Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

NASA Money Crunch Means Trouble For Spitzer Space Telescope

thesandbender Endorse James Webb. Do NOT even mention Sptizer. (107 comments)

The vast majority of US Representatives and Senators do not understand the distinction between the Spitzer and James Webb Missions. Nor should they, there primary job is taking care of local and internal politics here. However:

If a lot of people call/email/write in saying "Save Spitzer", they'll have their assistants do some research and run the numbers. Unless one of those assistants is a space/astronomy junkie, the result will come back the same for all parties. Spitzer is "up there" and "doing science".... James Webb costs more and is risky (it hasn't even launched yet)... so back Spitzer. It's the politically "safe" move.

Personally, I don't want to see that happen. If we have to sacrifice Spitzer (and even other projects) to get James Webb... so be it. Astronomy is, after all, all about the very long game.

about 4 months ago
top

London Black Cabs Threaten Chaos To Stop Uber

thesandbender Re:fuck beta (417 comments)

You're right. It's completely unfair of the government to establish any sort of regulations or expectations on private professional practice on behalf of it's citizen's. You have fun with SurgeonsRUs, PilotsUnited, etc.

about 4 months ago
top

London Black Cabs Threaten Chaos To Stop Uber

thesandbender London Cabbies are different (417 comments)

I'm a New Yorker who makes frequent use of the yellow cabs here and has had the pleasure of using London cabs.

In NYC, it's basically the taxi's the are licensed. Any yellow cab has to have a medallion and they are expensive... often going for $750k+ USD. Once you have the medallion you can lease/rent it to just about any hack who qualifies for a drivers license.

In London, it's the drivers that are heavily regulated. The tests are notoriously hard and London cabbies either have or acquire neurology that is much more spatially oriented than normal.

The difference may be subtle to most people but it's important. When you get in a cab in NYC, you usually need to be explicit about the route that should be taken. Nefarious types will often take you through Times Square, Union Square, Canal Street or other traffic nightmares to run up the tab. London cabbies pride themselves (at least in my experience) on on knowing every last back road that will get you there that much faster.

So I see their point. They're a group of professionals.... who act like professionals. They've put a lot of time and effort into becoming such, I'd want to protect my turf as well.

about 4 months ago
top

Heartbleed OpenSSL Vulnerability: A Technical Remediation

thesandbender Reality Check. The sky is not falling. (239 comments)

One of my current roles is to provide technical support/advice for a group of project managers and business analysts. This morning a few of them had watched the Crash News Network over breakfast and came in convinced that privacy, as we know it, had come to an end. My job is to talk them off the ledge (and I actually enjoy it, they're smart people and as long as I explain it correctly, they get it... I've found that's pretty rare).

1. The issue only exposes 64k at a time. Let's assume that the average enterprise application has at least a 1G footprint (and that's actually on the low end of most applications I work with). That's 1,048,576K. At best, this means that this exploit can access 0.006% of memory of an applications memory at one time.

Ahh you say, I will simple make 16,667 requests and I will retrieve all the memory used by the application.

2. The entire basis of this issue is that programs reuse memory blocks. The function loadAllSecrects may allocate a 64k block, free it and then that same block is used by the heartbeat code in question. However, this code will also release this same block which means that the block is free for use again. Chances are very good (with well optimized code), that the heartbeat will be issued the same 64k block of memory on the next call. Multi-threaded/multi-client apps perturb this but the upshot is that it's NOT possible to directly walk all of the memory used by an application with this exploit. You can make a bazillion calls and you will never get the entire memory space back. (You're thinking of arguments to contrary, your wrong... you wont.)

Congratulations, much success... you have 64k internet.

3. Can you please tell me where the passwords are in this memory dump:

k/IsZAEZFgZueWNuZXQxFzAVBgNVBAMTDk5ZQ05FVC1ST09ULUNBMB4XDTEwMDMw
MzIyNTUyOFoXDTIwMDMwMzIyMTAwNVowMDEWMBQGCgmSJomT8ixkARkWBm55Y25l

There will be contextual clues (obvious email addresses, usernames, etc) but unless you know the structure of the data, a lot of time will be spent with brute force deciphering. Even if you knew for a fact that they were using Java 7 build 51 and Bouncy Castle 1.50, you still don't know if the data you pulled down is using a BC data structure or a custom defined one and you aren't sure where the boundaries start and end. The fact that data structures may or may not be contiguous complicates matters. A Java List does not have to store all members consecutively or on set boundaries (by design, this is what distinguishes it from a Vector).

