Long-range Electric Car World Speed Record Broken By Australian Students
Inspirational. You managed to elicit a dick waving competition from our fellow geeks in the US, all chanting "Tesla".
But Telsa isn't in the same league. It can't be. It's a mass produced product.
Sadly, they don't know what we know. We may be able to design the 1st one. But we can't build the next 1000 economically, unlike Tesla.
Please guys, devote some of they enthusiasm and energy to figure out how to manufacture the thing. Don't do the work for some Chinese company.
Australia Repeals Carbon Tax
Why would you assume he would compensate people for something that was being removed?
Maybe because before the election, Abbott promised to keep those tax cuts after repealing the carbon tax?
But you are right, I didn't assume it would stay. At time Abbott was making a whole pile of promises and he could not keep then all - balance the budget, reduce taxes, keep all the benefits those taxes paid for. But by that time hearing him make promises he could not keep was no surprise. It was clear by then the man would say anything, do anything, prostitute anything (including the sexuality of his daughter) in order to get into power.
Amazingly this extraordinary behaviour got worse after he was elected. (Amazing to me anyway. I didn't think it was possible.) First we had a promise to be an open transparent government, then a week or two later we learnt a phrase: "on water matters". Who still remembers the no surprises, no excuses government speech he gave after being elected. Probably not too many, given the shock the first last budget inflicted.
Cosmologists Show Negative Mass Could Exist In Our Universe
Dark Matter and Dark Energy are two completely unrelated issues.
To a complete layman like me, it sounds from the ancestor you are posting under they could be very much related:
Negative mass reacts oppositely to both gravity and intertia. Oddly, that means that negative mass still falls down in a gravitational field: The gravitational force is opposite, but negative mass responds negatively to force (a=F/m, where both F and m are negative). So negative mass particles repel each other gravitationally, but are attracted to positive mass objects.
That sounds like a good candidate for explaining both. Space expands because Dark Matter repels itself, but it causes galaxy's to clump and gravitational lensing because it attracts ordinary matter. I did always wonder why, if Dark Matter interacts with everything so weakly, it didn't immediately clump into black holes. This would explain it.
Intel Confronts a Big Mobile Challenge: Native Compatibility
your claim that x86 has 8-bit mode is false; the lowest common denominator for x86 is the 16-bit 8086, which you're probably confusing with the 8-bit 8080 which is not x86 compatible
He was probably thinking of he 8088, which was an 8086 with an external 8 bit bus. Internally it was identical to an 8086, and so by any reasonable definition it was a 16 bit chip. It was probably the commonest version of 8086 released because it was used by the original IBM PC.
their attempts to match ARM in performance/W are so far unsuccessful when looking at non-biased benchmark results
True, but to have hope of winning the power/watt race currently, they would have to produce a chip that runs as slow an ARM. If things were static they might have be tempted to do that, but they aren't. Instead Moore's law means a OOO superscalar chip will practical on a phone in a few generations. And with it, the power advantage ARM gains form less complex, slower chips will disappear. Once that happens, the overhead imposed by the amd64 instruction will be so small it becomes irrelevant. Intel seems to be content to just wait for that to happen. Or maybe it's more a consequence of not having a choice, because the complexity of x86 did appear to impact the underpowered Atom badly.
Whatever the reason, Microsoft's abandonment of Windows RT hints that simply waiting will work. Microsoft abandoned RT because ARM simply doesn't have the horsepower, and while an i5 does get over a day worth of battery time. So they have already hit the power budget of a tablet. A phone can't be too many generations off.
But with the Mill architecture claiming a 10 to 1 MIPS/Watt advantage, while having the same raw horsepower as an OOO superscalar core, I can't help but wonder if both ARM and amd64 will loose this race in the end.
PHK: HTTP 2.0 Should Be Scrapped
I don't think HTTP has any problems with security.
I disagree. We live in a world where phishing attacks are common, and the PKI system is fragile. Fragile as in when Iran compromised DigiNotar and people most likely died as a result.
The root cause of both problems is the current implementation of the web insists we use the PKI infrastructure every time we visit the bank, store or whatever. Its a fundamental flaw. You should never rely on Trent (the trusted third party, the CA's in this case) when you don't have to. Any security implementation does the insist you do when you don't have to is broken. Ergo HTTP is broken.
It's not like it isn't fixable. You could insist that on the first visit the site sends you a cert which is used to secure all future connections, and that cert was used only when the user clicked on a bookmark created when the cert was sent. That would fix the "Iran" problem, and it would also allow the web sites to train the users to use the bookmark instead of clicking on random URL's.
