Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Re:As with all space missions: (Score 1) 178

by rwa2 (#48618775) Attached to: NASA Study Proposes Airships, Cloud Cities For Venus Exploration

I hate to bring politics into a science discussion, but unfortunately politics is what determines funding. And politics is what put humans on the moon.

Yes, putting humans anywhere in space (or anywhere hostile to biological habitation) is basically a super-expensive camping trip. That never stopped us in the past from building capsules that can take humans to the bottom of the oceans or hurtling across the skies or stationed at the south pole and other places where robots could do the job just as well or better.

Politically, will countries / corporations be able to "own" the resources (or even just the science / IP) discovered in space without a human presence to plant a flag and occupy? I mean, we're not to that level of competition yet, but say sometime in the future when we're mining asteroids and there's a really valuable asteroid that everyone's trying to claim. Would we consider it legal for the first mining robot to arrive to claim the entire thing? Or is it fair game for whichever robot gets there first to take their fill? Is it an act of war for a robot to knock out / disable a competing country's robot? It obviously is if you're knocking out a human-inhabited space colony, but otherwise you're just squabbling over money.

Anyway, I'm glad that NASA is doing the math on what is at this point just a proposal / thought exercise. No harm in having thought things through, in the off-chance that Venus was suddenly struck with a strong case of unobtanium-fever.

Comment: Re: This is not the problem (Score 1) 553

by rwa2 (#48618451) Attached to: Economists Say Newest AI Technology Destroys More Jobs Than It Creates

Huh, well, I learned something... I always thought they were getting their "checks" for free. ... I'm still working on building up that minimum average daily balance so I qualify for free or reduced orders on checkbooks... must be nice to have enough to go platinum and not have to worry about that.

+ - Vessel Identification and Tracking System Is Profoundly Insecure->

Submitted by chicksdaddy
chicksdaddy (814965) writes "Researchers from the firm Trend Micro are warning that the Automated Identification System (or AIS) — a monitoring system that is used on over 400,000 ocean-going vessels — is profoundly insecure and vulnerable to both software and radio-based hacks, The Security Ledger reports. (https://securityledger.com/2014/12/research-finds-cyber-physical-attacks-against-vessel-tracking-system/)

AIS is a global system for tracking the movement of vessels. It is intended to supplement marine radar and relies on ship, land and satellite-based systems to exchange data on ships’ position, course and speed and is used for everything from collision avoidance to security, ship-to-ship communications and weather forecasting.

AIS is required to be deployed on all passenger vessels and on international-voyaging ships with gross tonnage of 300 or more. However, researchers Marco Balduzzi and Kyle Wilhoit found that AIS is rife with exploitable software- and protocol vulnerabilities. Chief among them are flaws in the AIS protocol which was developed in a “hardware epoch” and lacks even basic security features such as authentication and message integrity checks. While hacks of radio-based systems like AIS would have been expensive and difficult to conduct 10 or 15 years ago, the advent of tools like Software Defined Radio make it possible to craft sophisticated attacks with just a small investment, the researchers discovered.

In their work, Balduzzi and Wilhoit – working with an independent security researcher – were able to use software-defined radio based attacks to trigger a range of phony messages, from false SOS and “man in the water” distress beacons to fake CPA (or Closest Point of Approach) alert and collision warnings on an AIS system set up in a lab environment. A copy of their ACSAC presentation slides can be found here: http://blog.trendmicro.com/tre...

The two have written about AIS vulnerabilities before, including susceptibility of AIS to man-in-the-middle attacks (http://blog.trendmicro.com/trendlabs-security-intelligence/captain-where-is-your-ship-compromising-vessel-tracking-systems/). Their latest work expands the list of attacks and vulnerabilities found in AIS to include both software and RF-based hacks, SQL injection, buffer overflow and so on."

Link to Original Source

Comment: Re:Some practical examples (Score 1) 151

by rwa2 (#48612571) Attached to: In IT, Beware of Fad Versus Functional

Ugh. Never played with Rails, but I've had to convert a lot of bash / python cluster management work into Chef / Ruby and it's been awful. I easily spend 10x longer doing trivial tasks, and in the end, I have to write a bash ssh job to verify that chef did the right thing anyway.

