Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



EFF Unveils Plan For Ending Mass Surveillance

locofungus Re:SIP Replacement? (282 comments)

why would providers go from IPv4 to IPv6 when soon there will be a shortage of numbers

They'll drag their feet but, eventually, there will be services that people want to use that are only available via IPv6 and then there will be little choice. (Although they'll try to proxy[1] popular IPv6 sites first)

[1] fake 10.x.x.x dns records that they serve to their customers and then forward the traffic over IPv6

3 days ago

There's a Problem In the Silk Road Trial: the Jury Doesn't Get the Internet

locofungus Re:Jurors (303 comments)

It's very hard to explain "this shit" to people when there's someone else equally knowledgeable as you determined to explain why your explanation is wrong.

Asymmetric encryption. Do you explain P vs NP, why NP-Complete is almost certainly not in P but the problems that asymmetric encryption are built on aren't known to be either NP-Complete or P.

NP is a decision problem - but encryption isn't a yes/no problem. How can problems that only have yes/no answers be used to encrypt?

Muddy the water some more - PRIMES is in P. Do you really want to have to explain the difference between constructive and existential proofs while someone is interrupting every time you say anything that isn't 100% accurate.

You've only got to look at the climate change "debate" to see this effect in force. Climate scientists are playing a game of whack-a-mole and the general public cannot tell which side to believe. There are always questions and doubts that can be raised - the mark of a good scientist is asking the questions for which the answer is interesting. The mark of a good defense attorney is raising questions for which cast doubt on the reliability of the witness. The role of the judge is to make sure that the questions that the lawyer asks is relevant to the case - and that's where it gets hard when you've got two experts in their field debating something and one (or both) has an agenda.

about two weeks ago

Halting Problem Proves That Lethal Robots Cannot Correctly Decide To Kill Humans

locofungus Re:It's just wrong (335 comments)

When you already have a defined program (and machine in this case) in front of you for review, then you can determine whether or not it will halt

except when you cant

For any computer program with a finite number of states (finite memory) you can determine whether it halts by running it long enough that it must be looping.

For a computer with 16384 states (An 8 state turing machine with an 8 position binary tape. 8 states * 8 positions * 2^8 values that can be on the tape) you can tell if any arbitrary program terminates by running it for 16385 steps. Any program that doesn't terminate in 16385 steps will run forever.

about 2 months ago

Launching 2015: a New Certificate Authority To Encrypt the Entire Web

locofungus Re:quick question (212 comments)

Web Browsers DID used to accept self-signed certificates (and certificates signed without a known CA - or cert-chain.) People just clicked through and accepted them willy-nilly. That was a poor security model.

The poor security model was browsers asking for confirmation for self signed certificates.

What browsers should have done is:

self signed certificates or unknown CA - how the "unencrypted web" works today.
No encryption at all - popup "are you sure you want to connect"
Signed certificate - tick (check) mark (instead of padlock) to show that the site is verified.

Now that browers are hiding the "http/https" bit from most people anyway it makes even less sense to treat self signed certificates as less safe/require more warning than a normal http connection.

about 2 months ago

Password Security: Why the Horse Battery Staple Is Not Correct

locofungus Re:symbols, caps, numbers (549 comments)

They ask for e.g. first, third and fifth characters of a password that must be between eight and twelve alphanumeric characters, and the dropdowns to make the selection are lower case only.

This means they're storing the password unhashed, at best locally encrypted but decrypted to check the user login.

While I suspect that this is true, I don't think it has to be true.

Step 1 - user choses password.

Step 2 - generate hash in normal way and store it.

Step 3 - generate error correcting check digits such that the password can be recovered from any three characters in known positions. (any three characters in known positions must be both necessary and sufficient - designing such an ECC is left as an exercise)

Step 4 - store the check digits but throw away the password.

Step 1 - user enters three characters

Step 2 - error correct the password
e.g. __p_pp__+CCCCC -> PPpPppPP

Step 3 - hash the corrected password and test against stored hash.

Obviously this isn't very secure - it's susceptible to a brute force attack that only requires guessing (any) three digits correctly once an attacker has gained access to the hash and the check digits.

about 4 months ago

Scotland's Independence Vote Could Shake Up Industry

locofungus Re:Not going to be as rosy as the YES! campaign sa (494 comments)

The UK general election will be 7th May 2015. The government that agreed to this vote almost certainly won't be the government that is negotiating.

