Become a fan of Slashdot on Facebook


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×

Comment managers like to promote on 3wk projects (Score 3, Interesting) 193

There simply isn't any incentive for to build software that will last through some cyber attack some 10 months or 3 years into the future. The current incentives reward sloppily slapping together something that barely functions and gives a demo without crashing. If your demo crashes and makes the boss look bad, you're fired. If your demo works, has slick graphics and no spelling mistakes and the english dialog is polished, you get a raise. You're building software for the boss's demo, you're not building software that's robust, handles edge-cases, and input sanitizes everything. I meant, you could, but you're not getting paid any extra for it.

Comment Re:Detecting weapons is NOT the purpose of TSA... (Score 1) 349

It's also hilarious to see the level of security theatre on the front door where all the passengers go through: millimeter wave backscatter machines, hundreds of do-nothing taxpayer govt salaried agents, K-9 units, and para-military troops, but then if you go to the backdoor where they push all the bagel carts in for the cafeteria, it's just a badge-swipe with no one around and most people keeping the door open for the guy behind them, and then you push a giant metal bagel cart in with (hopefully) bagels inside but no one knows or cares. You could just about as easily serve bagels in the airport as any other contraband. All those metric tons of onion rings, frying oil, cream cheese, dasani water, pots, pans, and other crap travelers fatten themselves up with didn't get in there by magic, but "out of sight, out of mind".

And every day more metric tons of crap needs to be carted in to fill new tummies, not to mention all the retail merchandise, shirts, pants, watches, sunglasses, suitcases, headphones, and other crap that would be the envy of most mega-malls. But never mind all that, let's throw more millimeter backscatter machines to see what's under the bikinis! Welcome to idiocracy!

Reminds me of those scenes where they show an exclusive club with a line a mile long, paparazzi flashing their cameras, and a bouncer reject all but the most elite into the front door, with full pat-down service, and then in the back is a busser throwing trash bags out, the door propped open by a wooden stick, a few stray cats and dogs wandering in and out of the back of the restaurant, occasionally tossed some scraps, and no crowd in sight; maybe a band rolls up and slowly carries in their equipment, in those giant guitar cases the film noir mobsters used to put their oozies in. It's the same place, just the front vs back.

Comment Re:"with a 2048 bit RSA key" (Score 5, Insightful) 79

People assume the choices are "unencrypted" or "encrypted" and conclude encrypted is better. But then they're missing hashing. Encrypted data can be undone, it can be decrypted. Any encrypted data is just waiting for the day someone can decrypt it, and if the webserver is checking passwords this way, it means it's decrypting it constantly and anyone can hijack that ability.

Hashing cannot be undone (mathematically, it's called a one-way function). There's absolutely no way to email you your original password. That's why so many websites have a "reset password" instead, because they literally don't know your password. The webserver checks your password by hashing it and comparing that output with the old recorded value.

You'll sometimes also hear the term "salting", which basically means the webserver doesn't hash your password directly, but first appends or prepends some gibberish to your password that's unique to that webserver and then hashes it. The advantage of salting is that two webservers won't show on file the exact same hash for the same password. That means if I spend 20 years and solve the hashes for all possible passwords, I haven't unlocked every webserver on earth, I've just unlocked 1 webserver whose salt I copied, and to crack another webserver, I'd have to redo the painfully slow exercise of brute forcing.

Comment Re:Well done India (Score 3, Interesting) 40

I briefly alluded to the largest problems facing India and while I mentioned food and money aren't them, I didn't really go into the problem of what they are. These are the largest problems, which food and money on their own do not solve:

1. Corruption. There is massive amounts of corruption, mafia-mob style with politicians either in their pockets or the crime syndicates getting their own patsies elected. This leads to goliath levels of black market subterfuge. That food abundance? Yes, India has enough food to feed everyone, nearly twice over. However, almost half of all its food is stolen en route to the recipients. This food is either diverted by crime syndicates and then sold for a profit elsewhere, or they use color printers and lamenators and print fake ration cards. Throwing more food and more money at the problem just lines the pockets of their crime syndicates. The only solution is Big-Brother style surveillance, rfid tracking, and other technological solutions to make crime not worth it. One of the solutions India is trying is wifi-enabling the ration card depots so the serial id of the ration card can be scanned and the computer will authenticate the id and display the photo from the central database.