Long story short. Yes, there is a weakness here. However, it's very hard to _practically_ exploit... especially on a large scale (no one is going to use this to walk away with the passwords for every gmail account... they'd be very, very lucky to pull a few dozen).

This doesn't excuse developers from proper programming practices. It's just putting "Heartbleed" in perspective.

about 5 months ago
top

Million Jars of Peanut Butter Dumped In New Mexico Landfill

thesandbender Re:And so this is Costco's fault? (440 comments)

People lining up at food banks aren't going to be going to costco and buying peanut butter in bulk. The same goes for families whose children benefit from school meal programs.

Unfortunately there is a degree of truth to the OP's comment about Costco being afraid of getting sued. I used to volunteer at "under privileged" schools and staff were specifically told not to give food to children in need but to direct them to one of the official programs. Litigation was cited as one of the reasons, as well as concern about children flying under the radar and not getting all the help they needed, etc. The cafeteria wasn't even allowed to give out unused food. The school district in this case was very concerned about getting their butts sued off because of a well intentioned act that went bad (it had happened before). It was a disheartening situation all the way around.

about 6 months ago
top

Cryptocurrency Exchange Vircurex To Freeze Customer Accounts

thesandbender An exchange should never lose money. (357 comments)

By definition a true exchange should never lose your money. You can lose your money, but they won't. An exchange is a barter system, you trade X for Y. Legitimate exchanges charge for a "seat" on the exchange, a percentage of the transaction, or both. However, they never just take your money. They may require that you put money in escrow to cover your position but this is set aside, usually drawing risk free interest (or as near as you can get to it) unless you specify otherwise.
No one should be able to prevent you from putting your money into unregulated vehicles/investments but if consider it any more than gambling and expect any protection then you're an idiot. In the US, gambling is actually more regulated than bitcoin transactions (at this time). If you hand off your "wealth" (of any kind) to any unregulated, un-vettted nob who managed to register a TLD then I would like to discuss a long-term, can't lose investment in the Brooklyn Bridge with you.

Let me repeat this. If you just hand over your wealth to someone with no legal safeguards in place, you're a dumba$$. Clear?

about 6 months ago
top

Intel Announced 8-Core CPUs And Iris Pro Graphics for Desktop Chips

thesandbender So much wrong in this thread... (173 comments)

AMD's Bulldozer cores have Clustered Integer Core which has two true ALU "cores" and one shared FPU. For integer instructions this is two true cores and not "hyper-threading". For FP instructions this is "hyper-threading" and why Intel has been regularly handing AMD it's arse in all benchmarks that aren't strictly ALU dependent (gaming, rendering, etc). AMD's FPU implementation, clock for clock, is a bit weaker on most instructions as well. And yes, the FPU _is_ shared on AMD processors.

EMT64 is not "32 bits on each 1/2 of the clock cycle". That doesn't even make any sense. EMT64 is true 64 bit. x86-64 does have 32 bit addressing modes when running on non-64bit operating systems. This is part of the x86-64 standard and hits AMD, Intel and VIA.

Hardware Queuing Support is part of the Heterogeneous System Architecture open standard and won't even be supported in hardware until the Carizzo APU in 2015. Since this is an open standard, Intel can chose to use it.

Both architectures have shared caches.

WTF does nVidia's IEE-754 compliance have to do with Intel vs AMD?

