Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Comment That is the problem. (Score 1) 30

By trying to not say too much, the advisories are inherently vague and therefore can be interpreted as insignificant or a dire emergency depending on the day.

That's not useful to anyone.

Because the NSA and GCHQ have effectively eliminated all network security, thanks to their backdoors in things like Cisco devices, it should be automatically assumed that all the bad guys capable of exploiting the issue already have all the information they need and the bad guys not capable of exploiting the issue aren't an issue whether informed or not.

Advisories should therefore declare everything. Absolutely everything. And it should be made clear in those advisories that this is being done because the risks created by the backdoors exceed the risks created by the additional information.

The added information will aid in debugging, clearing up the issue faster and validating that no regressions have taken place.

Comment Lots of options (Score 2) 35

Now that they can extract pure silicon 28 with a simple linear accelerator (which should have been obvious), it should be possible to use much larger dies without running into imperfection problems. That doesn't keep to Moore's Law, admittedly, but it does mean you can halve the space that double the transistors would take, since you're eliminating a lot of packaging. Over the space of the motherboard, it would more than work out, especially if they moved to wafer-scale integration. Want to know how many cores they put onto a wafer using regular dies? Instead of chopping the wafer up, you throw on interconnects Transputer-style.

Graphene is troublesome, yes, but there's lots of places you need regular conductors. If you replace copper interconnects and the gold links to the pins, you should be able to reduce the heat generated and therefore increase the speed you can run the chips. Graphene might also help with 3D chip technology, as you're going to be generating less heat between the layers. That would let you double the number of transistors per unit area occupied, even if not per unit area utilized.

Gallium Arsenide is still an option. If you can sort pure isotopes then it may be possible to overcome many of the limitations that have existed so far on the technology. It has been nasty to utilize, due to pollution, but we're well into the age where you can just convert the pollution into plasma and again separate out what's in it. It might be a little expensive, but the cost of cleanup will always be more and you can sell the results from the separation. It's much harder to sell polluted mud.

In the end, because people want compute power rather than a specific transistor count, Processor-in-Memory is always an option, simply move logic into RAM and avoid having to perform those functions by going through support chips, a bus and all the layers of a CPU in order to get carried out. DDR4 is nice and all that, but main memory is still a slow part of the system and the caches on the CPU are easily flooded due to code always expanding to the space available. There is also far too much work going on in managing memory. The current Linux memory manager is probably one of the best around. Take that and all the memory support chips, put it on an oversized ASIC and give it some cache. The POWER8 processor has 96 megabytes of L3 cache. I hate odd amounts and the memory logic won't be nearly as complex as the POWER8's, so let's increase it to 128 megabytes. Since the cache will be running at close to the speed of the CPU, exhaustion and stalling won't be nearly so common.

Actually, the best thing would be for the IMF (since it's not doing anything useful with its money) to buy millions of POWER8 and MIPS64 processors, offering them for free to geeks individually on on daughter boards that can be plugged in as expansion cards. At worst, it would make life very interesting.

Comment Re:Kids don't understand sparse arrays (Score 1) 128

It all depends on what you want to do with your matrices. Various operations have various costs in different sparse matrix formats. The standard ones are COO or coordinate format: a list of triples (i, j, val); DOK or dictionary of keys format: the hashmap you are thinking of; LIL or list of lists format: a list for each row and a list if pairs (j, val) in each list entry; CSR/CSC or compact sparse row/column: an array of indices where each row starts, an array of column indices and an array of values.

COO and DOK are great for changing sparsity structure; LIL is very useful if you have a lot of row-wise (or column-wise) operations, or need to manipulate rows regularly. CSR is great for matrix operations such as multiplication, addition etc. You use what suits your usecase, or change between formats (relatively cheap) as needed.

Comment Re:a low-IQ child's IQ can be raised in some cases (Score 2) 185

I've had sat psychologist administered IQ tests a year apart and had my score differ by 10 points. I've been told that, in fact, this is perfectly normal and well within the accuracy expected of IQ tests by psychologists who take them seriously. I wouldn't worry about IQ scores changing (they may well do that, but it is equally likely measurement error). IQ is a very imperfect measure to begin with. Our ability to measure it, even under the best of conditions, is extremely poor. Take most IQ studies with a grain of salt.

Comment Re:The Road Warrior (Score 1) 776

...not a sequel, but a cash-in remake.
It's not a Mad Max movie. The main character isn't Max, the atmosphere isn't Mad Max's, it just happened to have spiked cars chasing plated cars in the wastland.

Indeed. What they should have done was get the writer/director of the original film, who I gather had been trying to get a sequel made for over a decade, to come and write and direct the new one. Clearly whoever they got to write this didn't really understand Max's character at all.</sarcasm>

Comment Re: The answer has been clear (Score 1) 390

Multiple IPs was one solution, but the other was much simpler.

The real address of the computer was its MAC, the prefix simply said how to get there. In the event of a failover, the client's computer would be notified the old prefix was now transitory and a new prefix was to be used for new connections.

At the last common router, the router would simply swap the transitory prefix for the new prefix. The packet would then go by the new path.

The server would multi-home for all prefixes it was assigned.

At both ends, the stack would handle all the detail, the applications never needed to know a thing. That's why nobody cared much about remembering IP addresses, because those weren't important except to the stack. You remembered the name and the address took care of itself.