No party is going to stand on a policy of "We're going to give your taxpayer money to this new independent Scotland because the last government agreed to the vote." They're going to stand on the "we're going to save as much money as possible for you and stop these handouts to Scotland."

about 4 months ago

Extent of Antarctic Sea Ice Reaches Record Levels

locofungus Re:It's getting hotter still! (635 comments)

This might a good "negative" feedback mechanism that reduces overall infrared absorption

Unfortunately not. it's night in the Antarctic so the Antarctic sea ice has negligible effect on the albedo of the planet, melting out each year (almost) completely.

Arctic sea ice is significant for planetary albedo because millions of square km (still) survive though the peak sunlight summer months.

about 4 months ago

Extent of Antarctic Sea Ice Reaches Record Levels

locofungus Re:You Fail at Quotations (635 comments)

Since 9/15 is also the day of lowest ice cover in the Arctic, how does this year's minimum compare with history?

It's one of the lowest in history but not the lowest. It's very close to tieing with last year.

Sea-ice volume appears (it's harder to measure reliably although it's more significant that area or extent) to be up on last year which in turn was up on the previous year. That might be a good sign for Arctic ice feedbacks or it might not - 2-3 years is far too short a time to separate signal from noise. Volume is still exceptionally low compared to the historical record.

about 4 months ago

Exploiting Wildcards On Linux/Unix

locofungus Re:Question... -- ? (215 comments)

Back in the (iirc) bsd 4.2 days, su was a suid shell script - at least on the machines I was using at the time.

Setup a symlink to su called -i

$ -i
# rm -- -i

There was a security bug handling suid shell scripts where the user was changed and then the #! interpreter was run, i.e. /bin/sh -i

and you got an interactive root shell :-)

Was very informative when the 'script kiddies' (although I don't recall that term existing in those days) had symlinks called -i in their home directory that they didn't know how to delete ;-)

about 7 months ago

I Want a Kindle Killer

locofungus Re:No thank you to all that (321 comments)

I agree.

One thing I do NOT want is a touch screen. I don't want my screen to be covered in fingerprints.

One thing I would like is the ability to have a (wired) remote page turn button - so when I'm reading in bed I don't have to move my hands from a comfortable position to turn the page.

about 8 months ago

Google Unveils Self-Driving Car With No Steering Wheel

locofungus Re:So when will the taxi drivers start protesting? (583 comments)

and we wouldn't have to worry about being late so much because of traffic jams

I'd expect there to be far more traffic jams because no longer is there an incentive not to let your car drive into the city.

Can't find a parking space - just leave your car driving around. Intelligent cars would actually seek out traffic jams so as to minimize fuel use.

Almost at your destination and crawling along. Get out and walk the last bit and let your car get there in its own time.

Stuck in traffic jam, get out, pop to the newsagent catch up with the car and get back in again.

For the more proactive, stick your Brompton in the back and let the car drive most of the way to the city. Once it starts getting snarled up in traffic, hop out, cycle the rest of the way and let the car do the rest of the journey on its own ready for when you want to leave.

Time it right, and the car will arrive just as you're ready to load your shopping (and bike) back into the car. Hopefully, these automatic cars won't block the roads for the drivers trying to leave the city so the route out will be fast, unlike human drivers who block junctions all the time.

about 8 months ago

Rising Sea Level Could Put East Coast Nuclear Plants At Risk

locofungus Re:CO2 and climate: my take (323 comments)

And now I've realized why my original number looked right. My original calculation was per day, not per year.
The trend is 0.007C/year over the last 17 years or around 0.11C increase over the last 17 years.

about 8 months ago

Even In the Wild Mice Run In Wheels

locofungus Re:Motion from the outside not counted. (122 comments)

There was a pet shop - I think this was in the North East of England but I cannot remember why I would have been in a pet shop so maybe not - that had a cage of chipmunks.

Two of them (always the same two) would get onto a wheel side by side and then run like mad.

One was slightly faster/had more stamina than the other one and eventually the other one couldn't keep up at which point it just held on and got a ride "over the top". The wheel would then come to a standstill and then they'd start all over again.

