Forgot your password?

Comment: Ideal situation =/= codified law of alwaysness (Score 1) 81

by briester (#48047417) Attached to: Xen Cloud Fix Shows the Right Way To Patch Open-Source Flaws

So this situation really was handled with aplomb. However, saying that we "should" handle things this way is about as dangerous as saying we "should" shout out the details of every vulnerability we find. Keeping things internal prevents the community from stepping up. I doubt that all the folks who have dealt with heartbleed were involved in SSL beforehand. But they were helpful because they knew they were needed, and their ignorance would have hurt us badly. On the other hand, shouting everything out feels like a dumb thing to do. So instead of some off-the-cuff polarizing question like "shouldn't we always handle things this way for EVERZ" is precisely the wrong response. Its actually the very wrongest.

Discretion, intuition, and rapid initiative. That is how we "should" handle these things. The specifics are case by case.

Comment: Ounce of prevention better than a pound of cure (Score 1) 123

I work in a kitchen, where this sort of behavior would result in a forced closure and heavy fines. If I throw a few hundred pounds of chicken in an oven, I clean the surface I prepped them on. I do NOT wait until a disaster whips the stuff around and covers the whole kitchen with salmonella. While the contaminants are localized, they're easy to clean up. When disaster spreads them around, cleanup becomes nearly impossible.

In the mining context, we can't be leaving giant holes covered with contaminants just waiting for a storm! We know that a storm will come eventually. So we shouldn't fine companies for their failure after a disaster, we should send inspectors during normal operation to make sure they're meeting standards that will prevent disaster.

We need to do this because fining companies after a disaster will encourage them to minimize the financial effect of disaster, which may or may not involve behaviors that would prevent it in the first place. If the disaster rate is low enough, it could encourage them to set aside a fine-fund and make zero allowance for prevention. But if we penalize them for failure to prevent disaster in the first place, we'll be encouraging the behaviors we want to see.

Its a classic 'be careful what you wish for' problem.

Comment: MORE strangness? (Score 1) 144

by briester (#47571687) Attached to: More Quantum Strangeness: Particles Separated From Their Properties
First: when we have established a universal law, and something obeys that law, it is not strange. Two: when you assert that something flies against intuition, you'd better ask some gradeschool kids first. Mine called the author an idiot. (They're 8 and 10.) Three: if someone's experiment results in the observation of a well known, well documented, scientifically named phenomenon, (superposition,) it is rude to call it "more." Or "new." Just rude.

+ - DARPA seeks the Holy Grail of search engines->

Submitted by coondoggie
coondoggie (973519) writes "The scientists at DARPA say the current methods of searching the Internet for all manner of information just won't cut it in the future. Today the agency announced a program that would aim to totally revamp Internet search and "revolutionize the discovery, organization and presentation of search results."Specifically, the goal of DARPA's Memex program is to develop software that will enable domain-specific indexing of public web content and domain-specific search capabilities. According to the agency the technologies developed in the program will also provide the mechanisms for content discovery, information extraction, information retrieval, user collaboration, and other areas needed to address distributed aggregation, analysis, and presentation of web content."
Link to Original Source

Comment: 'We' - 1984 was a ripoff of it. (Score 1) 140

A russian woman wrote a work called 'We' about the changes that science (including political) was making to society. 1984 is a pretty unabashed ripoff of the book, and since you're studying the effects of tech, copyright issues are at the forefront. Making that read uniquely suited to the modern dialogue. Anyway, We can feel dry before you realise what the author is doing, which is another good reason for students to read it. The voice is mathematical to the point of lunacy, so statements like 'we fired the engine test precisely on time. We'll need to replace 20 engineers,' feel matter-of-course. And to me that did a wonderful job of communicating the dehumanization wrought by industry.

Comment: Keystone bounties... in MY ecosystem? (Score 1) 124

by briester (#43453617) Attached to: New Bird Shaped Drone Shown at Security and Defense Trade Show
In every single fantasy novel I've read, in which the antagonist demi-god was clairvoyant through an avian medium (usually ravens or crows because the dark one is so totally goth) there was an outstanding bounty on the vile critters. Imagine if the dark eye was a keystone species? There aren't many birds in the desert, for example, and those falcons and hawks are usually *absolutely necessary* for the ecosystem.

Comment: What themes will be dealt with? (Score 2) 100

by briester (#40211005) Attached to: Ask the <em>Space Command</em> Team About All Things Sci-Fi
What is the premise of your story? What universal human themes will you deal with? What questions are you asking about life, the universe, and everything? And how is the setting 'in spaaaace!' going to help you ask these questions? I've read that some notable sci-fi writers are providing inspiration for the show, so I'd love to hear what sort of message your show will ultimately turn that inspiration into.

Comment: Take away 'what you know' and your pass is secure. (Score 1) 487

by briester (#40058433) Attached to: Your Passwords Don't Suck &mdash; It's Your Policies
So we have passwords because we need to meet the security criteria 'what you know,' because its impossible for the server to know 'what you are' or 'what you have.'

Well, that doesn't mean you can't rely on biometrics or physical keys as passwords... It just means the server doesn't KNOW you're using one of those methods.

The easiest is to visit password card and print off a password card. This is your new PHYSICAL INTERNET KEY!

It generates a string of completely random letters, numbers, and symbols. These are in a grid, so you don't have to remember your whole password - just where your password begins. This defeats the number one security flaw: laziness. Eventually everyone gets lazy. So getting in the habit of *secure laziness,* like using a password card, prevents stupid passwords like 110v3k1tt3ns.

The importance of the password card is in the dictionary. Yeah, yeah, its hard to guess a 4-8 word sentence of random words. But its easy to compile a list of known passwords and use them for all future brute-forces. Every successful brute-force makes *every single subsequent attack* easier. The only way to combat that fact is with truly random passwords using every possible character-set, and never ever using the same password for more than one thing.

Using a password card allows you to have one single 'key' to get into every secure location, without ever re-using a password. Its easy for you, difficult for hackers.

Your Rights Online

Arizona Attempts To Make Trolling Illegal 474

Posted by Unknown Lamer
from the entire-slashdot-readerbase-sent-to-gitmo dept.
LordofEntropy writes "Though unlikely to pass any First Amendment test. Arizona's Gov. Jan Brewer has a bill on her desk that would in essence make 'trolling' illegal. The law states 'It is unlawful for any person, with intent to terrify, intimidate, threaten, harass, annoy or offend, to use any electronic or digital device and use any obscene, lewd or profane language or suggest any lewd or lascivious act, or threaten to inflict physical harm to the person or property of any person.'" This did indeed manage to pass through both houses of legislature and only needs a signature to become law.

Comment: Make it relevant to you! (Score 1) 913

by briester (#36568936) Attached to: Ask Slashdot: CS Degree Without Gen-Ed Requirements?
You won't be taking Gen Ed without a purpose. If one is not evident, create it.


College is unlike lower education, in that you aren't there to merely learn - you're there to contribute to the greater body of human knowledge.

Gen Ed courses will likely lack an engineering approach to their problems. You have expertise that you can offer to enhance the content of those courses. Maybe an anthropology teacher has too much data and not enough time. Maybe a business professor knows the equations that need to run, but sticks to the old habit of writing them out by hand. Change these things!

You'll learn along the way, sure. But the POINT is to contribute. And that's where a diverse education is fundamental to our society.

IF I HAD A MINE SHAFT, I don't think I would just abandon it. There's got to be a better way. -- Jack Handley, The New Mexican, 1988.