So given HTTP security has caused deaths and it's is fixable, I'd say it has HTTP huge problems with security. Given HTTP/2.0 not attempting to fix it is a major fail IMHO.
Melbourne Uber Drivers Slapped With $1700 Fines; Service Shuts Down
but it is likely the demands the Directorate will place on Uber drivers, such as mandatory criminal record checks, vehicle inspections and insurance, will make the service in Melbourne unviable.
Those aren't unreasonable demands of someone wanting to carry passengers for hire. They are checks that pretty much the entire Western world has come up with after numerous problems with unsafe, uninsured and unsavoury taxi drivers. If this is enough to make Uber unviable, then I wouldn't want to be one of their investors.
You sound oh so reasonable. Pity you didn't mention that currently the only recognised way of having those checks is to buy a taxi licence. That licence costs around $30,000 per year.
It is the $30K per year that would make UberX unviable. It has no relationship to the cost of doing those checks. I have no doubt Uber will go to the and say "Look, sure, we can ask the drivers to send us the relevant certificates before we allocate them jobs. A roadworthy (which is what we in Australia call a vehicle inspection) is around $100, and they can sends us the paid insurance bill." The answer will be a resounding no, at which point is will be become obvious it has nothing do to with "safety checks".
One possible explanation of the $30K is it is protection money, charged by the government to protect the incumbents. Who, by the way, meet the definition of a monopoly. Quoting http://www.smh.com.au/technology/technology-news/apps-put-nsw-taxi-monopoly-in-doubt-20121102-28nv6.html:
University of Sydney economist Peter Abelson said Premier and Cabcharge were so interlinked that "it's not really a duopoly, it's almost a monopoly and between them they control about 80 per cent of the cabs on Sydney streets".
A government fining emerging competition to an incumbent monopoly, presumable because of regulatory capture doesn't sound so reasonable, does it? In fact it pisses me off so much, I deliberately travel using these upstarts even if it is less convenient, which it often is.
Heartbleed OpenSSL Vulnerability: A Technical Remediation
For people who didn't follow the link chain, it has since been updated:
Important update (10th April 2014): Original content of this blog entry stated that one of our SeaCat server detected Heartbleed bug attack prior its actual disclosure. EFF correctly pointed out that there are other tools, that can produce the same pattern in the SeaCat server log (see http://blog.erratasec.com/2014... ). I don't have any hard data evidence to support or reject this statement. Since there is a risk that our finding is false positive, I have modified this entry to neutral tone, removing any conclusions. There are real honeypots in the Internet that should provide final evidence when Heartbleed has been broadly exploited for a first time.
MtGox's "Transaction Malleability" Claim Dismissed By Researchers
The very short version is that what these "researchers" were looking at isn't actually how the alleged bug would have worked.
That is far too short to be useful.
Mtgox's malleability problem was caused, ironically, by the protocol fixing once source of it. When that happened the network started rejecting mtgox's transactions, in fact they weren't even relayed.
The paper says the were no malleability attacks of the scale mtgox claims because they didn't see the required number of malleable transactions. This would have been reasonable if the attacker also depended on seeing the malleable transactions relayed by the network. But they didn't. Mtgox provided a web site service that allows you to see the transactions mtgox issued, thus allowing the attacker see every malleable transaction.
Thus the attack could have been much larger than what the authors of the paper saw, thus invalidating some of the conclusions of the paper. Particularly the conclusions regarding mtgox, unfortunately.
MtGox's "Transaction Malleability" Claim Dismissed By Researchers
Security bugs in unpatched software are a thing that are well-understood by sysadmins and security researchers.
Really? The bitcoin is valued at several billions of dollars. The reward for breaking Keccak was academic creds. The reward for breaking bitcoin is notoriety for life, and being set for life as well. Besides, you do know that nothing in Bitcoin is encrypted, right? There is one signature and a lot of hashing. There isn't even a nonce.
Additionally, this isn’t an unpatched security flaw where upgrading to Bitcoin 1.1 would have fixed the issue. It’s a weakness inherent to the Bitcoin protocol which may or may not be able to be repaired without invaliding all existing BTC transactions.
Said like a person who is eager to prove he doesn't know much about the subject he is commenting on. It wasn't the upgrade to bitcoin 1.1 that fixed the issue, it was the upgrade to bitcoin 0.9.0. It happened last month. It didn't invalidate anything.
Why Are We Made of Matter?
