readers, Tor (And Linux?) Users "Extremists"

hAckz0r Is NSA being just a little Schizophrenic? (361 comments)

First they publish the SELinux security enhanced architecture for all of the Linux community to use, to be safely computing. A really great technology, and highly advisable.

Then they put all the people on the black list that might want to *read* about SELinux, or other technologies, before using it?

Come on, you either want people to be safe _from_ hackers (the bad guys) or arrest all the hackers (software engineers). Maybe someone needs to buy them a current dictionary including the many uses of the common word "hacker" and what it really means in which context?

about three weeks ago

Microsoft Wants You To Trade Your MacBook Air In For a Surface Pro 3

hAckz0r Re:This is telling (365 comments)

Microsoft has given up trying to promote the Surface as a ...

... saleable machine. Rather than dumping their excess, in public view of shareholders, they are now even more willing to take a more substantial loss, so long as they can still claim X millions of units sold . Better than tossing them like with the Surface RT. Shareholders will likely complain if they try that one again.

about a month ago

Ask Slashdot: Communication With Locked-in Syndrome Patient?

hAckz0r Re:Eye tracking (552 comments)

I'd mod you up if I could.

There is LOTS of eye tracking software out there. Just do a Google for 'eyetracking software' and there are lots of hits, far too many for me to list here.

just as an example is here but there are many many more. Even open source.

about 2 months ago

SCOTUS Ends Novell's Anti-Trust Cast Against Microsoft

hAckz0r Re:way to over simplify the issue win the summery (174 comments)

No, what they did was to dup Novell into developing a complex product using an API that they provided, but planned on changing at the 12th hour to defeat their competition out of the gate. Their goal was to make Novell look so bad in the eyes of the consumer that nobody would ever trust the product again. This is pure maliciousness and way over the top. Its one thing to simply not give information, its entirely another to mislead and make your competition do what you tell them, and then change it so that it is guaranteed not to work.

Bottom line: If you shake hands with Bill Gates you had better count your fingers.

about 3 months ago

Comcast Offers To Shed 3.9 Million Subscribers To Ease Cable Deal

hAckz0r Re:Don't mind being sold (154 comments)

Better if it were every other neighbour. That way there would have to a second cable company's cable in the ground and some actual competition in the neighbourhood. Satellite doesn't count as competition if what you are after is voip or Internet access. When you are the only game in town it doesn't matter how many subscribers your local monopoly has. Selling and buying any number of subscribers doesn't make any difference to the locked-in consumer.

about 3 months ago

How Much Data Plan Bandwidth Is Wasted By DRM?

hAckz0r Android (200 comments)

Load up an Android VM on your PC and sent/Fipps/share the video output to your WiFi connected TV

about 3 months ago

Asteroid Impacts Bigger Risk Than Thought

hAckz0r Re:1-600 kilotons (172 comments)

Yes, and the story line would have been a lot different if they had just come out and said that only two were greater than 20 kilotons. Now compare that fact with the statement "Hiroshima was a 15-kiloton device" to put things more in perspective. Granted, you don't want one falling on your city, but it isn't going to kill millions more with deadly radiation after the impact either. Its the aftermath of the A-bomb that was so gruesome. Until the asteroid gets big enough to create a 'nuclear winter' the risk to humanity in general is fairly small.

about 3 months ago

Why Portland Should Have Kept Its Water, Urine and All

hAckz0r More sanitary than the dirt he pissed on. (332 comments)

In survival manuals they will often tell you to piss on open wounds if you are unable to find a source of clean water to help clean out a dirty wound. Why? Because not only will the urine fluid flush out the bacteria but it will also kill a percentage of them.

In the early days (colonial and uses-of-urine-442390/?no-istbefore) it was common for people to brush their teeth with urine, because it helped whiten the teeth and the ammonia can kill some of the bacteria that caused gum disease.

Historic uses for urine

about 3 months ago

Investors Value Yahoo's Core Business At Less Than $0

hAckz0r Investors are just figuring this out? (150 comments)

I guess they are used to using it to watch their stocks, probably the one useful thing on that site.

I have been forced to sign up for YahooGroups over the years just so that I can have my email address stolen by spammers and receive copious supplies of electrons in the form of Viagra emails. We could run the planet on that electricity coming across the wire. I learned long ago to use disposable email addresses and to block all other than the Yahoo mail servers just to keep the spam under reasonable control. I would dump it in a heartbeat if the projects I needed would just move elsewhere. No such luck.

about 3 months ago

Bill Gates Patents Detecting, Responding To "Glassholes"

hAckz0r Re:bullshit patent (140 comments)

Yea, he is patenting the use of one camera to detect another. Pure BS. Now let the stealth and polymorphic camera wars begin!

about 3 months ago

Student Records Kids Who Bully Him, Then Gets Threatened With Wiretapping Charge

hAckz0r Administrator mentality - see, hear, & do noth (798 comments)

I could have been this kid back in Jr High school. I might even have done exactly what this kid did back then, if recording devices didn't weigh a ton. Yea, I'm dating my generation here.

Bullying was out of control, even back then. Its nothing new except for the media is finally covering it. I was no the receiving end of that bulling up until the day I took Aikido. My instructor was an elderly woman weighing in all but about 86 lbs soaking wet. That class change my life. I had started taking Judo 9 month earlier but it had not yet come in handy for anything. After sitting in on just one Aikido class at the ripe old age of 13, only watching, I threw and pinned my adult Judo instructor using an Aikido move in a sparing match when I was just supposed to be the practice dummy for class demonstration purposes.

