Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment Re:Meh (Score 5, Informative) 276

You could already get a good used one for $15,000-$30,000... http://www.hemmings.com/classi...

You don't have to worry about mileage because as soon as you drive one you'll understand why DMC went out of business. Also the added derp from all the people saying "OMG BACK TO THE FUTURE CAR" will wear off and you'll want to keep it locked away in your garage.

Trust me as someone who drove the the "Urkel Mobile" (BMW Isetta) for a few weeks.

Except that for a DeLorean, "good" is incredibly relative. The car's engine was an engineering disaster, and if one still runs it's on *very* borrowed time. There are a million kluges in the way they're built...for example, there was a problem where the throttle would stick in cold weather. It turned out that there was an issue with condensation forming, which would then run down into the throttle cable assembly...and freeze. Their solution? Put an l-shaped bracket above the assembly to make the water miss and land somewhere else.

In another example of how at-risk the engines are, an episode of "Comedians Getting Coffee" with Jerry Seinfeld and Patton Oswalt began...began...in a DeLorean. I say "began" because they didn't make it half a mile before the engine suffered a catastrophic failure, resulting in all kinds of fluids running freely and horrible sounds coming from inside. Chest-burster kind of engine failure.

And when you consider that a Mazda Miata genuinely has more horsepower than these cars ever had, the concept of having the look of a DeLorean, the body of a DeLorean, but NOT the original engine they came with...well, that sounds like a pretty good idea to me. I can see why they're giving it a shot, and it doesn't surprise me that the demand has been pretty high so far.

Comment Re:Pipe Dream (Score 2) 293

The idea that "self driving cars" will

A. occur anytime soon or
B. drive down car ownership,

is a pipe dream.

Billions have been poured into flight control systems and they all still require someone to sit behind the yoke and monitor them. While they do have an extra dimension, they also don't have to deal with as many variables, crappy roads, detours, crappy drivers to avoid, nonsensical roads, etc.

Before driverless cars are ubiquitous, nothing less than a complete overhaul of the roads to simplify routes, clearly mark boundaries, simplify interchanges, and reduce to a minimum possible conflicts, will be necessary. Billions and billions of infrastructure overhaul.

Comparing commercial passenger airline operations to driving cars is ridiculous. Airplanes are treated very, very differently from cars in a great number of ways..let's look at a few.

Okay, so let's start off with the regulations on maintenance of airliners. Logbooks are kept, specific forms of maintenance are required, people working on the planes MUST have specific training and credentials...and those are just the basics. Any material change to the aircraft, including updates to software or even flight mapping data, require re-testing. And failing to comply with any of these standards is actually considered a violation of law. Imagine if you'd get fined for being late for an oil change in your car, or for not getting the car re-certified when you got new tires?

Now, on for the more relevant point...training of the pilots. These are people who work their way up to being able to fly large jets, including a substantial amount of time in simulators...very expensive, elaborate simulators...before they even get to put their hands on the yoke of a real passenger jet. Compare and contrast this to student drivers with less than 30 hours of classroom time before they are driving regular cars on regular roads as the next step in their training, after which they are able to get a full-privilege license and drive just like anyone else.

Consider the accident rate of driving...32,675 deaths in 2015 in the United States (according to the Administrator of the NHTSA when he spoke last week at the Vehicle Cybersecurity Roundtable), of which "94%" (his number as well) were the result of "human error or human choice." Even if a car held as many passengers as a 737, that number of accidents (which actually represents fantastic progress, given that it's the lowest number of car-related deaths per 100,000 people since 1920) would cause people to go batshit insane if it happened in our airline industry. But in cars, it's just considered normal.

People...both the public and those in government...are WAY more tolerant of risk in cars than with regard to airlines. The head of the National Highway Transportation Safety Administration himself stood up last week in front of an audience of hundreds and espoused the expected life-saving benefits of self-driving technology. It won't be perfect, it'll need to improve, it will evolve over time...but those who would be in charge of promoting or limiting the technology have spoken and stated clearly that they are fully on the "promoting" side.

Comment Re:Not too shocking (Score 1) 76

Define "properly". Having domain users in the local administrators group can save a small fortune in IT related support costs in many scenarios. It just needs to be weighed against the potential risks.

