Become a fan of Slashdot on Facebook


Forgot your password?

Comment Re:First projects should be celebrated even if min (Score 1) 662

So are we just ignoring the fact that the father is a Muslim activist and blames Republicans? He also shows up at churches with the Koran and disrupts. This was a clear provocation. Just like Charlie Hebdo and the Texas cartoon contest, a reaction was not only expected but inevitable. At least nobody died this time.

And my father is a Christian preacher. Seriously? Sins of the father? That's what you think is the most important issue to discuss right now? And not that the kind of people who judge based on the sins of the father are the actual real problem that caused this mess in the first place.

Comment First projects should be celebrated even if minor (Score 5, Insightful) 662

My first computer program was little more than 10 PRINT "HELLO WORLD", but young me was damn proud at the time of making a computer do something ... anything ... and would have loved to share that enthusiasm with others.

It doesn't matter whether Ahmed built the clock from scratch after forging his own components from rocks in a furnace or disassembled something else and made a small change. Who cares. We all had to start somewhere and a little encouragement goes a long way.

Don't let the know-nothings get you down Ahmed. Keep at it.

Comment Re:Stasi Tech? (Score 3, Insightful) 130

Why? Because voice processing and searching on the scale of some of the applications such as SIRI require centralized processing. Therefore your voice commands have to be sent someplace else and processed.

At the moment. As the technology improves more and more will be done client side because round-tripping audio is stupid if you could do it locally. If SIRI or something like it was completely local, then there would be no issue. Unfortunately there has been little or no work on practical on-the-spot voice recognition lately because the money is all in spying - be it for surveillance or ads.

It's not like appliance controls are complicated - there's only a handful of "TV: Change channel to ESPN" or "Kettle: Tea, Earl Grey, Hot" phrases that need to be trained in. But since the business models of operators like Nuance are predicated on licensing access to their huge server farms, no other option is even considered except the one that destroys privacy.

We need regulation - no server-side processing of client-side controls. If you could do it locally, then you MUST.

Comment Re:a historic relic no longer tolerated. (Score 4, Insightful) 461

strip clubs...they dont exist in Pakistan, Iran, or North Korea ...

Oh, you can be sure strip clubs exist there too. It's just that the average Schmoe is not rich enough or well connected enough to swing an invite. The same economic rules apply everywhere: money can buy anything and corrupt religious hypocrites can usually be found living it up in the local red light district.

Comment Don't collect information you don't need (Score 5, Insightful) 39

Note to Chad: The issue is not how accurate the information is or isn't. This issue is that a truly anonymous service has no need for this information.

If you are providing an anonymous service, then accept the incoming socket, provide the service, and then promptly forget everything about the session. If it is logged, those logs can be requested or outright stolen by the world's TLA's. Even performing a GeoIP lookup without logging it has the potential to leak information from your service that can be collected by mass surveillance and correlated with other information.

Do not collect information that is not relevant to the service being provided. Period.

Comment Re:Automated test in is a minimum (Score 1) 152

The next thing is you tell me to test getters and setters ...

You damn well better test the getters and setters. In my experience they are usually the buggiest part of a class. To save time, sooner or later you will cut-and-paste the previous getter/setter pair and modify the name ... while forgetting to update the variable name behind the API, leaving it side-effecting something else. Now you have a landmine waiting to strike on the rare occasion you set that field. And woe betide you if the setter performs verification on the value, which you will probably get wrong (in fact, I just fixed a verification bug in a setter that was found by a unit test not 5 minutes ago).

Comment Re:I just watched the video (Score 1) 65

Actually I know a little bit about this as I once interviewed for that project before they temporarily lost their funding. Traditional scanners need 2 or more LiDAR emitters on separate axes to build up a 3D scan. They also need to be physically mounted in a stable location which makes it hard to map buildings with staircases and hidden rooms. The purpose of the spring is to flop the scanner around so that a single LiDAR emitter can get a complete view of the environment as the holder walks around along all possible axes. It can also be mounted on unstable platforms like automated farm tractors. The rest is software.

Comment Visual Boxes Aren't Code (Score 1) 876

Because while programming by joining prefabricated boxes together with lines sounds awesome, it's what is inside the boxes that is important. If the box you need is not already written, then you need variable assignment, conditionals, and loops to write a new box. And then all of a sudden you are back to writing text code even if it is drag-n-drop "if" statements encoded in XML. At that point you might as well give the programmer a text edit window and get out of the way. The lines are the least interesting part of an application, but they are the only parts that even make sense to do graphically.

