Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Unicode 7.0 Released, Supporting 23 New Scripts

marcansoft Re:Klingon in more useful (108 comments)

Not 2^16 (Unicode already has way over 2^16 codepoints assigned). The maximum Unicode codepoint value is 1114111, which is somewhat over 2^20 (and happens to be the highest codepoint encodable in UTF-16).

about a month ago
top

Nanodot-Based Smartphone Battery Recharges In 30 Seconds

marcansoft Re:Current.... melt (227 comments)

It's 2Ah, so 240A.

Now, it could be that their battery runs at a higher voltage (and thus not really 2Ah, but they're using that figure as a 3.7V li-ion equivalent capabity), or that there is a power converter built into the battery pack (unlikely for a prototype, though). Still, even for a 37V battery (vs. 3.7V for a normal Li-Ion cell), we're talking 24A. That cord didn't look like 24A cord, and I highly doubt they were using a voltage higher than 37V to charge (especially not with exposed banana jacks like that).

I call the demo highly dubious if not an outright fake/mock.

about 4 months ago
top

eBay Japan Passwords Revealed As Username+123456

marcansoft Re:Hey (80 comments)

Sorry for the threadjack, but this is yet another case of horrible security reporting.

From watching the video, what it seems happened here was that eBay chose phpBB for their community forum, but did not integrate its authentication system directly with eBay's on the server side. Instead, the site was set-up as a standalone system, and whoever implemented the integration had the bright idea of hardcoding the forum password for everyone as username+123456, and then just having the eBay login page issue a hidden POST request behind the scenes to authenticate users to the community forum section.

Thus, this allows anyone to trivially impersonate anyone else on the forum. It shouldn't have anything to do with the rest of the site, though. Nor does this have anything to do with initial passwords, salts, or any of the other terms that have been thrown around.

A case of absolutely retarded login integration for the community site, but not something that would allow people to take over others' main eBay account. What this says about the people running eBay is another matter entirely...

about 4 months ago
top

EU Votes For Universal Phone Charger

marcansoft Re:Dumb (358 comments)

Did you actually read that article? It clearly describes exactly what I said: they use resistors on the data pins to signal the available current. There is no bidirectional negotiation going on. There are no extra pins or wires. The charger just has 4 resistors to create two voltage dividers for the D- and D+ pins.

about 4 months ago
top

EU Votes For Universal Phone Charger

marcansoft Re:Dumb (358 comments)

This is incorrect. There is no bidirectional negotiation between chargers and devices, nor are there any magic extra pins (at least for pretty much all Android and Apple products - dunno about Zune).

What there is is one USB charging standard, that basically says one thing and one thing only (that matters): if the data pins are shorted together (but otherwise not connected to anything), then the port is a Dedicated Charging Port. A DCP must meet certain voltage/current curve ranges and may be engineered to supply anywhere from 500mA to 1.5A (or more), with the voltage dropping as the device exceeds the charger's maximum. Devices are simply supposed to regulate current draw upwards until the voltage drops below a threshold, indicating the charger's capability. No digital negotiation takes place. Devices are limited to 1.5A charging current, which is quite typical for modern devices (and significantly better than the 500mA of a non-charging port).

There is a newer USB Power Delivery specification that is much more recent, supports higher powers, probably uses more complex negotiation (I haven't read it), and nothing implements it yet.

Then there's what Apple does - they have an incompatible implementation that uses resistors on the data pins in the charger to signal its current capability. Different resulting voltages mean different current levels. This is completely incompatible with the USB charging standard. Recent Apple devices (since the iPhone 3G or so) do support DCP chargers (to some extent - some charge more slowly, and I don't know about larger iPads?), but non-Apple devices will only charge at 500mA or worse from Apple chargers.

about 4 months ago
top

FFmpeg's VP9 Decoder Faster Than Google's

marcansoft Re:Faster is not necessarily better: Quality matte (101 comments)

This is false. Decoding for modern video formats is strictly defined, and all decoders must produce bit-perfect output. You can add as many filters as you want after that, but that's a postprocessing step in the video player and has nothing to do with the decoder. Things like in-loop filters are strictly defined as part of the decoding process and must be there for the decoder to be considered correct.

about 5 months ago
top

FLOSS Codecs Emerge Victorious In Wikimedia Vote

marcansoft Re:Why does Wikimedia hate batteries? (235 comments)

Nope, they just crash, lag, or play it with severe artifacts (the latter happens with some hardware codecs and 10bit files).

