Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Logitech K310 because... (Score 1) 451

by badzilla (#49274709) Attached to: Ask Slashdot: Good Keyboard?
The Logitech K310 is reasonably OK to use and the build quality is pretty good. It is just an averagely nice keyboard although I do wish it had backlighting. http://www.engadget.com/produc...

The unique feature of this keyboard is that it is washable and yes I mean rinse it in a stream of running water whilst scrubbing it with a detergent brush. Have you any idea how filthy and bacteria-ridden is a typical office or home keyboard?

Comment: Re: stop the pseudo-scientific bullshit (Score 1) 88

by jd (#49156217) Attached to: Mysterious Siberian Crater Is Just One of Many

The Great Extinction, caused by Siberia becoming one gigantic lava bed (probably after an asteroid strike), was a bit further back in time. Geologically, Siberia is old. You might be confusing the vestiges of Ice Age dessication (which was 10,000 years ago) but which involves the organics on the surface with the geology (aka rocks).

Regardless, though, of how the craters are forming, the fact remains that an awful lot of greenhouse gas is being pumped into the air, an awful lot of information on early civilization is being blasted out of existence, and a lot of locals are finding that the land has suddenly become deadly.

Comment: Re: Authority (Score 2, Interesting) 234

by jd (#49156167) Attached to: As Big As Net Neutrality? FCC Kills State-Imposed Internet Monopolies

That is a good question. The last time the courts ruled on this, the ruling was that the FCC had ceded power and couldn't claim it back without the will of god. Or Congress, or something.

Personally, I'm all in favour of Thor turning up to the Supreme Court, but he probably wouldn't be allowed in on account of not having a visa.

Comment: Union membership is a good idea (Score 2) 301

Some people have an irrational and emotional dislike of trade unions and are not afraid to show it, with words such as fools, idiots, morons, and so on. Crispin Odey the president of a 12-billion-dollar hedge fund would like to disagree with you: “... there is huge value in being in a union at the moment.” http://moneyweek.com/merryns-b...

Comment: Yes and no (Score 1) 309

by jd (#49129871) Attached to: Moxie Marlinspike: GPG Has Run Its Course

First, the complexity of the engine shouldn't matter. You will never get the bulk of users out there to use, or care about, the real power of the engine. They don't want to mess with the engine. The engine should be under the hood, in a black box, whatever engineering metaphor you want. Users just want things that work.

I remember way back when I was at university. There were various absolute rules for good software engineering. The first was that the user should be presented with a must-read manual no longer than one paragraph. Tips and tricks could be more extensive, but that one paragraph was all you needed.

The second was that the user absolutely must not care about how something was implemented. In the case of encryption, I take that to mean, in the case of e-mail, that the engine should not be visible outside of configuration. A supplied key should trigger any behind-the-scenes compatibility mode or necessary configuration to talk to that user. If the keys the user has aren't suitable to correspond with that person, the system should ask if one is needed and tie it to that protocol.

There should be no extra controls in e-mail, except at an advanced user level. If a key exists to correspond with a user, it should be used. If a key exists for inbound e-mail, the key should be applied. The process should be transparent, beyond getting passwords.

Any indexes (particularly if full indexes) should be as secure as the message, good security practices on both will take care of any issues.

Ideally, you want to have the same grades of authentication as for the early certification system, adapted to embed the idea that different people in the web of trust will have done different levels of validation and will be trusted to different degrees. The user should see, but not have to deal with, the level of trust.

Last, GnuPG is probably not the system I'd use. Compatibility cruft needs to be as an optional layer and I'm not confident in implementation.

There should be eight main libraries - public key methods, secret key methods, encryption modes, hashes (which encryption modes will obviously pull from), high level protocols, key store, index store and lacing store. (Lacing is how these are threaded together.) The APIs and ABIs to those libraries should be standardized, so that patching is minimally intrusive and you can exploit the Bazaar approach to get the best mix-n-match.

There should also be a trusted source in the community who can evaluate the code against the various secure and robust programming standards, any utilized theorum provers and the accepted best practices in cryptography. Essentially replicate the sort of work NIST does, but keeping it open and keeping it free of conflict of NSA interest.

Comment: Translation (Score 2) 449

by jd (#49084893) Attached to: Credit Card Fraud Could Peak In 2015 As the US Moves To EMV

US businesses are as incompetent and insecure as Sony, but can be provoked into taking absolutely minimal action when their profits are under direct threat by sufficiently powerful financial organizations. You mean nothing, you never have, you never will. You have no say, you have no power, you have no rights, you cannot walk away. You aren't the customer, merely the product. Easily replaced if damaged.

You aren't getting security because security matters. You aren't getting security because you matter. You're getting it because two vendors and a trading bloc said so.

Comment: Re: Scaled Composites renamed (Score 1) 38

by jd (#48909771) Attached to: Virgin Galactic Dumps Scaled Composites For Spaceship Two

Solar sail can achieve 25% light speed, according to NASA, and Alpha Centauri is 4 light years away.

You want a manned mission (with robots doing all the actual work) to determine if the conventional wisdom that a manned mission to the outer planets is physically impossible is correct. Even if the pilot dies, you learn the furthest a manned mission can reach. There's seven billion people, you can afford to expend one or two. Ideally, they'd be volunteers and there'll be no shortage of them, but if you're concerned about valuable life, send members of the Tea Party.

Comment: Re: Scaled Composites renamed (Score 1) 38

by jd (#48909107) Attached to: Virgin Galactic Dumps Scaled Composites For Spaceship Two

No big surprise. The military are willing to invest what it takes for what they need. Military entities are, by necessity, pitifully naive when it comes to anything useful, but once they specify what they think they want, they don't shirk at the cost, they get the job done. A pointless job, perhaps, but nonetheless a completed job.

The corporate sector wants money. Things don't ever have to get done, the interest on monies paid is good enough and there hasn't been meaningful competition in living memory. Because one size never fits all, it's not clear competition is even what you want. Economic theory says it isn't.

The only other sector, as I have said many times before, that is remotely in the space race is the hobbyist/open source community. In other words, the background behind virtually all the X-Prize contestants, the background behind the modern waverider era, the background that the next generation of space enthusiasts will come from (Kerbel Space Program and Elite: Dangerous will have a similar effect on the next generation of scientists and engineers as Star Trek the old series and Doctor Who did in the 1960s, except this time it's hands-on).

I never thought the private sector would do bugger all, it's not in their blood. They're incapable of innovation on this kind of scale. It's not clear they're capable of innovation at all, all the major progress is bought or stolen from researchers and inventors.

No, with civilian government essentially walking away, there's only two players in the field and whilst the hobbyists might be able to crowdsource a launch technology, it'll be a long time before they get to space themselves. The military won't get there at all, nobody to fight, so the hobbyists will still be first with manned space missions, but it's going to take 40-50 years at best.

We have the technology today to get a manned mission to Alpha Centauri and back. It would take 15-20 years for the journey and the probability of survival is poor, but we could do it. By my calculations, it would take 12 years to build the components and assemble them in space. Only a little longer than it took for America to get the means to go to the moon and back. We could actually have hand-held camera photos taken in another solar system and chunks of rocky debris from the asteroid belt there back on Earth before Mars One launches its first rocket AND before crowdfunded space missions break the atmosphere.

All it takes is putting personal egos and right wing politics on the shelf, locking the cupboard and then lowering it into an abandoned mineshaft, which should then be sealed with concrete.

The universe is an island, surrounded by whatever it is that surrounds universes.

Working...