To be fair, there's a lot in the framework that I do like... the somewhat built-in unit and integration testing (which, for some reason, is surprisingly absent in production where you'd most want it). I sort of like the RuboCop coding convention watchdog, mostly due to the irony of it making ruby even more sensitive to whitespace formatting than python ever was. But for the most part, all this stuff just adds more pieces that randomly breaks things every 3 months, and most people trying to get actual work done end up disabling and ignoring all of it, which is a shame because doing things in The Chef Way(TM) also balloons every little 10-line bash/sed script into a monstrosity spanning multiple overlapping files, attributes, templates, and data bags. It's also dog slow and wasteful to nuke-n-pave for every little change, and/or inconsistent about deploying rolling updates and giving you no mechanism to roll back (OK, so it does provide some backup of some configuration files it touches, whooop-dee-doo).

I left my old job largely because the new tech manager wanted to introduce Chef as the silver bullet that would launch them into the next phase of their career, and forced hundreds of prod machines to start using it while they were still figuring out all of its vagaries. Of course the final straw was that we weren't allowed to in any way blame Chef on any outages or project delays, since the execs were already breathing down his neck for the ham-fisted migration.

Got another job still doing Chef-based work, but at least now I have support from management to take as much time as it needs to maintain things properly. Still spend way more time maintaining the tool instead of plying our trade, but whatever, it pays the bills. OpsCode has really got a little cottage industry going in maintaining DevOps job security, and I get a lot of coffee breaks while "waiting for my ruby scripts to converge in test-kitchen".

Comment: Re:been there, done that (Score 2) 259

by rwa2 (#48612261) Attached to: Ask Slashdot: How Should a Liberal Arts Major Get Into STEM?

Mod parent AC up.

Some of the best IT workers I've known were originally English majors. A STEM worker that doesn't communicate well can be just as bad or worse than a less-technical worker with some decent collaboration skills.

So you have a BA degree... Use it to get a technical writing or training job in some field you would enjoy. Then use the tuition benefits / training provided by your employer to get a BS / MS in something. From there you'll be able land a whole bunch more jobs that require a technical degree.

The hardest part is getting your foot in the door... unfortunately, it's usually easier to have the BS / STEM degree first, and then using your employer's continuing education benefits to study whatever the hell you like. But it can work the other way around too.

Comment: Re:I played GTA: San Andreas years ago (Score 1) 427

by rwa2 (#48611403) Attached to: Virtual Reality Experiment Wants To Put White People In Black Bodies

Seriously, GTA III:SA did an awesome job putting you in the shoes of a black kid from the hood. Character development was amazing, as you start out on bikes doing jobs for your moms, dealing with corrupt cops (both white and black), getting trapped in drug & gang wars, losing everything, rebuilding yourself as a lackey for a gangsta rapper and the CIA... it really makes you want to rage.

GTA IV, OTOH, was pretty lame in comparison... zero character development (certainly didn't help that the main voice actor was the only one who could pull off a convincing Russian immigrant accent, esp. compared to the "extras" like the Thai prostitute in the opening sequence). It just didn't make me feel anything for his plight or his family, and when bad things happened to him I was like "good!".

Comment: Re:What? (Score 2) 426

by Loki_1929 (#48610145) Attached to: Federal Court Nixes Weeks of Warrantless Video Surveillance

You have the political will to gun down/blow up kids running for the fence? That's what Eastern Germany did.

You are making a strawman argument. Never did I suggest doing any such thing.

Funny, that's what Eastern Germany said too. Fat lot of good it did them trying to keep people in.

You can attempt to draw all the offensive comparisons you want while ignoring the fact it isn't a terribly challenging problem to solve when your wall isn't right through the middle of a major city and isn't easily climbable and isn't the only line of defense. Look at what happened when they put in a complex fencing system in the San Diego zone in the mid 90s: suddenly crossing attempts dropped by over 90%. Nobody got through there, so they all went into the mountains to go around the system.

Simply extend the San Diego system across the rest of the border and have heavy patrols. Anyone damaging the system is imprisoned for a period, then deported to their country of origin. Those who manage to make it through the system are quickly rounded up by the regular patrols and immediately deported to their country of origin. Most will stop trying. The few that remain will be far more easily managed.

Comment: Re:What? (Score 5, Interesting) 426

by Loki_1929 (#48609625) Attached to: Federal Court Nixes Weeks of Warrantless Video Surveillance

Because it's impossible to secure 3,000 miles of border, and he would just sneak back in if that's all we did.

Pardon me, but that's bullshit.

