Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:What could possibly go wrong? (Score 1) 160

by adolf (#49341963) Attached to: Energy Company Trials Computer Servers To Heat Homes

Ummm well, that kinda depends on what you consider "cracked open". It took years to get it to boot and run something not designed to run on it. If you talk about, say, reading data on the system, that would not have taken years. Also, I have no idea how many people were working to crack PS3, I guess not that many, and the one who succeeded was some kid(no offence to smart kids, they are the ones who have time to work on things like cracking PS3 for fun) ? Just saying if the crackers had been people who had worked on such systems before the time might have been way shorter.

You know, I normally don't reply to ACs for a variety of reasons. I even have AC reply notification emails directed to /dev/null. I only see AC replies if I go looking for them, and I seldom do that. If you (or anyone else) wants to actually conduct discourse with me, please log in first.

It took years for the PS3 to be a general-purpose computer, outside of the (revoked, crippled) Linux environment.

Of course, a real impetus on a game console is piracy / copyright-infringment / making trial-ware out of pay-ware / running backups instead of originals. My own PS1 has a hardware mod chip that I installed myself, not to run Linux on the thing, but to make it run whatever the fuck I feel like -- even if it is a CD-R backup of a game that I've bought.

My original Xbox had a similar mod, though it was entirely done in software/firmware.

I have a hacked PS3. It required no soldering.

And it took *years* for this to happen. By then, the space-heater/radiator systems in TFS will have been supplanted with better ones. And with the current ease with which whole-disk and end-to-end network encryption is performed, I really don't see a clear-and-present security issue for companies using such machines as back-end database servers (indeed, perhaps the most available backup DB servers they have, on average -- with abilities to go live).

The PS1 hack happened without armed guards. It simply emulated a plain-to-the-eye barcode on the disc, and since the system itself had no on-board storage that was perfectly adequate to enable it to do whatever.

The Xbox hack was a buffer overflow using a saved game (I used 007), which allowed the Pentium-based machine to do the user's bidding: It booted a custom OS upon loading of a magical save-game. (wherein save-game itself was just a thing downloaded from the internet, stubbed onto an Xbox memory card using a special windows driver and a magic USB driver, and loaded into a memory card plugged into an official Xbox controller plugged into any run-of-the-mill PC, using a cheap big-box-store Mad Catz extension cable as a USB adapter and a soldering iron and/or a crimping tool to make the mismatched connectors mate.)

Those were all quick hacks, on the order of short weeks or months, with clear and present outcomes in terms of piracy.

The PS3 hack took *years* of fuckery to establish itself, and took such tomfoolery and even decapping chips (which was as-yet largely unheard of in such circles...) to make happen. And PS3 piracy still doesn't seem to be rampant, and backups are still hard to do.

But anyway, AC, my point stands: The PS3 took years to crack, and it was a much bigger crack than just reading a MySQL DB off of an unencrypted HD, or taking control of the system that provides heat for your house (==you're getting paid for). The former is simple with physical access (and most certainly isn't something that someone would install on a server intended for in a common abode these days), the latter is readily identifiable and actionable with failure and latency heuristics.

Truecrypt, OpenVPN == win.

Good bye again, AC. And good luck for getting "free" heat from the third-party servers installed in your house if you get them to do your bidding instead of their proprietors', or of 0wning them and taking the data for yourself. The very best you'll by fucking with them will be to break them so that they generate negative revenue for yourself, as they draw power and don't generate expected results.

You're better off plugging a big resistor into the wall: I think we call these "space heaters," and there is no contract required.

Comment: Re:What could possibly go wrong? (Score 2) 160

by adolf (#49331445) Attached to: Energy Company Trials Computer Servers To Heat Homes

And despite this commonly-held belief, it took *years* for the PS3 to be cracked open, with millions of units in the field, without guards or locked doors.

Physical security is a hell of a good start toward stemming the tide, but it doesn't hold a candle to systems that are actually secure.

I used to heat a large 2-bedroom ground-floor corner apartment with waste heat from computers and audio gear. It did have baseboard heaters, which did get used once or twice on the coldest nights, but often there was a window or outside door cracked open to let the heat out (in Ohio, in January) instead..

