Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Boot from rescue disk, inspect disk and boot pr (Score 1) 309

by davecb (#49160569) Attached to: Ask Slashdot: How Does One Verify Hard Drive Firmware?

Only on-disk, non-addressable controller proms are "read" by the software in the proms.

The boot prom has to boot stuff or the product can't be sold, and in this case is used to boot a program that runs on the hardware that continuously reads the prom. That HW can verify it, and all the other proms which are reachable from the CPU, including all sorts of stuff plugged into the various busses. That includes some disks, the ones we were worried about viruses wiping.

For some specific disks, you may have to pull the drive and clamp directly to the prom's pins.Those are the ones a spy would want to subvert.

Comment: Boot from rescue disk, inspect disk and boot proms (Score 1) 309

by davecb (#49158497) Attached to: Ask Slashdot: How Does One Verify Hard Drive Firmware?

Boot from a randomly chosen Linux rescue disk, and check the various proms. You've used the boot rom to boot a CD/DVD, but what you've booted is wildly different from the Windows systems that are the common target, so the attackers will have great difficulty in hiding what they've done from an unfamiliar system.

It's actually easier to hide evil stuff in disk proms, as your only access to them is via routines *in* the disk prom, as one of the other commentators pointed out,

Comment: Re:but I'll defend to the death your right to say (Score 1) 285

by davecb (#49131865) Attached to: Google Knocks Explicit Adult Content On Blogger From Public View

I was commenting on Google's actions being incongrous in the US, where free speech is a social norm. That it was even part of the constitution of the country, unlike many other countries of the day, was an example of the importance it had in the minds of the Colonists.

[ I'm eminently aware of the narrowness of US constitutional law! Apologies for going off-topic, but ...

It's widely cited in the popular press to excuse unconscionable actions by non-government actors. The assumption seems to be that if the government is prohibited from doing something, everyone else is therefor perfectly free to do it, whether or not it's a good idea. To use a frivolous example from India, it does not follow that if a government is prohibited from strangling random passers-by, that individual devotees of Kali can then take it up as a hobby.]

Comment: but I'll defend to the death your right to say it (Score 3, Interesting) 285

by davecb (#49119121) Attached to: Google Knocks Explicit Adult Content On Blogger From Public View

The full quote is Voltaire's, "I do not agree with what you have to say, but I'll defend to the death your right to say it."

I'm unimpressed by Google's position: in other countries they push back against restriction on free speech. It seem incongrous to impose speech limitations in the US, which actually has the right to free speech as part of their constitution.

+ - What If We Lost the Sky?

Submitted by (3830033) writes "Anna North writes in the NYT that a report released last week by the National Research Council calls for research into reversing climate change through a process called albedo modification: reflecting sunlight away from earth by, for instance, spraying aerosols into the atmosphere. But such a process could, some say, change the appearance of the sky — and that in turn could affect everything from our physical health to the way we see ourselves. “You’d get whiter skies. People wouldn’t have blue skies anymore.” says Alan Robock.“Astronomers wouldn’t be happy, because you’d have a cloud up there permanently. It’d be hard to see the Milky Way anymore.”

According to Dacher Keltner, a psychology professor at the University of California, losing the night sky would have big consequences. “When you go outside, and you walk in a beautiful setting, and you just feel not only uplifted but you just feel stronger. There’s clearly a neurophysiological basis for that," says Keltner adding that looking up at a starry sky provides “almost a prototypical awe experience,” an opportunity to feel “that you are small and modest and part of something vast.” If we lose the night sky “we lose something precious and sacred.” “We’re finding in our lab that the experience of awe gets you to feel connected to something larger than yourself, see the humanity in other people,” says Paul K. Piff. “In many ways it’s kind of an antidote to narcissism.” And the sky is one of the few sources of that experience that’s available to almost everybody: “Not everyone has access to the ocean or giant trees, or the Grand Canyon, but we certainly all live beneath the night sky.”

Alan Robock says one possible upside of adding aerosols could be beautiful red and yellow sunsets as “the yellow and red colors reflect off the bottom of this cloud.” Robock recommends more research into albedo modification: “If people ever are tempted to do this, I want them to have a lot of information about what the potential benefits and risks would be so they can make an informed decision. Dr. Abdalati says that deploying something like albedo modification is a last-ditch effort adding that “we’ve gotten ourselves into a climate mess. The fact that we’re even talking about these kinds of things is indicative of that.”"

+ - Fake Komodia root SSL certs in use by over +100 companies->

Submitted by Billly Gates
Billly Gates (198444) writes "Lenovo and Superfish are not the only companies who used the fake root SSL certificates by Komodia to spy and decrypt network traffic. Komodia advertises its products including a SSL-digestor to rid the obtrusive thing we call encryption and security. So far game accelerators are mentioned as some have seen these certs installed with Asus lan accelerator drivers."
Link to Original Source

+ - What Do Old Techies Do After They Retire?

Submitted by (3830033) writes "Peter T. Kilborn writes in the NYT about the generation of the baby boomer programmers, engineers, and technical people who are now leaving the bosses, bureaucracies, commutes and time clocks of their workaday careers to tackle something consuming and new, whether for material reward or none at all. “Retirement gives them the opportunity to flex their experience,” says Dr. William Winn speaking of a postchildhood, postfamily-rearing, “third age” of “productive aging” and “positive aging.” Nancy K. Schlossberg calls men and women who exploit the skills of their old jobs “continuers" and those who take up something new “adventurers.” Continuers and adventurers make up the vigorous end of Dr. Schlossberg’s retirement spectrum, opposite those she calls “retreaters” who disengage from life and “spectators” who just watch.

For example, 75-year-old Seth R. Goldstein, with four degrees in mechanical and electrical engineering from MIT and retired for thirteen years, still calls himself an engineer. But where he was previously a biomedical engineer with the National Institutes of Health in Bethesda with 12 patents, he now makes kinetic sculptures in his basement workshop that lack any commercial or functional utility. But his work, some of which is on display at the Visionary Arts Museum in Baltimore, has purpose. Goldstein is pushing the envelope of engineering and hoping to stir the imaginations of young engineers to push their own envelopes. For example "Why Knot?” a sculpture Goldstein constructed, uses 10 electric motors to drive 10 mechanisms to construct a four-in-hand knot on a necktie that it wraps around its own neck. Grasping, pulling, aligning and winding the lengths of the tie, Mr. Knot can detect the occasional misstep or tear, untie the knot and get it right. Unlike Rube Goldberg’s whimsical contraptions, Mr. Goldstein’s is no mere cartoon. It works, if only for Mr. Knot.

According to Kilborn, people like Goldstein don't fit the traditional definition of retirement, which according to Webster's Dictionary means the "withdrawal from one's position or occupation or from active working life. Retirement implies that you're just leaving something; it doesn't reflect that you're going to something," says Schlossberg. "But it is really a career change. You are leaving something that has been your primary involvement, and you are moving to something else.""

Computer Science is the only discipline in which we view adding a new wing to a building as being maintenance -- Jim Horning