Please create an account to participate in the Slashdot moderation system


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


+ - India bans rape documentary, BBC will air it tonight

Submitted by davidwr
davidwr (791652) writes "In a classic case of the Streisand effect, BBC4 will move up its scheduled broadcast of India's Daughter to 10PM Wednesday night after it was banned in India. It was originally scheduled to air this Sunday, which is International Women's Day. "The move was made after Indian authorities banned the domestic broadcast of the film and said they were also trying to prevent it from being shown worldwide."

The film is about the brutal 2012 gang rape of Jyoti Singh, a 23-year old student.

Yes, I realize that Slashdot is "news for nerds" but the attempted worldwide censorship by India and BBC4's response should strike a chord with many /. readers."

Comment: So... (Score 1) 157

by davidwr (#49181987) Attached to: One Year Later, We're No Closer To Finding MtGox's Missing Millions

So, what if I and everyone else who accepts BC for payment said "before we accept your coin, we need to run its complete history against known coin thefts"?

That wouldn't necessarily stop "off-blockchain" transactions like people who trade whole wallets or who "print coins out on paper" and trade them, but it might slow it down if people knew that they might be the one stuck "holding the dirty money."

There is still the problem that this alone won't prevent people from spending stolen BC before it is reported. In order to fix that, you will need some accepted means of "de-valuing" any money that was ever "co-mingled" with "dirty money." People other than the original thief would be forced to absorb the loss but at least once the loss was reported, I could accept your "partly dirty money" after applying a discount to it to reflect the "non-dirty" portion of its value. I wrote a top-level reply to this article outlining this in more detail.

Comment: Check the blockchain (Score 1) 157

by davidwr (#49181893) Attached to: One Year Later, We're No Closer To Finding MtGox's Missing Millions

I thought the point of the blockchain was that it recorded every transaction.

I have no idea if it's practical, but in principle, it should be possible to trace the coins from a known point in time, taking into account the "dilution" when they are mixed with other coins.

In other words, if you give me your entire wallet consisting of 1BC that is later determined to be "dirty money" (as declared by the police/a court/whomever) and I put it in my wallet consisting of 9 other BC, my wallet is now "10% contaminated" by the "dirty money."

If I then I give 1BC each to 10 other people who have wallets with 9BC in them, those 10 people each have wallets that are "1% contaminated" by the original "dirty money".

If they each add 90 BC to their wallets, they will each have wallets with 100BC that are now "merely 0.1% contaminated" by the "dirty money."

And so on.

But you will know "where the money went."

As I said, this should be doable in principle. As to whether it is doable in practice I have no idea.

If this kind of tracing is doable in practice, then it can be used to reduce the occurrence of coin theft by reporting thefts to a central authority (or even logging the theft in the block-chain itself) and having people who accept BC as payment treat coins that have been stolen as worthless and treat those that have been co-mingled with stolen coins in "upstream" transactions as having only a "fractional" value based on the "non-dirty" portion of its transaction history.

Yes, there will be thefts but the crook will have to pass the dirty money off on to some innocent/naive party quickly, before the coins are reported stolen. Whoever has the coins or a wallet that was contaminated by having the coins used in an upstream transaction at the time that the theft is reported will typically be stuck with the loss, but from that point on the coins can be used at a "fair" value, based on the value of the non-stolen portion of the money. Depending on the legal frameworks in place and whether the party who gave them the contaminated BC can be identified, they may be totally out of luck or they may be able to recoup the loss from their own counter-party or an insurance company. If they are able t recoup from the counter-party, he will either be stuck with the loss or he may be able to recoup it from the party who gave him contaminated coins or his insurance company, and so on.

Of course, there is the possibility of fraudulently reporting money as stolen. To prevent this, it is doubtful that any reporting system that didn't include some form of accountability for lying would be feasible. I can't think of any way of doing this besides requiring people to reveal their real-life identity and real-world address to the police or other "authority" so that if it turns out they are lying, they can be prosecuted for perjury.

Oh, before you ask, yes, I do realize that this would increase the complexity of handling BC transactions significantly and that alone may make such a system impractical, at least for now.

Comment: Re:Improving crap code (Score 1) 238

by davidwr (#49180963) Attached to: Study: Refactoring Doesn't Improve Code Quality

If you misunderstood my to mean "gold, the relatively inert chemical element used for teeth fillings, expensive paperweights, electrical circuits, and as a financial hedge against inflation" then I take your point.

If you understood me correctly to mean "high quality code" then I don't understand your comment, please elaborate.

+ - Domain Shadowing Latest Angler Exploit Kit Evasion Technique->

Submitted by msm1267
msm1267 (2804139) writes "The Angler Exploit Kit continues to evolve at an alarming rate, seamlessly adding not only zero-day exploits as they become available, but also a host of evasion techniques that have elevated it to the ranks of the more formidable hacker toolkits available.

New research has been released on a technique used in a recent Angler campaign in which attackers are using stolen domain registrant credentials to create massive lists of subdomains that are used in rapid-fire fashion to either redirect victims to attack sites, or serve as hosts for malicious payloads.

