Forgot your password?

Comment: Re:Blast from the past (Score 3, Insightful) 69

by dgatwood (#47733347) Attached to: Researchers Hack Gmail With 92 Percent Success Rate

Then its using pre-calculated patterns of the shared memory usage (presumably allocation order, sizes allocated, NOT the actual memory contents etc) to guess what the user is doing in the other app. Then, when it detects a pattern that corresponds with "I'm about to log in" it pre-empts the app with its own phishing login screen skinned to look like the original. The user is -expecting- a login screen to popup, and one that looks right does... so they enter their credentials.

Really? Android allows one app to take control of the screen and become foreground without explicit user interaction? There's the security flaw right there. The shared memory stuff is noise by comparison.

Comment: Re:That's why slashdot is against tech immigration (Score 1) 392

by dgatwood (#47732487) Attached to: Tech Looks To Obama To Save Them From 'Just Sort of OK' US Workers

Ugh. I'm so sick of all this nationalist bullshit. Why are we so afraid of the global economy? People should be free to move between different countries and seek employment at will. Ultimately, it's better for the world if we break down these artificial barriers.

Because when it comes to jobs, we don't even have a national economy. We have a local one. By the time you get into your 30s, most people have zero interest in packing up everything and moving to another state to get a job, much less another country. That barrier isn't artificial. It's ingrained in human nature.

When it becomes too easy for people to move to another place and take jobs, the inherent result is age discrimination. People who are younger and more mobile come in and take jobs that were needed by people who are less mobile, when the mobile people could just as easily have taken or created jobs closer to home.

It would be different if the world's wages were somewhat balanced, because then the number of young people leaving the U.S. for jobs would be balanced by the number of people entering. However, this is not the case. The U.S. pays higher wages to compensate for a higher cost of living. Therefore, those young people moving into the U.S. and taking jobs from older folks constitute a real burden. And at least in our lifetimes, there will never be balanced wages worldwide. There will always be some new third-world country to exploit for cheap labor. And workers in those countries will always benefit from coming to the U.S., where wages are higher. So tearing down those artificial barriers to labor entering the U.S. will always cause serious harm to workers in the U.S.

Worse, tearing down those barriers does nothing to improve the world on the average, at least for the foreseeable future. Because there will always be cheap labor pools to exploit, raising the standard of living in one country will only continue up until the point where they start demanding more money. At that point, they'll just bring the educational standards of another country up to the point where they can start exploiting it, and leave folks in the first country homeless and starving. The only true way to raise the quality of life around the world is to ensure that no one anywhere is willing to work for less than a living wage. This is, of course, hard to do.

If you want to see a demonstration of why a lack of barriers is a bad thing, you need only look at the Silicon Valley with respect to the United States as a whole. There are no barriers to moving to California from other states with lower cost of living and lower average salaries, so lots of young people move here to make more money. The result is that age discrimination is rampant, the cost of living has skyrocketed, and there aren't enough jobs to keep people from losing their homes. And now you're talking about making the problem worse by making the entire world flood to the Silicon Valley.

As far as I'm concerned, if a company wants to hire workers outside the U.S., they should create a division in another country and hire those employees locally. This has several benefits over H1Bs. First, it is less likely to result in a reduction in jobs in the U.S., because separate business units tend to work on separate projects, and have separate staffing needs. Second, it does not drive up the cost of living in the U.S. by artificially inflating demand for housing. Third, it puts a lot more money into the economies of those other countries, because those workers are spending money in businesses near their homes, rather than here. That makes it much more effective at driving up the standard of living in those other countries than bringing workers here would.

Why don't companies do this? Because they don't want to drive up living standards in other countries. They just want cheap labor from those countries. If they drive up living standards in those other countries, then workers from those countries would eventually start demanding higher salaries, and they'd have to go and find another country to exploit before too long.

In short, government's whole reason for existing is to protect the powerless from the powerful. Employers are relatively powerful compared with their employees, so government actions that limit the ways in which those companies can abuse employees are generally a good thing, whether that means protecting U.S. workers from losing their jobs to foreign workers or protecting foreign workers from the often abusive working conditions that they encounter as foreign workers working in the United States by forcing those companies to start divisions in other countries and hire the workers locally instead.

