Forgot your password?

Comment: Important work - gives handle on earth's dynamo (Score 4, Insightful) 80

by Cliff Stoll (#47298935) Attached to: Satellite Swarm Spots North Pole Drift

This is important work, which compliments terrestial geomagnetic measurements and space based observations.

The earth's magnetic field results from a planetary dynamo. Magnetic field lines get frozen into the electrically conductive fluid core. Then, differential motions in the fluid causes the magnetic field to get twisted up -- it's no longer is the simple dipole (like those bar magnets that you played with as a kid). Instead, the earth's magnetic field develops high order moments (sorta like bumps and dips). These shapes evolve as the conductive core moves. Eventually, the magnetic field gets so tangled up, that it unravels. At that time, the earth's field reverses. These magnetic field reversals show up in the geologic record ... every 10,000 to 100,000 years, there's a flipover.

Measurements like the ESA Swarm satellite give us a handle on the evoloution of the Earth's magnetic field, as well as showing how that field interacts with the magnetic and particle environment of the solar wind.

(disclaimer - most of what I just posted is from a terrific graduate class that I took at the Lunar & Planetary Labs way back in 1979, and when I worked with Charles Sonett, who studied the solar wind. Likely, much of this is way out of date!)

Comment: Re:Well, yes, I was there... (Score 1) 120

by Cliff Stoll (#47182183) Attached to: Whom Must You Trust?

And my thanks back to you, oh Anonymous Coward: The 15 cents in royalties from your purchase of m'book is now helping my kids attend college. Uh, it'll last about 1.3 minutes.

You say that you're managing firewalls - all sorts of possibilities! I had the honor of working with Van Jacobson at LBL when he first researched TCP/IP traffic jams and compression. I was amazed at how much could be done by looking at traffic and thinking about the interaction of traffic, buffers, routers, and network congestion. Wonderful stuff - what looks like a boring problem may be an opportunity for research.

With that in mind, here's my encouragement to you: Go and sharpen your tcpdump & wireshark tools. Figure out what's really happening to those packets. Who knows what you'll uncover?

Comment: Re:IF you are the REAL Cliff Stoll? (Score 1) 120

by Cliff Stoll (#47182047) Attached to: Whom Must You Trust?

(blush). Thanks!

Now it's your turn: Go forth and make our networked community friendlier, stronger, more trustworthy, and more useful.

Best wishes,

PS: Of course, you raise a fascinating, self-referential question. How can you tell if this posting is from the real Cliff Stoll? I know it's me - and it's easy to prove in person, but difficult online. For the best proof, well, stop by for coffee. Way more fun than posting online.

Comment: Well, yes, I was there... (Score 5, Interesting) 120

by Cliff Stoll (#47181593) Attached to: Whom Must You Trust?

It's been a quarter century since I chased down those hackers. Hard to think back that far: 2400 baud modems were rarities, BSD Unix was uncommon, and almost nobody had a pocket pager. As an astronomy postdoc (not a grad student), I ran a few Unix boxes at Lawrence Berkeley Labs. When the accounting system crashed, my reaction was curiosity: How come this isn't working? It's an attitude you get from physics -- when you don't understand something, it's a chance to do research. And oh, where it led...

Today, of course, everything's changed: Almost nobody has a pocket pager, 2400 baud modems are a rarity, and Berkeley Unix is, uh, uncommon. What started out as a weirdness hiding in our etc/passwd file has become a multi-billion dollar business. So many stories to tell ...

I've since tiptoed away from computer security; I now make Klein bottles and work alongside some amazing programmers at Newfield Wireless in Berkeley. Much fun debugging code and occasionally uncorking stories from when Unix was young.

Warm cheers to m'slashdot friends,

Comment: Re:Current.... melt (Score 1) 227

by marcansoft (#46685951) Attached to: Nanodot-Based Smartphone Battery Recharges In 30 Seconds

It's 2Ah, so 240A.

Now, it could be that their battery runs at a higher voltage (and thus not really 2Ah, but they're using that figure as a 3.7V li-ion equivalent capabity), or that there is a power converter built into the battery pack (unlikely for a prototype, though). Still, even for a 37V battery (vs. 3.7V for a normal Li-Ion cell), we're talking 24A. That cord didn't look like 24A cord, and I highly doubt they were using a voltage higher than 37V to charge (especially not with exposed banana jacks like that).

