Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Soda Pop Damages Your Cells' Telomeres

ras Lies, dammned lies and statistics (413 comments)

It means that you're 96% certain that your hypothesis is true.

Yeah. But if that were really true, everybody would trust the results of a study like this. But no one does.

It's the bar that's used for medical studies.

And in particular, the medical fraternity almost never believes the result from just one study. They always advise waiting for it to be confirmed.

You would be correct if this was a randomly selected study, the issue is it wasn't randomly selected. It was published. Studies that don't meet the 96% interval typically don't get published. So all we know is 1 study out of god knows how many showed this effect. If it is 1 out of 1, the 96% percent applies. But if it was 1 out of 10 it's almost certainly wrong.

Now it's published there are kudo's to be made from shooting it down. Translation: now it's published, it becomes the null hypothesis. A study showing it isn't true is a positive result and now has a chance of getting published.

In other words, the first published statistical survey showing controversial result is barely worth the paper it's written on. It's only real use is to prompt further research.

2 days ago

Battery Breakthrough: Researchers Claim 70% Charge In 2 Minutes, 20-Year Life

ras Re:China's Uni's have better PR that the US ones (395 comments)

Ah, here is a much better description of what they did. In short: their real breakthrough was to grow longer TiO2 nanotubes. They then re-did the work in the previous like to what difference the longer nanotubes made. Turned out it sped up the charge/discharge rate. At 30C they got 6K cycles at 86% capacity, which is where the 20 years comes from. The smaller length tubes had 10K cycles, so it a charge rate versus cycles trade off. As they said, it puts them in super capacitor territory but I'm not sure how that's helpful. We already have super capacitors. We need cheaper batteries.

4 days ago

Battery Breakthrough: Researchers Claim 70% Charge In 2 Minutes, 20-Year Life

ras China's Uni's have better PR that the US ones (395 comments)

I'm struggling to see what's different here to what was done 3 years ago. In other words, self annealing fast charge batteries using a titanium dioxide nanotube anode aren't new. The linked article says capacity for the Na variant of the cell is 144 W.h/Kg, which compares to around 250 for LiPo batteries. The linked article also says they had it working for Li at higher densities.

But it hasn't taken over the world yet, and so there must be some problem with it. Maybe the nanotubes cost a small fortune.

As for those of you whining about charging a car in 5 minutes, maybe it is a bit optimistic. But I'd happily settle for charging my phone in 10 minutes via 100W USB C connection.

4 days ago

Long-range Electric Car World Speed Record Broken By Australian Students

ras Well done guy's (120 comments)

Inspirational. You managed to elicit a dick waving competition from our fellow geeks in the US, all chanting "Tesla".

But Telsa isn't in the same league. It can't be. It's a mass produced product.

Sadly, they don't know what we know. We may be able to design the 1st one. But we can't build the next 1000 economically, unlike Tesla.

Please guys, devote some of they enthusiasm and energy to figure out how to manufacture the thing. Don't do the work for some Chinese company.

about 3 months ago

Australia Repeals Carbon Tax

ras Re:it is the wrong way... (291 comments)

Why would you assume he would compensate people for something that was being removed?

Maybe because before the election, Abbott promised to keep those tax cuts after repealing the carbon tax?

But you are right, I didn't assume it would stay. At time Abbott was making a whole pile of promises and he could not keep then all - balance the budget, reduce taxes, keep all the benefits those taxes paid for. But by that time hearing him make promises he could not keep was no surprise. It was clear by then the man would say anything, do anything, prostitute anything (including the sexuality of his daughter) in order to get into power.

Amazingly this extraordinary behaviour got worse after he was elected. (Amazing to me anyway. I didn't think it was possible.) First we had a promise to be an open transparent government, then a week or two later we learnt a phrase: "on water matters". Who still remembers the no surprises, no excuses government speech he gave after being elected. Probably not too many, given the shock the first last budget inflicted.

about 3 months ago

Cosmologists Show Negative Mass Could Exist In Our Universe

ras Re:Dark energy is negative (214 comments)

Dark Matter and Dark Energy are two completely unrelated issues.

