Forgot your password?

+ - Heartbleed: Serious OpenSSL zero day vulnerability revealed-> 1

Submitted by Anonymous Coward
An anonymous reader writes "ZDNet reports: New security holes are always showing up. The latest one, the so-called Heartbleed Bug in the OpenSSL cryptographic library, is an especially bad one. The flaw can potentially be used to reveal not just the contents of a secured-message, such as a credit-card transaction over HTTPS, but the primary and secondary SSL keys themselves. This data could then, in theory, be used as a skeleton keys to bypass secure servers without leaving a trace that a site had been hacked."
Link to Original Source

Comment: Re:Do they distribute the source? (Score 2) 208

There's a lot of GPL software in Ubuntu, starting with the Linux kernel. Does Tesla distribute the source code to Model S owners that ask?

I am not aware, yet. Have only see one owner be vocal in the past about trying to get it, but haven't . A few relevant threads. Lots of noise and general ignorance about Copyright in there, so prepare yourself.

Anyone want to get the source code for the Linux (etc.) in your car?
Running on Linux
Copyright (and Libel) Discussion

Comment: Re:Everything is watching you these days... (Score 5, Informative) 208

Actually, what's more likely is that they saw his post on the Tesla Motors Club forum detailing what he'd done and then connect the dots between the forum post and ownership data:

Successful connection on the Model S internal Ethernet network

Tesla has been known to connect forum users to actual owners and proactively contact the owners via phone when they report problems with their car there.

Comment: Re:To little, too late. (Score 1) 111

by Spoke (#46371965) Attached to: Intel's New Desktop SSD Is an Overclocked Server Drive

Even with built-in battery or UPS, while that reduces the risk of unexpected power loss, in my experience it still happens.

As far as comparing reliability of SSDs to HDDs, an actual study found that SSDs were much more likely to lose lots of data, sometimes bricking the entire drive.

Enterprise HDDs were the most reliable, even the best SSD they tested was not as good (though similar to consumer grade HDD).

Unfortunately, the study does not reveal which drives were tested.

Comment: Re:What the (Score 1) 207

by Rei (#46293715) Attached to: Chevron Gives Residents Near Fracking Explosion Free Pizza

The actual point of concern from fracking is not about the fluids, the water, or any of the bullshit you see people ranting about. The problem is that they are re-using old wells which were drilled a long time ago, and those wells go through the water table and natural aquifers in many cases. Those old wells tend to have shoddy and/or degraded casings (the walls of the wells are lined usually with some type of concrete or metal tubing to prevent them from collapsing), so when they are pumping the shit down the well they can tend to leak somewhat.

Well put. It's important to realize that by the very nature of there being trapped gas, that means that there is at least one (generally several) layers of highly impermiable cap rock above the natural gas, so thick and durable that they've contained a highly-mobile gas for millions of years (despite earthquakes and the like), all of which is several kilometers down - versus the groundwater which is a couple dozen to a couple hundred meters down. Creating cracks a couple dozen centimeters long several kilometers well below the cap rock down has essentially no effect on the leak rate from the reservoir up through *kilometers* of rock (which would take ages for anything they're injecting now to reach anyway). The problem is the well, which by its very nature must pierce through each layer on its way down - including your groundwater layers. Even new wells aren't perfect (as we well know). Reusing old wells is a recipie for leaks.

The solution to water shortages isn't to cry about frakking, it's to start advancing our de-salinization technology

I don't know... desalinization generally takes crazy amounts of energy to produce enough for agriculture, just by the very nature of the energy state of saltwater versus fresh. There is one concept I read about a few years back which I thought was pretty clever that might work around that, though - it was to use open evaporation pools to create super-saline water and to have it flow past two ion-specific membranes (one for negative ions, the other for positive) connecting to adjacent pools, creating a salt gradient pressure into those pools. Each of those pools in turn have their opposite ion-specific membrane connected to a final regular-saltwater pool. For an ion to follow the diffusion gradient and leave the super-saturated pool into an adjacent pool, that adjacent pool must suck an opposite ion from the final saltwater pool - which it will do if the gradient from the super-saturated pool is strong enough. The final pool stays balanced because ions are being lost to each adjacent pool. Eventually the final saltwater pool will become freshwater.

That which I find really neat about this concept is that it doesn't use electricity beyond basic water pumps and the like - the energy powering it is simply evaporation of seawater, which is ridiculously easy to achieve in many desert locations. In many places a mere jetty is enough to turn hundreds of square miles of ocean into an evaporation pool. The challenge is of course mass production of sufficient flow rate ion-selective membranes and keeping them from clogging.

Comment: Re:What the (Score 1) 207

by Rei (#46293649) Attached to: Chevron Gives Residents Near Fracking Explosion Free Pizza

I'm not sure I'd call a sodium reactor more safe. Heck, liquid sodium explodes in contact with concrete, and the very reactor itself is built out of concrete. They have to clad it in thick steel as a precaution, and after a sodium leak in Japan, the sodium ate over halfway through the steel. Liquid sodium is not nice, friendly stuff.

And I don't think there's anywhere *near* enough data on thorium reactors. All the happy-go-lucky stuff sounds all too much like the sort of sales pitches that accompany each new generation of nuclear reactor.