Comment: Re:Fuck ISPs (Score 4, Informative) 130

by adolf (#49307005) Attached to: ISPs Worry About FCC's 'Future Conduct' Policing

"We"? I guess.

The speed of my own VDSL connection was deemed inadequately-quick to spool Usenet traffic well over a decade ago. And the last time I commissioned an NNTP server, it didn't even come close to burdening a T1 (close to 20 years ago).

But, I know! We can distribute the load. Use fifty-thousand volunteer servers, all with different parts and PAR files to keep up the slack, scattered everywhere in the world. ...just like BitTorrent, but worse.

The beauty of Usenet was its simple one-to-many approach on a local level. The long-distance pipes had a predictable burden and the last-mile burden was limited to the end-user requests (with proper application of nntpcache, geographically-diverse NNTP servers, et cetera), where bandwidth is cheap.

It was a system that was designed to be very efficient, and it was very efficient. But in order to re-create it efficiently takes support from TWC, ATT, COX, etc., but they've already killed it and it is dead.

(Oh, sure: Today I can buy NNTP access from any number of centralized providers with months- or years-long retention. But that's not the way that Usenet was intended to work and doing so isn't nice to the network at all.)

What we need is proper multicast IP, which IPV6 seems be implicit about: Want a 4GB $file? Sign up to the multicast feed, wait for 4GB of file to stream your way, and done.

One-to-many. It's been built into the Internet since well before I was involved with it and yet nobody seems to understand it anymore. (It used to sadden me, and then I realized that I was sad for reasons that nobody else wanted to care about, so now I just don't care about network efficiency at all. The Me! Me! Me! mentality that I've adopted instead, just like everyone else, is much more gratifying, and actually works....as opposed to Usenet or Multicast-IP today.)

Comment: Re:Why not have devices get their time from GPS? (Score 1) 166

by adolf (#49303901) Attached to: Internet of Things Endangered By Inaccurate Network Time, Says NIST

The problem with network time is that it relies on network access. It fails in all of the same ways that GPS wins.

But it doesn't matter much because GPS repeaters are things that exist. Some additionally handle GLONASS, thus limiting reliance on any singular government's system.

For example.

Comment: Re:I dont see the need for this feature... (Score 1) 95

by adolf (#49286711) Attached to: Facebook Introduces Payment System

I find it interesting that all of your choices involve mailing some manner of paper document.

I suppose I could do any of those 3 things as well, but it seems so...insecure: Mail can (and does) get lost and misdirected. Recovering a lost money order sounds like a huge PITA.

At the last house I rented my first rent payment was by money order. It got lost, took a lengthy spin around the postal system, and came back. The landlord was fortunately very understanding. After that, I handled rent in-person for that particular property.

I pay plenty of utility bills online with Simple and they handle that electronically using CheckFree as the back-end of things. They'll gladly mail a check to my current out-of-state landlord, for free, but again: Mail.

At least with my current method I get a printed receipt that shows that I deposited money into his account, and he gets to use it instantly.

Comment: Re:I dont see the need for this feature... (Score 1) 95

by adolf (#49281335) Attached to: Facebook Introduces Payment System

The US has been behind on payment methods for at least a decade or two (which was when I first started paying attention).

The first time I saw a chip on a card that actually belonged to me and was useful (instead of a foreign-exchange student handing me his used-up phone card as a novelty, or somesuch), was with the US Army, basic training, circa 2002.

I haven't seen a similar chip transaction since then. Sure: Most of the readers I run across can now accept a chip-based card, but I've never actually -seen- it done by any civilian, ever. And I don't have a chip+pin card myself, despite relying on a fairly modern bank (Simple) for most of my money.

But then back to your own point: We, in the US (again, we're backward) are allergic to "wire" transfers. Always have been. We don't know how it works in the rest of the world, because we aren't the rest of the world, and we seldom travel to foreign countries (largely because the US itself is vast enough, but that's a discussion of geography and travel expense, not of financial flow)

To wit:

To pay the rent on my house, I have to do this: Since I receive my regular paychecks via ACH/direct deposit on Simple, I then I go to my own (local) credit union (who is unaffiliated with Simple, except for the Visa tie). I ask them for my money, present my Simple card, and ask them to process my request as a Visa cash advance (at zero expense, to me at least). I then stuff the cash into my pocket, take that cash across town to another credit union, to deposit it in the landlord's account (the landlord, himself, lives in another state).

