Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Submission + - The Mystery of Acupuncture Explained in Rat Model-> 1 1

hackingbear writes: A biological mechanism explaining part of the mystery of the acupuncture has been pinpointed by scientists studying rats. The research showed that applying electroacupuncture to an especially powerful acupuncture point known as stomach meridian point 36 (St36) affected a complex interaction between hormones known as the hypothalamus pituitary adrenal (HPA) axis. In stressed rats exposed to unpleasant cold stimulation, HPA activity was reduced. The findings provide the strongest evidence yet that the ancient Chinese therapy has more than a placebo effect when used to treat chronic stress, it is claimed. “Some antidepressants and anti-anxiety drugs exert their therapeutic effects on these same mechanisms,” said lead investigator Dr Ladan Eshkevari, from Georgetown University medical centre in Washington DC.
Link to Original Source

Comment Re:Personally (Score 2) 227 227

I was hoping that the final quote at the end of my post would answer that question, but for those who can't browse to and don't recognize the quote, the movies were the 1968 movie "2001: A Space Odyssey" and the 1984 sequel titled "2010". The sequel reveals the conflict that caused the problems shown in the first movie. Of course the two movies are really about other things, the policy conflict I used as an example is just an (important) part of the back story driving the plot. Basically an artificial intelligence computer goes insane with dire consequences when it receives conflicting instructions.

Comment Re:Personally (Score 4, Interesting) 227 227

You ask why users break policies. I guess there can be many reasons but for me anytime a policy gets in the way of accomplishing a task, it gets broken.

Another way of saying this is polices are likely to be broken when policies conflict. While not using your smart phone may be a policy, getting your job done is also a policy. In this case people will generally choose to break the policy with the least personal risk. If I am more likely to be fired (or not paid my bonus) if I don't get my job done than if I use my cell phone, I am going to choose getting my job done and use the phone anyway.

If am using my phone against policy, I may also do things that are detrimental to the business while I am trying to hide my phone usage. At a minimum I am wasting time and brain cycles thinking about how to deal with the policy conflict.

There was this movie that among other things was about unintended consequences that can happen if you have conflicting policies / instructions. "Open the pod bay doors, HAL".

Comment Re: How much you got? (Score 4, Insightful) 184 184

Do you think gmail would have become the most popular email service if it would have used ACID? ACID is *not* the only option. It's the *old* option. It's the expensive and slow option.

Maybe ACID doesn't mean what you think it means. It is not a technology that is "old" or "new", it is a way to think about the requirements of your system. Each of the four letters in ACID stands for a particular property of a database system and these properties (in various combinations) may or may not be needed by the system being built.

If your system is processing something where the integrity of the data is important (like financial systems), you are very likely going to need all four properties. If you are moving money from one place to another, you want to guarantee that that the the money is completely moved or not. You don't want the money partially moved, you don't want money to be lost, and you don't want money to be created out of thin air. ACID (as a concept) guarantees this.

If your solution requires ACID, you don't have to use a database that supports all of the properties of ACID, you could instead implement ACID in your application layer. However if you do this, you have to guarantee that that your application layer implements it properly and that there is no possible way to get to the underlying data store without going through the application layer. You also have to guarantee that no changes, updates, upgrades, or bugs in your application layer every break the ACID guarantee at any time. Making all of these guarantees in your application layer is VERY HARD, which is why people use ACID complaint databases instead to solve this particular problem set.

If your requirements don't need the properties described by ACID, than there isn't anything wrong with using a non ACID database. If may be acceptable for your data to "eventually" become consistent, to be inconsistent, or maybe even lost.

In the gmail example, you don't really need all the ACID properties, so you don't need to use that sort of database to hold the information. Email is not transactional end to end; when you send an email you are not guaranteed that it will get there. Email is also not order guaranteed; if you send multiple emails there is not a guarantee (or need) for them to arrive in the destination mailbox in order. If you are bulk moving messages from one mailbox to another, and only some of them get moved, it is okay and you can just move the remaining messages later.

As always, it is important to chose the right technology to solve the problem you need to solve. ACID compliant databases solve a lot of important problems (usually involving money), and if you have one of those problems, there is nothing "old" about ACID.

Submission + - Samsung Releases First 2TB Consumer SSD for Laptops->

Lucas123 writes: Samsung has released what it is calling the world's first 2.5-in consumer-grade, multi-terabyte SSD, and it's issuing the new drive a 10-year warranty. With up to 2TB of capacity, the new 850 Pro and 850 EVO SSDs double the maximum capacity of their predecessors. As with the previous 840 Pro and EVO models, Samsung used its 3D V-NAND technology, which stacks 32 layers of NAND atop one another in a microscopic skyscraper that offers vastly greater flash memory density. Additionally, the drives take advantage of multi-level cell (MLC) and triple-level cell (TLC) (2- and 3-bit per cell) technology for even greater density. The 850 Pro, Samsung said, is designed for power users that may need higher performance with up to 550MBps sequential read and 520MBps sequential write rates and up to 100,000 random I/Os per second (IOPS). The 850 EVO SSD has slightly lower performance with 540MBps and 520MBps sequential read/write rates and up to 90,000 random IOPS. The SSDs will range in capacity from 120GB to 2TB and in price from $99 to $999.
Link to Original Source

Comment File versioning and backup flags (Score 5, Informative) 484 484

VMS supports very elegant file versioning, which I found a very useful feature. By default, every time you open a file for write (and you modify the file) you get a new version of the file (kind of like copy on write at the file level). When you list the files in a directory, you can see all the versions of the file with the version number being an actual part of the file name(file.text;1, file.text;2). On a per file basis you can set how many versions you want to keep around and the file system will automatically purge the old versions as new ones are created. When opening a file you can specify any version you want, or if you don't specify a version you just get the latest.

