Forgot your password?

+ - Ebola outbreak continues to expand->

Submitted by symbolset
symbolset (646467) writes "In the realm of "stuff that matters", the current outbreak of the world's second deadliest disease continues to expand. 63 new cases are reported in the last week, and suspected cases far afield of the hot zone are reported.

Many reports of a lack of personal protective equipment and medical professionals abandoning their posts are in recent reports. The local populace is developing processes to prevent containment.

Ebola remains the second deadliest infection only because rabies victims have only one survivor reported after onset of symptoms, ever."

Link to Original Source

Comment: Re:Intel has worked with the NSA (Score 2) 91

by niftymitch (#47521105) Attached to: Intel Launches Self-Encrypting SSD

If I actually cared about the Government breaking into my encrypted files I'd be using a One Time Pad. ....snip....

I think this is a place where a big "Woosh" applies.

Someone does not understand the way one-time pads work.
Using a one-time pad is a blunder. To get your files you must also have the pad. For a disk this would be one monster pad.
Since it is a one time pad you use it and toss it (special flushable paper) -- now the data is lost.

One-time pads between two friends are interesting but require a physical exchange of pads.

The Intel trick has one big value in the context of repair, redeployment and intentional abandonment of content.
There may be many at the IRS that wish their devices all had this feature to invoke.

The current case of the IRS is interesting... and points out a need to manage data. Preserve it, wipe it, recover it.
When the dogs of war knock down the front door.. wiping data locally only needs a key wipe not a
full disk wipe that might take hours or weeks (central Utah disk farm). Should management make copies
of the keys recovery of a remotely wiped device may be possible.

This technology has no obvious place on a device like a flight data recorder but does represent a signature
to validate the data is on the device you expect iff logged back someplace safe.

Comment: Re:"Just let me build a bridge!" (Score 1) 367

by niftymitch (#47518193) Attached to: 'Just Let Me Code!'

Engineering any complex system requires a significant amount of planning and management overhead. ........

Engineering vs. building is an interesting distinction.

Most complex products mandate long term maintenance, long term liability and multiple people including management and oversight.

Sadly companies seem to invoke a one size must fit all process.... we have all seen the camel designed by committee of platypuses jokes.

Worse some products like Android are big thunk monolithic update piles when they look and masquerade as small elegant Unix like programming problems to developers of olden days.

Then there are bridges over puddles and other bridges over 1000 foot canyons. In one case
you get wet feet and soggy shoes...

Comment: Baby Brother is watching .... (Score 1) 1

Baby Brother is watching ....

But how does this fix bugs. Managers invoke stress on purpose to meet deadlines.
Terrible lighting in offices make a normal person blink and need to shift they eyes
a lot.

Caffeine the fuel of most high tech companies does less to make you alert than it
does to keep you awake. Recall the comment about alcohol and coffee... "you are
just a wide awake drunk". Wide awake with reduced inhibitions ....... sure check that
code in... I am wide awake and buzzing like an alarm clock.

And as for 84.38% accurate... do you want your automobile software to be 84.38% accurate?

Interesting, sure... value, hardly any in the world as we know it.


The "Rickmote Controller" Can Hijack Any Google Chromecast 131

Posted by samzenpus
from the never-going-to-give-you-up dept.
redletterdave writes Dan Petro, a security analyst for the Bishop Fox IT consulting firm, built a proof of concept device that's able to hack into any Google Chromecasts nearby to project Rick Astley's "Never Gonna Give You Up," or any other video a prankster might choose. The "Rickmote," which is built on top of the $35 Raspberry Pi single board computer, finds a local Chromecast device, boots it off the network, and then takes over the screen with multimedia of one's choosing. But it gets worse for the victims: If the hacker leaves the range of the device, there's no way to regain control of the Chromecast. Unfortunately for Google, this is a rather serious issue with the Chromecast device that's not too easy to fix, as the configuration process is an essential part of the Chromecast experience.

Comment: Re:I hope this surprises no one,.. (Score 1) 68

Restaurant fails to pay the lease.

Landlord slaps a new lock on the door.

Equipment is sold to a restaurant supply reclamation company, of which any city of any size has.

Supply company puts their crap on eBay.

This tells me that the point of sale equipment is flawed to a
degree that risks civil action. As bad as they are modern
routers must be reset if the password is lost and as a minimum

Payment Card Industry (PCI) Data Security Standards need to
address this. Please call your IEEE favorite standard person....

Comment: The primary witness is software... (Score 1) 229

by niftymitch (#47487677) Attached to: Chicago Red Light Cameras Issue Thousands of Bogus Tickets

The primary witness in all this is software.
As such the software needs to be available for cross examination the same as
any other software. Perhaps not open source but clearly open and testable

Further any revision and change must be subject to audit. The obvious issue
is bogus citations because code did not operate as per specifications in the
law. All citations issued while the bogus code was "live" would then need
to be reviewed.

A contract service should not be able to adjust anything not specified in
the law.

With a robot the notion of enforcement priority makes no sense. i.e. allocation
of staff and resources can justify priorities but a machine should simply
operate against a specification and within tolerances that make sense.
Anything else would be a legislative action and not allowed or empowered by law.

Tolerances that make sense would include normal reaction time expectations (not average).
Tolerances need to include sane and honest error parameter stackups.
Tolerances need to be population sensitive.... some are kids some have gray hair.

Consider any regulation that uses the word average is a regulation that
begins with an assumption that 50% would fail. Further average is not
a sufficient statistical metric to do anything with.

Contractors and contracts that share revenue need to be open to audit and
need to have a legal presence and legal liability in the same venue that the citations
are to be issued. Fraud and abuse should incur greater penalty than those cited.
i.e. it is not OK to simply say "my bad, here is your ten bucks back" when abuse and
fraud are involved.

