Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Perhaps a change in law is needed ... (Score 5, Insightful) 207

by golodh (#49100587) Attached to: Wired On 3-D Printers As Fraud Enablers
one that protects non-commercial printing of spare parts or widgets for home use as "fair use".

I mean ... I've experienced a few times when a $50 - $200 appliance didn't work anymore because a $0.005 piece of plastic broke.

If the appliance is still under warranty, you can take up the cudgels and have it repaired or replaced. If it's out of warranty, you *might* be able to have it repaired, only to find that repairs typically cost between 50% and 150% of the purchase price.

What could be more reasonable to suspend legal restrictions barring you from 3D-printing that widget (if at all possible)?

As far as I know, it's very very rare that such a widget is of such clever design that you freeload on someone's hard work. What I think is the case (on basis of a thoroughly non-scientific survey, sample-size 6, personal observation) is that any ingenuity in the design is spent in making sure the widget in question can't be second-sourced without infringing on some sort of patent. E.g. by adding a special notch, a special hole, or simply making the dimensions so that the widget is unlike any other on the planet (and any other widgets won't fit).

Comment: Watch for a huge increase in random surveillance (Score 1) 343

Just look at the gem of prose posted by New Ginrich (see [http://edition.cnn.com/2014/12/18/opinion/gingrich-america-lost-cyberwar-sony/ ]) in which mr. Ginrich demonstrates great form in a piece of emotional hyperbole that simultaneously waves the flag, beats the war-drum, disses the current government, advocates piracy, and slyly suggests that national control over the internet is the way to go.

Mr. Gingrich obviously never read Schneier's informative and professional response. Doing things like that would only slow mr. Ginrich down.

No. Mr. Ginrich has made up his mind already and frames as war what is basically a combination of poor security (both protection and response were found to be sub-par), unprofessional conduct (mean-spirited, abusive, and racist comments), user stupidity (entrusting highly personal information to a company email system), and bad luck (being targeted by a persistent and capable attacker).

The only way Mr. Ginrich can achieve his national cyberspace defense "Defending America against foreign enemies is the duty of the United States government." is to monitor all traffic entering and leaving the US plus all internal traffic, and being able to selectively cut any of it off on basis of suspicion alone. To use mr. Ginrich's words: "No one should kid themselves.". This is the only possible outcome if his ideas are adopted.

It's like the NSA's dream come true. Not only will they be allowed to tap into everything, Mr. Ginrich's ideas (if adopted) mean that they will now actually be tasked to do that. Plus they get to design and implement some fine-grained kill-switch. Oh, can encrypted communications by private individuals be tolerated? Risky, that. Any non-government or non-whitelisted corporate entity that uses encryption could be a hostile nation in disguise, eh? best to put a stop to that right now. Or err risk "loosing the cyber war".

Comment: How about electronic drugs? (Score 1) 88

by golodh (#48613631) Attached to: Brain Stimulation For Entertainment?
What happens if it turns out to be possible to simulate the effect of drugs use through transcranial stimulation?

Or an experience akin to sexual stimulation?

I have no idea is this is possible, but if it is, will there be any realistic prospect of keeping people from indiscriminate use? And will we see significant groups of people become addicts to such stimulation? Students? Schoolchildren? The jobless?

We already have drug addicts and porn addicts. The former seem to have difficulties (depending on the drug) to keep themselves from overdosing on it if provided access to unlimited quantities of their drug. The latter don't seem to be much of a health risk to themselves though, even if people do get fired for watching porn on the job.

So there really do seem to be public health issues at stake here, and I'd like to know more about the whole thing before taking a position. But it looks potentially scary.

Comment: Re:PRIVATE encryption of everything just became... (Score 1) 379

a red herring and a dead end.

@Karmashock

Because when everyone starts encrypting everything, law-enforcement officials may just get the authority to demand your encryption keys from you, or alternatively, to oblige you to decrypt the stuff for them. Otherwise they'd be stymied. Australia and the UK already have legislation in place to compel people to decrypt their stuff on demand.

And because it's not practical to encrypt everything on every gadget you own with backdoor-free encryption. It's just too bothersome for a normal person.

And because if you don't "cooperate", police may actively search for anything they might conceivably pin on you, so that you can later be offered a plea-bargain in which you reveal your keys in return for the DA dropping twenty-odd far-fetched charges you'd rather not risk having to defend against (even if you could afford a competent lawyer).

And because once you're registered as someone they have encrypted data on, what's easier than to monitor traffic from and to you for (a) patterns (b) weak encryption and (c) passwords.

And because it is probably only a matter of time (a decade or so) for special-purpose quantum computers to become available that can crack your encryption.

And because we're spending a few billion a year making sure that commercially available encryption has weaknesses or even backdoors that are known to the NSA.

So I don't think it's a good idea to tell yourself you're safe from surveillance behind simple technological measures. If anything, it will only mark you as suspicious thereby warranting more effort.

Your main protection was the law, and that just got moved out of the way.

