Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment: Re:Therac 25 (Score 5, Insightful) 235 235

What happened is that people who used the system very day, day in and day out, became so fast at entering the machine settings the rate of UI events exceeded the ability of the custom monitor software written for the machine to respond correctly to them.

Which is still to some extent a UI issue.

But the literal "killer" is what happened next:
  1) The machine detected that it had screwed up.
  2) But the UI reported this by a cryptic error message: "MALFUNCTION nn" - where the 1 = nn = 64 error codes not only weren't explanatory, but weren't even included in the manual.
  3) And if the operator hit "P" (for "proceed") the machine would GO AHEAD AND OPERATE in the known-to-be-broken mode, giving the patient a fatal (high-power, not-swept-around) electrons rather than a 100x weaker flood of x-rays, with NO FURTHER INDICATION that something is still wrong (unless you count the patient sometimes screaming and running out of the room.)

If 2) and 3) aren't user interface problems, what is?

Comment: Re:Therac 25 (Score 3, Informative) 235 235

According to wikipedia, that had software problems that ended up killing people What's that got to do with UI changes and user experience?

The original post was about bad user interfaces causing harm to people. Changes breaking the user experience was only one of the issues.

In Therac's case the bug WAS primarily in the user interface:
  - Due to a race condition, if a button happened to be pressed at the wrong moment and the menu filled out in a particular order, the device would configure the electron beam for x-ray generation rather than electron beam generation (high electron beam current, no scanning) but not position the target, flattening filter, collimator, or ion-chamber x-ray sensor in the beamway, resulting in a configuration that irradiated the patient with beta radiation, rather than x-rays, at 100x a normal dose.)
  - The machine DID detect that there was a problem. But it reported it as "MALFUNCTION nn" - where nn was a number from 1 to 64 and not explained in the manual. If the operator entered "P" (proceed), it would then go ahead and operate in the improper mode anyhow.

Both the second part and most of the first part sound like user interface problem to me.

Comment: Projects on github should "git fetch" NOW! (Score 1) 94 94

Someone started uploading all the HackingTeam source code to GitHub ... There are also some signing keys for kernel drivers in here.


Anyone with a project hosted on git hub should pull a backup copy NOW!

Hosting this leak on git hub could lead to moves by authorities to contain it - which could have the side effect of making GitHub and/or some projects on it unavailable - temporarily or permanently.

Better safe than sorry.

Comment: Also driver and closed-device rooting projects? (Score 1) 94 94

... will this help bona fide security researchers with their work on fighting exploits on all platforms ... ?

I wonder if this will also help people trying to write open software for closed devices? Signing keys, driver sources with spyware installed, ... Not only does it expose the malware bypassing the user's security, it may also expose the internal details of how the devices are driven and/or how to compromise the malware's and devices' anti-user "security".

(I have often wondered how many of the closed-driver devices have the code closed just for business reasons and how many are closed because that's where the spyware has been installed and they can't let the source out - even sanitized - because that would lead to the spyware's exposure.)

Comment: Also to try to head off "the common man". (Score 1) 394 394

The goal is to intimidate the makers of such designs. Arrest first and ask questions later, when such designs get out.

It's also to make it harder for "the common man" to arm himself - in case a Schelling Point is reached and a LOT of people suddenly decide that they need to arm themselves against the government or its puppeteers. By slowing them down, and reducing the number and quality of designs available, the powers that be have more time to react and try to divide and reconquer.

Of course intimidating designers is a big part of that.

Comment: Which is why OpenBSD is hosted in Canada (Score 1) 394 394

This is not the first time they did this. In fact it has quite an interesting history in cryptography that was classified as a munition for just this reason.

Which is why OpenBSD is hosted from outside the US. (It's NOT just that Theo happens to live in Canada.)

Comment: Re:"Edge" (Score 1) 140 140

Then that is a fail right there. They wanted to change the name from IE because of its bad reputation but if they still want people to relate back to the icon it's not going to get them very far.

They only want people who are at least slightly tech-savvy to think it's a totally new browser. They want stupid people who don't know anything to think it's the same old browser they're already familiar with. Changing the name while keeping the icon seems like a good way to accomplish these goals.