To a complete layman like me, it sounds from the ancestor you are posting under they could be very much related:

Negative mass reacts oppositely to both gravity and intertia. Oddly, that means that negative mass still falls down in a gravitational field: The gravitational force is opposite, but negative mass responds negatively to force (a=F/m, where both F and m are negative). So negative mass particles repel each other gravitationally, but are attracted to positive mass objects.

That sounds like a good candidate for explaining both. Space expands because Dark Matter repels itself, but it causes galaxy's to clump and gravitational lensing because it attracts ordinary matter. I did always wonder why, if Dark Matter interacts with everything so weakly, it didn't immediately clump into black holes. This would explain it.

about 3 months ago

Intel Confronts a Big Mobile Challenge: Native Compatibility

ras Re:Fsck x86 (230 comments)

your claim that x86 has 8-bit mode is false; the lowest common denominator for x86 is the 16-bit 8086, which you're probably confusing with the 8-bit 8080 which is not x86 compatible

He was probably thinking of he 8088, which was an 8086 with an external 8 bit bus. Internally it was identical to an 8086, and so by any reasonable definition it was a 16 bit chip. It was probably the commonest version of 8086 released because it was used by the original IBM PC.

their attempts to match ARM in performance/W are so far unsuccessful when looking at non-biased benchmark results

True, but to have hope of winning the power/watt race currently, they would have to produce a chip that runs as slow an ARM. If things were static they might have be tempted to do that, but they aren't. Instead Moore's law means a OOO superscalar chip will practical on a phone in a few generations. And with it, the power advantage ARM gains form less complex, slower chips will disappear. Once that happens, the overhead imposed by the amd64 instruction will be so small it becomes irrelevant. Intel seems to be content to just wait for that to happen. Or maybe it's more a consequence of not having a choice, because the complexity of x86 did appear to impact the underpowered Atom badly.

Whatever the reason, Microsoft's abandonment of Windows RT hints that simply waiting will work. Microsoft abandoned RT because ARM simply doesn't have the horsepower, and while an i5 does get over a day worth of battery time. So they have already hit the power budget of a tablet. A phone can't be too many generations off.

But with the Mill architecture claiming a 10 to 1 MIPS/Watt advantage, while having the same raw horsepower as an OOO superscalar core, I can't help but wonder if both ARM and amd64 will loose this race in the end.

about 4 months ago

PHK: HTTP 2.0 Should Be Scrapped

ras Re:Moving goal posts (220 comments)

I don't think HTTP has any problems with security.

I disagree. We live in a world where phishing attacks are common, and the PKI system is fragile. Fragile as in when Iran compromised DigiNotar and people most likely died as a result.

The root cause of both problems is the current implementation of the web insists we use the PKI infrastructure every time we visit the bank, store or whatever. Its a fundamental flaw. You should never rely on Trent (the trusted third party, the CA's in this case) when you don't have to. Any security implementation does the insist you do when you don't have to is broken. Ergo HTTP is broken.

It's not like it isn't fixable. You could insist that on the first visit the site sends you a cert which is used to secure all future connections, and that cert was used only when the user clicked on a bookmark created when the cert was sent. That would fix the "Iran" problem, and it would also allow the web sites to train the users to use the bookmark instead of clicking on random URL's.

So given HTTP security has caused deaths and it's is fixable, I'd say it has HTTP huge problems with security. Given HTTP/2.0 not attempting to fix it is a major fail IMHO.

about 5 months ago

Melbourne Uber Drivers Slapped With $1700 Fines; Service Shuts Down

ras Re:Death sentence (255 comments)

but it is likely the demands the Directorate will place on Uber drivers, such as mandatory criminal record checks, vehicle inspections and insurance, will make the service in Melbourne unviable.

