Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Space

12-Billion-Solar-Mass Black Hole Discovered 139

Posted by Soulskill from the go-big-or-go-home dept.
sciencehabit writes: A team of astronomers has discovered what is, in galactic terms, a monstrous baby: a gigantic black hole of 12 billion solar masses in a barely newborn galaxy, just 875 million years after the big bang. It's roughly 3000 times the size of our Milky Way's central black hole. To have grown to such a size in so short a time, it must have been munching matter at close to the maximum physically possible rate for most of its existence. Its large size and rate of consumption also makes it the brightest object in that distant era, and astronomers can use its bright light to study the composition of the early universe: how much of the original hydrogen and helium from the big bang had been forged into heavier elements in the furnaces of stars.

Comment Yes and no (Score 1) 309

by jd (#49129871) Attached to: Moxie Marlinspike: GPG Has Run Its Course

First, the complexity of the engine shouldn't matter. You will never get the bulk of users out there to use, or care about, the real power of the engine. They don't want to mess with the engine. The engine should be under the hood, in a black box, whatever engineering metaphor you want. Users just want things that work.

I remember way back when I was at university. There were various absolute rules for good software engineering. The first was that the user should be presented with a must-read manual no longer than one paragraph. Tips and tricks could be more extensive, but that one paragraph was all you needed.

The second was that the user absolutely must not care about how something was implemented. In the case of encryption, I take that to mean, in the case of e-mail, that the engine should not be visible outside of configuration. A supplied key should trigger any behind-the-scenes compatibility mode or necessary configuration to talk to that user. If the keys the user has aren't suitable to correspond with that person, the system should ask if one is needed and tie it to that protocol.

There should be no extra controls in e-mail, except at an advanced user level. If a key exists to correspond with a user, it should be used. If a key exists for inbound e-mail, the key should be applied. The process should be transparent, beyond getting passwords.

Any indexes (particularly if full indexes) should be as secure as the message, good security practices on both will take care of any issues.

Ideally, you want to have the same grades of authentication as for the early certification system, adapted to embed the idea that different people in the web of trust will have done different levels of validation and will be trusted to different degrees. The user should see, but not have to deal with, the level of trust.

Last, GnuPG is probably not the system I'd use. Compatibility cruft needs to be as an optional layer and I'm not confident in implementation.

There should be eight main libraries - public key methods, secret key methods, encryption modes, hashes (which encryption modes will obviously pull from), high level protocols, key store, index store and lacing store. (Lacing is how these are threaded together.) The APIs and ABIs to those libraries should be standardized, so that patching is minimally intrusive and you can exploit the Bazaar approach to get the best mix-n-match.

There should also be a trusted source in the community who can evaluate the code against the various secure and robust programming standards, any utilized theorum provers and the accepted best practices in cryptography. Essentially replicate the sort of work NIST does, but keeping it open and keeping it free of conflict of NSA interest.
Space

What Happens When Betelgeuse Explodes? 203

Posted by Soulskill from the anticipating-giant-space-booms dept.
StartsWithABang writes: One of the great, catastrophic truths of the Universe is that everything has an expiration date. And this includes every single point of light in the entire sky. The most massive stars will die in a spectacular supernova explosion when their final stage of core fuel runs out. At only an estimated 600 light years distant, Betelgeuse is one (along with Antares) of the closest red supergiants to us, and it's estimated to have only perhaps 100,000 years until it reaches the end of its life. Here's the story on what we can expect to see (and feel) on Earth when Betelgeuse explodes.

Comment Re:They don't want workers, they want robots (Score 1) 87

by Hognoxious (#49122545) Attached to: Can Tracking Employees Improve Business?

Your way of thinking is completely skipping the quality of the item produced.

Well of course it does. If you want managers to judge the quality of the product they'd have to know something about it and how it's produced. People who know those kinds of thing are far too rare to waste in management positions.

And as any fule kno, management is a skill all of its own. If you can manage a company that mixes sugar with water you can manage one that makes computers (to pull an utterly stupid, far-fetched, and ridiculous example out of the air).

Comment Re: why? (Score 1) 677

by Hognoxious (#49120631) Attached to: Empirical Study On How C Devs Use Goto In Practice Says "Not Harmful"

break can't break out of two loops in many popular languages.

You just have each loop be conditional on a breakout flag. Of course you'd either have to have separate flags for each nesting level and set them appropriately before pulling the handle, or make the while (or is it until?) clause check all higher (or is it lower?) level flags.

In any case those are trivial implementation details and I'm sure it would be exponentially better and cause ShanghaiBill to literally shit his pants, retire on the spot and hire you as his replacement.
Encryption

NSA, GHCQ Implicated In SIM Encryption Hack 155

Posted by samzenpus from the protect-ya-neck dept.
First time accepted submitter BlacKSacrificE writes Australian carriers are bracing for a mass recall after it was revealed that a Dutch SIM card manufacturer Gemalto was penetrated by the GCHQ and the NSA in an alleged theft of encryption keys, allowing unfettered access to voice and text communications. The incident is suspected to have happened in 2010 and 2011 and seems to be a result of social engineering against employees, and was revealed by yet another Snowden document. Telstra, Vodafone and Optus have all stated they are waiting for further information from Gemalto before deciding a course of action. Gemalto said in a press release that they "cannot at this early stage verify the findings of the publication" and are continuing internal investigations, but considering Gemalto provides around 2 billion SIM cards to some 450 carriers across the globe (all of which use the same GSM encryption standard) the impact and fallout for Gemalto, and the affected carriers, could be huge.
Open Source

Linux Kernel Switching To Linux v4.0, Coming With Many New Addons 264

Posted by timothy from the year-of-the-hurr-durr dept.
An anonymous reader writes Following polling on Linus Torvald's Google+ page, he's decided to make the next kernel version Linux 4.0 rather than Linux 3.20. Linux 4.0 is going to bring many big improvements besides the version bump with there being live kernel patching, pNFS block server support, VirtIO 1.0, IBM z13 mainframe support, new ARM SoC support, and many new hardware drivers and general improvements. Linux 4.0 is codenamed "Hurr durr I'ma sheep."

Comment Re:griping about historical accuracy in this case (Score 1) 194

by Hognoxious (#49110141) Attached to: The Imitation Game Fails Test of Inspiring the Next Turings

No one says, "hey, let's make a movie about 9/11 with only one tower, and maybe a missile hits the tower, and maybe we'll have terrorists inside the tower as well, because only one tower is cheaper, and the broad strokes of the story are still there

Careful. I heard Michael Bay reads slashdot.

Slashdot Top Deals

The only possible interpretation of any research whatever in the `social sciences' is: some do, some don't. -- Ernest Rutherford

Close