Forgot your password?

Comment: Re:Model M Keyboard FTW (Score 1) 446

by RR (#46791121) Attached to: Ask Slashdot: What Tech Products Were Built To Last?

I agree about the Model M. Mine was built in 1991, and I've had it since 2003.

I use it with my Mac, through a USB adapter. Interestingly, when I set the keyboard preferences to treat the Alt key as Command, it still treats the right Alt key as Option. I don't know if it's something specific to the Model M, or if it's something weird with my generic Holtek-based adapter. I use all 4 modifiers, so that was a bit of a bonus.

USB adapters are a lemon market. So far, I've tried buying 3 adapters. The Holtek one works well with keyboards, but not mice. The second one works well with mice but not keyboards. The third one doesn't work at all. They're all too cheap to bother returning. This is one way that Amazon, with its incredibly generous return policy, is increasing its retail dominance.


Bug Bounties Don't Help If Bugs Never Run Out 183

Posted by Soulskill
from the trying-to-bail-the-ocean dept.
Bennett Haselton writes: "I was an early advocate of companies offering cash prizes to researchers who found security holes in their products, so that the vulnerabilities can be fixed before the bad guys exploited them. I still believe that prize programs can make a product safer under certain conditions. But I had naively overlooked that under an alternate set of assumptions, you might find that not only do cash prizes not make the product any safer, but that nothing makes the product any safer — you might as well not bother fixing certain security holes at all, whether they were found through a prize program or not." Read on for the rest of Bennett's thoughts.

Comment: Re:The sad part here... (Score 1) 266

by RR (#46774127) Attached to: Nokia Had a Production-Ready Web Tablet 13 Years Ago

Honestly, looking at the design of that thing, I am not so sure it had a viable market. There were few wireless networks set up in 2000 it wasn't a given that every home had one. Cell data was expensive and slow. The device seems unwieldy and large and the controls don't look like they would be particularly easy to use. Also, what OS does it run, can it do anything but surf the web? Was the web on its own interesting enough in 2000 to make this a killer device? No streaming movies and TV shows, Spotify or any of those interesting services.

Were you around in 2000? I was. It was not a wasteland.

WiFi was already starting to become popular. Apple introduced the Airport in 1999. By 2001, I had my own WiFi network, and my school had a (very poorly functioning) network. It wasn't a "given," but it was available to the savvy people who would buy that thing.

The Web was already pretty interesting. There was streaming media, in the forms of RealPlayer, QuickTime, and Windows Media. Yahoo and Microsoft had webmail. Slashdot had fewer idiot editors. Amazon had shopping. And who knows what that device could have turned into, if it had more development.

The Nokia M510 could very well have been a flop. Sony's eVilla was a disaster. Steve Jobs refused to release the iPad until it was sufficiently "magical" in 2010. But I think this had more to do with design discipline and marketing than what was technically possible back then. After all, Palm was pretty big back then.


The Best Parking Apps You've Never Heard Of and Why You Haven't 163

Posted by samzenpus
from the park-that-anywhere dept.
Bennett Haselton writes "If you read no further, use either the BestParking or ParkMe app to search all nearby parking garages for the cheapest spot, based on the time you're arriving and leaving. I'm interested in the question of why so few people know about these apps, how is it that they've been partially crowded out by other 'parking apps' that are much less useful, and why our marketplace for ideas and intellectual properly is still so inefficient." Read below to see what Bennett has to say.

Comment: Re:Private sector and efficiency. (Score 3, Interesting) 103

by RR (#46739763) Attached to: Why the IETF Isn't Working

Efficiency in private sector is defined to be maximizing the return on investment. Private sector efficiency is NOT delivering goods and services at the least cost to most people. If that is the *only* way to maximize the return on investment, they will do it. It happens on simple products like cereal, bread, milk etc.

It doesn't even work entirely for those. Civic duty used to be an important part of American education. Now we have mega-banks that capture markets and suck the value out of everything they can.