We know where he hid it. He hid it in yesterday. Anti-matter is matter going backwards in time*, so when when the big bang happened, all antimatter disappeared into yesterday while we headed off towards tomorrow.
* For some definitions of time.
New MU-MIMO Standard Could Allow For Gigabit WiFi Throughput
MU-MIMO is part of wave 2 of the 802.11ac standard. Right now every shipping product is wave 1.
If we are lucky the routers will get wave 2 this year, or if not this year definitely next. Apart from allowing more devices to share the same cell MU-MIMO is nice in that it reduces power consumption of devices like phones, as they only see the packets for their stream. Wave 2 also bring doubling of the bandwidth (if the spectrum is available) and other efficiences which translates to 2..3 times the speeds of wave 1. This means unlike wave 1, wave 2 should be able get 1Gb/s in the real world.
All very nice. The only issue is we won't see wave 2 client chips in laptops, phone and the like until 2016 at the earliest. So unless you are doing back to back routers or range extending, don't expect this shiny new Qualcomm chip to make see any measurable improvement in any of your existing 802.11ac devices, or in any you buy in the next 2 years.
Researchers Find Problems With Rules of Bitcoin
Don't be too sure.... a large botnet could potentially do some nasty things to the availability of the network ---- particularly, a Botnet with control of sufficient number of Bitcoins to generate an overwhelming volume of transaction spam, so legitimate transactions can't get through --- by using transactions of the minimum size, Or more traditional DDoS techniques such as packet storming the IP addresses of key nodes in the Bitcoin network.
A botnet in control of a huge quantity of bitcoin's, throwing them at the miners network in minimal transactions sounds like a miners delight to me. There is a minimum mining fee, so while in the short term it might cause the bitcoin miners to gag on their feast, in the long term all it will do is transfer that huge quantity of bitcoins to the miners. Why on earth would anybody do that?
As for traditional DDoS - the history of bitcoin is one DDoS after another. Just recently some bright spark must have decided that because mtgox said there was a transaction malleability flaw it must be true, and started modifying every transaction they could get their hands on. In other words: if every there was a network battle hardened against DDoS's, it's bitcoin.
Researchers Find Problems With Rules of Bitcoin
The current block reward is 25 * $577 = $14,425. This is huge compared to the current transactions fees.
Yes, it is huge compared to today's transaction fees. But mining fees will continue for some time yet. The bet is by the time they become insignificant mining fees won't be so small. A clue is the credit card network current roughly 10,000 transaction per second. If bitcoin managed that at 0.6c per kilobyte (the fee bitcoin relays demand) mining fees would be $72,000 per block.
To gain an insight into the odds of that happening, Paypal processes around 9 million transactions per day, or 100 per second. Paypal's revenues were $6.6 billion last year. That translates to Paypal making over $2 per transaction. Bitcoin doesn't offer the same service of course, but it currently charges $0.002 for a single transaction. (A transaction takes roughly 360 bytes).
remember that Bitcoin isn't the only game in town and miners can switch to mining an altcoin if they're not satisfied with the way "bitcoin is supposed to work".
You forget there are users of these coins - be they bitcoins or altcoins. In the end it is the users that pay the mining costs, be they transaction fees or mining rewards. In a word of competing altcoins, this translates to only the users having a vote on what the best set of rules are. What the miners think of the rules is largely immaterial. If you think this isn't true, try and set up a altcoin with spectacular miners rewards and see how many users you get. Maybe you will succeed where all other altcoin founders have failed.
The bitcoin foundation seems to be very aware of this underlying reality, and is behaving accordingly.
Researchers Find Problems With Rules of Bitcoin
and you really think all that effort in mining is going to be maintained once the coin pool is exhausted and they are only competing for transaction fees?
Just about all mining is done using ASIC now, and ASIC's are in an unenviable position. Unlike CPU's and GPU's or even FPGA's, they are utterly useless outside of bitcoin. So they will remain deployed until they cost more in power to run than they get in mining fees. This means the current mining power isn't going away any time soon.
Botnet's can earn a return from a variety of sources, not just mining. So the question becomes "is it worth competing against the ASIC's"? In terms of power cost a top end Intel CPU's is roughly 100,000 worse than an ASIC. So even if some miners drop out Botnet's are unlikely to win more than a minor percentage. If the rewards of mining have dropped so much that ASIC's are dropping out, then it's a minor percentage of a small number. Add to that mining's soaking up 100% of CPU time makes an infection by the bot stand out, which decreases the half life of your botnet ... and yeah, I expect it will continue even when there are only transaction fees.
