Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Re:Human Shield? (Score 1) 23

by dgatwood (#49549865) Attached to: Pirate Bay Blockade Censors CloudFlare Customers

The thing is, you could say the same thing about any other form of speech that happens to be illegal in a particular country. For example, a site hosting Nazi propaganda would be illegal in Germany. A site hosting pornography would be illegal in most of the Middle East. A site hosting news coverage or historical documentaries about the events of June 4, 1989 would be illegal in mainland China. And so on.

Where do you draw the line? Which countries' laws do you require all your sites to comply with? And what is lost by doing so?

Comment: Re:Inept, or the plan? (Score 1) 23

by dgatwood (#49549843) Attached to: Pirate Bay Blockade Censors CloudFlare Customers

As a current CloudFlare customer, the fact that they're so quickly and easily kowtowing to enemies of freedom disturbs me greatly. If I publish a book that makes some random government cranky and gets my site on a ban list, are they going to threaten to throw me off, too? What if somebody posts a link to an illegal torrent on my blog and I don't notice it quickly enough? Where do you draw the line? At what point does the threat of government censorship become too great a burden for the Internet to bear, stifling creativity by causing site owners to be afraid of their own shadows, and destroying the most basic freedoms upon which the 'net as we know it was founded?

In my opinion, CDNs should send a clear, unwavering message by declaring in one voice that government censorship of the Internet is unacceptable in a free society, and simply cannot be tolerated. That's what I look for in a CDN. If the CDN providers have any cojones at all, they should deliberately ensure that torrent mirrors and other potentially objectionable content share IPs with some of the most high-value targets that they host, so that blocking one of those sites would cause as much collateral damage as possible, and then refuse to do anything about it. Let the sites that are blocked complain to Cloudflare, let Cloudflare redirect their complaints to the ISPs who are doing the blocking, and let the ISPs scream at their MPs to demand that the laws be changed.

Basically, the CDNs need to parade the naked emperor down the street. Only by maximizing the extent to which these ill-conceived laws destroy citizens' access to the Internet can we force the clowns in power to actually take the time to understand how the Internet works, and understand why these laws can only cause harm, and can never actually be successful in any meaningful way. The only way those laws will ever get fixed is if a million people wake up tomorrow and call their MPs screaming because their IP violator block lists are preventing them from using Amazon.co.uk or Pinterest or Facebook.

So for the next "Ask Slashdot", does anybody know of a CDN that actually has a spine?

Comment: Re:Fairly easy way to protect data. (Score 1) 75

by dgatwood (#49549469) Attached to: Good: Companies Care About Data Privacy Bad: No Idea How To Protect It

And sometimes not even then. I was at a company when they had a breach involving financial info. It cost them hundreds of thousands of dollars to purchase credit protection for thousands of our customers. However, they just kept on operating the same way, storing credit card information in the clear because that's the way they've always done it, and upgrading the back-office accounting system to allow tokenization of transactions would have cost money. Nobody in upper management had the balls to go to the CFO and say "You will fix this, and you will fix it now. I don't want any excuses. Get it done."

Don't worry. The second time it happens, the army of lawyers climbing all over each other to file a class action lawsuit against the company for gross negligence will almost certainly be successful at obtaining an injunction to shut down the business until they fix it.

Comment: Re:Fairly easy way to protect data. (Score 1) 75

Well, that's not always possible, but it's a good start. I'd suggest a more nuanced/layered approach:

  • To the maximum extent possible, don't collect it.
  • If you must collect it, don't retain it.
  • If you must retain it, use end-to-end encryption, so that you cannot access the data yourself.
  • If you must retain it and must be able to access it, use encryption correctly, use access controls to limit access as narrowly as possible, and audit the heck out of your code.

Comment: Re:Not a Piece of Shit (Score 1) 127

by dgatwood (#49538229) Attached to: POS Vendor Uses Same Short, Numeric Password Non-Stop Since 1990

Better choice is #5. Ship a different, randomly-generated password on each device. Print it along with the serial number on a slip of paper that comes with the device. That way, there's a strong default passcode for people who won't bother to set a good one, and it isn't shared across devices.

Comment: Re:Help me out here a little... (Score 1) 533

by dgatwood (#49534735) Attached to: Utilities Battle Homeowners Over Solar Power

If the filament is big enough, with low enough resistance, then sure. The point is that if the 8 AA batteries (12V, not 6) in series can provide enough power to run the bulb, you can safely switch to a car battery without burning up the bulb. (For a resistive load, the same voltage + more amperage = lasts a lot longer before the battery dies and/or lets you drive more bulbs.)

