Become a fan of Slashdot on Facebook


Forgot your password?

Comment Re:The US cannot follow a pact (Score 4, Interesting) 38

So, why should anyone expect China to?

In fact, if I was a Chinese government official I'd be laughing at anything the US suggests. Maybe I'd sign the pact just for a joke though.

the thing is, what the U.S. politicians - and many people around the world - don't realise is that the Chinese Intelligence is so secretive it doesn't even have a name. its members operate in effect as independent cells, through word of mouth contacts, with absolute negligeable two-way contact with the outside world... even inside china and *including with the politicians*. remember, china's politicians, under the "one party state", don't actually have much in the way of power, and are not really that well-respected (or trusted).

so the hilarious thing is that the only way for the politicians to inform the Chinese Intelligence that there's a treaty that's supposed to be signed is, in fact, to announce it in the news and hope like hell that someone relevant, somewhere, in their lair / bunker / hideout, actually reads it. here's the problem, though: if those operatives happen *not to agree* with that treaty, as far as "China National Security and Interests" is concerned, then, well, they don't actually have to take a blind bit of notice.

the same goes for when all these attacks keep occurring. the *simplest* thing to say is "it was chinese hackers! they're nothing to do with us politicians! we have a policy of not attacking foreign assets! no really!" because for the politicians to even *admit* that it was Chinese Intelligence operatives - not that they could possibly find out who they were even if they wanted to - would probably result in them getting a knock on the door and them and their family deported to some remote area of China which hasn't changed in several centuries.

we in the West assume that just because the Politicians in Western countries make the laws, that other countries have to follow that exact same process. China's politicians - people don't realise - are *not* at the top of the food chain as far as power is concerned. They're not even second to top. on mature reflection, you might call that a good thing, as it means that they can't really screw things up.

Comment thinkpenguin (Score 2) 237

i recommend contacting for several reasons. firstly, yes they install GNU/Linux by default (so they've done all the hard work, and the research, in advance. is that worth paying for? yes!) secondly, they actually go to the trouble of replacing the BIOS with Coreboot. is _that_ worth it, and worth paying for? yes!

and thirdly, they make sure that the hardware that they've selected is FSF-Hardware-Endorseable, which needs some explanation as to why this is important - and it's not *actually* to do with some sort of stupid or idealistic or neo-fascist or brain-washed or self-righteous or [insert suitable continuation of series of derogatory sentences towards the FSF, Dr Stallman in general and their goals, here, which may be in your mind as to why you feel that you should completely ignore anything and everything associated with the FSF, which we're about to show you are completely moot] reason.

no, the clear benefit from buying FSF-Endorsed hardware such as printers, WIFI and 3G dongles etc. is that they JUST WORK. peripherals these days usually have built-in firmware. because the firmware is pre-loaded in FSF-Endorseable products onto NAND Flash or EEPROM, they're pretty much guaranteed to be more expensive than the devices that require the proprietary firmware to be uploaded to the device, from the main OS, before the device can actually function.... BUT...

what that means in practice is that if you don't *have* that proprietary firmware, or if it happens not to be compatible with the OS, or if you lose it, or if the file system becomes corrupted, or if you perform an upgrade of the OS, and many many other reasons all of which amount to a great deal of hassle, you cannot use that device, period.

the most ridiculous instance of this is that ethernet is becoming less common, CD/DVD drives are becoming less common, creating USB-sticks to boot-install systems has always been a pain, EFI-boot (only) is becoming more common.... how the hell is anyone supposed to install an OS when the only network access is WIFI, and the WIFI requires bloody proprietary firmware that has a license that prevents and prohibits that firmware from being installed on the bloody installation media?? how stupidly ridiculous a situation can you possibly get into! and don't get me started about usb-ethernet devices, which, due to them being USB, are often *excluded* from selection as a "main internet connection" during the install process, because, by nature of them being removable, the OS can't guarantee that the device will be there on the next boot.

avoiding all this hassle is what you pay for when you buy pre-vetted products from and other companies that are listed on the FSF's page . you can also go to and take a look there to see if what you want is listed.

so when you buy a product from you know that it's "just going to work". if you genuinely want to replace the OS, you can... and it will be a very straightforward job, unlike, i can guarantee, absolutely every other recommendation at the time of writing of this comment with a category "5" score here on slashdot.

ironically, and not surprisingly, thinkpenguin get less support calls (hardware "just works"). their customers are happier.... and so are more loyal. is that worth paying a bit extra for? yeah i'd say so.

