Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Just a distraction from the real fail... (Score 4, Informative) 47

by NimbleSquirrel (#49156699) Attached to: Uber Discloses Database Breach, Targets GitHub With Subpoena

Because they think it was a crime of opportunity, which sounds like a reasonable supposition -- the hacker stumbled across the key in Github, then either gave (or sold) the key to someone else to do the hack, or did the hack himself. Clearly he wouldn't have downloaded the data using his own IP address, but it's entirely possible that when he found the key on Github, he was using a traceable IP.

There could be hundreds of legitimate accesses of that file. If the hacker was indeed using a hidden IP address to access the database, but his real IP to download the gist, how are Uber going to determine that from all the other legitimate accesses? If the hacker gave away or sold that information, there is going to be no way for Uber to determine a link at all. This just seems like a fishing expedition to hide the real fail.

By admitting that one of their developers leaked the key himself on Github, it seems a little late for them to claim that they have no responsibility for the breach.

Ahh... but the thing is that Uber haven't admitted to anything like that. By serving a subpoena against GitHub, it is clear that is what has happened, but nowhere have I seen Uber actually admit this. If Uber were actually to admit this, it would likely open them up to lawsuits from their affected drivers.

Comment: Just a distraction from the real fail... (Score 5, Interesting) 47

by NimbleSquirrel (#49156613) Attached to: Uber Discloses Database Breach, Targets GitHub With Subpoena
Any hacker with any decent opsec would not be showing their actual IP address. The subpoena request is just smoke and mirrors to hide Uber's own security fail. Even if GitHub were to hand over the data, they would likely find nothing useful. Uber know that GitHub will not hand over that data without a fight. I am willing to bet that Uber are going to start claiming that the hack isn't their fault because GitHub won't hand over the data. If Uber already know the public IP of the hacker, why do they need the info from GitHub to proceed? Meanwhile the actual security fail of Uber making their database access info publicly accessible gets overlooked.

Comment: Purkinje Effect (Score 1) 420

by NimbleSquirrel (#49155841) Attached to: Is That Dress White and Gold Or Blue and Black?

There are several factors that make this unintentional optical illusion really interesting.

The first, demonstrated by the xkcd, shows that the colours will appear markedly different with different coloured backgrounds. It doesn't fully explain what we are seeing here though, as people are seeing the two different states with the same background to the dress.

I believe that the main illusion comes down to the Purkinje Effect, and how our brains interpret colour. Under the Purkinje Effect, in lower light levels our peak visual sensitivity shifts to the blue end of the spectrum. At higher levels it shifts away from the blue end of the spectrum as the rod cells in our eyes reach a point of saturation and stop being effective. So, when ambient light is bright enough, we just don't perceive blues as well, and we just don't see differences in contrast as well (as the rod cells are responsible for contrast vision).

If your eyes are adapted to bright light conditions (and the threshold here varys from person to person), you will likely see white and gold. Due to the shift away from blue, dark greys in the image appear more yellow. The blue also becomes apparently lighter to the point that our brains interpret it as a white dress in the shadow in daylight. If you go into a darker environment and wait (it takes about 10-15 minutes for the rhodopsin in the rod cells to regenerate), you willl likely see the blue and dark grey/black.

The first time I saw this, I had just walked in from outside. I saw white and gold. Then after sitting in a darkened workshop for 30 minutes, I saw it as blue and dark grey.

Comment: Oh, the irony.... (Score 4, Interesting) 391

The irony here is that Verizon makes full use of it's Title II status in other areas (wired telephony and mobile voice), and has used Title II benefits to build its FiOS network. The same Title II status it is now protesting against.

To add more fuel to the irony fire, the FCC would not have had to vote on net neutrality at all if Verizon hadn't sued them in 2012 claiming violation of its First and Fifth Amendment rights.

So, Verizon forced the FCC to make a change, is now complaining that the the FCC has made that change, but behind the scenes has been profiting all along in other areas where that change is in place. Sorry, Verizon, no sympathy for you.