2. Tax evasion. Next to no one pays taxes in India. Most of that is legal, since the tax code in India only affects top 10% of India's population. However, less than 1.5% actually pay taxes. The federal budget of India can quintuple overnight if it can actually enforce taxes on even 8% of the population. That means five times the resources on education, food, roads, etc. The reason for the piss-poor tax collection was that their equivalent of the IRS did everything by hand with paper. Again, Big-Brother style surveillance and auditing has helped. They've started computerizing all their taxes, and banks and large employers are required to report all balance over $10k USD (which for Indians puts them in the top-10%). India even signed an agreement with the U.S. where their banks now share information to each others' tax agencies. This means Indians have fewer places to hide their wealth (and similarly, Americans who were trying to hide wealth in India). This automation, surveillance, and reporting has just begun and already tripled the tax collection abilities from 0.5% to 1.5%. So far, the Indian govt. has been giving amnesty and forgiveness if Indians come clean now about their tax malfeasance in the past, but this window will expire at the end of 2016 and penalties will begin.

3. Oil subsidies. If anyone cares about money not going to schools and food, focusing on the space program and not oil subsidies is laughable. The space program is $0.3bn. The oil subsidies is 100x bigger, at $30bn. This money is mostly going to UAE, Iran, and Saudi Arabia, countries India doesn't particularly enjoy giving money to. The reason for the oil subsidy is that people in India need to work, unemployment is a huge problem, and they can't do work if they can't get to work on their scooters, motorcycles, and compact cars. But many cannot afford the cost of gasoline, at least they couldn't when oil was $120/barrel. Similarly, higher gasoline puts stress on shipment and trains, which results in higher prices of food and all retail goods. As a result, (and not a good idea if you ask me) India put subsidies on gasoline to make it cheaper. This is the exact opposite of what the U.S. and Europe do, where they actually tax gasoline at extortionist rates (30% in some cases), rivaling the taxes on cigarettes, and use all that extra money for roads and other transportation projects. This was a huge problem, but their fiscal-conservative party is in power and took the opportunity of falling oil prices. When oil fell to $60/barrel, they removed all oil subsidies. There's no special gasoline /tax/ like in the U.S. and Europe, but at least there's no subsidy.

The reason I point all this out is the irony that on the one hand, we deplore surveillance, tracking, Big-Brother-esque tactics, but on the other hand, it has been the most effective tool to grow the federal budget and expand schools, roads, and food subsidies.

Comment Re:Well done India (Score 3, Interesting) 40

Interestingly, the largest problem facing India isn't lack of food or money (there's a surplus of food, and gives what are the equivalent of food stamps in the U.S. but called ration cards in India) and there the fiscal budget is healthy (despite India receiving aid, it is a net donor of aid, not receiver; India gives a lot to Africa, more than the world gives India. This is why statements like "stop aid to India!" get me to chuckle, because it's not punitive against India. India can easily just lower its aid to Africa and not affect its own budget. Besides, aid doesn't work the way people think it does. It's not a blank check. It's a contract earmarked for certain projects, and certainly not for space research. Does aid potentially free up money? Possibly, if it were for a project India was going to spend its own money on, then yes, it will free up that capital for something else. Often, the aid is not done this way. Aid is ear-marked for underserved areas and projects, and by definition of "underserved" it means India wasn't spending its own money in those areas to begin with.).

It might seem odd that India gives more aid than it receives, and begs the question why India receives aid at all. This is because aid, despite the name, is not free, it's not charity, it's technically a loan and like any investment requires to be paid back with interest. It's like student loans, the interest is low relative to the high risk population of high school students. This low interest relative to the high risk is subsidized, that's the part that's free, not the entire value of the loan. India is one of the safest places to give aid because the risk is relatively low. It's like giving a student loan to a kid who already is paying for his classes with part-time jobs. It's more complicated than this, of course, but this basic analogy should at least elevate the discussion above "Durr, poor country gets aid and spends it on rockets". But I doubt people want to elevate their discussion above what they're comfortable with.

