Forgot your password?
typodupeerror

Comment: Re:The only solution I can think of (Score 3, Informative) 136

by Carnildo (#48389391) Attached to: 81% of Tor Users Can Be De-anonymized By Analysing Router Information

Not really. Random jitter can be dealt with statistically: collect more data, compute the mean, and use the mean where you would have used the exact timing.

In order to defeat timing analysis through noise injection, you need to introduce a large amount of variation compared to the number of packets being sent; for any realistically-sized data transfer, this requires jitter on the order of minutes to hours.

Comment: Re:Put the SMART stats to the test (Score 1) 142

by Carnildo (#48375315) Attached to: Data Center Study Reveals Top 5 SMART Stats That Correlate To Drive Failures

Google did this about seven years ago. Of the stats, a drive with a non-zero scan error count has a 70% chance of surviving eight months, one with a non-zero reallocated sector count has a 85% chance of survival, and one with a non-zero pending sector count has a 75% chance of survival. For comparison, a drive with no error indications has a better than 99% chance of surviving eight months.

Overall, 44% of failures can be predicted with a low false-positive rate, while 64% can be predicted with an unacceptably high false-positive rate. 36% of drive failures occur with no SMART failure indications at all.

Comment: Re:Top #1 Indicator That Correlates To Drive Failu (Score 1) 142

by Carnildo (#48375247) Attached to: Data Center Study Reveals Top 5 SMART Stats That Correlate To Drive Failures

If you go by Google's definition of failing (the raw value of any of Reallocated_Sector_Ct, Current_Pending_Sector, or Offline_Uncorrectable goes non-zero) rather than the SMART definition of failing (any scaled value goes below the "failure threshold" value defined in the drive's firmware), about 40% of drive failures can be predicted with an acceptably low false-positive rate. You're correct, though, that the "SMART health assessment" is useless as a predictor of failure.

They did a study on this a few years back. It comes to about the same conclusions that Backblaze's study does, but with more numbers (and a larger data set).

Comment: Re:OpenPGP (Score 2) 63

by Carnildo (#48323009) Attached to: The Fight Over the EFF's Secure Messaging Scoreboard

The scorecard gives negative marks for both PGP for Mac and PGP for Windows, for both "Are past comms secure if your keys are stolen?" and "Has the code been audited?" Both negative marks are quite wrong!!

I don't know about the auditing, but the negative mark for "Are past comms secure if your keys are stolen?" is quite right. They're talking about forward secrecy, and PGP doesn't implement it. The basic idea of forward secrecy is that even if all the long-term secrets (passwords, keys, etc.) involved in a conversation are stolen, the person who stole them cannot go back and decrypt the encrypted messages.

Comment: Re:In laymen's terms... (Score 1) 138

by Carnildo (#48321681) Attached to: Physicists Resurrect an Old, Strange Dark Matter Theory

called it dark matter, where 'dark' is a fancy word for 'nobody knows what it is'

Actually, "dark matter" was originally called "dark" because it wasn't hot enough to emit light (the Earth, for example, would be considered "dark matter" under this definition). Dark matter was originally thought to be things like stray planets, cold gas clouds, and the like. People only started looking for exotic dark matter once they realized there wasn't enough ordinary matter to do the job.

Comment: Re:I still don't see what's wrong with X (Score 1) 226

by Carnildo (#48173243) Attached to: Lead Mir Developer: 'Mir More Relevant Than Wayland In Two Years'

X is optimized for programs that use a small number of colors to draw an effectively vector-based user interface on a raster display. It is very, very good at that, and provides a powerful range of tools for the job.

Most programs use color-rich bitmap-based user interfaces. Doing this with core X functionality is painfully slow and difficult (think tens of seconds to draw a 800x600 JPEG), so everyone uses protocol extensions for this. Wayland is designed around bitmap-based drawing at the core.

Comment: Re:Not all user error is equal? (Score 1) 70

by Carnildo (#48059485) Attached to: User Error Is the Primary Weak Point In Tor

But can't we cheer a little that some bad guys went down?

