Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Don't make it impossible, just make it hard (Score 1) 329

by hankwang (#49355915) Attached to: Modern Cockpits: Harder To Invade But Easier To Lock Up

"Why would the cabin crew have the code? The code is for the pilots."

Here is airbus's own explanation:

TL;DW: if the pilots are incapacitated, the cabin crew can punch a code to save the day; the door will unlock after 30 seconds unless the pilot pushes the button to deny access. (the pilots are alerted by a beeping signal.) Actually, a pretty sensible way to do it.

Comment: Re:Waste of time (Score 1) 252

"like that will collect dust in megaton quantities. And you can't hard-seal the device away to avoid moisture because it'll overheat in short order."

Dust and moisture are being mentioned again and again here. I don't get that. Most dust is generated in places where humans shed skin flakes, rub clothes, and walk over carpets. Where does all that dust come from in a crawlspace? From that tiny amount of airflow? Spores of massive fungal growth? (then you have another problem to deal with first).

As for humidity: a running server will always be slightly higher in temperature than the environment. I don't see how water vapor that has been flowing along lots of cooler surfaces can condense on the server. It would only be a problem if you put the server very close to a ventilation opening, if warm humid air enters from there. Or if condensation is actually dripping from the crawlspace ceiling, onto the server.

Comment: Re:Do that for the laptops as well (Score 2) 51

by hankwang (#49265319) Attached to: Fujitsu Could Help Smartphone Chips Run Cooler

"That would reduce the fans work (and their own heat!)"

Years ago, I bought a Shuttle barebones Pentium 4 with a heat pipe, hoping that it would be as quiet as the Mac Minis of the time. It was disappointing. It saved having separate CPU and PSU fans and it was a bit less noisy than the average beige box pc, but still very noticeable.

A problem with heat pipes is that they are not flexible, so the motherboard, case-mounted fan, and heat pipe must match exactly. Not so suitable for do-it-yourself pc building. And in order to reduce noise, you still need to spread the heat over a large surface, i.e. attach a lot of lamellas to the heat pipe, that you could just as well have attached directly onto the cpu cooler.

Comment: Re:Speed penalty of encryption (Score 1) 124

by hankwang (#49263165) Attached to: Google Backs Off Default Encryption on New Android Lollilop Devices

I don't know about TWRP though, stcok CM does

ClockworkMod (if that's what you mean by "Stock CM" bootloader) on my older Android-2.3 device has an option "Backup", which will write a backup of /data on the removable SD card; I don't even need to connect over adb (but if I try, it doesn't complain). Maybe this has changed with more recent CWM releases, but for me this was a major reason to encrypt /data on all my Android 4.x devices that run CM.

I'm using TWRP because CWM cannot handle an encrypted data partition, so it has nowhere to store the new ROM image on devices without a physical unencrypted SD card. TWRP will happily accept an ADB connection from an unknown device. (Just to make sure: I just revoked all ADB authentications, rebooted into Fastboot (Power+Volume), selected Recovery, and connected over adb.) Anyway, because the device is encrypted with a long passphrase, I don't care that much.

Comment: Re:$30 Timex (Score 1) 389

If a watch is watertight for 50 m static water pressure, then it is also watertight for 45 m static water pressure in combination with an enormous amount of dynamic pressure. So that cannot be the reason why usually the depth ratings are translated as "splash proof" (30 m), "you can swim" (50 m), and "you can dive to the bottom of the swimming pool" (100 m).

Comment: Re:$30 Timex (Score 1) 389

You also need to take into account peak water pressures; the rating is measured as a static object in water, doing something like diving into a swimming pool subjects the watch to significantly more water pressure

That's a common misconception. The dynamic pressure is additive (not multiplicative) and amounts to about 0.5 rho v^2, where rho=1000 kg/m3 is the densitiy and v the velocity. For example, at v = 10 m/s, the added dynamic pressure is 50 kPa, equivalent to only 5 m extra depth under water.

Comment: Re:$30 Timex (Score 1) 389

"50m or 100m, which are adequate for any practical purpose. Above that you're paying for fantasy value. Watches rated at 200m and above might as well claim a gazillion meters; you'll never be the wiser."

I thought that these ratings have more to do with the reliability/longevity. At least, I've owned two 300 euro "100m" Seiko watches that lost their water-tightness over the course of a few years, because the seals of the crown degraded from exposure to sweat, soap, and the occasional sea water. Repairs were quoted as 150 euros, so I didn't bother.

Now I have a a Pebble.

Comment: Re:Kaspersky Lab (Score 1) 129

by hankwang (#49239359) Attached to: New Evidence Strengthens NSA Ties To Equation Group Malware

With a rainbow table you can brute-force a password if you know the password hash. You need only one login attempt -- and you need the hash, for which you normally need root access to start with, at least for the last 20 years. Unix/Linux passwords have always been stored as salted hashes, which makes rainbow tables not practical. The practical way to brute-force a password is therefore a dictionary attack.

Comment: Time travel (Score 1) 277

by hankwang (#49206253) Attached to: Daylight Saving Time Change On Sunday For N. America

If we ever do invent time travel, I figure it's going to be routine for people to show up from the future for important historical events and discover they're an hour off.

And image that you have the right location, and you discover upon arrival that you missed Planet Earth some 100,000 km in its orbit around the sun and you see it around the size of a fist at an arm's length as you suffocate...

Comment: Re:Speed penalty of encryption (Score 1) 124

by hankwang (#49204039) Attached to: Google Backs Off Default Encryption on New Android Lollilop Devices

Locking the bootloader only prevents replacing the bootloader. For both the TWRP and the ClockworkMod boot loaders: locking does not prevent going into the bootloader (on devices that let you do this by pressing the volume button on power on, such as the Nexus 5 and Nexus 7 (2012)) and making a backup of the data partition, e.g. onto an SD card. Moreover, ClockworkMod cannot handle encrypted data partitions, which seems to make it impossible to do upgrades on a device without SD card. TWRP does support encryption, but it does not do adb authentication.

I don't see your point about killing recovery options. With an encrypted device, it's still possible to do a factory reset. With an encrypted device + TWRP, you can even make a backup of the data partition. (My N7-2012 with stock Android corrupted the encrypted data partition on upgrade to Lollipop; only way out was a factory reset. Grrr. I flashed CyanogenMod+TWRP+encryted data, but the bug in the flash memory controller hit me and made the whole tablet unbearably slow. Grrrr!)

Comment: Re:Speed penalty of encryption (Score 1) 124

by hankwang (#49175685) Attached to: Google Backs Off Default Encryption on New Android Lollilop Devices

if it happens on every mail sync, podcast download

In that case, the bottleneck is the data transfer over Wifi or 3G. At least, I'm pretty sure that I never reach 27 MiB/s (270 Mbit/s) data transfer rates. The wake time will not be affected in such cases. I think it's only activities such as app startup and media indexing that are affected by slow storage bandwidth.

And otherwise, encryption is really a must for me. With a custom ROM and bootloader (and no encryption), it's too easy for someone else to extract all personal data from the device, including credentials for my Gmail account and my banking app, both of which can have actual financial consequences.

People will buy anything that's one to a customer.