Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment Third time? Or more.... (Score 2) 405

This is at least the third variation of this I've heard of - there's the Kickstarted solar roadways thing mentioned here, there's this one, and there was an earlier one that proposed larger drop-in units that were basically pre-fabricated road surface blocks with a clear (enough) top, internal electronics (including lighting) and connections out either off the road or possibly through adjacent units for power delivery.

The various arguments when those were initially proposed included that road surfaces and significant chunks of parking lots (the aisles, not the parking spaces themselves) are empty 90+% of the time (true), it's surfaces that are already not natural so there are no objections of "you're covering that beautiful field with solar panels," and by using pre-fabricated units you might be able to actually put in road surface at a comparable cost in labor.

I know my initial reaction at that time was that the concept wasn't terrible - it addressed real problems. The technology might not have been there, and still might not be there, but for some carefully chosen situations they might be a viable option. The biggest obstacle that I could see is that something like that would likely need some pretty tight tolerances in the installed environment, and "road bed" and tight tolerances don't always go together so well (see "alligator cracking").

Also, regarding the criticisms that it would cost far too much to cover all the roads in the USA, just how much electricity are you expecting to consume? I feel sure that on average houses with solar have less solar panel surface area than they have driveway area and a lot of them are (hoping to) produce more power than they need for their house. Covering all roads wouldn't be necessary, most likely even covering all suitable roads wouldn't be necessary.

And regarding France doing a large experiment with this, is it a 1000km stretch or is it multiple locations in differing road conditions, up to a total of 1000km of test plots?

Comment It's the fees, not just the rates (Score 2) 298

The two sets of changes are a gradual drop in per-KwH from 11 cents to 2.6 cents along with an increase in the charge for connecting to the grid, going from $12.75/month to $38.51/month.

If either one of those wasn't changing or was changing less then it might be feasible to at least break even; I suspect that the combination is actually designed to ensure that it costs more to feed power to the grid than you can possibly get back financially unless you have a huge (and thus expensive) solar array.

The biggest question now for me would be whether that $38.51/month charge applies even if you're set up to never feed energy back to the grid - if so, then this was absolutely set up to screw anyone with solar. If you can have solar for your own use (e.g. to cover your own AC/heating during the day) and just use the grid as backup, then it may still be feasible - particularly if cost-effective energy storage options become available. Depending on how things were set up, those options might not even need to be very efficient - heating or cooling of thermal masses for overnight temperature control for example.

Or, if you have electricity that you'll have to pay to send to the grid then it's effectively free to use it on other things. How much do Bitcoin mining rigs cost? Or incandescent-lit signs that say "F*ck The PUC"?

Comment Re:Well, let's see how Google fixes this (Score 1) 85

From the article:

"The vulnerability affects any Linux Kernel version 3.8 and higher. SMEP & SMAP will make it difficult to exploit as well as SELinux on android devices. Maybe we’ll talk about tricks to bypass those mitigation in upcoming blogs, anyway the most important thing for now is to patch it as soon as you can."

SELinux makes it difficult, but they're going to tell you how to get around it once it's fixed.

SELinux doesn't block access to this vulnerability, it merely makes exploitation more complex.

Comment Re:Bad title. (Score 1) 74

Many (most?) antivirus packages check for program updates along with definition updates and will warn if there's an update available. Hardware driver updates on the other hand are the kind of thing that almost never get installed unless you know you have a problem and go looking for a solution.

And as far as going without antivirus, it's a question of which is more of a concern - the things that may target the antivirus, or the things that may target the other parts of the system (browsers, maybe Flash still, maybe old Java, maybe Office vulnerabilities, etc.).

Comment Re:So basically.. (Score 5, Insightful) 179

What I'm taking away from this is that anything David ever has made or will make in the future should not be trusted.

While I'll grant that the you're partially justified by the ridiculously bad summary, your takeaway is dead wrong.

First, having just skimmed through the article and the (very interesting!) paper, let me point out why the summary is ridiculously bad. Chaum's protocol does not include a backdoor, and certainly not "just to please governments".

