Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment: Re:How fast is just too fast? (Score 1) 92

by Kjella (#48670509) Attached to: US Internet Offers 10Gbps Fiber In Minneapolis

The question is if your diminishing return is less than their diminishing return. My impression is that with fiber connections you have a fairly high cost just because they need to maintain a fiber line, end point equipment, maintenance, service, support, billing and so on. From there they usually offer huge leaps in speed for relatively modest price gains, often like double the speed for 15-20% price gains and that shit multiplies. I could pay about 75% of my current rate to have 20 Mbit instead of 100 Mbit, even though I don't absolutely need 100 Mbit very often it's not worth it. That goes up to a point, then you need some kind of special equipment and the cost skyrockets when you pass out of the "normal" class of equipment and into special gear. Today gigabit isn't actually available to me and if it were it'd cost 200% extra, it's not worth it but if it was 50% I'd probably take it. And my motherboard wouldn't need upgrading.

I'd say 10G is a different story and only about bragging rights at this point, but who knows what the future will bring. If "everybody else" had symmetric gigabit lines, 10G might have a few uses. Sure it costs a bazillion now, but so would a 100 Mbit line not that long ago. It would be a lot more useful to get people on gigabit lines though, it's no good having a huge pipe if nobody can keep up. Already with my 100 Mbit symmetric my upstream is often faster than their downstream, having gigabit would not help at all but if they get upgraded it'd make more sense for me to upgrade. Like for example there's a rural roll-out that'll probably cover my cabin next year, if that's true I could do 100 Mbit offsite, online backup between machines I control. That would be rather neat.

Comment: Re:Second hand view from a teacher (Score 2, Insightful) 324

by Kjella (#48664213) Attached to: Ars: Final Hobbit Movie Is 'Soulless End' To 'Flawed' Trilogy

So from his point of view, the movies have been a bit of a disaster. He'd been hoping for something he could take classes along to. Instead, the movies, are dark, brooding, serious, dark and extremely violent in places. They're absolutely not suitable for the age range the book is pitched at and, in any case, they miss the fundamental quality of what makes the book so great. It's not a disaster for him - the book is still there and always will be there. But his view was that it was a missed opportunity to give the "best children's book ever written" a proper adaptation.

It wouldn't work. And I'm not saying that to be cruel, but a major part of the viewing audience would have seen LotR first and quite frankly hate the Hobbit done according to the book. And all that negativity would surely rub off on the movie, even if it was perfectly suited for boys age 12. Most people wanted LotR: The prequel and that's what they got. I'll go out on a limb here and say they actually made it a decent character drama with Thorin Oakenshield losing himself and finding himself again. Bilbo torn between loyalty to his party and doing what he thought was right. And it did a fair job to explain why everybody hates each other so much, dwarves and elvens and men.

I didn't care much for the romantic angle, but I guess it kept the girlfriend factor up. It was a bit long-winded, it was one movie stretched into three. The big action scenes are good, the small fight scenes about as painful as LotR. Remember Legolas' skateboarding and the counting contest with Gimli? Yeah, about the same. And don't forget the armies actually do clash in the book as well, Bilbo just isn't a big part of it. I guess they could have made it his story, but again that's not what most people wanted. They know how that story ends, with him returning to the Shire with the Ring so there's no excitement there they want the story of Middle Earth. Maybe it could have been done different if the Hobbit had been first, but not now.

Comment: Cartooney. (Score 3, Informative) 160

by bmo (#48659349) Attached to: 'Citizenfour' Producers Sued Over Edward Snowden Leaks

Yet another self-obsessed legal "expurt" suing over a ham sandwich"

Horace Edwards, who identifies himself as a retired naval officer and the former secretary of the Kansas Department of Transportation, has filed a lawsuit in Kansas federal court that seeks a constructive trust over monies derived from the distribution of Citizenfour. .

Court: Does he have standing
Court looks
He hasn't been damaged, You must have some sort of injury, financial or physical, or whatever, to have any standing in a tort.
Court: Come back when you have standing, now go away and stop wasting our time.

The only "person" who can bring an action that has any weight behind it is the US Government, or some other person who has been directly harmed. That would be under the purview of the Justice Department or one of the armed services or someone who has suffered some loss that must be made whole.

