Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:this is one more reason (Score 2) 84

by hawguy (#49156795) Attached to: Under US Pressure, PayPal Stops Working With Mega

Nobody is stopping people in the US from doing business with mega. Send an international money order. People do it all the time. And if you trust them so much, you can always send cash.

It's not so much trust in the business on the other end that keeps me from sending cash through the mail, it's all the people in the middle that are handling the cash-filled mail. The business has a huge incentive to not rip off their customers since a customer that doesn't get what he paid for will soon be an ex-customer.

If postal workers knew that every envelope addressed to Mega had cash in it, they'd be a huge theft target.

Comment: Re:Just a distraction from the real fail... (Score 1) 39

by hawguy (#49156709) Attached to: Uber Discloses Database Breach, Targets GitHub With Subpoena

Because they think it was a crime of opportunity, which sounds like a reasonable supposition -- the hacker stumbled across the key in Github, then either gave (or sold) the key to someone else to do the hack, or did the hack himself. Clearly he wouldn't have downloaded the data using his own IP address, but it's entirely possible that when he found the key on Github, he was using a traceable IP.

There could be hundreds of legitimate accesses of that file. If the hacker was indeed using a hidden IP address to access the database, but his real IP to download the gist, how are Uber going to determine that from all the other legitimate accesses? If the hacker gave away or sold that information, there is going to be no way for Uber to determine a link at all. This just seems like a fishing expedition to hide the real fail.

Or there could be 2 accesses of that file, depending on how long they left it up there. Right now, only Github knows how many people accessed it.

By admitting that one of their developers leaked the key himself on Github, it seems a little late for them to claim that they have no responsibility for the breach.

Ahh... but the thing is that Uber haven't admitted to anything like that. By serving a subpoena against GitHub, it is clear that is what has happened, but nowhere have I seen Uber actually admit this. If Uber were actually to admit this, it would likely open them up to lawsuits from their affected drivers.

They provided the exact Gist URL that had the information, if the drivers want to sue, they can subpoena Github themselves.

Comment: Re:Just a distraction from the real fail... (Score 4, Insightful) 39

by hawguy (#49156645) Attached to: Uber Discloses Database Breach, Targets GitHub With Subpoena

Any hacker with any decent opsec would not be showing their actual IP address. The subpoena request is just smoke and mirrors to hide Uber's own security fail. Even if GitHub were to hand over the data, they would likely find nothing useful. Uber know that GitHub will not hand over that data without a fight. I am willing to bet that Uber are going to start claiming that the hack isn't their fault because GitHub won't hand over the data. If Uber already know the public IP of the hacker, why do they need the info from GitHub to proceed? Meanwhile the actual security fail of Uber making their database access info publicly accessible gets overlooked.

Because they think it was a crime of opportunity, which sounds like a reasonable supposition -- the hacker stumbled across the key in Github, then either gave (or sold) the key to someone else to do the hack, or did the hack himself. Clearly he wouldn't have downloaded the data using his own IP address, but it's entirely possible that when he found the key on Github, he was using a traceable IP.

By admitting that one of their developers leaked the key himself on Github, it seems a little late for them to claim that they have no responsibility for the breach.

Comment: Re:Can someone explain this? (Score 4, Informative) 58

by hey! (#49156569) Attached to: Oracle Sues 5 Oregon Officials For 'Improper Influence'

What they're alleging is that political staffers interfered with the project to help the governor's election chances.

As much as I believe Oracle is the spawn of Satan, if the governor's aides and staffers did that Oracle would have a reasonable complaint. When you sign a system development contract you agree to deliver a system and the client agrees to pay you. If you someone induces your client not to accept a system that meets the criteria, that's what lawyers call a "tort". It's something you can justifiably sue over.

Likewise there are many ways political operatives could potentially sabotage a project, and that'd be actionable too. Any non-trivial development project is dependent upon the client acting in good faith. They have to act as if they want the system. It's extremely easy for a client to cause a project to fail, by raising an endless stream of trivial complaints or by dragging its feet in its responsibilities like acceptance testing or giving feedback. It'd be all to easy for well-placed political operatives to undermine the bureaucracy's willingness to cooperate.

That said, in *this* particular instance the suit sounds like business as usual for Oracle, in other words acting like bastards.

Comment: Re:Where the economic system breaks down (Score 1) 254

by hey! (#49155959) Attached to: 5 White Collar Jobs Robots Already Have Taken

Here's the thing about technology prognostication. Timing is everything. Take predicting tablets being a big market success. People were making tablets back in the early 90s and people were predicting that it would take off. But the timing was wrong. It's clear to anyone who saw 2001 that tablets would someday be a big deal, but it took more knowledge than most people have to understand the prerequisites that could make that vision come true (display technology, battery weight and volume, processor performance and consumption, memory density).

This caution applies to dystopian predictions as well. People have been predicting that automation would destroy the economy for hundreds of years by now. Instead automation has increased productivity and raised wages. So it seems sensible to dismiss future predictions of an automation apocalypse. Except we can't.

Reasoning from historical experience is for most people reasoning by vague analogy. But each moment in history has to be looked at on its own terms, because sometimes things have to be just right for a certain scenario to unfold. The devil is in the details. So the idea that automation is going to produce mass unemployment is not certain either way. We have to look at conditions in *this* moment of history and reason specifically. That's hard to do.

