Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment Re:Not surprising (Score 1) 284

Go try buying a 2015+ TDI and see if you can run it without a DPF and DEF.. legally.

Good catch, I hadn't seen that the 2015's now include AdBlue. It's a huge step up from the 2007 Diesels that required monthly fillups. At 10k miles at least I'd only have to worry about it with oil changes. Unfortunate, but not a massive impact.

the next generation TDI Golf lost its IRS rear axle

Unless you have one of the mythical Aussie 4 wheel drive Golf TDIs, there isn't a rear axel on the Golf. More correctly, there are two very short axels that so far as I can tell have not been impacted by the addition of DEF.

It does look like they switched from the multilink independent suspension to a solid rear bar and torsion rods. I'm so-so on that. Performance tuning is out the window, but for a daily driver it should be fine, and maintenance is way cheaper.

Not sure on your fuel pump issue or how that would take out the engine. I could see possibly taking out the injectors if you wind up with particulate crap getting rammed into them at 1500 psi. But how are you losing an engine to a fuel pump "explosion"?

-Rick

Comment Re:Really? (Score 1) 511

At 200 feet, the spread on a horizontal shot is ~100". If this is 9 pellet buck shot with a perfect spread that means you have a bit over 4 feet of air between each of those pellets. The drone is what, 20" wide? Even a perfect shot has better than eve odds of missing at that distance.

Given a vertical shot where gravity is pulling each pellet even further out of the pattern and it would be a miracle to hit anything.

So switch to bird shot. Figure just over 1.5 oz of lead bb shot in a 12 gauge 3" shell, that's ~80 pellets. Significantly more likely to hit, but at 200 feet, the .56 grams of a pellet is moving at roughly 600 fps between air resistance and gravity, which is just over 9 newtons (2 pounds) of kinetic energy hitting the drone.

This is also assuming that the guy is using the largest commonly fielded bird hunting combo. If he's using a 2.5" or 2" shell, the numbers drop even more.

I would be quite surprised if someone pulled off a 200' vertical shot, hit, and did substantial enough damage to take a drone out of the sky. Yeah, commercial drones are wimpy, but not /that/ wimpy.

-Rick

Comment Re:Not surprising (Score 3, Informative) 284

Actually, I don't benefit. Thanks to the EPA, car makers can't engineer diesels to run with significant reliability.

That's pure BS right there.

I've got an '06 VW Golf TDi that has been running on ULSD since '08 with over 160,000 miles on it. I haven't had a single drive train failure on it.

I've replaced the glow plugs (Wisconsin winters are brutal), the timing belt (at ~100k miles), and regular oil changes at 10k miles. And I still pull 44mpg highway.

No vehicles have required DEF since 2008. It was a short term solution to meet EPA bin requirements in 2007/2008 while still running on low sulfur diesel fuel. Ultra low sulfur diesel, ULSD, does not require DEF to meet EPA requirements.

The EPA hasn't cost any jobs. It increases costs insignificantly, but the quantity of jobs is entirely dependent on demand. The few bucks that EPA regs add to the price of a car do not meaningfully impact demand.

-Rick

Comment Re:100 times better, but 20% energy savings? (Score 1) 90

I would ass-u-me that this would mean that over a period of time X, a current generation chip would process Y commands consuming N units of energy.

The new chip would perform 2Y commands over X time while only consuming .8N units of energy.

Or that each command execution would take 80% of the energy of a current gen chip, but that it could complete twice as many of them in the same time period, meaning a net increase of ~60% energy consumption at sustained max load.

Tons of ways to play with the statistics on this one, and the 100% performance improvement and 20% energy efficiency improvement are not mutually exclusive. But the summary doesn't give any context or detail, so without RTFA, it should be considered nothing more than marketing speak.

-Rick

Comment Re:The argument is "leaky" at best too (Score 1) 195

I would correct that even further.

It isn't about the fittest or death risk, it's about being able to procreate and survive.

In your species example of the 4, 6, and 10 mph creature. If the live birth rate of the creature declines as their speed increases (musculature takes energy/hormones away from breeding, high speed movements cause more lost pregnancies, etc...) than the 4mph species may actually be the winner as they will out-bread the 6 and 10mph variants.

Now, throw a 5 mph predator into the mix and the picture may change. If the 4mph variant can still breed fast enough to offset the deaths to the predator and out populate the higher speed variants, then it could still be the winner.

