Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:Hmm... (Score 2) 45 45

Homomorphic encryption isn't new at all.

It's just that we used to think it's uselessly slow. I believe it was in the millions times slower than a normal application without this kind of encryption.

But in more recent years people have been able to build practical systems with it by mixing different kinds and more specialized forms of encryption:
https://www.youtube.com/watch?...

There are companies that also build products: Cloud Encryption Gateways

But I doubt that really solves the problem, if the application gets an update the proxy will probably start to leak data.

Comment: Re:Uh, boss . . . . (Score 1) 45 45

I wouldn't say they are failing in deploying robots, it's probably just not as easy as they thought but it is definitely having an impact. And you have to remember Chinese workers have been getting more expensive with 12% year over year for a number of years. So they aren't the cheapest workforce in the world any more. A lot of manufacturing of clothes moved to Bangladesh to name one country.

Here is an example of an article from 2007 which mentions the wage growth:

"Wages in China have nearly doubled over the past four years"
http://www.forbes.com/2007/07/...

___

An article on where Foxconn is with building lights-off factories:

On Wednesday, the company’s CEO revealed Foxconn has a fully automated factory in operation in the Chinese city of Chengdu. “We haven’t talked much about the factory, but it’s manufacturing a product from a very famous company,” Gou said, without elaborating.

The factory can run for 24-hours with the lights off, he added. In addition, Foxconn has been adding 30,000 of its own industrial robots to its factories each year. “We don’t sell them, because we don’t have enough for our own use yet,” he added.

http://www.pcworld.com/article...

___

And an article on the loss of jobs in factories in China:

Automation has already had a substantial impact on Chinese factory employment: Between 1995 and 2002 about 16 million factory jobs disappeared, roughly 15 percent of total Chinese manufacturing employment. This trend is poised to accelerate.

That might not be a problem if the Chinese economy were generating plenty of higher-skill jobs for more educated workers. The solution, then, would simply be to offer more training and education to displaced blue-collar workers.

The reality, however, is that China has struggled to create enough white-collar jobs for its soaring population of college graduates. In mid-2013, the Chinese government revealed that only about half of the country’s current crop of college graduates had been able to find jobs, while more than 20 percent of the previous year’s graduates remained unemployed.

According to one analysis, fully 43 percent of Chinese workers already consider themselves to be overeducated for their current positions.

http://www.nytimes.com/2015/06...

Comment: Re:I do want a HTTPS web (Score 1) 35 35

This only works if the website gives the ISP their private key. When the relationship between the website and the ISP is short, the website would probably be reluctant to do that.

So I'm not so sure they would do that.

But I agree if they have such a relationship an other way would be for the ISP to have a protocol where the website can get the information they currently put in a the header by requesting the information that goes with an IP/port combination. Just like haproxy/postfix does it:

http://permalink.gmane.org/gma...

But at least nobody else can get this information. For example when it's unencrypted any passive attacker could see the extra header that was added.

Comment: I do want a HTTPS web (Score 5, Informative) 35 35

See, this is exactly why I want a HTTPS web.

I do think Let's Encrypt is on the right track. When they show their protocol and open source software works. I'm pretty sure other CA's will follow.

Automating HTTPS deployment is a good thing.

Yes, the CA-system isn't a perfect system at all, but at least we are seeing some improvements in use of HTTPS:
- https://en.wikipedia.org/wiki/... (better revocation of certificates and faster loading of sites and better privacy)
- https://blog.mozilla.org/secur... (better revocation of certificates)
- https://en.wikipedia.org/wiki/... (old browser finally dying)
- HTTP/2 is faster than HTTP and sort of depends on HTTPS for backward compatibility for old proxy servers and public websites
- finally we are getting rid of all the old protocols like SSLv3 and get our server configurations cleaned up

Especially for regular visitors of a site things are improving:
https://developer.mozilla.org/... (a CA can NOT issue a cert for a fake certificate - works in Firefox and Chrome)
https://en.wikipedia.org/wiki/... (always HTTPS, no HTTP on the second visit)

Comment: Re:Problems with Node (Score 1) 175 175

Notice how the writer of the article in the last comment says:

"Yeah, I actually have no problem with javascript on the client side. I think its really awesome for a beginner to be able to make static pages interactive relatively easily. However, javascript on the server is a totally different animal."

The solution is obvious, maybe it much more readable and predictable:

Promises, promises, promises

https://www.youtube.com/watch?...

Comment: Re:StartSSL ? (Score 1) 97 97

Let's think that through for a moment, the real conclusion is:
It does not matter which CA gets coerced.

A real solution to this problem that works actually works in modern browsers (Chrome 38+, Firefox 35+) is (even if not for every site, only for sites you regularly visit): HTTP Public Key Pining

http://blog.rlove.org/2015/01/...
___

I don't know if Let's encrypt needs any other CAs to partner with.

Their software is open source and their protocol is described and open. Other CAs can offer the same service.

Comment: Re:Grand opening! (Score 1) 97 97

Public key pinning has been part of Firefox for a few releases now:
https://developer.mozilla.org/...

I believe Chrome supports it or will support it soon.

This can solve that problem for sites you regularly visit, a fake certificate signed by a valid CA can not be used to dupe your browser in trusting their fake certificate.

Comment: Re:TL;DR (Score 4, Interesting) 367 367

Yep, I've mentioned this before on slashdot comments.

The people are gonna rise up way before the machines do.

I'm actually quoting what Andrew McAfee said in a talk about automation and jobs. And indirectly the book he's a co-author off: the second machine age.

https://www.youtube.com/watch?...

Probably one of the most important things to change is education. If certain types of jobs disappear you'd want people to have had the education to adopt and do the jobs that haven't been done yet or before. That way we'll grow the economy and all benefit from it. This is how we dealt with the 'first machine age', the industrial revolution.

And we might start to think about something like 'negative income tax', just in case we need it, maybe we just need it to help us through a transition. An old concept which Nixon almost got through congress. It gives people some money if they really need it and rewards people when they put in more effort.

Comment: Re:Yay for Belgium (Score 5, Insightful) 72 72

"we like our goverments to treat us like babies who can't enter in to an agreement with a business"

Let's be clear:

This court case is, among other things, about the like- and connect-buttons Facebook uses to track people on other websites on the web even if they have NO agreement with this company.

The rule on staying alive as a forecaster is to give 'em a number or give 'em a date, but never give 'em both at once. -- Jane Bryant Quinn

Working...