How much collateral damage was there?

When Freedom Hosting was busted, they took down a bunch of child-porn sites and de-anonymized some of the users. But in the process, they also took down TorMail, a legal anonymous email provider, and de-anonymized some of its users.

Sure, punishing guilty people is fine, but not if you punish innocent people in the process.

Comment: Re:Survival (Score 1) 488

by Carnildo (#48042783) Attached to: Energy Utilities Trying To Stifle Growth of Solar Power

The problem is size. Pumped-storage hydropower can store about 2.5 watt-hours of electricity per metric ton of water per meter of drop. An average two-story house could store maybe 10 KWH if the entire attic and basement were devoted to water storage, and the building would need to be reinforced to handle the 400 metric tons of water involved.

Pumped storage really only makes sense on a large scale, when you've got a couple of valleys you can dam, and a fair-sized height difference between them.

Comment: Re:When I lived in Japan and rode trains every day (Score 1) 179

by Carnildo (#47979151) Attached to: Washington DC To Return To Automatic Metro Trains

Are you suggesting they can't detect when someone is preventing a door from closing completely by any means other than a person looking?

An obstruction interlock can certainly detect an arm or a leg, but if you set it sensitive enough to detect loose fabric (say, a scarf or a hanging sleeve), it'll be sensitive enough that thermal expansion will cause false positives and negatives.

Comment: Re:Of course we can (Score 1) 140

by Carnildo (#47913521) Attached to: If We Can't Kill Cancer, Can We Control It?

I've seen one analysis that estimates that if all medical causes of death were eliminated, we would enjoy an average lifespan of about 650 before some accident would kill us.

The interesting thing with this is not the average, but the change in the distribution. Currently, the population curve has a sharp drop-off around the age of 70; with the elimination of medical causes of death, the curve will assume the shape of a decaying exponential, making that 650-year life expectancy more akin to a "half life".

If such a change happened today, of the 6 billion or so individuals currently alive, at least one of them could be expected to reach an age of over 20,000 years.

Comment: Re:Here's a crazy idea (Score 1) 140

by Carnildo (#47913457) Attached to: If We Can't Kill Cancer, Can We Control It?

Why not try to get rid of the causes instead of finding out what other sort of drugs and chemicals we can add to reverse it?

We could try it, but I don't think you'd be very happy.

The #1 cause of cancer is old age. People are dying of cancer in droves because they aren't dying of tuberculosis, or pneumonia, or cholera, or epidemic smallpox, or infected cuts, or any of the other causes of death we've eliminated in the past century.

DNA copying isn't perfect. It takes, on average, 70 years for enough mutations to build up to bypass the body's anti-cancer defenses and become cancerous. Life expectancy at adulthood has gone up from 60 years to 75 years in the past century or so, and the resulting explosion in cancer cases is quite predictable.

Comment: Re:Bummer (Score 1) 215

by Carnildo (#47894125) Attached to: Kickstarter's Problem: You Have To Make the Game Before You Ask For Money

There is a very small proportion of ideas for which crowdfunding is a good thing. These are ideas that are really great but have not been able to attract funding because investors (mistakenly) didn't see their potential.

There's a second group where crowdfunding also works well: ideas that are too small for traditional funding to get involved in. If you're seeking $50 million to develop an A-list video game, you'll have no problem attracting attention. On the other hand, if you're seeking $1000 to get a musician to produce a soundtrack for your Flash game, they'll laugh at you.

Comment: Re:Example? (Score 1) 370

by Carnildo (#47885641) Attached to: The State of ZFS On Linux

Can you think of any feature that actually requires the volume manager to be stirred together with the filesystem?

Smart array (re)builds. In the typical layered approach, the redundancy layer doesn't know what parts of the filesystem are in use, so it spends a great deal of time synchronizing empty space.

Lo! Men have become the tool of their tools. -- Henry David Thoreau

Working...