Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Re:why google keeps microsoft away (Score 4, Informative) 263

by Miamicanes (#48938735) Attached to: Microsoft To Invest In Rogue Android Startup Cyanogen

No Android device running a stock carrier ROM ever used flash for swap (that I'm aware of), but ~2-3 years ago, just about everyone running Cyanogenmod (or some other AOSP-derived ROM) had swapfiles. And yes, we really DID destroy $80+ microSD cards. It caught almost everyone by surprise, because we all blindly believed the manufacturers' assertions that the flash would last "a lifetime of normal use", failing to note that manufacturers didn't consider paging virtual memory almost nonstop to be "normal use". It was literally a use case the manufacturers never designed for, that didn't even become *viable* until overclocked class 6 and class 10 microSD became fast enough to make swapping to it faster than killing & re-spawning activities.

Comment: Re:why google keeps microsoft away (Score 5, Insightful) 263

by Miamicanes (#48936831) Attached to: Microsoft To Invest In Rogue Android Startup Cyanogen

More specifically, because lots of Android's fundamental architecture was dictated by a perceived need to work on slow CPUs (as in, 400MHz ARMv6) with absurdly low-res displays (remember 240x360?). Literally NOBODY involved with Android's genesis would have believed you if you told them that 5 years after the HTC G-phone's arrival on T-mobile, a phone with 1280x800 display, 1Ghz dualcore CPU, a gig of RAM, and at least 4-8 gigs of flash would be considered uselessly ghetto and hopelessly obsolete.

Remember, the whole reason why Google made the Nexus One was its frustration with the wimpy hardware of the second-gen Android phones, and hints that the third-generation phones were only going to be another half-step better. On the day of its release, the Nexus One was literally leaps and bounds beyond any competing phone, and its popularity forced HTC and Samsung to throw away their roadmaps and race back to the drawing board to come up with the Evo4G and Galaxy S family.

Current things that make Android feel laggy:

* 30hz touchscreen drivers and screen update rates are still the norm. 1/30th of a second is long enough to be perceptible as "lag", and when you factor triple-buffering into the equation, the lag is more like 1/15 second.

* The resolution and color depths of high-end Android phones have completely outstripped the dumb-framebuffer 3Dfx-heritage architecture behind most current hardware. Most video chipsets were optimized for 16-bit color at 1280x800 (more or less), but some high-end Android phones now ship with 2560x1600 displays running at 24-bit color and can barely sustain 30fps, let alone 60fps or faster. Basically, they're optimized for (and accelerate) the wrong thing. They might have great 3D graphics for games, but those capabilities are unusable and useless at higher-res/color. That's why some Android homescreen-replacement apps use 3D acceleration, but become fuzzy during transitions... they drop the resolution and color depth down to what the chips can handle, and don't go back to full-resolution until the transition completes. You can see it for yourself... do the "rotating cube" effect (or whatever you want to use), and notice that the moment the gesture begins, the resolution gets fuzzed in half, then snaps back into focus when you stop.

* Android's primitive (compared to Java since 1.4) garbage collection, which practically forces the OS to constantly kill off apps running in the background to reclaim their RAM, coupled by the real-world problems of trying to use a phone's flash to do Linux-style virtual memory (if you aren't careful, you can literally burn through an eMMC's lifetime write count in a few months. MicroSD is even worse... more than a few guys at XDA have destroyed expensive Sandisk microSD cards with a few days of hard benchmarking and intensive swapping. That's why most Android ROMs no longer make it easy to enable swap, even though it can be a HUGE performance boost. Too many users were destroying flash cards too quickly. Cyanogen with a large swapfile that's tweaked to abstain from killing off idle tasks will nuke a brand new class-10 microSD card in about 3-8 months of normal daily use... and if you did a swapfile with the phone's INTERNAL flash, your phone would essentially get bricked once the counter tripped and the eMMC write-protected itself (because Android can't deal with booting into an environment where it literally can't write ANYTHING to disk).

