Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment Re:Open software (Score 0) 312

Unless domain experts are constantly auditing

I read this fallacy every time when someone wants to downplay the importance of open source code... every ... single ... time! Actually to the point of becoming quite nauseated by it.

It's simply not true. (First part of famous quote here:) Given enough eyeballs...

First of all there are the software designers/programmers that actually lay out the structure and write the code. Unless they are 'in to the conspiracy' do you think any of them just write code and then 'throw it into the world and let it be'? There is quite a chance they'll notice when someone is tampering with their work. And for the distribution chain to the 'end user' we have MD5. Only one person has to notice a discrepancy there and make a fuzz about it.
Then, when a project becomes more widely used, there will be domain experts looking at the sources, either because they are curious about it because they are working on something similar or there are financial incentives to do so (paid-for support... open source doesn't mean there is no way to earn money with it).
And then, there is the problem for the 'attacker' of leaving an actual trail that can lead back to them, which is orders of magnitudes more likely to happen when the source is hosted openly on well-known OSS support websites, than when it's 'securely' stored on some supposedly air-gapped secret server at big company Y. 'Everyone' (if the OSS website opts in for full disclosure) can even use source-code forensics on the style of code underlying the exploit, if necessary and check commit logs and all kinds of secondary resources for traces of how the exploit came to be. Try that in a corporate setting.

Only thing closed source has over OSS is security by obscurity. And that's the proverbial worst security of all.

And this is fact: Unless 'the' closed-source software creator has a very generous 'eyeballs here please, we pay you big $$$, oh and here is the source tyvm with proper NDA of course', no-one but, maybe, that creator itself will notice when something is wrong....
Until some security expert/bughunter finally binary-fuzzes a backdoor/major exploit into action (which, on the chance of over-repeating my point, is a lot harder to do with assembly only information vs. full sources), resulting in big scandalous news posts on tech websites where all 'nerds' can oooh and ahhh over it... either that or the exploit will be sold on to the highest bidder in 'chussiastan' where it will remain hidden until security researcher X notices weird processes on or strange network packets flowing into their honey pots. All in all a much more tedious process.

Comment Re:What if it's unavailable? (Score 1) 85

Or what if the gyro in their smartphone is unstable?

I have a Nexus 5 and an Asus tablet. The level and compass apps I've tested on them should use the internal gyro data... Level is reasonably stable but compass is anything but stable. Especially when moving wildly, the compass goes everywhere but in the right direction...

I'm not against monitoring driver behaviour for drivers transporting passengers on a commercial basis or insurance premium cuts for 'model' drivers. But I do want to see some certified hardware doing the monitoring. Not just any old smartphone and preferably paid for by the company doing the monitoring.
Oh, and an air-tight privacy statement along the lines of 'Information gathered by our monitoring hard/software will be made available to the customer on request (for counter-evaluation) and furthermore only be used for internal evaluation to improve our product X or calculate your benefits for Y. All data older than Z months in any way traceable to the customer will be destroyed. Never will this data be released to any third party. Bankruptcy or a buyout of our company U will mean mandatory destruction of all data gathered and all derivatives of it.'.

Comment Re:Already here (Score 1) 412

Well ... the way the GP states it, pretty much. Unless you manage to create extra income on top of the universal basic income of course. And nowhere does the GP say that having a universal basic income prevents you from generating extra income. Extra income can be had from a lot of resources:
-You're healthy/motivated enough to generate it yourself by working (the traditional way) and someone else is (still) willing to pay you for it.
-You're healthy/motivated enough to generate it yourself by working (the traditional way) and you use your work resources to improve your neighbourhood and/or your living conditions directly.
-You find an alternative source of income by finding customers and selling them a product which results from you doing something creative in your spare time you don't consider working but other people think is worth paying money for.
-You have extra income from some sort of insurance, for example because you became disabled while working or you've recently lost your job*
-You have extra income because you have (some) capital that generates a certain amount dividend/interest/profit.