Those aren't unreasonable demands of someone wanting to carry passengers for hire. They are checks that pretty much the entire Western world has come up with after numerous problems with unsafe, uninsured and unsavoury taxi drivers. If this is enough to make Uber unviable, then I wouldn't want to be one of their investors.

You sound oh so reasonable. Pity you didn't mention that currently the only recognised way of having those checks is to buy a taxi licence. That licence costs around $30,000 per year.

It is the $30K per year that would make UberX unviable. It has no relationship to the cost of doing those checks. I have no doubt Uber will go to the and say "Look, sure, we can ask the drivers to send us the relevant certificates before we allocate them jobs. A roadworthy (which is what we in Australia call a vehicle inspection) is around $100, and they can sends us the paid insurance bill." The answer will be a resounding no, at which point is will be become obvious it has nothing do to with "safety checks".

One possible explanation of the $30K is it is protection money, charged by the government to protect the incumbents. Who, by the way, meet the definition of a monopoly. Quoting

University of Sydney economist Peter Abelson said Premier and Cabcharge were so interlinked that "it's not really a duopoly, it's almost a monopoly and between them they control about 80 per cent of the cabs on Sydney streets".

A government fining emerging competition to an incumbent monopoly, presumable because of regulatory capture doesn't sound so reasonable, does it? In fact it pisses me off so much, I deliberately travel using these upstarts even if it is less convenient, which it often is.

about 5 months ago

Heartbleed OpenSSL Vulnerability: A Technical Remediation

ras Re:Thank you for the mess (239 comments)

For people who didn't follow the link chain, it has since been updated:

Important update (10th April 2014): Original content of this blog entry stated that one of our SeaCat server detected Heartbleed bug attack prior its actual disclosure. EFF correctly pointed out that there are other tools, that can produce the same pattern in the SeaCat server log (see ). I don't have any hard data evidence to support or reject this statement. Since there is a risk that our finding is false positive, I have modified this entry to neutral tone, removing any conclusions. There are real honeypots in the Internet that should provide final evidence when Heartbleed has been broadly exploited for a first time.

about 6 months ago

MtGox's "Transaction Malleability" Claim Dismissed By Researchers

ras Re:Dear slashdot, (92 comments)

The very short version is that what these "researchers" were looking at isn't actually how the alleged bug would have worked.

That is far too short to be useful.

Mtgox's malleability problem was caused, ironically, by the protocol fixing once source of it. When that happened the network started rejecting mtgox's transactions, in fact they weren't even relayed.

The paper says the were no malleability attacks of the scale mtgox claims because they didn't see the required number of malleable transactions. This would have been reasonable if the attacker also depended on seeing the malleable transactions relayed by the network. But they didn't. Mtgox provided a web site service that allows you to see the transactions mtgox issued, thus allowing the attacker see every malleable transaction.

Thus the attack could have been much larger than what the authors of the paper saw, thus invalidating some of the conclusions of the paper. Particularly the conclusions regarding mtgox, unfortunately.

about 6 months ago

MtGox's "Transaction Malleability" Claim Dismissed By Researchers

ras Re:sounds like it really was sheer incompetence... (92 comments)

Security bugs in unpatched software are a thing that are well-understood by sysadmins and security researchers.

Really? The bitcoin is valued at several billions of dollars. The reward for breaking Keccak was academic creds. The reward for breaking bitcoin is notoriety for life, and being set for life as well. Besides, you do know that nothing in Bitcoin is encrypted, right? There is one signature and a lot of hashing. There isn't even a nonce.

Additionally, this isn’t an unpatched security flaw where upgrading to Bitcoin 1.1 would have fixed the issue. It’s a weakness inherent to the Bitcoin protocol which may or may not be able to be repaired without invaliding all existing BTC transactions.

Said like a person who is eager to prove he doesn't know much about the subject he is commenting on. It wasn't the upgrade to bitcoin 1.1 that fixed the issue, it was the upgrade to bitcoin 0.9.0. It happened last month. It didn't invalidate anything.

about 6 months ago

Why Are We Made of Matter?

ras Re:Ah, antimatter (393 comments)

We know where he hid it. He hid it in yesterday. Anti-matter is matter going backwards in time*, so when when the big bang happened, all antimatter disappeared into yesterday while we headed off towards tomorrow.

