Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:heart rate on those things are bollocks (Score 3, Interesting) 134

by locofungus (#49179457) Attached to: Treadmill Performance Predicts Mortality

I presume you mean 183.

The paper is paywalled but assuming they are using 220-age as MHR:

183 is 105% of MHR at 45.
Running on a treadmill has MET of 7-8 (Wikipedia)

105+8*12-4*45=21. i.e. your score is positive which puts you in the 3% chance of dying in the next decade group.

Comment: Re:Do it like Linux (Score 1) 516

by locofungus (#49136195) Attached to: Users Decry New Icon Look In Windows 10

I don't use windows much at all. However, any of those beyond the win95 I couldn't use at all because they're out of focus. (Perhaps this can be turned off?)

The win7 one in particular is so painful for me to look at that even in a few seconds my eyes start feeling uncomfortable and I can feel the strain of trying to correct the focus.

Comment: Re:Greek Myths (Score 1) 253

Ironically, Greece had a balanced budget in 2014. Germany did not. Yes, this is true if you compare apples to oranges.

Greece had a small budget surplus if you exclude debt repayments and one off payments such as bank bailouts. Overall it's budget deficit was around 13% (which meant that Greece was no longer in last place with Slovenia something around 15%)

18 European countries kept their deficit within the 3% threshold. Luxembourg posted a small surplus while Germany[1] was balanced.


To Greece's credit, balancing the budget excluding debt repayments and one off items was achieved around a year ahead of the agreed austerity plan.

[1] To reconcile this with your claim I can only assume that Germany was very slightly negative. Small enough that most people call it balanced.

Comment: Re:well (Score 5, Informative) 418

There is no error correction on audio CD.

Yes there is. It uses a dual interleave Reed-Solomon code together with 8-14 modulation and three joining bits.

192 data bits are encoded in 588 bits on the CD.

Those 588 bits comprise:
24 bits sync word plus 3 merge bits. (27 bits)
33 EFM words of data of 14 bits plus 3 merge bits per word (561 bits)

The 33 bytes of data are:
24 bytes of audio (12x16 bit samples)
8 bytes of parity.
1 byte (8 bits) of subcode information.

The merge bits allow the min/max separation of 1s to be maintained between EFM codewords and also allow the data to be DC free

Comment: Re:SIP Replacement? (Score 1) 282

by locofungus (#48912895) Attached to: EFF Unveils Plan For Ending Mass Surveillance

why would providers go from IPv4 to IPv6 when soon there will be a shortage of numbers

They'll drag their feet but, eventually, there will be services that people want to use that are only available via IPv6 and then there will be little choice. (Although they'll try to proxy[1] popular IPv6 sites first)

[1] fake 10.x.x.x dns records that they serve to their customers and then forward the traffic over IPv6

Comment: Re:Jurors (Score 5, Interesting) 303

It's very hard to explain "this shit" to people when there's someone else equally knowledgeable as you determined to explain why your explanation is wrong.

Asymmetric encryption. Do you explain P vs NP, why NP-Complete is almost certainly not in P but the problems that asymmetric encryption are built on aren't known to be either NP-Complete or P.

NP is a decision problem - but encryption isn't a yes/no problem. How can problems that only have yes/no answers be used to encrypt?

Muddy the water some more - PRIMES is in P. Do you really want to have to explain the difference between constructive and existential proofs while someone is interrupting every time you say anything that isn't 100% accurate.

You've only got to look at the climate change "debate" to see this effect in force. Climate scientists are playing a game of whack-a-mole and the general public cannot tell which side to believe. There are always questions and doubts that can be raised - the mark of a good scientist is asking the questions for which the answer is interesting. The mark of a good defense attorney is raising questions for which cast doubt on the reliability of the witness. The role of the judge is to make sure that the questions that the lawyer asks is relevant to the case - and that's where it gets hard when you've got two experts in their field debating something and one (or both) has an agenda.

Comment: Re:It's just wrong (Score 1) 335

When you already have a defined program (and machine in this case) in front of you for review, then you can determine whether or not it will halt

except when you cant

For any computer program with a finite number of states (finite memory) you can determine whether it halts by running it long enough that it must be looping.