One of the benefits was that this worked when switching ISPs. If you changed your provider, you could do so with no loss of connections and no loss of packets.

But the same was true of clients, as well. You could start a telnet session at home, move to a cyber cafe and finish up in a pub, all without breaking the connection, even if all three locations had different ISPs.

This would be great for students or staff at a university. And for the university. You don't need the network to be flat, you can remain on your Internet video session as your laptop leaps from access point to access point.

Comment I really hate reports like this (Score 3, Interesting) 622

1) Combine two things that are sort of similar but not really - e.g. EVs and hybrids or tablets and e-ink e-readers
2) Make a statistical claim about the combined group - 'People are leaving EVs and hybrids", "Tablets and E-readers bad for sleep/eyes"
3) Forget to mention one of the two in the headline - 'People dump EVs', 'E-readers bad for sleep/eyes"

By combining the two, this report doesn't really tell us anything useful. I'd love to know the different rates of people abandoning EV or hybrids, as I think they are two very different propositions.

Hybrids, at the end of the day, are simply a different way of building efficient petrol/diesel powered cars. From what I've heard that efficiency has been a lot less in real life, with milage claims for things like the Prius not really living up to the hype. With ever more efficient petrol engines on the market, and gas prices so low, the efficiency improvements have to be pretty significant to make a big difference and to offset the higher cost of buying many hybrids.

EVs on the other hand are a totally different beast, and the reasons people might give up on them are different. Are people buying EVs and then finding range is more of a problem than they thought? Did they have problems finding charing points? Was overnight, at-home charging not good enough for them? Etc, etc.

In addition, this report talks about the number of people who are trading in their EVs/Hybrids for something else. But that doesn't really tell us anything about how much people like EVs and Hybrids as it only includes people who are switching. It doesn't provide any analysis of how many people are keeping their EVs for longer.

What's most annoying is that there are genuinely interesting questions to be asking about the EV and hybrid market, but this data isn't really answering any of them well.

Comment Re: How about basic security? (Score 5, Informative) 390

IPSec is perfectly usable.

Telebit demonstrated transparent routing (ie: total invisibility of internal networks without loss of connectivity) in 1996.

IPv6 has a vastly simpler header, which means a vastly simpler stack. This means fewer defects, greater robustness and easier testing. It also means a much smaller stack, lower latency and fewer corner cases.

IPv6 is secure by design. IPv4 isn't secure and there is nothing you can design to make it so.

Comment Re: Waiting for the killer app ... (Score 3, Informative) 390

IPv6 would help both enormously. Lower latency on routing means faster responses.

IP Mobility means users can move between ISPs without posts breaking, losing responses to queries, losing hangout or other chat service connections, or having to continually re-authenticate.

Autoconfiguration means both can add servers just by switching the new machines on.

Because IPv4 has no native security, it's vulnerable to a much wider range of attacks and there's nothing the vendors can do about them.

Comment Re: DNS without DHCP (Score 4, Informative) 390

Anycast tells you what services are on what IP. There are other service discovery protocols, but anycast was designed specifically for IPv6 bootstrapping. It's very simple. Multicast out a request for who runs a service, the machine with the service unicasts back that it does.

Dynamic DNS lets you tell the DNS server who lives at what IP.

IPv6 used to have other features - being able to move from one network to another without dropping a connection (and sometimes without dropping a packet), for example. Extended headers were actually used to add features to the protocol on-the-fly. Packet fragmentation was eliminated by having per-connection MTUs. All routing was hierarchical, requiring routers to examine at most three bytes. Encryption was mandated, ad-hoc unless otherwise specified. Between the ISPs, the NAT-is-all-you-need lobbyists and the NSA, most of the neat stuff got ripped out.

IPv6 still does far, far more than just add addresses and simplify routing (reducing latency and reducing the memory requirements of routers), but it has been watered down repeatedly by people with an active interest in everyone else being able to do less than them.

I say roll back the protocol definition to where the neat stuff existed and let the security agencies stew.

Comment Summary misses out the actual feature... (Score 4, Informative) 70

What a shock, a slashdot summary that misses the actual salient point of the linked article...

Here's the description of the new feature from the linked article:

If the same site was accessed in Chrome 43 -- which is beta now but should be stable in May -- the warning should vanish thanks to a browser Content Security Policy directive known as Upgrade Insecure Resources. The directive “causes Chrome to upgrade insecure resource requests to HTTPS before fetching them”, Google explained today.

Here's Google's own description of the feature from the Chromium Blog:

Upgrading legacy sites to HTTPS

Transitioning large collections of unmodifiable legacy web content to encrypted, authenticated HTTPS connections can be challenging as the content frequently includes links to insecure resources, triggering mixed content warnings. This release includes a new CSP directive, upgrade-insecure-resources, that causes Chrome to upgrade insecure resource requests to HTTPS before fetching them. This change allows developers to serve their hard-to-update legacy content via HTTPS more easily, improving security for their users.

So basically this means you don't have to worry if you accidentally miss an HTTP asset link on your site when upgrading to HTTPS, Chrome will automatically do that for you.

Hopefully the other browsers will follow suit soon, otherwise it's of limited use.

Variables don't; constants aren't.

Working...