Please create an account to participate in the Slashdot moderation system


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×

Comment Re:ELI5, please help me understand (Score 1) 152

I can't explain it like you're five, because you're not five and you have been indoctrinated into the classical world. But this video is pretty good.
"Quantum Entanglement & Spooky Action at a Distance "

If you haven't grasped the quantum way of thinking, this next one is a great video. It doesn't get all technical and assumes some basic information, but the pictures should start you in the quantum direction.
"Delayed Choice Quantum Eraser Experiment Explained"

I have what appears to be an apple, and you have what appears to be an identical apple. When I slice mine in half, half of my apple disappears, and half of your apple disappears. But not just any half - the way I cut my apple determines which half you get. If there is a bruise, it will be either on my half or on your half. Putting the halves together gives us exactly the apple that we appeared to have before it was sliced.

In quantum terms, it is much as the video above describes the double slit experiment - the photon or electron goes through both slits, so it is in 2 places at once. That is how we both appear to have the same apple in the beginning. Slice the apple, same as measuring the photon, and it collapses into the two halves.

We can create photons that are not entangled, and they do not behave the same way. What happens at detector 0 in the second video is inexplicable, currently, but that's entanglement.

Comment Re:Premise is not necessarily correct. (Score 1) 242

You were clear. We are all looking forward to your implementation.

I'm taking issue with the idea that hashing a fingerprint is impossible in principle, I'm not saying it would practically work right now in realistic scenarios.

How about in unrealistic scenarios? Because half of the new and cool stuff mentioned on this website is rubbished because it's not practical in reality. And then someone refines it, so then it is realistic.

Are you talking about having an indicator for ridge A, with a radius relative to the whole finger of X percent? And a vector for the direction of whorl Y?

If so, you're going to have to establish one classification system to start with, and there are several. They can be exclusive systems, or inclusive. Just from Wikipedia, which I assume you read before posting your assertion:

The Henry Classification System is a method to classify fingerprints and exclude potential candidates. This system should NEVER be used for individualization.

So there is at least one classification system that you can't use to identify someone, but you can tell if someone is NOT a match.

So we get to feature extraction. Can you define a system of features where all existing and once-existing fingerprints can be uniquely identified? Because systems like AFIS have been trying to solve this problem for a while, and your contribution would reduce the search time greatly.

Some of the experts in the area are trying to invent the next generation fingerprinting system. I assume you are one of them? If not, either apply or shut the fuck up about things that "make sense to you". Because the world is not a thing that armchair philosophers can contribute to by simply asserting a truth.

Comment Re:But every US senator does (Score 1) 370

"Hang out with" is really not even remotely the same as what I responded to. Try reading, for context.

Zero state and local reps hang out with my dad, my teacher, and my pastor (or religious equivalent).

Someone might have "talked to" my state rep, but they did not in any way pass on my sentiments. The people most likely to have "talked to" my state rep do not agree with my religious affiliation, political affiliation, or stances on at least 40% of everything. And I have a pretty narrow stance, for the record.

I have spoken with a number of local charity heads, and they have shaken hands with, but not had any way to actually speak with, representatives. Likewise everyone else.

Are you a rich, entitled, blinder-wearing asshole like the original asshole I replied to? Because yes, you are. Or maybe you don't live where I live, and therefore it would be impossible for you to understand that THAT'S NOT TRUE. Which, it isn't. Anything you and grandassholeparent seem to think, not true.

Comment Re:Thanks, Microsoft (Score 0) 374

There is only one thing keeping me from upgrading. A checkbox that configures the keyboard mappings so that the Windows key works and does what I expect. "Are you upgrading from Windows? Do you want your Windows key to work like it used to?"

I want to be able to hit the Windows key along with familiar combinations. It's a very common keyboard layout, and lots of Windows users have this muscle memory.

Sure, I could edit a bunch of settings for every distro I try, but I'm tired of it. I'm done, and I'm not trying another one. They're great, rock solid, and they just don't work the way I, as a Windows user, want them to.

Having said that, Mint is the place to start.

iOS users love their pointing and clicking, apparently. I spend time on the keyboard, and without a reason I don't want to touch the mouse. Is there a distro that does that well? Sure, if you're a Linux user, but I'm not.

Comment Re:Coalescing gas clouds? (Score 1) 339

But that would be an extraordinary coincidence, if that happened so recently, only a few millennia before humans developed the tech to loft a telescope into space. Thatâ(TM)s a narrow band of time, cosmically speaking.

And yet, the explanation has to be rare or coincidental. After all, this light pattern doesnâ(TM)t show up anywhere else, across 150,000 stars. We know that something strange is going on out there.

How many stars are in the galaxy? And we are comparing 150k out of that number? I would call that a non-representative sample.

Comment Re:It's called "pops"... and was (Score 2) 111

At one time, pop music *was* what the symphonic orchestras were playing.

Live music was either what you heard live, or played yourself. And what you played yourself was either traditional (folk) music, or something you heard. And most of what you heard was folk music, or a professional musician, or a knockoff of a pro.

When attendance declines, symphonies, theatre groups and other live performers retrench around their origins.

Comment Re:Your device is p0wned (Score 1) 373

More likely, a contact's device is pwned. And their contact list is compromised. All of the e-mail or text data was probably consumed.