Comment: Same here. (Score 1) 658 658

I have similar issues:
  - Towing several tons (travel trailer or 23 foot trailerable-with-extreme-trailer deep-keel coastal-water-ocean-capable sailboat) up and down mountains and cross-country.
  - Going to/from the ranch - over 250 miles one way (over the Altamont grade, across the central valley, and through a pass in the Sierras) - with the last 0.7 miles sometimes hubcap-deep mud.
  - Carrying ranch groceries for several months and/or other supplies or equipment from the nearest supermarket etc. - 27 miles away.
and so on.
  - Off-roading to visit ghost towns and other historic sites in the Nevada Desert - where "running out of gas" - in the absence of cell phone service - might mean your skeletons are discovered in a couple years.

On the other hand, for trips about 3/4 of the year and NOT towing, a plug-in hybrid or an all-electric vehicle with sufficient range, serious regenerative braking, and adequate cargo capacity for two week's groceries and luggage for two, would be ideal. Charge it up at each end (off a windmill/solar at the Nevada end) to start full, use regenerative braking on the downslopes to power across the valley or up the next up slope. For a hybrid: Top off the batteries while cruising the central valley and use batteries plus engine to avoid being a creeping traffic hazard on the mountain roads.

My cycle would be almost identical to a Silicon Valley worker who mostly commutes 25 miles each way and occasionally vacations at the Lake Tahoe ski resorts or Reno or camps in the Sierras. A single vehicle that could do both - rather than needing two vehicles to accommodate the use pattern - would be ideal.

Comment: Systemd, pass II (Score 1) 180 180

Sure, no problem. If you dislike systemd that much, it certainly makes sense to move to a different software platform.

I don't particularly dislike systemd per se. I do observe the controversy around it, and the image of it and its project, painted by its opponents (some of whom have enough creds that it's unlikely that they're talking through their hats), indicates that the claimed issues are likely to be real problems, and this may be a tipping point for Linux adoption and user choice among distributions or OSes.

Your Snowden argument isn't particularly applicable in this instance, as you have access to the full source code for systemd. If you're not comfortable looking through C code, then any init system would be a problem for you. ... If you think that porting your laptop, home servers and desktops to a completely different operating system is less effort than learning how systemd works, then I can only conclude you haven't tried to learn how systemd works. Or you've severely underestimated the work involved in moving to another OS.

I did my first Linux drivers (a PROM burner and a Selectric-with-selonoids printer) on my personal Altos ACS 68000 running System III, wrote a driver for a block-structured tape drive for AUX - working from my own decompilation of their SCSI disk driver (since the sources weren't available to me initially), ported and augmented a mainframe RAID controller from SvR3 to SvR4, and so on, for nearly three decades, through hacking DeviceTree on my current project. I don't think C has many problems left for me, nor does moving to yet another UNIX environment - especially to one that is still organized in the old, familiar, fashion. B-)

As for trying to learn how systemd works, that's not the proper question. Instead, I ask what is so great about it that I should spend the time to do so, distracting me from my other work, and how doing this would meet my goals (especially the undertand-the-security-issues goal), as compared to moving to a well-supported, time-proven, high-reliability, security-conscious alternative (which is also under a license that is less of a sell to the PHBs when building it into a shippable product.)

Snowden's revealations show that the NSA, and others like them are adept, at taking advantage of problems in obscure corners of systems and using that obscurity to avoid detection. The defence against this is simplicity and clarity, avoiding the complexity that creates subtle bugs and hides them by burying them in distractions. Bigger haystacks hide more needles.

The configuration for systemd isn't buried. It's there for all to see and change, in plain text. Logging in binary form is _optional_. You can choose to direct logged messages to syslog, or use both syslog and binary, to have the "best of both worlds", albeit with the best of disk usage.

Unfortunately, I don't get to make that choice myself. It's made by the distribution maintainers. My choice is to accept it, open the can of worms and redo the work of entire teams (and hope their software updates don't break things faster than I fix them), or pick another distribution or OS.

Again, why should I put myself on such a treadmill of unending extra work? If I could trust the maintainers to mostly make the right choices I could go along - with no more than an audit and perhaps an occasional tweak. But if they were making what I consider the right choices, I wouldn't expect to see such a debacle.

Entangling diverse processes into an interlocking mass is what operating systems are all about! ;)

No, it's not. The job of an operating system is to KEEP them from becoming an interlocking mass, while letting them become an interacting system to only the extent appropriate. It isolates them in their own boxes, protects them from each other, and facilitates their access to resources and ONLY their LEGITIMATE interaction wherever appropriate and/or necessary. The job is to Keep It Simple while letting it work.

Your phrasing, and making a joke of this issue, is symptomatic of what is alleged to be wrong with systemd and the engineering behind it.

