Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Yes, but.... (Score 1) 263

by Frobnicator (#49350203) Attached to: Generate Memorizable Passphrases That Even the NSA Can't Guess

8 character limits were common up until a few years ago. Today I still see 16 (and 15 because of broken front ends) effective limits. 32 seems to be the most common.

I still see them far too often. My normal password patterns are different than the ones presented but still several words long. Many places requiring accounts still greet me with "Password must be between 6-8 characters, and must contain at least one uppercase letter, lowercase letter, number, and symbol."

I also too-frequently get "Passwords must not contain a space". It prevents me from entering my password of "correct horse battery staple", which is really annoying.

Comment: Re:We should lobby to break the cable companies (Score 2) 536

in Britain, our telecoms monopoly (BT) is obliged to provide service for a standard connection fee.

Yes, that's the UK, where even farmland has a dense population.

Consider locations in the US like Wyoming (253,348 square km) compared to the entire UK (243,610 square km) but with a population of 584,153 compared to the UK's 64.1 million. Or states like Alaska, North and South Dakota, and Montana.

Wyoming is such a good comparison because the land mass is similar to the UK. Remove EVERYONE from the entire UK except the people of Cornwall, allow those in Cornwall to spread far and wide, wherever they want anywhere on the isles, and then hook them up with new infrastructure regardless of location. That's about how sparse one of the least populated states is.

Most Europeans fail to understand just how sparse the US really is. While the US is nowhere near as sparse as Australia or parts of Africa, except for a few cities most of the US is quite sparse. I've talked with quite a few people traveling from Europe who flew into Las Vegas and traveled to the Grand Canyon. It is a four hour drive -- 120 miles -- of desert, cactus, and sagebrush that most European visitors were shocked could even exist. Where are the people? How could there be so much empty space? Who owns the land? Google finds some images for comparison: Here is Alaska (the largest state) overlaid over Europe. Another, the lower 48 states overlaid over Europe. The trip from Lisbon to Copenhagen is just a portion of historic Route 66, and is less than half the distance of the country.

In these US states hooking up a single remote dwelling might mean deploying many miles, thirty miles, fifty miles, or even more, to reach the single dwelling. Nobody, not even the federal government, is going to mandate that kind of deployment for £130.

Comment: True across the board. (Score 3, Insightful) 757

by Frobnicator (#49228377) Attached to: Was Linus Torvalds Right About C++ Being So Wrong?

Linus is doing systems level work. At systems level work, there are a lot of mediocre and bad programmers who use the common language of C++. Those who know c well are unlikely to be the mediocre and bad programmers.

That is really a truism across all fields and languages.

In the business world with business logic, there are a lot of mediocre and bad programmers who use the common language of Java. You can filter out many of them by adding a skill requirement of some other less-used languages inside that realm of business software development.

In a field where everyone is doing Ruby development and you don't want mediocre/bad Ruby programmers? Require them to also demonstrate proficiency in another language.

In a field where everyone is using C#? Require them to also demonstrate proficiency in C++ or some other language.

If you only require a single thing you can get unskilled individuals with only a single skill. If you require multiple skills you are more likely to get more talented individuals, since the talented, higher producers tend to pick up a wide range of skills.

Comment: Re:Oh in that case... (Score 2) 103

by Frobnicator (#49226787) Attached to: Wikimedia Foundation Files Suit Against NSA and DOJ

Not quite. That only applies if the government wrongfully acquired the documents, knew they were wrongfully obtained, and used them anyway. It is typically avoided by claiming they didn't realize they were wrongfully obtained and they were acting in good faith.

Wikimedia learned of the violations through legally available public documents.

The violations were more than just eavesdropping. The publicly available leaked documents claim the NSA falsified records and used the Wikipedia trademarks to help claim the validity of the pages. Even if part of the suit gets dropped, portions of it document clear civil violations.