What Chaum did was to describe a really cool anonymous routing and communications protocol, with a number of highly desirable properties. The biggest one is that his protocol is designed to be secure against nation state access, unlike Tor. It should also be quite a bit faster than Tor because communications require no public key cryptographic operations; everything is done with very-fast symmetric crypto, building on top of a precomputed homomorphic encryption. Making this scheme work, though, depends on the existence of a trusted third party (TTP).

In general, relying on a TTP is problematic in contexts where there isn't any obvious person or organization who could be trusted. And for a global communications network that will be used by lots of people and which many governments might like to penetrate, and which in fact is specifically focused on trying to prevent penetration by nation states, there clearly exists NO such single party.

Chaum's solution to the problem of how to trust when no one is trustworthy (a common problem in security design, actually) is to distribute the trust (a common solution, though Chaum's implementation is particularly clever). By arranging things so that the TTP role is spread across many different nations, each of which is fairly trustworthy except in particular areas, and selecting those nations so the areas in which they're untrustworthy are different, and designing the cryptography so that any abuse of the TTP role requires willing participation of 100% of said nations, it may be possible to construct a TTP which is trustworthy in the aggregate, even though no individual member is fully trustworthy.

This is a very clever solution to what I would have said is a completely intractable problem.

Comment Re:we all get what most of us deserve (Score 1) 406

You present it as though there were a choice. As internet access spread beyond a small number of geeks (and people started to buy stuff via the internet) then adverts began to appear in earnest and what you describe is more less inevitable.

This is true, it was inevitable, but you give the wrong reason.

Telling people (at least the non-tech "general public") not to use sites that have advertising is akin to telling them not use the web at all. When a platform becomes as widely used and powerful as the web then it inevitably becomes of interest to the rich and powerful who wish to control it.

No, the reason advertising was inevitable on the web has nothing to do with class warfare.

The real reason is that while it's practical to self-fund a small server in your basement, dorm room or university computer room that can serve static or semi-static content to a small population of users, it's an entirely different proposition to build and operate infrastructure capable of serving dynamic information to a billion users. Doing the latter requires tens of billions of dollars of infrastructure and billions of dollars of annual operation expenses.

Scaling the web up to where it could serve the entire population of the developed world, as it does now, required lots and lots of money. Where was that money going to come from? It ultimately had to come from the users, and there were really only two obvious ways for that to work: subscriptions or advertising. A subscription-based approach would have either placed barriers all over the web that made its core feature -- hyperlinking -- nearly useless, or else required the establishment of some sort of enormous micropayments system. But micropayments suck in all sorts of ways. I won't go into why because that's another (lengthy) post.

Advertising, however, has long proven to be the ideal way to fund large-scale mass media infrastructure. It made inexpensive newspapers possible, and then paid for free radio and television broadcasts, paying for armies of reporters and tens of thousands of local radio and TV broadcast stations. It works even better in the case of the web. It scales beautifully with the size of the audience, adds no friction to cross-site links and enables the economic creation and distribution of all sorts of mass-market content and services. Further, on the web it's possible to do targeted advertising, which increases the revenue potential and therefore decreases the amount of advertising necessary to fund the web (if you think there's a lot of advertising on the web now, be glad you're not seeing what it would look like without targeting).

Advertising also sucks. It gets in the way of the content that users are actually seeking. Advertisers devise and implement various tricks to make their ads more prominent than others, and more prominent than the content it's bookending. On TV, for example, ads are louder than most programs. Users develop schemes to avoid having to see the unwanted advertising content, and advertisers find ways to thwart these schemes. On the web, it's potentially even worse because of the possibility of malware getting inserted into advertising channels. And targeted advertising creates privacy concerns.

BUT the servers have to be funded somehow, and the old web model of donated equipment and bandwidth simply can't serve the entire population. And while advertising sucks, it sucks much less than the other alternative funding mechanisms.

So, advertising is inevitable. And given that there's a big money hose, it's then inevitable that the rich and powerful will be looking to find ways to siphon some of that money off for themselves. But that's an effect, not the cause, of advertising on the web.

