Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

WikiLeaks' Anonymous Leak Submission System Is Back After Nearly 5 Years 26

Sparrowvsrevolution writes: On Friday, WikiLeaks announced that it has finally relaunched a beta version of its leak submission system after a 4.5 year hiatus. That file-upload site, which once served as a central tool in WIkiLeaks' leak-collecting mission, runs on the anonymity software Tor to allow uploaders to share documents and tips while protecting their identity from any network eavesdropper, and even from WikiLeaks itself. In 2010 the original submission system went down amid infighting between WikiLeaks' leaders and several of its disenchanted staffers, including several who left to create their own soon-to-fail project called OpenLeaks. WikiLeaks founder Julian Assange says that the new system, which was delayed by his legal troubles and the banking industry blockade against the group, is the final result of "four competing research projects" WikiLeaks launched in recent years. He adds that it has several less-visible submission systems in addition to the one it's now revealed. "Currently, we have one public-facing and several private-facing submission systems in operation, cryptographically, operationally and legally secured with national security sourcing in mind," Assange writes.

Comment Re:short playback on FLAC? (Score 1) 391

MP3 codecs are only implemented in hardware on really cheap MP3 players - the sort that don't have the CPU power to do it in software. Those devices can't do anything other than MP3.

On anything more expensive - ipods, Sansa Clips, etc., it's all software, and the device can support lots of different formats.

There isn't really much of a battery power win from doing MP3 in hardware, and dedicated MP3 hardware is no good for the other formats that the average user will want to play. The average user may think he has an "MP3 collection", but he is probably not even aware that some of the files are in other formats, because every music player just plays them all.

Comment Re:Why not include the original IBM design? (Score 2) 190

I've owned two Model Ms, supposedly the best, and they have put me off owning mechanical keyboards. They are tiring to use, and they are noisy, and if your job requires you to type for most of the day, you don't want either of those things. I didn't see a good tradeoff in terms of improved typing speed or accuracy.

Comment Re:don't worry about it (Score 1) 178

This sort of test may not detect all fakes.. really you need to write a test pattern and read it back, as the writes may appear to succeed.

Programs exist to do this for you, e.g.

When I had one of these fake cards, it seemed to me that the firmware had been designed to allow a filesystem to be created on the device, by remapping the blocks that the filesystem would use for its metadata.

Formatting utilities should really check for bad SD cards...

Comment Re:Infomercial for a code coverage tool? (Score 1) 169

If you really were working on systems where a failure would have catastrophic consequences, I would hope you had a QA process a lot more sophisticated than running a test suite and this kind of coverage tool to check for problems!

Oh, certainly! The good news here is that the avionics industry knows this, and in any case, the FAA won't let them cut corners. I don't know exactly how the industry uses our tools, but it's typically in conjunction with lots of manual testing, with the coverage tool capturing data as human testers run through test scripts.

And you're right, non-safety critical projects can benefit from it. For any large project, it really isn't an expensive part of the development process, and it can be very revealing. The techniques we use have a low overhead in terms of memory and CPU time, so they're good for both embedded systems and high-performance desktop/server software. An "instrumented" build for coverage is not that different to a regular debug build: a bit slower, a bit larger, but with lots of helpful stuff included. But perhaps I am wandering into "infomercial" territory again... :)

Comment Re:Nonsense -- make your own test suite (Score 1) 169

Thing is, you need both your own test suite and a coverage test tool. The two work together. The coverage tool tells you if your tests are incomplete, helping you to fix them.

If I were actually testing Tetris I would definitely do it the way you suggest: a pre-arranged sequence of blocks and a pre-programmed series of moves. I'd run the game with that sequence, then look at the coverage data to see if I needed to add anything. Some of the process can be automated, but the test cases themselves have to be made by hand.

Comment Re:Infomercial for a code coverage tool? (Score 1) 169

You're right, this sort of testing should really be about covering the range of possible inputs. But that is typically impossible. There are too many possible scenarios. You need a practical substitute.

I agree that statement coverage is quite crude, it tells you very little about the data being processed. There is more detailed information being produced here - "MC/DC coverage" - which does tell you whether conditional statements have been thoroughly exercised, because each possible reason for the "true" or "false" branch of the conditional has been seen during the test. But even with that, it is no silver bullet, and you can certainly write programs that get 100% coverage on all the metrics, and are still full of bugs.

It is, however, better to have this information than not have it at all. And coverage tools are very practical in real-world situations, particularly those involving testing safety-critical code. They provide evidence that the tests have tested everything that they claim to have tested.

Comment Re:Nice advertisement (Score 2) 169

Submitter here. It's "marketing spam" in the sense that it's based on something I did at work. I don't see why this is a problem. Many articles linked from this site involve something that someone did at work.

I thought it was interesting that, though this is a really simple game, you can't test it effectively just by playing it. You have to deliberately seek out all of special cases. That's a fact about virtually all software, but it's not an intuitive one, and that's what the article is about.

Submission + - Tetris is hard to test (

JackDW writes: Tetris is one of the best-known computer games ever made. It's easy to play but hard to master, and it's based on a NP-hard problem. But that's not all that's difficult about it. Though it's simple enough to be implemented in one line of BBC BASIC, it's complex enough to be really hard to thoroughly test.

It may seem like you can test everything in Tetris just by playing it for a few minutes, but this is very unlikely! As I explain in this article, the game is filled with special cases that rarely occur in normal play, and these can only be easily found with the help of a coverage tool.

Submission + - Tetris - how fast can you get 100% code coverage? (

An anonymous reader writes: We were somewhat surprised and shocked to discover that Tetris turned 30 this year. As our own celebration of this classic game, we've added our own twist to it: you can now measure the structural code coverage as you play. There is a download link to this at the bottom of this blog post.

We've built a subset of RapiCover into a Tetris executable. This displays four different types of code coverage metrics, which are updated as you play:

Function coverage. Has each function in the program been called?
Statement coverage. Has each statement in the program been executed?
Decision coverage. Has each branch of each decision been executed?
Modified condition/decision coverage (MC/DC). Each condition should affect the decision outcome independently (An introduction to modified condition/decision coverage). This type of coverage is typically required for the most critical safety software (see for example DO-178B, DO-178C or ISO 26262 standards/guidelines for aerospace and automotive).

Comment Re:Actually, it's easy. (Score 2) 174

Do you know, you're the first person in this topic to actually answer the question? Most others missed the VPN part.

OpenVPN already knows how to discard duplicates and retransmit lost packets. It's a lovely way to build a semi-reliable network on top of an unreliable one, and very hackable.

The questioner only needs to modify OpenVPN (on his PC) to send its UDP packets via two different routes. He should configure his VPS to have two public IP addresses, with OpenVPN (server-side) bound to both of them, and then manually adjust the routing table on his PC to force the use of a specific route for each of those two IP addresses. The hard bit (and it's not really that hard) is making OpenVPN (on the PC) send each packet twice to two different IP addresses, which would require modifications to the source code and some familiarity with the sockets API.

I think it would work, not just for Battlefield but for anything. And it sounds like fun.

Comment Re:Again? (Score 1) 557

I don't believe this either. There's no corroborating evidence, not even a screenshot (though that could be trivially faked).

This is a conspiracy theory and it's as nonsensical as thinking that Bush's "people" accidentally leaked "the truth" while they were supposed to be covering up "the facts" about 9/11.

Take note of the names of the Slashdotters who automatically believe this sort of thing, and give their opinions an appropriate level of credit.

What this country needs is a dime that will buy a good five-cent bagel.