While the government can do quite a lot to lie and convince others they are not the government, the Lanham Act is clear that the federal government is liable at the very least for their spying program disrupting the site and using their marks. Specifically in 15 USC 1114, it is against the law for "any person" to reproduce, counterfeit, copy, or imitate a registered mark when it is likely to cause confusion, or to cause mistake, or to deceive. Deception is exactly what the government did. The law continues: the term "any person" includes the United States, all agencies and instrumentalities thereof, and all individuals, firms, corporations, or other persons acting for the United States and with the authorization and consent of the United States, and any State, any instrumentality of a State, and any officer or employee of a State or instrumentality of a State acting in his or her official capacity. The United States, all agencies and instrumentalities thereof, and all individuals, firms, corporations, other persons acting for the United States and with the authorization and consent of the United States, and any State, and any such instrumentality, officer, or employee, shall be subject to the provisions of this chapter in the same manner and to the same extent as any nongovernmental entity.

That is quite clear, law twice declares that nobody in government is immune from that law. They stated it twice, just to be clear that it applies to everyone in government. :-)

Comment: ECC Memory (Score 5, Interesting) 180

by Frobnicator (#49222287) Attached to: Exploiting the DRAM Rowhammer Bug To Gain Kernel Privileges

Yet another reason to push shared providers for ECC memory. The error correcting memory is so far not vulnerable to this attack, all the researchers that have tried it report that ECC memory identifies and corrects the corruptions. Of course some attackers may have found a way, but ECC minimizes the risk

Amazon says it uses ECC in their AWS machines, but other big hosts like Equinix say that ECC memory is "available". Be careful about your hosting, folks.

Comment: Re:Here's one (Score 2) 348

by Frobnicator (#49220309) Attached to: Obama Administration Claims There Are 545,000 IT Job Openings

6 months Contract to Hire ... Rate: 30/hr on W2

That is what I see all the time as well, and I know they won't get filled.

Market rate is set by both the buyer and the seller. Or in this case, the employer and the employee.

How do I know they will struggle to get the good people?

Because of employers like mine!

We've got similar skill requirements and six month contracts that on the low end START at about $50/hr, with many going for $75/hr, $85/hr, or more. That's what we pay to get skilled people. Many apply, there are lots of people with documented successful histories, and we can choose among people with fantastic abilities.

While the employer may eventually find someone who will take the contract job for $30/hr, that is below market rate for talented people. Eventually someone will get desperate enough for it, or maybe they'll be gullible enough for it, and they'll take the job. It is not really a shortage of workers, just a market force at work.

Some workers will demand too much money for the skills they offer, some employers will offer too little money for the skills they demand. In both of those cases the market tends to work itself out, with either the workers eventually settling for lower paying jobs or the employer eventually settling for lower quality workers or higher rates.

Comment: Try and try again. (Score 5, Informative) 445

It is actually kind of sad if you know their history.

Back in the day they were competing with Palm, and had Windows CE and Pocket PC 2000. When PocketPC 2002 came out my employer switched over from Palm and I got to rewrite a bunch of tools. They did pretty good for a while with Mobile 2003, and Windows Mobile 5. It knocked Palm down several notches in the mobile market, with Palm losing value and getting bought out in 2005.

The fun thing about that era is that there were phones with PDAs in them, you can go back to "Pocket PC Phone Edition" for that. Each version of Windows Mobile supported running in phones, but they never took off.

The iPod was getting some power and some apps, but I loved that with a single CF card I could have my entire music library on my device; the Axim x51v used the same audio chipset as the iPod of the era coupled with better playback software where you could mix and such. It also offered all kinds of apps making the device useful for the other common tasks of the time like calendar, email, and web over both wifi and bluetooth.

Again you could get phones running WM5 and WM6 with all their apps, and in late 2006 they had 51% of the market. Blackberry had 37%, Palm was 9%, and Symbian at 9%.

Then came the iPhone. At the time I didn't really see the reason for the hype, when it came to processor power, memory, and even 3D graphics the iPhone was less powerful than my Windows 6 phone.

As the numbers came back, iOS rose and WM feel by the same percent; the other companies were flat in market share. By early 2007 Windows Mobile drooped to 42% and iOS was at 11%. By 2008, WM had 29% and iOS 19% and Android had entered at 2%. By 2010 Windows Mobile devices had dropped to 7% market share, Blackberry had dropped to 25%, Palm to 3%, and Symbian at 2%.

