Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Cookie authenticated or open WiFi is insecure? (Score 5, Informative) 40

by Shoten (#49353537) Attached to: Big Vulnerability In Hotel Wi-Fi Router Puts Guests At Risk

Isn't it sort of obvious that hotel networks are a free-for-all security wise?

Use a VPN and SSL.

RTFA; that won't help.

The problem is that before you can connect out to use your VPN, you first have to get provisioned by the hotel's wifi. This involves at a minimum checking a box that says "I won't try to hack or do bad things," along with either authorizing a charge, giving the webpage your hotel frequent traveler info/name and room number, or authorizing a charge for the Internet access. Those pages are what put you at risk; the attacker hacks the router that serves up the page, adds a nice little bit of extra code to serve up malware (that he also uploads to the router itself, so no need for outside Internet to get it), and boom...everyone with a vulnerable system that connects in that hotel gets pwned.

And that's beyond the risk of the machine serving as a jump-point for deeper penetration into the hotel itself. How is your using a VPN going to protect the hotel's keycard system from being hacked? Or protect your private information that resides in the reservation system?

Comment: Re:Cooling (Score 1, Insightful) 148

by Shoten (#49339873) Attached to: First Nuclear Power Plant Planned In Jordan

Seems to me cooling might be an issue in an already water poor area of the world.

Jordan has access to enough water. Just because it's in the middle east doesn't mean it's a desert. Power plants go near population centers, and population centers exist near water. Even more importantly, there's a difference between "drinking water," with all of its sanitation, distribution, and monitoring needs, and just plain "water," which can be found in any lake. Heck, lots of power plants have man-made lakes to supply that water.

But you're missing the real point. Modern nuclear plants don't need that much water. The Fukushima reactor is the oldest design there is, and its dependency on water is one of the reasons it's no longer used. Passive cooling towers (the big bong-looking cement things that we associate with nuclear plants, but which can also be used on other non-nuclear plants) massively reduce the water requirements of a nuclear plant, and are almost certainly what would be used.

Comment: Re:Google wants a monopoly... (Score 2) 133

by Shoten (#49330915) Attached to: Chinese CA Issues Certificates To Impersonate Google

Nothing wrong in pointing out that an advertising company whose sole business is spying on their users would make sure that any competition is eliminated.

It is possible to dislike both. Please do try to use your brain.

There is when it's totally off-topic and entirely irrelevant. It doesn't matter that Google is involved; this is about China and spying on their own citizens. Google's business model has nothing to do with it. Disliking Google has even less to do with it...because Google is, to date, the only tech company that has ever stood up to China over things like this. In this situation Google is actually the good guys.

And, for the record, every company wants a monopoly. That's why monopolies were outlawed. I think it's you that should use your brain.

Comment: Re:Google wants a monopoly... (Score 5, Insightful) 133

by Shoten (#49329369) Attached to: Chinese CA Issues Certificates To Impersonate Google

...on processing of your private information. It is in its interests to make sure everything is secure until the moment it reaches their servers.

And if you live there, China wants a monopoly on knowing your private information...plus incarcerating you and even killing you to harvest your transplantable organs should it find that it doesn't like something it learns about you. Like that you think Tibet should be free. Or if you worship the wrong god.

Please do try to keep a sense of perspective?

Comment: Re:You don't say... (Score 1) 606

by Shoten (#49220335) Attached to: YouTube Video of Racist Chant Results In Fraternity Closure

SigEps are racists. Wait, frats in general are racists. No shit, Sherlock. PKA on my campus was 100% Jewish. If you weren't Jewish, you weren't getting in. Some were all white. Some all black. The entirety of the greek system is racism and sexism in action. Give me a break with your feigned outrage.

Now, now, now. It's not actually true that all frats are racist. In fact, even the most racist of frats aren't even racist all the time.

When they're committing date rape, race is of no concern to them.

Comment: Re:1.2 what? (Score 4, Insightful) 199

1.2 pedobytes.

According to the article, they seized more than 4 times more child porn than the Library of Congress has.

But unlike past investigations into the distribution of child porn, which typically involve targeting suspects individually, police have instead seized over 1.2 petabytes of data—more than four times the amount of data in the US Library of Congress

I'm kind of surprised that all congress could only manage to accumulate 300TB of child porn.

Actually, they seized 1.2 petabytes of data, not child porn.

The situation is that this is a data center. So that means SANs and virtual hosts. SANs mean that you don't just have a 1-to-1 relationship between a hard drive (or even a hard drive array) and a computer. And virtual hosting means you don't have a 1-to-1 relationship between a server and a website. So I'd bet my paycheck that they went in with a broad net, grabbing every SAN that they thought contained child porn. In essence, they grabbed the whole data center so that they can figure out just how much of it...and which of it...is actual evidence.

Comment: Not entirely new... (Score 1) 110

by Shoten (#49160363) Attached to: Ultra-Low Power Radio Transceiver Enables Truly Wireless Earbuds

This kind of tech has existed for a while; it's primarily used in surveillance gear, so that the earphones being worn by someone working in the field can't be seen. The downside of the current state-of-the-art, however, is that the wearer needs to have the induction coil under their clothing, around their neck. I'm really curious how this would work in stereo, personally, as all the solutions I've seen are only mono by requirement; there's no easy way to partition the field into two segments, to separate left from right.

Comment: Control Systems Security: #1 Truth (Score 1) 103

by Shoten (#49100189) Attached to: Also Hackable: Drive-Through Car Washes

Billy Rios sums things up interestingly with this sentence:

"If [a hacker] shuts off a heater, it's not so bad. But if there are moving parts, they're totally going to hurt [someone] and do damage," says Rios, founder of Laconicly.

The trick with control systems...which is what the computers controlling this car wash are...is that logical actions result in kinetic effects. And you can't reboot physics, or restore solid objects from backup.

Comment: Heh (Score 1) 134

by Shoten (#49100151) Attached to: Homeland Security Urges Lenovo Customers To Remove Superfish

I think it's interesting that Lenovo posts not just the "Automatic Removal Tool," but also the source code to the tool. What I want to know is this: has anyone compiled it, and managed to get their compile options/environment such that they came up with a binary that matches the downloadable tool?

Comment: Re:Why don't they use a single rotor? (Score 3, Interesting) 129

by Shoten (#49089503) Attached to: Delivery Drones: More Feasible If They Come By Truck

While I agree with people saying the whole drone thing was just a Bezos PR stunt, out of interest, wouldn't it be better to use a single rotor helicopter rather than an octocopter for these sorts of tasks? I remember reading how a lot of the energy in a multi-rotor is wasted accelerating and braking the motors to control pitch and attitude, and this leads to substantial conversion losses and the need to oversize everything. Surely at eight rotors, the cost of adding a swash plate control would be worth it for the efficiency gains, especially in a commercial setting.

Here's an experiment that will illustrate the answer for you.

Buy a Parrot drone, and fly it. See how easy it is? It's very stable, and quite straightforward.

Now, buy a small but decent (i.e., big enough that it could carry something like a GoPro) R/C helicopter. Try and take off; don't forget to wear eye protection. Tally up how many times you have to go back to the shop for new rotors and other parts, as you crash again and again. Or, in the alternative, just watch the Mythbusters episode where they take on the myth of a helicopter crashing because its rotor blades were destabilized with a little bit of tape, so you can watch them go through this exact process.

And yes, it's technically possible to add technology to single-rotor design systems to automate the corrective actions to keep them stable. But by using an octocopter, you can do it a lot more cheaply and more easily.

Real Users find the one combination of bizarre input values that shuts down the system for days.