Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment Re:Liquid hydrogen [Re:A sad day] (Score 1) 175

Nevertheless, hydrogen fuel is routine in spaceflight.

Propellant leaks are a problem to be dealt with in all fuel types; not just hydrogen. Liquid oxygen: https://spacenews.com/propella... Kerosene: https://spaceflightnow.com/202... Methane: https://spaceflightnow.com/202... Hydrazine: https://www.teslarati.com/spac...

True, you can always have leaks, but hydrogen leaks seem to be way, way more common than leaks of other fuels as a percentage of launch attempts. The shuttle was scrubbed on average almost once per launch, and a large percentage of the scrubs were caused by hydrogen leaks (source).

And that's on top of the whole embrittlement problem, which can lead to catastrophic hardware failures if you're reusing parts over a long period of time, which is another reason why folks trying to do reusable rockets (e.g. SpaceX) tend to avoid it. And if you think embrittlement is a risk in something that gets used once, imagine the effect on fuel lines in cars that are pressurized for decades at a time.

It is a really, really nasty fuel, IMO. Mind you, hydrazine is worse in some ways, but that doesn't mean hydrogen isn't nasty. :-)

Comment Re:A sad day (Score 1) 175

When it comes to charging EVs, time is a huge resource. Everything is simpler, cheaper, safer, lower wear, etc when you don't have to do it fast. Fleet vehicles are really a perfect fit for that because you typically do have 11-12 hours to 'trickle-charge' them at 14 amps.

One possible exception: Rental cars at airports. But only to a point.

Comment Re:A sad day (Score 1) 175

School buses, mail trucks, plumbing vans, and the like don't actually need all that much range, maybe 200 miles.

You're grossly overestimating the required range for most of those things. School buses travel an average of just 63 miles per day. Mail trucks? 25 miles per day. Or were you planning to charge them only on weekends? :-)

Mind you, that's not the whole story for school buses, because they also have to be able to take the sports teams and bands to out-of-town games and competitions within a 200-mile radius or thereabouts, so for those long runs, you would need at least a 400-mile range to do a round trip, or else the driver would need to be able to take it to a Megacharger or similar close to the destination with a 200-mile range. But you could also keep a small number of diesel or gasoline buses for that purpose if you want, at least for the foreseeable future.

Comment Re: A sad day (Score 2) 175

" You can put probably ~500 miles of range into a hydrogen fuel-cell vehicle in 7 minutes versus 200 miles in 15 minutes on a modern EV."

When all goes well, sure. At other times the fill connector freezes up and it takes much longer. At least three times, there has been an explosion during filling just in the limited service in California alone.

Sure. That's common when technology is in its infancy. Those problems could be solved, given enough time and money. In theory, so could the leaks, though given that NASA tried to fix them for three decades and still had leak problems on Artemis, that remains a theory. :-D

Hydrogen has much bigger problems than filling time, freezes, or the occasional explosion from dispensing a gas at high pressure incorrectly. If those were the biggest problems, I'd be totally in favor of doing more with hydrogen and fuel cells, because those are manageable and/or fixable technical problems.

A much bigger problem is fact that almost all hydrogen comes from natural gas, which makes it anything but green. The dirty little secret is that your losses from leaks would make distributing it over oil pipeline infrastructure completely infeasible, so you'll end up distributing natural gas instead, and cracking it to make hydrogen. And now, you have all the CO2 emissions from burning natural gas, plus all the efficiency loss from cracking the natural gas ahead of time, and you're about as green as a forest fire.

And of course, if you get it through electrolysis instead, you're likely wasting considerably more than half the energy you put in, versus more like 1% loss when charging a battery, making it a huge drain on our power grid.

And the elephant in the room is the cost per mile. In California, current prices for hydrogen fueling are hovering around $36 per kg, or about 50 cents per mile in a typical hydrogen-powered car. This makes it almost an order of magnitude more expensive than BEVs, and there's no real reason to believe that this will improve at this point, given how long it has failed to improve. At best, the whole thing feels more like a glorified government subsidy capture scheme, rather than a serious means of powering cars.