* For some definitions of time.

about 6 months ago

New MU-MIMO Standard Could Allow For Gigabit WiFi Throughput

ras Nice ... but no clients until 2016 (32 comments)

MU-MIMO is part of wave 2 of the 802.11ac standard. Right now every shipping product is wave 1.

If we are lucky the routers will get wave 2 this year, or if not this year definitely next. Apart from allowing more devices to share the same cell MU-MIMO is nice in that it reduces power consumption of devices like phones, as they only see the packets for their stream. Wave 2 also bring doubling of the bandwidth (if the spectrum is available) and other efficiences which translates to 2..3 times the speeds of wave 1. This means unlike wave 1, wave 2 should be able get 1Gb/s in the real world.

All very nice. The only issue is we won't see wave 2 client chips in laptops, phone and the like until 2016 at the earliest. So unless you are doing back to back routers or range extending, don't expect this shiny new Qualcomm chip to make see any measurable improvement in any of your existing 802.11ac devices, or in any you buy in the next 2 years.

about 7 months ago

Researchers Find Problems With Rules of Bitcoin

ras Re:Did they actually look at the bitcoin rules? (301 comments)

Don't be too sure.... a large botnet could potentially do some nasty things to the availability of the network ---- particularly, a Botnet with control of sufficient number of Bitcoins to generate an overwhelming volume of transaction spam, so legitimate transactions can't get through --- by using transactions of the minimum size, Or more traditional DDoS techniques such as packet storming the IP addresses of key nodes in the Bitcoin network.

A botnet in control of a huge quantity of bitcoin's, throwing them at the miners network in minimal transactions sounds like a miners delight to me. There is a minimum mining fee, so while in the short term it might cause the bitcoin miners to gag on their feast, in the long term all it will do is transfer that huge quantity of bitcoins to the miners. Why on earth would anybody do that?

As for traditional DDoS - the history of bitcoin is one DDoS after another. Just recently some bright spark must have decided that because mtgox said there was a transaction malleability flaw it must be true, and started modifying every transaction they could get their hands on. In other words: if every there was a network battle hardened against DDoS's, it's bitcoin.

about 7 months ago

Researchers Find Problems With Rules of Bitcoin

ras Re:Did they actually look at the bitcoin rules? (301 comments)

The current block reward is 25 * $577 = $14,425. This is huge compared to the current transactions fees.

Yes, it is huge compared to today's transaction fees. But mining fees will continue for some time yet. The bet is by the time they become insignificant mining fees won't be so small. A clue is the credit card network current roughly 10,000 transaction per second. If bitcoin managed that at 0.6c per kilobyte (the fee bitcoin relays demand) mining fees would be $72,000 per block.

To gain an insight into the odds of that happening, Paypal processes around 9 million transactions per day, or 100 per second. Paypal's revenues were $6.6 billion last year. That translates to Paypal making over $2 per transaction. Bitcoin doesn't offer the same service of course, but it currently charges $0.002 for a single transaction. (A transaction takes roughly 360 bytes).

remember that Bitcoin isn't the only game in town and miners can switch to mining an altcoin if they're not satisfied with the way "bitcoin is supposed to work".

You forget there are users of these coins - be they bitcoins or altcoins. In the end it is the users that pay the mining costs, be they transaction fees or mining rewards. In a word of competing altcoins, this translates to only the users having a vote on what the best set of rules are. What the miners think of the rules is largely immaterial. If you think this isn't true, try and set up a altcoin with spectacular miners rewards and see how many users you get. Maybe you will succeed where all other altcoin founders have failed.

The bitcoin foundation seems to be very aware of this underlying reality, and is behaving accordingly.

about 7 months ago

Researchers Find Problems With Rules of Bitcoin

ras Re:Did they actually look at the bitcoin rules? (301 comments)

and you really think all that effort in mining is going to be maintained once the coin pool is exhausted and they are only competing for transaction fees?