Commodities Speculation: A Cause of Food Crises? A Crime Against Humanity?

How Morgan Stanley Has Raked in Billions by Manipulating the Prices of Everyday Commodities

Sasha Breger: How Commodities Hoarding Distorts Food Prices

There was an article I read with an evocative image of grain rotting in rail cars while crises erupt in the Middle East, but I can't find that article right now.

Comment: Civilization will end in a whimper (Score 1) 730

by RR (#46738321) Attached to: Ask Slashdot: Are You Apocalypse-Useful?

Civilizations have rarely ended in abrupt catastrophes. The most analyzed ending of a civilization is probably the Fall of the Roman Empire, and that ended over hundreds of years of debauchery and neglect. It takes a while for a major civilization to collapse.

Modern Western Civilization could end faster. A nuclear power plant dies much more quickly than a Roman aqueduct, and fluctuations in the market for crops in America have destabilizing effects on governments in the Middle East. On the other hand, the widespread travel and communication among nations' elites seems to be making them less likely to disrupt the channels of commerce.

In general, survivalists are ready for civilization to end suddenly. They are not prepared for civilization to continue.


Ask Slashdot: Are You Apocalypse-Useful? 730

Posted by Soulskill
from the it's-the-end-of-the-world-as-we-know-it-and-i-feel-disenfranchised dept.
An anonymous reader writes: "Young people, when choosing a profession, are often told to 'do what you love.' That's why we have experts in such abstruse fields as medieval gymel. But let's talk hypotheticals: if there's a worldwide catastrophe in which civilization is interrupted, somebody specializing in gymel wouldn't provide much use to fellow survivors. In a post-apocalypse world, medical doctors would be useful, as would most scientists and engineers. The bad news for Slashdotters is that decades without computers would render computer science and related professions useless. What do you consider to be the most useful and mostly useless post-apocalypse professions? How long would it take for society to rebuild enough for your profession to be useful?"

Comment: No, you don't understand the TCP/IP... (Score 1) 149

by RR (#46668123) Attached to: TCP/IP Might Have Been Secure From the Start If Not For the NSA

NO connection is point-to-point.

Most Internet communications are carried in packets with unique source address and unique destination address. Conceptually, it doesn't matter whether those packets are encoded with Point-to-Point Protocol on a serial cable, or whether they go through a bunch of routers first. A more pedantic term is unicast. So, the actual counterexample would be multicast, and despite best efforts, there's very little of that on the Internet.

The real exception to point-to-point communications is WAN acceleration, but I'm guessing that its effects are minor across the Internet.

Comment: Re:In a way its a good thing it didn't happen (Score 1) 149

by RR (#46665937) Attached to: TCP/IP Might Have Been Secure From the Start If Not For the NSA

I'd really like it if Intel could introduce an 'x86-2' instruction set that dumped all the legacy stuff but kept the same basic architecture. It'd need software to be recompiled, but not rewritten. It'd be expensive, but if they can coax just a few percent extra out of the hardware by dumping legacy then it'd still sell to the HPC and server markets. Recompiling linux and packages is a small price to pay.

Recompiling Linux and packages. That has worked out so well for ARM servers, so far.

I think that's a terrible idea. I don't think the 20-bit real mode, etc., are actually used except for the BIOS, which is in the process of being replaced by UEFI, and I'm not sure all of those instructions actually still work.

But the big thing about Intel is the idea that you can just take whatever x86 software and run it. Maybe recompile if you have something that can take advantage of the SIMD instructions, but it doesn't need to be recompiled to run great. The commentaries I've been reading say that the x86 instruction decoder is basically free, anyway, so it's a competitive advantage without significant penalty.

Comment: Re:Misleading article. (Score 2) 149

by RR (#46665837) Attached to: TCP/IP Might Have Been Secure From the Start If Not For the NSA

Rather misleading article and slant there. It implies that the NSA deliberately took action to make TCP/IP insecure. However, in reality, the NSA merely didn't contribute their classified work towards the specification of TCP/IP.