Hydrogen is a terrible idea on multiple levels. The fact that ostensibly it could have been a short-term workaround to provide multiple means of getting energy into rural areas (gas pipelines and power grid) is nice in theory, but in practice, the losses are just way too high, and batteries just work way too well, so the benefits just don't hold up in practice.

Comment Re:Liquid hydrogen [Re:A sad day] (Score 1) 175

I've said similar things about NASA's Artemis mission for the same reason. Doesn't everybody want to use a fuel that is almost impossible to keep from leaking, and then spend the better part of a year with the rocket stuck on the pad trying to fix the leaks so they can launch it? :-D

Not sure what your thinking is here. Hydrogen stages for rockets have been in routine use for well over sixty years. By now it's a well-developed technology.

But orbital boosters can afford liquid storage at -253C; they only need to store the liquid hydrogen for a few hours, and the cube-square law means that the 150 tons of hydrogen needed for a rocket takes a lot longer to boil off than a hundred kilograms in a car. Liquid hydrogen would be an absurd choice for a car.

*shrugs*

Hydrogen leaks were one of the most hated aspects of the Shuttle design, too. It's routine until it doesn't work. Then it's a huge pain in the backside. The shuttle, Artemis... both of the two big NASA designs that used hydrogen had big headaches from hydrogen leaks. At some point, you start to see a pattern. (Whether that pattern is hydrogen or defense contractors, I couldn't say. :-D )

Comment Re:I understand. (Score 1) 99

If Steam said, "No, we'll find another processor that isn't trying to run our business for us,"

You seem to be confused just how much of a monopoly the payment processing world is. Payment processors have acted as the moral police for decades now and have killed entire genres of the adult industry single handedly. There are many out there who have actively tried just going to someone else, and repeatedly failed.

*shrugs*

There are literally almost one thousand companies that do this. There's no way that none of them would be willing to process your payments for a high enough fee.

There are quite literally payment processors that specialize in high-risk merchant accounts (e.g. PayCompass).

Yeah, there have been problems over the years caused by payment processors being a**holes. And other companies have come in to fill the holes they left behind. That's the thing about capitalism: When one company won't do business with you, there's almost always somebody else who will, if there's enough money in it. And there's *definitely* enough money in it.

These companies just don't want to fool with it. And I get that. But I really get tired of them acting like they have no choice. They have a choice. They made the choice to pay lower fees on everything in exchange for not selling that. They could also have chosen to use a processor that specializes in high-risk transactions and raised commissions across the board to make up for it. They could also have split their purchases into adult and non-adult purchases and used a high-risk merchant account for the first and a normal merchant account for the second, and raised commissions only on adult content that the first processor considered high-risk, adjusting the line over time, as needed.

There are always options. Those who say they have no choice are almost always just making excuses for poorly thought out decisions.

The main problem is probably that Steam supports PayPal, which is one of the most restrictive payment processors out there, and PayPal probably gets mad if you can't pay for certain things with PayPal because of PayPal's AUP. Heck, Steam might even use PayPal under the hood for all of their transactions, for all I know. But the thing is, Steam chose to tie themselves to that payment processor, and nothing stops them from walking away.

Comment Re:Good. (Score 2) 175

Hydrogen is not a great energy storage medium. More importantly, the primary source of hydrogen is a fossil fuel. Switching to a fully electric source of hydrogen is far more difficult than it is to simply charge batteries. Producing hydrogen is an unnecessary inefficiency.

And by "more difficult", you mean that there is a massively larger amount of efficiency loss. If you're lucky, you recapture 60% of the energy in the fuel, and multiply that times the 75% efficiency for electrolysis, if you're lucky, and you're throwing away more than half the energy that goes in. So if folks are freaking out about the power grid not being able to handle EVs, imagine what would happen if you doubled the power requirements.

Comment Re:A sad day (Score 1) 175

Promising? How? It's a concept that's only been kept limping along by the fossil fuel industry, that carries the best selection of the worst downsides: Expensive and currently fossil-sourced fuel like an ICE, high up-front vehicle cost and slow "refuel" times like an EV,

It's not really that bad. You can put probably ~500 miles of range into a hydrogen fuel-cell vehicle in 7 minutes versus 200 miles in 15 minutes on a modern EV. It's actually pretty comparable to a gasoline-powered vehicle. But you do still have to stop, unlike with an EV, where 90% of your charging can be done plugged in at home while you sleep. So in that sense, it's slow.

a fuel with very few filling stations in the world that needs to be stored at enormous pressures, burns with an invisible flame, can escape through solids and embrittles steel on the way out like...hydrogen.

