Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment: Any solution is better then none at all (Score 4, Insightful) 89

by jfmiller (#49419065) Attached to: The Problem With Using End-to-End Web Crypto as a Cure-All

The problem with security researchers is that they declare any usable technology as "completely insecure." and in a sense they are correct. Good security is hard and inconvenient. What we have right now is even worse. There is no privacy what so ever.

What e-mail needs for most people is an envelope. Enough encryption that the casual observer cannot read the message, and the malicious observer must make a targeted attack. I don't need to stop theNSA I just want to dissuade the PHB form reading over my virtual sholder. In the process the NSA will have to pic and choose who it targets. Yes, these e-mails will remain completely insecure, but there is a much higher cost to read the data, and there is a much higher risk of being discovered doing so.

Lets not let the perfect become the enemy of the good when it comes to security.

Comment: Re:Is anyone surprised? (Score 1) 180

Robert Jordan's Wheel of time was just as good (better IMHO) and an equally complex ploy and still got a new installment every 2 years until Jordan's illness and death. Brandon Sanderson (who stands alone at the top of the epic fantasy prolific writer heap) finished the series writing one book a year for a plot-line he did not create, and still managed three other novels (not short ones either) in between.

I'm not saying I could do it myself, nor that writing a complex epic is easy, but I expect 90MPH with good movement from pro baseball pitchers and I expect a book every second year from pro epic fantasy writers. GRRM need to work on his game.

Comment: Re:Routing? (Score 1) 163

by jfmiller (#48762657) Attached to: In-Flight Service Gogo Uses Fake SSL Certificates To Throttle Streaming

YouTube / Google makes this particularly hard for them. Google uses the same IP range for most of its services. Blocking Google Search is a non-starter. But that means that you cannot block YouTube by IP address. Ok, so you simply block requests to youtube.com (and its other country specific variations). There are two issues however, getting around this is as easy as `nslookup youtube.com 8.8.4.4` and assuming you do catch the DNS request, you cannot send back an error response because YouTube is now completely over encrypted connections. Thus the fake Cert. They are using it to send the use an explaination of why they cannot reach YouTube. The fact that they could use this Cert to steal private information "never entered our minds."

Comment: Single Point of Failure (Score 1) 223

by jfmiller (#48008007) Attached to: Nearly 2,000 Chicago Flights Canceled After Worker Sets Fire At Radar Center

Several comments have questioned the single point of failure. I am sure that it will be a key question for the NTSB to examine when it looks into this incident. However, I would point out that the system is designed to fail to backups, but it appears that Mr. Howard who was "worked for an FAA contractor at the Aurora facility for about eight years, handling communications there" knew what to destroy so as to prevent such back-up systems from functioning. The report mentions "The (radio) frequency failed" which would lead me to speculate that he severed the connections to the physical transmitters before torching the communications system. The comment about "a floor panel had been pulled up, exposing telecommunications cables and other wires" seems to say that Mr. Howard who should have know the system he maintained well, was able to damage a particularly sensitive set of equipment and or connections.

My biggest question is, what is so bad about a transfer to Hawaii? I'm sure there were personal reasons to stay, but I still cannot help thinking that if I gout the chance to leave Chicago for Hawaii I'd jump at it.

Comment: Re:No redundancy? (Score 2) 223

by jfmiller (#48007971) Attached to: Nearly 2,000 Chicago Flights Canceled After Worker Sets Fire At Radar Center

Press reports are still very sketchy, but it seems like the suspect was in charge of maintaining the very systems that allow such transfers of control and that he intentionally destroyed key connections between radar and radio installations and the Air Traffic Control system. Why this building contained single points of failure is something I'm sure the NTSB report will focus heavily on, but at some point a connection has to exist between the physical hardware that track aircraft and transmits radio instructions and the network routes that information. The report that he had "ripped up carpet and cut cables" reads to me like someone who knew where to find one of these critical single points of failure.