I'm not an Intel or AMD fanboy, I try to use the right one for the job. I prefer AMD for certain work loads like web servers, file servers, etc because they have the most integer-bang for the buck. If I'm doing anything that involves FP, I'm going to use an Intel Chip. Best graphics solution?... yeah, I'm not even going to go down that hole.

about 5 months ago
top

Java 8 Officially Released

thesandbender Re:Damnit (302 comments)

And don't forget about bugs with Java itself. We spent about half a day trying to figure out why an application that had been functioning until a Java upgrade stopped talking to the MS-SQL server it used, until we stumbled across JDK-7103725. We had to rollback until it was fixed (which actually took a few builds). There is a tiny bit of truth to the "Write once, break everywhere." troll.

about 6 months ago
top

Mt. Gox Knew It Was Selling Phantom Bitcoin 2 Weeks Before Collapse

thesandbender Re:Suspected =/= knew (263 comments)

It doesn't matter if he suspected or knew... in either case transactions should have been suspended. Let me demonstrate the issue for you:

"DaveV1.0 paid me to house sit while he was on vacation. I suspected that a friend had stolen the key, was taking his valuables and defiling his gerbil but I didn't bother to change the locks or even drive by the house to see if anything was amiss."

I suspect you wouldn't care if I suspected or knew at this point, you would still hold me responsible.

about 6 months ago
top

Physicist Proposes a New Type of Computing

thesandbender Re:New Type of "Computing" (60 comments)

You did mis-read the article. They're not proposing it as a quantum computing solution, nor are they proposing to improve RAM speeds by using electron spin. They're proposing to use the electron orbital state to store information. Currently a charge (multiple electrons) are used to store one bit. This solution would allow one single electron to store one or more bits. This could be used to produce faster storage but it has other applications as well, such as faster switching logic. The end result would be a substantially faster computer and improved information density but it will still be deterministic.
I'm not sure how you inferred any claims to quantum computing or NDTM's from that article.

about 6 months ago
top

Physicist Proposes a New Type of Computing

thesandbender Re:New Type of "Computing" (60 comments)

Actually, it could prove to be radically different than current computers/computing. Almost all current computers are based on binary logic, your bit is either on or off. Electrons can actually have several orbital states so it is possible that computing could be approached in a different manner. This assumes that logic could actually be performed with the orbital states and it's not just a bit store. All of this is quite a long way off though, per the article you currently need a two mile long accelerator to change the orbital state of an electron this accurately.

about 6 months ago
top

New Russian Fighter Not Up To Western Standards

thesandbender This is not limited to Russia (see F-35) (354 comments)

"Bloat" is a feature common to all engineering tasks, not just software. Anyone who follows the aviation industry can tell you that this happens over, and over and over again. Requirements are put out, designs are submitted and then the wonks start coming in and saying "well, we could also add this", "well we could also add that". Every time this is allowed to happen, it's a complete failure. The designs that succeed are the ones that stay true to the original requirements. e.g.
U-2: I fly high and far, nothing else.
SR-71: I fly fast, nothing else (attempts we're made to add intercept capability and rejected).
F-14: I intercept, nothing else (attempts we're made to add bombing capability and rejected).
F-15: I will own the skies and do nothing else (bombing has been added on but it has not strayed from it's mission).
AV-8B: I will provide forward air base support and nothing else.

about 8 months ago
top

Neiman Marcus and Other Retailers Breached, Credit Card Details Stolen

thesandbender Re:Time to overhaul the Credit Card system in the (151 comments)

While I'm not arguing that they should not be held accountable, what you're proposing is not a "fix". The system should be designed so that they can't be negligent in the first place.

about 8 months ago
top

Neiman Marcus and Other Retailers Breached, Credit Card Details Stolen

thesandbender Time to overhaul the Credit Card system in the US. (151 comments)

The primary justification for not overhauling the inherently weak credit card system in the US has been the cost to the retailers, banks and credit card processors. And there's some validity to this, upgrading the system would have a major impact everyone from the banks and large retailers on down the the mom and pops and the card holders themselves. However, the cost of continually cleaning up these messes is going to start adding up. It's time to accept the fact that the current system is horribly outdated and fix it (most retailers in Europe won't even accept chip-less us cards anymore).

about 8 months ago
top

100-Year-Old Photo Negatives Discovered In Antarctica

thesandbender In other news... 100 year old story posted to .\ (114 comments)