Then there is the whole other question of "does it matter?" If a botnet does take over the mining pool, there is the little issue that bitcoin is intrinsically worth nothing. It's not like they have taken over a pot of gold. Bitcoin is only worth something if people trust it. So if they don't undermine it, they have something that will pay out forever. If they do undermine it, they have got control of 2^51 bits that no one in the right mind would buy and their source of transaction fees has dried up.
It's weird actually. Claiming bitcoin can never succeed because it is worth nothing has to be one of the more popular meme's. The reality is being worth nothing is one of bitcoin's core defences. So far all currencies that have been based on something tangible (like e-Gold) have lacked that defence, and have failed.
Researchers Find Problems With Rules of Bitcoin
except the problem of criminals leveraging other peoples resources. When you can utilise bots to farm for you you can effectively undercut other peoples market making any legitimate miner completely unprofitable.
Said like a person who doesn't have a clue about the shear amount of resources being thrown at bitcoin mining.
Currently, the bitcoin mining network is doing 6,549,663,840,000,000 SHA-256 hashes per second. Lets say you have a botnet of 1 million Haswell's. The fastest Intel CPU there is, a Xeon, and it can't do more than 20M hashes per second. So your 1 million Haswell botnet will manage to capture 0.3% of the bitcoin networks mining power.
Yes, people have speculated in the past that bitcoin might be susceptible to botnets. Even if was true the vulnerability window has well and truly closed.
Researchers Find Problems With Rules of Bitcoin
Firstly, there already is a "tax" of the sort they say is needed. Currently the bitcoin relays don't accept transactions containing a tip of less than 0.6cents per kilobyte.
Secondly, there is nothing to force a miner to pick up a transaction, now. Right now, if a transaction doesn't contain a fee there is no incentive for the miner to include it in the block they are working on. Regardless of whether the miner includes transactions or not, they still get the mining reward.
Transaction fees are like an auction. The customer puts in a bid at the lowest price he thinks the miners will accept, each miner decides whether that fee makes it worth his while to include the block. If the customer wants the transaction processed quickly he will put a comparatively high fee on it so every miner will be interested. If not, they put a low fee on it.
This is called a market. It is how bitcoin is supposed to work.
Fake PGP Keys For Crypto Developers Found
Bitcoin is an authetication system for bitcoin transactions ... But the methods it uses show up just how primitive most of the default security structures of the modern internet really are.
Yes, +1000. Oh, if only I had mod points.
Both X509 and the "web-of-trust" are bloody terrible. Out of the two X509 is marginally better. If you are dealing with a shop unknown to you, X509 does give you a small amount of confidence their web sites cert is controlled by them. A GPG key signed by 100's of people you don't know doesn't. Unfortunately SSL then weakens this to being almost useless by not creating a new trust relationship with that store's cert, and ignoring the X509 PKI infrastructure from then on. A basic security tenant is if you must trust Trent, you do it for as little as possible. X509 requires you to do it forever, rendering you vulnerable to failures in it's PKI forever. At least GPG does allow you to bypass Trent.
The root cause is that both require to put your trust in some arbitrary thing - be it X509 or the web-of-trust. In reality when I go to debian or mozilla or a web store, I've already made my decision I'm going to trust them. Rarely (if ever) do the assertions of the PKI networks have a bearing on the decision. Debian then seals that trust by installing a certs in the install image, so I can be sure every upgrade from then on come from Debian. I presume the Mozilla does the same thing. In both cases they take responsibility for their own security once I have made my decision. The reason I want an encrypted connection to the web store is to protect the funds transfer. The people who I put in charge to manage the security of those funds is the bank, who make me sign lots of pieces of paper and use lots of passwords to prove who I am. Everywhere, that is, except the 'net, where they rely on X509 PKI to ensure I really am talking to their web site and not Mr Slimeball.Phising's web site. Seriously, what is wrong with sending me an X509 cert and insisting I identify myself with that? It almost as if they believe the 'net is the safest place on the planet, rather than than the one of the most infested phishers, con artists, and NSA types.
Computer Spots Fakers Better Than People Do
The people who programmed "the computer" were better.
You don't say why. But I'm guessing if I follow you logic the people who programmed Deep Blue were better at chess than Deep Blue itself, or the people who programmed Watson were better at Jeopardy than Watson. Since computers did these tasks better than the best people in the world clearly they weren't, and by a large margin.
