Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

+ - NASA's Curiosity Eyes Prominent Mineral Veins on Mars->

Submitted by TracyAshley
TracyAshley (4066363) writes "Two-tone mineral veins at a site NASA's Curiosity rover has reached by climbing a layered Martian mountain offer clues about multiple episodes of fluid movement. These episodes occurred later than the wet environmental conditions that formed lake-bed deposits the rover examined at the mountain's base. Read more at: http://goo.gl/zg4EtF"
Link to Original Source

+ - We're Planning to Shoot an Asteroid to See What Happens->

Submitted by astroengine
astroengine (1577233) writes "What better way to understand how to deflect an incoming asteroid than to smash into one to see what happens? This may sound like the storyline to a certain science fiction movie involving a team of oil drillers, but this is science fact, and Europe has started planning a mission to map a small target asteroid that NASA will attempt to shoot with a speeding spacecraft, no nukes required. As the first half of the joint Asteroid Impact & Deflection Assessment mission, the European Space Agency this month has started planning for the launch of its Asteroid Impact Mission (AIM) in October 2020. AIM’s target will be the binary asteroid system of Didymos, which is composed of a main 800 meter-wide hunk of space rock circled by a smaller 170 meter-wide asteroid informally known as “Didymoon.” It’s the smaller asteroid that the joint NASA/ESA mission is interested in bullying."
Link to Original Source

Comment: Re:Yes, it's free. Also, the patent system sucks (Score 1) 197

Explicit language might modify what would otherwise be there only by an implicit doctrine.

In general, a licensor can modify their own terms. So, if you are using the GPL on software to which you hold the copyright, and you add some sort of exception, it applies. You can't do it to other people's software.

Comment: Re:Boo hoo (Score 4, Insightful) 234

by IamTheRealMike (#49386095) Attached to: NSA Worried About Recruitment, Post-Snowden

If it is so easy to do this, why haven't the Russian internet criminals rolled anything out on this scale? It seems to me that a platform like this would be all kinds of ideal for criminal purposes.

They have. That is exactly what I just said - Zeus is also a modular, plugin based malware platform that is developed by Russian/east European fraud gangs. It bears a lot of similarities to the NSA/GCHQ malware platforms in terms of how it gets onto people's systems, general design, etc.

because of the work they do and the requirements that work puts on their infrastructure they were probably into the whole "big data" mindset several years before mainstream commercial, civilian IT companies got there

It's not the case. For instance the NSA scalable data store (Accumulo) is basically a reimplementation of Google's BigTable, and they don't try to hide it. They adopted tech from the civilian space for their own requirements but it wasn't invented there.

With respect to your other points, I never said they don't know what they're doing, only that what they're doing is not particularly interesting and I don't think it will keep the best people interested for more than a few years before they find it becomes humdrum routine. And by "product" you knew perfectly well what I meant - not some crappy in house web app used by a few hundred people who have no other choice, I mean a product that's available in the marketplace which competes for end users, probably consumers or professionals. Something where quality matters.

Comment: Bullshit non-story (Score 3, Insightful) 40

OK, so we have an article claiming Facebook is tracking everyone for evil advertising purposes, even when logged out. Facebook denies it and says it's garbage.

Let's go do 30 seconds of digging and see who is right, shall we?

  1. Open an incognito window. Open Chrome developer tools.
  2. Load a Facebook "page" (i.e. a product page for some third party product or service)
  3. Be amused by the giant "STOP!" warning printed to the console, apparently people are being tricked into copy/pasting stuff into the developer console to get their accounts hacked.
  4. Observe the cookies that are set.

There are three cookies set. Two of them appear to simply encode the loaded URL and have no ids or other interesting info. The last is the "DATR" cookie. What does DATR do? Well, we know what it does because last time this garbage blew up in the press Facebook explained what it does:

We set the ‘datr’ cookie when a web browser accesses facebook.com (except social plugin iframes), and the cookie helps us identify suspicious login activity and keep users safe. For instance, we use it to flag questionable activity like failed login attempts and attempts to create multiple spam accounts.