Comment: Bad news, good news (Score 2) 528

by golodh (#48528875) Attached to: The Sony Pictures Hack Was Even Worse Than Everyone Thought
This computer burglary (I refuse to call it a hack) is unfortunate for Sony and its employees.

My condoleances.

On the other hand, it's very beneficial for our society that this sort of data now becomes a matter of public record simply because I'm pretty sure that the extent of data that is collected on employees hasn't been documented quite so clearly and unequivocally before.

Besides which, it's well-documented that law-makers and public opinion generally aren't pro-active on basis of insight, intelligence, or commonsense. No, it always requires one or two actual cases of things going totally wrong to get people's attention. And even then it takes a couple of repeats before the shoot-the-messenger reflex can be bypassed and the underlying issues addressed.

In addition, the release of business information gives a valuable historical reference on how the corporate world works in a way that transcends books and even court records (which are usually sealed anyway where commercial interests are concerned).

So, in this respect, society as a whole benefits from this example of computer-burglary. Now if we could only make the data available in its entirety, or at least in coherent chunks ...

Comment: Re:Already forgotten and ignored (Score 1) 165

by golodh (#48486175) Attached to: Security Experts Believe the Internet of Things Will Be Used To Kill Someone
@spire3661

So what you're saying is: you have no quarrel with the article as such, but you only think Slashdot's editors are at fault for putting it in here because it's too simple? Is that it?

If so perhaps it's good that it was placed on slashdot so as to show us an example of how a train of thought has to be shortened to be suitable for the mainstream media.

Just so that you know ... people who think at the level of this article are the voters who ultimately determine whether and to what extent measures will be taken to address the problem. Not us.

On the whole I'd say it's a good idea to drive that point home to Slashdotters once in a while.

Comment: Already forgotten and ignored (Score 1) 165

by golodh (#48484499) Attached to: Security Experts Believe the Internet of Things Will Be Used To Kill Someone
@Spire3663

Nice snarky comment, but not helpful.

What you seem to forget is that the current trend in development (buzzworded 'Internet of Things") is about to make the infrastructure that is open to unauthorised access a million times more pervasive, and the real-world impact of such unauthorised access a thousand times more severe. As in people getting killed.

This article is one of the first (more or less mainstream) articles where the danger is recognised, named, and presented in a way even Joe Sixpack can wrap his grey matter round.

Please bear in mind that whether *you* realise something is dangerous doesn't matter one way or another because you have zero impact on the trend. You don't matter (and neither do I or any other geek for that matter).

It's only when mainstream media get hold of the idea, the public learns from them, and politicians start worrying because it's what their voters worry about that you'll see any potential for serious adjustment.

So, if you think about it for a few minutes, you ought to be glad that this article is written and you'll see how unhelpful your comment really is.

Comment: Have a look at Teradata (Score 1) 147

by golodh (#48339571) Attached to: Ask Slashdot: Choosing a Data Warehouse Server System?
I've recently had good experiences with running SQL queries on fairly large (# records: 200 mln. plus) databases on a Teradata machine in a corporate environment. I wasn't involved in any sysadmin work, just the statistical modeling / analysis side of things.

The company I consulted for uses SAS (on the mainframe, AIX boxes, and PC's) for almost all of its dataprocessing needs, including ETL work. Now they're looking at "Big Data" and discovered they need parallel processing to make it cost-effective (outperforms the mainframe, no per CPU-second charges, ability to let analysts work on AIX boxes or PC's etc.).

I was able to show significant cost and performance savings in SQL queries over the mainframe (and AIX boxes). Interestingly substantial (50%-100%) speedups were also possible by accessing the Teradata machine in its native SQL (bypassing the SAS "in-database" Teradata support).

The interesting thing about Teradata is that they offer genuine parallel processing (like Hadoop), but offer it as an end-user ready SQL interface to a database engine (you still need sysadmins though). Contrast this to Hadoop where the Hadoop layer is basically the start of the road and you usually have to worry about hardware issues and software architecture issues (such as which database engine to choose) as well. Sometimes you have to take the custom-made route (e.g. Wall-street firms doing automated trading) but sometimes it's an outright liability in a DIY-hostile environment (e.g. in large corporations).

The teradata machine I worked with supports SQL, SAS, and R (which competes with SAS of course, and usually out-competes it when it comes to advanced statistics if you know what you're doing but we had to use SAS exclusively, by order) and could easily handle terabytes of data.

So my suggestion is to take a look at it.

It's not Open Source (although it does support R), and it's less fun for tinkerers, and it's harder to custom-parallise your own algorithms on (I hear, I never tried). On the other hand it does provide a ready-to-run parallelised SQL database and lots of storage. It's not cheap though, but in a corporate environment that's usually not the first consideration.

Comment: Re:Nothing. (Score 2) 209

by golodh (#48315691) Attached to: What People Want From Smart Homes
@Weilawei

So do I, but the mainstream seems to be moving towards something very different.

As in: the majority of consumers seems to want maximum "comfort" (read: "ease of use and no hassle", a.k.a. "I'm lazy and dumb so I need smart appliances"), and that's what industry will provide (on pain of being marginalised and ultimately disappearing).

