×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Heartbleed Disclosure Timeline Revealed

slimjim8094 Re:Negligence (62 comments)

You must be reading a different article than I am. I see "The patch is then progressively applied to Google services/servers across the globe." which implies to me that the 21st was the start of the clock. I could easily imagine that it would take several days to update everything.

Then the clock starts ticking for whoever the "infrastructure providers under embargo" are. I emphasized "then" in my original post - presumably they wouldn't share the flaw even with trusted partners until they'd fixed it themselves. Two sequential "several days" could hardly be shorter than 10 days.

3 days ago
top

Heartbleed Disclosure Timeline Revealed

slimjim8094 Re:Negligence (62 comments)

You don't think it could take 10 days to find a flaw, fix it, make sure you've fixed it, and roll the fixes out to prod? And then "notif[y] some infrastructure providers under embargo" and let them fix it and roll it out to prod?

You may disagree with Google looking out for themselves first here, but the fact is they'd be negligent (and foolish) to spread this more widely until they'd ensured it was fixed for themselves and (by extension) their customers/users.

3 days ago
top

'weev' Conviction Vacated

slimjim8094 Re:To the point... (147 comments)

You're seriously going to argue that even though he had to take deliberate steps to impersonate other people he wasn't accessing information "without authorization"?

Yes. "Without authorization" is more than "well I wasn't expecting him to ask that question!".

That's what this boils down to at the end of the day, he tricked AT&T's web servers into thinking he was an AT&T customer, and in so doing obtained access to information about that customer.

No, he sent a query to the webserver, and the webserver did what it was designed to do and answered it. AT&T was the one making the mistake by assuming that all trivially-correctly-formatted requests were from AT&T customers as opposed to actually checking whether the requester was - in fact - a customer (something they could've easily done!)

Then he wrote a script to automate the process and repeated it ~140,000 times.

Sure. So? It means he knows how to use 'seq' and 'wget'. Would it be different if he changed the number in his browser 140k times?

I really don't understand why people defend this kid's actions.

Like a lot of prosecutions people complain about, it wasn't really about the "kid" (why does it matter if he's a "kid"?). It's about precedent, and "some queries shouldn't be sent to a webserver, but you don't know what those are until we nail your ass" is a pretty damn bad precedent.

The Federal prosecution was bullshit, this should have been charged at the State level, but to claim that he's completely innocent when he went out of his way to obtain access to information he knew he had no right to access? That's absurd.

He probably had a suspicion that AT&T didn't mean to provide this access, but they did. This is more like calling up a place and asking what Frank's address is - you may think it's odd that they told you, but in the absence of even trivial checks to see whether you really are Frank, it would be reasonable to conclude that this was intended to be public. After all, they just happily told a member of the public. And no, the user agent is not even a trivial check, since every browser pretends to be every other browser anyway.

about a week ago
top

Google: Teach Girls Coding, Get $2,500; Teach Boys, Get $0

slimjim8094 Re:Jesus Motherfucking Christ ... (673 comments)

Well I wasn't going to start the cursing, but fuck that shit.

1) How is the industry a "sweaty jock party"? Most of the people I know haven't seen a jock strap in their life, and certainly wouldn't ever have qualified as "jocks". Mostly I see companies bending over backwards to provide an egalitarian work environment, and finding little resistance on most measures because the men aren't "jocks".
2) There's all kinds of stupid shit you can justify by shouting that "THEY ARE TRYING TO DO *SOMETHING*". Perhaps they should fire half the men, and put the rest in the locker room (you know, because they're "jocks") to keep them from pestering the women in the rest of the office. That would be something, alright. Or put a flower in the window. That would be something, too. Are we to try everything that someone somewhere thought might help? And then having said you haven't identified the solution ("might be the *wrong* thing....") you tell everybody who doesn't agree to "just go to Hell"

I totally agree that gender is completely irrelevant when writing code, but some of us feel that counterproductive and harmful initiatives are something to criticize, not endorse blindly. We don't have to be chickens running around with heads cut off just because there's some problem - in fact, that's about the fastest way to fuck up a situation that I can come up with. Personally, I believe companies should be trying to do the *right* thing.

