Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment: Re:Who cares (Score 0) 87

by firewrought (#48628211) Attached to: Did Alcatraz Escapees Survive? Computer Program Says They Might Have

If they had the smarts to pull off the escape, why assume they wouldn't have the smarts not to boast about it?

Why assume mechanical intelligence magically translates into the skills needed to quietly re-insert oneself into society? Different skillsets, mate, and I daresay that the latter task is harder when you're use to getting by on bank robberies and so forth.

TL;DR - being smart isn't the same thing as having sense.

Comment: Re:BT is the worldbeater it was billed as! (Score 1) 47

by firewrought (#48558557) Attached to: Bluetooth Gains Direct Internet Access, Security Enhancements

"The Bluetooth spec never quite became the worldbeater it was billed as"

What are you talking about, BT is the de-facto standard for connecting wirelessly with almost any device today, ranging from audio devices to input devices to applliances, how has it not beaten any comparable specification, in fact is there even another _usable_ alternative?

I'm assuming O.P. is of the opinion that Bluetooth was massively over-hyped when it was first introduced to the masses (c. 2001/2002... I seem to remember seeing a ridiculous billboard promising that it would change the world, etc.). However, nobody really used it for a long time. At this point in history, USB had firmly displaced PS/2 (while slowly encroaching on other ports--audio, ethernet, etc.) and WiFi had just gotten fast with the draft g spec. BT was the new kid on the block that everybody ignored... I mean, perhaps you could get a BT-enabled wireless mouse at CompUSA, if you we were willing to pay a $15 premium over a non-BT wireless mouse.

At some point, it gained traction with high-end cellphone users (giving rise to the now-absent earbud) and slowly started appearing in other products (speakers, laptops, etc). However, I think it took the rise of smartphones (starting with Apple's iPhone in 2007) to really establish the importance and permanence of BT. Now everyone has a host device that can talk BT and its myriad of task-specific protocols (audio, HID, etc.). So now you have a real ecosystem going.

But even now it's flaky. Devices from different manufacturers don't always work well. My wife's car talk with her iphone, but loses the pairing every few days. My laptop can talk to one pair of BT headphones, but not the other. And new standards are encroaching from both ends... NFC's and QR codes for extremely short distances, MiraCast/Wi-Fi Direct for longer distances and greater volumes of data.

Don't get me wrong... Bluetooth is secure and can confidently call itself a worldbeater. But maybe not the same type of worldbeater that USB turned out to be.

Comment: Re:Can Iowa handle a circus that large? (Score 4, Interesting) 433

by firewrought (#48467981) Attached to: Former HP CEO Carly Fiorina Considering US Presidential Run

Forget about it. Just move on and go back to core basics in freedom and liberty. The Libertarian platform is your best hope, just drop the identity politics as authoritative tyranny needs to be stopped.

Sigh... if only. Unfortunately, the libertarian brand of freedom is in effect more about shifting federal power to wealthy corporations, religious institutions, and state-level control than it is about empowering individuals to have control over their own lives. There's no emphasis on education, healthcare reform, consumer protection, or intellectual property reform; there's very inconsistent support for the broad field of civil rights (including digital rights, women's rights, LGBT rights, worker's rights, immigration policy, police accountability, civil asset forfeiture reform, etc.).

They've got some good points: supporting gun rights, legalizing/decriminalizing marijuana, limiting federal power, challenging the DOD budget, and opposing pointless wars in the middle east. I give them points for wanting to confront reality on social security/medicare, even if their solution is to tear down most of the safety nets. When it comes to taxes or the environment, they seem to live in some far off fantasyland that wants to entrust our air/water/infrastructure/dignity to profit-focused institutions.

Unfortunately it's tainted by a bunch of anarchist nut balls, but I believe it's worth cleaning up and reorganizing to make it a viable serious party.

It's tainted even more by plutocrat backers that want power over others (without the pesky need to get elected) and zero taxes. But yeah, there is a core to their message that might be worth redeeming. It seems to me like they should seek out moderate democrats and try to establish a new liberalism. Maybe some progressives could acknowledge that life is just going to have some unhappy stories sometimes, and you don't need to pass a law or start a new government program everytime something on the news make you sad. Ultimately, we need both individual liberty and social responsibility.

Comment: Re:Photo Editing (Score 1) 330

by firewrought (#48441553) Attached to: Eizo Debuts Monitor With 1:1 Aspect Ratio

Radius made for the Macintosh in the long, long ago.

