Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Unintended Consequences For Traffic Safety Feature

psydeshow Re:LOL No shit!! (579 comments)

Easy fix for this. Just make sure that as soon as the light turns red, big steel spikes come up from under the road to stop or pierce any car that might try to outwit the system. Oh, and on both sides of the street to ensure that real high-speed idiots will be caught on the other end.

There was a big increase in physical barrier installations around govt. buildings after 9/11, so the technology has had a lot of time to mature.

It's probably not a bad idea for problematic intersections, although you'd also have to have tow trucks on standby to clear the daily wreckage, and pedestrians would still get hit with flying parts or when cars jump the sidewalk to avoid impact with the barrier, or dash through the emergency vehicle gap that would need to be included.

Would be a LOT of fun to watch, until someone's kid died as collateral damage.

about 2 months ago
top

OpenStack: the Open Source Cloud That Vendors Love and Users Are Ignoring

psydeshow Re:it boggles the mind... (99 comments)

...that right now, in the midst of the NSA security nightmare and all the angst and FUD it's causing, that people are wondering why individuals are not deciding to throw their often-sensitive data into the cloud.

how could anyone think their data will be or stay safe, given the various threats that we hear about on almost a daily basis?

timing is everything (besides location of course...and sex appeal...and everything else) in life, and right now is not the time for cloud computing.

And you think, based on the revelations you've read, that your often-sensitive data is safer in a closet in your office? It's still accessible over the internet, and your CEO still logs in from any old airport wi-fi or coffee shop using his malware-riddled DELL.

I don't worry about Amazon, China, or the NSA sifting through my databases at night, because given the state of the State I don't think we can do much to stop them. I DO worry about power failures, water pipe bursts, exploding UPS batteries, dust, and clumsy janitors causing me to have to roll out of bed at 3am to go take care of an incident. If EC2 goes down, I send an email that says "EC2 is down, Amazon is working on it." and go back to bed.

At least with Amazon, you know you're being hacked by pros.

about 3 months ago
top

Silicon Valley To Get a Cellular Network Just For Things

psydeshow Municipal need is far greater than residential (42 comments)

Think for a moment about all the things that any medium to large city needs to keep track of. Lights. Traffic signals. Parking meters. Fire hydrants. Garbage trucks. Water flows, valves, drains. Sewerage flows. Air quality sensors. Weather sensors. Burglar alarms.

It seems odd to pitch this for household use, when most of the use cases you can imagine are somehow privacy invasive or creepy.

But a network like this could provide an amazing amount of transparency and insight into the web of things that is owned by the public.

about 3 months ago
top

Security Industry Incapable of Finding Firmware Attackers

psydeshow Re:Least interest (94 comments)

and internet banking becomes a memory.

That depends. No level of compromising your (general purpose) computer should be able to defeat the security of your manually operated hardware token/calculator.

Attacker has control of my computer. I read a number off my MFA device and input it into the bank's form along with my username and password.

Now attacker has a banking session they can do whatever they want with. How has having a hardware token prevented them from attacking me?

about 5 months ago
top

How Do You Backup 20TB of Data?

psydeshow Re: Crashplan (983 comments)

I'm really surprised CrashPlan hasn't added a premium feature (like Amazon S3 has) where you can ship them a hard drive for import or export into their storage cloud.

I mean, never mind the upload speed. If you have 1TB of data in CrashPlan and your home or office burns down, it's going to take you several days to get all of it downloaded again. They should just be able to FexEx you a drive for a $50-$100 fee.

about 5 months ago
top

Eric Schmidt, Jared Cohen Say Google Data Now Protected From Gov't Spying

psydeshow The human factor (155 comments)

I believe that Google has probably fixed most of the technical issues that allowed NSA (and presumably others) to eavesdrop on data in their systems.

