Follow Slashdot stories on Twitter


Forgot your password?

Comment Re:Roll-back as in play-back? (Score 1) 55

Like, they record how the ATM communicates the authentication portion of the transaction, and replay that same communication with the ATM until its stored cash has all been dispensed and it's now empty?

Had this fantasy in the 1980s when I noticed the student union ATM had what looked like an exposed Cat-3 phone cable sticking out of it. I naively thought "what if it's a modem, and you tapped the line, reverse engineered a withdrawal transaction, and then replayed the withdrawal ACK endlessly until you sucked all the money out."

As it happened, 20-odd years later, I ended up at dinner with the guy that ran that ATM network at the time. One, he said that was most likely a leased line, not a dialup, making the interception of the more complicated than an analog modem. Two, he said there was anti-replay and encryption built into the system even then.

His advice was to just steal the entire ATM.

Comment Re:static linking on windows (Score 1) 103

It does leave you permanently vulnerable to any flaws in the particular version of the library you linked against, or such is my understanding.

The assumption being that anyone (for most definitions of anyone) knows what DLLs their application loads and what the status of their patch levels are.

I still static link though because whenever I upload something (using a video filtering plugin) at least one person won't have the right runtime installed at all.

Which IMHO is the main mitigating factor -- what's the actual security risk versus the functional risk of the wrong library breaking the program?

I don't know if its technically possible, but it would be interesting to use a computer where everything was statically linked to see how much worse resource usage really was.

Comment There's the economics, too (Score 1) 151

Then there's the value economics, too.

Endurance testing have revealed modern SSDs to be remarkably reliable -- this guy wrote 7 PB to an 850 Pro.

But let's say the failure rate is N% higher than HDDs for a given application. But the drive itself is much faster and uses less power than a HDD. What number N is acceptable as an increased failure rate in exchange for the vastly improved performance?

In an array, the performance increase may allow the use of single parity over double parity due to the increase in rebuild times and reduced stress on the other members, resulting in better overall storage efficiency through reduced redundancy. Then there's power savings, too, if you're spinning and cooling a large number of HDDs.

My wild guess is that drives like the 850 Pro already have a dollar cost and failure rate low enough that the performance improvement is so great over HDDs that for most applications it's already superior to HDDs. The only places it may not be are weird corner cases requiring extreme storage densities at very low costs.

Comment Re:Flash won already (Score 2) 151

If you look at a list of new computers, you will notice that a surprisingly large amount of PCs are already shipping with 128 GB or 256 GB SSD. That's gonna hold everything that most people need.

Well, that's a bit difficult to generalize, which is a challenge that computer manufacturer's are having a bit more difficulty addressing. 128GB is fine for a browser/office suite computer, but with the OS taking 20-30GB of that (depending on OS/version/swap file size/hibernation file size), 128GB gets pretty cramped, pretty quickly, if a moderately sized iTunes library is involved. Moreover, phone backups / picture sync for images that are 10MP and higher will eat up that 128GB fairly quickly.

256GB is about the sweet spot for most laptop users, but it's surprisingly frequent that 256GB being enough space is largely contingent upon "data living somewhere else" - be it Teh Cloud (tm), a server share, a NAS of some kind, or an external drive. The ability to stream Netflix and Spotify and at least some iTunes content is definitely helpful, but anemic internal storage is only viable because "data living external to the device itself" has become a way of life for most of those users.

Comment Re:Unearned Platforms Given to Moral Guardians (Score 1) 207

Although funny enough, those with actual money and marketing research seem to think it is more important to listen than those that want to make up statistics from their mother's basement.

It's simple economy. They tend to want to cater to people who are inclined to buy their games instead of loudmouthed bitches who certainly won't.

Comment Re:Unearned Platforms Given to Moral Guardians (Score 1) 207

How is this overreacting? If she wants to see a guy's butt in a game, she should get one written. Keep your dirty paws off my games and get your own done if you don't like them.

You know, there's something you can do if you don't like it: Not looking. I tried it on her videos and guess what? It actually does work, ignoring her really makes me feel better.

Comment Re:Whatever happened to the micropayment idea? (Score 1) 300

Computationally, the overhead is kind of trivial.

If you're relying on the traditional credit card payment network then the cost overhead is high along with all the attendant accept credit card payment overhead.

But if you had a centralized micropayment service, the overhead gets down to a much lower level.

In an ideal world, such a service would be run as a non-profit (whatever skim would just go to running the service). Users would add funds to their micropayment account via normal methods to consolidate the usual banking transaction costs. The micropayment system could have some built-in checks, ie, users could set a maximum micropayment per site, or per time period, etc.

All of this sounds suspiciously like a clone of paypal with some added features for a micropayment system.

I think the bigger issue is establishing pricing and its attendant value. What's an article or web site visit *worth*? How much are you willing to spend per month and what kinds of quality expectations do you have over free, and how much quality can a site expect to deliver for some kind of micropayment? Is it just ad-free content, or is there some expectation of more quality by consumers to make it even worth 10 cents per site visit?

Comment Re:No such thing (Score 2) 300

There seems to be some outer limit to this, at least at more legitimate sites because I see a lot of fake articles labeled as "sponsored content". Maybe I'm dreaming this, but didn't the commerce department make some noise about needing to label sponsored content as sponsored content? Or is this something that more legitimate news sites are doing to not totally alienate their readers?

Slashdot Top Deals

Power corrupts. And atomic power corrupts atomically.