Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:hmmm (Score 1) 118

by prisoner-of-enigma (#49138229) Attached to: 12-Billion-Solar-Mass Black Hole Discovered

People used to say the same thing about the "luminiferous aether," you know.

Personally, I think "dark matter" and "dark energy" don't really exist. Instead, I think there's something wrong with our understanding of the fundamental forces of the universe. Perhaps gravity doesn't behave with the inverse-square law across vast distances like we think. Perhaps there's a subtle force out there we've yet to discover that only acts over extreme distances. After all, quantum mechanics is only observable at extremely small scales, and a century ago nobody even suspected it existed. What's to say there's not something else that acts in an observable fashion only at galactic scales?

Comment: Re:What are the actual risks to your network? (Score 1) 114

by PetiePooo (#49090337) Attached to: Duplicate SSH Keys Put Tens of Thousands of Home Routers At Risk

OK, this is clearly a bad thing, but I don't think it means that your private LAN is immediately accessible to people all over the world does it? Multiple routers using the same keys means you could be tricked into logging in to someone else's router without knowing, but that would still require some way of directing your traffic to the impostor's device to begin with, such as DNS hijacking.

Finally, a breath of sanity... Thank you, nuckfuts! A shame this is the bottom thread in the post.. at least when I got here.

There is a huge difference between a host key and a user key. These consumer devices all share the same host key, which is only used by the client to verify that the host you're connecting to is the host you think you're connecting to. This is the key in /etc/ssh/ssh_host_rsa_key for those with access to a Linux shell, and is never encrypted or password protected. How do I know this? Because there's no way to determine what user keys are in a host's authorized_keys file with just an unauthenticated connection. However, when a client connects, the server always sends the host's public key along with a challenge signed by the host's private key.

The host key is only ever used for authentication, never for authorization, which is to say it identifies the server you're connecting to, but in no way grants any privilege to access it. The only risk here that I can think of is a MITM attack. Since the host key is well known, someone could fiddle with your DNS or local ARP tables and make a victim connect to their evil server without the scary "MAY HAVE BEEN COMPROMISED!!!" warning you get when the destination host key doesn't match what's in the known_hosts file.

If someone can paint a more frightening scenario (based on known host keys, not user keys), I'd like to hear it. If you don't understand the difference, don't bother trying.

Comment: Re:From an Audio Engineer (Score 1) 99

by pavon (#49074623) Attached to: New Map Shows USA's Quietest Places

$12 is cheap for something that lasts years (with occasional use) and prevents you from going deaf at rock concerts, while still allowing you to hear the music like it was supposed to sound, instead of sounding like you are underwater. These are not audiophile pseudoscience garbage, the frequency response of the earplugs is scientifically quantifiable, and the difference in sound quality is immediately obvious to anyone who tries them, not just idiots with "golden ears" who can hear differences that don't exist. Like the AC posted, these aren't the only brand, but AFAIK they all are pretty much in the same price range until you get into custom fit professional models, at which point you are paying for comfort more than quality.

Comment: Re:Perspective (Score 1) 716

by pavon (#49031581) Attached to: Is Modern Linux Becoming Too Complex?

Well it was a little more than that. For some months automounting of USB drives was broken for any combination of X11 display manager and window manager except GDM and gnome 3 because the systemd udev apparently handles that stuff differently than the old udev.

And this is why people get upset about systemd. I actually like the idea of systemd as a boot manager. Elimination of pointless boiler-plate demon scripts, better exposure of all sorts of cool kernel process management features, and using filehandles activity to manage the order in which daemons are launched (rather than explicit declaration of daemon dependencies), dovetails very nicely with the unix philosophy that everything is a file.

But it has becoming a sprawling feature creep monster, and I don't like that. I don't like that the developers put on false airs about how they aren't forcing you to use the other 68 daemons under the systemd umbrella, while making design decisions that make it next to impossible for distros to deploy anything but an all-or-nothing solution. I don't like how they are unilaterally making compatibility breaking system level decisions that affect everyone without giving adequate consideration to the rest of the ecosystem. That sort of attitude and approach is only going to cause more problems in the future, not less, which makes me very wary of getting on the systemd train, even though I like the technical core.

Like you said, this is a beta distrubution so as a user I'm not upset that it was broken for a while. I'm upset at the undue upheaval that one project is having on the entire Linux ecosystem.

Comment: Re:On loan??? (Score 1) 118

by prisoner-of-enigma (#49025417) Attached to: Neil Armstrong's Widow Discovers Moon Camera In Bag

The original story goes that Buzz Aldrin was supposed to be the first one to walk on the moon, but during the trip, an order from mission control came in that said that Neil Armstrong was supposed to be the first.

This is pure drivel and has been debunked on numerous occasions. Armstrong was the first out because there was not enough room in the LM cabin for Aldrin to get out first when both were wearing suits. Further, the mission was practiced for months on Earth and every action was scripted and planned down to the minute. To suggest that Mission Control would alter this plan while the astronauts were on the way to the moon -- thus invalidating months of training and safety protocols -- is ludicrous. Armstrong got out first because he had to, and everybody -- including Aldrin -- knew this before they were even strapped into the CM.

Comment: Re:Audiophile market (Score 5, Insightful) 418

As a non-American I am surprised as you Americans allow criminals freely sell products that are clearly scams like this.

As an American, I can say I'm glad the government *doesn't* stop this kind of activity. A functioning society requires its citizens to be at least marginally responsible for their own conduct. If they're stupid enough to be taken in by this crap, they deserve what they get. We neither need nor want a "nanny state" looking over our shoulder all the time, telling us what we can and cannot buy.

