Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Comment Flip the classroom (Score 1) 46

the model espoused by Kahn academy and others is to flip the classroom. You still go to school. But you watch the lesson at home before class. The teacher summarizes the key points in class then they rest of the time is spent working problems from the lesson .

So it's no a no school mooc but just the opposite. You have to watch the lesson by a deadline then you get intensive application experience to find the bugs in your understanding guided by a teacher in a more one on one way.

These mooc videos will be very useful once schools try using them that way. You can imagine having multiple less masterful instructors in the classroom and the master teacher on video saved for all time and in competition with competing master presenters.

Comment I have bad news for you (Score 1) 384

Long time windows hater here , use Macs and Linux, but I accidentally ended up with a windows PC a month ago. My first impression of it, with windows 8 installed, was oh my god, I heard that windows 8 was ten steps back, but I had no idea everyone was right. It was far less intuitive and usable than XP for example. But I decided to upgrade to windows 10 because I had read some good reviews but diehard mac users. From an out of the box factory recovery of windows 8 to an installed windows 10 was an 8 hour ordeal with a few cryptic steps one had to google along the way. It's truly mind boggling that that Microsoft can't figure out how it install a new OS in less than 8 hours. I was going as fast as one could go, the problem was not the dowload speed, that was instant comparitaively on my fast connection. It was that it had to do about 250 incremental and 2 major system updates before it would let you even request windows 10.

Anyhow once I got windows 10 installed. I was expecting to hate it. I'm sort of upset that it's so good. It basically is very close to a well configured linux mint in look and feel. The start menus is back and those crazy pants tiles with tonnes of crap you never asked for are wrangled into a small corner of the start menu and trimmed down to just the things you use a lot. The best description of the OS is that it no longer gets in your way so it's more like every other OS now.

It's still baffling in the directory layout and the mysteries of the registry. And since I have no idea how to use power shell I feel completely helpless; unistalls are inscrutable. And there's still the problem of crapware that burdens this. After you install Norton Utilities tries to trick you into installing it before revealing that it is payware. Within 2 weeks I got the entrire system trojaned with mal ware. I wasn't trying to do anything bad at all. I was trying to install an editor for minecraft mods and it came wrapped in something called openDownloader which just hosed my system. I told the windows 10 to revert it self, so I lost all my installs but at least got my computer back from the grave. What's meaningful about that ordeal is that it was the first time in my entire life that I got hit with malware. Iv'e certainly managed to download accidental malware on linux and mac, but it's always been possible for me to either inspect it enough to figure it out beofre the install or to install it under conditions (like not root or with a sandbox) that it was neutered or at the very least find every file that got touched. So malware has never been a problem for me before ever before I used a modern windows machine.

So between the 8 hour ordrdeal and the instant rooting I'm not a fan on Microsoft design. But if you are a savy windows user, have an already updated computer (not a factor reinstall) then installation will be a snap, and you will love this operating system. It's so mac and linux mint like.

Comment Winning? yes that was the goal. (Score 2) 53

I see a lot of comments here about the term "winning" being jingoist or otherwise Soviet bashing. In this day and age of infinite nuance one can see why avoiding terms that imply superiority or seem revisionist depending on your subjective interpretation is politically correct. However, At the time of the great space race, the politically correct way of looking at things was in terms of "winning". The moon was a race. Part of the race was about building booster rockets that would be useful for ICBMs. But another was the race for mindshare in world where both russia/soviet and the US thought in terms of spreading communism. As time wore on, the space race also became a way for the US and Russia to releave the tensions of the proxy wars and find a new playing field in which cooperation was possible. Skylab and the soviet counterpart were plans for which guests from each country might be welcomed on board. But each country wanted to "win" in terms of being the host not the guest. This later paved the way for more cooperation with the international space station. bit by bit, then sportsmanship in space became a route to ties, cooperations and maybe trust, which helped with the START ballistic missile limitation treaties. So there's really nothing wrong with calling this "winning" as that was the terms of this sporting conquest of space was in fact waged under. It was a race and doing it better than the other guy was the goal. THe early russian firsts with sputnik and laika and the crash landings on venus and the moon and mars showed it was a race. The US response was to do everything better rather than be the also ran in same category of accomplishment. Thus it's not unfair to chest thump that the US did achieve more successful and elaborate missions even if the Soviets got somewhere first. It was about winning. But the off earth sporting contest created some cooperative sportsmanship too. THese days people think that contests create contention and the opposite, altruistic cooperation, is the morally superior route to reliving contention but the space race showed that cooperation can emerge out of contests too.