For a computer with 16384 states (An 8 state turing machine with an 8 position binary tape. 8 states * 8 positions * 2^8 values that can be on the tape) you can tell if any arbitrary program terminates by running it for 16385 steps. Any program that doesn't terminate in 16385 steps will run forever.

Comment: Re:quick question (Score 1) 212

by locofungus (#48415905) Attached to: Launching 2015: a New Certificate Authority To Encrypt the Entire Web

Web Browsers DID used to accept self-signed certificates (and certificates signed without a known CA - or cert-chain.) People just clicked through and accepted them willy-nilly. That was a poor security model.

The poor security model was browsers asking for confirmation for self signed certificates.

What browsers should have done is:

self signed certificates or unknown CA - how the "unencrypted web" works today.
No encryption at all - popup "are you sure you want to connect"
Signed certificate - tick (check) mark (instead of padlock) to show that the site is verified.

Now that browers are hiding the "http/https" bit from most people anyway it makes even less sense to treat self signed certificates as less safe/require more warning than a normal http connection.

Comment: Re:symbols, caps, numbers (Score 1) 549

by locofungus (#48138859) Attached to: Password Security: Why the Horse Battery Staple Is Not Correct

They ask for e.g. first, third and fifth characters of a password that must be between eight and twelve alphanumeric characters, and the dropdowns to make the selection are lower case only.

This means they're storing the password unhashed, at best locally encrypted but decrypted to check the user login.

While I suspect that this is true, I don't think it has to be true.

Step 1 - user choses password.

Step 2 - generate hash in normal way and store it.

Step 3 - generate error correcting check digits such that the password can be recovered from any three characters in known positions. (any three characters in known positions must be both necessary and sufficient - designing such an ECC is left as an exercise)

Step 4 - store the check digits but throw away the password.

Step 1 - user enters three characters

Step 2 - error correct the password
e.g. __p_pp__+CCCCC -> PPpPppPP

Step 3 - hash the corrected password and test against stored hash.

Obviously this isn't very secure - it's susceptible to a brute force attack that only requires guessing (any) three digits correctly once an attacker has gained access to the hash and the check digits.

Comment: Re:Not going to be as rosy as the YES! campaign sa (Score 1) 494

by locofungus (#47926997) Attached to: Scotland's Independence Vote Could Shake Up Industry

The UK general election will be 7th May 2015. The government that agreed to this vote almost certainly won't be the government that is negotiating.

No party is going to stand on a policy of "We're going to give your taxpayer money to this new independent Scotland because the last government agreed to the vote." They're going to stand on the "we're going to save as much money as possible for you and stop these handouts to Scotland."

Comment: Re:It's getting hotter still! (Score 1) 635

by locofungus (#47910113) Attached to: Extent of Antarctic Sea Ice Reaches Record Levels

This might a good "negative" feedback mechanism that reduces overall infrared absorption

Unfortunately not. it's night in the Antarctic so the Antarctic sea ice has negligible effect on the albedo of the planet, melting out each year (almost) completely.

Arctic sea ice is significant for planetary albedo because millions of square km (still) survive though the peak sunlight summer months.

Comment: Re:You Fail at Quotations (Score 4, Insightful) 635

by locofungus (#47910065) Attached to: Extent of Antarctic Sea Ice Reaches Record Levels

Since 9/15 is also the day of lowest ice cover in the Arctic, how does this year's minimum compare with history?

It's one of the lowest in history but not the lowest. It's very close to tieing with last year.

Sea-ice volume appears (it's harder to measure reliably although it's more significant that area or extent) to be up on last year which in turn was up on the previous year. That might be a good sign for Arctic ice feedbacks or it might not - 2-3 years is far too short a time to separate signal from noise. Volume is still exceptionally low compared to the historical record.

Comment: Re:Question... -- ? (Score 5, Interesting) 215

by locofungus (#47332621) Attached to: Exploiting Wildcards On Linux/Unix

Back in the (iirc) bsd 4.2 days, su was a suid shell script - at least on the machines I was using at the time.

Setup a symlink to su called -i

$ -i
# rm -- -i

There was a security bug handling suid shell scripts where the user was changed and then the #! interpreter was run, i.e. /bin/sh -i

and you got an interactive root shell :-)

Was very informative when the 'script kiddies' (although I don't recall that term existing in those days) had symlinks called -i in their home directory that they didn't know how to delete ;-)

Make it right before you make it faster.