This story is pushing a month old and has already made the rounds on the DrudgeReport, Digg and other aggregators and is dead and buried. Note to /. editors... you can actually find and post new content ... your job isn't limited to filtering out dupes.

about 9 months ago
top

Website Checkout Glitches: Two Very Different Corporate Responses

thesandbender Delta had no choice (303 comments)

Carriage laws in the US prevent a ticket price from being changed after it is purchased. This includes canceling the ticket because of the price it was issued at (because this is effectively the same as changing the price of the ticket since the consumer would have to repurchase it). You'll notice that Delta's carriage policy specifically outlines that they will never sell a ticket for $0 so they can excluded it. Since they can't state this for any other fare price, they can't exclude it and it falls under the general carriage policy. http://www.delta.com/content/dam/delta-www/pdfs/legal/contract_of_carriage_dom.pdf It would be different if, say, Kayak or Expedia screwed up and gave the wrong ticket price... but since this was on the carriers website and they are dealing directly with the customer, they are SoL.

about 9 months ago
top

Ford Rolls the Dice With Breakthrough F-150 Aluminum Pickup Truck

thesandbender Re:And I Will Stop Buying... (521 comments)

Aluminum is a perfectly sound material as long as it's used correctly. It's been used in aircraft, rockets and other vehicles that take stresses far beyond what you will ever do to your truck. Flying may seem like it doesn't generate much stress but the loads on a 747 or A380 when they are landing are tremendous. The regular compression/decompression cycles that a plane goes through when going from ground level to altitude are also impressive when you look at the numbers. The fact that we consider it so commonplace is a testimony to how durable aluminum is. The average person is shocked when they see the thickness of the tubing used in bicycles, including downhill mountain bikes which take one hell of a beating.

But this is all contingent on how the aluminum is employed. If they have good, experienced engineers then this can only end well (I'd love to have a truck that didn't rust).

about 9 months ago
top

Ask Slashdot: How Do I Convince Management To Hire More IT Staff?

thesandbender One Word: Spreadsheet (383 comments)

The simplest, and most effective way to get what you want is to prove that your staffing approach will save man hours/time/money. That is your only effective recourse. If you can't do this you are SOL.

about 9 months ago
top

The Dismantling of POTS: Bold Move Or Grave Error?

thesandbender Re:Cell phones are better in a disaster (582 comments)

I'm actually speaking from experience. I live in NYC and last year during Sandy we ran into many of the problems you describe. Business and Individuals in areas that still had power were setting out extension cords and power strips for people to recharge their phones. Mobile generators can be used for the same purpose (and growing up in Texas it was my experience that most people in isolated rural areas either already have a portable generator or know someone close by that does).

The situation you described in Rio and Sao Paulo is not unique to cell phones. POTs systems have a limit on how many calls they can support as well, the dreaded "all circuits are busy message" here in the states. The reason POTs lines are less susceptible to that now is that fewer people are using them so it doesn't happen as often. A common solution to this is to tell people just to text instead of making calls, that helps reduce the load on the cellular infrastructure.

about 10 months ago
top

The Dismantling of POTS: Bold Move Or Grave Error?

thesandbender Cell phones are better in a disaster (582 comments)

1. If a hurricane/tornado/earthquake/what-have-you destroys your POTS infrastructure, it can take weeks or months to rebuild it. You can restore cell service in matter of hours with a mobile cell site.
2. The same applies to your house. What good is a fixed, "simple" phone if your house isn't there any more?
3. One of the biggest issues when a disaster strikes is locating people. POTS doesn't do anything to help with this.

POTS was great but it's had it's time and we need to stop supporting it and move on newer technologies.

about 10 months ago

Submissions

top

MtGox finds 200,000 BTC in old wallet.

thesandbender thesandbender writes  |  about 6 months ago

thesandbender (911391) writes "Today has news that BTC "found" 200,000 BTC coin a "forgotten" wallet that they thought they was empty. The value of the coins is estimated to be $116 million USD, which happens to cover their $64 million USD in outstanding debts nicely and might offer them the chance to emerge from bankruptcy. There is no explanation, yet, of why the sneaky thieves that "stole" the bit coins used a MtGox wallet to hide them."
top

