Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Ugly Solution (Score 1) 181

by hoggoth (#49349957) Attached to: Japan To Build 250-Mile-Long, Four Storey-High Wall To Stop Tsunamis

Ok fine. The proportions are off. So let's do some guesstimates based on the total energy. According to this http://www.geologyinmotion.com... the 2011 Japan tsumani had somewhere between 31 and 3100 KILOTONS of energy. That's equivalent to the energy in 1 to 100 Hiroshima nuclear bombs. So I'll leave it as an exercise to the reader to figure out how to power a line of giant squirt guns that deliver the equivalent of between 1-100 Hiroshima nuclear bombs of energy as a directed stream of water.

While you're at it, I think the military might be interested in your nuclear water cannon.

Comment: Re: Linux? OS X? Chrome OS? Nope. OpenBSD! (Score 1) 140

by FreeUser (#49349361) Attached to: NJ School District Hit With Ransomware-For-Bitcoins Scheme

Until systemd is removed from a major Linux distro, I would consider that distro to be less secure than even a Windows system.

Some Poettering apologist will probably mark you as a troll, but for completeness there are a number of distros that default to non-systemd init architectures, including but not limited to

Calculate, Gentoo, Funtoo, Source Mage, Dyson, indeed all kinds of distros either default or support running a systemd-free system.

Comment: Re:Ugly Solution (Score 1) 181

by hoggoth (#49346755) Attached to: Japan To Build 250-Mile-Long, Four Storey-High Wall To Stop Tsunamis

Why don't you try a mythbusters style experiment? Scale everything down. To simulate the tsunami wave, you will go to the beach and find a nice 4 foot wave. To simulate your massive high pressure water pump you will use a squirt gun. Use one of those "monster cannon" squirt guns. Wait for wave. Aim squirt gun. Fire. Record how you totally dissipated the wave's evergy, or not. I'm sure Japan is eager to see your results.

Comment: Local rates = OK, everything else with them = bad (Score 1) 129

Hopefully though, the rise of MOSS compliant payment processors should make the system easier to follow - you just put a disclaimer up that final price will be based on the buyers VAT rate, and let the payment processor calculate the right rate and store the records.

Which is, of course, contrary to consumer protection laws in much of Europe. Merchants are often required by law to show tax-inclusive prices for B2C sales. (For anyone interested: I have now received conflicting advice on this from official sources in my own government, indicating that X+VAT pricing is now magically acceptable for this purpose again, despite it largely defeating the point of the previous consumer protection rule by hiding the bottom-line price in early advertising.)

The big problem with the new VAT rules isn't the principle of charging in each customer's home nation, if that just means looking up the rate for a given country from a database instead of using a fixed rate. It's a mild inconvenience, but it's an hour or two of programming work for someone, and with MOSS it's maybe an extra hour to file an additional tax return once per quarter.

For a lot of merchants (though certainly not all and particularly not the really tiny ones) the problem isn't even the need to impose VAT on transactions instead of having a threshold. As I understand it, some businesses selling digital goods in EU states didn't have VAT thresholds before anyway, so they already had reporting requirements here, and in places like the UK that did have a minimum threshold before VAT was compulsory, some merchants would have chosen to register for VAT voluntarily anyway because it was advantageous in terms of reclaiming VAT on their expenses.

IMHO the largest and most enduring problems with the new VAT rules are actually all the other things that came along with charging at customer-local rates, from conflicts with pre-existing laws on things like consumer protection and data protection (or potential conflicts, with inconsistent advice coming even from government departments) to the fact that you also have to match the entire VAT regime in each country not just the rate, which means things like knowing which rates apply to which products or services and the local geographical issues (I hope you're not just looking up a tax rate by ISO country code like, you know, everyone, because that doesn't actually work reliably). And of course you require a standard of evidence for the customer's location that will be literally impossible for many small merchants to comply with; at present, I don't see how it's possible for any fully automated system to be 100% reliable here, even for big payment services with dedicated resources and access to all the relevant raw data, because of those local issues of different interpretations of which product/service types get which tax rates and the local geographical anomalies.

The best part of all is that even the EU didn't manage to publish an accurate source of current VAT rates across all affected states in time for the deadline. The information on their own web site was actually wrong for several weeks after the switchover, because Luxembourg changed their VAT rate on the same day. And no-one wanted the data in an actually useful form so you could do something stupid like importing it into a database, right? PDFs running to dozens of pages that you can scan for relevant information are so much more useful.