Comment: Re:Wish I could say I was surprised (Score 1) 178

by niftymitch (#47447199) Attached to: Peer Review Ring Broken - 60 Articles Retracted

Wrong. [...] It should be publish or die.

I belive the phrase you're looking for is "publish or perish."

Either gets the point across.

I would like to see some data that outlines the potential
number of authors and the potential number of papers
as limited by page count.

It seems to me that this is a rigged game with rules
drawn from childhood agony playing musical chairs only
to the extreme.

With the modern internet page count is no longer the issue
but it is because that is how the game rules are written.

Qualified reviewers are few and far between as science,
literature, history and all of the academic world have carved
thing up into such fine narrow specialized fields that only
one researcher in the universe has any knowledge of the

Compound that by the rampant insertion of tenured staff names
in the author list of all papers coming out of institutions that
new science is all done by Mr Et Al.

The only process in the US that comes close to this foolishness is the process
in place for US patents where the contents of a whiteboard can be edited never
implemented and turned into a process patent. There is however overlap
where the whiteboard might be a class project or lecture note taken off line
and refactored into something apparently new but stolen outright.

Consider that if you are in a design meeting, and make a suggestion and
are not later credited as an inventor you are the victim of intellectual and
professional theft. Keep a notebook....

Comment: Re:The Good News? (Score 1) 178

by niftymitch (#47447177) Attached to: Peer Review Ring Broken - 60 Articles Retracted

It's just the new strategy ........ It's called the self-peer-review.

Amazingly articles can get released on the same day as submission with this method.

Not unheard of here on /. as well.

Multiple accounts on multiple virtual machines at multiple coffee shops
perhaps gatewayed via VPN thanks to co conspirators to present
a global view.

Watch how quickly someone, not I, mods this up and down...

+ - Rocket Scientist Designs 'Flare' Pot That Cooks Food 40% Faster->

Submitted by Anonymous Coward
An anonymous reader writes "Oxford University engineering professor Dr Thomas Povey just invented a new cooking pot that heats food 40% faster. The pot is made from cast aluminum, and it features fins that direct flames across the bottom and up the sides, capturing energy that would otherwise be wasted. The pot is set to hit the market next month in the UK."
Link to Original Source

+ - A Polygraph is not private, OH MY....-> 1

Submitted by niftymitch
niftymitch (1625721) writes "

"TUSCALOOSA, Ala. (WIAT) – WIAT 42 News has obtained a copy of Justin “Ross” Harris’ personnel file from the time that he was employed as a dispatcher with the Tuscaloosa Police Department. The documents detail Harris’ employment history, some drug use, and the results of a polygraph test that was conducted before his hire. Harris was hired as a tele communicator basic with the police department in June of 2006. He was promoted in his second year with the department, and then in May 2009, he resigned."

This is a tangle of astounding reach. A polygraph is a process to coerce "honesty" from individuals... But there is no US constitutional protection and no privacy as this release demonstrates."
Link to Original Source

Comment: Re:A company saved on its health insurance plan (Score 1) 353

by niftymitch (#47410259) Attached to: Here Comes the Panopticon: Insurance Companies

by distributing FitBits to employees.
Did they also provide FitBit winders?

No but a FitBit worn 7x24x356.25 smells a lot like
a lot of overtime to me.

If they want to monitor you 7x24 it seems like they
need to compensate you 7x24.

And more importantly the employee pool profile as
well as the FitBit data reflects on age and sex which
are "parameters" that enable discrimination against
groups based on sex and age.

Someone mentioned Stephen Hawking in jest but
again a FitBit program monitored by the company directly
or indirectly by rate changes is very much in violation
of the Americans with Disabilities Act (ADA).

It is one thing to give and encourage... it is another
to monitor, track and make financial decisions that
negatively affect any of these protected groups which is
clearly the intent.

Sad, sad, sad....

+ - Python Bumps Off Java As Top Learning Language->

Submitted by itwbennett
itwbennett (1594911) writes "Python has surpassed Java as the top language used to introduce U.S. students to programming and computer science, according to a recent survey posted by the Association for Computing Machinery (ACM). Eight of the top 10 computer science departments now use Python to teach coding, as well as 27 of the top 39 schools, indicating that it is the most popular language for teaching introductory computer science courses, according to Philip Guo, a computer science researcher who compiled the survey for ACM."
Link to Original Source

Comment: Re:Postal Dump (Score 1) 60

The US Postal Service already does this... ...snip...

Meta-data is not secret, not private, not protected. .....snip...

False military meta-data is classified secret or higher.
Its classification is a study in why meta data is interesting
and I suspect shows why it is both an invasion of privacy and a powerful tool.

The document that contains the COLLECTED set of meta data that
maps units, individuals, locations and postal delivery information is classified.

Anyone with family in the service knows that they can sent to
PFC Joe Soldier APO/FPO/DPO and it gets delivered.

Also see:
And see:

The classified document is classified not because of the the individual line entry
it is "the collection of meta data entries" that gets stamped. Apparently some of
the locations of some of the units are classified a little or a lot. Layers of routing contain layers
of security management for each of the associated documents.

Unlike SMTP mail there are no progress stamps.... for good reasons.

The analysis of the security risks associated with these documents predates
modern large data analysis tools. And may need to be reconsidered in light
of modern statistical analysis. i.e. Local agencies that have the tools to collect
meta data could use that equipment under the guise of training to spy on family
of active duty service and pose a national security risk. This risk IMO is inherent
in both phone and other digital connection data.

To speculate further is foolish for me....

3500 Calories = 1 Food Pound