Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment nokia 3310 (Score 0) 227 227

nope. don't own a smartphone, don't want one. i design computers (libre hardware, FSF-Endorseable) and i've had it up to here with technology and with software, i spend most of my day sitting down in front of a computer, why the f**** would i want to be taking a break walking around... with a device that not only creates up to 2 watts of microwave-grade energy in close proximity to my body but also guarantees that the concept of "break" is entirely destroyed.

i carry a nokia 3310 - reluctantly. it makes phone calls. it does SMS. the battery lasts 10 days even though it's really old. no, the only reason i would carry a smartphone is because i designed it and made it myself, including vetting all the software and choosing what i wanted. the phone would have a *true* aircraft mode where the power would be absolutely cut from the GSM/3G radio.

Comment small cluster: performance/price metric (Score 5, Interesting) 149 149

i did this before, on a very small scale, for GBP 1,000 about 10 years ago. sales teams kept offering me 2ghz dual-core machines at GBP 300 each and i had to tell them this:

"look, i have a budget of 1,000 GBP. you're offering me a 2ghz system for 300. so i can only buy 3 machines, right? so that's a total of 6 ghz of computing power. on the other hand, if i buy this GBP 125 machine which has only a 1ghz processor, i can get 8 of those, which gives a total of 8 ghz of computing power. so _why_ would i want FASTER?"

so i bought qty 8 of motherboard, CPU, 128mb RAM, low-cost case containing a PSU already, and accidentally included a 3com network card because i didn't realise that the built-in ethernet on the motherboard could do PXE boot..... but still, all-in that was 125 GBP and each one took 15 minutes to assemble so it was no big deal. got myself 8ghz of raw computing power, which was the best that i could get for the money that i had.

and that's the question that you have to ask yourself. what's the highest performance / price metric that can be achieved?

the highly specific problem that i was endeavouring to parallelise was a very small memory footprint non-I/O-bound task: running the NIST.gov Statistical Test Suite. i booted all 8 machines off of my laptop, over PXE boot with an NFS read-only root filesystem. had to wait 30 seconds between each because my 800mhz P3 laptop with 256mb of RAM reaaallly couldn't cope with 8 machines hammering it... not over a 100mbit/sec link, anyway.

once started, i wrote a script that ssh'd into each and left them running the STS for a day at a time. very little actual data was generated: a report.

but the issue that you're solving may involve huge amounts of disk I/O, it may involve huge amounts of inter-connectivity (inter-dependence between the parallel tasks). you may even have to use a GPU (OpenCL) if it's that computationally expensive... ... and that's where anyone's advice really ends, because unless you know exactly what it is you need to do - in real, concrete terms of I/O per second, GFLOPs/sec, GMACs/sec, inter-communication/sec, you really can't and shouldn't even remotely consider spending any money.

so please consider writing a spreadsheet, based on the performance/price metric, extending it to the domain(s) that you're interested in optimising. then the answer about what to buy should be fairly self-evident.

oh and don't forget to include the power budget (and cooling) because i think it will shock the hell out of you. remember you need to include the maximum specs, not the "average" or "scenario design power".

Comment Re:Slight correction (Score 3, Interesting) 140 140

It should say, "Around the world, dictatorships and democracies with governments wanting to become dictatorships are attempting to restrict access to strong encryption that governments cannot decrypt or bypass on demand."

about six or seven years ago i used to go a lot further than that, but at the time people disregarded what i said as being completely outrageous. times change.... let me reiterate it by way of parallel example.

this sentence "Firms providing strong encryption to protect their users — such as Google and Apple — are now being accused by government spokesmen of "aiding" terrorism"

should read "Firms providing strong encryption to protect their users — such as Google and Apple — are now being accused by terrorist spokesmen...."

i believe it was joseph goebbels, hitler's right-hand man, who said that the way for a government to get what it wanted was to terrorise people by making them think that they were no longer safe in their own homes. that if they didn't cecede power to the goverment then someone who was beyond the ability of the government to control would possibly kill them in their own beds, or on their way to work, or would kill their children on the way to school.

this strategy is one that governments today are fully aware of (they saw how effective it was for stalin and hitler and mussolini after all), and they are quite happy to copy it. unfortunately, when people fully trust their governments and cecede all power to them, historically we've seen how quickly things can flip to become very very dangerous. the problem is that i don't see how, when power is ever so slowly eroded in small incremental steps, it is possible to reverse that situation for people's benefit, without a very large event occurring (such as a bloody riot or a civil war). maybe it's possible now, peacefully, with the internet the way it is, and with organisations like avaaz, al jazeera, 38degrees and more: i don't really know. should we have faith in people and the way the internet works, now?

Comment baaaannned.... (Score 1) 22 22

well dang, this is gonna get google banned in a few more countries that have human rights abuse issues and corrupt governments... with the possible exception of america, where google would fight tooth and nail to stop that happening. instead i suspect they'll work quite hard to twist what the definition of "verified editorial" is - most likely by deploying operatives within the team. this is gonna be fuun!


Privacy Advocates Leave In Protest Over U.S. Facial Recognition Code of Conduct 161 161

Taco Cowboy writes: Nine privacy advocates involved in the Commerce Department process for developing a voluntary code of conduct for the use of facial recognition technology withdrew in protest over technology industry lobbyists' overwhelming influence on the process. "At a base minimum, people should be able to walk down a public street without fear that companies they've never heard of are tracking their every movement — and identifying them by name — using facial recognition technology," the privacy advocates wrote in a joint statement. "Unfortunately, we have been unable to obtain agreement even with that basic, specific premise." The Commerce Department, through its National Telecommunications and Information Administration, brought together "representatives from technology companies, trade groups, consumer groups, academic institutions and other organizations" early last year "to kick off an effort to craft privacy safeguards for the commercial use of facial recognition technology."