Comment Re:Incorrect (Score 4, Interesting) 194

Yes, because I would just love having to go through regulatory channels and potentially paying fees in order to publish software that I don't even make any money from.

Depends on the regulations: "Commercial software can pick from one of the 5 following standard commercial licenses: ... Any commercial software license that deviates from a Standard License reverts to Standard License Type 1 wherever its EULA conflicts with this regulation. Software that complies with the Open Source Definition or otherwise allows the user to inspect the source code and remove unwanted features independently is exempt from this section."

You are then perfectly free to make money from your software. Pick whichever one of the standard licenses suits your purpose and carry on. But what you cannot do is employ a lawyer to invent a creative way to screw your users in the fine print. If you do, your license is automatically torn up and replaced with something sane.

Comment Re:Slip the backdoor into a precompiled GCC instea (Score 4, Interesting) 576

I wonder if anyone actually takes the responsibility to do this check. Maybe there are GCC binaries in the wild which replicate a backdoor.

Even if there were, you need only recompile your gcc source with llvm, icc, visual studio, or basically anything that isn't gcc to get a new compiler that won't replicate the backdoor any more. For extra fun, randomise the order of this compiling that compiling something else so that even backdoor reinsertions that cross the vendor boundary will eventually fail. Or write your own C++ interpreter in Python/Perl/whatever and use it to (very slowly) run gcc on itself - even if it takes a week you'll have a clean binary at the end. Yes, hiding such a backdoor seems scary to the untrained eye. It's also trivial to get rid of if you're paranoid enough to care.

Comment Re:Why not do what experts have recommended? (Score 2) 32

If you want "networked" configuration nodes, an isolated network should be the only thing accessing equipment. That node should not access anything else, or any other networks...

Because those experts are morons. It ignores the economic cost of companies having to run a separate parallel Internet. Take electricity suppliers that need to monitor and control remote switching devices, for example. GSM/CDMA networks are just there, already deployed by the telecommunications industry. A cheap GSM modem and an account with the local telecomms supplier is economically better at contacting remote stations than running ones own wires out to single-point stations in the suburbs and the bush.

Isolated networks also don't work. Putting a dodgy default-passworded device on an internal network doesn't work when your attacker walks up to the remote station, cuts off the padlock, and installs their own device straight onto your wide-open "no one could possibly hack this because it's disconnected" network. Which is basically how Stuxnet got deployed - direct intervention onto a private network at a weak point.

This problem cannot be solved with simplistic "if you don't want people to hack it, don't connect it to the Internet" solutions. How about building it to be difficult to hack in the first place? Or making VPN layers the default way the Internet works rather than an afterthought? Or teaching (mostly non-software) engineers security techniques that were honed over decades of fighting malware on the open Internet? Or any of a million other practical solutions that don't boil down to "la la, I can't hear you so you can't hear me".

Comment Re:I understand their pain (Score 4, Insightful) 331

As an Android and iOS developer, it is tough to support all possible screen sizes, aspect ratios, hardware specs and versions of Android. Sometimes not having a newer version of Android(>= 4.0) you miss a lot of features that people come to expect and your code is riddle with backwards compatibility stuff just to support Gingerbread, or worse(ie: Donut).

And none of this would be a problem if PBS would simply publish the specification for whatever JSON/XML/etc back end they are using to transmit information to the clients about shows and episodes, and use standard RFC-compatible video formats and streaming protocols with no DRM or other nonsense.

Why would it not be a problem? Because the next day the app stores would be full of "SparkleVideoPlayer now supports PBS!" updates for all of the existing streaming video apps and their loyal users. Or if my screen size, aspect ratio, blah, blah, blah is not supported, I can write my own app!

I can understand why the commercial TV outfits want to control everything - they think it's the only way to poison the experience with ads. But why are public broadcasters like PBS, BBC, and Australia's ABC doling the same thing? It's idiotic - the solution to "how do I support a million devices" is simple: "publish the spec so that the taxpaying public can write their own apps".

Comment College Funds? (Score 1) 74

Do you need to earn "Crime pays" kind of money to fund college funds for 4 children in America?

I don't know whether he wants his kids to have a good education or whether he thinks they'll make better master criminals with a degree & a job in Wall Street :)

But at the very least he thinks a child's education is important, which is more than most.

Slashdot Top Deals

Earth is a beta site.