Comment simple answer (Score 1, Offtopic) 191

What's your approach to detecting and dealing with Android malware?

don't use android. this is not said in a sarcastic, troll-baiting, flame-fest-demanding or other meaninglessly fucking stupid way or any other way which is to be misunderstood, either accidentally or deliberately. it is said in a simple factual way. if you use a monoculture OS, supplied in binary form only and, for commercial (profit prioritisation) reasons not properly supported by the manufacturer (no, google is NOT the manufacturer of the world's 3rd party android mobile phones, they are the supplier of REFERENCE platform source code which 3rd party manufacturers then take and produce their own customisation and binaries from, and because of the huge fuck-ups that have occurred when 3rd party manufacturers do that, they've been forced to do "flagship" products demonstrating how to do it correctly... but even so they *still* haven't managed to get round the huge "monoculture" problem), then i'm sorry to have to be the messenger here but just like when you run any other proprietary binary-only monoculture OS, then plain and simple, you get everything that you deserve: viruses, malware and more.

now, if someone wants to go and vote the paragraph above down just because it's quotes not nice quotes, i really don't give a monkey's. fact is, i don't use android, therefore i don't get android malware. no complications, no desire to risk my data or my time dealing with other people's crap proprietary "pseudo-open" software. got a problem with that? i genuinely don't care.


Ask Slashdot: What To Do About Android Malware? 191

An anonymous reader writes: What's your approach to detecting and dealing with Android malware? I have a fairly new, fairly fancy phone running Android Lollipop, the recently degraded performance of which leads me to believe that it's infected with malware. That, and a friend who noticed a lot of strange activity coming from my phone's IP — sorry, I don't have the logs, but he pointed out that there were pings coming from my phone to a lot of sketchy addresses — which pretty much seals the deal. There have been lots of stories lately about Android malware that remind me of the old saw about weather: everyone talks about it, but no one does anything about it. However, that can't be completely true, and before I reach a phone crisis, I'd like to get some sane, sage advice about diagnosing malware, and disposing of it, or at least mitigating its damage. When it comes to diagnosing, I don't know what software to trust. I've heard positive things from friends (and seen both positive reviews and terrible negative ones, raising even more meta questions about trust) about Malwarebytes, so I installed their mobile version. This dutifully scans my system, and reports no errors and malware. Which doesn't mean there isn't any, though I'd be happy to find out that I'm just being paranoid. The OS is stock (Motorola Nexus 6) and kept up to date. I have only very conventional apps, all downloaded from Google's Play store, and believe it or not I don't visit any dodgy websites on my phone, at least not intentionally. So: what's the most reliable way to get an accurate view of whether I am dealing with malware at all, and hopefully to eradicate it? Good malware hides well, I know, but is there any tool on the side of the righteous that is currently best at rooting it out? If I find a specific form of malware on my phone, how can I remove it?

Crash Chrome With 16 Characters 205

An anonymous reader writes: Remember when it took just eight characters to crash Skype? Apparently it takes double that to take out Chrome: Typing in a 16-character link and hitting enter, clicking on a 16-character link, or even just putting your cursor over a 16-character link, will crash Google's browser. To try it yourself, fire up Chrome 45 (the latest stable version) or older and put this into your address bar: http: //a/%%30%30 (without the space).

Trademark Trolls Stops University Nicknames 102

chipperdog writes: Trademark and patent trolls have even found their way in complicating a university nickname selection, with people admitting to registering nicknames with the trademark office just to stop them or get rich off of them. The Grand Forks Herald reports: "The search for a new University of North Dakota nickname hit a potential new stumbling block on Monday, when former Bismarck mayor Marlan 'Hawk' Haakenson registered trade names for several of the Fighting Sioux replacement options under consideration. Haakenson said he registered the trade names in an attempt to interfere with the nickname selection process, though a UND official said such an attempt was unlikely to succeed."