More likely though, the 6mph critter would win out as it is able to out breed the 10mph critter and would suffer significantly less losses than the 4mph critter to 5mph predators.

It all comes down to procreation. Which is the basic of the movie Idiocracy.

-Rick

Comment The bigger issue (Score 4, Interesting) 148

This bug is in the JIT optimizer of the 4.6 framework. For apps you are developing, it's absolutely no problem, you just go into the compiler settings and uncheck the 'optimize' setting.

The problem though, is that the 4.6 framework is an in-place replacement for the 4.5 framework, which was an in-place replacement for the 4.0 framework. And the JIT optimizer is on by default. So if you install the 4.6 framework, it could potentially introduce this bug into any application developed targeting the 4.0, 4.5, or 4.6 framework that is already distributed.

Luckily, it appears as though the issue is a combination of a nullable int that has a bug in the boxing/unboxing of it's operator when calling the .hasValue method. So the actual number of places where this will actually pop up is hopefully quite limited.

That said, MS better get this patch deployed ASAP. Or if you are in a critical hurry, the correction has already been committed to the .Net Git repo, so you can brave a build from that.

-Rick

Comment 'Coolest' mistake ever (Score 1) 377

A co-worker of mine had just finished implementing a new caching system for a legacy app that interfaced between multiple systems and the mainframe to track progress and shipping of pilot production runs. Due to a bug in his code, in a very specific use case, one of the cached systems would not get flushed. This was identified a few days after the production release when the company (a multi-billion dollar food sciences multi-national corporation) received a phone call from a Pastor in BFE, Minnesota asking why we had sent him almost 500 gallons of ice cream. Apparently, his church's address was in the system from some charity event we had sponsored, since the ID and business type didn't flush from the previous transaction, when the pilot plant told the software to print labels for the next order, it pulled the shipping address from the wrong database and the ID just happened to collide.

The cost of shipping the ice cream back for disposal was ridiculous. So the company told the Pastor to have a huge ice cream social.

The responsible developer was not fired, but there were running gags about him being the Ice Cream Man for the next year.

-Rick

Comment Re:Type 4 UUIDs (Score 1) 251

My concern is how to keep someone between your server and the subscriber's MUA from compromising "possession", or how to establish "possession" the first time.

If you follow the same model with account creation, then you already have possession established. If someone compromises your email account, and knows your user account for this site, and knows your security answers, then yeah, you're borked. But if someone has all of that information already, I'm pretty sure you've been borked for a while and in significantly worse ways than someone having your college transcripts. ;)

I just use a PRNG. If I need it as a GUID, I request 120 random bits and format them as a type 4 UUID. Is that good enough?

"Good enough" is a question that is best answered by the asker. Security isn't a Boolean implementation. You aren't secure or insecure, you are at some level of security across a very wide range. Storing passwords in clear text is vastly more secure than having no authentication on a system at all, but it is vastly less secure than storing a hashed password. And that is vastly less secure than storing a 1-way hashed password. And even that is meaningless if you don't have a secured communication layer, or if you aren't correctly exchanging public/private keys. etc...

Are you trying to keep script kiddies from spamming your content management site with pictures of dicks, or are you trying to keep banking details, SSNs, and credit histories locked up with controlled access via the internet?

With that said, you're likely more on the 'secure' side using a v4 UUID, assuming the rest of your implementation follows the appropriate patterns.

-Rick

Comment Re:Responses (Score 3) 251

[quote]So how do you encrypt this UUID?[/quote]

You don't. It's just a GUID or some other low collision rate hash.

[quote]And what do you send for a password reset?[/quote]

You send them a new UUID in a link. When the link is hit, the UUID resolves back to their account and they are directed to enter a new password, just like a first time user.

The combination of time (the UUID can be time boxed), activity (a successful login nullifies the UUID), and possession (control of the account's registered email address), and if you want to get really wild, knowledge of a security question, creates a scenario where there are no good purely technical solutions for the attacker.

An attacker could, in theory, create a colliding GUID for an account they know the name of (but not password), manually enter the UUID link, and set the new password (assuming there is no security question).

But if an attacker manages to consistently generate colliding GUIDs*, they have accomplished something so monumental that they should be heralded as the second coming of Steve Jobs or something.

(*Assuming the coders didn't decide to come up with their own GUID generation algorithm that is easily reverse engineered and seeded)

-Rick

If God had not given us sticky tape, it would have been necessary to invent it.

Working...