Comment: Re:Headline doesn't really match study conclusion (Score 1) 338

by dgatwood (#49525127) Attached to: Study Confirms No Link Between MMR Vaccine and Autism

The more accurate headline on Slashdot and the UT San Diego website would be, "Study finds immunized siblings of autistic children not at higher risk of developing autism than immunized siblings of unaffected children."

No, the correct headline is "Study finds immunized siblings of autistic children not at higher risk of developing autism than non-immunized siblings of autistic children."

Additionally, this study says the precise opposite of what you said the headline should read, finding that siblings of autistic children were almost 8x as likely to develop autism as children who did not have an autistic sibling, regardless of whether those children were vaccinated or not.

Comment: Re:Help me out here a little... (Score 1) 533

by dgatwood (#49517525) Attached to: Utilities Battle Homeowners Over Solar Power

Let's take water as our analogy. Water flows to meet demand in the form of open taps. But very few of those taps are strictly regulating, and the outflow is a function of how far the tap is opened and the pressure in the system. Put more water into the mains and the pressure goes up, therefore more water is delivered at the tap. If your house has pressure regulating valves, you won't see this, but the pressure is then further increased at someone else's house.

That analogy doesn't really work very well, for two reasons:

1. Water pressure is more closely equivalent to voltage, not amperage. Adding more solar panels increases the amperage, not the voltage.

2. Most electrical equipment is strictly regulating (ignoring inrush). Resistive loads consume a consistent amount of current regardless of how much current is available. That's why it doesn't matter whether you power a 12V bulb with eight AA batteries or a 12V car battery. The latter can provide a lot more current, but the bulb still draws just as much current as it needs.

I think a better analogy is to think of the voltage as the height of a water tower, and the amperage as its diameter. If you have a ten-foot-diameter tower that forms a 50-foot column of water, the pressure is proportional to the 50-foot height of the water column. An overheating condition would be equivalent to the pipe breaking because someone is sucking water out of the pipe faster than the pipe can pass it.

If you expand the tower to be thirty feet in diameter, the column is still about 50 feet high, so the pressure is about the same (assuming the sides of the tank are vertical and the bottom is flat). However, doing so allows you to add more pipes and/or larger pipes out the bottom so you can provide water to more houses without drawing down the reservoir too quickly (and thus causing... what, a vacuum in the water tower? This is where the analogy starts to break down unless you're talking about a battery).

Comment: Re:Help me out here a little... (Score 1) 533

by dgatwood (#49511979) Attached to: Utilities Battle Homeowners Over Solar Power

Well yes and no. Overcurrent failures are not caused by receiving too much power, but rather by drawing more power than the wiring is capable of handling.

There's always orders of magnitude more power available on the grid than could safely be pulled through your house's wiring. However, your wires don't burn up because the actual current draw through those wires is always much less than they can handle, just like that filament I described, through which the current draw is near zero because the air has very high resistance and thus sinks very little current. Each house has breakers or fuses to ensure that you never draw more than the wires can handle (or at least not for a long enough period of time to damage the wires).

In a similar way, if solar panels on the roof are producing more power on the roof than is needed by all of the consumers, that typically shouldn't be a problem. It only becomes a problem when someone consumes that power through a circuit path that wasn't designed to handle it or when it causes mechanical generators to go berserk in some way.

And power flowing through an insufficient circuit path means that either the solar panels are allowed to produce more current than the house wiring was rated for (which should result in fines for the installer that put in the oversized master breaker without getting the line upgraded) or the feeder line into the neighborhood is actually too small to handle the all of the houses using their maximum current rating at the same time (in which case the system was designed dangerously to begin with, and the power company just got lucky before). Either way, the problem isn't specific to solar power generation being present.

Comment: Re:Help me out here a little... (Score 1) 533

by dgatwood (#49508035) Attached to: Utilities Battle Homeowners Over Solar Power

By aluminum foil, I was thinking about the contents of a fuse—a thin enough and narrow enough strip of foil that it would burn up if a person were getting electrocuted through it.

And the idea was that the foil would be sticking out of one pole of an outlet, which effectively means that no current whatsoever would be flowing through it, because there would be no current sink on the other end of the foil. (Okay, so technically even insulators like air probably sink a little bit of current, but you get my point....)