and probably many more. Remember, that universal basic income may be a crappy amount to live off of, but you may have up to 40 hours of extra spare time on your hands, enabling you to improve your living situation dramatically if you find ways to utilise it. And for those that really want to be lazy or find it a sport to survive on a very low income; let them. They won't be motivated employees anyway. Are you sure you WANT them working and take the risk of them doing all kinds of unsavoury things because they are totally unmotivated? The only people I do have a pity for, are those that have to live off of a basic income, are at heart motivated/willing to go beyond but can't due to severe disabilities

Of course the options you have to generate extra income also depend on how the nation you live in, is going to tax various things. How will labour be taxed? If it's going to be taxed too much, no one will work or employ anyone. Will capital be taxed heavily or only above a certain amount? What does that mean for companies? Won't the 'traditional' company be taxed into the ground then? Maybe it would become beneficial to create individual capital holding corporations that won't pay capital tax because it has less total capital than the total capital tax-exempted shares of its individuals... those kinds of currently 'alien' constructions...

*) In most welfare situations in Europe, benefits are higher when you become disabled due to working conditions or if you've been recently laid off. However, you pay a premium for the insurances that pay out in those situations, while working, and depending on your wage. Currently paying those premiums is mandatory in many European countries and they are lawfully withheld from your income by your employer (who in turn pays those premiums to the state insurance fund) or you pay for them as the first 'part' of your income taxes.
When universal basic income is implemented, a valid question is of course of these kinds of insurances will stay relevant because one of the 'pro' arguments is that universal basic income will simplify the welfare system a lot and will replace a whole range of welfare constructions for many different situations we currently give people benefits for.

Comment Re:Complicated (Score 5, Insightful) 69

Virtualization is 'expensive', as each virtual server running on the host operating system has it's own operating system, each running their own kernel, having their own generic support libraries, doing its own memory management, hardware access and interrupt management (to/on virtual devices emulated by the host operating system), etc.

Chroot is 'inexpensive', but it only offers a thin veneer of file system separation.

Docker lies somewhere in between. It has its self contained file system with all the generic support libraries (user land) needed for the application, but hardware resources are managed by the single kernel of the host operating system. This does give rise to a restriction not present for true virtual machines; all Docker containers on one host system must use the same kernel (interfaces): those of the kernel of the host system. Actually, the kernel has some special modified interfaces to make certain the applications in the docker container can't access (data or processes of) other docker containers (unless permitted) or the host operating system, and for those applications it still 'feels' like they are running their own copy of the operating system. But, for example, all processes running in all Docker containers on one host system are part of the processes list of the host kernel, there is only one memory manager; that of the host system, etc.

Now there is that newfangled Unikernel kid... What I understand of it is that, in comparison with a Docker container, the support libraries / userland is stripped bare so only the symbols/functions remain that are actually in use by the applications that run in it. But the 'kernel' bit in Unikernel would suggest also parts of kernel functionality is transferred to the container and I would suspect parts not in use by the actual applications in there would not be included. The question is, how much of the host kernel can you transfer to the containers? Certain things should be done 'at the top', if only to prevent containers from hogging critical system resources and such and still being able to do certain system diagnostics at the host os level...

I should read more about it. It seems to be interesting stuff.

Comment Re:Statewide encryption protocol (Score 1) 128

Then another someone pointed out even rot26 was now considered too easy to crack because of the increased processing power of commonly available computing technology. So they modernized the rot encryption algorithm. The new shiny they jokingly named 'Rotn encryption', because hackers would have a rotten time hacking this one:

rot(n), n = 26*iv + salt

with iv being prime for added security. The salt was considered optional and only used when using the algorithm for hashing super secret passwords.

A later government statement said they also had considered adding pepper but that would have made computation of the algorithm too expensive, for pepper being an imported spice and all. Since their preferred importer, the VOC, lost their market monopoly some centuries ago, they were not sure if the added use would give their secret formula 'oomph' worth the money. This is of course a very Dutch way to look at such matters. They are firm believers that an increase in expense should only be allowed when it adds even greater value to the product.

Comment Re:That would be beyond stupid (Score 1) 154

Definitely NO. Answer is in the same same piece of text:

EXCEPT WHEN OTHERWISE STATED IN WRITING...

It's very easy to add a little certificate of 'taking responsibility', or add it as an extra clause at the end of the license. It won't change the GPL. However... you must find a manufacturer of software for autonomously driving vehicles willing to provide their sources under a GPL license.