Phones running Windows Mobile continued to exist, but that's about it. Three more versions of Windows Mobile, the three editions as Windows Phone, they have never been able to get their market share back anywhere near 2006 levels.

Comment: Re:Going my own way (Score 2) 196

by Frobnicator (#49159159) Attached to: One Astronomer's Quest To Reinstate Pluto As a Planet

As far as I'm concerned, ... no one cares anyway. :) The important thing is *I* know what to think when I learn about something "out there." And Pluto? Pluto is definitely a planet. If someone convinces me that these ideas are inconsistent, I'll do my best to fix 'em so they aren't.

We see articles about how few people are scientifically literate, and so many on Slashdot decry "We are geeks, we understand science!"

Appearently, nope!

Scientists, the astronomers who spend their days and nights studying the stars and planets, people who are intimately familiar with the definitions, and people whose life work and career funding depend on them, came up with a set of definitions.

The definitions draw a line somewhere, and you can argue they are as arbitrary as a meter and a kilogram, or a foot and a pound. You can spend your days arguing that the measuring stick is the wrong size, or spend your days convincing the rest of the world that they need a different measuring stick, or otherwise be a nay-sayer and contradict the consensus of the scientists.

But to decry that because you learned something one way, therefore that convinces you forever, that's just plain stupid.

Comment: Re: Welcome to the U.S. of A. (Score 5, Insightful) 148

There is also the matter that, according to the plaintiffs, she was paid (indirectly through her husband's estate) and contractually bound to keep her mouth shut.

Contracts don't work indirectly like that. Either you agree to the terms directly or you don't. As all legal organizations including the SCOTUS recognized, a valid contract requires free consent.

Either she was a party to the contract with it's nondisparagement clause, and agreed to keep her mouth shut about all production details, or she was not part of the contract and the company is in the wrong. Her statement was that the show made during her husband's life and with her husband's contract was done "without my knowledge or cooperation," which is quite likely since her then-living husband likely took care of his own business deals.

Some portions of a contract may survive a death and transfer to estates. Others automatically dissolve completely (such as partnership agreements between two people) or require affirmation that the new parties accept the new terms of a new, successor agreement. Binding nondisparagement terms do not transfer to other people.

On its face it looks like the company made an agreement with a now deceased individual. The question is one of contract law. If she signed the contract then she was bound and shouldn't have said anything. But if she didn't sign the agreements, she should be adding a counter-claim.

Can they produce such a contract? Do they have a nondisparagement agreement that SHE signed? That's the key to the entire dispute.

Comment: Re:Weak (Score 3, Informative) 65

by Frobnicator (#49057705) Attached to: California Floats Conditional Approval For Comcast/TWC Merger

So let's allow the monopoly and reduction consumer options, but we'll delay it's full impact for 5 years. This doesn't make much sense, except to the Judge, who will be getting one hell of a kickback in 5 years.

Read the whole thing, there are some gems.

One particularly expensive gem the requirement that they must roll out to rural areas and low-density housing areas under their own funds. These areas would be expensive for the state and the companies don't want to pay the bill either.

They need to provide up to 45% coverage for a bunch of areas, and offer deep discounts to anyone earning less than 1.5x poverty level. They need to support the Lifeline program (communications equipment to elderly and disabled) through their entire coverage area. They must support Ethernet for the last mile for everywhere they cover. They must pay to hook up k-12 schools and libraries up to the same ratio as their subscribers in the area. They've got about 1.7M subscribers in the bay area, Google suggests there are about 2.3M homes in the area, so roughly 70% of the population. There's several hundred million dollars they'll need to pay for supporting schools and libraries. Running all that cable and fiber to the more sparse areas will also be expensive. Some quick back-of-the-envelope estimates show they're looking at around a $2B-$10B cost for that. Yes they could afford it, but it will certainly sting.

Then this line could also sting: "Comcast shall take action to improve customer service including respecting customer choice and competitive choices, and meet the Commission’s minimum service quality standards as set forth in GO 133-C". The standards include timeliness requirements that comcast currently does not meet, so they'll be hiring lots of service techs and buying lots of service trucks to get them out fast enough.