Comment: Re:This is a civil case (Score 1) 229

by dgatwood (#47718209) Attached to: $125,000 Settlement Given To Man Arrested for Photographing NYPD

Actually, that's not true. It is fairly rare, but at least at the state level (in many states), you have the right to petition the courts for a declaration of factual innocence. In such a proceeding, the burden of proof falls on the defendant—that is, you are presumed potentially guilty until proven innocent. However, if you succeed at doing so, the arrest record is expunged completely, as though you were never arrested or tried.

Comment: Re:precedent (Score 1) 229

by dgatwood (#47718175) Attached to: $125,000 Settlement Given To Man Arrested for Photographing NYPD

Rights: You know... your right to remain silent (unless told to "start talking", or forced to talk with torture), your right to attorney (after they get done with you), your right for a fair trial (unless charged with the espionage act, thrown into gitmo, or blown up by drone strike), etc. You have plenty of rights*. You live in the land of the free and home of the brave!

You forgot your right to a speedy trial, which guarantees that you'll get your day in court within a few years....

That's the right that I really want to see us get back. As far as I'm concerned, if the trial can't begin within 30 days, they should be required to let the person go, and the case should automatically be dismissed with prejudice. Such a policy would force the DAs to actually do their jobs and quit clogging the courts with penny ante crap like drug possession misdemeanors.

After all, it has been shown conclusively that the longer the delay between commission of a crime and actual punishment, the less effective the punishment is as a deterrent. Therefore, when you have districts with >3 year average time-to-trial, the entire system of law isn't really doing anything useful at that point. Abandoning 90% of those cases would therefore have little impact on the crime rate or the rate of recidivism.

Comment: Re:Big Data (Score 1) 181

by dgatwood (#47718131) Attached to: Netflix CEO On Net Neutrality: Large ISPs Are the Problem

This. And this is precisely the sort of monopoly abuse that let to the breakup of Ma Bell. The ISPs are offering non-connectivity services, then deliberately degrading service to companies that compete with those services. Monopolies like ISPs should absolutely not be allowed to do this. A company should either be an ISP or a content provider. As soon as you allow any company to be both, it pretty much guarantees abuse. The bigger the company, the bigger the abuse.

Comment: Re:Frankly (Score 1) 146

by dgatwood (#47718075) Attached to: Researchers Find Security Flaws In Backscatter X-ray Scanners

I am shocked

Me, too. I'm shocked that the researchers didn't know this. I knew this, I suspect that you knew this, and anybody who has ever read even a single Slashdot article about these machines knows this. The security holes in these things are so obvious that you should be able to think of at least a couple of ways around them without even trying.

Next thing you know, atmospheric researchers will discover that the sky is, in fact, predominantly blue.

Comment: Re: Very subjective (Score 1) 381

by dgatwood (#47698807) Attached to: Ask Slashdot: Would You Pay For Websites Without Trolls?

Your logic is flawed a bit. You can't use the existence of speech as evidence that speech is not being restrained, because you can't know what things people decided not to post because of the policy.

The reality is that not all people have shame, so some people will be blatantly mean even with a real name policy. These people are mostly trolls. The people whose comments are most likely to go against the grain in an insightful way, by contrast, are mostly the ones who would be afraid to do so under their real names, because they actually have a verbal filter, and by consequence, a personal reputation to uphold.

For example, people who work for companies would be wary of posting anything critical of their employers for fear of reprisal. However, they are also the ones who would have the most insight into what's going on.

Anonymity is the only antidote to tyranny. Anyone who says otherwise is probably a supporter of tyranny.

Comment: Re:No, school should not be year-round. (Score 1) 421

by dgatwood (#47656625) Attached to: Slashdot Asks: Should Schooling Be Year-Round?

Literature and history are great things to study if you want to teach literature or history. And to an extent, they prove that you were smart enough and serious enough about learning to go to college, which might make a difference in getting certain jobs. But otherwise, yeah, they're equivalent to underwater basket weaving. College may not be a trade school, per se, but most people treat it like one. If you don't come out of college with a marketable skill that can net you a job that you otherwise couldn't get, then you spent tens of thousands of dollars solely for the love of learning. A few people might be rich enough to afford that, but not many.

Either way, my core point is that having a college degree doesn't make you a professional. Working in a field that requires a college degree or other formal education makes you a professional. As such, people working in low-end service jobs don't qualify, whether they are doing so by choice, because of the lack of better jobs, or because they lack any marketable skills.