Stepping back from your idiotic post, I think it's undeniable that there is a supply-side issue here. I don't know if it's cultural, stereotypical, biological, or just logical. It could be any, frankly - perhaps we view women as less technical (which we should fix), or women are less interested in joining the "losers" in the computer club (seriously, where did "jocks" come from?), or maybe what they've seen of CS is that it's a pretty shitty job with regards to the stuff they care about (like "working too much and never seeing my family") and they're making the right choice for them. Hey, more doctors and lawyers now are women then men, and it pays better (and is more rewarding in dimensions that may be more important to women). I don't exactly know what's going on (though I have my suspicions) but I do know that bribing teachers to ignore the boys and focus on the girls is the wrong way to approach this - for so many reasons, ranging from discrimination to backlash to unintended consequences to simple ineffectiveness.

about a week ago
top

Google: Teach Girls Coding, Get $2,500; Teach Boys, Get $0

slimjim8094 Re:Sex discrimination. (673 comments)

As long as it remains, the misogynists will have the argument that

The misogynists will always have an argument because they're working from an unshakable personal assumption that they are superior because of their gender. There's really no point pandering to them since they'll just writch to another argument.

No, you don't get it.

Let's say you have a company where they try to hire everyone "over the bar" regardless of any factors. You'd expect the gender ratio of the company to be whatever the percentage of the candidates who are above that ratio. (If it's not - and it often isn't, for various reasons - fix that first)

If this ratio is not 50/50, say because there are less women overall, and you determine that it is more important to fix the ratio than maintain the hiring standards, then you will unavoidably be diluting the pool of females with people of a lower standard. (If you don't decide to lower the bar, then you won't be changing the ratio)

So you are a rational individual (of any gender) in this company and you are presented with some person. It is an unavoidable fact that the average woman is of a lower competence than the average man. It is the only logical conclusion! The hiring process made it so!

This is a catastrophic approach because the sexist, backwards attitude shouldn't be made the correct logical inference! But by instituting the quota, the company has done exactly that!

There is a lot a company can do if it wants to have more females, without lowering the bar. Women typically require different outreach than men, such as more encouragement (men are more apt to pursue a path even in the face of active discouragement), seeing other females "leading the way" (part of encouragement), describing a job in terms of social impact (vs the "vanquish the challenge" aspect that appeals disproportionately to men). There's nothing wrong with this - a company that wants the best recruits should be picking the best messaging for many different groups, like new grad (great learning!) vs experienced industry (run stuff!), young (cool projects!) vs older (great benefits!), and, yes, even men vs women. Even something as simple as dropping the puzzle interview questions can help, since aside from being useless, a lot of the "fun" ones depend on cultural touchpoints (superheros and zombies in that article) that don't generally resonate with women. It's really an overall "change how we think about this" approach that's not generally too controversial - even stupid stuff like "hide the names on resumes" and "figure out what you're expecting before you meet the person" can help an interviewer avoid unconscious biases - against any group.

None of this is instituting a quota.

about a week ago
top

Men And Women Think Women Are Bad At Basic Math

slimjim8094 Re:Math ? (384 comments)

It's not plural at all. It's a collective noun, so it's singular. And 'math.' (note the period) started as an abbreviation, which lost the period by the 1870s. The wacky form 'maths' didn't come about until the 1910s, 40 years later.

It's a stupid spelling. It's awkward to say (the 's' often ends up nearly silent anyway) and grammatically confusing (it's not plural!), where 'math' is just a straight abbreviation. Couple that with the smug yet completely unwarranted sense of superiority ("the trouble with americans") people get for using it, and you've got a winner.

about a month ago
top

Men And Women Think Women Are Bad At Basic Math

slimjim8094 Re:Cultural bias biggest factor (384 comments)

"That's not true at all."

Yes it is.

I'd provide more evidence, but you didn't - and in any case even the tiniest bit of good-faith searching would find it.

about a month ago
top

Men And Women Think Women Are Bad At Basic Math

slimjim8094 Re:Lawrence Summers, save me! (384 comments)

Well put, especially because all this is really about is averages.

