Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment: Re:Cautionary Tale? (Score 1) 182

Keep saying that until, a few millennia from now, pretty much every newborn needs immediate medical attention to fix all sorts of life-threatening problems, breast feeding humans can only be found in history books, everyone needs eye surgery to be able to see normally, we can no longer smell anything, babies can only be conceived using IVF because natural fertility is about zero, and so on, and so on. Hey, we can fix all of that with medical procedures, so they are not serious defects anymore, are they?

Eagles have excellent eyesight because their life depends on being able to spot a mouse from high up in the sky. Moles have nearly zero eyesight because they rarely come out of the dark. Yet moles probably evolved from some other animal that did have good eyes. Evolution is a constant balance between natural selection and random degeneration from mutations. It's not black and white, things just evolve to the point where the two "pressures" match. If some quality no longer makes a difference for your ability to reproduce, random mutations over the course of millennia will slowly erode it away. And this random degeneration happens much more quickly than positive evolution, because it's much easier for a random mutation to mess something up rather than improving it.

Of course this does not mean we should re-introduce natural selection by letting people die or prevent them from reproducing, as certain societies have done in the past. But genetic techniques offer a humane way of achieving the same goal. It's already starting to be used to weed out obvious and serious genetic defects, by selecting embryos not carrying the defect, and we'll slowly get better at it so we'll be able to at least stabilize, and possibly improve our genome. If done responsibly, this needn't result in dystopian future societies with rich superhumans and poor degenerates. Just randomly weeding out some bad genes and introducing a sprinkle of good ones is enough to keep things going in the right direction, they will spread out naturally to the benefit of all mankind, while keeping enough diversity.

Comment: Re: War (Score 1) 154

by michelcolman (#49535215) Attached to: Hubble Spots Star Explosion Astronomers Can't Explain

Or, due to a strange quirk in the space-time continuum, we are actually looking at a future version of our own planet exploding. Don't worry about paradoxes ripping the universe apart, though. The fact that we can see it, means that there's no way to avoid it so there won't be a contradiction. Moving right along.

Comment: Re:Cautionary Tale? (Score 1) 182

and the fact is there's an inverse correlation between IQ and number of children.

Well, that's exactly the opposite of what I remember from that study I mentioned, but then again, you can probably find studies either way depending on what the researchers were trying to prove. I can't find the link for mine, but would be interested to read more. (Actual articles and papers, not just opinions).

Comment: Re:Cautionary Tale? (Score 2) 182

Stupid people tend to have a lot more kids than smart people.

Fortunately that doesn't appear to be true. Sure, quite a few geniuses with a 150 IQ have trouble finding a mate, but there are just as many people (by definition) with an IQ of only 50. How likely are they to find someone and have kids?

Closer to the average, higher intelligence definitely makes people more attractive, not less. Girls don't want to marry someone who's dumb if they can get a smarter partner. I remember reading a study demonstrating a positive correlation between IQ and procreation, but it was a few years ago and I can't find the link. Anyway, it seems to make sense, notwithstanding trailer trash with dozens of kids and business women running out of time to start a family. Apparently we're still doing OK on average.

There are plenty of other areas, especially health-related, where our genome is slowly degenerating for lack of selection since we can fix so many defects with medical procedures (or simply don't need high quality senses anymore to survive), but fortunately the evolution of intelligence appears to still be going in the right direction.

For all those other qualities that are degenerating, we'll need some kind of genetic manipulation or selection at some point, but we'll be OK for quite a while before it really becomes a problem, and by then we will have gotten over our ethical objections (apparently the Chinese are well on the way).

Comment: Re:all they have to do is lure them to a webpage (Score 2) 132

by michelcolman (#49534731) Attached to: New Javascript Attack Lets Websites Spy On the CPU's Cache

They did not demonstrate CPU cache snooping. The only thing the app can see, is whether or not certain cache lines have been used (and therefore, some of a whole lot of different possible memory locations may have been accessed). So, for example, if you can figure out that certain cache lines are used every time the user presses a key, you can watch those cache lines to have a rough idea of whether the user is typing or not. You don't know what's in those cache lines, just that they have been used. But since a cache line corresponds to a multitude of possible address ranges, you're not even sure which memory addresses were accessed. It could very well be some totally unrelated process doing totally unrelated things that happen to use the same cache line. But statistically, you get a better than average guess about what kind of activity is occurring on the other end.

The part you need two apps for, is where they demonstrated sending actual data from one VM to another. The app on one side (a keylogger, perhaps) accesses specific memory locations corresponding to specific cache lines. The app on the other side watches those cache lines by reading from them and timing how long it takes. If the location is read instantly, the process on the other side has not accessed that cache line, so that's a zero. If it takes slightly longer, the other side may have accessed it (or some totally unrelated process has), so that's a "probably one". Throw in some error correction, and you can slowly send data from one VM to the other.