Comment: Re:Since when is AMT controversial? (Score 1) 168

by Miamicanes (#48936579) Attached to: FSF-Endorsed Libreboot X200 Laptop Comes With Intel's AMT Removed

As I understand it, at the bare-metal hardware level, AMT is basically a networked JTAG programmer grafted onto the ethernet controller that can do things like read & write values into RAM, stuff values into the CPU's registers, update the BIOS NVRAM, and override the normal boot process as long as you have physical ethernet access to the same network as the target computer & can present AMT with credentials it's satisfied with. It basically starts with the foundation provided by Wake-on-Lan & PXE, and adds the JTAG-like capabilities and security on top.

GNU is Not Unix

Serious Network Function Vulnerability Found In Glibc 211

Posted by Soulskill
from the audits-finding-gold dept.
An anonymous reader writes: A very serious security problem has been found and patched in the GNU C Library (Glibc). A heap-based buffer overflow was found in __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to make an application call to either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the program. The vulnerability is easy to trigger as gethostbyname() can be called remotely for applications that do any kind of DNS resolving within the code. Qualys, who discovered the vulnerability (nicknamed "Ghost") during a code audit, wrote a mailing list entry with more details, including in-depth analysis and exploit vectors.

Comment: Accounting formalities (Score 1) 200

by Miamicanes (#48619675) Attached to: NASA's $349 Million Empty Tower

Serious question: how much of that alleged $700k/year-to-mothball is real, hard cash NASA has to spend, vs accounting formalities like "how much would the site be worth if put to its highest and best use" (and taken as a paper loss because the site isn't being used)? Or one-time costs that were incurred for mothballing, but aren't likely to be repeated annually (like shuttering the building, building a fence around it, etc)?

Don't discount the accounting formalities. I once worked for a company where upper management directed us to immediately dispose of about 100 non-obsolete laptops... at a disposal cost of more than $900 apiece. Why? Because they were sitting in a stack in the middle of a mostly-empty datacenter literally covering most of a square block, and some idiot in the accounting department decided that they were costing us $25,000/year to maintain for no reason besides "they're taking up 100 square feet, and we're paying $250/foot per year in rent"... in a building that was about 95% empty & leased for 20 years at the height of the dotcom boom just because "it was there". The fact that even if you take the fictional annual rent for the floorspace seriously, it took more than FIVE YEARS just to break even on the insane disposal fees. And in the meantime, we had to buy new laptops to replace the ones we were ordered to dispose of, because new people were still getting hired. Wait, it gets better. As a matter of policy, we were required to ship the laptops to the disposal center via FedEx. Priority Overnight. Individually. Almost a decade later, I *still* can't grasp how anybody could have possibly thought it was sane, let alone a *good* idea.

Comment: Re:Global Warming (Score 0) 47

Bzzzt. Florida is probably in the best position of any state (besides MAYBE New York) to deal with climate change. Why? Because we haven't had anything that vaguely resembles a natural river or coastline in almost a century. Our coastline is ALREADY fortified against flooding. Drive to South Beach sometime, and notice that West Avenue (the road along the western edge of the island) is already a few feet higher than the surrounding terrain. Then observe that there's another huge berm sitting between Ocean Drive and the ocean itself (the one covered in sea oats with boardwalks over it).

Then, while you're at it, take a peek at the western edge of urban Dade & Broward counties. Notice the HUGE-ass dike that keeps the "Everglades" side underwater, and the "human" side dry & suitable for condos, office parks, and golf courses.

It's the same as the Netherlands. Everyone likes to point to it as a country that's in peril of being submerged, but it's probably the *least* likely country in Europe to even *notice* rising sea levels, because the barriers around it were all solidly over-engineered with plenty of wiggle room to spare. And when the time comes to rebuild them in a century or so, they'll just get rebuilt a few feet higher.

