Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment: Re:The Road Warrior (Score 1) 776

...not a sequel, but a cash-in remake.
It's not a Mad Max movie. The main character isn't Max, the atmosphere isn't Mad Max's, it just happened to have spiked cars chasing plated cars in the wastland.

Indeed. What they should have done was get the writer/director of the original film, who I gather had been trying to get a sequel made for over a decade, to come and write and direct the new one. Clearly whoever they got to write this didn't really understand Max's character at all.</sarcasm>

Comment: Re: The answer has been clear (Score 1) 390

by jd (#49575883) Attached to: Why the Journey To IPv6 Is Still the Road Less Traveled

Multiple IPs was one solution, but the other was much simpler.

The real address of the computer was its MAC, the prefix simply said how to get there. In the event of a failover, the client's computer would be notified the old prefix was now transitory and a new prefix was to be used for new connections.

At the last common router, the router would simply swap the transitory prefix for the new prefix. The packet would then go by the new path.

The server would multi-home for all prefixes it was assigned.

At both ends, the stack would handle all the detail, the applications never needed to know a thing. That's why nobody cared much about remembering IP addresses, because those weren't important except to the stack. You remembered the name and the address took care of itself.

One of the benefits was that this worked when switching ISPs. If you changed your provider, you could do so with no loss of connections and no loss of packets.

But the same was true of clients, as well. You could start a telnet session at home, move to a cyber cafe and finish up in a pub, all without breaking the connection, even if all three locations had different ISPs.

This would be great for students or staff at a university. And for the university. You don't need the network to be flat, you can remain on your Internet video session as your laptop leaps from access point to access point.

Comment: I really hate reports like this (Score 3, Interesting) 622

by NoNeeeed (#49528711) Attached to: Cheap Gas Fuels Switch From Electric Cars To SUVs

1) Combine two things that are sort of similar but not really - e.g. EVs and hybrids or tablets and e-ink e-readers
2) Make a statistical claim about the combined group - 'People are leaving EVs and hybrids", "Tablets and E-readers bad for sleep/eyes"
3) Forget to mention one of the two in the headline - 'People dump EVs', 'E-readers bad for sleep/eyes"

By combining the two, this report doesn't really tell us anything useful. I'd love to know the different rates of people abandoning EV or hybrids, as I think they are two very different propositions.

Hybrids, at the end of the day, are simply a different way of building efficient petrol/diesel powered cars. From what I've heard that efficiency has been a lot less in real life, with milage claims for things like the Prius not really living up to the hype. With ever more efficient petrol engines on the market, and gas prices so low, the efficiency improvements have to be pretty significant to make a big difference and to offset the higher cost of buying many hybrids.

EVs on the other hand are a totally different beast, and the reasons people might give up on them are different. Are people buying EVs and then finding range is more of a problem than they thought? Did they have problems finding charing points? Was overnight, at-home charging not good enough for them? Etc, etc.

In addition, this report talks about the number of people who are trading in their EVs/Hybrids for something else. But that doesn't really tell us anything about how much people like EVs and Hybrids as it only includes people who are switching. It doesn't provide any analysis of how many people are keeping their EVs for longer.

What's most annoying is that there are genuinely interesting questions to be asking about the EV and hybrid market, but this data isn't really answering any of them well.

Comment: Re: How about basic security? (Score 5, Informative) 390

by jd (#49516499) Attached to: Why the Journey To IPv6 Is Still the Road Less Traveled

IPSec is perfectly usable.

Telebit demonstrated transparent routing (ie: total invisibility of internal networks without loss of connectivity) in 1996.

IPv6 has a vastly simpler header, which means a vastly simpler stack. This means fewer defects, greater robustness and easier testing. It also means a much smaller stack, lower latency and fewer corner cases.

IPv6 is secure by design. IPv4 isn't secure and there is nothing you can design to make it so.

Comment: Re: Waiting for the killer app ... (Score 3, Informative) 390

by jd (#49516451) Attached to: Why the Journey To IPv6 Is Still the Road Less Traveled

IPv6 would help both enormously. Lower latency on routing means faster responses.

IP Mobility means users can move between ISPs without posts breaking, losing responses to queries, losing hangout or other chat service connections, or having to continually re-authenticate.

Autoconfiguration means both can add servers just by switching the new machines on.

Because IPv4 has no native security, it's vulnerable to a much wider range of attacks and there's nothing the vendors can do about them.

Comment: Re: DNS without DHCP (Score 4, Informative) 390

by jd (#49516387) Attached to: Why the Journey To IPv6 Is Still the Road Less Traveled

Anycast tells you what services are on what IP. There are other service discovery protocols, but anycast was designed specifically for IPv6 bootstrapping. It's very simple. Multicast out a request for who runs a service, the machine with the service unicasts back that it does.

Dynamic DNS lets you tell the DNS server who lives at what IP.

IPv6 used to have other features - being able to move from one network to another without dropping a connection (and sometimes without dropping a packet), for example. Extended headers were actually used to add features to the protocol on-the-fly. Packet fragmentation was eliminated by having per-connection MTUs. All routing was hierarchical, requiring routers to examine at most three bytes. Encryption was mandated, ad-hoc unless otherwise specified. Between the ISPs, the NAT-is-all-you-need lobbyists and the NSA, most of the neat stuff got ripped out.

IPv6 still does far, far more than just add addresses and simplify routing (reducing latency and reducing the memory requirements of routers), but it has been watered down repeatedly by people with an active interest in everyone else being able to do less than them.

I say roll back the protocol definition to where the neat stuff existed and let the security agencies stew.