There. Still scared?

Comment: Re:all they have to do is lure them to a webpage (Score 3, Informative) 132

by michelcolman (#49531641) Attached to: New Javascript Attack Lets Websites Spy On the CPU's Cache

Those attacks are about as similar as the matchbox car and the high speed train in my example above.

The kind of attacks that could extract bitcoin keys were monitoring certain system parameters like energy consumption with a very high resolution.

This attack can just say whether certain groups of memory locations that correspond to certain cache lines (which is a many-to-one relationship) have been accessed during a certain (rather long) time frame. We're talking a few hundred Hz resolution here. Good luck finding that bitcoin key. Or even a simple web address. OK, maybe visiting certain specific websites would show a specific memory usage pattern that might be recognized. So you'll know that the victim might have visited FaceBook. That's about the best you can do, and even that is pushing it. You're not going to find much more detailed data than that, the method is just too coarse.

Comment: Re:I call bullshit on anything from Forbes (Score 1) 132

by michelcolman (#49531319) Attached to: New Javascript Attack Lets Websites Spy On the CPU's Cache

They can't even do that. All they can see is whether or not certain areas of memory have been accessed. They write something to a specific location to use a line in the cache and thereby invalidate it for other apps. Then, some small amount of time later, they read from that same location and time how long it takes for the data to arrive. If it takes longer, that means the cache line has been invalidated and therefore some other process must have accessed the memory that uses the same cache line. That gives them a very rough idea about which parts of memory could have been accessed. Very rough, since the same cache line corresponds to many different memory locations.

Comment: Re:all they have to do is lure them to a webpage (Score 3, Insightful) 132

by michelcolman (#49531265) Attached to: New Javascript Attack Lets Websites Spy On the CPU's Cache

Wow, it actually knows whether or not you moved the mouse, that's mega-hyper-dangerous! And the fact that you sent or received some unknown data over the network! Think of the possibilities!

I know side channel attacks have been used to extract AES keys, but that's like saying you can use a miniature matchbox car to transport hundreds of people at 300 km/h because things with wheels have been demonstrated to be capable of doing that.

The resolution of the detection system is cache lines, which are pretty big, and even though they are using system timers with nanosecond precision, actual sampling rate was a few hundred Hz. Good luck finding an AES key that way.

The covert channel is the only example that might be useful in very extraordinary circumstances: if the required apps are running on two VMs on the same machine, they can send data from one VM to the other. But on the other hand, aren't there plenty of other ways to do that? If you've already lured them onto an infection website, chances are the VMs are... connected to the internet and able to communicate that way.

So, unless I missed something, I don't think this is worth losing a lot of sleep over. Feel free to enlighten me if I'm wrong.

Comment: Re:Instead... (Score 1, Insightful) 355

Yes, the sites they should be punishing is those that automatically give you a simplified mobile version of their site without any way of getting the desktop version if you want it. For many websites, I much prefer to get the desktop version and zoom in to the stuff that interests me rather than getting some slimmed down page with missing information and no zooming. Yet they keep trying to "help" me by automatically switching to the latter version whenever they can.

Comment: Re: Larger landing area (Score 5, Interesting) 342

Certainly looked that way to me. On the last oscillation before touchdown, with the tail end moving towards the left, the thrusters keep pointing the same way as the rocket goes through vertical and only change direction a little bit afterwards. This increased the amplitude of the oscillation rather than decreasing it. The thrusters should have changed direction before passing through vertical, not afterwards. I can't imagine them getting this wrong in software, it's basic dynamic stability 101, so a sticky valve seems likely.

The rocket ended up landing almost perfectly vertical, but still rotating so the base was traveling sideways over the landing pad. No way they could stay upright like that.

Comment: Re:Not 'close' (Score 1) 342

Actually, I think #3 was there, but #4, zero rotation speed (the derivative of #3) was not. It touched down pretty much vertically, but still rotating. Just before touchdown, the rocket seemed to become dynamically unstable because the rocket exhausts moved with a bit of lag. They keep firing in the same direction while the rocket passes throug vertical and in the other direction, and only then start correcting in the other direction. They should actually have changed direction before the rocket was vertical so the rocket would not just return to vertical, but stop rotating as it reaches vertical.

Comment: Re:Perfect security (Score 1) 460

by michelcolman (#49425039) Attached to: Planes Without Pilots

It is easy to quantify. And the quantification is "4/5ths of commercial airplane accidents are caused by humans doing the wrong thing".

Yes, like he said, it's tragically easy to quantify the latter. But what about the former, how many accidents are prevented by having a pilot on board? That's not such an easily available statistic but trust me, it's a lot higher. I've prevented my fair share of accidents (just doing my job like any other pilot, it's what we're trained to do) but haven't caused a single one.

An egghead is one who stands firmly on both feet, in mid-air, on both sides of an issue. -- Homer Ferguson