The GP's post title is interesting - he refers to the ex-president of Harvard who lost his job (in part) due to comments - that were pretty completely misrepresented - about the aptitude of women in mathematics and science. His basic point - which isn't particularly controversial - is that men tend to have a greater standard deviation for many characteristics than women do, although they tend to have approximately the same averages. This wider bell curve would obviously lead to more men at the highest levels - but also at the lowest. Both of these are well supported observations (especially the low half, which is less controversial - go figure) and are also reasonable conclusions from a genetic standpoint - women have two X chromosomes, which moderate each other, while men have only one (this is why e.g., color blindness are almost exclusively male afflictions) - as well as an evolutionary standpoint (a population-exceptional male can have dramatically more successful offspring than an average male, but a population-exceptional female will have approximately the same number, although more fit, as an average female).

Stereotypes are all about averages, and the reason they've so pervasive is that they're how our brains work. We need to have a mental model of everything around us, so we don't spend 10 minutes trying to understand an apple every time we see one. We couldn't function if we weren't able to say "this is an apple, it acts like the other apples I've experienced" and put it in that bucket.

The problem doesn't even arise when we do that with people - to an extent. We have a stereotype of doctors as intelligent and knowledgeable about our health, for instance, that's usually quite helpful if we're a patient. No, the problem comes when we don't remember that stereotypes are just personal averages, and that a specific individual may not fit the model we have, combined with trying too hard to fit people into buckets when the evidence doesn't fit. The other problem is not discarding a bucket when essentially nobody fits it (e.g., common racism, sexism, anti-Semitism, etc - all of which persist only because the bigot in question has spent their life cherry-picking and exaggerating interactions).

(Also, back on topic, women aren't any worse at spatial reasoning, they just - on average - take slightly longer to do it)

about a month ago
top

Terrafugia Wants Their Flying Car To Be Autonomous

slimjim8094 Re:Oh dear Lord (94 comments)

Nope. They may have the equipment, but they need a Category IIIb instrument landing system at the airport to actually do so, along with a crew certified to operate it. All of which are shockingly expensive - you need computer equipment that continues to work after a failure, which in practical terms means you need a lot of computers cross-checking each other and extremely rigorously designed software (I think 7 9's). The ground equipment is similarly extremely expensive, rather tempermental, and requires lots of checking and re-certification (the risk of being wrong is that the plane flies into the ground).

Lesser categories of ILS (i.e., the ones at almost all airports, even commercial passenger carrying ones) require transitioning to visual control at or above the decision height to avoid going missed.

about 2 months ago
top

Google Fighting Distracted Driver Laws

slimjim8094 Re:It's not HUDs, it's what kinds of HUD (226 comments)

More to the point, in a car you need to be looking outside pretty much continuously. More than about a half-second of looking away starts to get dangerous, and 2 seconds is downright negligent. But in a small airplane, you have much, much longer (on the order of about 30 seconds) of eyes-inside time - you need it to do all your planning/charts/radios/checklists/etc! And that's just for visual rules - if you're on an instrument flight, you don't even need to look outside until you're trying to land (that's the point of an instrument rating - looking outside doesn't do you much good if you're in a cloud).

The two scenarios aren't even remotely comparable. Driving is a much more "real-time" operation than flying, so distractions should be minimized to a substantially greater extent.

about 2 months ago
top

Report: Valve Anti-Cheat (VAC) Scans Your DNS History

slimjim8094 Re:So (373 comments)

It doesn't matter.

Look, when I was a kid, I used to play Counterstrike pretty seriously. I was curious about these cheats that I kept seeing on VAC-secure servers, so I went and found some and played around with them - on VAC-insecure servers, of course*. They're really cool bits of code that hook into the game and understand the engine well enough to find the head "bone" and wait for it to come into the player's view. Being a coder, I wanted to know how they worked - not to write my own, but software that hooks into other software is fairly unusual, and thus, interesting to my teenage self.