Basically no modern video codecs are designed to gracefully degrade given limited decoder features, because they rely on bit-perfect output to be used as a reference for future frames. Any error accumulates in the decoding loop and becomes significant artifacting until the next I frame.

about 5 months ago
top

Finnish Hacker Isolates Helicopter GPS Coordinates From YouTube Video Sounds

marcansoft It's just 1200baud 7O1 Bell 202 (163 comments)

0x80 is just a null byte with odd parity. What she apparently missed is that this is bog-standard Bell 202 AFSK (1200 baud) with 7 data bits and odd parity, and the data is ASCII. By throwing away the top nybble, she was throwing away the parity bit and the top 3 bits of the ASCII encoding of decimal digits. The fact that it was a parity bit should've been pretty obvious, since the top nybble flips between 0x3x and 0xbx in the pattern that you'd expect for a parity bit.

You can decode it with off the shelf software, throw away the top bit, and get back mostly ASCII:

$ ./minimodem --rx 1200 -f ~/helicopter.wav | tr '\200-\377\r' '\000-\177\n'
### CARRIER 1200 @ 1200.0 Hz ###
  282 0002.3
#L N390374 W09432938YJ
#AL #NA 282 0002.3
#L N390374 W09432938YJ
#AL #NA 283 0002.3
#L N390372 W09432928YJ
#AL #NA 283 0002.3
#L N390370 W09432918YJ
#AL #NA 283 0002.3
#L N390370 W09432918YJ
#AL #NA 283 0002.3
[...]

I'm actually surprised that she missed / didn't mention this, considering her experience with signals analysis and demodulation. This is pretty much as basic as telemetry data modulation gets! Then again, as a reverse engineer myself, sometimes we get caught up doing deep analysis of something that later turns out to be totally trivial :)

about 6 months ago
top

The Burning Bridges of Ubuntu

marcansoft Re:I switched to CentOS and never looked back (346 comments)

Meanwhile, I've been running the same Gentoo install for ~9 years now (having migrated through 5 different machines). Rolling upgrades are awesome.

(It would be >10 years, but I did have to reinstall early on to migrate from x86 to x86-64).

about 8 months ago
top

Ask Slashdot: What's On Your Hardware Lab Bench?

marcansoft Re:An O'Scope (215 comments)

The MHz number on the box is the bandwidth, not the sample rate. The sample rate is measured in samples per second (GSps). A 100MHz scope is probably adequate for analog signals up to 100MHz. However, if you're debugging a digital signal, you want a scope that has 3x the bandwidth of your signal's base frequency or more, because square waves are composed of the base frequency and an infinite number of harmonics. If you only have bandwidth for the base frequency, your square wave will be distorted into a sine wave and you won't be able to accurately see ringing, glitching, and other artifacts.

I have a 1GSps, 100MHz scope. I wouldn't use it for serious digital signal debugging above 30MHz (which is 33x lower than the sample rate), due to the bandwidth constraint. It's adequate for seeing if stuff up to 100-150MHz is "there" though (and for reading the bits out if you just want to use it as a poor man's logic analyzer), just don't expect to diagnose signal integrity and timing issues at those speeds.

about 8 months ago
top

Ask Slashdot: What's On Your Hardware Lab Bench?

marcansoft Re:thats silly (215 comments)

Low-speed 1.8V and high-speed 0.5V LVDS mode, 800MHz... a MIPI-DSI display? :-)

about 8 months ago
top

Improved Image Quality For HMDs Like Oculus Rift

marcansoft Re:Corrective lenses adaptation? (55 comments)

