Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Ask Slashdot: Software Issue Tracking Transparency - Good Or Bad?

laughingskeptic Re:They are just lazy (158 comments)

Your convolution of sales and marketing indicates ignorance. True, a good marketing guy would know how to spin the differentiator. However sales guys are always incentivized by the deals they close. If they believe that the public bug database is keeping them from making money you are going to hear it from them. If the sales guys can make a convincing argument, they should be listened to. If they make more money, the company makes more money. However, they should be reminded that closing off the bug database at this point will also be used against them.

2 days ago
top

How the NSA Profits Off of Its Surveillance Technology

laughingskeptic Re:Are we even sure this is legal? (82 comments)

My thoughts exactly! How can patents developed with public dollars be anything other than in the public domain?

4 days ago
top

First Shellshock Botnet Attacking Akamai, US DoD Networks

laughingskeptic Home routers vulnerable (236 comments)

I know for a fact that my home router shells out to IP Chains to generate the NATed ports page. It will show this page to anyone and I can't turn it off -- remote administration is OFF, but for my router that just means only 192.* addresses can login and change things like the NATed ports. It still serves up the web pages to all requestors.

5 days ago
top

First Shellshock Botnet Attacking Akamai, US DoD Networks

laughingskeptic Re:Amazing... (236 comments)

Our University CS departments teach the hatred of Microsoft while the MIS departments teach the love of Microsoft. They are both wrong.

5 days ago
top

The Raid-Proof Hosting Technology Behind 'The Pirate Bay'

laughingskeptic They will go after the banks (144 comments)

TPB will get sued in a favorable location for the plaintiff. The plaintiff will use the judgment to go after TPB bank accounts. The back accounts are much harder to hide than the servers because TPB wants to get paid for the ads it displays.

about two weeks ago
top

Extent of Antarctic Sea Ice Reaches Record Levels

laughingskeptic Misleading headline (635 comments)

A more accurate, but much less attention grabbing headline would have been "0.15% annual increase in Antarctic Sea continues for 35th year". Given the strong trend, most years would be expected to be "record years".

about two weeks ago
top

Treasure Map: NSA, GCHQ Work On Real-Time "Google Earth" Internet Observation

laughingskeptic Re:Shocker, a federal agency is executing its mand (267 comments)

When the CIA launches a hellfire in this middle of nowhere, where do you think the information came from?

about two weeks ago
top

DMCA Claim Over GPL Non-Compliance Shuts Off Minecraft Plug-Ins

laughingskeptic Re:Uh... decompiled and deobfuscated? (354 comments)

Large programs usually have large numbers of external dependencies. The external calls are plain as day in the reversed code. Sure the variables may all be named a,b,c... but it really isn't that hard to find the parts you are interested in and figure out what the interfaces are. For his mods he had to figure out which code handled player positions, actions, health and maybe a few other things. I've done it many times and it is WAY easier in Java and .NET with multimegabyte-sized programs than it is with C and multikilobyte-sized monolithic programs where you have no external markers in the assembly as guides.

about three weeks ago
top

DMCA Claim Over GPL Non-Compliance Shuts Off Minecraft Plug-Ins

laughingskeptic Re:Uh... decompiled and deobfuscated? (354 comments)

This is routinely done by Minecraft modders and many others.
“Because a thing seems difficult for you, do not think it impossible for anyone to accomplish.” - Marcus Aurelius

about three weeks ago
top

DMCA Claim Over GPL Non-Compliance Shuts Off Minecraft Plug-Ins

laughingskeptic Re: ELI5 please (354 comments)

I don't think Mojang has ever been that interested in creating APIs that support the level of moding that has been going on. It's 21k lines of code, if he re-writes Bukkit, it will just be more proprietary Minecraft code and their next release will be delayed 3 months. Meanwhile Wesley Wolfe has effectively made himself unemployable.

about three weeks ago
top

Rightscorp's New Plan: Hijack Browsers Until Infingers Pay Up

laughingskeptic Re:Why would I pay my ISP for service? (376 comments)