Comment: Re:just FYI (Score 1) 76

by hey! (#49155893) Attached to: Banned Weight-loss Drug Could Combat Liver Disease, Diabetes

Well, like Paracelsus said, the dose makes the poison. Or in this case the release mechanism.

Blood concentrations of drugs usually peak an hour or two after ingestion and then taper off depending on the mechanisms the body uses to either break the drug down or excrete it directly (when you're an old Geek, you begin to pick up a lot of this stuff). So it's entirely plausible that the same amount of drug which would be dangerous in an ordinary pill would be acceptably safe in a timed release formulation, particularly if it is quickly eliminated from the body. The concentration in the patients' tissues would never reach dangerous levels. You can think of it as a lower "instantaneous" dose.

Comment: Re:Corporation != People (Score 1) 361

by hey! (#49155827) Attached to: Verizon Posts Message In Morse Code To Mock FCC's Net Neutrality Ruling

Corporations are a peaceable assembly of board members and/or shareholders.

This is an interesting, but not quite valid argument. The reason is that corporations are *not* an assemblage of individuals. Associations are. The laws and privileges entailed in being a corporation are different. If associations, partnerships and corporations were the same thing, the rules would be the same. But thery're not. Stockholders aren't financially responsible for the debts of a corporation, nor are they legally responsible for the deeds of the corporation.

I hold stock in a number of companies. Were I a *partner* in the corporations I could walk onto any of the company's properties, because it's *my* property. If I own stock in Target I can't just have a shufti around the back room of the store; it's not my store. It belongs to the corporation.

Also as a stockholder in a number of corporations, when those corporations engage in political activity they are not exercising *my* rights. They don't represent me in any way, nor do I have veto power when I disagree with them. When the Sierra Club speaks out on environmental issues, you can presume they speak for me as a member, because they exist for that purpose, and I joined on that basis. When JP Morgan Chase buys a congressman, they are not speaking for me, even though I hold stock. I'd rather they don't. I bought JP Morgan stock many years ago as an investment. Insofar as they participate in politics they're usually working against my interests.

Comment: Re:White balance and contrast in camera. (Score 1) 333

by hey! (#49155729) Attached to: Is That Dress White and Gold Or Blue and Black?

I've sat right next to people who see the dress differently than me. It's *the same image* on *the same monitor* at *the same time*. So it's not a case of the monitor calibration or the camera white balance that creates the discrepancy, although obviously manipulating those things will change our individual perceptions of the dress. What's interesting here is the differences between people presented with an identical image.

Color doesn't exist in the external world. "Purple" isn't a wavelength of light, it's a kind of "additional data" tag which our brains add to parts of an image that allows us to extract more information from it. Consider the famous "Rubik's Cube" optical illusion where the same square looks either orange or brown based on whether contextual cues make us think it is in shadow or not. There's an illustration here.

The only difference between the Rubik's Cube illusion and The Dress That Broke The Internet is that practically *everyone* experiences the paradoxical sensations of the Rubik's Cube Illusion; in the case of the dress the paradox is in how sensations *differ between people*. The dress image is a kind of borderline case where our brains can "tag" the "pixels" of the image in one of two possible ways depending on what it thinks the context is. Different brains are trained by different experiences to expect different contexts. If we saw the dress being worn and in person, chances are with all that context there'd be less disagreement.

Comment: Re:White balance and contrast in camera. (Score 1) 333

by drinkypoo (#49154329) Attached to: Is That Dress White and Gold Or Blue and Black?

(gold is FFD700, defined by HTML standards).

HA HA HA! YOU FELL INTO MY TRAP!

Pardon my caps, but I set a lot of these, and they are rarely stepped in so beautifully. That's my fault, of course. But, here we go.

When you hear the name of a color, you think of some color which you associate with that, or a thing which you think of as being that color which actually has a whole texture, reflectivity, depth, etc. But the truth is that the same name is being used right now by a dozen different paint companies to describe a dozen different colors, which are then described in thousands of different ways by the downstream users of the paint. There are some absolute color standards based on elements, oxides of the same and the like, but even those are frequently "abused". The truth, though, is that outside of a small handful of colors, they are not defined by any unifying principle. Your use of the HTML standards is particularly hilariously perfect, I really hope that you meant to put your foot there! Outside of web design, nobody but nobody gives a crap about that. Before that, we had the X rgb.txt file, which nobody outside of X-land cared about, which begat HTML colors by the way, junior. But meanwhile, over in the land of professional color, there were multiple competing color standards including AGFA and Pantone — and there still are.

It's interesting that part of this debate is also over the color "black" because "black" is what you see when you don't see anything, and if any part of the dress were truly black then the photograph would look like an editing mistake. Even the color black is subjective. That should be intuitively obvious to a web designer (who else would even mention HTML colors?) who has to deal with the real-world effects of differing black and white levels all day. I may be sitting at a monitor with 120% color (Adobe gamma) but I don't expect other people to have them. As far as I know, there is no color correction e.g. for Android which is not manual, and then the color adjustments become utterly perceptual.

I suspect that celebs are adept at perceiving the actual color of the dress because they have appeared in so many washed-out photographs.

Stinginess with privileges is kindness in disguise. -- Guide to VAX/VMS Security, Sep. 1984

Working...