Comment Re:Liberal excuse to invade privacy (Score 1) 284

How does it lead to the further degradation of the privacy of the citizens?

Like how Goolge Ads lead to the further degradation of the privacy of the citizens?

or

Like how mass surveillance of the NSA (as explained by E. Snowden) lead to the further degradation of the privacy of the citizens?

There is a difference, you know and I consider the former one much more benign than the latter. And a once in 5 year census, properly executed, orders of magnitudes less privacy invading than even Google Ads. I expect, from a country like Canada, they are very careful about privacy violations due to government material. In the country I live (Netherlands), we have an independent bureau for these kinds of issues (the Dutch Data Protection Authority / College Bescherming Persoonsgegevens) every part of government (and commerce, for that matter) has to give accountability to when they store privacy sensitive data.

Also, Google Ads have distinct primary and secondary benefits (personalized ads instead of junk you never would care about and 'free' services like google search and gmail) as the census should have (better government based on facts rather than fiction).
Now if we only had journalism that would actually criticize government when they fail to make decisions by using proper data and rational thinking... Where is free speech when you need it?

Comment Re:Census value (Score 1) 284

btw, what census evidence was used to decide that ending the war on drugs would be worthwhile?

Maybe there were so many Canadians filling 'drug dealer' as their occupation (2006 census, question 42), that the government decided the extra income tax from legalizing that profession would benefit them more than the costs to society associated with drug (ab-)use. ;)

I base some things on *ideals*

Of course you should. But it IS like religion and science. We do want to make rational decisions about things when entire populations are involved. The alternative has historically proven to be often... very unpleasant.

Comment Re:A sample of the actual 61-question census (Score 4, Informative) 284

Ehmm RTFF much?... It's 40 pages to fill in per 5 persons (if more than 5 persons live on the same address, you have to call in for a supplemental form). Which would make it about 8 pages per person. Roughly half of the questions should be skipped for persons aged below 15 and most questions are either 'mark the box' or writing names or amounts. It's not like you have to write a 40 page essay.... Questions are about:

-Inquiring the number of persons residential at the dwelling (the form gives detailed information about who to include and who not).
-Some basic information about each of these persons (Name, DoB, sex, marital status and relationships).
-Ethnic background of each person and language capabilities, detailed.
-Level of education and the type and amount of labour performed by each person over 15. Includes voluntary and unpaid labour (like household chores).
-The state and ownership situation of the dwelling the form is sent to.

Oh, and there is a page for comments.

Except for that last page, everything in the form seems to me to be very relevant for government decision making. At least, and I am generalizing here, if I'm well enough informed about what 'usual Canadians' consider proper government decision making. I'm Dutch, so I do not know the details, but I do read about what's going on in other countries than my own and that includes what populations usually expect from their governments.
Then, again, I can understand why some questions on that form would be highly objectionable to 'usual U.S. Americans'. And I might be wrong but most comments I see here are not those of Canadians... The impression I usually get from the U.S. is that you don't like to let your government meddle in affairs like basic health care, integration of minorities, housing regulations, public welfare or anything that touches income (taxes, minimum wage). And that's what many questions in that census are about. So, I'm not surprised I see so many negative comments here...

Comment Re:No (Score 1) 563

A post-scarcity society may be something in reach in a few generations... but some technological (start with abundant energy - controlled fusion) and social break-throughs (the notion that there may not be enough work available to roughly provide every work-able individual with a meaningful job which may lead to things like a basic income) have to happen first... Also, deliberately creating scarcity on a large scale for personal gain should become a crime. One severely punishable by that... like, on the same level as genocide... And it should include a lengthy trial at a world court.