They're not in the biz anymore, but you can find plenty of pivoting monitors sold by the major brands. Some of my coworkers really like having one monitor in landscape (for spreadsheets, coding, etc.) and one in portrait (for documentation, web pages, etc). If you want one, do your research: portrait mode may not support wide viewing angles well, and font rendering may be screwy (because sub-pixel rendering assumes horizontal sub-pixels, not vertical ones). Also, unlike your smartphone, pivoting monitors don't necessarily contain a sensor to automatically detect changes in orientation: you have to tell the OS to display output for you, then physically rotate the display.

Comment: Re:Can someone expolain what's so great about HTML (Score 1) 133

by firewrought (#48412093) Attached to: HTML5: It's Already Everywhere, Even In Mobile
Parent's exactly right.... HTML5 is significant because it's an application development platform that runs almost everywhere. Yes, there are a lot of problems with standardization, security, semantics, etc., as others in this thread have pointed out, but none of this answers the question posed by OP... you can publish an HTML5 application today and it's instantly available to be run on hundreds of millions of phones, tablets, and PC's worldwide. That's a killer feature that no other development platform provides. (No, JWS doesn't count.)

Comment: Re:Or just practicing for an actual job (Score 1) 320

by firewrought (#48370599) Attached to: Duke: No Mercy For CS 201 Cheaters Who Don't Turn Selves In By Wednesday

Just out of curiosity are there any professional programmers out there who don't regularly copy functions from the Internet?

The whole point of the course is to try & figure out how data structures and algorithms are implemented. It's as much about problem solving as it is coding. Sure, you could always just use std::vector in your C++ programs for vectors, but do you really understand how they work? What about binary trees and linked lists? That's the type of stuff they're teaching in these classes. Copying code & modifying it for your own purposes is fine for production, but if these students don't understand how the underlying code works, then their chances of successfully using it greatly diminishes.

And to extend what you're saying, ultimately professional programmers *do* have to design novel data structures and the algorithms to manage them. How are you going to build a thread-safe incrementally updating cross-reference table when you don't even know to implement a linked list?

Comment: Re:Dumb idea ... Lots of assumptions .... (Score 2) 698

by firewrought (#48370451) Attached to: US School Installs 'Shooter Detection' System

To obtain a firearm certificate, the police must be satisfied that a person has "good reason" to own each firearm, and that they can be trusted with it "without danger to the public safety or to the peace". Under Home Office guidelines, firearms certificates are only issued if a person has legitimate sporting, collecting, or work-related reasons for ownership. Since 1968, self-defence has not been considered a valid reason to own a firearm.

Not even remotely similar to anything proposed in the US as common sense.

In the US, protection from the state itself is a valid reason to own a firearm. The founders believed that the government must always be afraid of the people, not the other way around, and the second amendment was seen (rightly or wrongly) as a means of securing this.

Comment: Re:Sounds like what Sun did (Score 1) 525

The codebase has been sitting behind a proprietary wall for so long that it's been completely insulated from the real world of code quality

The wall's not that high: Reflector and ILSpy have been around for a long time, and non-obfuscated .NET code decompiles pretty cleanly.

The real world expects quality code on par with the BSD kernel.

(1) Most all production code is crappy, especially application code. (2) Systems/kernel code is generally high-quality because it has to be. (3) From what I've seen, the .NET API's are pretty decent... both on the outside (with excellent usablity*) and on the inside (with mostly straightforward code**). (4) I haven't seen the .NET run-time code, but Microsoft undoubtedly invested some of their best systems developers in designing the CLR. I'd be surprised if it stank bad enough to drive folks to Java.

* Excepting the huge learning curve with some API's, like WCF and WPF. ** An exception would be the configuration system, which is painful in many ways.

Comment: Re:Why feed the lawyers? (Score 2) 268

by firewrought (#48360573) Attached to: GNOME Project Seeks Donations For Trademark Battle With Groupon

Huh? What does that have to do with anything? Was GNOME marketing Lowes POS system under the name GNOME? No. Someone just happened to use the GNOME desktop manager to make a POS system (not called GNOME).

For all we know, Lowe's (or a software vendor contracted by Lowes) may have marketed (or may choose in the future to market) their POS to other parties as a GNOME-based product. It wouldn't be the product name, but it could be trumpeted in the feature listing. For that matter, the GNOME project may reasonably identify an opportunity to produce a POS-specific version of their product and want to call it "GNOME-POS" or something.

The Lowe's example definitely shows the overlapping and competing uses of the name: your average moron in a hurry isn't going to know the difference between a POS named "Gnome" and a Desktop Environment called "GNOME" that can be used to construct POS systems.

