Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment: Re:Why are Raspbian and Encryption orthogonal? (Score 3, Interesting) 37

by hamjudo (#49218607) Attached to: Kali Linux On a Raspberry Pi (A/B+/2) With LUKS Disk Encryption
They are not orthogonal. This should have been titled "if you are going to use Kali Linux on a Raspberry Pi, here is how to encrypt it".

Kali Linux is designed for penetration testing, among other things. The logs from a penetration test are valuable to dark hats. The advantage of doing this from a Raspberry Pi, is that they are cheap enough to send to each branch of a company, so each network can be individually tested. Sometimes this means that physical security is difficult to ensure. It would be very embarrassing to lose a system during an internal audit. It could quite easily turn into a career ending event, if that led to a security breach.

Disclaimer: I've never used Kali Linux, nor did I look closely at this technique to see if there is something stupid in the instructions.

Comment: Change the rules, to make the problems solvable. (Score 3, Insightful) 161

by hamjudo (#49207145) Attached to: Why It's Almost Impossible To Teach a Robot To Do Your Laundry
I want clean clothes, I don't need something to clean them the way I would clean them. I am willing to buy clothes that are robot cleaning compatible.

I like machine assisted dish cleaning so much, all of the dishes we own are "dishwasher safe" except for a couple wine glasses. They aren't all labeled dishwasher safe, but in those rare cases when the dishwasher destroyed something, I made sure not to buy another dish with that weakness.

Likewise, all of the clothing I use on a regular basis have survived trips through the washer and dryer.

For me, a complete laundry system would take the clothes out of the hamper, wash and dry them, and put them away. In order to put the clothes away, the robot would need to know where they are supposed to go and how to prepare them for storage. I am not afraid of RFID tags, but if I were, there are many other options for creating labels a robot can read.

Folding clothes isn't hard once the clothing is identified, flattened and positioned. The robot readable labels take care of the identification. In exchange for something else doing the work, I am not adverse to having ferrous rings sown into key points, so the system can magnetically grab those points to spread out and align the garment in the folding station. I am not adverse to having clothes rolled up, if that turns out to be easier.

I don't require that a robot adapt to my garage sale dressers. I just need the right clothes in the morning. There are many pick and place technologies. If for some reason it is easier for the cleaning system to deal with cartridges, I can live with that. The cleaning system can load an underwear cartridge. The transport system can load the cartridge into my dresser replacement. Then the dresser replacement can dispense underwear as needed.

Comment: Anthem is a publicly traded company (Score 5, Interesting) 116

by hamjudo (#49193105) Attached to: Anthem Blocking Federal Auditor From Doing Vulnerability Scans
Anthem is traded on the NYSE under the symbol WLP.

They should be required to file an 8K form to legally inform all of their stock holders that they have material news that may adversely affect their future stock price, or even company viability.

After having been informed of extreme security issues on our network, Anthem Inc has elected to ignore the situation. Furthermore, Anthem Inc's network is so embarrassing, that Anthem Inc has decided to risk significant fines and legal expenses, rather than allow adults to see just how bad it is.

Translation, shareholder lawsuits may be addressed to Joseph R. Swedish, et al.

Comment: There is science here (Score 4, Interesting) 21

by hamjudo (#49176945) Attached to: Rosetta Photographs Its Own Shadow On Comet 67P/C-G
This is more than just a selfie, the shadow cast by a known object adds depth, scale, and many other scientifically interesting details about the comet, and about the space craft itself.

And for those who like science fiction... If any aliens are riding the Rosetta probe, they will have to duck while the picture is being taken.

+ - How Google avoids downtime->

Submitted by Brandon Butler
Brandon Butler writes: Google has an innovative way of attempting to keep its services — like its cloud platform and apps — up and running as much as possible. The man in charge of it is Ben Trenyor, who runs Google's Site Reliability Engineer (SRE) team.

Each Google product has a service level agreement (SLA) that dictates how much downtime the product can have in a given month or year. Take 99.9% uptime, for example: That allows for 43 minutes of downtime per month, or about 8 hours and 40 minutes per year. That 8 hours and 40 minutes is what is referred to at Google as an “error budget.”

Google product managers don’t have to be perfect — they just have to be better than their SLA guarantee. So each product team at Google has a “budget” of errors it can make.
If the product adheres to the SLA’s uptime promise, then the product team is allowed to launch new features. If the product is outside of its SLA, then no new features are allowed to be rolled out until the reliability improves.

In a traditional site reliability model there is a fundamental disconnect between site reliability engineers (SREs) and the product managers. Product managers want to keep adding services to their offerings, but the SREs don’t like changes because that opens the door to more potential problems.

This “error budget” model addresses that issue by uniting the priorities of the SREs and product teams. The product developers want to add more features, so they architect reliable systems. It seems to work; according to tracking company CloudHamrony, Google had one of the most reliable IaaS clouds among the major vendors in 2014.

Link to Original Source

Comment: Test your security with false information (Score 4, Interesting) 89

by hamjudo (#49143043) Attached to: OPSEC For Activists, Because Encryption Is No Guarantee
In the days of brick and mortar spying, the people being spied on would send messages that included false meeting times and locations. For example, in a town with underground utilities, announce a meeting to take place in a rarely used manhole. If the manhole cover is disturbed, then you know that the communication channel has been compromised. No math is required.