I would imagine that the potential risks for randsomware hitting an organisation with proper IT support should be minimal... unless someone isn't doing their backups properly.

When everyone goes home at night, re-image all PCs, and restore backups. That shouldn't cost $1m.

So...you're a fan of building a whole new PC image every time there's a patch? Not to mention the bandwidth needed to push images to all PCs at the same time, every single night, and be sure that there have been no issues? Let's also keep in mind the fact that desktop configurations in nearly all organizations differ, so you'll have driver concerns for some devices, and one-off applications (especially for the most critical users) on others.

At first blush, your "re-image all PCs" idea sounds great...but I've seen it tried and it never works. I'm guessing you've never even tried it.

Comment Not too shocking (Score 5, Informative) 76

Most of these ransomware packages can traverse laterally within an org; they run in the rights context of the user on the first infected computer and use that to infect other systems, spreading within the local network. So if you don't have your permissions properly set up (having "Domain Users" in the local Administrators group on your desktops as a matter of standard, for example), it's a cakewalk for the malware to hit everyone.

Comment Re:What's wong with a rake (Score 1) 228

I already have an environmentally friendly, much much quieter leaf mover called a rake. And best of all it is cheap to own and maintain.

Exactly.

And if you have a lot of leaves, buy a cheap heavy tarp. Rake leaves onto tarp. Drag tarp to desired location to deposit leaves. Done.

Not only that, but it's exercise. I'm always amazed at the people who show up at the gym or go running around the neighborhood, but they don't take advantage of natural opportunities for exercise. Instead of buying the leaf blower, buy the rake. Instead of the riding mower or the "self-propelled" push mower, buy a decent reel mower (they are a lot better than they used to be) and run around the yard with it. Instead of buying the power edger, get the manual one and dig. Rather than the rototiller for your garden, dig it up and turn the soil with a shovel. A lot of times you get a decent workout while actually accomplishing something, and you frequently end up using different sets of muscles for different yard tasks, rather than having to come up with an artificial "routine" to try to keep your whole body fit.

And if you say, "But, but... my yard is too big for this sort of thing -- it would take me way too long to maintain it manually." Well, then have a smaller yard. Even if you have a large piece of property, install perennial flower beds, install ground covers that don't require cutting every week (and often excessive fertilizer and irrigation), plant some trees. If you're rich enough to own a large piece of property and pay people to keep it like a golf course, pay a landscape designer to make it lower maintenance and with greater variety than a giant lawn or whatever.

That's actually the real problem behind all the leaf blower noise -- Americans in the suburbs often have giant pieces of property with unnecessary huge lawns and unreasonable expectations that they be kept up continuously as if they were part of a golf course. Maybe we should attack the underlying problem -- like avoiding giant unneeded lawns or getting rid of this notion that any leaves on the ground are bad or "untidy" (they can actually be good fertilizer if they aren't excessive).

Okay, you had me with the first two paragraphs...absolutely, for the overwhelming majority of homes, the "rake and tarp" method is the way to go. One way to assess how much your possessions own you (as opposed to the opposite) is to "count the cylinders". Count how many internal combustion cylinders you have...the higher the number, the more likely it is that you are those cylinders' prison bitch. And, as you say in the second paragraph, it's exercise, which everyone needs...boy do we ever.

But when you say, "Well, then have a smaller yard," uh...yeah, no. It doesn't work like that. You are confusing leaves...which do not come from the ground...with a lawn. Leaves (which fall from trees...FYI on that one) still land on flower beds; the flowers do not have magical force fields to disintegrate the leaves. And you can't rake flowers...which leaves you with only one option. Using a leaf blower!

It sounds like maybe you should get out in the yard yourself and try some of this stuff out, so that you see how it actually works...or perhaps you live in a >1-floor home with no yard to care for, in which case you shouldn't be putting forth your uninformed opinion on these things in the first place?

Comment Re:Volkswagen`cf. Juniper/Fortinet (Score 1) 71

What CEO got fired for the VW emissions scandal. I though,t after a thorough investigation by VW, it turned out to be a couple of rogue programmers acting on their own.