Boss: "Should we buy Gnome for our POS?"

Employee: "No, we should use GNOME for our POS."

Boss: "WTF??"

Comment: Re:Guns aren't needed for a revolution (Score 1) 184

by firewrought (#48335727) Attached to: British Spies Are Free To Target Lawyers and Journalists

Guns aren't required for a revolution to occur.

See also 198 Methods of Nonviolent Action (from the book From Dictatorship to Democracy, available here).

Certainly you can have a revolution with guns but the notion that your little peashooter is what is keeping the most powerful military on the planet in check is pretty much laughable.

Don't underestimate the value of possessing threat capability, even if you're not going to use it. Would Gandhi, King, and Mandela have been equally successful in a society without the simmering potential for all-out race war?

Comment: Re:Why so high? (Score 2) 223

by firewrought (#48226055) Attached to: Passwords: Too Much and Not Enough

Why would it ever be even close to that high. Every decent system I have ever encountered raised some serious flags after 3-5 wrong guesses. If you flag an account after 10 wrong guesses, start requiring a CAPTCHA after the first one, and ban ip addresses when you detect massive multiple account attempts, you can offer security fool proof security, with, lets say, around 100 guesses.

If it only takes 100 guesses, then an attacker can slowly try passwords stretched out over time, depending on his victim's routine behavior of logging in a couple times per day to reset the fail count. Or maybe he can try 1 guess (with 1/100th odds) on each account in the target system. If there are hundreds of accounts... well, you get the idea.

IP-based banning can make this harder (forcing the attacker to find/use multiple victim PC's), but it's not widespread yet (for instance, I don't think Active Directory or slapd support it).

Comment: Re:I can't stand coupons (Score 1) 163

by firewrought (#48225875) Attached to: How To Beat Online Price Discrimination

[Coupons are] there to get people to make decisions that they otherwise wouldn't make, usually bad ones.

In addition, they serve as a form of price discrimination: you can save a nice chunk of change on groceries by taking an hour each week to clip your way thru the Sunday paper, but once you have enough disposable income (and perhaps less leisure time) it's no longer worth it.

Comment: Re:Since these people still don't get it.... (Score 1) 79

by firewrought (#48214447) Attached to: DHS Investigates 24 Potentially Lethal IoT Medical Devices

Don't get me wrong: safer programming languages and runtimes definitely help, especially with buffer overflows (thanks C++!), but it's one aspect of many that impact security.

it won't prevent devs from concatenating SQL with user input

You can't do this in, say Haskell, unless you write your own SQL interface library that builds solely on strings.

Granted, I lost interest in Haskell somewhere around hitting the Functor/Monad point, but if devs can send raw SQL to the database, they will do so.

misusing threading primitives

You can't do this in concurrent safe languages, like Concurrent ML, Rust and Haskell.

Yes, you can.

So basically, safety properties have importance on par with domain requirements, and must be subject to the same rigour that domain features get, ie. testing, verification, etc.

Good luck spreading that attitude. Makers of device drivers, SCADA, etc., dearly need it.

Basically, the safer the language, in the sense that the more properties can be assured at compile-time, the more features and safety properties you can verify, and the fewer security vulnerabilities.

That helps get us closer, certainty. The language and runtime can help catch/eliminate common, elementary mistakes. It's not the silver bullet though: wherever creative work is being done, therein lies the potential for new vulnerabilities.

Comment: Re:Since these people still don't get it.... (Score 1) 79

by firewrought (#48203845) Attached to: DHS Investigates 24 Potentially Lethal IoT Medical Devices

Anything computerized with a network connection can (and most likely WILL) be hacked...

Not if you take appropriate precautions, like using a safe programming language.

Don't be naive... security is a deep and subtle problem, full of nasty surprises. There is no magic bullet solution... your "safe programming language" has thousands of bugs in its standard API and run-time; it won't prevent devs from concatenating SQL with user input, misusing threading primitives, or bungling up an authentication protocol; it certainly won't patch up the numerous ways of subverting https or the modern web browser. To be secure (or have a reasonably good chance at being secure), you must at minimum use an approach where (1) security is a primary design concern thru the entire product lifecycle, (2) security solutions are deployed in a structured/layered approach using (3) actual expertise, and (4) security is an ongoing program with both proactive and reactive elements.

(Convincing your government to help software/hardware/network companies fix their security problems instead of purposely introducing them would be a good idea too, but it looks like society is determined to learn this the hard way.)

"Bureaucracy is the enemy of innovation." -- Mark Shepherd, former President and CEO of Texas Instruments