Let's just take the forces we already have today. We have 1.4 Million in active duty military personnel and 850,000 reserves. Obviously we can't take every single one, so let's take half: 1.1 Million people. Now stick them on a 3-man rotation minus 1/3 for duty rotations and leave and spread them out across the 1,954 mile border with Mexico. That puts 125 people plus their equipment per mile of border, plus all their R&D budget going into technologies to increase protection. Those personnel aren't just idle all day; they're building fences, digging trenches, laying sensor grids, and basically doing all the stuff that completely shut down the San Diego zone for crossings and they're doing it 24/7/365 at 125 per mile or one person every 14 yards.

I think that's all way overboard for what we'd need to actually secure (~99% reduction in successful unauthorized crossings) that border, but in any event, don't try to say it's impossible to do. Say we lack the political will. Say we choose not to do it. Say we just aren't interested enough in the problem to do what's necessary to solve it. But don't say it's impossible; that's absurd. I'm not even getting terribly creative here; just sticking boots on the ground and a whole lot more boots than we'd ever actually need at that.

Comment: Re:freedom 2 b a moron (Score 1) 1037

by Loki_1929 (#48607511) Attached to: Time To Remove 'Philosophical' Exemption From Vaccine Requirements?

I'm not sure if you're replying to the wrong message or if you've just completely misread what I posted, but I never said people didn't benefit from having an educational system, regardless of whether they have kids. I merely stated that if we're to block kids from public schooling because of the perfectly legal, if likely quite poor parenting choices of their parents, those kids should have the opportunity to be educated just as any other child. And if the goal is to separate the unvaccinated-by-parental-choice kids from the rest, then it makes perfect sense to ensure that tax monies continue to fund their education for exactly the same reasoning you've suggested.

However, if the intent is merely to punish the children of anti-vaccination parents, then by all means let's kick them out of school and ensure their parents have as limited abilities to educate their children as possible so we can perpetuate cycles of ignorance and poverty.

Comment: Re:MOD DOWN Supply and also MOD DOWN PARENT POST (Score -1, Troll) 190

by rwa2 (#48604475) Attached to: Why Didn't Sidecar's Flex Pricing Work?

Heh, I lol'd .

But anyway, to go off on a tangent, where was the /. coverage of the Car2Go outage from Friday? The one caused by the meltdown of their "German-based" mobile carrier due to some network roaming bug? I assume they're trying to deflect the blame to T-mobile without directly impacting their stock price...

Comment: Re:Unless it has support for Bitcoin... (Score 2) 152

by rwa2 (#48604371) Attached to: Small Bank In Kansas Creates the Bank Account of the Future

Eh, you're not on the hook for paying taxes with a babysitter if it's under $1900/yr. or $1000 per quarter
So I guess if you have a pool of different babysitters, you're all set.

Though more likely what will happen is that we'll go back to the dark ages and live with family members who can take care of our kids for us instead of entrusting them to near-total strangers, and, like, maybe learn how to get along while living in close proximity of our in-laws and stuff. You know, like the way things work in the third world.

Nah, I'm probably expecting too much from US society.

Comment: Re:Supply and demand (Score 1) 190

by rwa2 (#48602787) Attached to: Why Didn't Sidecar's Flex Pricing Work?

Plus, there's plenty of alternatives in the Seattle area. Most tech workers get a monthly bus pass for free through their work. Since Seattle doesn't really have a "major" mass transit network yet, the bus service it actually pretty good (as long as you're commuting to/from Seattle -- good luck if you're trying to commute between suburbs). The city of Seattle paid for everyone to get Car2Go memberships, and ZipCar has a pretty good presence here too. The airport shuttles are great if I have more luggage than I care to lug on transit, and they're cheaper than cabs since you can share the ride with others on the van. I have and use all of these things, but never used a cab or any of these new unlicensed / unregulated cab-like services. That's just not how I roll.

Having lived in the third world, I think the only way taxi (and taxi-like services) will get cheaper is through a glut of competition through the right amount of regulation/deregulation (like the licensed taxis in Thailand, which are everywhere and you can summon them in minutes with a wave of your hand, yet metered so they don't rip off tourists as much as they used to), and shared jeepney services (like those used in Puerto Rico and the Philippines) which essentially work like airport shuttles. Both of these could be much improved and optimized with information technology, and large employers like Microsoft and Google already run their own intelligent taxi/vanpool services for their commuters and on campus, so it's likely just a matter of time before they start offering some of that publicly... if there wasn't so much competition from public transit.

I've got all the money I'll ever need if I die by 4 o'clock. -- Henny Youngman