Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Hardware is trusted (Score 4, Insightful) 83

It'd be nice if the next iteration of EFI had a more robust upgrade security design.

Something like this: Firmware upgrades are not possible from inside the OS. At all. Instead there's a switch on the mainboard that is only accessible when the computer has been physically opened. When that switch is on, EFI will refuse to boot any OS and all onboard SATA/SCSI controllers are physically disabled. EFI will scan every USB port* for a FAT32-formatted mass storage device containing a file with a certain filename, which is then displayed for your approval, checked and installed. While the switch is off, changing the firmware should be prevented in hardware, such as by detaching a certain line required to write to the flash chip. (Settings should be stored on an unprotected chip and can be changed while the computer is bootable.)

You're in a corporate setting and need to update 16.000 identical desktop computers all at once? Make sure the computers have an enterprise-ready mainboard that can pull the update from the network (e.g. using something similar to BOOTP). You'll still have to toggle that switch and confirm the prompt. That's as convenient as it should get; after all, if there is any chance that the firmware is modified while an OS is loaded, any successful attack on the OS leaves your firmware in a potentially compromised state.


* Yeah, I know, USB also has infectable firmware. Unfortunately, I don't know of a reasonable mass storage standard that doesn't. And making people physically swap PROM chips won't fly.

Comment: Re:But they help also (Score 2) 366

by Jesus_666 (#49291727) Attached to: Uber Shut Down In Multiple Countries Following Raids

Examples of crap in the list above: taxi drivers must know the area they operate in. Really? What does it even mean to know the area? London black cab drivers have to pass an exam called The Knowledge that requires them to memorise street maps of the city, so at least it's well defined there, but this is nonsense from the pre-GPS era. There's no need for cab drivers to do it all in their heads these days, and I'd much rather they rely on the computer which will always pick the fastest route and can't decide to take a detour because the passengers looks like a tourist.

And then the GPS makes a silly mistake as they are apt to do and the driver can't tell. From my experience, car navigation systems aren't mature enough to blindly rely on.

Another example: drivers must know the radio protocols. Why?! Uber drivers receive instructions via an intuitive smartphone app. Controlling cabs via radio is an obsolete technology yet the requirement to use it lives on.

That depends on the size of the company. If you have a one-man operation that only works via Uber, yes. If you have a dozen cabs and use both Uber and regular phone lines to get customers, having a radio is really useful.

I do agree, however, that self-employed cabbies with only one car should be exempt from that one.

Yet another example: cars must be painted a particular colour. Why? Uber cars are located using modern technology, not by watching the roads for vehicles painted in a deliberately ugly colour. This is another obsolete convention progress has made irrelevant - yet it's mandated.

It's not irrelevant for when you want to identify a parking cab as a cab. Unlike you, I don't think it's wise to completely abolish traditional cabs because some random company had a neat idea. Again, though, this is one requirement they should waive for self-employed cabbies that only work through a broker like Uber.

Then we get to the more questionable things that aren't obsolete exactly, just arguable. Why is it possible to have enough driving violations to be struck off as a cab driver, but still be allowed to drive friends and family around? Surely you're either safe enough to use the public roads, or you're not, and the commercial relationships you have with the people inside make no difference?

Because you don't spend a significant amount of time driving your friends and family around. Generally, people who don't work as drivers spend relatively little time on the road. People who earn their money by driving around have many more opportunities to screw up yet again.

People with a criminal record are banned from working as drivers? ALL crimes? What about crimes that don't involve being actually dangerous, like white collar crimes? Why can't hiring decisions like this be left to the cab companies?

I'd have to talk to a lawyer for that one but my guess is that it's tied to the reliability requirement. If you can't act in the interest of society then you're not expected to act in the interests of your passengers. It's just guesswork on my part, though.

Taxi drivers must know first aid? Presumably someone injured themselves in a cab once and some regulator thought this was a good response. What if that person injures themselves on the street? Why not require everyone to be trained in first aid? This kind of arbitrary distinction doesn't make much sense until you remember that we have these regulators sitting around with nothing better to do all day than craft rules for their tiny piece of jurisdiction.