Anyways, since I was just looking around (and not willing to pay/join the "clubs" that made new undetected hacks), the aimbot I had was definitely no secret and surely would've gotten me banned if I'd played on a VAC-secure server. The deal was - cheat on a secure server, get banned. But the counterpoint is - cheat on an insecure one, no problem. It felt really fair - joining a secure server is an agreement not to cheat, and if you do, you're banned.

If this story is true, it completely changes that agreement. Presumably it's a "once a cheater, always a cheater" attitude, but that's not really fair. The cool thing about VAC was that it was indisputable. It doesn't make mistakes - you knew categorically that someone who was VAC-banned had broken the agreement by having cheat code loaded while connected to a secure server. So there was no arguing, pleas, etc - they were a cheater, they had cheated in a game that was annotated "no cheats". This would completely change that dynamic, and Valve is really careful about that kind of thing, so I'm suspicious that this is as-reported.

*Before somebody chews me out for cheating anywhere - first, it was only on cheat servers (all players were using them), and second, it only makes sense to view the active decision to turn off VAC (it's on by default) as a decision to allow cheaters.

about 2 months ago
top

Whatever Happened To the IPv4 Address Crisis?

slimjim8094 Re:The real truth? (574 comments)

I expected better from a 4 digit UID.

"hardware doesn't support ipv6" - Sure, and it's all being steadily replaced. As everybody replaces their stuff on the normal cycle, the new stuff supports v6. 5 years later, everything supports it - starting at the backbone, moving to the ISP core, then the individual gateways. Case in point - Comcast, Time Warner, Verizon, ATT, etc. Not sure what you mean by "expensive hardware that ISPs have in their data centers" because the big ISPs don't seem to have any trouble with it. Perhaps you mean some shitty ISP nobody's heard of (got any names?) that went out of their way to *not* buy all the v6-compatible gear? Or perhaps they're running 8 year old equipment, even though bandwidth requirements have gone through the roof since then. Well, either way, yeah occasionally upgrading your shit is part of being an ISP.

"virtually all wireless network hardware sold today" - You mean like Aruba and Cisco? Fun fact - my university uses Aruba gear for WLAN and they flipped on native v6 quite successfully. In 2010. Or perhaps you mean consumer gear, like my shitty Arris gateway from the cable company that requested a v6 prefix when I plugged it in and has been happily advertising it to all my machines? And "machines" includes my cellphone, Smart TV, and fucking Blu-Ray player!

"cost the ISPs time and money and aggravation to support" - You'll have to do better than that. IPv6 brokenness is a non-issue, and most of the negligible fraction of people who have a problem are having a problem due to ISP misconfiguration - a support non-issue if the ISP is configured properly. In fact, when the support guys realized that widespread v6 support would essentially eliminate all their "how do I forward a port" support calls, I bet they had to change their pants. If by "support" you mean "configure this shit they bought over the last 5 years"... well, that's known as a "job".

Normally I'd expect a bullshit post full of ad-homenims to be some sort of astroturf but all the ISPs are already fucking doing this so they have no reason to troll forums. So I don't know what your deal is. Maybe you get a jolly from shitting on v6. That's fine, go nuts. We'll all be over here using it happily, spinning up v6-only services in a few years, and leaving you in the dust.

about 2 months ago
top

Whatever Happened To the IPv4 Address Crisis?

slimjim8094 Re:Chicken little (574 comments)

Google agrees. They're probably a bit less US-centric.

As bad as the ISPs in the US are, we're actually a world leader in v6 traffic. Comcast, Time Warner (the ones I have personal experience with) and apparently Verizon are all doing v6 natively and properly. That accounts for a huge percentage of customers - as they get around to replacing their gateways, it should "just work".

-- reply ends, general comments begin --

Just so everybody's clear what I mean by "just work" - when I moved into my new apartment, I rented a modem/router from the cableco (I of course bought my own a few weeks later like a good nerd). Out of the box, it requested a /64 prefix and delegated it to the internal network, including the v6 DNS servers. All OSes made in the last 10 years know how to do v6 properly, so everything from my desktop to my phone to my smart TV can access v6 resources just fine.

v6 is here. It works great, and you get real IPs! Like, you can actually paste an IP to a friend so he can download a file from your box just like the old days, without doing any NAT port mapping bullshit. Want to play a game, or video chat, or VNC or something? Just open a damn socket, no STUN or UPnP or any other crap.