(link from here)

So it's an anti abuse and security feature. Nothing to do with advertising. Also, guess what - such cookies are common across many websites. They are quite useful for detecting spammers. Presumably Facebook tried to explain this to the Belgian regulator in question, but it's just so much better politically for said regulator to pretend they caught some evil company in their terrible advertising habits red handed, than learn how large websites work.

The problem is the more time the media and government regulators cry wolf over this stuff, the more inclined I am to believe they're all harmful idiots who want to break the web.

Comment: Re:Boo hoo (Score 4, Interesting) 234

by IamTheRealMike (#49385039) Attached to: NSA Worried About Recruitment, Post-Snowden

Yes The Equation Group [arstechnica.com] really seemed "2nd rate" and they sure didn't "make" anything.

TAO is what you would expect to see given a sufficiently large budget spent exclusively on hacking everything possible. The hacks are impressive in the sense that they take a lot of resources and time to develop and it wasn't previously obvious to what extent governments were committing resources to infrastructure subversion. They are not especially impressive from a technical perspective: it's basically a more professional and larger scale version of the types of malware produced by Russian banking fraudsters. Working from that down into BIOS hacks and the like is the inevitable result of spending billions on hackers year after year - they need to keep finding new things to exploit. Interesting, but only because it reinforces the idea that everything seems to be hackable.

But, what kind of people find this work interesting? I can imagine it would be interesting for a few years, especially if you're young and trapped inside a heavily propaganda controlled environment where you're told daily you're the Forces of Good in an epochal struggle against the Axis of Evil. But the amount of technical design work involved is minimal. The level of new technology is minimal. The "research" is simply finding ordinary bugs and flaws in other people's code. People oooh and aaah about the fact that these state malware platforms use a plugin architecture, whilst simultaneously finding the same thing in Photoshop entirely mundane.

Even the data analytics stuff is essentially just an A-B-C application of big data tech originally developed elsewhere, like at Google.

And the advanced maths the NSA is supposed to be famous for hardly shows up in the Snowden documents. It's pretty clear that their success against even crappy crypto is fragile at best (RC4), probably non-existent at worst (AES/strong RSA or anything past it). Their botched attempt to back door Dual-EC DRBG smells of desperation. They wouldn't build huge infrastructures for storing and obtaining stolen private keys if they had the mathematical tools to undo modern ciphers. So I suspect there are a lot of mathematicians at the NSA feeling kind of obsolete these days and wondering what they can contribute.

I'd say the only genuinely technically interesting work the FVEY guys are doing is the way they've been combining passive intercept with active, automated exploitation. QUANTUM is a pretty interesting thing and I'm not aware of anyone discussing anything like it before Snowden's leaks. However, it's also now a done deal. Beyond incremental improvements, there don't seem to be any obvious further directions for that project.

So as a programmer, developing hacks and malware can be entertaining for some years, but eventually I think most skilled people will want to flex their muscles in other ways. They will want to build something instead of break something. The best people will have a broad span of interests. In an organisation like Google or Facebook that's OK - you can work security for a few years, do some exploit research, then go on and transfer to some other project. Or leave but keep your work on your resume. At the NSA? There it's more limited. You can't easily leave the classified world because your work experience is a gaping void. They don't do product development. You will never make something that your family uses. You will never even develop the skills needed to do that.

Stories like this give me some hope that despite it's apparently bottomless budget, the NSA can still be beaten technically. They discard most of the qualified people because they aren't US citizens and the ones that are left would be well advised to take a career at a Silicon Valley firm where they can do very similar sorts of work, but for things that are unquestionably useful. If you go do big data analytics or security work in order to fight spam on Gmail (like I did), you don't have to worry about the moral impact of your work - spammers and hackers are unquestionably bad, so booting them off the platform is unquestionably good. If you go do the same work at the NSA you have to worry that the "terrorists" might just be random unlucky guys in Pakistan who were in the wrong place at the wrong time, or that the targets are simply foreign politicians or CEOs .... much murkier stuff.