Comment: Re:Honestly (Score 4, Funny) 187

by Tackhead (#48992735) Attached to: The Poem That Passed the Turing Test

I have found the average Philosophy major to be indistinguishable from an Eliza program.

> I thought that some of the metaphysical imagery was particularly effective
> interesting rhythmic devices, too, which seemed to counterpoint the surrealism of the underlying metaphor
> of the Turing completeness of the program's linguistic algorithm which contrived through the medium of the
> verse structure to sublimate this, transcend that and come to terms with the fundamental dichotomies of
> the other. And one is left with a profound and vivid insight into whatever it was that the poem was about
> I mean yes, yes, don't we all, deep down, you know?
> !sudo -
> ^c^c^c
> !kill -9 1

Comment: Re:The sad part? (Score 1) 577

And it doesn't mean they do exist, either. I have no right to drive without a license. By your logic, I'd have the right to drive without a license because the Constitution does NOT mention it.

Actually, you're both right and wrong. You do have the right to drive without a license, as fast as you want, not wearing a seatbelt or helmet, drunk as a skunk...if you do it on private land. Doing the same on a public road is prohibited because you implicitly enter a contract with the State to obey certain rules in order to make use of shared public infrastructure.

The GP's statement remains true and correct. The Constitution does not grant rights to citizens. Indeed, it goes out of its way to do the exact opposite: it limits what the government can do. As a governing charter, it is unique in that respect.

Comment: Re:Science... Yah! (Score 1) 958

by prisoner-of-enigma (#48967739) Attached to: Science's Biggest Failure: Everything About Diet and Fitness

Nothing in your statement invalidates the OP's original claim, mainly that if you consume fewer calories than you burn, you will lose weight. During your anecdotal hospital stay, you consumed fewer calories than you burned and suffered the symptoms you described. You probably lost weight, too. Hence, what the OP said is both true and correct.

Comment: Re:Expensive (Score 1) 183

Your claims of "up to $12,000 per month" appear to take the absolute worst case scenario. Wikipedia notes roughly 90% of Xyrem consumers get this via insurance, with co-pays under $50 and a significant number get it for under $25. Admittedly, insurance companies are getting stiffed, but one suspects they're negotiating lower than worst-case pricing with the supplier in the first place.

Being an Orphan drug, development costs are amortized over a very few patients, making costs high. It's like saying a B-2 bomber costs billions of dollars to build when, in fact, a huge cost of "building" the plane is the amortized R&D costs. The actual labor and materials is much less. That's why the fewer planes are built, the more expensive each one becomes.

There is no good solution to this problem. If you fix prices such that R&D costs can't be recouped, you remove incentive for pharma to R&D the drug in the first place. If you allow them to recoup the costs, the end user must pay them. There is no other way. Pharma R&D dollars don't just fall from the sky.

Comment: Re:Shrug, yawn. Have you read it? (Score 1) 224

by prisoner-of-enigma (#48960177) Attached to: Nuclear Safety Push To Be Softened After US Objections

You should dig up a 2011 Associated Press article about tritium leaks at nuclear plants across the country.

And how many people died from said tritium leaks? What, exactly, was the body count? Oh, that's And how much damage was done? How many baby seals and spotted owls were killed? Oh, that's The tritium leaks were so small as to be insignificant on any meaningful scale. They were regulatory violations, yes...but the regulations are such that it takes almost nothing to exceed them. I'm not arguing that we don't need such regulations. I'm saying that you're making it out to be far worse than it actually was just because there was a violation. For example, a plant I worked at last year was nearly shut down by the NRC for a violation of "adverse working conditions." Specifically, the union workers felt unappreciated. That was it. Was it a violation that got the NRC's attention? Sure. Did it have any measurable impact on safety? Nope.

Hell, there have been 2 nuclear plants that SCRAMed recently.
One on Christmas and the other last week, during the big north east blizzard.

This statement alone shows how little you understand what you're talking about. Just because a plant SCRAM'd doesn't mean there was a safety issue. For example, one of the plants I worked at a few years ago had to SCRAM. Why? Maintenance was being done on a backup generator, one of several in a triple set of backup generators. Regulations, however, say that a certain number of generators must be available if utility power failed. And guess what? Utility power from the grid did decide to fail during that generator maintenance period. Just bad luck, really, but it happens. So what did the plant operators do? They shut down the plant, in accordance with regulations. Could they have kept operating safely? Almost certainly. There were still two more generators available, a double redundancy that went unused, but regs say triple redundancy or nothing. A plant I worked at this year SCRAM'd when a tornado hit the switchyard and damaged it. The reactor itself was never in any danger, but regs said it had to be shut down because of the switchyard issue. Again, you make mountains of out molehills to prove a point.

Comment: Re:Shrug, yawn. Have you read it? (Score 1) 224

by prisoner-of-enigma (#48959975) Attached to: Nuclear Safety Push To Be Softened After US Objections

Sounds pretty reasonable to me. But then some existing plants would have to be reexamined and maybe even receive some upgrades to their safety measures. Which would affect somone's bottom line, and we can't have that, now can we?

Careful. Your class-warfare wealth envy ideology is showing.

If you knew anything at all about how a "bottom line" works, you'd know that any increases in costs to the power industry -- or any industry that isn't completely government regulated -- gets passed on to the consumer. You, my dear bottom-line-hating friend, would pay those higher costs in the form of higher utility bills. Or did you think the power industry is someone blessed with an immunity to profit and loss statements? If their operating costs go up, either profits must come down or prices must go up. Profits can only come down so far before you're unable to re-invest in your business, attract and pay high-value talent, and all manner of things that make a business work. So prices will go up. That means you.

Be careful what you wish for. You may get it.

Technology is dominated by those who manage what they do not understand.