Comment: Flash toys, but are they really useful? (Score 1) 517

by NimbleSquirrel (#48997443) Attached to: The US Navy Wants More Railguns and Lasers, Less Gunpowder

Lasers are great for taking down incoming missiles, drones or small aircraft. But the current system, at only 30kW, is of no use against larger or hardened targets. Stepping up to a megawatt class laser is either going to require supercooled magnet arrays and large generation facilities for a free electron laser (and you will need liquid helium or possibly liquid nitrogen to keep them functional), or storage for chlorine and iodine as well as hydrogen and potassium hydroxides for a COIL laser (the hazardous nature of those substances adds even more issues).

Rail guns have their own issues. They need massive capacitor banks that can be very dangerous at full charge, or homopolar generators which would need to be massive for a naval sized rail gun. The high temperatures and EM fields at firing would cause any fuses to go off in HE rounds, so they would be limited to kinetic rounds only. That drastically reduces their usefulness. On top of that, each time the gun is fired, the rails are subjected to buckling forces, intense heat and part of the rails are blasted away as plasma. Each shot, your accuracy decreases, as well as your effective range and the kinetic hitting power. It is fine to have 'virtually unlimited' ammunition, but what use is that when you have a gun that you can only fire a few times before you have to change the barrel?

Sure, 'futuristic' weapons such as these look good on paper, when an Admiral is convincing politicians for a few hundred billion dollars, but I doubt they really will be replacing naval weapons for the forseeable future.

Comment: Government mandated sexism is still sexism. (Score 1, Insightful) 779

by NimbleSquirrel (#48961499) Attached to: WA Bill Takes Aim at Boys' Dominance In Computer Classes

Sexism, even with the stated goal of equalising a perceived imbalance, is still sexism. It is the same way with racism. Mandating discrimination, no matter how lofty their goals, breeds resentment. Using statements referring to "historically under-represented students" simply hides the intent.

They need to be very careful to encourage those who are 'historically under-represented' while not marginalising those who are 'historically over-represented'. It is not a kid's fault if they are born male or female, and neither gender should have a lesser education because of it.

Mandating changes to K12 funding rules is, unfortunately, not going to change society's pressures as a whole.

Comment: Plausible deniability (Score 5, Insightful) 190

by NimbleSquirrel (#48267797) Attached to: Labor Department To Destroy H-1B Records

The answer to this is easy: plausible deniability. If the records are only temporary, and get expunged after 5 years, then the US government suddenly have an out for bad press over a long history of abuses of that H1B program that have gone unchecked. Instead of changing policy, fixing the program, and investigating historical abuses by various (mostly tech) companies, it is easier to rewrite histrory.

The answer will now be: 'Oh... we can't possibly investigate company X for H1B visa abuses. The records were temporary and no longer exist. Since the records no longer exist, we cannot possibly comment. To the best of our knowledge, the H1B program works.'

Comment: There is a lot to this but Wolvereness isn't wrong (Score 1) 354

by NimbleSquirrel (#47844179) Attached to: DMCA Claim Over GPL Non-Compliance Shuts Off Minecraft Plug-Ins

People are acting as if Wesley Wolfe (Wolvereness) is trying to claim ownership of Minecraft server code. I don't know him, but that is not his intent from what I've seen. It is simply to have his code removed from a project with a clear conflict of interest over licensing. From what I have seen, it has been a case of: 'remove my code from the project OR opensource the Minecraft server code'.

The fact that this brings to light that Bukkit is no longer eligible to use its codebase because it's in violation of its own license is just a bonus.

Unfortunately Spigot is suffering from a side-effect of this claim. It was built off the Bukkit source code, so if Wolvereness were to leave his code in that project, without a DMCA claim, it would dilute his legal position against Mojang.