Statistically speaking, the likelihood of someone being compromised is small compared to a recipient being compromised.

Start sending purely nonsense, unrelated e-mails to made up addresses, and see if anything changes. If you like guns and motorcycles, ask about buying a Barbie doll collection, or vintage 8mm porn. If nothing changes, it's a contact.

Comment Re:Billionaire Donors... So what?! (Score 1) 370

Have you met anyone ever at all? Sure, you're a smart cookie, but do you feel that you are average?

I don't care what your answer is, and here's why. If you don't feel average, then you are not representative of the majority of voters. If you do feel average, then you are not, by definition, smart. You are average.

Money means paying people to research every video, every quote, every statement by your opponent, and make a montage of them being dishonest, or contradictory, or in some fashion the opposite of what voters seem to want. Oh, and being able to afford to show that montage when opponents bid up the advertising rate.

It's about controlling the message, to react quickly, to have ad slots bought that you can swap out for the latest narrative. It's about having the money to compete with the other people who also have the money.

You can call it blame passing if you don't understand anything about people, or politics, or marketing, or economics, or everything that is in play.

Comment Re:I know my state rep, city council member. Wall (Score 0) 370

I get the point that you're making, but how many representatives can live near enough to their representative to be their neighbor? All 167,000 of them?

More likely is the city councilman being a relative of sorts. All 8,000 people being somehow related, somewhat less likely.

It sounds like you live in a very exclusive area, where most people don't have a chance to hob-nob. You had some sort of point, but I guess it was about how awesome it is to be connected politically, or about how much money you make to be able to afford a house where you live.

Lots of people have never met a Wall St banker. A state representative in New York maybe, but otherwise, what's your point? City councilman anywhere other than the 5 largest cities? Not likely.

I can't even start to explain how stupid your comment is, how unrelatable to anyone else completely at all.

Comment Re:You're making it more complex than it is (Score 2) 84

Also, the correlating behind the scenes that happens when you access multiple websites that use either a CDN or something like

Everyone hosting their JQuery on Google's servers basically allow Google to correlate visits, and build up a picture of which websites you visit. Combine that with direct access to GMail, Youtube, or Google searches, and they pretty much know what you do at least half the time on the internet.

You're going to have to wipe everything, including your IP address, in order to avoid the kind of correlation that Google does, or Verizon and AOL, or any number of big data providers.

Visit one website, no multitasking, torch everything, and start over. Best done via proxy. One that allocates IP addresses randomly. And switch proxies every time you visit another website.

Or, block everything and only visit bookmarks and don't allow JavaScript and never give any information and... yeah, there's a whole lot more behind the scenes that does not involve delivering information to your browser as the delivery mechanism.

Comment Re:These ARE the Auth Cookies you are looking for (Score 2) 41

That page does not list these two cookies:


It's clearly ASP.NET, and WebForms. The dump is the Request.ServerVariables collection, and if you need to debug issues it's fairly standard. If you need to put it in production code, though, you always put it on a server that your load balancer will skip, because that should not be seen, at all, by anyone.

But how would you get someone else's session? It's impossible.

Scott Hanselman has one suggestion as to how it might happen, and it's 100% code errors.

There's a comment there "You just found the famous TLS bug :)" So maybe not impossible. Windows uses Thread Local Storage to store things like static variables. The thread handling the request might change, and ASP.NET properly sets the .NET Thread data (and HttpContext data for MVC applications) every time it processes an event so it should all line up. But, static variables are thread-locked, so they can transfer between request handlers. That's the TLS Bug referenced there. It is possible to access someone else's session data if it is stored in TLS (static variable is one possibility).

So, this is not "a lot of crying over nothing" - it could be very serious. Having said all of that, it is very unlikely that you would see someone else's information consistently with that bug - it might show up once and go away.

Two weeks after I initially found this critical vulnerability, I took the time to find a way to report it to them (on August 26).

HTTP_SOPSESMTTS = 2015-08-26-
HTTP_SOPTID = 2015-08-26-

If this were replay data for load tests or unit tests, it's unlikely that the dates would be the same as when it was reported. The user admits altering some of the data, so we can't draw concrete conclusions there.

A security professional wouldn't draw attention to *possible* leakage of Basic Auth, because that's really unlikely at the SSL interface behind a username/password login. At least a knowledgeable one, I think.

If the IP address were a load balancer, the User agent should have matched what the user expected. Dynamic content hosted by a CDN/edge provider? If the data changed, it's probably dynamic. So, what is the conclusion?

I don't know, but it doesn't sound like something that can be dismissed so nonchalantly. If users were getting each others' sessions, we would likely have heard about it, since it happened for two weeks. That's the only thing I can conclude, but that supposes that the news would have made it to international press.

Comment Re:Big Whoop (Score 1) 328

Is Apple a competitor? Just barely. Omit Sun because they are stupid. And IBM sold to Lenovo in 2005.

Apple sells hardware? Sure. HP, Dell, and IBM sold consumer hardware featuring Microsoft operating systems to consumers, and Apple didn't.

HP, Dell, and IBM sold commodity computers with little margin. Apple sold premium software on commodity hardware, with better margins and limited variability in hardware, limiting the cost of development and testing.

Apple is not something you want to include in a comparison unless you are an ignorant fool. Not just ignorant, and not just a fool.

Leveraging always beats prototyping.