Comment: Re:Can it scram in 10 seconds? (Score 3, Informative) 216

Yes, in 1999 (when I last toured the plant) the SCRAM time was 3.5 seconds with control rods fully placed in 0.5 seconds if the emergency circuit is tripped. This happens automatically in the event of a 6.0 or stronger quake. An emergency SCRAM requires 30 to 120 days to restart the reactor. Also like all reactors, it requires time to cool. Because DCNP is located on the ocean it does not require active cooling to safely cool the reactor core after a crash. flooding the core with sea water will probably be the end of that reactor, but it will not loose containment. The plant was originally designed to be operational after a 7.0 quake and to not loose containment in the event of a 9.5. After the discovery of the Hsgri fault the design was modified to withstand a 10.8 quake. Analysis after the 2004 6.2 quake in Paso Rubles suggests that the engineering was "very conservative" and that the plant may well be able to survive an 8.0 in operational condition.

On the other hand, the temporary on site storage of spent fuel was not part of the original plan, In the event of a major seismic event, it is the spent fuel casks that scare me.

Comment: Re:How many trillion would it cost to return (Score 1) 288

by jfmiller (#46887081) Attached to: Decommissioning Nuclear Plants Costing Far More Than Expected

No, for two primary reasons. First, the objections to the NV site other then from the residents of that fine state come from people not wanting to ship nuclear waist past their city. Moving nuclear waist is just as challenging as finding a home for it. Second, The forces that caused a site to be shut down do not want to grow the fuel storage problem they already have. The high cost to close out a nuclear facility is not a secret, it is much cheaper to recondition or even completely rebuild the reactor then to decommission it. Sites are shut down for environmental and political reasons, and those who worked to shut them down don't want to take other people's waist.

Comment: Here for the Comments (Score 3, Interesting) 2219

by jfmiller (#46183449) Attached to: Slashdot Tries Something New; Audience Responds!

There was a time when Slashdot was my home page -- first thing I read when I turned on the internet. That time has long passed. I'm not sure whether I grew up or Slashdot grew down. In the end I think RSS feeds and the proliferation and maturation of other tech sites with original content like Ars Technica filled some of what Slashdot used to do for me. Much of the news here is 12 hours behind the top of my feed.

I still come back often. It's not for the news like it was in the 90's but for the comments. When I want to know what's happening, I hit Google or Hacker News or Ars, but when I want to know what other people like me think about something, I wait for it to hit Slashdot's front page.

To me it feels like DICE thinks the articles are the content. They're not. The content comes below the articles which are only there (IMHO) to spark a discussion. So my feedback: Take a few months and learn about the community that makes Slashdot work. It seems clear that you have not. Then work the redesign to fit the ethos of that community. You can mess up the front page all you want to try to get new audience, but take a second or third look at everything below the article when you try this again in Fall of 2014.

Slashdot: News for Nerds, Stuff that matters

Comment: Check out religious charities (Score 5, Insightful) 570

by jfmiller (#38409516) Attached to: Ask Slashdot: Most Efficient, Worthwhile Charity?

I know that God is not popular on Slashdot, but even from a rational humanist perspective these charities are very effective. The administrative costs are usually born by regular tithing so any funds given to the charity can be spent 100% on the core mission of the charity. Especially, in the area of disaster relief, these charities also have strong connections with the local congregations who can quickly put resources to use where it is most needed. This in contrast to groups like the Red Cross usually have to spend time "getting in" to places.

I know there will be some objections voiced that the money will be used to evangelize victims rather then aid them. I cannot speak for other sectors of the religious sphere, but charities associated with Mainline Protestant Christian churches operate in perpetual fear of this accusation and copiously avoid any activity that might be mistaken for proselytizing.

I will end by plugging the charity of my own Episcopal Church: Episcopal Relief and Development.

+ - Paypal out does Grinch, Scrooge in killing Christm->

Submitted by jfmiller
jfmiller writes: In an ultimate act of corporate greed Paypal freezes donations meant for needy children. "They allowed me to use a donate button, and got a portion of the donations Then made me return the donations, and kept a portion of the fees on the donations. ... I am very sorry to say that at this point, I am not able to make a monetary gift to the families. They have frozen everything that was not already spent or donated, and I have no more funds to make a gift of that size. MERRY CHRISTMAS"
Link to Original Source

Comment: Re:Popularity (Score 1) 685

by jfmiller (#38039260) Attached to: Linux Mint: the New Ubuntu?

I would be one of those Ubuntu hits. But I'm running the last LTS and very ready to upgrade at this point. So much so that I had serious thoughts about using 11.10. Then I saw Unity. Now I'm thinking that Mint 12 might be my upgrade path. It's not how may you have it is all about where they will (or won't) go next.

What sin has not been committed in the name of efficiency?

Working...