Comment: Re:Not gonna happen (Score 1) 111

by dgatwood (#47653133) Attached to: Injecting Liquid Metal Into Blood Vessels Could Help Kill Tumors

Most metals are not ferromagnetic, and so are not held in place by magnets. I'm pretty sure neither indium nor gallium are ferromagnetic.

Most metals aren't, but the iron in your platelets is. Perhaps through carefully tuned EM fields, a natural clot could be formed in a novel way....

I wouldn't rule out the possibility that the bits of you in contact with the metal could get cooked.

I was reading an article a few years ago about doing precisely that—some kind of metal tending to bioaccumulate in tumors, and taking advantage of that in combination with semi-targeted EM fields to literally burn out the tumor.

Comment: Re:Laziness (Score 1) 150

Lots of times, you see something wrong, and you want to point it out, but by limiting commenting to people with rep, if you don't have rep on that particular board, you are prevented from correcting the error. That means that there's wrong information without any hint that it might be wrong. So the worst-case scenario there is pretty bad.

By contrast, if you remove those limits, the worst-case scenario is that people who don't know what they're doing might say that it is wrong, at which point you'll have to investigate to figure out who is right. And if they're wrong in saying that it is wrong, you (who also probably have no rep) can comment and explain why they're wrong about it being wrong. And if they're right, then you saved yourself a lot of swearing.

So the worst-case scenario is considerably better without those limits (ignoring spam, of course, but that can largely be taken care of by a combination of a proper reporting mechanism, disallowing links by posters without reputation, etc.).

As for whether you can trust people with more rep to know more, for the most part, people who get upmodded more are, in fact, people who do know more. Mind you, there's always the possibility of an echo chamber effect, but that's a possibility no matter what you do. By using a weighted voting scheme, people who have shown more knowledge (and thus are more likely to be correct) can overcome voting of people who haven't (and thus are more likely to be wrong). Statistically speaking, this approach makes sense, at least on the average.

For maximum effectiveness, though, such a scheme should be combined with automatic flagging of any post whose reputation changes too far or too often, for future review by other subject-matter experts.

Comment: Re:Laziness (Score 1) 150

A self-signed certificate is never more secure than a CA-signed cert. Period. The only benefit to self-signed certs is cost. Any other perceived benefits are merely side effects caused by forcing you to do extra security checks to make up for the lack of a CA—checks that you could do anyway, but probably won't.

For example, if you're paranoid about a CA issuing a cert for your organization to someone else, then you might add code in your app to do your own set of checks to decide whether a cert is valid (such as ensuring that a specific cert issued within your organization is part of the chain of trust). You can do such tests on a CA-signed cert just as easily as you can on a self-signed cert. Even if that your policy is to trust only a pre-distributed set of self-signed certs, you can do the same thing by pre-distributing CA-signed certs.

Thus, in the worst-case scenario, the CA-signed cert gives you no less protection than the self-signed cert, and in the best case, it gives you additional protection.

Comment: Re:(Poor) kids get dumber during holidays (Score 1) 421

by dgatwood (#47645369) Attached to: Slashdot Asks: Should Schooling Be Year-Round?

So for some children there may certainly be a benefit to less vacation.

This really points to a need for a less formal summer education program, where parents can send their kids while they work, but where the kids aren't penalized for being gone when the parents decide to go on vacation. Each week be split between two classes for half a day every day with the subjects varying throughout the summer. One week might be "sculpting with clay" and "iambic pentameter unleashed". Another week might be "the science of butterflies" and "math in the real world". We actually had something like that at the university in my home town, though it only ran for a week or two, IIRC. It would be great if there were something like that throughout the entire summer, rather than the mostly non-educational summer programs that are fairly common.

Comment: Re:No, school should not be year-round. (Score 2) 421

by dgatwood (#47645313) Attached to: Slashdot Asks: Should Schooling Be Year-Round?

That's the difference between learning and memorizing. To learn something, you incorporate it into your way of thinking. You might be able to pass the test by rote memorization, but that's not the same thing as truly understanding it.

Unfortunately, schools tend to overemphasize memorizing rather than understanding, which is a big part of the reason why kids forget so much over the summer. As you said, they never really learned it to begin with, at least not in any meaningful sense of the word.

"The trouble with doing something right the first time is that nobody appreciates how difficult it was." -- Walt West