Exactly! Not only will affected people switch providers, but this will cause participating ISPs to become viewed as unreliable. Unreliable internet has become unacceptable. This may also drive more apartment and condo complexes into the hands of providers like Grande which simply provide bandwidth to the whole building. Its a cheaper solution, but the hassle factor has limited penetration of these types of services. The ISPs would be greatly upping their hassle factor and reducing their competitiveness by participating in this Rightscorp scheme.

about a month and a half ago
top

US Defense Contractors Still Waiting For Breach Notification Rules

laughingskeptic Congress is in the Dark, NOT DoD (19 comments)

Breaches are already reported from the contractor's SSO to the government program office's SSO within 24 hours. Congress' issue is that they don't know what is going on and they decided to meddle in this one particular detail. Contractors absolutely do not attempt to cover this up, getting caught covering something like this up would cause them to immediately loose their funding and the right to bid on future contracts -- effectively a corporate death sentence. SSOs are almost all former soldiers with security backgrounds in the services and operate at the highest levels of integrity. They would absolutely place the country over their employer any day.

about a month and a half ago
top

Book Review: Introduction To Cyber-Warfare: A Multidisciplinary Approach

laughingskeptic Re:Culture of DoD and plain text drone feeds (27 comments)

FIPS-140 compliance is a given these days. That is not the issue. #1 you pick up an entire another organization that is going to want to participate in the project and perform a security review that may have been skirted if the word encryption was not mentioned. #2 the program office has to transfer funds to pay for this addition to the project instead of paying for more desired features. #3 there is much concern with the security of the encryption keys themselves when you put encryption on a device that is place in harms way. You have to demonstrate that the keys will be protected, they don't tend to care for per-mission keys. #4 as a result encryption winds up adding more weight than just bits because you need various tamper-proof devices. I have seen cases where the most important thing on a deployed device was the encryption key FOB. Which is just nuts I know, but that is the way it is. #5 the test plan grows, the system operation training grows, the documentation grows all adding additional costs to the project.

about a month and a half ago
top

Book Review: Introduction To Cyber-Warfare: A Multidisciplinary Approach

laughingskeptic Culture of DoD and plain text drone feeds (27 comments)

"They felt that since the Predator video feeds were being transmitted on frequencies that were not publicly known, no access control, encryption or other security mechanisms would be needed. " -- I am sure it wasn't that simple. As soon as you say 'encryption' in the defense world you open a can of worms that can set your project back as much as 2 years. These aren't technical set backs, but rather paperwork and process set backs. They were probably told by their government program manager to not put 'encryption' in their response because they probably didn't want to deal with the additional process burden. You can't do anything in the defense contracting world such as adding a feature like encryption without the government's program manager signing off on it and often find yourself constrained by law from implementing the best possible solution.

about 2 months ago
top

Ask Slashdot: What To Do About the Sorry State of FOSS Documentation?

laughingskeptic Re:Software Documentation is bad everywhere (430 comments)

Wrong. Microsoft's software documentation is generally excellent. Contributing programmers are 33% or less of Microsoft's empire, in FOSS programmers are 99% of the contributors. Not only is the end user documentation good, but for the devs Microsoft has MSDN, Dev Tech Net and a number of employees paid to pay attention to StackOverflow. Prior to any major software release a team of writers and engineers creates a 300 to 600 page book about the new release full of examples on configuring and coding for the new release. I know people hate paying for software, but sometimes you really do get what you pay for.

about 2 months ago
top

The CIA Does Las Vegas

laughingskeptic In-Q-Tel is fundamentally unethical (124 comments)

In-Q-Tel is just a way for the CIA to get around laws limiting their purchasing powers. They are prohibited from buying services the way they want, so instead they 'invest' in the services they want. What they are supposed to do is define their needs and let people bid on providing those services, but then the CIA executives wouldn't get to hob-nob with VCs and drink champagne on yachts.

about 2 months ago

Submissions

top

Amsterdam plane crash caused by software bug?

laughingskeptic laughingskeptic writes  |  more than 5 years ago

laughingskeptic (1004414) writes "The automatic pilot apparently powered down the engines at 2000 ft altitude because one input, the altimeter, told it the plane had landed. A modern plane has a number of inputs from which the 'landed' status could be determined and it seems to me that it is a major bug for one of them to be taken as the controlling input in a situation like this."

Journals

laughingskeptic has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?