I don't get why so many Slashdotters are bitching/FUDding about v6. There's no money in it - all the ISPs are doing it happily - so it's not astroturfing. And the comments don't fit the typical troll model. What gives?

about 2 months ago
top

Whatever Happened To the IPv4 Address Crisis?

slimjim8094 Re:Probably the home router... (574 comments)

And don't be surprised if someone implements NAT on IPV6.

That person should be shot. There is literally no benefit to NAT (and a massive amount of drawbacks) unless you have a shortage of IP addresses. And IPv6 has 340282366920938463463374607431768211456 of them.

about 2 months ago
top

Comcast To Buy Time Warner Cable In $44.2 Billion All-Stock Deal

slimjim8094 Re:Bad Service x Fewer Choices (303 comments)

My parents have Comcast, I have TWC. Performance, reliability, and tech are all about the same - Comcast on demand and cable boxes are much better, but TWC's been working on that. I actually have had better luck with Comcast customer service than Time Warner, but that might just be a fluke.

I don't expect anything to get worse, but it probably won't get any better either - certainly not the price.

about 2 months ago
top

Comcast To Buy Time Warner Cable In $44.2 Billion All-Stock Deal

slimjim8094 Re:SEC block? (303 comments)

That's what I thought, until I remembered that nobody with TWC can switch to Comcast or vice-versa, at least without moving. There should be huge anti-competitive concerns - but there's no competition anyway so I guess it doesn't matter?

about 2 months ago
top

Comcast To Buy Time Warner Cable In $44.2 Billion All-Stock Deal

slimjim8094 Re:Win for IPv6 (303 comments)

TWC does v6 as well. I'm using it right now

about 2 months ago

Submissions

top

Black Mesa: Source Actually Nearing Completion

slimjim8094 slimjim8094 writes  |  about a year and a half ago

slimjim8094 (941042) writes "Black Mesa the long-in-the-running total-conversion mod recreating Half-Life 1 for the Source engine, has been discussed on Slashdot before. At the time it was described as "nearing completion" and "confirmed out in 2009", but now they've given a date: September 14th. The first part of the game (through Lambda Core) is apparently what's being released now; it looks like they're still finishing up the Xen and some other stuff for later release. The soundtrack is available for download over at the official announcement on the forums."
Link to Original Source
top

Verizon to open network to all devices

slimjim8094 slimjim8094 writes  |  more than 6 years ago

slimjim8094 (941042) writes "It appears that Verizon will open its network to all devices, similar to the way Google is pushing for with the 700MHz spectrum. There is "a lot of fine print", but essentially there will be two service levels — the regular, current model with subsidies and the like, and a free-for-all model for any device meeting "minimum technical standards". No word yet on what those will be.

Original press release: http://news.vzw.com/news/2007/11/pr2007-11-27.html"
top

slimjim8094 slimjim8094 writes  |  about 7 years ago

slimjim8094 (941042) writes "The Supreme Court has agreed to hear the "Bong Hits 4 Jesus" case, covered previously on Slashdot here.

The case forces the court to reconsider the line between a student's right to free expression and a principal's authority to limit what is said and done at school.

The message seemed designed to provoke Principal Deborah Morse, and it succeeded in doing so. She tore it down and sent Frederick to the office. She planned to suspend him for five days, but when he invoked Thomas Jefferson and the First Amendment, she doubled the suspension to 10 days.
Interestingly enough:

Several religious-rights groups filed briefs supporting the student's free-speech right in this case. Their lawyers worry that school officials might, for example, say it was inappropriate for a student to wear a T-shirt that praised Jesus Christ.
"
top

slimjim8094 slimjim8094 writes  |  more than 7 years ago

slimjim8094 (941042) writes "Jim Gray, a recipient of the A.M. Turing Award, has gone missing.

