Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Submission + - Tools Coming To Def Con For Hacking RFID Access Doors->

jfruh writes: Next month's Def Con security conference will feature, among other things, new tools that will help you hack into the RFID readers that secure doors in most office buildings. RFID cards have been built with more safeguards against cloning; these new tools will bypass that protection by simply hacking the readers themselves.
Link to Original Source

Submission + - Could the Slashdot community take control of Slashdot? 10 10

turp182 writes: This is intended to be an idea generation story for how the community itself could purchase and then control Slashdot. If this happened I believe a lot of former users would at least come and take a look, and some of them would participate again.

This is not about improving the site, only about aquiring the site.

First, here's what we know:
1. DHI (Dice) paid $20 million for Slashdot, SourceForce, and Freecode, purchased from Geeknet back in 2012:
2. Slashdot has an Alexa Global Rank of 1,689, obtaining actual traffic numbers require money to see:
3. According to Quantcast, Slashdot has over 250,000 unique monthly views:
4. Per an Arstechnia article, Slashdot Media (Slashdot and Sourceforge) had 2015Q2 revenues of $1.7 million and have expected full year revenues of $15-$16 million (which doesn't make sense given the quarterly number):

Next, things we don't know:
0. Is Slashdot viable without a corporate owner? (the only question that matters)
1. What would DHI (Dice) sell Slashdot for? Would they split it from Sourceforge?
2. What are the hosting and equipment costs?
3. What are the personnel costs (editors, advertising saleforce, etc.)?
4. What other expenses does the site incur (legal for example)?
5. What is Slashdot's portion of the revenue of Slashdot Media?

These questions would need to be answered in order to valuate the site. Getting that info and performing the valuation would require expensive professional services.

What are possible ways we could proceed?

In my opinion, a non-profit organization would be the best route.

Finally, the hard part: Funding. Here are some ideas.

1. Benefactor(s) — It would be very nice to have people with some wealth that could help.
2. Crowdfunding/Kickstarter — I would contribute to such an effort I think a lot of Slashdotters would contribute. I think this would need to be a part of the funding rather than all of it.
3. Grants and Corporate Donations — Slashdot has a wide and varied membership and audience. We regularly see post from people that work at Google, Apple, and Microsoft. And at universities. We are developers (like me), scientists, experts, and also ordinary (also like me). A revived Slashdot could be a corporate cause in the world of tax deductions for companies.
4. ????
5. Profit!

Oh, the last thing: Is this even a relevant conversation?

I can't say. I think timing is the problem, with generating funds and access to financial information (probably won't get this without the funds) being the most critical barriers. Someone will buy the site, we're inside the top 2,000 global sites per info above.

The best solution, I believe, is to find a large corporate "sponsor" willing to help with the initial purchase and to be the recipient of any crowd sourcing funds to help repay them. The key is the site would have to have autonomy as a separate organization. They could have prime advertising space (so we should focus on IBM...) with the goal would be to repay the sponsor in full over time (no interest please?).

The second best is seeking a combination of "legal pledges" from companies/schools/organizations combined with crowdsourcing. This could get access to the necessary financials.

Also problematic, from a time perspective, a group of people would need to be formed to handle organization (managing fundraising/crowdsourcing) and interations with DHI (Dice). All volunteer for sure.

Is this even a relevant conversation? I say it is, I actually love Slashdot; it offers fun, entertaining, and enlightning conversation (I browse above the sewer), and I find the article selection interesting (this gyrates, but I still check a lot).

And to finish, the most critical question: Is Slashdot financially viable as an independent organization?

Comment Re:Budget (Score 3, Informative) 106 106

This is what they say on the Kickstarter page:

Isn't the Smithsonian federally funded? Good question! Federal appropriations provide the foundation of the Smithsonian's operating budget and support core functions, such as building operations and maintenance, research, and safeguarding the collections. Projects like Reboot the Suit aren't covered by our federal appropriations, which means we can only undertake them if we can fund them some other way. In other words, we won't be able to do this project without the participation of Kickstarter backers.

Comment Re:I must've missed the previous discovery (Score 1) 89 89

Actually I wonder why 'piquancy' or 'pungency' (like in pepper) is not considered a sixth taste. It is sensed by a specific receptor and it is triggered by a variety of compounds: various capsainoids from peppers and compuonds in black pepper, mustard/wasabi, raw garlic, and so on.

Comment Re:Legislate 50% less consumption? Good fucking lu (Score 1) 477 477

"miniscule compared to the toxic stuff released during the generation of the extra electricity required for the incandescent bulb."

That depends on the type of exhaust scrubbers fitted to the coal power plant and the type of coal used. I'd wager that technology exists and is actually being used to make the exhaust pretty much free of toxic stuff. The sulfur is converted to gypsum (used in drywall), the ashes are an additive to concrete, etc..