The goal was "to develop a voluntary, enforceable code of conduct that specifies how the Consumer Privacy Bill of Rights applies to facial recognition technology in the commercial context." But after a dozen meetings, the most recent of which was last week, all nine privacy advocates who have participated in the entire process concluded that they were thoroughly outgunned. "This should be a wake-up call to Americans: Industry lobbyists are choking off Washington's ability to protect consumer privacy," Alvaro Bedoya, executive director of the Center on Privacy & Technology at Georgetown Law, said in a statement. "People simply do not expect companies they've never heard of to secretly track them using this powerful technology. Despite all of this, industry associations have pushed for a world where companies can use facial recognition on you whenever they want — no matter what you say. This position is well outside the mainstream."

Comment moderator censorship war! (Score 1) 401 401

fuck me as if we don't have enough to contend with here on slashdot with moderators (users) getting into a bun-fight over what comments are appropriate and which aren't, under this ruling the slashdot web site owners would have to review all the comments *and* the moderations *and* all the meta-moderations *anyway*! let the moderation wars begin... starting with this comment, yaay!


Microsoft Lets EU Governments Inspect Source Code For Security Issues 143 143

itwbennett writes: Microsoft has agreed to let European governments review the source code of its products to ensure that they don't contain security backdoors, at a transparency center in Brussels. The second of its kind, the new center follows on the heels of the first, built last June in Redmond, Washington. Part of Microsoft's Government Security Program, the company hopes the centers will create trust with governments that want to use Microsoft products. "Today's opening in Brussels will give governments in Europe, the Middle East and Africa a convenient location to experience our commitment to transparency and delivering products and services that are secure by principle and by design," said Matt Thomlinson, Vice President of Microsoft Security.

Comment Re:how can we trust facebook? (Score 1) 138 138

Facebook is not doing encrypted messaging between users. Did you RTFA at all?

i did indeed... but it obviously wasn't clear enough. i believe that would come from the subject line saying "facebook is sending encrypted emails", rather than the subject saying "facebook allowing you to receive GPG-signed administrative notifications by email".

Comment how can we trust facebook? (Score 1) 138 138

errr, so i want to send a communication, ok? it's supposed to be private, right? but it's a web service: facebook could, at any time (even under secret fascist subpoena) change or be forced to change (without informing us) the user interface so that the encrypted message is no longer encrypted, but is in fact entirely in cleartext.

you might think, "ok, well, surely we could then just have a messenger service or app which does the job, and we could trust that, right?" and the answer is "well no, absolutely not you can't... not unless the entire source code is available, and a chain of trust is established that guarantees a verifiable and traceable compile and distribution chain".

which, basically, means you need a software libre distribution (such as debian) because those have full source available, and GPG-signing right the way from the developers (whose identities are verified via key-signing parties that involve showing proof of ID on each signing), all the way through to distribution where a "Release" file containing the MD5 checksums of every package is, once again, GPG-signed by provably verified individuals.

the bottom line is that just because facebook *says* it's secure doesn't actually make it so, and announcing "yeah we provide a secure encrypted email service" is actually a dangerous DISSERVICE. you can't *EVER* guarantee that the servers have been compromised, and web browser *implicitly* trust what the servers give them to run.

the best thing that facebook could do is provide a programming API via which encrypted emails *may* be sent, and then sponsor software libre teams such as mutt, and everyone else, to provide 3rd party (entirely software libre) applications that deliver *and receive* encrypted mail. the only hurdle to get over there would be whether the software libre teams would view working with facebook to be endorsement of SaaSS (service as a software substitute - http://www.gnu.org/philosophy/...) which i can guarantee in advance that any GNU project will *not* do.

Comment Re:Not the same, but I guess the best we can do (Score 1) 73 73

I'm afraid that willfull, destructive ignorance and barbarism isn't a problem that technology can solve. A digital copy, however perfect, remains a copy, and by nature, can't be used as proof that there ever *was* an original, which is the entire purpose of ISIS's destruction of these relics.

i disagree, outright. their aim is to destroy availability and access to anything that could cause people to have "thoughts" outside of the proscribed and permitted range as dictated by them. in that regard, it *doesn't matter* that the copies are imperfect replicas of the original.

in fact, now that i think about it: a second objection to what you say is that if anyone else notices a discrepancy, they may take a copy of the files and improve on it. so in that regard, the fact that these insane people have endeavoured to destroy the originals actually results in *more* people with access to - and thus thinking about - the origins of the artefacts that were destroyed.

either way, these insane people have *helped* spread the messages that they attempted to suppress. so i think i will mark this story as "stressandeffect".


Orange County Public Schools To Monitor Students On Social Media 166 166

The Orlando Sentinel reports that Orange County, Florida, is undertaking a sweeping effort to snoop on the social media communications of the county's public school students and staff, for the nebulous task of "[ensuring] safe school operations," and say they will use the software (at a license cost of about $13,000 per year) "to conduct routine monitoring for purposes of prevention or early intervention of potential issues where students or staff could be at risk to themselves or to others." The software they're using is from Snaptrends, which offers "location-based social media discovery." According to one of the comments attached to the linked story, there are monthly fees, in addition to the annual licensing cost.

The F-15 Eagle: If it's up, we'll shoot it down. If it's down, we'll blow it up. -- A McDonnel-Douglas ad from a few years ago