The high tech equivalent would be to mention a network resource where access can be monitored. When the network resource is accessed, you know there is a problem.

Comment: Re:Who cares about rotational speed these days? (Score 1) 190

If your data is valuable, you will need to mirror the drives or use RAID. So one limitation is how quickly you can add a drive to your mirror system.

It would take 11 hours to fully mirror from one 6 TByte WD drive to another, if your system can actually manage to sustain 138Mbytes per second as shown on page 5 of the article. Obviously, the transfer will be slower, if the data is actually used for something.

If a disk dies, at best you are looking at half a day before the system is fully redundant again. Probably multiple days in the real world.

Comment: Chicken tissue is a stand in for human soft tissue (Score 3, Informative) 81

by hamjudo (#48483053) Attached to: Single Pixel Camera Takes Images Through Breast Tissue
They are working with 6 mm samples. They need to improve that by a factor of 5. Only a small percentage of women at risk for breast cancer can tolerate having their breasts compressed to 30 mm for imaging, but it is a large enough percentage to start doing human test trials. Assuming the image quality is high enough.

With existing xray based mammogram machines the more the breast is compressed, the better the image. There is abundant research on breast compression for imaging, just a google away.

Perhaps in a few years, this technique will be refined to the point where it can image through 3 cm of tissue in a reasonable amount of time, and produce a clinically useful image. Then we will hear about this technique again. Hopefully, it will be improved to the point where it is suitable for use on the entire population.

Comment: Re: your car analogy is umm close. (Score 2) 51

by hamjudo (#48475381) Attached to: Riecoin Breaks World Record For Largest Prime Sextuplet, Twice

It's like there is this long, infinite road and along this road are mile markers and every so often one of these mile markers has a rest stop at it. Mile marker 3, 5, 9, and so on. The farther your drive however the more you notice how spread out these rest stops are, eventually having thousands upon thousands of miles between them. Then, as in this article, you discover a pack of six rest stops very close to each other when all the other ones were thousands of mile markers apart. Thats probably the closest I can get this to a car analogy.

There are rest stops at 2, 3, 5, 7, 11, 13, and so on, but 9 is not a rest stop. The first two overlapping sets of six rest stops aren't spaced the same as the rest, and thus don't have the same mathematical properties. The Riecoin compliant prime sextuplets, err, I mean rest stops on the infinite highway are {7, 11, 13, 17, 19, 23} and {97, 101, 103, 107, 109, 113}, except they are too small for cryptography.

+ - Scientists Study Frequency Distribution of Paraphilia

Submitted by HughPickens.com
HughPickens.com writes: Antonia Molloy reports at The Independent that scientists at the University of Montreal have completed a study of what exactly constitutes an atypical sexual fantasy or paraphilia. They set out to define sexual deviation by grouping sexual fantasies according to how widespread they are. For example, dreaming about sleeping with two women is common, while fantasizing about having sex with an animal is not. “Clinically, we know what pathological sexual fantasies are: they involve non-consenting partners, they induce pain, or they are absolutely necessary in deriving satisfaction. But apart from that, what exactly are abnormal or atypical fantasies?” The scientists asked 1,517 Quebec adults (799 men and 718 women) to rank 55 different sexual fantasies, as well as to describe their own favorite fantasy in detail. Of this sample, 85.1 per cent were heterosexual, 3.6 per cent were homosexual and the remainder identified as neither of these. Overall, it was found that men had more fantasies than women and they also described these more vividly.

One theory of sexual fantasies is that our fantasies are psychological mechanisms for coping with anxiety but the number and taxonomy of paraphilias is under debate; One source lists as many as 549 types of paraphilias. The Canadian study found that thirty sexual fantasies were common for one or both genders. A significant proportion of women (30 per cent to 60 per cent) had fantasies involving elements of submission – but many also specified that they never wanted these to come true. By contrast, the majority of men did want their fantasies to become reality. "Our main objective was to specify norms in sexual fantasies, an essential step in defining pathologies," says Christian Joyal, lead author of the study. "And as we suspected, there are a lot more common fantasies than atypical fantasies."

Comment: Home Depot is getting off cheap (Score 5, Interesting) 99

by hamjudo (#48330589) Attached to: Home Depot Says Hackers Grabbed 53 Million Email Addresses
TFA says that Home Depot expects to pay "$62 million this year to recover from the incident", referring to exposing the details on 56 million credit cards. That's only $1.11 per exposed card. I used a credit card there during the period, so my Credit Union sent me a new card, plus two other physical letters about the incident. That had to cost them more than $1.11 per affected customer.

Comment: Is it legal to make code compatible alternatives? (Score 1) 700

by hamjudo (#48206101) Attached to: FTDI Reportedly Bricking Devices Using Competitors' Chips.
The fake chips that have FTDI stamped on the outside of the package are clearly misusing the FTDI trademark. On the other hand, those that don't cheat with the labels, and only use the string "FTDI" so they will inter-operate with existing software should be legal. I am not a lawyer. My opinion of what should be legal may not match what the courts rule as legal.

"I got everybody to pay up front...then I blew up their planet." "Now why didn't I think of that?" -- Post Bros. Comics

Working...