Everyone IS required to be trained in first aid. Germany has a "duty to rescue" law and you can't get a driver's license without attending a training course on basic first aid, CPR and traffic accident rescue procedures. If you come across an accident you are required by law to stop, call the emergency hotline if possible and do your best to keep the people there alive until professional help arrives. This is also why every car in Germany is mandated to have an appropriate (and non-expired) first aid kit onboard - at least if you intend to operate it on public roads.

It's recommended that people attend a refresher course on this stuff every couple years but few people do. For professional drivers, though, the refresher course is mandated.

(And before you ask about what happens if you make things worse: When resuing someone you're immune from prosecution if you acted in good faith and your measures were in accordance with an average person's understanding of first aid. That's why we make sure that the average driver's understanding of first aid is at least semi-decent. Likewise, you won't be prosecuted if you couldn't act, e.g. because you can't stand the sight of blood. Still, you can't just drive on.)

And so on and so on. It's easy to take a reflexive "COMPANIES BAD GOVERNMENTS GOOD" position in these situations, but my experience of regulators have been that they never reform themselves .... all they ever do is add more and more requirements. Short of a company like Uber showing people how differently things can work, how would progress ever be made?

That doesn't elevate Uber above the law. If Uber has a neat business model, good on them. But that business model can't trump the law. If Uber wants the law changed because certain parts don't make sense with their model they'll have to convince the lawmakers (ie. lobby for it), not just ignore the law and then act indignant when they're busted for doing so.

That's like pirating Oracle Enterprise Database for your company because you find Oracle's prices too high and then complaining when the BSA comes knocking at your door. Oracle's prices may be high but that still doesn't make the copyright go away.

Comment: Re:But they help also (Score 2) 366

by Jesus_666 (#49290359) Attached to: Uber Shut Down In Multiple Countries Following Raids
Isn't that exactly what happened here? Uber decides that the law doesn't apply to them because they say so; the law demonstrates what happens to people who act that way. Uber's sleaziness with respect to the law is punished.

Sure, the licensing requirements in some places might be absurd but that doesn't mean we should root for Uber. A lot of regulations for taxi drivers go beyond "has paid $N"; for instance, German taxi drivers are required to know things about traffic and transportation law that most people don't and also have to prove that they actually know the area they operate in. Uber doesn't require any of this; their drivers have a regular driver's license and that's it. Most of them probably haven't even taken a first aid class in the last five years, which taxi drivers also have to (and regular drivers are encouraged to).

If Uber wanted to compete fairly they'd get in touch with the appropriate people and lobby for an overhaul of the relevant laws to account for self-employed, third-party-brokered taxi drivers that operate on a pre-arranged flat fee bidding system. Those taxi drivers would still need licenses but some parts of the law could be streamlined or made more flexible. On Uber's part all that changes is that they ask for the taxi license number when you sign up and check every five years if it's still valid. That's the way we do things in civilized society. The way Uber does it is essentially organized crime - even if only because they're an organization that brokers deals for people who violate the taxi laws of their country.

(Also, someone pointed out that in NYC you can just wave down a taxi whenever you need one, which suggests an extreme taxi density compared to most other places in the world. NYC might want to limit the number of taxis on the streets, which would explain the extreme license cost - although a more elegant approach might be to simply refuse to issue new licenses until the number of active ones has dropped. This would still work against newcomers but that's inherent to the problem.)

Comment: Re:But they help also (Score 4, Informative) 366

by Jesus_666 (#49290077) Attached to: Uber Shut Down In Multiple Countries Following Raids
IANAL but a bit of googling revealed that apparently German taxis are subject to at least these laws or parts of them: (I'll selectively paraphrase; there's quite a bite more in there.)

Personenbeförderungsgesetz (PBefG): Contains rules for passenger transportation with trams, trolleybuses and motor vehicles. Apparently trains are covered elsewhere. Only some of the rules apply because cars (vehicles that can transport up to six people including the driver) have a special exception.