Best resources for job searching internationally?

thesandbender thesandbender writes  |  about 10 months ago

thesandbender (911391) writes "I'm a U.S. Citizen and my spouse is Japanese (with a U.S. green card) . Recently we've had serious discussions about relocating to Japan for various personal reasons. What sites and resources does the /. community recommend for finding employment overseas? Also, are there any issues I should watch out for (e.g. companies using H1-B sponsorship for near extortion here in the U.S.)? I'm specifically interested in Japan (obviously) but I'm sure a lot of people have the same question for other countries."
top

Best resources for ARM and small form factor computing?

thesandbender thesandbender writes  |  1 year,10 days

thesandbender (911391) writes "I'd like to get into development with small form factor computing as a hobby but it seems every week there's new announcements for commercial and crowd-sourced projects and it's difficult to get a good handle on all the offerings out there and how they stack up against each other. What are the recommendations for blogs or aggregators that track this sort of thing?"
top

Near-record Number of Astronaut Applicants

thesandbender thesandbender writes  |  more than 2 years ago

thesandbender (911391) writes "FTFA — "More than 6,300 individuals applied to become part of NASA's next generation of astronauts. It was the highest number of applications ever received by the agency since 1978, and the call garnered more than 8,000 submissions. Typically, the agency receives between 2,500 and 3,500 applicants for astronaut vacancy announcements."

What's cool about this is that even though the U.S. space program is in a bit of stasis, there are still thousands of people eager to drive it forward."

Link to Original Source
top

Testing Geiger Counters

thesandbender thesandbender writes  |  more than 3 years ago

thesandbender (911391) writes "My girlfriend's family lives in Japan and is very interested in obtaining geiger counters for testing food and other materials. Geiger counters are now impossible to get in Japan and are on long back order from most providers in the U.S. which makes me suspicious of anything we can get our hands on. My question is, what's the best way to test/verify a geiger counter. I know I can point it at a smoke detector and it should go off but I'm not sure what I should see on the gauge. We'd even take it to any reasonable local facilities for testing (NYC area). Any input would be greatly appreciated!"
top

Why isn't the US government funding research?

thesandbender thesandbender writes  |  more than 5 years ago

thesandbender (911391) writes "The recent post about GM opening it's own battery research facility led me to wonder why the US government is pouring billions into buying companies instead of heavily funding useful research. You can give $10 billion to a company to squander or you can invest $10 billion into a battery research and just give the findings to the whole of the US industry for free. From a historical standpoint, the US government has little experience with commercial enterprise... but has an amazing record for driving innovation. The Manhattan Project and the Apollo Moon missions are two of the pinnacles of the 20th century scientific achievement, yet it seems to me that this drive died in the 70's and that's when the US started it's slow decline.

To be true to the "Ask Slashdot" theme... what practical research do you think the US government embark upon to get the most return for it's citizens and the world?"
top

What are the *real* beliefs of Islam?

thesandbender thesandbender writes  |  more than 5 years ago

thesandbender (911391) writes "I know this is not the usual forum for this and I realize Enlightenment is actually a window manager (just seemed appropriate). I was reading Digg this morning and there was a prominent post about a Saudi Arabian author instructing men on how to beat their wives. This was followed by several comments quoting the Qur'an. As a Christian... I can point out at least a few dozen passages from the bible that are regularly taken out of context or have been superseded. For example the Old Testament is generally "an eye for an eye", while the New Testament is about forgiveness and scorns this approach. I've never read the Qur'an and ... frankly... I'm ignorant in that regard. However, I'm really interested in hearing from the Muslim/Islamic readers what are the most common misinterpretations, misrepresentations, etc that they encounter."
top

Ford to introduce restrictive keys for parents

thesandbender thesandbender writes  |  more than 5 years ago

thesandbender (911391) writes "Ford is set to release a management system which will restrict certain aspects of the cars performance based on which key is in in the ignition. The speed is limited to 80, you can not turn off traction control and you can't turn the stereo up to eleven. It's targeted at parents of teenagers and seems like a generally good idea, especially if you get a break on your insurance."
Link to Original Source
top