Comment: Re:only for nerds (Score 1) 66

In theory, the answer is a qualified "maybe". Most new laptop discrete video cards connect via mini-PCIe, and I believe there's some anecdotal degree of physical compatibility between Alienware/Dell and someone else (Clevo, I think). As a practical matter, if you you're talking about buying a better video card on eBay that was explicitly designed for your exact model (say, upgrading from the cheapest ATI card to the best Quadro), you'll probably be OK. Everything else is a crapshoot.

Apparently, screw holes are a big, big problem with cross-device compatibility... different laptops put them in different places, even when the electrical interface, shape, thickness, and cooling arrangements are compatible.

There are actually a lot of relatively upgradable laptops out there (as long as you don't insist on one that's a glued/laminated-together 1mm-thick Apple-inspired abomination that's built like a cell phone). The problem is, it's nearly impossible to make any kind of informed purchase decision in advance of actually buying anything. The information you need just plain isn't reliably available until some brave soul tries doing it, takes pics, measures things, and posts the pics to his blog. Thinkpads are somewhat of an exception... but Lenovo made a new mess of their own (and got lots & lots of hate) when they started whitelisting specific mPCIe cards in the EFI BIOS and refusing to enable cards not on the list.

Put another way, there's a lot that can go wrong, and you're at least as likely to burn cash on parts with limited resale value that won't ultimately work, and can often be purchased only used on eBay from sellers who harvested them from broken laptops bought for scrap.

Comment: Re:Go T-Mo (Score 1) 112

by Miamicanes (#48240491) Attached to: AT&T Locks Apple SIM Cards On New iPads

No need for a lawsuit. Just file a complaint with the FTC under the Magnuson Moss Warranty Act, then sit back with a bowl of popcorn and watch the manufacturer beg for mercy. Or ask to speak to the front-line employee's supervisor, and just say the magic phrase that pays: "If you don't fix it, I'm going to file a Magnuson Moss complaint with the FTC". They'll blanche, take the phone, charge the usual deductible if you let them, JTAG-reflash it back to stock, and proceed as normal.

The catch with Magnuson Moss is that the manufacturer is under no obligation to return a rooted or reflashed phone to you STILL rooted or reflashed. They're 100% unambiguously entitled to JTAG-reflash it to stock prior to returning it, even if the newer version to which they reflashed it doesn't have a working root exploit. So, 9 months from now, you COULD conceivably find yourself owning a rooted & reflashed phone with a flaky USB port that's eligible for warranty repair, but will be returned to you reflashed with unrootable Android L and a locked-down bootloader. You'd be stuck between two equally-shitty rocks and hard places... flaky USB with root, permissive SElinux, and ext2 microSD hacked back into the ROM... or working USB, but no root and Google-crippled microSD that only supports FAT32, and restricts what apps can do with it regardless.

Comment: Re:Go T-Mo (Score 3, Interesting) 112

by Miamicanes (#48227157) Attached to: AT&T Locks Apple SIM Cards On New iPads

What, exactly, does Verizon do that is so dishonest and earns them so much hate?

They lock down their phones, and in the past they've actively disabled features supported by their phones' hardware to force you to use their premium services (Bluetooth modes, Wifi, and GPS have all been casualties of Verizon's lockdown fetish in the past). Compounding matters, there are lots of semi-rural places where Verizon is the only carrier with viable service (or at least, viable service INDOORS). Verizon was also the only carrier who forced bootloader-locking up until AT&T joined the party last year.

That's why T-Mobile is the carrier everyone desperately wants to love, even in areas where their service is poor. They're the only carrier who DOESN'T lock down their phones & try to restrict what you can do with them.

Comment: Re:Google Changes Its Slogan (Score 4, Insightful) 289

by Miamicanes (#48217223) Attached to: Assange: Google Is Not What It Seems

It's "Don't be Evil".

~15 years ago, Google was "Chaotic Neutral" (openly disruptive, with both lawful and lawless tendencies).

Today, they're more "Neutral Neutral" (they still enjoy being disruptive, but they've been reined in by self-preservation and forced to pay lip service to lawfulness).