Comment: Re:Help me out here a little... (Score 3, Interesting) 533

by dgatwood (#49506497) Attached to: Utilities Battle Homeowners Over Solar Power

The extreme case is if everyone is on solar and it's a sunny day. Everyone is trying to dump power into the grid, but there's no where for it to go. That's when you'll start causing overloads.

On those days, everyone will also be trying to run their air conditioning full blast, and although newer homes will be adding power to the grid, it probably won't balance out the extra usage from all the older, less insulated homes and businesses.

Besides, unless I'm misremembering my basic electronics, having extra power available is usually not a problem unless there is someone to consume it (*). I can hook up one side of a 110 volt outlet to a piece of aluminum foil, and until someone is stupid enough to touch it, it won't burn up. Overloads are caused by demand exceeding the available supply as it passes through some resistance (the wiring, for example). If all the houses are producing way more power than they need, that's not a problem, because the current isn't flowing anywhere. It becomes a problem when some business that normally draws power through some massive feeder lines from a cogen plant starts drawing power from all of those houses through wires that weren't designed to allow that much current draw.

Basically, the utility companies are mad because for the most part, they used to be able to ignore residential usage of electricity, because it almost never involved enough power to require precise monitoring. Now that they're suddenly able to produce power that might be consumed elsewhere, the wiring has to actually be big enough to potentially carry all the current that their rooftop systems might produce, and that requires a little bit more safety planning, and in some cases, limiting the number of solar installations and/or increasing the size of wires and transformers.

(*) There is an exception to this rule. When you have mechanical generators, having excess power is bad, because the generators have to run within a certain speed range, both to prevent damage to the generators themselves and to stay in phase. If the draw is too low (or too high) for the amount of mechanical energy going in, you could have a serious problem unless the generators have built-in governors. Of course, this problem can be solved by shutting down generators that aren't needed. More importantly, power companies have to do this anyway in response to varying load throughout the day, so the presence of solar doesn't change things very much except for possibly making the fluctuations more or less frequent and/or more or less severe.

Comment: Re:geeks never learn (Score 1) 136

by dgatwood (#49476465) Attached to: Cracking Passwords With Statistics

On the other hand, even with that single password, it's still either memorable, therefore easy to hack, or it isn't, in which case you turn again to the sticker on the monitor.

In relative terms, it is still a lot safer. Right now, cracking an average person's online accounts merely requires you to buy access to a botnet and use it to brute-force the account from a distance. By contrast, you can't readily do a brute-force attack on the login password for someone's laptop unless you either have stolen that laptop or have otherwise compromised it somehow.

So even in the worst-case scenario, you're replacing one weak password that the user uses for a hundred different sites and can be cracked remotely with another weak password that the user uses for a hundred different sites that can't easily be cracked remotely. And in the best-case scenario, the user is using a biometric sensor in combination with that weak password to lock the device.

Comment: Re:ASCAP and BMI (Score 1) 218

by dgatwood (#49475879) Attached to: Legislation Would Force Radio Stations To Pay Royalties

Radio stations pay licensing fees to ASCAP and BMI,

Who first pay themselves, then

who in turn pay the composers and publishers proportionally



ASCAP and BMI both pay about 85–86% of their intake to the composers and publishers. Yes, they're skimming a little bit off the top, but they're also handling the reporting and distribution, hiring lobbyists to advocate on behalf of composers and publishers, and so on, all of which at least in theory benefits their members. So in the grand scheme of things, at least from what I've seen, they seem to be doing a good job.

I have no idea about SESAC.

Comment: Re:Encryption + (cloud or offsite) (Score 1) 445

Unlimited storage, provided you don't mind manually clicking and dragging everything you want to back up, and waiting for it to transfer immediately. That's a backup in much the same way that the flash drive I carry around in my pocket is a backup. It's a quick way to temporarily store a handful of files just in case my laptop dies while I'm traveling, but I can't viably back up a server's hard drive to it.

BTW, has anyone ever tried to upload a few terabytes to see if it really is unlimited, or just "unlimited"? :-) I'd try it myself, but it would take years over my 640 kbps uplink.

Oh, yeah. That's the other problem with cloud storage: ISPs with pathetically slow upload speeds. *sigh*

Money is the root of all evil, and man needs roots.