Comment Costa Rica (Score 1, Interesting) 381

costa rica is, geographically, a nexus for the undersea fibre cables. translation: the internet connectivity is *fast*. intel has a major centre there. the advantage of costa rica - apart from being absolutely beautiful and one of the most bio-diverse areas on the planet, is that they have NOT signed CAFTA. as a direct result of this they are still a sovereign nation. also, it's *really* hard to do mass-surveillance when most of the country is covered in dense greenery. you can get a tourist visa then, every few months, pay the $30 fine for staying a little bit longer. some foreigners have paid that gosh every few months for shock horror 20 years!


University Employees Suspended Due To Guest Worker Scandal 209

sethstorm writes: By sponsoring employees for use at an IT staffing firm, Wright State University may have broken new ground in guest worker fraud. According to the Dayton Daily News, 19 individuals were sponsored by the university yet ended up working for WebYoga, a firm controlled by (now-suspended) top Wright State officials. They also cited Wright State's exemptions regarding prevailing wage law and H1-b limits as attractive qualities. This has implications not only for the existing workforce, but to students that see the university putting its own staff ahead of them.

Comment modular computing (Score 1) 345

interesting timing. i've been working on designing modular computer products for the past five years, and just wrote up a white paper yesterday on exactly this topic

the fairphone 2 is designed as "modular" - it's not exactly "modular", it's (very unusually, for a smartphone) designed to be repairable. you have to have a screwdriver, but that's a lot better than a hermetically-sealed unit that needs a saw or scalpel followed by epoxy resin to undo the damage caused by getting into the device.

also... what happened to the "bloom laptop"? i know it was 5 years ago now, but the whole reason why they started the project was because the entire class of students and two professors were absolutely astounded that it took *three hours* to disassemble a standard laptop... into over 140 constituent parts.

Comment Re:Learning to program by Googling + Trial & E (Score 0) 616

This is why so much poor software exists in the world.

I can only imagine what nightmare code is being generated by such efforts.

Yes, anyone can code, just as anyone can build a house. Whether or not the house collapses immediately, whether it has any real value, or by any other measure still depends on the skill of the builder, just as in software.

Garbage in -> Garbage out,
applies to the code as well as the data.


honestly, i can say that if it gets the desired results, who cares. it's going to be maintainable by that person, because they were the ones that wrote it. now, if this was a team effort, however, that would be a completely different matter. if there was a requirement to have a maintenance contract in place, for the long-term success of the code and the project, that would be, again, an entirely different matter.

i *do* actually successfully use the technique that the author uses - i have been using it successfully for over 30 years. however, during that time, i have added "unit tests", source code revision control, project management, documentation, proper comments, proper code structure, coding standards and many many more things which make a successfully *maintainable* project.

whilst such things are most likely entirely missing from the projects that this individual is tackling, the projects that this individual is tackling are also likely to be ones that *don't need* such techniques.

in essence: none of that de-legitimises the *technique* of "programming by random research". it's a legitimate technique that, i can tell you right now, saves a vast amount of time. understanding comes *later* (if indeed it is needed at all), usually by a process of "knowledge inference". to be able to switch off "disbelief" and "judgement" is something that i strongly recommend that you learn to do. if you've been trained as a software engineer, adding "programming by random research" to your arsenal of techniques will make you much more effective.

Comment Re:You know there's a problem... (Score 0, Troll) 616

...when you need to google the hex representation of 'red'. *much* better to understand the encoding, and it certainly isn't hard or requires tricky math. it's literally RRGGBB

you are completely and utterly missing the point, by a long, long margin, and have made a severe judgement error. the assumption that you have made is to correlate "understanding" with "successful results".

believe it or not, the two are *not* causally linked. for a successful counter-example, you need only look at genetic algorithms and at evolution itself.

did you know that human DNA contains a representation of micro-code, as well as a factory which can execute assembly-level-like "instructions"? i'm not talking about CGAT, i'm talking about a level above that. to ask how on earth did such a thing "evolve" is entirely missing the point. it did, it has, it works, and who cares? it's clearly working, otherwise we would not be here - on this site - to be able to say "what a complete load of tosh i am writing"!

what this person has done is to use their creative intelligence as well as something called "inference". they've *inferred* that if enough google queries of "what is hex HTML for red" come up with a particular number and it's always the same number in each result, then surprise-surprise it's pretty much 100% likely that that's the correct answer.