Comment: Re:Routing around (Score 2) 198 198

At a large scale, the internet was designed to route around individual problems such as this.
Can't this same principle be applied on a smaller scale?

Yes, it can. Just dig a whole bunch MORE trenches around the country at enormous cost.

The SONET fiber networks were designed to be primarily intersecting rings. Most sites have fiber going in opposite directions (with a few having more than two fibers going off in more than two directions so it's not just ONE big, convoluted, ring.) This is built right into the signaling architecture: Bandwitdth slots are pre-assigned in both directions around the ring. Cut ONE fiber run and the signals that would have crossed the break are folded back at the boxes at each end of the break, run around the ring the other way, and get to where they're going after taking the long route. The switching is automatic and takes place in miliseconds. The ring approach means that the expensive cable runs are about a short and as separated as it's possible to make them.

But cut the ring in TWO places and it partitions into two, unconnected, networks. To get from one to the other you have to hope there's another run between the two pieces, and there's enough switching where they join to reroute the traffic.

IP WANs have, in some portions, also adopted the ring topology as they move to fiber, rather than sticking to the historic "network of intersecting trees" approach everywhere. That's partly because much of the long haul is done on formerly "dark fiber" laid down in bundles with the SONET rings from the great fiber buildout (or is carried in assigned bandwidth slots on the SONET networks themselves), partly because the same economics of achieving redundancy while minimizing costly digging apply to high-bandwidth networking regardless of the format of the traffic, and partly because routers that KNOW they're on a ring can reroute everything quickly when a fiber run fails, rather than rediscovering what's still alive and recomputing all the routing tables.

= = = = =

Personal note: Back when Pacific Bell was stringing its fibers around the San Francisco Bay Area, I was living in Palo Alto. They did their backbone as two rings. There was only one section, perhaps a mile long, where BOTH rings ran along the same route. It happened to go right past my house, with the big, many-manhole repeater vault right next to the house. (I used to daydream of running my own fiber the few feet into the vault. B-) The best I had available, in those pre-DSL days, were dialup with Telebit PEP modems (18-23 k half-duplex) and base-rate (128k) ISDN.)

Comment: Re: Thanks Linus! (Score 1) 180 180

Anyway, I digress. Advantages of systemd are: [long list]

Those are all very nice things to have.

Unfortunately, for my needs, simplicity and understandability are far more important than a fast boot and feature-rich management of the runtime environment. I need to KNOW that things are being handled properly and securely. That's become far more important since Snowden showed us, not that the spooks were getting into our computers (which we'd already figured was happening), but how DEEPLY and EFFECTIVELY their technology and personnel are able to do so.

If the improved functionality is at the cost of burying the configuration and logging in non-human-readable form and entangling diverse processes into an interlocking mass under a complex and ever growing manager, the shark has been jumped.

Though Linux has been becoming (MUCH!) more usable with time, its configuration has been buried progressively more deeply under more and more "convenient and simplifying", but non-transparent, configuration management tools. Systemd is the continuation of the trend. But it is also a quantum leap, rather than another thin slice off the salami. So it has apparently created the "Shelling Point", where a lot of frogs simultaneously figure out that NOW is the time to jump out of the pot.

It's been a great ride. It had the potential to be even greater. But I think this is where it took the wrong turn and it's time for me to get serious about switching.

There's good reason to switch to NetBSD at work, on the product. (The code supporting the secret sauce is on the user side of the API and is Posix compatible, so it should be no big problem.) Porting my laptop, home servers, and desktops to OpenBSD now looks like it's worth the effort - and less effort than trying to learn, and keep abreast of, the internals of systemd.

Call me if somebody comes up with a way to obtain the key benefits of systemd in a simple and transparent manner, rather than creating an opaque mass reminiscent of Tron's Master Control Program. (Unfortunately, the downsides of systemd's approach seem to be built into its fundamental structure, so I don't expect it to evolve into something suitable, even if it's forked.)

Comment: The choice seems clear. (Score 1) 180 180

As I understand the three major forks:

One (OpenBSD) is for having as secure a desktop/server/embedded platform as the maintainers can manage - important in this post-Snowden era (as it was, all unknown, in the era preceding Snowden B-b). It is based outside the US so it can incorporate strong encryption without coming afoul of US export controls.

One (NetBSD) is for developing network internals software and networking platforms (typically ported, when possible and not part of a proprietary product, to the others and other OSes.)