This all, despite Simple themselves being a forerunner in transferring money (at least in the States), and both credit unions being members of the same "Co-Op": I should be able to do this reliably and quickly, from the comfort of the same comfy chair that I write this in, but I can't. I have to turn it into hard cash, and then deposit that locally, because...well, because America!!!@@!

And I do this every month on the 15th and probably will for years (because the house is awesome).

And if ya'll can do that with E-mail? I myself am not surprised, but let me tell you: It doesn't work that way in the States, and never has...but I hope it may some day.

I'm envious.

Comment: Re:Calculated risk (Score 1) 269

by adolf (#49281251) Attached to: Fraud Rampant In Apple Pay

This is why I find myself more-frequently finding $5.00 minimums at local merchants, sometimes with a $0.50 or $1.00 surcharge for purchases under $5.00: It, on average, covers their ass.

A local restaurant gives a (I forget) 5 or 10-percent discount for cash (vs credit), not even four blocks from my house.

Of course, these small merchants (coffee shops, carryouts, hardware stores, the one locally-owned liquor store) aren't in the business of selling big-ticket items: In my town, that's the realm of the singular audio salon, service companies (think HVAC, though HVAC folks like to establish their own credit lines for their customers -- which is fine with me) and big-box stores (Wal-Mart, Lowes, Best Buy, etc).

And I can only speak for the audio salon, because I do casual contract (1099) work with them on a a fairly regular basis and have been good friends with the owner for decades, but: He doesn't care. If there were a horror story involving credit card fraud, he'd tell me all about it in a late-night telephone rant, but that hasn't happened. What I do know is that he gets sadfaced when someone wants to pay with a credit card, and then tries to give them a better deal if they'll pay cash -- right now (or tomorrow or next week, even, depending on the sale).

He prefers cash because he has his money right now, instead of at the first of the month or whatever, and doesn't have to pay a percentage of the bill to $banking-system. Perhaps he is lucky that he has no grandiose fraud stories to report, though there isn't much that he sells that might be easily- and untraceably-fenced and criminals aren't necessarily stupid.

That said, for the ridiculous percentages that Visa and Mastercard charge merchants for their services, they should have plenty of cash to cover the fraud that is enabled through their own insecure processes instead of the merchant. That doesn't mean that they should cover it.

In the grand scheme of things, perhaps it doesn't matter: Someone must pay for fraud, and that someone must, ultimately, be the consumer. If better practices are put in-place, it is ultimately be the consumer who pays for the development and deployment of them (even if Visa writes the check). If fraud is instead rampant, then it is ultimately the consumer who pays for that too (which, under current rules, means that the merchant might adjust their sticker prices to adjust for fraud).

Because at the end of the day, it is me, the consumer (or the fraudulent consumer) who is (alleged to be) providing funds.

Currently, the impetus is on the merchant to verify that the transaction is valid, and the merchant (and ultimately the consumer) pays. If it shifted to Visa/MC, the consumer would also pay. If it shifted to the requisite banks who actually hold the money, the consumer would pay as well.

Arguing about whether the merchant or the bank or the processor covers the loss is an exercise in semantics: In all cases, money does not appear from thin air (unless you are the Federal Reserve Bank, which is a different discussion), and someone has to pay for fraud, and that someone must always ultimately be the consumer.

(Where the blame lays beyond that? As a consumer, I don't think it makes any difference. I'll be paying for it no matter what.)

Comment: Re:This is a bug not a feature (Score 1) 328

by adolf (#49255127) Attached to: New Crop of LED Filament Bulbs Look Almost Exactly Like Incandescents

I attacked your illogical argument.

You keep repeating your assertions, and haven't done a single thing to add actual logic to your thoughts.

Your move.

(Was married for over a decade Got rid of that bitchy adulterous cunt, but even she liked warm white over cold, hard high-color-temperature light -- all else the same. But even if she didn't like the warm lights, my domestic issues would not entail a forecast of the greater future of humanity: The sampleset is insignificant.)