But a company with the size and scope of Google must be *riddled* with agents of various national intelligence services, not to mention corporate spies. Think about how many engineers they have hired and acquired in the last ten years. They are a big, juicy target for espionage. As is Amazon, Microsoft, Dropbox, and any other global-scale cloud provider with thousands of corporate, education, and government accounts.

Systems can be made resistant to attack from without, but can they also be made resistant to attack from within? Not likely. How many people on Google's payroll are also on someone else's?

about 6 months ago
top

Eric Schmidt, Jared Cohen Say Google Data Now Protected From Gov't Spying

psydeshow Re:Yeah right (155 comments)

Seriously is there anyone that would actually believe such a statement?

I do, but as a Google engineer involved in security and privacy infrastructure I'm in a position with much greater than normal visibility into exactly what is done and how.

And can you likewise assure yourself that even if one or more of your colleagues is an undercover government agent, then the statement is still true?

about 6 months ago
top

Interview: Ask Richard Stallman What You Will

psydeshow Re:Source Code vs Binary vs Service - Transparency (480 comments)

Thank you for your polite comment, but no I'm not looking for UEFI secure boot -- or at least, not JUST that.

With UEFI secure boot, the OS loader is signed, and that's a great start. But not necessarily the kernel, or OS drivers, or any other software.

So let's rephrase the questions: do you know of any Free Software toolchains that would allow developers to sign whole server OS configurations, and also make the signature and verification process transparent to end users of the server?

about 6 months ago
top

Interview: Ask Richard Stallman What You Will

psydeshow Source Code vs Binary vs Service - Transparency? (480 comments)

I write Free Software (GPLv3), and also open source software (Apache license) that implements various web services.

The servers where I deploy the software run vanilla Debian with no non-free packages. As a responsible developer and web host, I make all of the source code available to my customers and others.

The question is, how can my customers know that the code on my servers was actually built from the source code that I publish? Short of telling them to build it themselves on their own server, is there any way to guarantee that when they log into one of my web applications, they are using the same code that I have published?

I was intrigued on using a Chomebook for the first time that Google had managed to do something like this -- it wouldn't boot unless the kernel (and presumably all other software) was signed by Google. Do you know of any toolchains that would allow us to apply this to servers, and also make the signature and verification process transparent to end users of a service? Otherwise, how can we possibly trust any online service provider?

about 6 months ago
top

Interview: Ask Richard Stallman What You Will

psydeshow Free Firmware Movement (480 comments)

It has become increasingly difficult to purchase any general computing hardware that does not rely on proprietary software. Even if one installs a Free OS with 100% Free drivers, there is likely to be proprietary firmware all over the place: keyboard controller, network card, usb controller, video card, etc. -- that the OS doesn't have control over and the end user doesn't know about. To the best of my knowledge, there is no easy way to discover, verify, and manage these firmwares over time. And yet, there they are, just waiting to be exploited.

Do you know anyone who is working on this problem? How can we trust our computers when we have no idea what is lurking under the hood? Why isn't there a GNU Firmware tool that can ferret these things out and at least checksum them so that we can know if they've been tampered with, and/or replace them with Free editions?

about 6 months ago
top

Peanut Allergy Treatment Trial In UK "A Success"

psydeshow Re:Sorry (192 comments)

The actual "disease" here is affluenza, or perhaps it's anxiety that overprotective mothers project onto their children. I grew up in a small town, had pets, played in the dirt every day. Nut allergies were unheard of. It's also very interesting that farmers and dirt poor people in 3d world countries don't get these allergies.

I'm not saying you're wrong; I'm sure environment plays a part. But have you considered that one of the reasons why these things were "unheard of" until recently is that advances in communications have made it much easier for news of rarities to be widely disseminated?

The same kind of argument applies to cases of botulism from home canning. Prior to the 20th Century, if someone died from botulism due to home canning, it happened on a farm in the middle of nowhere and didn't have much effect outside of a family and some neighbors. It just wasn't on the radar unless you personally knew people who died that way. Even a doctor might only see a case once every 10 years, so it's not a big deal, right? Plenty of other things to worry about.