Verordnung über den Betrieb von Kraftfahrunternehmen im Personenverkehr (BOKraft): Contains rules for passenger transportation companies that use trolleybuses or motor vehicles. This seems the most important one for taxi companies and covers things like vehicle maintenance, whether subcontracting is allowed, notification requirements, how to deal with lost property

The taxi-specific sections cover things like technical requirements, such as an alarm wired to the horn and lights that the driver can activate from their seat, a calibrated and illuminated taximeter or an optional bulletproof divider. Taxis must be painted with the color RAL 1015 of the RAL 840 HR palette and must have a "TAXI" sign of specific orientation and dimensions on top. They must display their taxi registration number in a specific style and place and also display the name and address of the company where the passenger can easily read them. Taxi drivers must take the shortest possible route to their target; if another route would be cheaper or faster, this has to be cleared with the passenger beforehand.

There's also some stuff in there that most people don't know - for instance, BOKraft-covered transport vehicles must have a copy of the laws governing pricing pnboard and must show them to the passenger upon request.


Berufszugangsverordnung für den Straßenpersonenverkehr (PBZugV): Contains rules on who is allowed to transport other people. People with a criminal record or a record of severe traffic law violations are banned from working as drivers; company-level misbehavior might disqualify an entire company. Companies must have enough money to keep their fleet in shape. They must regularly check whether all drivers are still qualified to work as taxi drivers.

Drivers (in order to be hirable) must have an understanding of the laws governing passenger transportation, of vehicle maintenance, of radio protocols, of certain accounting procedures and even of environmental guidelines on vehicle operation and maintenance. They must pass two written and optionaly one additional oral exam of one hour each with the local chamber of industry and commerce; alternatively, five years of work in a different BPZugV-covered company can be seen as equivalent.


Paragraph 48 Fahrerlaubnisverordnung (FeV): contains rules on taxi driver licenses. Examples: Taxi drivers must prove they know the area they operate in and that they have an appropriate understanding of first aid. If the driver is found unreliable, the license can be revoked (e.g. this once happened after a driver repeatedly refused to make short distance trips). Taxi driver licenses have to be reapplied for every five years.


Others, like the FPersG and FPersV, cover legal technicalities like when and how to have your license card with you etc. Additionally, municipalities may pass additional regulations.

So yeah, the law is pretty clear: None of the people who work for Uber are licensed to do so, thus they can't guarantee that they know about stuff like applying laws or where to drive. They can't even guarantee that the drivers aren't explicitly banned from working as drivers. Of course the law is going to come down hard on them.

If ridesharing is here to stay the law might adapt, but only by relaxing the signage requirements for very small companies. You'd still have to have a taxi driver's license, you'd still have to register the car and you'd still have to demonstrate an understanding of everything in appendix 3, PBZugV. There's no chance they'll let "But, the internet!" trump regulations that, to me, are either sensible stuff to guarantee an acceptable level of service or bureaucratic overhead to make the sensible stuff work.

Comment: Nuclear explosion (Score 1) 1081

by Jesus_666 (#49260843) Attached to: How To Execute People In the 21st Century
Just nuke them. It has a lot of advantages:

- You can get rid of old nuclear warheads that don't operate to spec anymore. As long as they still have enough power to vaporize a group of people sitting right next to them they're fine.
- It should be fairly painless, given that the prisoners' brains quickly transition to a gaseous state.
- It's inherently flashy so everyone looking for bloody retribution can see it being served from one state over.
- It's inherently suitable for group executions, which makes it very efficient in dealing with America's large number of criminals.
- It makes you consider whether you really want that prisoner dead. If you're not willing to nuke some part of your state you probably don't want the person's death that much.

Plus, it doesn't make you look much sillier than complaining about how nobody wants to sell you equipment for killing your own citizens.

Comment: Steam Cloud to the rescue? (Score 1) 73

by Jesus_666 (#49247759) Attached to: New Crypto-Ransomware Encrypts Video Game Files
I wonder if Valve will expand the Steam Cloud in response. Steam already warns you on game launch if your savegames don't match what's in the cloud so broken savegames can be recovered as long as you don't sync. The flaw in that is that syncing happens whenever you exit the game so you'd have to force-kill Steam if you notice that everything is corrupt. (Perhaps this only applies if your game actually saved something but some games are very save-happy.)

If Valve adds a simple versioning system, even if it just offers the current version and the one before that, crypto-ransomware will become completely useless against Steam titles.