You can correct for chromatic aberration in software, to a varying degree. You can approximate it (so the aberration is ~1/3 of what it would normally be, by aligning the centers of the primary colors) for arbitrary inputs, e.g. a photograph captured with an imperfect lens (image editing software can do this). You can do it on the output side with perfect accuracy if you're displaying an image using three monochromatic light sources (e.g. a laser display), since the three wavelengths involved would then be distorted by three discrete amounts that are perfectly correctable. For RGB panels like LCDs and OLED displays the primaries aren't monochromatic, but they are more concentrated around the dominant wavelength than a natural light source with a uniform frequency distribution, so you get a result that's somewhere in between. This is what the Rift does to correct for chromatic aberration in software.

Uneven pixel density is only a problem if the pixel density at the sparsest point is too low. Today's displays already exceed visual acuity when viewed at a reasonable distance (e.g. a Nexus 10 or an iPad with a Retina display at a normal operation distance), though of course that is without covering a large fraction of the FOV. Give it a few more years and it'll only get better - once we have 8K phone-sized displays this will probably be a non-issue.

about 9 months ago
top

Elevated Radiation Claimed At Tokyo 2020 Olympic Venues

marcansoft Re:Some numbers for reference. (164 comments)

Obviously you were concerned enough to measure if there was any imminent danger

I wasn't concerned. I'm just a curious geek who happens to own a logging Geiger counter.

The issues is not radiation emitted, it's the radionuclides emitting them.

That is true. Ingesting radionuclides is definitely a much bigger problem than external exposure.

That's great but it's more likely that Japan now has very high concentration of radionuclides in very specific places in the ocean or land or sea, some of that area will be producing food. The likelihood of encountering in the food chain is now higher than the initial accident because the radionuclides have propagated further up the foodchain so if you ate food in Japan the likelihood of ingesting it has increased. The longer you stay there the more you will increase your chances of a permanent dose in your body, the more times you get one of those means the probability of some sort of cancer increases. A big problem for the locals, but not really a worry for you.

It's hard to get real data about these issues, as there is a ridiculous amount of fearmongering in the media. For example, there are plenty of articles talking about the spread of radiation in the Pacific Ocean from Fukushima to other countries, but a simple dilution argument shows that any claim of danger from that effect is nonsense - the ocean is ridiculously bigger than the quantity of radioactive water released, and even if you can measure the effect, it's going to be negligible in practice.

Locally produced food is another issue, and yes, the possibility for concerning contamination exists. Supposedly, food is tested in Japan, and the limits are stricter than in the US. Converting that into the probability that you will eat something that exceeds the limit (and by how much) is tricky. If you know of any serious studies attempting to calculate this, please do let me know.

FWIW, I do plan on moving to Japan in the not too distant future.

about 9 months ago
top

Elevated Radiation Claimed At Tokyo 2020 Olympic Venues

marcansoft Re:Some numbers for reference. (164 comments)

Interesting. I didn't stop at Fukushima station, but I went past it on the Shinkansen with my Onyx in the outer pocket of my backpack (obviously it won't be picking up any alpha radiation there, but still useful data). Looking closely at the logs it is possible that one spike correlates with roughly the time I'd have been in that area, though I really would have to check the times closely. The Onyx was set to log every 10 minutes so it's also possible that it just missed the interesting times. The peak readings were about 0.2uSv/h, and that wasn't near Fukushima. Tokyo averaged somewhere around 0.11 uSv/h, while Hakodate (where I stayed a couple of days) was around 0.07uSv/h.

Interestingly, my return flight hit 3.0uSv/h, higher than the first flight (I just dumped the last chunk of the log which I hadn't done yet).