Comment: Some Premises Need to be Questioned (Score 3, Insightful) 234

by Bruce Perens (#49383785) Attached to: NSA Worried About Recruitment, Post-Snowden

I am still having a little trouble with "we don't need our spies to spy". Maybe we do.

I am also having trouble believing that the kind of encryption we use on the Internet actually stops the U.S. Government from finding out whatever it wishes although IETF and sysadmins might be kidding themselves that it can. Government can get to the end systems. They can subborn your staff. Etc.

+ - We're Living In The Golden Age Of Star Trek Webseries Right Now

Submitted by DakotaSmith
DakotaSmith (937647) writes ""We're Living In The Golden Age Of Star Trek Webseries Right Now"

If you're a true geek, you already know about Star Trek Continues and Star Trek: Phase II .

(If you're a true geek and you don't know, run — do not walk run — to watch "Lolani". Your brain and — and more importantly, your heart — will love you for the rest of your life.)

But there's more to it than that. A lot more.

How about the years'-long wait for Act IV of Starship Exeter : "The Tressaurian Intersection"?

Or Yorktown: "A Time to Heal" — an attempt to resurrect an aborted fan film from 1978 starring George Takei?

For fans of old-school Star Trek (the ones who pre-date "Trekker" and wear "Trekkie" as a badge of honor) only since 1969 has there been a better time to watch Star Trek: The Original Series.

(Oh, and there's plenty content out there for you "Trekkers" and NextGen-era fans. It all varies in quality, but it doesn't take much effort to find them. This is truly a Golden Age. It'll have a place in the history books, alongside the Golden Age of Hollywood and the Golden Age of Television. Recognize it and enjoy it while it lasts.)"

Comment: Re: It's stupid (Score 1) 197

Yes. The last stuff I wrote that I couldn't compile today was in "Promal" or "Paradox". My C and C++ code from 1980 still builds and runs.

All of my web development is on Ruby on Rails. That environment has had a lot of development and I've had to port to new versions. So old code for RoR would not quite run out of the box, but it's close.

Comment: Re:How is limiting your market protection? (Score 2) 57

by IamTheRealMike (#49379331) Attached to: EU Commission Divided Over Nation-Specific Content Blocking

Clearly I don't understand capitalism.

Clearly. Geoblocking is at least partially about market segmentation. The EU is so large that it has extremely major disparities in wealth between its member nations. Consider the difference between Sweden and Romania. If you have a movie and charge a single price to stream it across the entire EU then:

a) Some people will find it incredibly cheap and others will find it still too expensive, just pushing them back towards piracy.

b) You end up having to deal with the tax systems of every single EU country anyway due to the retarded VAT changes they introduced this year, so it doesn't help simplify your business at all, and you theoretically aren't allowed to opt out of serving particular regions due to their horrible paperwork requirements, so being able to geoblock unprofitably complicated regions whilst claiming you have some other reason is quite attractive.

Comment: It's stupid (Score 0) 197

Development with a proprietary language is ultimately harmful to your own interests, whether you make proprietary software for a profit or Free software.

The one thing every business needs is control. When you make it possible for another company to block your business, you lose control. Your options become limited. Solving business problems potentially becomes very costly, involving a complete rewrite.

The one thing that should be abundantly clear to everyone by now is that making your business dependent on Microsoft anything is ultimately a losing proposition. They have a long history of deprecating their own products after customers have built products upon them.

Comment: Yes, it's free. Also, the patent system sucks (Score 2) 197

All Open Source licenses come with an implicit patent grant, it's an exhaustion doctrine in equitable law.

The problem is not patent holders who contribute to the code, you're protected from them. It's trolls who make no contribution and then sue.

Of course these same trolls sue regarding proprietary code as well.

IF I HAD A MINE SHAFT, I don't think I would just abandon it. There's got to be a better way. -- Jack Handley, The New Mexican, 1988.

Working...