What cannot be suppressed is the (nontoxic) CO2 emission. It would be good to quantify things beyond "a lot" and "much more". Electricity can be converted to electricity to electricity at 1 to 2 kWh/kg depending on who you believe (can't be bothered to find out why different values exist). Assumie a CFK lasts 3000 h (actually they should last 6x longer, but it seems to be too optimistic for many use cases) and an incandescent 1000 h. A 60 W incandescent will use 180 kWh over 3000 h, i.e. 90 to 180 kg of coal. The CO2 emission is about 3.5 times that weight.

Comment Re:Infrared cameras are expensive (Score 1) 192 192

$200 for an 80x80 FLIR camera? Which model is that? I'm looking at the FLIR selection, but the only one that comes close is an IR plugin for an iPhone, 80x60 pixels. At a 9 Hz frame rate, I don't think that sensor would be suitable for analyzing road obstacles while driving, never mind the resolution.

Comment Re:Infrared cameras are expensive (Score 1) 192 192

You don't use high-resolution cameras for this job. You use a highly sensitive normal camera and then you use the thermo camera right next to it for object detection and for gain control on the primary camera.

That would sound plausible, except that the image that they show in the video clip (0:28) is a fairly high-resolution fully thermal image without blending with a visible-light image.

Comment Infrared cameras are expensive (Score 1) 192 192

I was going to rant about how this thing is going to dazzle pedestrians, but fortunately, the video shows that it will mainly lighten up their legs. Wheelchair riders beware, though.

Anyway, the system as described uses thermal IR cameras. I'd say that technology is way too expensive even for high end cars. Thermographic cameras capable of around 200x150 pixels are commercially available for around 5 kEUR and I suspect that that resolution is still too low to recognize a pedestrian at 50 m distance and at the same time have a reasonably wide field of view. You can get 80x80-resolution systems for around 1 kEUR, but those will definitely be useless for the present purpose.

Comment Re:Good Idea, and a Possible Modification (Score 1) 120 120

"no real attempt to move the launch platform up to 80,000 feet or so using gas balloon technology. I would have thought this would be feasible, and could result in a substantial fuel saving."

The fuel cost of a launch to low orbits is not for the altitude, but for gaining enough speed to stay in orbit, i.e. about 8 km/s. The gravitational energy becomes significant if you need altitudes comparable to the earth radius (6400 km).

Comment No? (Score 1) 196 196

It tried to RTFA, but it was in Japanese! I thought Japanese didn't have a word for "no":

Japanese also lacks words for yes and no. The words "hai" and "iie" are mistaken by English speakers for equivalents to yes and no, but they actually signify agreement or disagreement with the proposition put by the question: "That's right." or "That's not right.

Comment Re:Is there any value in studying this? (Score 5, Informative) 44 44

studying an encryption scheme that is widely considered completely and irreparably broken?

All known issues with RC4 have to do with statistical biases in the first bytes of the key stream, in particular the first 256 bytes (this paper also mentions a significant bias at byte 258). As far as we know, all issues with RC4 are avoided in protocols that simply discard the first kilobyte of key stream before starting to apply the key stream on the plaintext. SSH does this (discarding the first 1.5 kiB IIRC). For WPA I can imagine that this workaround would have an unacceptable performance penalty on small data packets. For some reason, this approach was never implemented for TLS/HTTPS or WPA.

So why would one be interested in RC4? It's significantly faster than AES when run on processors that do not have hardware AES support. If I use scp and rsync-over-ssh to copy files to devices like a Raspberry Pi or my home server which runs on a low-power VIA processor, it's a big difference (aes versus arcfour), something like 4 MB/s versus 8 MB/s. Here are some benchmarks: openSSH cipher benchmarks.

I keep my eyes open for papers like this, in particular I check whether they make statements on weaknesses after the first kilobyte of key stream.

Comment Re:Hotmail's whitelist is an effective system (Score 1) 55 55

"Congratulations, you're a spammer."

You're jumping to conclusions. There are perfectly legitimate reasons for that kind of mail volumes, such as administrering mail servers of a company that handles customer support tickets or a web shop with order confirmations, shipping notices, and invoices (3 emails per order). It could also be an opt-in mailing list.

Comment Re:Photos still stuck in... (Score 3, Informative) 177 177

Problem is that these photographers are still stuck in the 20th century, and will give you a printout.

They changed the photo business in the biggest attraction park in the Netherlands, quite recently. They used to charge EUR 10 or so for a single printout. Now they sell you a 4 GB USB stick for EUR 20 which you can load with up to 15 (?) photos and which you can re-use on a next visit until some expiration date. And afterwards, you can use it as any other USB stick. I thought it was pretty reasonable. It was the first time ever I paid for photos in an attraction park.

If you think the system is working, ask someone who's waiting for a prompt.