But when health records started being compiled for millions of people, it stood out as a problem. The government started programs to educate farmers and gardeners about proper canning methods. It wasn't that suddenly all the home canners got lazy, it was that information networks brought a relatively rare but deadly issue to light, and so we did something about it.

And look, there ARE more cases of allergies in cities. There's millions more people in cities than not, after all.

about 7 months ago
top

Peanut Allergy Treatment Trial In UK "A Success"

psydeshow Re:Standard practice... (192 comments)

However I could see a lot of parents trying this, to a disastrous effect, because it could be the kid who has extremely small tolerance, will get too much and hurt themselves. or increasing the dosage goes too fast for the child.

Do you know many parents? Everyone I know with kids is overly protective of them.

If my sister suspected her kid had a dangerous peanut allergy, there is NO WAY she would try this at home. It's not like bricking your favorite phone, the stakes are ever-so-much higher.

about 7 months ago
top

Google Launches Cordova Powered Chrome Apps For Android and iOS

psydeshow Re:Useful for developers (47 comments)

This makes me consider developing Chrome apps where previously I had not considered it.

Excellent. Please don't, though.

Well, that depends on the why, doesn't it? Sometimes a thing is only worth doing if it can be done on the cheap and easy.

Cordova gives app developers a fallback for clients who can't afford a native app, or who need to get a prototype up and running yesterday as proof-of-concept or to fund the next stage of development. It's also great for novelties and one-offs that just wouldn't exist if the development process was more expensive than coding a small website.

It also creates a business opportunity that shouldn't be sniffed at: "Hey, nice web app. Do you wish it was faster and better? Let us re-create it as a native app for you."

about 7 months ago
top

If I Had a Hammer

psydeshow Re:Isn't this the ultimate goal? (732 comments)

Yes, but growing your own food requires that you have land and water to do so - which you do not have if you're flat broke.

You don't need land, you need space with light.

You do need water, which often falls from the sky (or can be teased out of the air). It doesn't have to be drinkable water.

And you need nutrients for your plants, which can be made from recycled plants plus bacteria (which are free), aka compost.

The biggest problem is space with light. And I see a lot of parking lots around here that would be perfect if we switched to Johnny-cabs and don't need parking lots any more.

about 7 months ago
top

If I Had a Hammer

psydeshow Re:Isn't this the ultimate goal? (732 comments)

oh so food and shelter will be free ??? In which part of multiverse you live? How did you get here?

I live in a universe where food and shelter grow on trees.

Seriously, though, if you have a hard time imagining what an economy with free subsistence could look like, read _Diamond Age_.

Basic, bland, subsistence-level food and shelter are not difficult to create from infinitely recyclable materials once you can remove labor from the equation. There is still an energy cost of course, so maybe the price of your house is 1000 kWh on a stationary bicycle. Yes, it's a grind. But you can play video games while you generate, so it's actually kind of fun.

Just don't think about what was recycled in order to make your dinner...

about 7 months ago
top

If I Had a Hammer

psydeshow Re:Isn't this the ultimate goal? (732 comments)

Robots can't build real estate.

Build up. Dig down. Viola, built real estate. Robots can do that.

I live in a high-rise in NYC, built by human hands in 2009. It leaks like crazy, and I sincerely wish it had been built by robots. If we wait long enough to fix it, it may be fixed by robots! At least a robot would follow the engineer's specifications.

about 7 months ago
top

Lasers Unearth Lost 'Agropolis' of New England

psydeshow Re:True for Most of CT (105 comments)

Who do you suppose owns these tracts of land, now? I guess I'm just assuming that the 250 acres of woods wasn't literally your back yard, but maybe it was.

Anyway, there should be property records for all of the fields "discovered" in the LIDAR map. When the farmers abandoned their farms, were they purchased by the state as watershed or open space, or by developers who never did anything with them, or what?

about 7 months ago
top

Citizen Science: Who Makes the Rules?

psydeshow Re:Don't do electrical engineering (189 comments)

Own a cellphone? You own a 'remote detonator for an explosive device' - you terrorist!