Just about all mining is done using ASIC now, and ASIC's are in an unenviable position. Unlike CPU's and GPU's or even FPGA's, they are utterly useless outside of bitcoin. So they will remain deployed until they cost more in power to run than they get in mining fees. This means the current mining power isn't going away any time soon.

Botnet's can earn a return from a variety of sources, not just mining. So the question becomes "is it worth competing against the ASIC's"? In terms of power cost a top end Intel CPU's is roughly 100,000 worse than an ASIC. So even if some miners drop out Botnet's are unlikely to win more than a minor percentage. If the rewards of mining have dropped so much that ASIC's are dropping out, then it's a minor percentage of a small number. Add to that mining's soaking up 100% of CPU time makes an infection by the bot stand out, which decreases the half life of your botnet ... and yeah, I expect it will continue even when there are only transaction fees.

Then there is the whole other question of "does it matter?" If a botnet does take over the mining pool, there is the little issue that bitcoin is intrinsically worth nothing. It's not like they have taken over a pot of gold. Bitcoin is only worth something if people trust it. So if they don't undermine it, they have something that will pay out forever. If they do undermine it, they have got control of 2^51 bits that no one in the right mind would buy and their source of transaction fees has dried up.

It's weird actually. Claiming bitcoin can never succeed because it is worth nothing has to be one of the more popular meme's. The reality is being worth nothing is one of bitcoin's core defences. So far all currencies that have been based on something tangible (like e-Gold) have lacked that defence, and have failed.

about 7 months ago

Researchers Find Problems With Rules of Bitcoin

ras Re:Did they actually look at the bitcoin rules? (301 comments)

except the problem of criminals leveraging other peoples resources. When you can utilise bots to farm for you you can effectively undercut other peoples market making any legitimate miner completely unprofitable.

Said like a person who doesn't have a clue about the shear amount of resources being thrown at bitcoin mining.

Currently, the bitcoin mining network is doing 6,549,663,840,000,000 SHA-256 hashes per second. Lets say you have a botnet of 1 million Haswell's. The fastest Intel CPU there is, a Xeon, and it can't do more than 20M hashes per second. So your 1 million Haswell botnet will manage to capture 0.3% of the bitcoin networks mining power.

Yes, people have speculated in the past that bitcoin might be susceptible to botnets. Even if was true the vulnerability window has well and truly closed.

about 7 months ago

Researchers Find Problems With Rules of Bitcoin

ras Did they actually look at the bitcoin rules? (301 comments)

Firstly, there already is a "tax" of the sort they say is needed. Currently the bitcoin relays don't accept transactions containing a tip of less than 0.6cents per kilobyte.

Secondly, there is nothing to force a miner to pick up a transaction, now. Right now, if a transaction doesn't contain a fee there is no incentive for the miner to include it in the block they are working on. Regardless of whether the miner includes transactions or not, they still get the mining reward.

Transaction fees are like an auction. The customer puts in a bid at the lowest price he thinks the miners will accept, each miner decides whether that fee makes it worth his while to include the block. If the customer wants the transaction processed quickly he will put a comparatively high fee on it so every miner will be interested. If not, they put a low fee on it.

This is called a market. It is how bitcoin is supposed to work.

about 7 months ago

Fake PGP Keys For Crypto Developers Found

ras Re: You can't break what never worked (110 comments)

Bitcoin is an authetication system for bitcoin transactions ... But the methods it uses show up just how primitive most of the default security structures of the modern internet really are.

Yes, +1000. Oh, if only I had mod points.