*later on* they might go "hmmm, that's interesting, when i search for "red" it comes up with FFnnnn, when i search for "green" it comes up with nnFFnn" and then they might actually gain the understanding that you INCORRECTLY believe is NECESSARY to achieve successful results.

but please for goodness sake don't make the mistake of assuming that understanding is *required* to achieve successful results: it most certainly is not.

Comment Re:Programming (Score -1, Troll) 616

Programming -- I don't think that word means what she think it means.

actually... i believe it's you who doesn't understand what programming is. programming is about "achieving results". the results - by virtue of their success - have absolutely NOTHING to do with the method by which those results are achieved. this is provable by either (a) unit tests or (b) a system test.

so if this person has found an unorthodox and successful way to do programming (which, by the way, is *exactly* how i do pretty much all of the programming i've ever done, including in programming languages that i've never learned before), then *so what*??

just because *you* memorise all the APIs, go through all the books, go through all the tutorials, go through all the reference material and then re-create pretty much everything that's ever been invented from scratch because otherwise you would not feel "confident" that it would "work", does NOT mean that there isn't an easier way.

there are actually two different types of intelligence:

(a) applied (logical) intelligence. this is usually linear and single-step.
(b) random (chaotic) intelligence. this is usually trial-and-error and is often parallelisable (evolution, bees, ants and other creatures)

an extreme variant of (b) is actually *programmable*. it's called "genetic algorithms".

personally i find that method (a) is incredibly laborious and slow, whereas method (b) is, if you write good enough unit tests and spend a significant amount of time reducing the "testing" loop, you get results very very quickly. genetics - darwin selection - is a very very good example. we don't "understand" each iteration, but we can clearly and obviously see that the "results" are quite blindingly-obviously successful.

by applying the technique that the original article mentions, i've managed to teach myself actionscript in about 48 hours, and java was about the same amount of time. i knew *nothing* about the APIs nor the full details of *either* language... yet i was able to successfully write the necessary code for a project that was based on red5 server and a real-time flash application. it was up and running within a couple of weeks.

in short: to call the method described in the article as "nothing to do with programming whatsoever" is complete rubbish. it's a proven technique that gets results, and, you know what? the most critical insight of the article is that it's *not* people who are "good at maths" who are good at achieving results with this technique: it's people who are creative and who understand language.

Comment newshell.exe (Score 3, Interesting) 354

actually... newshell.exe as it was known was written by the NT team, when Windows NT 3.1 was new and NT 3.51 was in beta. the windows 95 team - who were universally absolutely hated by the NT team - legitimately "stole" newshell.exe from the [internally and legitimately accessible] source repository of the NT team at the time, and release it as the default shell of windows 95 *before* the NT team were able to release it. it wasn't until NT 4 beta that the NT team was able to catch up.

unnnfortunately, the NT team were being pressurised to do some pretty stupid things, because windows 95, being a PROGRAM-RUNNER *NOT* repeat *NOT* repeat *NOT* an "Operating System" (windows 95 didn't even have proper virtual memory management for god's sake: programs were either fully-swapped-out or fully-resident: absolutely nothing in between) - windows 95 was unfortunately *faster* than the flagship operating system (NT).

so they were forced to remove the user-space GDI implementation and associated API (which buggered up citrix and other screen virtualisation technology completely: it had to be re-added back in many years later and was called "RDP"... it was actually another company's screen virtualisation technology... bought and re-badged... but we're talking windows 2000 by then...). removal of the GDI implementation meant two things: firstly, lots more speed, and secondly, if you moved a window off-screen it caused a BSOD in NT 4.0 betas because of course there was no range-checking any more and this was all kernel-space!

many people loved the fact that NT 3.51's user-space screen driver could actually crash, leaving you with no screen... but the mouse, keyboard and the rest of the OS was working perfectly. many sysadmins didn't bother with a reboot when that happened because they could just use keyboard short-cuts, remote logins, or just pure mouse-guesswork!

the NT team did at one point also try to move printer drivers (including 3rd party ones) into kernelspace (to again avoid a userspace-kernelspace context switch... or 100). for obvious reasons that initiative didn't last long....

yeahhhh we don't hear about the history of pain that windows 95 caused within microsoft. and now, many of the people who knew what was going on have retired as millionaires on the stock options from so far back...

Never say you know a man until you have divided an inheritance with him.