Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Re:Many DDR3 modules? (Score 1) 112

by Archtech (#48667233) Attached to: Many DDR3 Modules Vulnerable To Bit Rot By a Simple Program

Reminds me of the first time I ever heard this particular discussion: at DEC in about 1983. A colleague who had gone to do quality engineering on VAX/VMS systems asked for statistics on crashes caused by memory errors. All VAX computers had built-in ECC (of course), but the advanced thinkers in engineering were wondering if it would be more cost-effective to do without. Money would be saved, both by the manufacturer and the customer, and systems would run significantly faster (maybe). Surely that would be worth the fairly infrequent crash, which could be recovered from with the help of backups, logs, etc.?

We all thought the idea was daft - purely on general principle. The reduction in speed due to ECC could be exactly specified, as could the extra cost. But random crashes couldn't - and what if human error caused the backups, logs, etc. to be missing or corrupt? Worse still, what if errors were introduced that didn't cause a crash or any noticeable problem? All sorts of critical systems could go on stacking up subtly wrong data more or less indefinitely.

To this day I always ask for ECC whenever I buy a new PC - but the only machines I have ever found that had it were Dell workstations.

Comment: Re:Someone just failed Physics 101... (Score 1) 54

I don't understand your comment about a dictionary. I referred to the standard definition of power - see (e.g.) http://science.howstuffworks.c... if your recollection is rusty.

As I was posting on Slashdot, I didn't think it was necessary to explain why the extract I quoted is confusing (and confused).

"...can boost 300 to 400 millivolts power to 3 to 5 volts".

Calling millivolts "power" is sloppy at best, but the real strangeness is the idea of boosting "300 to 400 millivolts power to 3 to 5 volts". Given that you can increase the voltage by a factor of 10 or so, one would normally expect that to be accompanied by a corresponding drop in current to keep the power constant. After all, you can't just pluck increased power out of nowhere by changing voltage.

And, of course, you can have a potential difference of millions of volts with no power flowing at all.

Comment: Re: Why wouldn't it be? (Score 2) 204

by Archtech (#48648011) Attached to: Judge: It's OK For Cops To Create Fake Instagram Accounts

"I doubt the cops care anything about civil law".

There is a mountain of evidence to show that the entire US federal government doesn't care about any law at all - international law, treaties, federal law, state law, or even the Constitution.

The key don't-get-into-jail card is always the same: the decision to prosecute is entrusted to the executive branch. If someone in the right position decides something won't be taken to court, it isn't. From a cop shooting an apparently defenceless and innocent civilian to a president launching unprovoked aggressive wars, authorizing torture, and refusing to prosecute the last president for the same things.

"A nation of laws, not men" - nice idea, but not any more.

Comment: Re:Not seeing the issue here (Score 5, Insightful) 204

by Archtech (#48647945) Attached to: Judge: It's OK For Cops To Create Fake Instagram Accounts

That doesn't seem to be quite in the spirit of the Declaration of Independence, the Constitution, or the Bill of Rights. "Land of the smart enough to avoid being framed by the justice system" - doesn't have the same ring, does it? Especially since (ironically enough) simply being smart doesn't cut it - you need street smarts, expert knowledge, and best of all contacts.

That's it" "Land of the well-connected".

Comment: Re: No big red button? (Score 4, Insightful) 212

by Archtech (#48646143) Attached to: Cyberattack On German Steel Factory Causes 'Massive Damage'

"Are you paying for them?"

Aha! And there we have the central issue, in the simplest possible terms.

It's a matter of foreseeing and predicting risk, and then defending against it in a cost-effective way. Trouble is, there are very few other domains of expertise (if that is the right word) that so glaringly expose our human weakness at estimating risk. (See Nassim Nicholas Taleb's books, passim). Typically, a token effort at assessing risk is made, and then when some entirely unforeseen disaster strikes out of left field, we mutter about "black swans". The fact is that we are not nearly as clever as we think we are, which often leads us to bite off far more than we can chew.

Another relevant saying is "the left hand knoweth not what the right hand doeth". One person or team does the risk analysis, while other - completely unknown - people pile up unseen risks, which thus cannot be defended against. Presumably the people who designed those systems had no inkling that they would be attacked by technically expert enemies who deliberately set out to do as much damage as possible. I imagine that a resolute inquiry would eventually discover who upset whom, leading to this outcome.