Twenty years from now, they'll probably be "Lawful Neutral", with increasingly-frequent side trips into "Lawful Evil" territory (which they'll rationalize and publicly blame on government regulations, even when those regulations are more of a pretense than a legally-binding order backed up by overwhelming firepower and force).

The real danger isn't Eric Schmidt. It's his successor's successor, who (more likely than not) will be a bland, Wall Street-approved CEO with a completely conventional background who'll contentedly fill his role of making Google the government's favorite bitch... as long as he can invoice the feds for the effort, eliminate R&D, outsource everything to Nigeria, and prop up the stock price with annual layoffs and the sale of a division or two, just like every other major corporation in America that's owned primarily by risk-averse institutional investors run by CEOs who went to the same elite universities.

Comment: Re:Let's solve basic connectivity first (Score 1) 291

by Miamicanes (#48209957) Attached to: Will Fiber-To-the-Home Create a New Digital Divide?

Wireless might be good enough to leapfrog over asshole landlords (and maybe restrictive/corrupt municipalities with hostile neighbors willing to host towers aimed into the restrictive municipality), but at the end of the day, you really need to get real fiber within at least a thousand feet of the end user. The upper microwave band is still mostly empty and has enormous amounts of available bandwidth, but there's a good reason why: at those frequencies, even things like smog, air pollution, humidity, and fog start to seriously mess up the transmission. Hell, back when I had Sprint, I saw my wimax speed literally fall to 10% of normal during driving rainstorms, and their 2.6-GHz spectrum had almost UHF-like propagation compared to what you'd see in a state like Florida from 20-60GHz. Yes, there are a few semi-prime chunks where precipitation isn't as big of a problem... but THOSE aren't the chunks that will be available for wireless broadband, because they were snapped up years ago by companies like MCI for long-distance backhaul. The chunks that are left are vast, but they have propagation characteristics that are more like wireless HDMI (~50 feet, literal line of sight within the same room).

Comment: Re:Meh (Score 1) 201

by Miamicanes (#48155749) Attached to: Google Announces Motorola-Made Nexus 6 and HTC-Made Nexus 9

I'm sure you HAVE... but from what I remember, the gNex bootloader wasn't even TENTATIVELY circumvented until February or April of the following year, and wasn't robustly-overcome to the point where owners no longer worried about Verizon pushing an involuntary phone-bricking update on them until summer... ~7 months after initial release on Verizon.

Comment: Re:Meh (Score 1) 201

by Miamicanes (#48155625) Attached to: Google Announces Motorola-Made Nexus 6 and HTC-Made Nexus 9

Hence, my second paragraph ;-)

The catch is... nobody really knows for sure WHEN someone will have a working root for bootloader-locked Z3s. It's probably safe to say that SOMEONE eventually will... but it could EASILY be 3-7 months, with no guarantees. And if you DID root the phone, back up the DRM keys, and reflash, you'd STILL probably be fucked if the phone got lost/stolen/broken & had to be replaced under warranty, because the new one would probably be locked in a way that defeated the older root method.

I learned MY lesson the hard way. ~3 years ago, I bought a Motorola Photon fully expecting it to either have a working bootloader unlock that didn't disable Wimax, or for Motorola to become non-evil as a Google-owned company. I will never, ever totally forgive Motorola for the 2.3.4 Trojan non-update they did their best to make everyone THINK was going to be an early open beta of ICS, but REALLY permalocked the bootloader(*) so you couldn't even sacrifice working wimax and unlock it. The phone got angrily thrown in a drawer in disgust, and I went back to using my old Epic 4G for 3 months until I finally got a Galaxy S3 on release day. #Motofail. #Neveragain.

As a direct result of AT&T's decision to lock the bootloaders like Verizon on all new phones, I'll be fleeing the intolerable yoke of AT&T's authoritarianism for the liberating sanctuary of T-Mobile when my new Note 4 arrives in a couple of days.

The shortest distance between two points is under construction. -- Noelie Alito