Technically computers can do some things better than us. For example, they can store a series of images of someone responding to pain perfectly for long periods of time. Humans can't. A direct consequence is humans must make their decision on a facial expression within a second or so. Computer's on the other hand can take as long as they want. So if you give them 20 minutes they can multiply whatever power they have at hand by over 1000 (since 20 minutes is over a 1000 seconds).
The reality is that the issue isn't the about of computer power a computer can bring to the table. It is true humans have huge brains, but it has to be split over many tasks. For any single task it is now easy to throw order's of magnitude more compute power at it than a human can. So the problem isn't that the brain is more powerful than a computer, the problem is the programmers figuring how to do the task. One they do that - well Facebook is now better at recognising faces in photographs that a human is.
Bitcoin's Software Gets Security Fixes, New Features
Yeah, you could be forgiven for thinking that from the headline, or indeed the linked story. Both are wrong.
Yes, there transaction malleability issues were fixed. But no, mtgox woes weren't caused by transaction malleability. Yes, I realise mtgox claims they were, and I realise the popular media swallowed that line without questioning it too much. In reality it was at best tangentially related and mtgox's statements on the issue were PR statements designed to keep customers, not an explanation of what happen. To date they have released any resembling that.
There were a number of transaction malleability problems. The most serious were fixed a year ago. The one fixed a year ago was the bitcoin core software accepted numbers with leading zero's, thus there were several ways to write down the same transaction. This was never intentional, and the fix was to ban numbers with leading zeros. To my knowledge that form of malleability was never exploited. Mtgox's problem was their software produced transactions with leading zero's, so their transactions were rejected by the mining network after the fix. Hackers found a way to exploit that, due to a second bug in the mtgox software.
The headline is also miss-leading on the shear number of changes. Like the web, bitcoin software has several parts. Among them are a GUI client part people use to manage their wallets, a part that can do mining, and a core part the defines the bitcoin protocol and messages. It is the core part that is the equivalent of the HTML 4.01 spec. It was the bit tightened to prevent transaction malleability, a better definition for OP_RETURN and a few other tweaks. The bulk of the changes were in the rest. However, "the rest" is to bitcoin like web browsers, proxies specific servers are to the HTML 4.01 spec. Very few people actually use the reference bitcoin wallet, for instance.
Kaspersky: Mt. Gox Data Archive Contains Bitcoin-Stealing Malware
Except that not every bitcoin transaction is made by the owner.
I am not sure what you mean. Every spend of your bitcoins has to be signed by your private key. It doesn't have to be submitted by you, but it must be authorised by you by that signature.
Note that doing that can consist of running a computer with a fully patched operating system, anti-malware protection, etc., if it's on line.
Hmmm. What do you think bitcoin is good for? Do you think it is the equivalent of storing your life's savings under a mattress, or doing transactions?
You can use it to do either. The mattress scenario is easy enough. You just print your private keys out a few times on a piece of paper, and put them in safe deposit boxes. To put money under the mattress you just transfer funds to that key. You don't need access to the private key to do that. To get a large lump out of the mattress is appropriately more difficult and tedious. You disconnect the network, boot off a live CD, create the necessary transaction and put it on a USB key, reboot and send the transaction. It may be painful (although maybe not as painful as having to visit a bank), but it's safe from virus and hackers.
However, the mattress isn't what bitcoin is meant to be good at. It's forte is doing transactions cheaply and quickly. A far more likely scenario is putting the amount of cash you would normally carry around in your wallet into your phone instead. Just like traditional cash, this is an amount of money you can afford to lose.
Computer security is far from what it would need to be to make this practical.
Actually, it isn't. True, traditional PC's aren't secure. But Android and iOS devices together with their TPM's are more than secure enough. They are so secure not even the FBI can crack an encrypted iPhone - they have to be sent back to Apple. Just like a wallet the risk comes more from losing the damned thing rather than it being cracked by a remote hacker. But unlike a real wallet, these devices can actively assist with security. They can demand PIN's, or fingerprints. They can restrict how many bitcoins can be paid out to an unknown keys in a day.
However, the reality is that in the country I live in at least, direct transfers between banks are already so fast (read: seconds), and so cheap (read: free, between any bank in the country, regardless of who owns it or how far away it is) that bitcoin is going to have a hard time competing. I gather the US still uses cheques and bankers deliberately make dealing with competitors difficult. They may have created fertile ground for new weeds like bitcoin to grow in. When it comes to international transfers, where I wear all the risk and yet it still costs a 10's of dollars to transfer money, things are definitely different. And surprise, surprise, it is in international transfers that bitcoin is seeing the most use right now.