These readings seem to be using the default calibration of the Onyx. I haven't delved into the details yet (the firmware is still WIP as far as I can tell), but AIUI they are supposed to come calibrated, so either the default calibration is spot on, or the firmware isn't using the calibration data, or my firmware upgrade wiped the calibration data, or the calibration data was never there. Either way, I assume the default conversion factor is good enough for rough measurements of background radiation.

about 9 months ago
top

Elevated Radiation Claimed At Tokyo 2020 Olympic Venues

marcansoft Re:Some numbers for reference. (164 comments)

Somewhat amusingly, he typoed the one relevant box in there - "Extra dose to Tokyo in weeks following Fukushima accident" should probably be 40uSv (not 40mSv) if he means per person (and even then it sounds a bit high), or be in the orange chart if he means the total dose delivered to all of Tokyo.

about 9 months ago
top

Elevated Radiation Claimed At Tokyo 2020 Olympic Venues

marcansoft Some numbers for reference. (164 comments)

Using my Safecast Onyx (hi Safecast folks!) I measure ~0.32 uSv/h in Dublin, next to a granite wall (granite is everywhere around here, and naturally radioactive). The article speaks of of 0.484 uSv/h, not much higher than that. On an airplane at cruising altitude I get about 2.0uSv/h. At home I might see 0.08uSv/h, and in the middle of the street somewhere around 0.15uSv/h. *

I just visited japan and took the Safecast everywhere I went. At no point did it go significantly above what were normal background radiation readings in Dublin (not even when I was passing by Fukushima station, though admittedly that was on a high-speed train).

Radiation is everywhere. Unless you can identify the source as the Fukushima disaster, it might be perfectly normal. Even if the source is Fukushima, at low levels, at some point you have to stop worrying about it and realize that plenty of other places on Earth have higher naturally occurring background radiation.

* Rough numbers pulled from memory in CPM and converted to uSv/h using the conversion factor in the firmware source code, since my Onyx battery is dead at the moment. Take with a grain of salt.

about 9 months ago
top

How One Man Turns Annoying Cold Calls Into Cash

marcansoft Re:Conversation (227 comments)

I started doing this after getting a dozen Vodafone marketing calls. Except instead of just leaving the phone off-hook, I said "please hold while I transfer you" and then treated them to an endless random shuffle of Never Gonna Give you Up, Friday, Trololo, Caramelldansen, and Nyan Cat, played via a voice modem.

They stopped calling after they got that a couple of times.

about a year ago
top

Google Outage: Internet Traffic Plunges 40%

marcansoft Re:40%? No. (352 comments)

Mod parent up. The 40% figure is bullshit claimed by a single stats agency.

about a year ago

Submissions

top

Apple Blocks Open Source Syncing (Again)

marcansoft marcansoft writes  |  more than 4 years ago

marcansoft writes "Since 2007, Apple has been locking their users into iTunes, which isn't available under Linux, by adding secret hashes to their iPod/iPhone databases. After this hash was reverse engineered, Apple developed a new one and tried and failed to use legal threats to stifle the reverse engineering effort. Last year, the hash was finally cracked and as of today iPhone and iPod Touch users can sync music using open source tools exclusively. This is about to change, though, as Apple have once again changed their hash algorithm for the iPad and will likely use this new version for their upcoming 4.0 iPhone OS release.

If you want to keep your ability to sync music using open source, you should not update. As part of their lock-in strategy, Apple are preventing newer devices from being downgraded by requiring any firmware updates to "phone home" for approval. The iPad already includes a version of the 3.2 OS with the new hash, and does not work out of the box."
top

Wii Update 4.2 tries (and fails) to block homebrew

marcansoft marcansoft writes  |  more than 4 years ago

marcansoft writes "On September 28, Nintendo released a Wii update, titled 4.2. This update was targeted squarely at homebrew, performing sweeping changes throughout the system. It hardly achieved that goal, though, because just two days later a new version of the HackMii installer was released that brings full homebrew capabilities back to all Wii consoles, including unmodified consoles running 4.2.