Au contraire...it turned out that the actions went way up the management chain, and indeed CEO Martin Winterkorn stepped down in late September 2015. Google is your friend.

Comment ANALogy (Score 1) 71

A spokesperson for Fortinet told El Reg, "This was not a 'backdoor' vulnerability issue but rather a management authentication issue."

Hm. To me, that reads like this:

A spokesperson for the Zeta Beta Tau chapter told El Reg, "This was not a surprise unwanted group buttsex situation but rather a dating faux pas."

This kind of "management authentication issue" IS a backdoor...it's exactly what the term "backdoor" was created to refer to.

Comment Re:On the one hand ... (Score 1, Insightful) 132

On one hand, kudos for being ballsy and doing this.

On the other hand, if you go messing around with the Director of National Intelligence ... well, you should expect some pretty heavy consequences.

And I'm sure they'll find all sorts of trumped up charges to make your life miserable.

Yeah, no kidding...

"I R SO L33T! I GOT TEH CIA MAD AT ME!"

Yeah, he's a real fucking genius.

Comment Re:Not Zigbee's Fault, either (Score 1) 119

I have done some development (albeit limited) using a Zigbee stack, and this failure has nothing to do with the Zigbee protocol, per se. That "explanation" sounds like some of the project-engineers trying to pull the wool over the eyes of Comcast's management (and Customers).

It has a little to do with ZigBee, since ZigBee as a standard uses 2.4 GHz. Beyond the part of spectrum that ZigBee uses, there's nothing else about the protocol that is a problem here...but there's no such thing as a ZigBee implementation that exists outside the 2.4 GHz public spectrum band.

On the other hand, the issue here is an interesting one. ZigBee's actually a pretty secure protocol for communications, with regard to integrity and confidentiality. But for applications that depend upon availability, it's something that you could jam with a baby monitor, a wifi AP or a cordless phone. I wouldn't expect Comcast to come up with a home-grown solution that was nearly half as secure as ZigBee, and I also can't imagine that it could be worth it to license a piece of spectrum just for their solution; it would cost too damn much. So where does that leave all of us when it comes to this kind of use case?

Comment Bulletproof vest analogy (Score 1) 95

Both Whitehat and Greyhat find that a particular make of bulletproof vest degrades after a year and no longer offers protection. They both notify the manufacturer, who blows them off. Then the paths diverge:

Whitehat: contacts a member of the press and demonstrates the problem for them by putting one of the vests on a mannequin and shooting the mannequin through the vest. (Extra points if he puts a DVD copy of the movie, "Mannequin," inside the vest and shoots a hole in that too.)

Greyhat: contacts a member of the press and demonstrates the problem by shooting people who happen to be wearing the vest in public.

The latter may be a bit better at getting the attention of the press, the public, and the manufacturer, but it's not an acceptable way to accomplish that goal. The ends do not automatically justify the means.

Comment Re:Any bets how long before it's been worked aroun (Score 2) 48

Each windows has been a kind of sieve, it's been plenty of holes to plug, and before they get even close finishing they get new one to start with. And in case Windows 10 is actually last windows ever, they will certainly reinvent wheel within the platform again and again so much that merry go around will continue forever.

It doesn't matter. It helps, and that is an improvement.

In the beginning, there were firewalls. And they were good. But then other attacks came about which were in no way hindered by firewalls...in fact, we're talking about those kinds of attacks right now. So firewalls aren't a magic bullet...would you run a network that was wide open to the Internet and not have one in place?

Or, taking the alternative view, what would you use as a compensating approach to accomplish the same thing? And if you have one in mind, are you sure that there will never be a way to work around it?

Comment "Foreground" vs. "Background" (Score 2) 181

If you're watching Hulu or Netflix...YOU are WATCHING them. The amount of bandwidth you will actually consume will be governed and restricted by your free time to spend watching the content (or the amount of content that interests you, whichever is less).

In contrast, other uses...like downloading and sharing files (the nightmare scenario of all bandwidth-conscious service providers) can continue merrily along without you even being awake. You could keep that up 24/7, and end up consuming far more bandwidth even if all other things are equal.

Slashdot Top Deals

Do you suffer painful hallucination? -- Don Juan, cited by Carlos Casteneda

Working...