Yes, Slashdot is rather sad these days.

But the NSA isn't just about withholding classified information. The NSA is about weakening encryption standards. Vint Cerf said he would have used encryption if he had the opportunity to do it over again. The Internet community had such an opportunity, IPv6 with IPsec, and the NSA bungled it up.

IPsec doesn't involve the routers, because that would kill performance. IPsec is designed to handle different algorithms, so you don't need to support the same broken algorithms indefinitely. But the IPsec spec is a horrible design that in practice has made it very little used outside of very professional environments with very full-time engineers to keep it running.

Comment: Re:Misleading article. (Score 1) 149

by RR (#46665679) Attached to: TCP/IP Might Have Been Secure From the Start If Not For the NSA

Believe it or not, there are also some instances where cryptography is not needed, such as for purely publicly accessible information that can benefit from being cached, etc.

I don't think there is any instance where cryptography would not be useful, as long as privacy is an option. Most Internet communications are point-to-point, so caching should not be done in between. From an opsec point of view, it's less risky to use encryption for confidential information if you also use encryption for everything else, too.

Even for publicly cached data, you could use cryptography for authenticity instead of confidentiality. For example, DNSSEC is about proving the authenticity of DNS information, so your name resolver doesn't get fooled by DNS hijacking. Authenticity turns out to be useful even for completely mundane stuff.

Comment: Tried, didn't work (Score 1) 353

by RR (#46655359) Attached to: An SSD for Your Current Computer May Save the Cost of a New One (Video)

As always, it's a matter of tradeoffs.

I run a small lab of computers, and I decided to try upgrading them to 128GB SSDs. The fast computers with Windows 8 became even faster. The slow computers with Windows Vista did not improve dramatically.

Especially the small desktop with the 1.6GHz Core Duo. A lot of time is spent on hard disk access, but get slow enough and a huge amount of time is actually waiting on the CPU. Chrome opens pretty quickly, but Firefox still takes several times as long to launch. LibreOffice still takes a long time to install or open, though appreciably less time than on HDD.

It all depends on the use. No storage upgrade is going to make your Internet connection faster, or allow your computer to play 1080p video if it doesn't have the GPU decoder or CPU power for it. If you upgrade to an SSD, you'll see some improvement, but you'll get the most benefit if your other hardware is still adequate and you're mostly waiting on the HDD. To determine whether that's so, you really should be doing measurements.


Vint Cerf: CS Programs Must Change To Adapt To Internet of Things 163

Posted by samzenpus
from the get-to-learning dept.
chicksdaddy (814965) writes "The Internet of Things has tremendous potential but also poses a tremendous risk if the underlying security of Internet of Things devices is not taken into account, according to Vint Cerf, Google's Internet Evangelist. Cerf, speaking in a public Google Hangout (video) on Wednesday, said that he's tremendously excited about the possibilities of an Internet of billions of connected objects. But Cerf warned that it necessitates big changes in the way that software is written. Securing the data stored on those devices and exchanged between them represents a challenge to the field of computer science – one that the nation's universities need to start addressing. Internet of Things products need to do a better job managing access control and use strong authentication to secure communications between devices."

Microsoft: Start Menu Returns, Windows Free For Small Device OEMs, Cortana Beta 387

Posted by Soulskill
from the giving-in dept.
At Microsoft's BUILD conference today, the company announced that the Start Menu will officially be returning to Windows 8.1. It will combine the Windows 7 Start Menu with a handful of Metro-style tiles. They're also making it so Windows 8 apps can run in windows using the normal desktop environment. In addition to the desktop announcements, Microsoft also talked about big changes for Windows on mobile devices and Internet-of-Things devices. The company will be giving Windows away for free to OEMs making phones and tablets (9" screens and smaller), and for IoT devices that can run it. Microsoft also finally unveiled Cortana, their digital assistant software that's similar to Siri.

"The most important thing in a man is not what he knows, but what he is." -- Narciso Yepes