Comment Re:Trying to figure out how this works... (Score 4, Insightful) 86

I received a $30 credit from Uber when I installed the app. That's free money. However, Uber only lets me spend it on my first Uber ride. So I can't just put that $30 into my bank account. In my case, it was raining one day, and I didn't have an umbrella, so I called an uber and got a short ride home. It came to $8, which used up my $30 credit. I didn't cleverly hatch a scheme with the driver.

If I were in China, I could say, hey, dude, bill me $30, it's coming off my new user credit anyways. Then give me $10. The driver makes $20 instead of $8, and I make $10 instead of $0. The loser would be Uber. Now, if I were to make a criminal enterprise out of it, I could say, hey, why even get a $8 ride? Let's have NO rides, and just keep billing $30 to get that juicy new user credit! We'll get keyboard farms to keep creating new uber accounts and riding and get that sweet $30 snatch!

Now, in the U.S., Uber stops me from creating new accounts on my own to take that $30 repeatedly because it requires a credit card. Now, if I were savvy, I'd use a new credit card with a cousin's billing address on a wiped phone and create a new uber account. If I have 12 credit cards and 12 cousins, I could register 12 new accounts. The only overlap would be my name, but Uber has zero way of telling if two John Smiths with different credit card numbers and different billing addresses could possibly be the same person. They rely on the fact that no one cares so much about $30 to bother with wiping their phone, swapping in a new sim card, using a new card and a cousin's address. And, they're right, in the U.S. In China, people will go through a lot more hardship for less. Clickfarms in China pay something like 10 cents per hour.

Comment Re:Good ruling (Score 1) 144

I think in general it's safer to use language that is clearly non-actionable, like wishing a volcano erupting near someone, or that karma come back and bite them. But when the language is an actionable plan, then even if it's not a plan that's intended to be followed, it can carry significant legal consequences. Listing specific dates, times, and tools to be used, would paint a picture of a realistic plan.

Comment Re:This again? (Score 1) 480

Since the device is a thruster, the question should probably be interpreted as asking whether 2x the electricity means you get to velocity k in 1/2 the time. And, well, since no one really knows how any thrust at all is being generated off virtual particles, it's conjecture that the thrust output scales linearly with electricity, though "locally linear" makes sense, with some likely non-linear relationship at absurdly large scales of electricity.

Comment Re:This guy hasn't done his research. (Score 1) 648

Being able to demonstrate to a class the difference between big and little endian is easy to do with unions in C:
union {
      char str_value[4];
      int32_t int_value;

With python, you have to make a call to struct.pack() or struct.unpack() and trust the python gods that those blackbox functions are doing the correct things. This is an issue with any managed memory language where the endianness is hidden from the programmer.

Comment Re:Waste (Score 1) 170

That $70 million didn't disappear. He paid it to whoever had that mansion. If that person who received the $70 million spends it on saving lives, you get what you wanted. The only difference would be the mansion is now Notch's instead of the previous owner's. But, I wouldn't bet on the previous owner going out and giving that $70 million cash to charity. Most likely, it's going into a hedge fund with high-growth investments.

Comment Re:Little Boxes (Score 1) 579

I think the post was trying to say women prefer to work on multiple topics, not that they are incapable of focusing on one. The ADHD example is people who are incapable of focusing. Think of it as the introvert vs autistic comparison. An autistic person may be incapable of socializing. An introvert prefers not to socialize, but is perfectly capable if the situation calls for it. [Note: I'm not agreeing the original post, just saying its not a flawed argument in the way you think it's flawed]

Comment Re:If this is not a bribery then I don't know what (Score 3, Interesting) 133

Donations aren't bribery, because donations aren't payment _for_ anything. A bribe is payment _for_ some political action. It's completely legal to give donations. That's why prostitution is illegal but high-end escorts are legal. The high-end escort asks for a 'donation' and no service is promised. Of course, it's pretty obvious she won't give any service if there's no donation. But she doesn't _promise_ service for a donation. It's just that her reputation as an escort will suffer if she takes the money and runs. If she does turn tricks and the police catch her, she gets off scott free under the story that she independently fell in love and wanted a night of romance wit the John, which had _nothing_ to do with with the "donation". Senators and other politicians are high-end escorts of a different shade.

Diplomacy is the art of saying "nice doggy" until you can find a rock.