I call the demo highly dubious if not an outright fake/mock.

Comment: Re:Hey (Score 5, Interesting) 80

by marcansoft (#46596519) Attached to: eBay Japan Passwords Revealed As Username+123456

Sorry for the threadjack, but this is yet another case of horrible security reporting.

From watching the video, what it seems happened here was that eBay chose phpBB for their community forum, but did not integrate its authentication system directly with eBay's on the server side. Instead, the site was set-up as a standalone system, and whoever implemented the integration had the bright idea of hardcoding the forum password for everyone as username+123456, and then just having the eBay login page issue a hidden POST request behind the scenes to authenticate users to the community forum section.

Thus, this allows anyone to trivially impersonate anyone else on the forum. It shouldn't have anything to do with the rest of the site, though. Nor does this have anything to do with initial passwords, salts, or any of the other terms that have been thrown around.

A case of absolutely retarded login integration for the community site, but not something that would allow people to take over others' main eBay account. What this says about the people running eBay is another matter entirely...

Comment: Re:Dumb (Score 3, Informative) 358

by marcansoft (#46488967) Attached to: EU Votes For Universal Phone Charger

This is incorrect. There is no bidirectional negotiation between chargers and devices, nor are there any magic extra pins (at least for pretty much all Android and Apple products - dunno about Zune).

What there is is one USB charging standard, that basically says one thing and one thing only (that matters): if the data pins are shorted together (but otherwise not connected to anything), then the port is a Dedicated Charging Port. A DCP must meet certain voltage/current curve ranges and may be engineered to supply anywhere from 500mA to 1.5A (or more), with the voltage dropping as the device exceeds the charger's maximum. Devices are simply supposed to regulate current draw upwards until the voltage drops below a threshold, indicating the charger's capability. No digital negotiation takes place. Devices are limited to 1.5A charging current, which is quite typical for modern devices (and significantly better than the 500mA of a non-charging port).

There is a newer USB Power Delivery specification that is much more recent, supports higher powers, probably uses more complex negotiation (I haven't read it), and nothing implements it yet.

Then there's what Apple does - they have an incompatible implementation that uses resistors on the data pins in the charger to signal its current capability. Different resulting voltages mean different current levels. This is completely incompatible with the USB charging standard. Recent Apple devices (since the iPhone 3G or so) do support DCP chargers (to some extent - some charge more slowly, and I don't know about larger iPads?), but non-Apple devices will only charge at 500mA or worse from Apple chargers.

Comment: Re:Faster is not necessarily better: Quality matte (Score 5, Informative) 101

by marcansoft (#46315575) Attached to: FFmpeg's VP9 Decoder Faster Than Google's

This is false. Decoding for modern video formats is strictly defined, and all decoders must produce bit-perfect output. You can add as many filters as you want after that, but that's a postprocessing step in the video player and has nothing to do with the decoder. Things like in-loop filters are strictly defined as part of the decoding process and must be there for the decoder to be considered correct.

Comment: Re:Why does Wikimedia hate batteries? (Score 1) 235

by marcansoft (#46259171) Attached to: FLOSS Codecs Emerge Victorious In Wikimedia Vote

Nope, they just crash, lag, or play it with severe artifacts (the latter happens with some hardware codecs and 10bit files).

Basically no modern video codecs are designed to gracefully degrade given limited decoder features, because they rely on bit-perfect output to be used as a reference for future frames. Any error accumulates in the decoding loop and becomes significant artifacting until the next I frame.

+ - Ask Slashdot: What's there to like about the BETA?-> 7

Submitted by Narnie
Narnie (1349029) writes "I come to /. not for the nearly interesting pseudo-tech articles, but for the lively, self-moderated discussion. Today I'm bit surprised to see every discussion summarized to fuckbeta. Popping up all over the place there's discussions about beta and even alternatives being revived and created. As I tend not to RTFA, I haven't sampled the beta myself. So, I ask you guys, what's there to like about the BETA and what's there to loath?"
Link to Original Source

Overload -- core meltdown sequence initiated.