Gray, 63, of San Francisco, was last heard from on Sunday, the day he set out from San Francisco for the Farallon Islands, about 25 miles west of the Golden Gate Bridge. ... Coast Guard spokeswoman Lt. Amy Marrs called Gray's disappearance a mystery because the weather was good, he was in good health and the boat was equipped with radios and flares. There were no distress signals.
"
top

slimjim8094 slimjim8094 writes  |  more than 7 years ago

slimjim8094 (941042) writes "James Kim, a technology editor for C|NET, has been found dead in the wilderness of Oregon. He had been missing for nearly two weeks. He is survived by his wife and two daughters (Penelope, 4, and Sabine, 7 months).

James Kim was a senior editor covering digital audio who also co-hosted a weekly video podcast for the Crave gadgets blog. He had been writing a book on Microsoft's Zune MP3 player. Formerly, he was an on-air personality on the now-defunct cable television network TechTV.
"
top

slimjim8094 slimjim8094 writes  |  more than 7 years ago

slimjim8094 (941042) writes "Appearantly, Warner Music's CEO Edgar Bronfman's children have stolen music. The punishment? They got a talk about "not stealing". Now, when other people steal his copyright, shouldn't they just be allowed to listen to his lecture (instead of the big lawsuit and settlements)?"
top

slimjim8094 slimjim8094 writes  |  more than 7 years ago

slimjim8094 (941042) writes "There is a new Azureus client that is optimized for HD video, as described in this Wired article. Their idea is using the BitTorrent protocol to distribute movies. Appearantly, anyone with a 300K connection can enjoy this higher-quality video in realtime.

Unfortunately, the article is light on the details. While I am sure we all agree that higher-quality video is better, the resolution is not stated. It also mentions the possibility of DRM restrictions. But the concept seems sound."
top

slimjim8094 slimjim8094 writes  |  more than 7 years ago

slimjim8094 (941042) writes "A mechanical device from 150BC was found in a shipwreck. Upon examination with X-Rays, the device appears to be a revolutionary computer used to calculate lunar cycles. This device "is technically more complex than any known for at least a millennium afterward." The creation of the device is attributed to the Greeks. FTA:
The hand-operated mechanism, presumably used in preparing calendars for planting and harvesting and fixing religious festivals, had at least 30, possibly 37, hand-cut bronze gear-wheels, the researchers said. A pin-and-slot device connecting two gear-wheels induced variations in the representation of lunar motions according to the Hipparchos model of the Moon's elliptical orbit around Earth.
"
top

slimjim8094 slimjim8094 writes  |  more than 7 years ago

slimjim8094 (941042) writes "CBC news reports on a study done that shows that listening to higher volume levels for long periods of time will permanently damage hearing.
"If a person exceeds that on one particular day and happens not to use their headphones for the rest of the week, they're at no higher risk," Fligor told Reuters. "I'm talking about someone who's exceeding 80 per cent for 90 minutes day after day, month after month, for years."


How many have been sure of this for years?"
top

slimjim8094 slimjim8094 writes  |  more than 7 years ago

slimjim8094 (941042) writes "The Washington Post is reporting that the ozone hole over Antarctica is the largest ever recorded.
From the article:
"From Sept. 21 to 30, the average area of the ozone hole was the largest ever observed, at 10.6 million square miles," said Paul Newman, atmospheric scientist at NASA's Goddard Space Flight Center, Greenbelt, Md. That's larger than the area of North America.


However, the good news is that the CFCs that created it should disappear by 2065."
top

slimjim8094 slimjim8094 writes  |  more than 7 years ago

slimjim8094 (941042) writes "In a full-page ad in the Financial Times, McAfee warns users that Vista is insecure
McAfee's chairman George Samenuk says,
"With its upcoming Vista operating system, Microsoft is embracing the flawed logic that computers will be more secure if it stops co-operating with the independent security firms".

McAfee's argument is that, with Microsoft securing the kernel, they will not be able to secure the operating system. The EU is also watching for anti-competitive behavior. Do security companies need to have an open kernel to be able to write their programs?"

Journals

slimjim8094 has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...