Forgot your password?
typodupeerror

Comment: Re:What future? (Score 1) 92

by mlts (#48199547) Attached to: The Future of Stamps

I have some bills which will get "lost" if they are not sent at least certified mail. Sent electronically, it isn't anywhere near as concrete proof [1] as a piece of physical mail sent with a signature trail.

Paper complaints, especially legal work are hard to ignore. E-mail, even calls, there is no paper trail and can be hidden. However, a certified message either gets received or it gets refused. Either way, someone had to interact with the document in a provable way. Even now, our society isn't paperless and when it comes to legalities, there is no beating physical paper documents.

As for banking software on my phone, I'd say that iOS and Android have a better record for security with a few caveats [2], than a desktop machine. However, my biggest concern with too much stuff on a phone is if it gets stolen. Of course, the ideal would be having the banking software use KeyChain or Google's equivalent and ask for a PIN before it is run, so all sensitive data is encrypted, not just by the phone's encryption, but by a specific API.

[1]: Proof to judges and juries who are still in the pen and paper age, and those are the people who need to be persuaded if worse comes to worst. You can talk crypto all day long to a jury, and their eyes will glaze over. Show them a piece of paper with a physical John Hancock on it, they will make a decision.

[2]: Depending on how well the jailbreak is crafted, it can destroy's iOS's security, where an app can go hog wild and do what it wants to.

Android is more secure in this regard, but apps ask for a lot of permissions . However, a rooted Android device is just as secure (barring a dumb user) than a non rooted one. Attacks like a compromised Web browser will have far less effect than they do on a PC.

Comment: Re:What? (Score 5, Insightful) 512

by mlts (#48189177) Attached to: Debian's Systemd Adoption Inspires Threat of Fork

On a desktop, systemd and firewalld make sense, because one might have an Ethernet connection that is in a trusted zone, a Wi-Fi adapter that is on a public (untrusted) zone, and so on. Plus, the parallel startup of systemd makes booting a lot faster.

For a server, one wants reliability and security above all. One reason why IBM still obtains boku bucks is because AIX 7.1 still runs applications written for 3.2.5. It might require some compatibility programs to be installed, but if one wanted to run FrameMaker or WordPerfect under Motif, they still can, assuming a graphics card present.

Server-side, it doesn't matter if things start in series. Things need to work properly and be coded for maximum security and reliability.

systemd is the iTunes of the Linux world. It does so much in userland, that a bug in that can mean disaster, or a series of disasters similar to the tons of sendmail holes found in the early to mid 1990s. While it does improve some things, having a large, monolithic package handle so much of userland can mean big trouble [1].

My personal take: systemd is a leap forward. But, for something this crucial to infrastructure, with so many moving parts and so many different interactions between them, this really needs to run through a bug stomping session. Maybe Facebook would torture-test it like they are doing btrfs so that virtually all the major bugs get squashed sooner, rather than later. Even better might be a formal code audit on it (a la TrueCrypt) to find and squash anything that could cause the next Shellshock or RTM worm in coming years.

The one thing that has kept the epic fails out of UNIX is the fact that the OS is made out of a lot of little subsystems. Replace bash with busybox, not that many programs would notice. Replace /bin/yes with busybox's yes... who cares. However, systemd breaks this philosophy. If something breaks, I can't just rename the binary, link in the busybox equivalent, and call it done. I'm dead in the water until a patch comes out, and since this is a subsystem that completely controls the userland environment, this is worrisome when it comes to production critical items.

[1]: Ironic how this is similar to what Tanenbaum said about the Linux kernel.

Comment: Re:Storage is not same as GUI Design (Score 2) 368

by mlts (#48181129) Attached to: Apple Doesn't Design For Yesterday

For me, it isn't the Ethernet port, but the Kensington lock slot. It would be nice to be able to tie down a laptop when not in use, so it doesn't have to be in a rental car in a seedy area of town. Bonus points for a mechanism that deters opening if the lock slot is in use, similar to what the old IBM Thinkpads had.