However, as part of their attempt to annoy homebrew users, Nintendo updated the lowest level updateable component of the Wii software stack: boot2 (part of the system bootloader chain). Homebrew users have been using BootMii to patch boot2 in order to gain low level system access and recovery functions (running Linux natively, fixing bricks, etc). The update hasn't hindered this, as users can simply reinstall BootMii after updating (it is compatible with the update). But there's a much bigger problem: Nintendo's boot2 update code is buggy. Boot2 had never been updated in retail consoles until now. During BootMii's development, its authors noticed that Nintendo's code had critical bugs and could sometimes permanently brick a console by writing incorrect or unchecked data to flash memory, so they decided to write their own, much safer flashing code. Now, Nintendo has pushed a boot2 update to all Wii users, and the results are what was expected: users are reporting bricks after installing 4.2 on unmodified consoles. Nintendo is currently attempting to censor posts and remove references to homebrew.

It is worth noting that the new boot2 does not attempt to block anything or offer any additional protection or functionality. Its sole purpose is to simply replace current versions which may or may not have been modified with BootMii. Another interesting tidbit is that Nintendo is not believed to have any method to repair this kind of brick at a factory, short of replacing the entire motherboard."

Link to Original Source
top

Scammers sell free Wii homebrew and make $8000/mo

marcansoft marcansoft writes  |  more than 5 years ago

marcansoft writes "Several sites have popped up over the past months that are selling free Wii homebrew software. These sites are making upwards of $8000/month on sales to unsuspecting users, via Google keyword advertisements and affiliate programs. The homebrew tools are bundled with utilities that enable the use of copied games. Quoting the owner of a recently sold site: "The site runs on complete autopilot, the affiliates are doing all the work [...] Overall, it requires less than 30 minutes work per day". The site was sold for $30k. We have been taking some minor actions like preventing hotlinking where we can, adding scam warning screens, and contacting the ISPs of these sites, but nothing has ever had much lasting effect. What can be done, if anything, against these people? I would love to hear the opinion of slashdotters about this, especially any who Actually Are Lawyers."
Link to Original Source
top

The latest scam: selling homebrew software

marcansoft marcansoft writes  |  more than 5 years ago

marcansoft writes "At least two sites have popped up claiming to sell software to 'unlock' the Nintendo Wii console. Not surprisingly, their actual product consists of a PDF guide pieced together from freely available documentation, and a large archive of homebrew and not-so-homebrew software (some free software, some freeware, and some software that is actually under Nintendo's copyright). There is practically zero attribution, and many licenses are being violated along the way. I'm one of the authors of the included software which the sellers are now using to profit. We're trying to send some DMCA takedown notices, but the wheels of bureaucracy are slow and meanwhile the sales keep coming in (yes, apparently the products are actually successful). Can anything be done to fight these kinds of scams?"
Link to Original Source
top

The unofficial Homebrew Channel for the Wii is out

marcansoft marcansoft writes  |  more than 5 years ago

marcan writes "The Homebrew Channel is a tool that can be installed on any Wii (no hardware mods required) that lets you run unsigned homebrew software from an SD card, or upload executables via WiFi or a USBGecko. We've tried to make it friendly for users with a simple GUI, and powerful for developers with direct upload features and reloading which we hope will make testing less painful. The channel can be installed using a DVD if you have a modchip, or using an exploit in Zelda: Twilight Princess which only requires an SD card (or any future hack or booting method). Once installed, it simply shows up as a Channel on the Wii Menu, just like any official channel. Hopefully, this and other recent developments (such as the upcoming devkitPPC r15 toolchain, much improved and with many bugs fixed) will help make the Wii an appealing platform for DIY software. And yes, it also runs Linux."
Link to Original Source
top

Google caught in Comcast traffic filtering

marcansoft marcansoft writes  |  more than 6 years ago

marcan writes "Comcast users are reporting "connection reset" errors while loading Google. The problem seems to have been coming and going over the past few days, and often disappears only to return a few minutes later. Apparently the problem only affects some of Google's IPs and services. Analysis of the PCAP packet dumps reveals several injected fake RSTs, which are very similar to the ones seen coming from the Great Firewall of China [PDF]. Did Google somehow get caught up in one of Comcast's blacklists, or are the heuristics flagging Google as a file-sharer due to the heavy traffic?"

Journals

marcansoft has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...