If I had to pick one that I thought had the most promise, it'd be lead-bismuth. Now, they have their own set of corrosion problems, no question. But at least there's a damned lot of data from the former USSR on how to prevent it. Beyond that, leaks are pretty harmless (apart from economically) - your worst case scenario is that your reactor entombs itself in lead, which most people would consider *desirable* in a worst-case reactor leak. There's no explosion risk from lead-bismuth. It's a breeder approach like sodium, so little waste and highly efficient fuel usage. And the emergency circulation in modern designs is mostly passive.

But honestly, the biggest issue I have with nuclear is cost. The nuclear industry is one of the few industries out there that has demonsingtrated a long-term *negative* learning curve in terms of cost. That is, the longer we run nuclear power plants, the more added risks we learn we have to address (which costs money), the higher the disposal cost estimates versus earlier estimates, and on and on. Scaling factors mean that plants usually have to be very large which means that you don't learn as much from building lots of them with varying approaches. And the generally best way to deal with a problem of escalating costs on a design - start anew with a radically different design - means you start the learning curve over, which takes decades on nuclear due to the slow pace. And the newer approaches are often more complicated in order to solve the previous problems, which introduces new potential avenues of failure.

It's a real problem. All issues of safety and the environment aside, if nuclear can't address the cost issue, it has no future. Cost kept investors out of nuclear more than NIMBY for three decades. They've been trying again with this latest round of nuclear construction (often with citizens picking up the financial risk if not outright the tab), but the results thusfar haven't been very appealing, with lots of cost overruns.

Comment: Re:Scientists Create Pizza That Can Last Years (Score 2) 207

by Rei (#46293571) Attached to: Chevron Gives Residents Near Fracking Explosion Free Pizza

Cooked with natural gas, no doubt!

Seriously, though... I mean, "NEWS FLASH: Mass production of gas sought for its high energy and ease of combustion poses a fire risk!" Who here is surprised by this? Are there people in town going around saying, "My god, I knew they were producing *natural gas*, but I had no idea they were producing something that could *catch fire*!"

Comment: Re: Uh (Score 1) 545

by Rei (#46164217) Attached to: Getting Young Women Interested In Open Source

According to US crime statistics, 99% of sexual assault perpetrators are men. 91% of sexual assault victims are female. That is, to put it bluntly, even when a man is a victim, the perpetrator is still overwhelmingly likely to be a man. And if you want to fall back to the "guys aren't as likely to report being raped by a woman because it'd be embarrassing" canard, you really think that it would be any less embarrassing for them to report being raped by a guy, given the male taboo about anything homosexual?

The simple fact is, statitically, it's almost exclusively men who rape. Not 100% exclusively - given the vast number of rapes, even 1% is still a large number. But, statistically, the percentage of perpetrators that are women is very small.

And let's get out of the BS denial mode. The simple fact is that about 1 in 4 women will be raped in their lifespan, and polls of college-age men show that approximataely one in 10 have already raped, and of those, about a third are serial rapists. These numbers aren't appearing in a vaccuum; you need to stand up and deal with the elements in male culture that treat it as fine to treat women as objects, conquests, and makes sexual consent out as optional. I find it incredibly disturbing the percentage of men who don't even know what consent *is* or that they have to get it ("If she passes out she's fair game", "She's my girlfriend so it can't be rape", "She didn't physically fight me when I forced myself on her, she only *told me* not to", "If she didn't want it she wouldn't have dressed like that", etc).

These are your friends, your family members. Stop turning a blind eye to the problem, admit it exists, and if you see these sort of attitudes expressed, F*'in say something. Your silence or friendly laugh gets interpreted as agreement.

Comment: Re:I'm male but... (Score 1) 545

by Rei (#46161099) Attached to: Getting Young Women Interested In Open Source

If you actually believe that, you do not understand people, much less women.

Because, of course, women are not people?

FYI, the statistical psychological differences between men and women are generally quite small. Blaming your lack of understanding of someone on their gender is not almost certainly wrong, but it's a defeatest attitude - it's blaming your failure on something you cannot change so why even bother, "They" are just un-understandable!

Comment: Re:Uh (Score 1) 545

by Rei (#46161065) Attached to: Getting Young Women Interested In Open Source

Right, so women sexualize men as much as men sexualize women? That's why... oh, let's just pick an example... there's at least 10 clubs where women strip for every one where men strip - and at least half of those are for gay men? That's why we have words like "booth babes" but not "booth dudes", because the former has to be at least an order of magnitude more common, even in fields where men and women are represented in roughly even numbers? I could keep going if you'd like. Heck, do I even need to go into the ultimate example of sexualization/dehumanization of an individual, sexual molestation and assault?

Don't give me this false equivalency BS. There's a serious problem with men - not all men, far from it, but a huge percent - treating women as though they're simply things to sleep with rather than people like themselves, and it is NOT anywhere near on the same scale in the other direction.

The first step to remedying a problem is admitting that it exists.

"The Amiga is the only personal computer where you can run a multitasking operating system and get realtime performance, out of the box." -- Peter da Silva