Comment: Re:It's the OS, Stupid (Score 1) 249

by mlts (#48178577) Attached to: Apple's Next Hit Could Be a Microsoft Surface Pro Clone

Nail. Head. Hit. I don't want yet another Windows Tablet PC. I want a tablet, but with a docking connector where I can put the tablet in a stand (preferably a stand that has some type of locking mechanism so I can physically lock the tablet down [1].) Of course, a lightweight dock/port replicator would be nice as well, so one could use the laptop as a monitor and a BT keyboard/mouse, and the replicator would give access to USB ports and whatnot.

[1]: It is too bulky, but I'd say the PowerBook Duo dock was one of the absolute best designed docks out there. The laptop was closed and was inserted like a large VCR tape, and locking it was trivial (since it used an active motor to dock/undock.) Maybe something similar for a tablet.

Comment: Re:It's the OS, Stupid (Score 1) 249

by mlts (#48178543) Attached to: Apple's Next Hit Could Be a Microsoft Surface Pro Clone

When I saw the iPad, I was assuming it would be the top tier tool for music production, with the ability to handle a lot of virtual sliders. However, in a lot of cases, it only can act as an interface. Can it run ProTools with all the extensions, as well as physically handle the license dongle that some stuff has? Not really. iOS keeps the apps so far away from the device's facilities that a musical application as high end as ProTools or Logic Pro would not be usable.

For music production, a hybrid tablet would be great, especially with Thunderbolt as a way to attach hardware cards. I can see a mini studio that would configured around a device like this, where the device resides in a horizontal cradle and can function as a real time mixer, synth, DAW, and other realtime tasks.

Comment: Re: It's the OS, Stupid (Score 1) 249

by mlts (#48178427) Attached to: Apple's Next Hit Could Be a Microsoft Surface Pro Clone

Technically, it sits on a Mach/XNU kernel, with a BSD userland.

If you want a kernel that has an unbroken heritage, the only mainstream OS out there that would have that would be Solaris, which was formerly a BSD kernel, but switched to a AT&T SVR4 kernel. AIX also started out from AT&T code, but went with an odd mix of BSD and AT&T userland items.

All and all, kernel heritage is one thing, but consider the application first. Would someone use QNX for a large-scale database cluster? Not really. Would one use AIX for a realtime microcontroller that has to check a sail switch every 500 ms, and then turn a valve off to a propane line if the sail switch shows not enough air? Not really. There are a lot of UNIX variants (and there were far more in the past... even Dell had their own SVR4 UNIX), so choose the best tool for the job.

Comment: Re:how do SSD's compare to HD's? (Score 2) 106

by mlts (#48178359) Attached to: iFixit Tears Apart Apple's Shiny New Retina iMac

AFAIK, the jury is out on that fact. SSDs -tend- to be more predictive due to how they wear out. However, I've not seen any definite comparisons that state that a SSD will have a life longer than a HDD.

There is one limiting factor with SSDs: Once the electrons escape the gates, that's it. No recovery is possible unlike HDDs which the magnetic domains can be present indefinitely. So, as an archiving medium where data is stashed, it isn't very good, unless the media is constantly checked and the data moved periodically.

The a good thing to do with an iMac would be a decent SSD... as well as an external drive appliance with RAID 1, or a volume with software RAID that is similar.

Comment: Re:"repeatable independently verifiable reproducti (Score 1) 345

by mlts (#48174139) Attached to: The Physics of Why Cold Fusion Isn't Real

How will it be leaked, is the question. Usable energy is money, pure and simple, and a disruption will get people with trillions of dollars at their disposal to hide the info, especially anyone in any energy industry. Someone who doesn't get it out far and wide will be 86-ed quickly, similar to the guy back in the Roman times who discovered aluminum, and was promptly killed for it, making a metal too good for mankind to have.

I'd probably say, it would be impossible, once the device gets past the first person. Someone comes up with a working free energy [1] source, as soon as they show it to someone, the inventor is pretty much dead.

[1]: Realistically working... like in the kilowatt to megawatt range. Some gewgaw powering a millivolt LED for a few seconds doesn't count.