And guess what? Ease of use and "no hassle" means offloading lots of detailed control decisions to the manufacturer. And that means that said manufacturer has got to distinguish themselves by offering comfort and taking away decisions and cares from home-owners.

It is understood that home-owners are willing to pay for that and that manufacturers incur no penalties by offering dumb gear and putting the "intelligence" on their servers. Those decisions (blinds closed or open, heating higher or lower, anticipating the home-owner's homecoming, level of lighting, when to switch on the air conditioning, burglar alarms, suppressing false alarms cause e.g. by pets etc. etc.), still have to be taken of course. Just not by the home-owner.

Taken together this means a big fat premium on supplying dumb, (but sensor-rich) proprietary hardware, collecting as much data as possible on the habits and preferences of the home-owner, his/her family, children, pets, neighbours etc.etc., storing and analysing all that on the company's servers, and selling the resulting control information to the home-owner as a service. Look for upcoming legislation that not only allows but also compels "domestic service" companies to "share" their information with everyone from law-enforcement, insurance companies (think fire insurance, burglary insurance, health insurance (!)), medical care providing companies (think monitoring of elderly people), market research companies, advertising companies and any other interested party you can think of.

I'm pessimistic about being able to opt out, let alone to stop this kind of thing. For one thing, mass-production will drive down the price of the "mainstream" systems (whatever form they will take), thus marginalising any non-mainstream hardware. Of course manufacturers have zero interest in supplying hardware that will work without their (or another company's) service package so stand-alone or "user-controlled" hardware will come at a premium. In addition you may find that your insurance premiums are higher than without "smart home" automation.

All in all, the stable market situation will probably be a load black-box hardware that needs daily updates and tuning by proprietary off-site control software that eats your privacy for breakfast (on an ongoing daily basis).

Comment: Oh boy ... (Score 5, Insightful) 424

by golodh (#48233881) Attached to: Law Lets IRS Seize Accounts On Suspicion, No Crime Required
First we pass a law that is an open invitation to unintended use (like this seizure law) because it conveniently neglects to mention where it is to be applied and where it isn't.

Then we come over all indignant when that law (which is "on the books") is used outside its originally intended area of application.

Am I the only one who thinks that Congress is to blame here (for passing sloppy legislation), not the IRS or The Government?

Might it not be a good idea to work harder to phrase legislation in such a way that it's difficult to abuse? Or would that cramp the style of "tough-on-crime" politicians?

Comment: your thoughts ... (Score 4, Insightful) 372

by golodh (#48218807) Attached to: NY Doctor Recently Back From West Africa Tests Positive For Ebola
@Globaljustin

IMHO your "opinion" is very very humble indeed and belongs in the category of "uneducated careless speculation with a sensationalist bent".

It may have escaped your notice, but doctors who help out in West-African hospitals come into close contact with a constant stream of very ill people who are in the stadium where they really are contagious, every day for months at a stretch.

Their protective clothing prevents transmission in the vast majority (say 99,9%) of cases (something you can tell by the fact that we still have doctors left treating Ebola patients). The real danger comes when you take off your protective suit. That has to be done carefully so as not to touch the splatters of blood, muckus, tears, sweat etcetera that very ill patients secrete and if possible it has to be decontaminated first.

Now I'm sure your "humble" and uneducated opinion never has been schooled in elementary probability so you wouldn't understand things like P(contagion_after_100_days) = 1 - [P(no_contagion_after_1_day)]^100, but try it this way.

Playing the lottery every day makes it unlikely that you won't win a single prize.

And so it is with medical personnel who treat Ebola patient for months. They run a risk.

So it's no conspiracy (I can feel your incredulity and disappointment) and no case of "fsking idiots" (a term which I'd like to reserve for you personally).

It's easy to shout your (thoroughly humble) head off about stuff you don't understand, but it's not helping anybody and it stands in the way of a rational attitude towards Ebola.

P.S. there is absolutely nothing "insightful" about your post. On the other hand it's revealing. Revealing of a mindset that couples a penchant for conspiracy theories with a complete lack of understanding of risk and a disdain for plain ordinary everyday scientific commonsense that seems to have whizzed over your (so very humble) head.

Comment: What surprises me here ... (Score 1) 79

by golodh (#48204865) Attached to: DHS Investigates 24 Potentially Lethal IoT Medical Devices
is that the Government is actually doing something sensible.

Like airing the vulnerability, launching an investigation, and giving off a signal that the *manufacturers* should pay attention to security and at least make a reasonable effort to make their kit tamper-resistant

It would be in total accordance with a certain political outlook to suppress the news, pose as being "tough on crime" by imposing ridiculous penalties on offences that could be construed as breaking into medical equipment, and criminalising research into and publications of weaknesses.

Perhaps I'm being optimistic ... perhaps this will still happen. That "certain political outlook" I mentioned could be a bit behind the tech news on this issue. We can still hope though.

"Consequences, Schmonsequences, as long as I'm rich." -- "Ali Baba Bunny" [1957, Chuck Jones]

Working...