Here are the facts as I see them:
1. Bukkit is an open source project, licensed under the GPL.
2. Many developers, including Wolfe, contribute code to the project under the GPL terms. The developers retain copyright over their contributions.
3. The Minecraft server was reverse engineered (apparently in violation of Minecraft's EULA) and the resulting decompiled/de-obfuscated code initially included in the CraftBukkit project.
4. Projects like Bukkit, Forge and Spigot add considerable value to Minecraft, but are not (initially) controlled by Mojang.
5. Mojang surreptitiously acquires the Bukkit project by hiring a number of the project's key developers. While the hiring of the developers is made public, the acquisition of the project is not.
6. The developers Mojang hire work on Bukkit-Minecraft "intergration". Bukkit features get added to Minecraft's server, and proprietary Minecraft server code gets incorporated into Bukkit/CraftBukkit.
7. Community developers continue to contribute to Bukkit, under the GPL, thinking they are working for an independent project.
8. Bukkit/CraftBukkit is distributed during this time, under the (L)GPL, including the proprietary code. This is a violation of the (L)GPL.
9. Mojang changes EULA to prevent 'pay to win' servers, and asserts Bukkit is subject to that EULA too.
10. The majority of developers vote to discontinue the project. Mojang steps in publicly to say that they can't do that and they have owned the project for two years.
11. Mojang asserts control over the entire project, including contributions from community.
12. Wolvereness DMCAs the project, for the removal of his code.
13. Mojang claim they added no code to the project, yet the project had been distributed for two years including Minecraft server code while the project was supposedly in Mojang's ownership. Mojang have been aware of licensing issues since 2011, but have done nothing to remove their proprietary code from a GPLed project in the time since they acquired it. Licensing of the project has not changed.

It seems that there are only four possibilities: Mojang kills Bukkit and walks away; Mojang rewrites Bukkit to remove/rewrite code from outside contributors and closes source; Mojang caves and opensources Minecraft server code; Mojang takes Wolfe to court to determine outcome (which could take years of appeals).

Comment: What does the author know about N95 masks? (Score 5, Informative) 156

by NimbleSquirrel (#46378469) Attached to: Face Masks Provide Chinese With False Hope Against Pollution

As someone who has worked in an industrial environment, and who has had to wear respirators and other PPE, I can say that N95 respirators do not need to be 'professionally fitted'. They do need to fit just right, but the users themselves can do that. Yes, they can be uncomfortable if you've never worn a mask before, but once you are used to them you can wear them all day (as many many workers do everyday).

While the author focusses on fitting, he completely ignores the other issue with N95 masks: there are many different types that are designed to filter different things. There are different masks for dusts and particles, nuisance odours, welding fumes, acid gasses, organic vapors and biologicals. The author ignores that people will need to know what type of respirator they need as buying the wrong type will make it far less effective. Not all N95 respirators are the same. For a sutiation like this, a dust and particle filter with nuisance level acid gas (NOx, SO2, etc) would be better, but unlikely to be found at many hardware stores.

What people don't seem to realise is that the gasses that make up smog (CO, NOx, SO2, ozone, organic compounds) can be just as damaging, if not more, than the dust and particulates. Even N95 masks only filter out nuisance levels of these.

Comment: Re:I fail to see the 'Pro' in this Mac Pro. (Score 1) 607

by NimbleSquirrel (#43968819) Attached to: Apple Shows Off New iOS 7, Mac OS X At WWDC
Sure, not many professionals upgrade their CPU, but RAM and GPUs on the other hand do get upgraded. Only four RAM slots doesn't leave much room for upgrade, and the GPUs in this thing are on customised and proprietary boards. I can't imagine Apple keeping up with the GPU upgrade cycle in producing these boards. Of course it all comes down to what you are doing on this system at a professional level. In my opinion, Apple's shift to an almost completely proprietary design is a bad thing.

As for Apple owning Thunderbolt: they do, in conjunction with Intel (and I never stated they owned it outright). They own enough patents on the technology that you can't make a Thunderbolt-based product without paying some money to Apple.

Comment: Re:I fail to see the 'Pro' in this Mac Pro. (Score 1) 607

by NimbleSquirrel (#43967687) Attached to: Apple Shows Off New iOS 7, Mac OS X At WWDC
Yes, Intel orginally developed Thunderbolt (then codenamed LightPeak), but then they approached Apple with it. Apple and Intel have technically collaborated on Thunderbolt. Unsurprisingly, Apple now have quite a number of patents on Thunderbolt technology (and I'd speculate even more on Thunderbolt 2). Yes, the connector may be royalty free, but what is inside it isn't: Thunderbolt uses active cables.

So, while Intel did create the original tech behind Thunderbolt, it isn't solely owned by them anymore. If you want to make Thunderbolt-based kit, you will need to pay the tax to Intel *and* Apple.

The point I was trying to make is that Apple have a distinct financial interest in killing PCIe and replacing it with Thunderbolt / Thunderbolt 2.