Comment Bad title. (Score 2) 74

Introducing any new software onto a system has the potential to add increased attack vectors. In the case of antivirus software exploits may be easier to get to the right place because the software by definition is looking at all the traffic coming in, but you could just as easily look for vulnerabilities in network card driver stacks for widely-used network and wireless cards.

At least with antivirus they're likely already getting updates regularly; the same can't be said for hardware drivers on a huge percentage of systems.

Comment Re:Bad research (Score 1) 274

That is a classic justification mechanism for crazy morons in denial. There are tons of studies on this subject, with contradictory results (as is usual for medical studies with a political component). Sure, you can pick just the few percentage of studies that you agree with, but that doesn't mean you aren't a biased moron.

So far, we're pretty confident of the following: 1) Alcohol consumption correlates with lower mortality 1a) But people in at-risk groups drink less, including poor, extremely unhealthy, and teetotalling ex-alcoholics. 2) Alcohol improves on some health markers 2b) But makes others worse. 2c) Which probably makes alcohol's cost/benefits dependent on other things, such as whether you have heart disease.

I think the clearest conclusion we can make is that the effect of light to moderate alcohol consumption on health is very small. It may be positive, negative or neither, and perhaps we could identify specific populations in which it has larger effects, overall it's is negligible. However, this only applies to light to moderate consumption; heavy consumption is clearly very bad for you.

(And before the AC calls me out for being an alcoholic in denial, I'll mention that I'm a non-drinker. I've never consumed an alcoholic beverage in my life.)

Comment Golang, golang, golang! (Score 1) 358

For me last year (and one or two before that) it's been Go (golang) that's taken over my programming life. I've taken it from a "spare time" thing to getting many services into production using Go last year, as well as getting 3 dev teams at work using it and it's already proving more productive than java, which we've all used until now, in some cases for decades.

Look here and you will see that golang features highly now, pretty much every day. When I list the most exciting projects I've started using in the last few years, about 70% of them are in Go. When I look around me at software startups, they mostly use Go. I was also told that about 80% of startups working with Adrian Cockcroft are using Go (and he spends a lot of his time with startups in his current work)

Also, it's really fun. Seriously. Learn Go and use it.

Comment Re:Sweet (Score 1) 126

Unlocking the bootloader and flashing a ROM requires a backup, wipe, and restore. What's the easiest way for a user to be sure that a backup tool downloaded from Google Play Store actually saved everything in a way that it can restore?

What apps do you use that need to be backed up? Games, I suppose... if you care about having your progress saved.

Personally, I don't worry about backup/restore. When I reflash, or get a new device, I just start clean. Pretty much everything I'd care to back up and restore is synced to the cloud anyway, so it just shows up. Android Marshmallow made it particularly slick the most recent time. It asked if I wanted to restore all my apps and stuff from my old phone and it did an outstanding job. Nearly everything was automatically installed and it even laid out my home screen and set my background. It still took a few minutes to set up a few things, and then for a while I was having to log into various apps the first time I used them, but all in all it was quite painless.

I suppose if you turn off all of the cloud backup options then it would be a different story.

Comment Re:Android security? lol! (Score 1) 126

You mean your 4 year old phone that you bought while Google had a published 2 year (from first sale) major update, 3 year (again, from first sale; or 18mo from last sale in the Google store) security update policy? If you're claiming you didn't know what you were buying, that's on you.

To be fair, Google didn't have an official support policy for Nexus devices when the Galaxy Nexus was released. In fact, Google didn't have such a policy until August 2015. It was understood previously that devices would get updates for a couple of years, but there was no specific commitment.

Actually, it seems that official update policies for mobile devices are a new idea. AFAICT Google's was the first, and I don't know that any other company has yet matched it. That includes Apple -- though in practice Apple usually supports devices for longer than 2-3 years.

(Disclaimer: I'm a Google Android engineer, working on the Android security team. I'm speaking for myself, though, not for Google.)

Slashdot Top Deals

"It takes all sorts of in & out-door schooling to get adapted to my kind of fooling" - R. Frost