Granted that I have a "GED in Law," but that's my best bet as to what's going to happen.


Comment: Re:Never heard of it (Score 1) 155

by Kjella (#48658949) Attached to: NetworkManager 1.0 Released After Ten Years Development

The best software does its job quietly and doesn't need a bunch of attention from the user, allowing you to do your actual work. Something that seems to be lost on the makers of many other software projects, OSS and commercial.

Really? Seems to me Microsoft does a wonderful job, considering how many of their users don't know a thing about their computer.

Comment: Re:the rules changed, that's why the manual contro (Score 1) 89

by Kjella (#48658873) Attached to: Google Unveils New Self-Driving Car Prototype

The situation they require manual controls for is when you drive into a blizzard/flood, and the car drives until it's unsafe to stop and unsafe to continue.

I can imagine that going over so well with consumers "Hi! It's me, your autonomous car here. You know how I drove you up in the mountains and to this mountain pass? Well now there's a blizzard coming so I quit. Now I know you haven't touched the wheel in a month because I've been doing your commute and I wouldn't drive under these conditions, but you'll probably freeze to death if you don't get down so... best of luck? Toodeloo."

Comment: Hahahahahahahahaha LOL (Score 2) 429

by Kjella (#48654217) Attached to: How Venture Capitalist Peter Thiel Plans To Live 120 Years

Seriously, he's going to die like the rest of us. I've seen how far we've come in medicine and I see how far we haven't gotten yet. The body starts failing one way then another way and it just keeps piling up as you get 70-90 years old. Cancer is just one of many, many things that are likely to kill you before you're 120.

Comment: Re:Security at FRA (Score 2) 91

by Kjella (#48651241) Attached to: Major Security Vulnerabilities Uncovered At Frankfurt Airport

It's actually very common here in Europe, it's a public service but the government issues some form of tender to buy it from the private sector. And yes, they do often suck at writing the contract and following up that what's been ordered is delivered in correct quality and quantity. If you ask for "a security guard" you get a body with a pulse, if you ask them to have mandatory training, pass certifications and exams you'll get that, but if you don't ask you don't get it even if they're totally unfit for the job. The ones you're buying from is in the business of making money, they'll cut corners if the contract permits them to. And you got issues with continuity and such, but people complain about public departments full of public employees that have a more or less permanent monopoly on what they're doing too. It's easy to get complacent at all levels when you can just say "it takes what it takes" and get funded next year too.

Comment: Re:In other news: (Score 4, Insightful) 91

by Kjella (#48651187) Attached to: Major Security Vulnerabilities Uncovered At Frankfurt Airport

There are ~30 million commercial flights and around 2 hijackings per year, so that nobody's tried at Frankfurt might be just statistics. None of the confirmed hijackings since 2001 has casualties, though I suppose there's mysteries like MH370. Even if you assume the worst though, statistically you're far more likely to die from technical malfunction or pilot error. Or external causes like being shot down by a missile like MH17, but I guess that's location dependent. Unless you can bring a bomb on board to take down the plane yourself there's no way people will let you cease control of the craft anymore, so hijacking as we knew it is a past era. Most of it is just preventing a stabbing that could just as well have happened on the bus or tram or subway, it just happens to be up on a plane.

Comment: Re: I don't care about NASA (Score 2) 155

by Kjella (#48649251) Attached to: Can Rep. John Culberson Save NASA's Space Exploration Program?

At this point they are the best way to send cargo to the ISS and in a few year will be the best way to send astronauts in LEO, but if they want to go any further they're going to need a new rocket (stronger than the Falcon 9 heavy).

Uh, you do realize the Falcon Heavy has a payload of 13200 kg to Mars and will be more powerful than any current operational rocket?

NASA as the actual plan for their SLS while SpaceX only has ideas for now.

They have a great plan, but they don't have the money. The Falcon Heavy is funded and should be operational in the first half of next year while NASA is years away from a date that's probably slipping. And I'm not sure why you're saying SpaceX is the one on the drawing board, the boosters are essentially "headless" Falcon 9s while the SLS is a new design. Sure, when or if the SLS flies it'll be in a class of its own we haven't seen since the Saturn V. I wouldn't hold my breath though, while the Falcon Heavy seems very likely that will happen.