Was hysterically funny and I remember watching them for ages.

about 8 months ago

Rising Sea Level Could Put East Coast Nuclear Plants At Risk

locofungus Re:CO2 and climate: my take (323 comments)

Yes, of course. Which says that we need to use a longer interval to get a significant trend.

I'm not sure what the point you're trying to make is. If the signal is sufficiently noisy it's easy to find intervals with almost any desired trend, they just won't be significant.

The last 17 years are consistent with the long term trend which is, itself, statistically significant (and positive). Over the last 17 years the trend is (probably - I haven't actually done the calculation) not significant but it's still positive.

about 8 months ago

Rising Sea Level Could Put East Coast Nuclear Plants At Risk

locofungus Re:CO2 and climate: my take (323 comments)

Oops, Sorry, the GISS figures I got are in 0.01C increments so it's still positive but 100x smaller.

about 8 months ago

Rising Sea Level Could Put East Coast Nuclear Plants At Risk

locofungus Re:CO2 and climate: my take (323 comments)

I don't know why I bother but:

I took the GISS monthly data from May 1997 to April 2014. Spreadsheet gives me a slope of 0.001828 - or approximately 0.02C per year or 0.2C per decade.

This might not be significant, I can't be bothered to do any more, but to say there has been no rise in temperature is disingenuous at best and an outright lie at worst.

The strongest (negative) statement that can honestly be made would be that "there might not have been a statistically significant increase in warming over the last 17 years."

about 8 months ago

The US Vs. Europe: Freedom of Expression Vs. Privacy

locofungus Re:The Problem Isn't "Free Speech vs Privacy" (278 comments)

There are two problems here. First, why should search engines not enjoy the same free speech rights as newspapers?

You're asking the wrong question.

First - why should search engines be exempt from the data control regulations that other people who compile databases of personal information are obliged to follow?

The court has ruled that what Google is doing is _legal_. That is huge! Everybody else has to get a licence from the data controller, has to provide all the information they hold on a person in a readily accessible form[1] for a small (capped) fee and has to delete information on request.

[1] When a subject access request is made, the company has to go through and remove all the personal information relating to other people - so Google could not just point to their search engine.

Google (search engines) only have to comply with the last of these. I've not read the judgement, so I'm not sure why search engines were given a free pass on the other items (although I agree with it)

about 8 months ago

EU Court of Justice Paves Way For "Right To Be Forgotten" Online

locofungus Re:Mario Costeja González (199 comments)


This is a canard. Nobody in his right mind, even on this site, contends that free speech ought to allow one to break laws.

Google is breaking the law in Europe. The European court didn't make a new law, the European court merely ruled that *EXISTING* laws require google to delete the information when requested.


about 9 months ago

7.1 Billion People, 7.1 Billion Mobile Phone Accounts Activated

locofungus Re:Sanity check (197 comments)

In Europe, it's common for people who travel frequently abroad to have a sim for a local provider in each country they visit.

On some bits of the south coast of England, some people get better (or only) reception from France. They have a sim for France which they put in their phone when they're at home and a UK sim for when they're out to avoid accidental roaming charges when at home.

about 9 months ago

EU Court of Justice Paves Way For "Right To Be Forgotten" Online

locofungus Re:Mario Costeja González (199 comments)

The EU does cherish freedom of speech. But it also cherishes the privacy of the individual.

The US - based on comments on this site - appears to have decided that freedom of speech trumps everything else. You can lie, cheat, shout fire in a crowded theatre, call in fake bomb scares, basically anything at all because it's all "freedom of speech."

The EU takes a much more nuanced view. Sometimes there's an overwhelming reason why freedom of speech should trump privacy. Sometimes privacy should trump freedom of speech, and sometimes it's a grey area that has to be litigated through the courts.

In this particular case, the court hasn't ruled that the information has to disappear - all they've ruled is that google (and presumably other search engines) need to give people the right to remove search results about themselves.

Most things are "allowed to be forgotten" in most circumstances. So, for example, most employers aren't allowed to ask "have you ever been made bankrupt?" although I think they can ask "are you an undischarged bankrupt". Google is allowing employers to sidestep the protective regulations that were built into bankruptcy law before the internet existed. The EU is now merely trying to reinstate them.

about 9 months ago


locofungus hasn't submitted any stories.


locofungus has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?