Since graduating from high school, I have also taken Taekwondo, Shaolin Kung Fu, and Kenjutsu, but I always come back to Aikido in a time of need and/or a delicate situation. Its just more useful in everyday life. You merely use the opponents own energy against themself, by understanding the physiology of the human body and how it can and can not move. The philosophy of not hurting the opponent is the best part of it, and therefore useful for almost any kind of bad situation.

My last encounter with such a school yard bully was as a bystander in a high school metal shop class, only I just couldn't stand there and watch it happen. The Class Clown (aka dumb F*@ck ) took a hand full of metal shavings off the lathe and went to shove it down this one kids shirt, and my own hand wound up going in right behind. I clinched his fist so he could not let go of the metal shavings, pulled his hand out slowly, squeezing his hand with around 90+ lbs of pressure, and then gently rolled him across the shop bench table with one hand. All 200 lbs of him, while I was about 150lbs at the time. Its proof that with enough thrust even pigs can fly....

The administration, as you might guess did nothing, so the mighty sward of 'do-nothing-ever' cuts both ways at times.

A little bit of self confidence can allow you to talk your way out of bad situations a lot more easily. Simple fact, its no fun to pick on someone who is just not afraid of you. The bullies are after the feeling of control they get when someone submits to their will, and they won't get any kind of satisfaction like that here.

about 3 months ago

The Security of Popular Programming Languages

hAckz0r Re:Not a useful paper (189 comments)

I think 'slot' is a misinterpretation of someone else's pronunciation of SLOC, or source lines of code, but its usually used in (kilo) k-sloc or (mega) m-sloc when talking about errors in software. if you are talking about just sloc you are in deep trouble bug wise.

Another possibility is in GUI programming there is a such thing as a slot, which is essentially a callback routine associated with an interface control. However applying that definition to an error count metric is troubling since there is no standard size for a callback.

For what its worth, whatever language NGINX is written in is not the one to use, the site gateway is apparently down, implicating a bug in the web software serving the article. Maybe the hackers are trashing the servers right now? I would have liked to have been able to read the article on broken web software, but the web software was broken.

about 3 months ago

How a 'Seismic Cloak' Could Slow Down an Earthquake

hAckz0r Re:Weaponize (101 comments)

Very true. Waves have both constructive and destructive interference, and the sources would have to be perfectly aligned to really negate the energy. That of course means your cloak would need to be deep inside the earth exactly where the seismic energy is coming from. And good luck at injecting enough energy to affect trillions of tons of rock exactly in phase with a seismic wave that you didn't know was coming exactly at that instant. This kind of nonsense could only happen on April 1st.

about 4 months ago



Say NO to software patents

hAckz0r hAckz0r writes  |  more than 2 years ago

hAckz0r (989977) writes "The (!/petitions ) now has an online petition to stop the USPTO from issuing any more software patents. One must register first with the petition site, wait for the confirming email, login, then locate the "Open Petitions" menu to go to the list of petitions. Scroll down to the one called "Direct the Patent Office to Cease Issuing Software Patents", and then do what you think is right. They need 3,428 petitions total to make it meaningful, and has logged 1,572 as of my entry."
Link to Original Source

Finding Compromised/Malicious Source Code

hAckz0r hAckz0r writes  |  more than 5 years ago

hAckz0r (989977) writes "I am in the final phase of a research project software design which, believe it or not, intends to help locate embedded malicious logic in Mega-SLOC sized source code bases, and eventually even across multiple computer language linkages. This tool is intended to aid an analyst in finding things like back doors, Easter eggs, time bomb logic, or other undesired or malicious logic inserted into the source code. The design has been highly scrutinized, and the funding for the project is now looking imminent. Once all the final papers are signed, and it really happens, then it's straight from the frying pan into the fire for me. The educated nay-sayers will no doubt be quick to remind me that you can't prove a negative. I already know that fact all too well.

Ok, now on to the real question. In order to prove any real life viability in the final software implementation we will need to demonstrate its many capabilities against a set of real life threats. I could write my own tests but I feel like that would be like cheating. Compromised 'Open Source' projects would be an obvious choice for availability reasons, but the problem is that as soon as an OS project admin realizes that their software product has become compromised, it literally disappears off of the Internet, almost over night. Poof! Gone! The Fedora/Redhat OpenSSH compromise could be one such example. Anybody even seen any Fedora updates lately?

I can start by chasing down other repositories that cache rpm source and then do my own deltas, if they have not already pulled that deprecated version, but that is still timing dependent. Obtaining copies of even older exploits seems to be even more troublesome and very time consuming, especially if one has to actually contact the project owners directly to revive a specific deprecated version number.

So my questions to Slashdot are:

1)Is there a compromised source code repository I am not aware of? Hacks-R-Us maybe? If it were a simple virus or a rootkit this would be much easier!

2)If you had to identify and then find these older deprecated versions of source code (C/C++ for now, other languages to follow) how would you go about doing this collection efficiently? Is there a comprehensive list of hacked OS projects with version numbers? Closed source doesn't count if the source code is not obtainable.

3)What specific deprecated/exploited OS software packages would be most worthy of testing if you only had a short time line, say about two weeks to collect them in? What floats to the top of the list? The Linux Kernel hack no doubt would top my list, then OpenSSH *2

Thanks in advance for your consideration."


hAckz0r has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account