Comment: Assumptions (Score 1) 417

by bmo (#48648547) Attached to: Ask Slashdot: Is an Open Source<nobr> <wbr></nobr>.NET Up To the Job?

So, assuming Microsoft is sincere

That's a pretty fuckin' big assumption there, guy.

>BMO goes back to read the Halloween documents

The Easter Bunny, Santa Claus, A Sincere Microsoft Board Member, and a Rabbi (a Rabbi is required in every joke) come to a 4-way stop/intersection at the same time.

Who goes first?

The Rabbi, because the others don't fuckin' exist.


Comment: Re: What took them so long? (Score 1) 212

by Kjella (#48647723) Attached to: Cyberattack On German Steel Factory Causes 'Massive Damage'

For your simplified example, it is probably cheaper -- and just as secure -- to have an operator enter the dozen or so keystrokes to order "produce x amount of class y steel" than to design, build, install and support a more automated method. Human involvement has the added bonus of (nominally) intelligent oversight of the intended behavior for the day.

Do you have any idea what the error rate for manual data entry is? Typically about 0.5% of the entries will be wrong. Retyping information is a very error prone process.

Comment: Re:Network Level (Score 1) 97

by bmo (#48642979) Attached to: Staples: Breach May Have Affected 1.16 Million Customers' Cards

Otherwise it's potentially just a matter of inserting a tiny reprogramable USB stick when there are few cashiers on and the cashier who is on isn't looking for a few seconds (ie two people walking into a Staples store can pull this off really easily).

Indeed, so much this.

I've seen open USB ports on all sorts of POS terminals and it just boggles my mind, especially because I've been in industrial environments in small companies where hot-gluing USB ports shut is a matter of course.

You can buy a USB flash drive that sits almost flush and if you take a little bit of elbow-grease and sandpaper, you can get it to sit flush easily.

So I don't see how big companies like Staples, who have the actual budget to look at security this way, don't even bother to do the basics like this. It's time we start fining/class action lawsuit-ing firms that don't even do the least bit of security, with amounts of money that actually hurt and not take "5 minutes of profits" to pay.


Comment: Re:TOR is a fucking honey pot ! (Score 4, Insightful) 86

by Kjella (#48641095) Attached to: Tor Network May Be Attacked, Says Project Leader

You do realize that most "darknets" are built on a "bust one, bust all" model? Pretty much the only security is that the bad guys aren't in your darknet, they've never reached a popularity where there's any plausible deniability. The only other people likely to be in your darknet are the other members of your terrorist cell or whatever you're part of, it has never offered anything for "normal people" for you to hide in. And darknets have actually been used as honeypots, to make clueless people give away their IP to join a private group which turns out to be a sting. It is pretty much the exact opposite of anonymity, it's joining a conspiracy and you're at the mercy of the stupidity of everyone in it.

TOR is trying for something entirely different, which is to keep everyone at arm's length from each other. I talk to you over TOR, you get busted well tough shit they still can't find me. The users don't know the server, the server doesn't know the users. Of course by adding that glue in between you run the risk of the man in the middle working out who both ends of the connection are, but that's the trade-off. TOR is trying to do something extremely hard, it tries to offer low latency - easy to make timing attacks, arbitrary data sizes - easy to make traffic correlation attacks and interactive access - easy to manipulate services into giving responses, accessible to everyone and presumably with poison nodes in the mix. It's trying to do something so hard that you should probably assume it's not possible, not because they have any special inside access.

I actually did look at trying to do better, it was not entirely unlike Freenet done smarter only with onion routing instead of relying on statistical noise. It wouldn't try to be interactive so you could use mixmaster-style systems to avoid timing attacks and (semi-)fixed data block sizes to avoid many correlation attempts but I never felt I got the bad node issue solved well. TOR picks guard nodes, but it only makes you bet on a few horses instead of many. It was still too easy to isolate one node from the rest of the network and have it only talk to bad nodes, at which point any tricks you can play is moot because they see all your traffic. Even a small fraction of the nodes could do that on a catch-and-release basis and I never found any good countermeasures.

"It's my cookie file and if I come up with something that's lame and I like it, it goes in." -- karl (Karl Lehenbauer)