Comment funding the lander. (Score 5, Interesting) 53

The viking mission was only funded for about 60 days of data collection. Yet the data kept flowing for years. Somehow they managed to keep the monitoring stations open to capture and archive the data. But it just was spooled onto magnetic tapes and stored on shelves. Years later I came along as a summer student and manually loaded the tapes one by one and read them onto a disk, and was the first person ever to know and analyze the multi-year weather data sets. Virtually every other nasa mission has the same budget profile of expecting early failure so not budgeting in the costs of maintaining the mission. No doubt it's a good strategy if they feel to be able to come back and ask for more, but as my experience shows sometimes that doesn't work and you don't get the extra funding. Also in hindsight, given the unknown local boulder field where one of them landed, there was a low probability of a successful landing, so maybe someone figured 60days was the average lifespan given the high infant mortality of landers.

When the Landers eventually died no one was sure why. It was thought maybe a bad instruction put them into a state that drained batteries or something. At that time James Tillman (U.W.) asked for a small 5K budget to put together a manual that would detail the RS232-like external connectors on the lander and explain how to repower and and communicate with the device from the outside--- should anyone ever happen to go there in the future and be physically present it would be easy to turn it back on. But that was never funded.

The landers themselves were built to specs that no subsequent mission has used. In particular they were worried about sterilizing the lander of all earth living material so it was baked at such a high temperature most conventional electronic materials (at the time) would have failed. For example, The data collected was cached on tape while it was out of sight of the satellite data link to earth. But conventional ferric oxide tapes would have melted in the sterilization process, so they took a page from Hitler's scientists who pioneered magnetic recording on magnetic stainless steel tapes. Radiation damage to integrated electronics in satellites was a big problem at the time, and I'm not sure why that's different now, but in any case they decided to use core memory rather than chip memory. (hence the term "core dump" for all you youngsters). Only this wasn't your grandmother's knitting style core memory but rather the cores were applied by evaporating the magnetic material onto the wires allowing a tight radiation impervious memory mesh to be synthesized. The wind and temperature sensor had no moving parts. Instead it consisted of three temperature sensors mounted on short poles at right angles to each other, and a hot wire mounted on a pole diagonal to all three. When the wind blew the thin martian atmosphere it would blow the heated air over the temperature pickups differently and from there one can solve the inverse problem of pressure (density), temperature, and wind speed and direction.

Comment The upside of patent holding (Score 1) 40

Someone who holds patents without producing anything for the purpose of extracting royalties is not a patent troll.

Patent trolls are bad. These are people who exaggerate their patent's originality and breadth to practice extortion-- extortion usually comes in the form or asking for money at a sufficiently small sum compared to what the company might risk losing if it pressed the case.

but holding companies that don't act like patent trolls are hugely valuable. For example, consider the company PDLI. it holds biomedical patents and it's most profitable patent is "Queen et al", which is a general method for humanizing antibodies (that is what lets you take antibodies developed outside of humans and turn them into drugs suited for humans). The people who developed the patent were lab researchers who have no ability or interest in making commerical scale drugs. That's why we have drug companies. They sell the patent to PDLI for assured income, and PDLI takes on the risk of marketing the patent. Drug companies use the patented process to make and sell comerical drugs. The researcher's are not waiting around for the drug companies to have success to get paid. Thus everyone in the food chain here is doing exactly what they are good at doing. The patents would not be in such widespread use without PDLI stepping up to arbitrage the risk and make the market for the patent work.

Arbitragers are good.

Patents are valuable to society becuase comapnies will often not invest the time and effort into refining a method of production if they can't be protected from upstarts. Thus technology and science enter the commercial arena more quickly when patent protection lets a company take the investment risk. THat is, by liscencing a patent either exclusively or one with a high price their is a strong barrier to competition from upstarts. At the right level of exclusivity or price this actually enhances the use of the technology not diminishes it by exclusion. An logically, the patent holder sets the terms where they get the most money which comes from the most valued use of the invention. SO society benefits.