Both X509 and the "web-of-trust" are bloody terrible. Out of the two X509 is marginally better. If you are dealing with a shop unknown to you, X509 does give you a small amount of confidence their web sites cert is controlled by them. A GPG key signed by 100's of people you don't know doesn't. Unfortunately SSL then weakens this to being almost useless by not creating a new trust relationship with that store's cert, and ignoring the X509 PKI infrastructure from then on. A basic security tenant is if you must trust Trent, you do it for as little as possible. X509 requires you to do it forever, rendering you vulnerable to failures in it's PKI forever. At least GPG does allow you to bypass Trent.

The root cause is that both require to put your trust in some arbitrary thing - be it X509 or the web-of-trust. In reality when I go to debian or mozilla or a web store, I've already made my decision I'm going to trust them. Rarely (if ever) do the assertions of the PKI networks have a bearing on the decision. Debian then seals that trust by installing a certs in the install image, so I can be sure every upgrade from then on come from Debian. I presume the Mozilla does the same thing. In both cases they take responsibility for their own security once I have made my decision. The reason I want an encrypted connection to the web store is to protect the funds transfer. The people who I put in charge to manage the security of those funds is the bank, who make me sign lots of pieces of paper and use lots of passwords to prove who I am. Everywhere, that is, except the 'net, where they rely on X509 PKI to ensure I really am talking to their web site and not Mr Slimeball.Phising's web site. Seriously, what is wrong with sending me an X509 cert and insisting I identify myself with that? It almost as if they believe the 'net is the safest place on the planet, rather than than the one of the most infested phishers, con artists, and NSA types.

about 7 months ago



Google breaks its own reCAPTCHA

ras ras writes  |  about 6 months ago

ras (84108) writes "Google researchers working on recognising street numbers for Street View pointed their creation at images generated by reCAPTCHA:

To further explore the applicability of the proposed system to broader text recognition tasks, we apply it to synthetic distorted text from reCAPTCHA. reCAPTCHA is one of the most secure reverse turing tests that uses distorted text to distinguish humans from bots. We report a 99.8% accuracy on the hardest category of reCAPTCHA.


Link to Original Source

Voters need magnifying glass to read Australia's upcoming senator ballot paper

ras ras writes  |  about a year ago

ras (84108) writes "The large number of candidates means the Australian Electoral Commission is proposing to issue magnifiying glasses so voters can read the senate ballot paper for the upcoming Federal election. Printing restrictions mean the ballot paper is limited to 1 meter wide and one level deep. With 50 parties the print size will have to be reduced to 6 pt so it fits, which is illegible without a magnifying glass. For comparison, a Australian voting booth is 0.6 meters wide."

Economists predictions no better than flipping a coin

ras ras writes  |  about a year and a half ago

ras writes "The Reserve Bank of Australia did some investigation into the accuracy of their economic predictions — the ones they use to run the country:

70 per cent of the RBA's forecasts for underlying inflation for the year ahead were close to the mark, but its predictions of economic growth were less accurate, and its unemployment rate estimates no better than [chance] ... The Reserve Bank employs numbers of people on very high pay and what they're admitting now is that their — all of this so-called science — has produced nothing more than what a roll of the dice could produce."


Link to Original Source

Journalist arrested covering a talk at AusCERT

ras ras writes  |  more than 3 years ago

ras writes "Australia's security conference AusCERT2011 started over the weekend. At a pre-registration event Christian Heinrich presented two presented two new vulnerabilities in the privacy controls of both MySpace and Facebook. He demonstrated one by downloading a rival researcher's private pictures. The state police then arrested a journalist reporting on it, releasing him a short while later — but not his iPad. In justifying this the police said "Receiving a photograph obtained from a Facebook account without the user's permission is the same as receiving a stolen TV"."
Link to Original Source

Australian customs wants to see your porn

ras ras writes  |  more than 4 years ago

ras writes "Last September Australian quietly added a new check box to the customs declaration form you must fill in when you enter the country. To paraphrase: are you carrying porn?. We Ozzies have only just woken up to it. If you do check a box on the form, you are normally required to hand over all relevant material the customs officials for inspection. In the case of porn, this would include your laptop, camera and memory cards, DVD's, and raunchy magazines. They promise to be discrete."


ras has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?