Best Terrestrial/OTA HDTV setup for an apartment

thesandbender thesandbender writes  |  more than 6 years ago

thesandbender (911391) writes "I don't watch TV but keep an HTPC for watching movies. One of my relatives is very ill and I'll have a lot of family rotating through my apartment and I'd like to have a little more entertainment. I'm running Vista MCE and bought a Hauppauge HVR-1800 with a DB8 HDTV antenna and I've used AntennaWeb to point the DB8 in the best direction. The results have been terrible and I'm looking for recommendations/suggestions for hardware and setup. I am on the first floor of a three story apartment building and I can't mount any external antennas (I know this is a major issue). Thankfully almost all the transmitters are located in the same place so a good, compact directional antenna might be effective. And please ... no platform bashing ... they all have their issues (I have a lot of h.264 encoded files... hardware/GPU acceleration on Linux is very, very limited at the moment)."
top

How about a F1, Indy or NASCAR No-Emissions class?

thesandbender thesandbender writes  |  more than 6 years ago

thesandbender (911391) writes "I was at a Memorial Day party this weekend and sitting around with a very diverse group of people (age, education, background, etc.) and we all ended up talking about cars. A large majority of the population loves cars, not what they do the environment but what they represent. For some it's a throaty American V-8, other's it the high pitched whine of a Ferrari or the freedom of a Jeep but most all of us have a car we secretly lust after. And this is true all across the world.

This got me thinking, It's no secret that cars are safer, faster and more efficient because of racing. Why can't this be extended to new power trains? How much interest would there be in a fledgling no-emissions league? Imagine if an established league created the class and had them run the night before a few of their major races and charged $5-10 to watch the race. You'd generate some interest and give Honda, GM, Toyota, Ford, BMW, etc. a place to really show off what they've been doing. Most people hear hydrogen, electric or fuel-cell and shrug... you get one to blow by them at 150mph+ and they'll have a different opinion. It would make sense for established teams to create a no-emission car and race it b/c they're there for the primary race anyway and would probably receive a lot of support from their backing manufacturer who would want the publicity and the data.

Just curious... how many Slashdotters would support this type of thing by buying tickets?"
top

Should popular aggregators "prime" open ca

thesandbender thesandbender writes  |  more than 7 years ago

thesandbender (911391) writes "There was a rather ironic/humorous link on Digg this afternoon. An article about how the Digg architecture was setup to handle it's average load was dugg/slashdoted/farked by the time it made the main page.

Why don't the aggregators prime caches like Coral Cache before they activate the post? For instance, before Digg actually displayed the article it would hit the linked url(s) through Coral. The posted article would still reference the original URL's but at least there would be some chance of Coral being able to access the content and cache it before the hoard arrived on the victims doorstep. I understand there are issues here like hits, impressions, etc... which is why I wouldn't recommend posting "Coral-ized" links. But I would argue that it would be better for people to be able to see at least the first page of your content rather than nothing at all. If the backend primed the cache there there is some hope of it."
top

thesandbender thesandbender writes  |  more than 7 years ago

thesandbender writes "Google Street View is sure to upset a number of law enforcement agencies. Because of the "Terrorist Threat" photographing most tunnels and several bridges in and around New York City is strictly forbidden. Apparently Google didn't see the signs or forget to turn off their cameras. The site has entire photographs of all the major tunnels and bridges around New York. What other "sensitive" information does Google Street View reveal?"
Link to Original Source
top

thesandbender thesandbender writes  |  more than 7 years ago

thesandbender (911391) writes "I've inherited my companies DST patching project and I have to schedule upgrades for 7000+ servers over the course of the next few weeks. Of course each group inside the company has different SLA's and outage windows. I need to somehow turn the pile of spreadsheets I have into a database and create a schedule that spreads the load over our pool of system administrators. There is no way I can reasonably accomplish this by hand and there will be updates every day I'm sure. Does anyone know of a rule based scheduling system where I provide the available outage windows and a priority ranking for each system and the scheduler will recommend the order in which they should be upgraded? Even software for other industries/applications that could take a few steps out of the process would be appreciated."

Journals

thesandbender has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>