Comment: Summary misses out the actual feature... (Score 4, Informative) 70

by NoNeeeed (#49506333) Attached to: Chrome 43 Should Help Batten Down HTTPS Sites

What a shock, a slashdot summary that misses the actual salient point of the linked article...

Here's the description of the new feature from the linked article:

If the same site was accessed in Chrome 43 -- which is beta now but should be stable in May -- the warning should vanish thanks to a browser Content Security Policy directive known as Upgrade Insecure Resources. The directive “causes Chrome to upgrade insecure resource requests to HTTPS before fetching them”, Google explained today.

Here's Google's own description of the feature from the Chromium Blog:

Upgrading legacy sites to HTTPS

Transitioning large collections of unmodifiable legacy web content to encrypted, authenticated HTTPS connections can be challenging as the content frequently includes links to insecure resources, triggering mixed content warnings. This release includes a new CSP directive, upgrade-insecure-resources, that causes Chrome to upgrade insecure resource requests to HTTPS before fetching them. This change allows developers to serve their hard-to-update legacy content via HTTPS more easily, improving security for their users.

So basically this means you don't have to worry if you accidentally miss an HTTP asset link on your site when upgrading to HTTPS, Chrome will automatically do that for you.

Hopefully the other browsers will follow suit soon, otherwise it's of limited use.

Comment: What is wrong with SCTP and DCCP? (Score 4, Interesting) 84

by jd (#49503031) Attached to: Google To Propose QUIC As IETF Standard

These are well-established, well-tested, well-designed protocols with no suspect commercial interests involved. QUIC solves nothing that hasn't already been solved.

If pseudo-open proprietary standards are de-rigour, then adopt the Scheduled Transfer Protocol and Delay Tolerant Protocol. Hell, bring back TUBA, SKIP and any other obscure protocol nobody is likely to use. It's not like anyone cares any more.

Comment: Re: Must hackers be such dicks about this? (Score 1) 270

by jd (#49500235) Attached to: FBI Accuses Researcher of Hacking Plane, Seizes Equipment

He claimed he could hack the plane. This was bad and the FBI had every right to determine his motives, his actual capabilities and his actions.

The FBI fraudulently claimed they had evidence a crime had already taken place. We know it's fraudulent because if they did have evidence, the guy would be being questioned whilst swinging upside down over a snake pit. Hey, the CIA and Chicago have Black Sites, the FBI is unlikely to want to miss out. Anyways, they took his laptop, not him, which means they lied and attempted to pervert the course of justice. That's bad, unprofessional and far, far more dangerous. The researcher could have killed himself and everyone else on his plane. The FBI, by using corrupt practices, endanger every aircraft.

Comment: Re: Must hackers be such dicks about this? (Score 1) 270

by jd (#49500221) Attached to: FBI Accuses Researcher of Hacking Plane, Seizes Equipment

Did the FBI have the evidence that he had actually hacked a previous leg of the flight, or did they not?

If they did not, if they knowingly programmed a suspect with false information, they are guilty of attempted witness tampering through false memory syndrome. Lots of work on this, you can program anyone to believe they've done anything even if the evidence is right in front of them that nothing was done at all. Strong minds make no difference, in fact they're apparently easier to break.

Falsifying the record is self-evidently failure of restraint.

I have little sympathy for the researcher, this kind of response has been commonplace since 2001, slow-learners have no business doing science or engineering. They weren't exactly infrequent before then.

Nor have I any sympathy for the airlines. It isn't hard to build a secure network where the security augments function rather than simply taking up overhead. The same is true of insecure car networks. The manufacturers of computerized vehicles should be given a sensible deadline (say, next week Tuesday) to have fully tested and certified patches installed on all vulnerable vehicles.

Failure should result in fines of ((10 x vehicle worth) + (average number of occupants x average fine for unlawful death)) x number of vehicles in service. At 15% annual rate of interest for every year the manufacturer delays.

Comment: Re: In summary (Score 1) 57

by jd (#49453131) Attached to: GCC 5.0 To Support OpenMP 4.0, Intel Cilk Plus, C++14

ADA updates would be good, bringing in the Spark 2014 and early 2015 extensions would have been nice. (Spark is a mathematically provable dialect of ADA. Well, mostly. Apparently, you can't prove floating point operations yet because nobody knows how. Personally, I think it's as easy as falling off a log table.)

There are also provable dialects of C and it would be nice if GCC had a flag to constrain to that subset. Using multiple compilers is a good way of producing incompatible binaries and nasty interactions. GCC has no business having limitations. :)

With work on KROC at a standstill, we have a reference compiler that talks Occam Pi. Occam is a very nice language to work with but working through archaic Inmos blobs is tiresome and limiting.

Code quality in GCC and GlibC is still poor, the stability of internal interfaces is derisory (these should be generated from abstract descriptions, ensuring the flexibility GCC wants and the usability interface developers want) and the egos of the developers should be taken out and shot. However, it's still one of the best environments out there. Those that are better at specific things are usually carrying three to four digit price tags. I'd write in hand-turned assembly before paying for unquantifiable products that I won't even own.

Comment: Re: In summary (Score 1) 57

by jd (#49453043) Attached to: GCC 5.0 To Support OpenMP 4.0, Intel Cilk Plus, C++14

Different animal. Cilk has specific instructions for parallelising loops and similar. It looks like a similar concept to Fortran's capacity to turn anything that can be done as a vector rather than as a sequential operation into a vector instruction.

OpenMP parallelizes at the block level rather than the instruction level. By all accounts (notably comments on the ATLAS mailing list), the performance is terrible.

"Your attitude determines your attitude." -- Zig Ziglar, self-improvement doofus

Working...