Comment: Re:"repeatable independently verifiable reproducti (Score 1) 345

by mlts (#48174125) Attached to: The Physics of Why Cold Fusion Isn't Real

A patent will just be violated, and completely ignored. Keeping it secret is the way to go, similar to Heinlein's Shipstones. Place a tamper-resistant box at the client's location, set a meter to charge by the watt-hour, and be done with it. Someone tries breaking into the box, it completely obliterates anything inside showing how it works, or just does a big kaboom, Outer Limits, "Final Exam" style.

On a large scale, build it right on top of a natural gas well. Even though the well is completely empty, nobody will know that and power is power. Done right, one can just use an electric resistance heater to blow hot air out a smokestack so it looks like some combustion is happening. Another option is to use a decommissioned nuclear reactor, pump out some heat to make it look like something is going on, and nobody would even know or care that the electricity came from atoms squeezed together as opposed to blown apart.

Comment: Re:Heavier than air flight is impossible (Score 1) 345

by mlts (#48174103) Attached to: The Physics of Why Cold Fusion Isn't Real

I'm reminded of a contraption I've seen used to restore batteries to a usable state via short, high voltage sparks (basically a crude desulfation cycle.) It was called the Bedini SSG... essentially a spinning wheel of whatever size one wants, some magnets around it, and supposedly gave more energy than it took in.

It is just a crude way to try to spark crud off of the plates in a battery, or offering "free" energy? I lean towards the former, but it is an interesting experiment, and apparently does work to get batteries usable again.

Comment: Re:needs internet connection to work (Score 1) 130

by mlts (#48174079) Attached to: Facebook 'Safety Check' Lets Friends Know You're OK After a Major Disaster

Problem is that the Safety Check assumes FB knows where you are. I have that switched off, either via iOS's allow/deny access to the GPS, or on Android since permissions are all or nothing, XPrivacy feeds it a random place each time.

For example, One of three things will happen if I eat a twister while RV-ing:

1: I'm dead.
2: I'm injured (hopefully the SPOT device or phone works.)
3: I'm OK enough to start sending texts and FB posts out with pics of the mess.

If I'm dead, it won't be that long before it is found out. Injured, similar. The benefits of getting asked if I'm OK don't outweigh the fact of being being tracked via location 24/7 and having that info handed to whomever feels like buying it.

Comment: Re:20 million out of 50 million stolen? (Score 2) 59

by mlts (#48174053) Attached to: South Korean ID System To Be Rebuilt From Scratch After Massive Leaks

Going on a limb here, why not replace the national ID system with a bunch of decentralized CAs that sign certificates with a piece of data. For example, a user would have some cryptographic token. This could be a smartphone, a card, a USB keyfob, a SIM card, or something similar.

Then, the state would add a signed entry with the person's name and photo to the key as a certificate. The actual public key is not affected. It just gets a cert attached that can be deleted by the user just like a PGP/gpg cert.

With this in place, the state can add a series of certs if they are true:

User is a citizen.
User is 18+ years of age.
User is 21+ years of age.
etc.

This way, when a cardholder goes to a bar, the bar has a reader that shows a signed picture, perhaps the name of the user, and the signed fact that the user is of legal age. No other information needs to be shared. Not citizenship, not anything... just who the user is, and that they are legal (doesn't matter what their age is as long as it is above the drinking age). No cert, no booze.

Another example is a NGO use. A university signs a certificate that the key's owner has a diploma from them. When getting vetted for a job, this means that the employer knows that the applicant has a degree, but other info isn't given.

Done this way, here is what the criminals can attack:

1: The CA. If it is a distributed service, damage done can be minimized, as opposed to having everything in one basket.

2: The actual card or token. This is a solved problem. SIM card hacking on LTE networks is minimal, satellite piracy is nonexistant, and there isn't any such thing as pirated software on the XBox One. Even things like CAC/PIV cards are very rarely broken.

3: The user (yes, xkcd.com/538 applies.) However, this can be dealt with through means in place.

4: The PKI. Using different algorithms (so a document is signed by multiple keys of RSA, ECC, and something quantum-factoring resistant, and hashed with multiple algorithms) will bring some robustness.

So, there can be a national ID system, but if it is based on a PGP-like web of trust that is decentralized, it can be quite secure, but yet extremely protecting of privacy.

"When it comes to humility, I'm the greatest." -- Bullwinkle Moose

Working...