The file system also supports specific backup related attributes that integrate with the backup system. This lets you specify that a file should be excluded from backup and if I recall, tracks if the file has been modified since the last backup.

Comment Re:VMS queue manager and VMS breakin evasion (Score 4, Informative) 484 484

DCL (the VMS CLI) could also do with a major rework and enhancements.

True, but there are elements of DCL that are worth bringing forward as well - particularly the ability to define the command syntax at operating system (shell) level and bind it to programs. For those who who haven't developed under VMS, there is operating system (shell) defined syntax with which you declare what parameters, switches, options, etc. that your program desires. The syntax is robust enough to specify which options are optional, required, mutually exclusive, etc. When you build your program, you "compile" in your command syntax and at run time DCL handles syntax checking for you. Coding work for processing command line parameters is greatly reduced. You also get bonus stuff like integration to the help system and automatic shortening of non ambiguous switches.

Comment Re:This is a GODDAMN DISASTER! (Score 4, Insightful) 179 179

How the fuck can anyone trust Bitcoin after this and the other incidents that have happened? How?

You can trust Bitcoin by learning how it works and following the proper procedures that you would if you playing with real money.

The Bitcoin system is highly resistant to "rouge" or bad actors in the system. Someone running mining software that does not follow the agreed upon rules for the system is an example of a rouge actor. When this happens the rest of the system votes down the decisions made by the rouge actors. In this case some miners were not following the system wide agreed upon protocol, generated bad data, and the rest of the system (correctly) rejected that bad data thus maintaining the integrity of the overall system as designed.

What was lost were some rewards that would normally have been paid out for operating correctly. Since the rouge actors were not operating correctly, they were not rewarded (for their invalid work). If you were hired to paint a house white and you painted it orange, would you expect to be paid? The miners did not do the work they were being paid to do. True, many miners mine within a pool and depend on the pool operator to do the right thing, but if the pool operator is not doing the right thing, it is not a flaw in Bitcoin. Lke the painting analogy, if you work for a painting company and the painting company gives you the wrong color of paint, you wouldn't expect the homeowner to pay you, if you want to get paid for your labor, your beef would be with your boss, the the homeowner.

On the transactional (non mining) side, if you are running an incomplete Bitcoin client, it is now taking longer to achieve a level of confidence that your transaction is officially as "approved" by the network. As always it is the responsibility of those making the transactions to wait an appropriate time to ensure that their transactions have been approved. This has always been the case with Bitcoin and has not changed.

Comment How else are you going to do it? (Score 1) 251 251

If you assume that the only communication channel the company has with you is email (which is generally a pretty good assumption as multiple channels or channels that include humans are expensive), there isn't really any other choice but to send the credentials (password) in plain text.

This is not a new problem. For the entire history of secure information transmission (cryptography), one of the hardest issues to solve is the issue of initial secret (key) exchange. This problem has been around a lot longer than computers have.

To actually be secure over email you would need the end user to provide a public key when they request the password and then have the company encrypt that password with the public key. The user would then decrypt the password with their private key. This can all be done with S/MIME, but would be a pretty tall order to expect that a random user would be able to figure out how to obtain and use a personal email certificate.

You could split the password into multiple parts and send each part in a separate email or separate the account and password into different emails. These are decent options but don't really provide true security against a targeted attack (someone sniffing the network or directly accessing the email server). These do provide a reminder to the end user that security is important. I would suspect that targeted attacks are not that common.

You could try and obscure the password by making it really long garbage string or embedding it in a URL, but it still ends up being a password in plain text. These don't add any security and may instill a false sense of security.

If a second channel is not cost or support prohibitive, then a one time use text message (SMS) or automated phone message is a pretty good option.

Comment Re:I hate and despise - but they should still be s (Score 2) 818 818

People are still able to sell or purchase a Confederate flag. It is not illegal and I have not heard any reports of the federal or state governments suggesting that is should be illegal. What we are hearing is that major retail (and online) outlets are opting not to sell it. Opting not to sell something is a similar level of "right" as is opting to sell something (that is legal to sell).

You could argue that with the consolidation of sellers (Walmart, Amazon, etc.) there are fewer purchasing choices and that the consolidated sellers have increased influence as to what is in the marketplace, but that issue goes beyond the Confederate flag and other specific goods.

If all else fails, lower your standards.