Comment: Re:This is a bug not a feature (Score 1) 328

by adolf (#49255111) Attached to: New Crop of LED Filament Bulbs Look Almost Exactly Like Incandescents

Please note that I'm really not trying to proclaim one direction of color temperature over an other; mostly, I'm attempting to proclaim that while OP's observations may be inarguably correct, his conclusions are without basis in fact and are unsupported by even his own observations.

For my own opinions: A dozen or so years ago, I saw an outdoor Rammstein concert in Cleveland, Ohio, which was at a time where stage lighting predominately consisted of approximately sixteen million halogen PAR cans.

Rammstein likes very white light on their stage.

Accordingly, the vast majority of this plethora of cans had a light-blue gel over them, making them appear to be very, very white. (Glistening white. Fairy-tale white. 7000k white, in a time when lights were never 7000k.)

Except for one stray can where the gel was installed wrong and fell out or burned or was missed or somesuch thing, which in comparison seemed to be unnaturally yellow.

It was a brilliant show; the best I've ever paid for, both in terms of music, theater, and performance. That one yellow (aka open halogen) light still hangs in my mind as the flaw.

But, back to color temperature, that was the intent: Rammstein is not exactly easy-listening, and they very purposefully chose a lighting color to force the audience to be alert and awake -- even though it had real tangible costs in terms of space on trucks, generator capacity, cabling, and/or overall luminance.

My own opinion is that higher color temperatures have their place. One of my employers has a showroom with a lot of east and south-facing windows, so it gets quite a bit of natural light. The owner upgraded from halogen PAR-30 halogen track lights a couple of years ago to 7000k LEDs on the same tracks, and it's a positively lovely thing during the day at any time of year: 7000k is not so dissimilar from the oxygen-filtered blue that we get with ambient sunlight.

But in the winter months, when the sun goes down early, it looks positively dreary in the evening before the shop closes...and for a couple of hours a day, for a few months a year, it would be better if he had lower-temperature lighting.

My own garage is another good example: I tend to prefer "warm" lighting after decades of actually paying attention to color temperature*, so I've got it lit with warm Cree LEDs. But my garage is windowless, and in the winter (when the doors are all closed) the Cree LEDs work great.

In the summer, with ambient light streaming in from both the man-door and the overhead door? Not so much: My LEDs -will- appear to be artificially yellow in that environment.

*: When I was younger, the hottest non-flickering white one could get was halogen. I liked it quite a bit. Later, I discovered that I liked dimmed halogen better. Later than that, I discovered that my television's default settings were very wrong, and learned how to calibrate them using the service menu and a colorimeter for a picture that is much softer and much more...brown than most people expect, but which matches the same broadcast standards that the studios use and is therefore more accurate. Later still, I actively hunt down improperly-placed high-color temperature lights: When I moved into my new house a few months ago, one of the first things I did was remove the blue-ish CFLs lighting my basement/home-theater room and replace them with -anything- warmer: It is now warm LED-lit, with some Cree and some Wal-Mart Great Value, and everyone remarks that it is the most-evenly lit area of the house despite the giant fucking windows in all rooms on the first floor**.

**: Which are lit with chandeliers with 5ea 25W flame-shaped incandescents. Which the landlord insisted that I keep the same, forever. And for which even provided a packaged retail example of to make sure that I knew what bulbs to buy for replacements. And which my lady-friend actually likes. I installed cheap Lutron rotary dimmers to try to take advantage of zero-crossing to be nice to the filaments (which tends to make tungsten-filament bulbs last years instead of months), and also to be able to turn them down to save energy while also providing navigable light***.

***: Even if that dimmed light is far more warm than I might like, it's still just fine for navigation and saves as much money and materials as I can given my stated constraints.

****: As an unreferenced footnote, I will check out your link, though it sounds like something that Rammstein's lighting engineer figured out over a decade ago. Likewise, you might want to check out the Imaging Science Foundation, fl.ux, and see if anyone on avsforums has an ISF-based calibration model for your television. You might be surprised, but then you don't seem like you are basing your conclusions and predictions on the utterances of others (minor children or otherwise).

At the source of every error which is blamed on the computer you will find at least two human errors, including the error of blaming it on the computer.