And if you take pictures of your kids with that phone, you're a pedophile terrorist.

about 8 months ago
top

Time For a Warrant Canary Metatag?

psydeshow Re:Slavery hack (332 comments)

In a police state, almost any sort of behavior can be compelled for any amount of time. You underestimate the moral corruption of those with power and vastly overestimate the value of the US constitution. Hint: The US has been operating an extra-legal KZ for quite some time now. They could not do that if the US constitution had any value.

So just threaten said employees with life in prison for exposing "secrets critical to national security" and you are done.

But why bother with the charade? In other police states, people disappear with no reason. There is no secret court. There is no "process". They just do what needs to be done. Opposition politicians, investigative journalists, enemies of those in power, and, in many cases, friends of those in power are arrested one day and never heard from again. That hasn't been happening. Stupid cowboy shit like bugging the phones of world leaders, yes. Compelling the secrecy of secret surveillance, yes. But as far as I know, the Feds aren't shredding the Bill of Rights (outside of airports, but that's a special case of its own--you can fly anywhere without being searched, just not on a major carrier).

So are we at the end of a 12-year transitional period that spans two administrations? OR is all of this cloak and dagger stuff considered genuinely necessary by a law enforcement apparatus that really really wants to operate legally but feels that tipping off criminals will make them impossible to catch?

Gag orders are as undemocratic as it gets, and way too blunt an instrument for a society that can and should have come up with a more refined successor to the PATRIOT Act by now. But there isn't anything reported so far that is inconsistent with the law -as written-. Declaring the Constitution null and void based on the actions of the NSA and FBI to "Intercept and Obstruct Terrorism" is a bit premature, given that they are doing so with the blessing of Congress.

about 9 months ago
top

Could Slashdot (Or Other Private Entity) Sue a Spy Agency Like GCHQ Or NSA?

psydeshow Sovereign Immunity (188 comments)

No, you can't sue the government.

Because if you could, we could shut down NSA wiretapping in a heartbeat by bringing a massive class action suit against them, where every victim of a crime that could have been prevented by NSA surveillance between 2005 and 2013 would be a member of the class.

If you ever watch "Person of Interest" that's exactly the kind of crimes I'm talking about -- the "irrelevant list" of criminals that are ignored because they don't touch national security.

What the hell good is a police state if we still have violent crime in our everyday lives? The government should be held accountable for not enforcing the law if they have the ready means to do so.

And yes, this is somewhat tongue-in-cheek, because of course that kind of society would be *monstrous* without real reform of many areas of law. But the fastest path to reform is when rich, powerful people (and their children) are arrested with the same frequency as poor, powerless people. Wealth and power provide the means to hide from traditional law enforcement, but not from the kind of data mining that the NSA is (theoretically) doing.

about 9 months ago

Submissions

top

psydeshow psydeshow writes  |  more than 7 years ago

psydeshow writes "We're in the middle of an amazing Javascript renaissance right now. Unbelievable magic happening, like Ryan Johnson's Event.Behavior.

"A domain specific language for defining events in your JavaScript applications. It approximates how one would describe an event in the english language and allows you to extend it with your own verbs, conditions and events."
So you can write stuff like "show('state_field').when('country').is('United States');", instead of fooling around with connecting and listening and callbacks. Nice!"
top

psydeshow psydeshow writes  |  more than 7 years ago

psydeshow writes "Please post an update on the zero-day VML exploit covered earlier this week. It seems that no posters noticed that Outlook 2003 is also vulnerable (surprise!) unless all email is viewed in plain text. MS downplays this in their advisory by saying Outlook Express isn't affected, but for the rest of us who use Outlook and get spam, this could be serious indeed. Nothing like a remote exploit in your inbox, eh?"

Journals

psydeshow has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>