The technique has been called domain shadowing, and it is considered the next evolution of fast flux; so far it has enabled attackers to have thousands of subdomains at their disposal. In this case, the attackers are taking advantage of the fact that domain owners rarely monitor their domain registration credentials, which are being stolen in phishing attacks.They’re then able to create a seemingly endless supply of subdomains to be used in additional compromises."

Link to Original Source

+ - Scientists Create Artificial Sunlight Real Enough To Trick the Brain 1

Submitted by (3830033) writes "Navanshu Agarwal writes that Italian scientists have developed an artificial LED sunlight system that looks just like real daylight streaming through a skylight. The LED skylight uses a thin coating of nanoparticles to recreate the effect that makes the sky blue, known as Rayleigh Scattering that doesn’t just light up a room but produces the texture and feel of sunlight. Paolo Di Trapani, one of the scientists who worked on the device believes that the skylight will allow developers of the future to not just build up, but also far down below the ground- without any of the dinginess that currently keeps us above ground.

CoeLux hopes to treat seasonal affective disorder, or SAD. Each year, some 10 million Americans, mostly women, find themselves sinking into a heavy malaise during the wintertime. CoeLux hopes its LED bulbs, which create the illusion of infinitely tall, bright blue skies, will help trick the brains of people with SAD, ridding them of their blues."

Comment: Improving crap code (Score 5, Insightful) 238

by davidwr (#49177065) Attached to: Study: Refactoring Doesn't Improve Code Quality

I've seen the before-and-after when crap code was rewritten and refactored by hand by a good coder.

The improvement was huge.

Was it better than if the same coder wrote the code "from scratch" from the problem-description or design document? I don't know, but my point is that crap can be turned into gold by a good coder, and that refactoring can be part of the cleanup.

Comment: Might as well charge the electric company too (Score 1) 197

What we are alleging is occurring is that there are individuals and organizations that are profiting from the storage and the exchange of child sexual exploitation material

Well if you are going to charge the data center provider, you might as well go for everyone else who is merely providing a service. Find everyone who downloaded the material and charge their ISPs and their electric utility companies, because if the people weren't downloading underaged-p0rn they would presumably have a lower electric bill and would choose a cheaper plan from their ISP. Or so the logic goes.

Seriously, unless this business was specifically "in the business" of turning a blind eye to or even facilitating activity that reputable hosting companies don't do and providing services which have no practical value to legal businesses, then leave the hosting company alone.

Comment: Downloads, yes, installed firmware, no (Score 1) 321

by davidwr (#49165717) Attached to: Ask Slashdot: How Does One Verify Hard Drive Firmware?

For downloads of updates, yes, checksums and the like can and probably should be widely published. As others have said, having the checksums ONLY on the vendor's web site probably isn't any good but if they were "all over the web" they would essentially be tamper-proof.

Better than a checksum would be a cryptographicly signed by a public key that was issued by a major company that you trust already.

As far as the firmware that is on the drive:

Unless you have a way of directly reading the firmware memory without using the firmware itself, forget about it. Any attempt to ask compromised firmware to give you a data dump of itself would likely just get it to lie to you. Yes, there is probably equipment out there that can read the chips but you probably don't have it and you probably can't afford it unless you are doing it as a business or as part of a larger business (such as computer manufacturing, where you may want to validate that OEM drives contain the firmware that should be on them and not the ones that $SPYING_GOVERNMENT_AGENT installed).

Comment: Yes, get a lawyer (Score 2) 230

As other replies have said, you are probably better off getting a lawyer BEFORE you go to the bank or anyone else.


1) If they've already discovered this themselves they may be working with the FBI and there may be a subpoena in your ISP's hands within minutes of you making your discovery.

2) Even if there isn't, the veiled threat of prosecution can be very intimidating.

3) By having your attorney speak to the bank and/or the government/police authorities for you BEFORE the police contact you, it will be abundantly clear to the police that you are just a good citizen and that it would be a political mess if they threatened to press charges or ignore the problem.

Comment: Useless in the long run (Score 1) 150

by davidwr (#49165457) Attached to: AVG Announces Invisibility Glasses

If someone in a high-security environment such as a a major sporting event wants to take your picture to run it through a face-matcher program, they are going to spend the money use* a camera which behaves like the human eye, ignoring frequencies outside of the range of human vision.

Basically, if you are still recognizable to a trained cop who has seen a good photo of you, someone can make a camera and computer that will recognize you with about as good an error rate as a trained cop.

*Or design one themselves, or pay someone to design one themselves.

Comment: Re:Calling everyone in Illinois (Score 1) 105

by davidwr (#49134313) Attached to: Argonne National Laboratory Shuts Down Online Ask a Scientist Program

Your point is well taken, but the Congressman and Senators who represent the people who live in and around Argonne are much more likely to have the informal political "pull" to get things done quickly without the need for formal action on Capitol Hill than other House and Senate members.

Other members to target would be those serving on or better yet those chairing the committees that do a lot of business related to Argonne.

Most public domain software is free, at least at first glance.