Comment: I fail to see the 'Pro' in this Mac Pro. (Score 3, Interesting) 607

by NimbleSquirrel (#43967147) Attached to: Apple Shows Off New iOS 7, Mac OS X At WWDC
Sorry, but there is nothing professional about the new Mac Pro. It is Eye Candy; nothing more. Its proprietary layout means that there is very little that will be upgradeable (save for maxing out its measly four RAM slots, or swapping out the SSD). CPU not fast enough anymore? Graphics cards out-of-date? Sorry, time to buy a new Mac Pro. But of course that is what Apple want. Heaven forbid that someone would actually want to upgrade their CPU or change to the latest generation GPU.

What is really anti-Professional about the Mac Pro? Dumping Internal storage bays and PCIe slots moving everything to external interfaces. SSDs have their place and so too do spinning disks. I could choose what I wanted, but with this new Mac Pro I have no choice. I would now have to have a stack of external drives sitting at my workstation. It won't look so pretty then.

On top of that, plenty of companies have invested in PCIe-based hardware (Audio DAW cards and HD-SDI interface cards are just two examples of many). Companies who have invested heavily in such hardware are now SOL. What will they do? Buy an overpriced Mac Pro and reinvest in all new Thunderbolt-based hardware (that most likely doesn't exist yet given the slow uptake of Thunderbolt), or switch to PC based hardware?

I have to look at the reason for the redesign, and it is very easy to see: Apple (and Intel) own Thunderbolt. They make a cut of every Thunderbolt device sold. Of course, they are going to push Thunderbolt over everything else. Did Apple actually listen to what their professional clients need?

Comment: You may have a claim of Author's Rights (Score 3, Interesting) 480

Others have correctly pointed out that you were most likely in a situation of work-for-hire and do not have a copyright claim to the work. However you may have a claim under Author's Rights (also referred to as Moral Rights). Author's Rights are separate and distinct from Copyright, and cannot be transferred. It doesn't grant you that much, but (amongst other things) it does grant you the right to be named as author (or co-author) in a work.

Your best course of action to to write the client a friendly letter or email (I'd lean towards letter in a situation like this), relay your situation to them, and inform them that you wish to be named as author (or co-author) in the work. Be clear you are not claiming any kind of copyright! You also may wish to point out that the other developer is incorrectly claiming copyright, when that belongs to the client. Just be careful of not making this an attack on the other developer. You just want some way of having your work recognised. If you do send a letter, be sure to get a notarized copy before you send it, in case you have to escalate things.

If you do need to take it further, then I'd suggest to just cut your losses and walk away. The other developer claiming your work as theirs is Libel: it has already harmed your reputation. It will be expensive, and chances are you wouldn't get enough to cover your expenses (not to mention the damage it would do to your reputation even if you are right).
Censorship

YouTube Refuses To Remove Anti-Islamic Film Clip 622

Posted by Soulskill
from the people-will-be-mad-whatever-you-decide dept.
Hugh Pickens writes "BBC reports that Google officials have rejected the notion of removing a video that depicts the prophet as a fraud and philanderer and has been blamed for sparking violence at U.S. embassies in Cairo and Benghazi. Google says the video does not violate YouTube's policies, but they did restrict viewers in Egypt and Libya from loading it due to the special circumstances in the country. Google's response to the crisis highlighted the struggle faced by the company, and others like it, to balance free speech with legal and ethical concerns in an age when social media can impact world events. 'This video – which is widely available on the Web – is clearly within our guidelines and so will stay on YouTube,' Google said in a statement. 'However, given the very difficult situation in Libya and Egypt, we have temporarily restricted access in both countries.' Underscoring Google's quandary, some digital free expression groups have criticized YouTube for censoring the video. Eva Galperin of the Electronic Frontier Foundation says given Google' s strong track record of protecting free speech, she was surprised the company gave in to pressure to selectively block the video. 'It is extremely unusual for YouTube to block a video in any country without it being a violation of their terms of service or in response to a valid legal complaint,' says Galperin. 'I'm not sure they did the right thing.'"

"It ain't so much the things we don't know that get us in trouble. It's the things we know that ain't so." -- Artemus Ward aka Charles Farrar Brown

Working...