From their response "some of the penetration rates and time frames suggested by the conditions are simply unattainable under market conditions, especially with populations that have been slowest to adopt broadband." Which is true. "market conditions" means never installing fiber or high speed connections to those areas because it is expensive.

So on the one hand it does grant them permission to merge, on the other hand they're looking at quite a few billion dollars on government-mandated action.

No, this is just like Comcast's advertising: What the big print gives, the small print takes away.

Comment: Re:The land of the free and the home of the brave. (Score 5, Insightful) 645

Be careful about the whole "home of the brave" comments. ISIS is trolling, they are doing all they can to entice the US into sending ground troops. That is a trap. Please don't fall for it. Thankfully most leaders can see and are avoiding the trap.

If the US or other western nations send in ground troops the region considers that an ISIS victory.

The instant the US or other western nations commit to ground attacks ISIS can make stronger claims of legitimacy within the region. It is no longer "ISIS versus everybody", it becomes "Another US/Western war against Muslims".

Unlike the US, Jordan can do this. They are in the region, sharing borders with Syria, Iraq, and Saudi Arabia. When Jordan strikes out they are seen as "Muslims fighting with other Muslims", which does not polarize the issue. If Jordan attacks it is seen as an ISIS loss.

Comment: Re:Latest update (Score 2, Insightful) 222

by Frobnicator (#48995633) Attached to: GPG Programmer Werner Koch Is Running Out of Money

I don't contest that Zimmerman and Koch know how to communicate securely and what it takes, but maybe we are talking about a different threat model. One thing is identity assurance just for the sake of identity assurance, but in Debian we use it as a core infrastructural part: Get hold of my GPG key, and you have potential root access to thousands of computers.

Holy Hell, I hope you mistyped something!

It is 2015. If you've got a single password (your private key) with root access to that many machines, something is terribly wrong over at Debian.

For THOUSANDS OF MACHINES let me introduce you to the concept of a key vault. You start with your two-factor credentials to the vault, check out temporary credentials for the individual machine's keys or services you need, and use them for the day.

Do not allow your single private key -- no matter how many bits long it is -- to have root access to thousands of machines.

Comment: Re:The correct term is "Unschooling" (Score 1) 700

by Frobnicator (#48985941) Attached to: Ask Slashdot: Pros and Cons of Homeschooling?

So in other words, they turned out the same as most public school graduates...at worst no worse than public schools.

That is not what I wrote, I ask you to not throw in strawman arguments for your witty retorts.

At worst it is substantially worse than public schools, thank you very much.

Comment: Re:The correct term is "Unschooling" (Score 1) 700

by Frobnicator (#48977567) Attached to: Ask Slashdot: Pros and Cons of Homeschooling?

And it works amazingly well.

Sometimes yes, it can get excellent results. Other times not so much.

A great deal of it comes down to your teacher, perhaps your own parent or a group of like-minded parents. I've got several relatives who decided to home school.

Some relatives were strict about achieving basic competence at every subject area in addition to delving deep into preferred topics. These kids all earned advanced degrees or are on the route to doing so. They seem to be well-rounded and able to solve any problem put before them.

Other relatives did not require broad skills, nor did they enforce study of core concepts that the parents or the students found boring. I fear these people will not become productive adults, as they seem to lack even basic critical reasoning skills.

One benefit of traditional schooling is that a broad range of topics are covered. Some of those the student may not enjoy but will at least have some exposure. Other topics the student and the parents may not have thought to explore on their own. The drawback is that the teacher may not have that individual student's best interests in mind.

Comment: Re:But We Need More H1-Bs! (Score 3, Insightful) 331

by Frobnicator (#48977105) Attached to: Massive Layoff Underway At IBM

If you only consider "good people" as the ones who are pre-trained with previous experience on cutting-edge software, then yeah, you will have a hard time finding them. Those are not the people looking for jobs.

It used to be that companies expected to train everyone, even experienced and senior people, for several months after hire. Now you are expected to start on the first day with a year of experience on new products in order to be considered a good worker.

It is unrealistic to expect that new hires, even experienced new hires, have 100% of the skills you need. Get someone who is smart, then train and educate them on the details.

"Success covers a multitude of blunders." -- George Bernard Shaw

Working...