Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×
Security

My United Airlines Website Hack Gets Snubbed 187 187

Bennett Haselton writes: United Airlines announced that they will offer up to 1 million air miles to users who can find security holes in their website. I demonstrated a way to brute-force a user's 4-digit PIN number and submitted it to them for review, emailing their Bugs Bounty contact address on three occasions, but I never heard back from them. Read on for the rest. If you've had a different experience with the program, please chime in below.
Network

June 30th Leap Second Could Trigger Unexpected Issues 233 233

dkatana writes: On January 31, 2013, approximately 400 milliseconds before the official release of the EIA Natural Gas Report, trading activity exploded in Natural Gas Futures. It is believed that was the result of some fast computer trading systems being programmed to act, and have a one-second advance access to the report. On June 30th a leap second will be added to the Network Time Protocol (NTP) to keep it synchronized with the slowly lengthening solar day. In this article, Charles Babcock gives a detailed account of the issues, and some disturbing possibilities: The last time a second needed to be added to the day was on June 30, 2012. For Qantas Airlines in Australia, it was a memorable event. Its systems, including flight reservations, went down for two hours as internal system clocks fell out of synch with external clocks.

The original author of the NTP protocol, Prof. David Mills at the University of Delaware, set a direct and simple way to add the second: Count the last second of June 30 twice, using a special notation on the second count for the record. Google will use a different approach: Over a 20-hour period on June 30, Google will add a couple of milliseconds to each of its NTP servers' updates. By the end of the day, a full second has been added. As the NTP protocol and Google timekeepers enter the first second of July, their methods may differ, but they both agree on the time.

But that could also be problematic. In adding a second to its NTP servers in 2005, Google ran into timekeeping problems on some of its widely distributed systems. The Mills sleight-of-hand was confusing to some of its clusters, as they fell out of synch with NTP time. Does Google's smear approach make more sense to you, or does Mills's idea of counting the last second twice work better? Do you have a better idea of how to handle this?

Comment: Title prefix (Score 4, Insightful) 150 150

Can you at least prefix the title with "Poll:" or something? Right now I see a collapsed article with the title "Ross Ulbricht was sentenced to life in prison, and ...". Expanding that (because I'm a sucker for some clickbait) hoping to get some information about poor Ross and getting a poll instead leaves me feeling like I got a dead bunny for Christmas.

Please think of the bunnies.

Comment: Re:Spectrum is measured in Hz? (Score 1) 91 91

This threw me off too, because "65 million cycles per minute of spectrum" hurts my brain.

However, "spectrum" is defined as "frequency range", similarly to how you can talk about "temperature range". If today's high temperature is 70F (20C) degrees and the low temperature is 50F (10C) degrees, then today's temperature-range is 20F degrees or 10C degrees. To define the range you need to include the unit in which the end points of the range are measured.

I still want to call the temperature range "20 F-temperature-points" and the spectrum "65 Mhz-frequency-points", but maybe that's because I skipped lunch. I shouldn't skip lunch.

Technology

Four Facepalm Bugs In USPS Label-Printing Site 182 182

"The United States Postal Service "Click-N-Ship" site suffered no outages or slowdowns during Christmas rush," writes Bennett Haselton. "It just has bugs that make the process more annoying than just standing in line at the post office, which defeats the purpose. The most frustrating part is that most of these bugs could have been fixed, just by having some testers run through the ordering process and make a note of anything that seems confusing or wrong. (Although I've included notes on how to work around all the bugs, so you really can print your own labels and skip the line.)" Read on for the rest; what other gripes do you have about the current package delivery regime, and how would you resolve them?
Bitcoin

Bitstamp Bitcoin Exchange Suspended Due To "Compromised Wallet" 161 161

twitnutttt writes Customers of Bistamp, the successor (until recently) to MtGox as the highest-volume dollar-denominated Bitcoin exchange, and still the preferred source of trading data for many technical analysts, sent an email at about 4:00 UTC today warning that, "Today our transaction processing server detected problems with our hot wallet and stopped processing withdrawals." They also instructed users to stop sending any deposits immediately or they may be lost. The Bitstamp website has now also suspended all exchange/trading services, and the homepage contains only a maintenance message warning users of a "compromised" wallet. Numerous references to security imply that this is a hacking attack, but Bitstamp reassures that they maintain "more than enough offline reserves to cover the compromised bitcoins."
Transportation

Why Didn't Sidecar's Flex Pricing Work? 190 190

Bennett Haselton writes Sidecar is a little-known alternative to Lyft and Uber, deployed in only ten cities so far, which lets drivers set their own prices to undercut other ride-sharing services. Given that most amateur drivers would be willing to give someone a ride for far less than the rider would be willing to pay, why didn't the flex-pricing option take off? Keep reading to see what Bennet has to say.
Twitter

Twitter Should Use Random Sample Voting For Abuse Reports 132 132

Bennett Haselton writes: Twitter has announced new protocols for filing and handling abuse reports, making it easier to flag specific types of content (e.g. violence or suicide threats). But with the volume of abusive tweets being reported to the company every day, the internal review process will always be a bottleneck. The company could handle more abuse reports properly by recruiting public volunteers. Read what Bennett thinks below.

"Conversion, fastidious Goddess, loves blood better than brick, and feasts most subtly on the human will." -- Virginia Woolf, "Mrs. Dalloway"

Working...