Comment: Re:A serious question (Score 3, Insightful) 300

by Jesus_666 (#49196663) Attached to: Mozilla: Following In Sun's Faltering Footsteps?
A faster, leaner and generally less quirky alternative to Chromium-based browsers, especially on mobile. Lots of work on the standards front. Plus MDN is one of the best web development knowledgebases I know. Also Thunderbird, the only platform-independent mail client used by more then a handful of people. Oh, and they came up with asm.js, which allows massive performance gains for generated JS code.

Honestly, I have no idea what the article is talking about:

- The "waning market share" doesn't seem to wane all that much, going by international market share numbers (although I'm in Germany where Firefox is still the undisputed top dog so that may color my perception).

- The only thing close to "questions over tooling for their platform" I am aware of is that they're implementing Gecko's successor in Rust, their own programming language.

- While FirefoxOS has pretty much zero presence today it's still easy to run Firefox on Android (and I recommend it because the bundled browser is usually an antique, plus mobile Blink/WebKit ain't all that hot anyway).

- I have no idea what "Gecko-flavored JavaScript" is supposed to be and how it's supposed to deliver "standard tools" that other browser vendors somehow have.

Even if Mozilla sucked at what they're doing (cf. Microsoft, although they're at least trying these days) they'd create competition and thus drive the other players forward.

(No, I don't work for Mozilla. I'm just a web dev.)

Comment: Re:Japanese Music (Score 1) 181

by Jesus_666 (#49195073) Attached to: Musician Releases Album of Music To Code By
Is there a good SPC library somewhere? I'm thinking about something like the High Voltage SID Collection, which aims to contain just about every single bit of CBM-II/C64/C128 music ever and seems to be doing well in that regard. SIDtunes are compact enough (and sufficiently conveniently packaged) that one can easily download the entire HVSC and listen to tracks from games/artsts one didn't know yet. Anything similar for SPCs?

Comment: Re:I wonder why... (Score 1) 193

I'm not sure. On the one hand they have convenience and possible a price advantage. On the other hand the drivers probably don't have the kind of insurance regular taxi drivers have so you might end up SOL if they get into a severe accident while transporting you. To be honest, I'd probably stick with a regular taxi driver.

Comment: Re:I wonder why... (Score 4, Insightful) 193

Look at it like this: You are a municipality. You have local taxi companies and they're all regulated and pay for their special licenses and whatnot. The system works. You get some money and you can be certain that taxi drivers are competent and relatively trustworthy. This also goes for taxi drivers from other municipalities because those are also regulated and licensed.

Now Uber show up and declare themselves to be exempt from taxi laws because they don't employ taxi drivers, they just make money by "soliciting" "ridesharing", which is somehow different except it seems to work exactly the same*. And they're not willing to enforce that their drivers have valid licenses because they think they're not subject to the law.

Now you have lots of taxi drivers in all but name driving around without a license and you probably can't even get Uber to disclose their identities so you can fine them because, again, Uber thinks there's no legal basis for this.

I think it's fairly easy to see why Uber isn't very popular with municipalities.


* Technically it's a form of outsourcing but to my knowledge they don't require the drivers to be their own proper taxi businesses so Uber is still blatantly ignoring the law by contracting with people they know don't qualify under existing regulations.

Comment: Re:Good luck with that... (Score 1) 161

by Jesus_666 (#49104717) Attached to: Nvidia Faces Suit Over GTX970 Performance Claims
(Note: This is all due to my understanding of the situation. I did not extensively research the GTX 970 and might be entirely wrong.)

The problem is that GPUs usually have a uniform memory layout. If your GPU advertises 4 GiB of RAM then all 4 GiB of it behave in pretty much the same way. Accessing one part of the memory does not significatly affect accesses to other parts. Thus it's unnecessary to take special care in how to structure your memory handling; you just use whatever's there.

The 970, as I understand it, has a non-uniform memory layout where the segment between 0x00000000 and 0xDFFFFFFF cannot be accessed at the same time as the segment between 0xE0000000 and 0xFFFFFFFF. Try to access one segment and all accesses to the other segment will stall until this one access has been handled.

This could be used without appreciable performance impacts if the software accessing the memory is aware of it and specially structures its memory management so that accesses to the upper segment are sparse and happen in bulk (ie. it switches between blocks of lower segment accesses and blocks of higher segment accesses). That's the kind of optimization you see in game console programming and actually smells kind of like how PS3 games had to structure their memory handling around the Cell's peculiarities. If I remember correctly, this made the PS3 somewhat unpopular to develop for.

