Forgot your password?

Comment: Re:"Independent" discovery? (Score 2) 62

by icebike (#46752531) Attached to: Heartbleed Disclosure Timeline Revealed

Not necessarily. It may be that the bug was known to others and that Google and Codenomicon were both monitoring channels used by more nefarious types. Both organizations may have independently 'discovered' the bug after each becoming aware that an exploit existed without having full details of the exploit.

And the story should have been about WHEN those nefarious types first started mentioning it, not about when the white-hats actually found it.
Did those blackhats find it by reading the code, or accidentally stumbling upon it in some way?

I suspect it was the former, but I think that discussion is more important than when Google detected it. After all, the implication is that
google discovered nothing, but simply heard about it in the hallway or something.

Comment: Re:The CA should not revoke the certificates, (Score 2) 151

by icebike (#46743959) Attached to: Private Keys Stolen Within Hours From Heartbleed OpenSSL Site

However, the CA should issue the new cert for free in this case. It costs a CA exactly nothing to issue a new cert. Its not a consumable commodity. Allowing them to indiscriminately cancel certs without proof of compromise gives them access to every site's checkbook.

With no PROOF of being hacked, even the the fact that at some point in time the site was running a vulnerable openssl version seems insufficient proof to cancel a certificate, and require payment for a new one. Remember, none of this can be the fault of the site. As long as it is patched now.

And before the CA cancels any certificate, they themselves better be assured that they were always running a clean stack.

Comment: Re:Good idea (Score 1) 175

by icebike (#46674311) Attached to: Linux Developers Consider On-Screen QR Codes For Kernel Panics

how soon until someone accidentally posts a QR code containing confidential information, since they cannot read it themselves.

Since the crash handler itself generates the code that takes your phone's browser directly to the report site, this isn't going to be a problem.

Have you never actually uses a qr code the leads to a web site?

Comment: Re:Dump kernel to serial printer (Score 2) 175

by icebike (#46674289) Attached to: Linux Developers Consider On-Screen QR Codes For Kernel Panics

Or just display a short number code. Displaying a QR code won't solve anything, it will just obfuscate the error and leave the user without any easily memorable reference. This sounds more to me like "let's do it because it's modern and hip" rather than it being actually useful.

The QR code can not only indicate the exact location of the error, but can take you to a website on the phone, with a url long enough to log
  many key points about the error.

Even if it logs very little, developers will get more input this way than they do now, because when your machine is crashed, you can't report anything and once it reboots, you have other priorities than digging in the last crash dump.

However, other than collecting statistics, it might not do any good. Even when you do submit a dump, you get the request to install debug symbol packages and trigger the crash again. Ah, no, that isn't going to happen. Or there will be necessary drivers installed that taint the kernel, and devs wont touch it until replace your video card, untaint your kernel, and trigger another dump.

Comment: Re:Vitamin D (Score 2) 137

by icebike (#46662793) Attached to: Study: Exposure To Morning Sunlight Helps Managing Weight

You've totally missed the fact that the link lead to two different studies one of which was a Meta Analysis of 180 studies, which indicated that there was no measurable effect of Vitamin D. Its not like ONE study was done and it is easily overturned by your google search.

The meta analysis more than likely included all your google search results by proxy. The study is not paywalled so go read it yourself.

This is the beauty of meta-analysis, it can find significant overlooked results of smaller studies and overcomes a lot of researcher bias.

Comment: Re:Vitamin D (Score 1) 137

by icebike (#46657825) Attached to: Study: Exposure To Morning Sunlight Helps Managing Weight

There is no effect of Vitamin D, via supplement or via Direct Sunlight.
Vitamin D3 seems to decrease mortality (of all causes) by 11%.

But I agree that this present study seems to be confusing cause and effect. If you are outside early and running around in the sunshine chances are its not the light of morning that has the effect, its merely the fact that you are more active.

Comment: Re:They haven't tracked it down (Score 1) 491

by icebike (#46565737) Attached to: How Satellite Company Inmarsat Tracked Down MH370

They have tracked it to a place from which It didn't have enough fuel to return.
Unless you are hanging your hat on aliens beaming them up, or a long undiscovered island in the south indian ocean which just happened to have a 5000 foot runway, some times you have to go by the numbers and state that they crashed.

Comment: Re:ACARS (Score 3, Insightful) 491

by icebike (#46565623) Attached to: How Satellite Company Inmarsat Tracked Down MH370

No it isn't, its not using data from a system that WAS TURNED OFF within MINUTES of the last radio contact.

How the fuck did this get marked as insightful? Its make a wrong statement that everyone has know has been wrong since the second day.

You should try to keep up with the actual events instead of lashing out on Slashdot.

The DATA transmissions ceased on the ACARS, but the radio system still pings the satellite.
The radio system keeps its link with the satellite as long as the actual transmitter has power.

Just because you stop tweeting on your phone doesn't mean the phone stops talking to towers.

Comment: Re:Some questions (Score 1) 491

by icebike (#46565513) Attached to: How Satellite Company Inmarsat Tracked Down MH370

How come the frequency information of the signal received by the satellite was saved? What is the purpose of saving all that data in normal operations?

And why did it take three weeks to do that analysis?

I thought the same thing.

With digital tuners, what radio system even captures exact frequency these days? Its either in-band our out of band and not heard.

Perhaps these satellite radios are wider band, and therefore they record the exact frequency any transmission arrived, but it just seems unusual to have this information at all, let alone to be able to dig it up out of several days old data.

Comment: Re:Car Sensors Suck (Score 1) 178

by icebike (#46529999) Attached to: Your Car Will Soon Sense If You're Tired Or Not Paying Attention

Everything you said is false.
I mean, I can't imagine how you could be wrong on every single point, unless you are still driving that 82 Toyota.

The headlights recognize tail lights and won't go to bright when I'm following, the car can distinguish someone cutting me off, and brakes just enough to allow for the DIFFERENCE in speed, the blind spot monitoring works perfectly, (and I still turn my head because not all the cars I drive have this). Cross traffic detection is for when you are backing out of parking spaces, not driving.

Basically, I don't think you should be driving period. Your attitude betrays an ego larger than your brain. You don't belong on the road.
Its time to trade in that deadly heap you drive, because your abilities stopped improving years ago.
Humans are the least reliable element in the modern car.

"Love is an ideal thing, marriage a real thing; a confusion of the real with the ideal never goes unpunished." -- Goethe