One (FreeBSD), now that its original purpose of getting the code disentangled from proprietary accomplished and the other two projects forked from it, is for making an open unix-like system run on the widest range of hardware platforms and devices possible.

Unless you're using your machine for building networking equipment or it's a new hardware platform under development, the choice seems clear.

Comment: Re:... run away, screaming like little girl. (Score 0) 180 180

Are we allowed to say that out loud?

According to the first amendment, the government of the United States can't stop you.

If the denizens of the largest religion of the Unitied States (Progressivism), or at least their media spokespreachers, decide to gang-shun you, there's still the other half of the population to interact with.

Fortunately, techies usually have to deal with real-world more than social issues. Unfortunately, PHBs have control of the money and have to interact with the fanatics. Fortunately, techies are noted for not being skilled on social fads and are given much slack. Unfortunately, that slack sometimes comes with a hook: The PHB tells his techies not to be a "lightning rod" and say/post things, in a way traceable to a particular employee of The Company, that might bring down the wrath of the pressure groups, make it look like his "herd of cats" really IS crazy and repell funders and customers, or otherwise make his job harder than it already is.

Which (mainly the "crazy cats" case) is why I started posting anything that MIGHT be controversial under pseudonyms. And a reference to the PHB's order is the origin of the slashdot pseudonym "Ungrounded Lightning Rod" (since slashed down to "Ungrounded Lightning" by changes to the slashcode that limited pseudonym size). And why, now that "ULR" has a large and valuable reputation (and though that reputation might help with job searches) I STILL don't out the corresponding "True Name" on any electronic medium.

(So now you know.)

In Linus' case, I doubt that even a gang-shun by the Politically Correct would have an impact, on his finances, his social standing, or the adoption of his work or technical ideas.

(Can you imagine, for instance, the luddites , or even Microsoft's PR department, trying to get people to avoid Linux and switch to Windows or MacOS, or avoid git and switch to Clearcase, Bitkeeper, ... because Linus once said "... run away, screaming like little girl" and therefore must be a Sexist Pig? Especially, can you imagine ANY tech company using THAT slander and thus inviting that kind of scrutiny of their OWN people? B-) )

Comment: Re:He answered the most boring questions! (Score 2) 180 180

So have faith. Either he's right, and systemd will not turn out to be that bad, or his faith in systemd will end in tears, and then, he'll sit down and write a new startup management system that will kick everybody else's collective asses!

Or maybe somebody ELSE will write a kick-ass init system, and Linus will say "Hey, that's cool!" and promote it. Or the maintainers of a major distribution will adopt it. Or those of a MINOR distribution will - and user will migrate.

Linus is great. But why does THIS have to be HIS problem? The init system may have a bit of extra-special status and privilege, but it's largely NOT the kernel's problem. Along with the system call API it is THE boundary between the kernel guts and the user/demon/daemon firmament. It says to the kernel: "Thanks, I'll take it from here."

+ - XKEYSCORE: NSA'S Google for the World's Private Communications->

Advocatus Diaboli writes: "The NSA’s ability to piggyback off of private companies’ tracking of their own users is a vital instrument that allows the agency to trace the data it collects to individual users. It makes no difference if visitors switch to public Wi-Fi networks or connect to VPNs to change their IP addresses: the tracking cookie will follow them around as long as they are using the same web browser and fail to clear their cookies. Apps that run on tablets and smartphones also use analytics services that uniquely track users. Almost every time a user sees an advertisement (in an app or in a web browser), the ad network is tracking users in the same way. A secret GCHQ and CSE program called BADASS, which is similar to XKEYSCORE but with a much narrower scope, mines as much valuable information from leaky smartphone apps as possible, including unique tracking identifiers that app developers use to track their own users."


"Other information gained via XKEYSCORE facilitates the remote exploitation of target computers. By extracting browser fingerprint and operating system versions from Internet traffic, the system allows analysts to quickly assess the exploitability of a target. Brossard, the security researcher, said that “NSA has built an impressively complete set of automated hacking tools for their analysts to use.” Given the breadth of information collected by XKEYSCORE, accessing and exploiting a target’s online activity is a matter of a few mouse clicks. Brossard explains: “The amount of work an analyst has to perform to actually break into remote computers over the Internet seems ridiculously reduced — we are talking minutes, if not seconds. Simple. As easy as typing a few words in Google.”

Link to Original Source

Your mode of life will be changed to EBCDIC.