Comment: Re:What took them so long? (Score 2) 212

by Archtech (#48646127) Attached to: Cyberattack On German Steel Factory Causes 'Massive Damage'

"This thought is so utterly flat as it is true, but it does not offer any train thought which steps to undertake to at least increase the security".

Precisely! The purpose of such statements is to focus the listener's mind on the highly unwelcome (and perhaps unfamiliar) idea that security is utterly antithetical to everything else we seek in a computer system.

Good security usually means lower performance, slower response time, greater cost, far less user-friendliness, and very noticeably less convenience in general. But if you want security, that's part of the price.

Since most people - including senior decision-makers - have little or no understanding of the issues and tradeoffs, this means that security will normally be severely neglected. So attackers have a fairly easy task and a target-rich environment. Until something really bad happens, when there is suddenly an outcry and a witch-hunt.

Comment: What took them so long? (Score 5, Insightful) 212

by Archtech (#48645767) Attached to: Cyberattack On German Steel Factory Causes 'Massive Damage'

About 20 years ago I used to lecture on the topic of computer security. Taking my cue from UK government experts whom I had met back in the 1980s, I used to point out that the only secure computer system is one that cannot be accessed by any human being. Indeed, I recall one expert who used to start his talks by picking up a brick and handing it round, before commenting, "That is our idea of a truly secure IT system. Admittedly it doesn't do very much, but no one is going to sabotage it or get secret information out of it".

I still have my slides from the 1990s, and one of the points I always stressed while summing up was, "Black hats could do a LOT more harm than they have so far". To my mind, the question was why that hadn't happened. The obvious reason was motive: why would anyone make considerable efforts, and presumably put themselves at risk of justice or revenge, unless there was something important to gain?

Stuxnet was the first highly visible case of large-scale industrial sabotage, and I think everyone agrees it was politically motivated - an attack by one state on another, and as such an act of war (or very close to one). This looks similar, and apparently used somewhat similar methods.

The article tells us that "...hackers managed to access production networks..." The question is, why was this allowed? If "production networks" cannot be rendered totally secure, they should not exist. Moreover, if they do exist they should be wholly insulated from the Internet and the baleful influence of "social networks" and the people who use them.

Comment: Odd individuals they must have been (Score 5, Funny) 388

by Archtech (#48618169) Attached to: Sony Leaks Reveal Hollywood Is Trying To Break DNS

It seems that the bipeds who once inhabited this planet had, at one time, developed a comprehensive worldwide networking system. They accomplished much through it, from exchange of all kinds of information to commercial transactions, education, and even personal communications.

But suddenly, one day, this useful system was destroyed. Apparently a small group of bipeds, which had enriched themselves by creating carefully distorted fictional representations of life and events, decided that the network might be slightly reducing the rate at which they amassed wealth. So they sabotaged it.

We really have no idea what kind of intelligence those bipeds had - if it was even intelligence as we know it.

Comment: Re:It may be Ok to shoot unarmed people (Score 1) 225

by Archtech (#48571253) Attached to: US Navy Authorizes Use of Laser In Combat

It never ceases to astonish me how some Slashdotters, who usually seem fairly intelligent and rational, say things like this whenever the discussion turns to politics.

I blame the influence of Hollywood and violent TV. Maybe the actual sight (and smell) of a few real dead and injured people would do you a world of good, and bring your strange thoughts closer to reality.

Comment: Re:This might alienate anti-ISI* Muslims. (Score 1) 225

by Archtech (#48571245) Attached to: US Navy Authorizes Use of Laser In Combat

"There's nothing moral or immoral about waging war".

As that is a value judgment, I shall not say that it is incorrect. It does differ sharply, however, from all international and national laws and norms. Wikipedia puts it simply:

'The International Military Tribunal at Nuremberg, which followed World War II, called the waging of aggressive war "essentially an evil thing...to initiate a war of aggression...is not only an international crime; it is the supreme international crime, differing only from other war crimes in that it contains within itself the accumulated evil of the whole."'

%DCL-MEM-BAD, bad memory VMS-F-PDGERS, pudding between the ears