Hilariously, Luxembourg are actually being compensated by the EU for these changes anyway, so all the arguments about preventing exploitation of low tax rates by different nations within the EU doesn't look so noble any more either.

Comment: Re:I'm disappointed in Canada (Score 1) 201

by phayes (#49343197) Attached to: Leaked Snowden Docs Show Canada's "False Flag" Operations

You're been relativizing the risks, in particular painting bathtubs as a greater danger than ISIS or ebola because that is how you perceive risks to yourself in your protected bubble. You're don neckbeard the ignorant, pompously opining on subjects like danger to the public when you have no idea what real danger is & refuse to educate yourself.

Comment: Re:I'm disappointed in Canada (Score 1) 201

by phayes (#49337659) Attached to: Leaked Snowden Docs Show Canada's "False Flag" Operations

Good point on Malaria, but again, you need to tell it to people in western africa dying of ebola & people in Iraq dying in conflict with ISIS, etc where bathtubs are not the threat you make them out to be.

Your opining from the comfort of your protected bubble shows the lack of empathy that some personal experience with danger would correct.

Comment: Re:I'm disappointed in Canada (Score 1) 201

by phayes (#49335677) Attached to: Leaked Snowden Docs Show Canada's "False Flag" Operations

You're the tireless freedom fighter putting his life on the line to protect us all? Yeah sure, I can see how plausible that could be to someone as self delusional as don neckbeard.

You stay in your protected society protected from almost all of the really bad things in the world & continue to tell everybody else how bad you have it & how remote any real danger is.

Comment: Re:Cruise control? (Score 2) 271

Somebody who can't pay attention to the street signs shouldn't be driving.

No, they shouldn't, but some of them are going to anyway. Since your loved ones will therefore be just as injured/dead if they are the unlucky ones who get hit by a bad driver who was going too fast, dismissing technology that might help those bad drivers to be better, safer drivers seems uncalled for.

Comment: Re:I'm disappointed in Canada (Score 1) 201

by phayes (#49331895) Attached to: Leaked Snowden Docs Show Canada's "False Flag" Operations

With Isis, Putin, Ebola, etc in the world, you think that _this_ is "one of if not the closent things to a dragon in the world", then talk in the next sentence about "species survival"?!?! Talk about self delusion, you _ARE_ don Neckbeard. Remember this moment don Neckbeard if you are lucky enough to live another few decades and think about how wrong you were to predict the disparition of your so called useless "spooks".

Comment: Re:Are the CAs that do this revoked? (Score 1) 132

by Anonymous Brave Guy (#49330839) Attached to: Chinese CA Issues Certificates To Impersonate Google

Yes its a To big to Fail problem, just in another form.

If anything is too big to fail, you are usually better off making it fail anyway as soon as possible to minimise the damage. Some of the problems in the global financial industry today aren't because of inherent weaknesses in the system. Instead they have been caused precisely by allowing organisations to grow too big, or perhaps more accurately by allowing them to take on disproportionate levels of risk, and then supporting those organisations at government level instead of allowing them to go under when they should have.

If your browser throws errors on just about ever site you visit pretty soon "many" people will start using another browsers.

But it won't, because plenty of other CAs are used and plenty of sites don't use HTTPS routinely yet. All the big sites, the Facebooks and Googles and Amazons of the world, would have switched to another CA within an hour. All the truly security-sensitive organisations like your bank or card company or government would update their certificates very quickly as well.

CAs determined to protect their reputation at a time when their industry would inevitably be seriously damaged in the credibility stakes might take longer to issue things like EV certificates as they made a point of fully validating the organisations requesting them. However, basic HTTPS access and the highly recognisable padlock symbol would be back on all the big sites almost immediately. The worst they would likely suffer would be a few minutes of downtime (assuming organisations on that scale don't routinely have back-up certificates with a completely independent chain on permanent stand-by anyway) and maybe a slight increase in customer support calls as genuinely security-conscious users noticed the lack of EV identity for a while.

Meanwhile, any browser that didn't remove a known-compromised CA from its trusted list very quickly would be vulnerable to justified criticism and no doubt plenty of rhetoric built on top about being insecure, and how users mustn't use that browser to visit safe sites like their bank or someone will empty their account. The geeks would get hold of the story first, of course, but as soon as it made front-page news (and something on this scale probably would) everyone would be talking about it that day.

You can be replaced by this computer.