I've said similar things about NASA's Artemis mission for the same reason. Doesn't everybody want to use a fuel that is almost impossible to keep from leaking, and then spend the better part of a year with the rocket stuck on the pad trying to fix the leaks so they can launch it? :-D

Comment Re:I understand. (Score 2) 99

The payment processors have all the power here. I doubt Steam particularly wanted to do this - otherwise that content would have been blocked before payment was an issue. And since the threat really is existential, Steam will bend.

Is it really? If Steam said, "No, we'll find another processor that isn't trying to run our business for us," they would probably not get as low a fee, but that's far from existential. It's not like the actual payment networks give a crap. They get paid either way, even if the transaction gets refunded. It's the merchant account providers that are the issue, and if one is a problem, there are almost a thousand other companies who will gladly step in and fill the void.

So from my perspective, this is Steam saying, "We've decided that the cost impact from taking payments for this type of content is too high, so we're not going to sell it anymore," which while entirely within their rights to do, is a far cry from "The payment processors made us do this." There's always a choice.

Comment Re:A much needed Russian Games/GameDevs purge (Score 1) 99

Payment providers are not allowed to work with Russian companies or Russian game developers because of sanctions and so this is a way for them to clean house and get rid of all the aggressive and violently hateful Russians on the platform.

Payment providers don't work with game developers anyway. Payment providers work with Steam. Steam can't pay developers in certain countries, and they therefore presumably aren't eligible to sell on the Steam store.

So no, this has nothing to do with who gets the money. No matter what, Steam gets the money, and Steam pays somebody else.

Comment Re:These Companies Are Fucked (Score 1) 58

Itâ(TM)s one thing to argue intent, but could you clarify exactly how that is done in a privacy-protecting way? Iâ(TM)d like some kind of guarantee what they need to collect and verify will remain secure.

Two very different requests.

The best way to protect your privacy is to not release that information collected to the public. The only way to collect and store that info securely is to not do so in the first place.

The first is at least possible, while the second simply isn't. Or more specifically, it can't be guaranteed, so any guarantee given is a lie. I'm not claiming they can't or won't lie to you.

Exactly. It is possible to perform verification in a near-zero-knowledge way, where the only thing that the government entity that issued your ID knows is that you used X browser to verify your identity. If the browser nags you to do this until you agree, that provides no information to the relevant agency about whether you actually used it. And as long as the agency has millions of IDs, knowing what agency verified the ID tells the site *almost* nothing about who the user is.

And the proof of age can be safely stored in the browser, so long as the actual identity is not, because the proof should not contain any actual identity information beyond what state/country issued the ID.

Especially about children. That it will not be hacked. Or even sold under more obvious corporate abuse. How many are stepping up to do that? How many really could, even if they wanted to?

For not being hacked, all that can be offered is to have a security team that's larger, better, and with more money than the hackers have. Even then the future can't be guaranteed.

And this is why nothing other than a photo of a driver's license should ever leave the device. If you design the system to not provide any information about whether the user is actually accessing an adult site at the time, this becomes a fairly innocuous piece of information to leak.

Corporate abuse however is possible to solve. The easiest way of course is to not involve a corporation and have the government do it.

Ah, but with that approach you have no privacy at all, because the government would have to interact with the adult site, and now they have the knowledge that you don't want them to have.

The second easiest option is pass laws specific to targeting the corporations this is delegated to, and punish them after the fact.

That also doesn't necessarily work, because even still, that entity has to do so, and if they have the information, it can be subpoenaed.

No, the *only* way to prevent leaks is to compartmentalize the information so that no single entity has both the knowledge of your identity and the site you are visiting at the same time. This can be achieved by the browser pushing you to verify your age continuously until you agree, and storing only the proof of age, not your actual identity, such that the identity is ephemeral, and never exists in the same place and time as the URL of the site you want to visit.