Of course, no one in their right mind is going to add special Geforce GTX 970-specific logic to their game (potentially having to restructure half the engine for it) just to make best use of the hardware. Even making a codepath that detects the 970 and avoids the upper 0.5 GiB of VRAM entirely is unlikely. Thus, in situations where more than 3.5 GiB of VRAM are needed, the 970 will exhibit stuttering because of stalled memory accesses and there's not much anyone can do about it - except Nvidia, who could release a driver that reports the 970 as having 3.5 GiB of RAM.


(I find it interesting how a Google search for "VRAM" ended up having several articles about the 970's slowness on the first page. I have never searched for the 970 before; my 660 from 2012 still has more power than I need.)

Comment: Re:Burned... and out of there. (Score 1) 99

I've also had GPUs that just went completely tits up requiring a system board replacement... I'm probably forgetting a lot of the problems now, but the most reliable Macs I ever had weren't built by Apple.

That one probably wasn't Apple's fault. Apple issued a recall for certain MBPs because Nvidia managed to screw up the packaging of the Geforce 8600M GT so badly that the thermal stress of running caused the chip to slowly break itself apart.

Not that Apple is free of sin. I had an iBook with a power jack that liked to desolder itself and my current MBP has an Nvidia GPU and Yosemite, which is an explosive combination due to Yosemite's Nvidia GPU driver being unstable when switching between the Intel GPU and the Nvidia one. Apple does screw up. But not every problem is their fault - and, in fact, their speed in issuing a recall is usually directly proportional to how much it isn't. The hand grenades Sony sold them instead of regular battery packs were recalled pretty quickly, if I recall correctly.

My next Mac will still be a Lenovo but that's mainly because I find the Retina MBPs higly unappealing. While Apple has terrible customer support, my Macs do have a tendency to outlive AppleCare. In fact, the only one that really died was the one with the 8600M GT. That one died once during the AppleCare period and once shortly after it ended - it turned out that the replacement GPUs were also faulty.

(As for speed, my experiences differ but I have to deal with UAC a lot and UAC is easily the slowest privilege escalation method on any major operating system. I'd take (g)ksudo over it any day.)

Comment: Re:"Not intentional". Right. (Score 1) 370

by Jesus_666 (#49031807) Attached to: Samsung Smart TVs Injected Ads Into Streamed Video
Remember, these are the people who shipped a version of Android with a custom kernel extension that created a second, world-accessible instance of /dev/mem because they couldn't get the camera driver to work without it.

As has been pointed out, they've misdeployed this to the wrong market but still - it's Samsung. Their hardware is nice but they're not terribly strong on the software side.

Comment: Re:No shit (Score 2, Funny) 120

by Jesus_666 (#48942645) Attached to: Wi-Fi Issues Continue For OS X Users Despite Updates
I just tried that and imagine my surprise when my MBP spontaneously downgraded itself to Mountain Lion!

Okay, actually it just booted into the old Mountain Lion volume on the first HDD because the Mac keeps the preferred boot volume in NVRAM. So when clearing your NVRAM keep in mind that the Mac will boot into whatever system volume it finds first unless you tell it otherwise.

Comment: Re:Even in Chrome it doesn't fucking work (Score 1) 192

by Jesus_666 (#48896227) Attached to: WhatsApp vs. WhatsApp Plus Fight Gets Ugly For Users

What device would you be carrying with which you expect to use a web application over Wi-Fi? Or do "normal" people still carry laptops?

I'd ask "Do 'normal' people still carry tablets?" as the tablet-on-the-go fad seems to have cooled off quite a bit. I see a lot of people with smartphones and a sizable number of people with laptops but pretty much nobody with a tablet. Tablets are commonly found in homes but they definitely don't seem to be popular for mobile computing.

This might be because tablets suck for the two things I commonly see people do with their laptops on the train: Watching movies (big stationary screen, easy to view with more than one person) and working (big screen, physical keyboard and sometimes software that has no smartphone equivalent).

Yes, we will be going to OSI, Mars, and Pluto, but not necessarily in that order. -- Jeffrey Honig

Working...