If all 'common' needs (food, housing, security, connectivity, some entertainment... call it bread-and-games if you like) are provided for, for most people, the need for money will start to fade and so will the notion of it. Money will be something only the very rich care about. Either because they like the pissing contest or they want to execute a 'larger than life' goal.
For the average person, the ability to barter will no longer be 'money', but the skills you can bring a team that wants to create something 'larger than life'. Those teams can be cooperations of average individuals - they don't have to be kick-started by some very rich, but it may help ... initially. Competition between teams will be based on what value they can bring to someone having the skills the team wants. Someone not happy with the 'working conditions' can always take the 'nuclear' option. "I think I go live in a cave for a while - sodd off unless you bring me a better offer". For those teams the 'human capital' they posses will be their most important asset (energy is plentiful, so materials are plenty as well (through recycling or mass-creation) and as such, of low value). Liquidating such teams will not benefit other teams as much unless their goals are very similar. This will bring natural monopolies - but who cares at such a point? Competition will be a lot less...

I think, when you look at Star Trek, there are many things individuals can't 'just' lay their hands on, in it. But most people don't care much. Transporter credits is one explicitly mentioned.
They are all things an individual couldn't be expected to create within their own means, even if they would have worked for it their whole lives - on their own. Everything material an individual needs to survive can be provided for - everything else they have to 'work' for. They band together and build something larger than what one individual can do. That's how they must have been able to do the things they do in the series. Plenty of people working towards, what seem to be, insurmountable goals, focussing on what they can do best because all their material needs, and quite some social needs are utterly satisfactory provided for.

So, if you want to do something really interesting (with your life, in a post-scarcity society, within your lifetime), you take up an education (or educate yourself up to a point to get noticed), then apply for that job that may get you there. Like one involving boarding an interstellar space-ship. If your dream is to 'explore new worlds', you make certain to make yourself useful there. For the crew 'they' pick motivated people (even if the motivation is caused by a lost bar fight and a stern speech). Not the lazy bums that just want to go sight-seeing. Where 'they' are the people that banded together to realize something bigger than life in the first place.

It's all quite logical.

Comment Re:Reason why it's cheaper (Score 1) 421

Unfortunately, scaling down current designs of power generating systems using nuclear fission will result in an exponential loss in efficiency, or worse. When they are too small, power generation isn't even possible because you need a critical mass in most systems (you need to have enough neutron-fission material interaction to keep a nuclear chain reaction going and when the neutrons are 'going fast' you need a barrier first, most commonly a layer of water, to slow them down enough to split new atoms). For 'small' nuclear power plants you need completely different designs and possible even have to search for other fission processes that can scale down to a size that local power plants are possible. There are some fission processes that can produce small nuclear power plants but those currently known are highly inefficient and/or use very dangerous materials . For example: the heat produced by natural plutonium decay is used in many solar system scale traveling space craft to produce heat and power. There is a reason it's used in those space craft, not in local power plants.

Also there is nuclear fusion. Ever wondered why only the 'hot' variant is scientifically proven to provide a surplus of energy and the first fusion test reactor to be built, designed to generate a surplus of power is a global project and, well, quite ... humongous? It isn't because the international scientific community wanted a pork project. I can tell you that...

Comment Re:It's all fun and games... (Score 2) 61

Apparently we have a statistically incorrect over-abundance of mature players in the region I play then...
Yes, I know what you mean with the unsavoury kind of 'players'. However, if said people pop up here and begin ruining the gaming experience for 'the ****** smurfs/frogs' because of "MUST DO WAR EXPLICITLY" it won't take long before they are shunned by both sides. May take a bit longer if said player was more of a regular. We had one on the opposite faction becoming quite dictatorial in handling the area he lived in, also to his fellow team-mates, making demands to do this or that. Let's say he now has to do all the legwork himself if he wants to have any chance of a lvl5+ portal near him.

After some huffing and puffing, things cool down and we soon go back to our friendly games of capture, recapture, sneaky guardians, P8's, either naturally developing or by planned event (and associated game of interception) and a city/region enveloping field once every few months. When sides meet there is a nice talk 'about the weather', followed by some exchange of neutral in-game topics (game changes from the latest updates, that sort of stuff), some questions about unexpected activity of regular/long-time players everyone in the area know about but suddenly retired or re-entered the field, sometimes talk about immature players mentioned earlier... and then we go on our merry way.

Comment Re:They forgot something (Score 5, Insightful) 141

Possibly these $50 phones will get better security update support than most $500 phones-with-hardware-vendor-goo. Simply because the operating system on these will be provided directly by the operating system manufacturer (Google) and by contract no vendor-goo will be allowed.