Comment Re:These Companies Are Fucked (Score 1) 58

In an ideal world, you'd go one step further and have the website provide the nonce. Then you'd use some sort of zero-knowledge proof to prove that a certifying agency trusted by the browser knows the nonce without revealing which certifying agency it is, thus preventing it from revealing anything about the user, including the user's country/state, but I'm not entirely sure how you'd pull that off in a way that doesn't require trusting the browser to not be compromised with fake authorities, so that optional next step is left as an exercise for the reader.

Worth noting also that it's doubly hard to do that in a way that doesn't provide evidence that the user went to an adult site, though, likely requiring some sort of randomly timed requests designed to have similar frequency distributions to actual adult site access.

Comment Re:These Companies Are Fucked (Score 1) 58

If the laws were really about protecting children, they would have passed a law requiring browser vendors to provide age check support in a privacy-protecting way.

It’s one thing to argue intent, but could you clarify exactly how that is done in a privacy-protecting way? I’d like some kind of guarantee what they need to collect and verify will remain secure. Especially about children. That it will not be hacked. Or even sold under more obvious corporate abuse. How many are stepping up to do that? How many really could, even if they wanted to?

That's an implementation detail. The one thing that is certain is that only the browser can do this in a way that doesn't provide the government or a quasi-government entity with information about what site you went to, because if you send credentials to a website, it will have to know what website to handshake with, and it will know who you are. And even if you do some interesting privacy-protecting handshake in JavaScript, it is too easy to modify to compromise privacy, and you'll never know it if one of a hundred verification sites does this. With a browser, there would be only a single-digit number of interesting implementations worldwide, so monitoring them is practical.

My first thought is that a best-effort approach is good enough. You provide your photo ID once, and if the website requires additional validation, the browser can also require you to take a picture with your webcam once for verification purposes.

After you verify your identity, you should have a choice between leaving the browser permanently authorized on a non-shared computer/device or requiring a passcode/Touch ID tap/Face ID scan on a per-use basis, at your option, for a multi-user device. Either way, that decision must be in the user's hands, rather than the browser's, the website owner's, or the government's hands, or else it becomes psychologically abusive, and a tactic for discouraging use of certain sites.

The browser then verifies the photo (on-device), if applicable, uses OCR to determine the issuing authority, and sends a random nonce to the issuing authority along with an image of the photo ID (not a photo of the user, because that could reveal where the user is, what the user is wearing, and other potentially privacy-violating details, depending, making that an unreasonable thing to do).

The authority signs the nonce provided by the browser and then sends back the signed nonce. The browser then verifies issuing authority's public key against a periodically updated shared database of issuing authority root certs, and sends back the fully validated request to the requesting website, which should also validate the signature against its shared database of issuer certs.

For this to be secure and privacy-protecting, you need a few guarantees:

  • The photo used for verification, if required, never leaves the device (and this practice should be strongly discouraged).
  • The retrieval of the issuing authority's public key must always be from a local root store, not by retrieving it directly from the authority at the time of access, to prevent information leaks through timing attacks.
  • The issuing authority must use multiple overlapping signatures to ensure a reasonable transition period when signing keys/certificates change, so that sites can update their local root store on a weekly (or, ideally, monthly) basis.
  • There must be a central authority providing either downloadable root stores or downloadable lists of URLs for per-country root stores (the details of this part of the implementation are not that important).
  • No issuing authority may have fewer than a few million users.
  • Browsers must encourage users to verify their age as soon as the feature is added (or afterwads, whenever the user first runs the browser), and periodically after that, so that age verification does not create any presumption that the user is actually going to what any particular country considers to be "adult" sites.

In an ideal world, you'd go one step further and have the website provide the nonce. Then you'd use some sort of zero-knowledge proof to prove that a certifying agency trusted by the browser knows the nonce without revealing which certifying agency it is, thus preventing it from revealing anything about the user, including the user's country/state, but I'm not entirely sure how you'd pull that off in a way that doesn't require trusting the browser to not be compromised with fake authorities, so that optional next step is left as an exercise for the reader.

Slashdot Top Deals

"Anyone attempting to generate random numbers by deterministic means is, of course, living in a state of sin." -- John Von Neumann

Working...