Thus there's a huge difference between extortionists with bad patents wield as war clubs against companies not able to defend themselves and non-producing patent holders which are hugely beneficial to society.

using the phrase non-producing patent holder as the definition of a patent troll is wildly inaccurate and misleading

Comment No alaska will get the traffic jam (Score 3, Funny) 280

when thousands of unconscious drunk people, faces covered in felt marker writing wake up and stumble out of their cabs and collectively ask where the hell am I. And the cab says "Anchorage Alaska, that'll be $1500.00 for the ride."
At least there will be enough cabs to take them home right there.

Comment use slashdotFS (Score 3, Funny) 219

I use slashdotFS which is a markovian random comment generator which effectively embeds data in a stegenographic comment. The FS handles the details of creating and saving these so it's all transparent and mounts on your desktop like a regular drive. It's slow but it's capacity seems unlimited and frequently gets modded insightful

Comment bUber (Score 5, Funny) 247

Perhaps that explains why my company bUber (pronounced Boob Urge) has bee so tied up in the courts. The concept is simple our company iPimp arranges meetings of escorts in hotel rooms. The contractors are all independent contractors, making a little money, but really they are their to give their single serving friends, we call them rides, a hand. This is completely different from normal prostitution, it's a different bussiness model even though it fills the same niche. In places where whore houses are well regulated, inspected and liscenced one can see that we don't need to meet such requirements since our service producers are independent contractors. Our rates are lower since were just making connections between people who might not be full time whores. They just notify us when they are available and we make use of what would otherwise would have been wasted time. We have surge pricing for conventions and with that can get more providers on the street when they are needed.

Recently Uber approached us because it fits well with there model. Our providers need delivery to addresses, and their drivers can act as sales agents for us as well. But they are reluctant to merge with us until we can shake these ridiculous legal problems. We certainly are not a traditional whore house.

Comment Re:I still don't understand (Score 1) 130

setuid is for executables. /etc/sudoers is root owned/readable but it's not executable, so there's no set UID on this file. I think the exploit you are describing is acutally another clever way to achieve a root priv escalation. using sudoers is more direct but also perhaps easier to detect.

Comment I still don't understand (Score 1) 130

That command is a riddle and, forgive me, but I think your explanation is wrong.
the final sudo -s is not there to create an error. it's a perfectly fine command and is that to just make you root on the spot.

I think a partial explanation of what goes on is this:

the first bin just creates the text you want to shove into the sudoers file. that's clear enough.

the pass to >&3 is saying send this text to file descriptor 3. This doesn't exist..yet...but it will shortly.

So how does the file open happen? Well if you put an environment variable definition in front of a command, what happens is the command runs with that environment variable temporarily set for the duration of the command. thus

DYLD_PRINT_TO_FILE=/etc/sudoers newgrp

says create the env DYLD_PRINT_TO_FILE temporarily and set it to /etc/sudoers and after setting that, then execute newgrp.

newgrp doesn't actually do anything at all here other than launch a new shell which promptly quits. However it does run with setuid root privilege.

guessing here: And while it's running but not doing anything the system goes, oh, I better open a stream to the DYLD_ file because there might be some output to log there. So it opens that file pre-emptively and duly assigns it to file descriptor 3 for input.

unfortunately DYLD has inherited the permission of newgrp to do that, so its doing a file open as root too.

  So we can now write to 3 and DYLD_ redirects that into the file.

at this point I'm not sure what happens exactly. One possibility is the obvious which is that what we write to file descitor 3 goes into the file represent file descriptor 3. that's simple if that's what bash would do. However the explanation of the exploit notes that DYLD_ also fails to close it's file descriptors. In which case what happens is that the newgrp command just exits but because the pipe made it a child, it's parent inherits the dangling filedesciptor. and then that's why we can write to that. I really don't know my bash well enough to say which of those might be the right mechanism here. if either.

anyone alse want to explain?

Another point I'm fuzzy on here is whether the writer needs to have the same setuid as the reader.

Klein bottle for rent -- inquire within.

Working...