My phone got pretty much every update between 4.0 and <current release> and I expect to receive updates promptly for quite some years to come. By the way (if you didn't get enough hints), this phone (and my phone of choice) is a Nexus...

There is only one other significant party in the smartphone market that has the same edge... but the phones they make are too locked down for my personal taste. So I only use those when I have to... at work for testing purposes. (I write app software for both iOS and Android.)

Comment Re:Why not have someone do it for you? (Score 4, Insightful) 114

Why? We're talking about Linux drivers here. Why not let the open source community write optimization profiles? Yes, you (AMD) have (has) to make some sort of interface and some documentation for it.
But the beauty is, now the community is selecting the best options for applications, doing their own testing which, with my limited knowledge, for AMD seems to be a very time and resource (paid testers) intensive process. Which is why it's lagging behind, for the Linux drivers, in the first place. Of course only software that's used by community members actually wanting to put time in creating these profiles, will eventually have good profiles. Like every other open source project. It will only improve if there are community members willing to put time/effort in it. And maybe, if you open up this process, game developers wanting their games to have a solid performance on AMD cards will write their own profiles.
Today nobody can optimize graphics performance beyond the usual resolution/AA/shader toggles on a per-application basis, except for a hand full of inside developers. And we know of some 'AAA' games coded so badly they are virtually unplayable without serious driver 'tweeks'. Why not give the open source community the possibility to optimize the games they think are worth it?

As with all open source software, it only gets better. Unless no-one cares. But then... who cares?

Comment Re:If it sounds too good to be true (Score 1) 243

NiCd starts at 1.2V. But nobody (should be) use(ing) those any-more. My experience is that most good NiMH cells start at 1.4-1.5V and maintain 1.25V during most of their in-use-time.

It shouldn't be too hard to switch on the boost circuit this Batteriser supposedly has, only when a reasonable current is drawn by the device. A current sensing circuit should not add that many components. That should prevent the Batteriser from drawing power to keep the boost circuit running when the device is switched off...

[edit]
-Unfortunately I'm unable to show you the ASCII art I had made... So here is a description of it:
Main circuit, in series: +bat --[>|-- [R2] - device - -bat (ground).
Booster circuit, 4 leads: on both sides of the diode, ground and Current detection sense input.
Current detection circuit, 3 leads: on both sides of R2 and Current detection sense output.
[/edit]

Something like this (just a rough idea. I'm a radio amateur, not an electronics engineer): R2 is very small and in series with the device (and the battery). Current is sensed over R2. A diode (pref. a low drop one) maintains most of the original battery voltage over device as long as little current is drawn. When boost circuit kicks in, voltage is boosted, the diode prevents the surplus voltage from running back to the input of the boost circuit. Drawback, R2 will dissipate some energy and its resistance depends on how sensitive you can make your current detection circuit. Also, the current detection circuit itself may use some energy but if devices with a 'soft' standby can be battery powered and drain the battery in a matter of multiple years instead of days (I'm looking at calculators and those small bike LED-lights), so can this Batteriser.

There is only one sort of device I can think of which may not be able to deal with this. I know some devices that have a stand-by current in the micro-ampere range that still do need a rather high supply voltage, else they reset, restart, draw lots of current while restarting and then go back into stand-by. If the booster circuit shuts down while they are in standby, it would mean and endless cycle of restarts, draining the battery even faster. Of course those devices already would drain the battery faster in the original situation. When the battery voltage would become low the first time, the device resets. Then because of the internal resistance of the battery, the voltage would drop even more by the current drawn by the start-up sequence.... resulting in a reset ... rinse and repeat. A boost circuit should have a capacitor at the device side of things (if only to smooth out the high frequency noise from the boosting). If you can make it rather large (in capacity) and have a voltage sense circuit over it that turns on the boost circuit on for a bit if the voltage drops under, let's say 1.4 volt, maybe you can remedy that problem. But how much room is there for a supercap in such a small device as the Batteriser?

Slashdot Top Deals

If a subordinate asks you a pertinent question, look at him as if he had lost his senses. When he looks down, paraphrase the question back at him.

Working...