Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:I respect the FAA (Score 1) 58

by sjbe (#49188387) Attached to: US Air Traffic Control System Is Riddled With Vulnerabilities

You've got to be kidding me. Nearly every instructor I've ever had offers different stories about the FAA.

So because a bunch of flight instructors don't like dealing with the FAA the organization isn't effective at ensuring airline safety? You can tell stories about stupid things that happen in ANY organization and the FAA is no different. Yeah, not everything the FAA does is perfect - news at 11. Of course the aviation industry has achieved a ridiculously impressive safety record and the FAA has been a huge part of that. Coincidence? Not remotely. Just because an organization does some silly stuff doesn't negate their actual accomplishments.

Hasn't anyone noticed the steady decline [airfactsjournal.com] in the number [haywardairportnoise.org] of licensed pilots over the last decade?

For general aviation sure. It's expensive, time consuming, and causes your insurance rates to go through the roof if you are a general aviation pilot. Owning and maintaining a plane is not a cheap hobby.

If you are a pro the pay for a newbie pilot is ridiculously low and that has nothing at all to do with the FAA. That's simply due to the fact that there is an excess supply of pilot so wages get pushed down. I have a cousin who became a airline pilot. Spent a ton of money getting trained and was making all of about $30K/year in salary to drive the bus in the sky. Gee, wonder why people wouldn't want to become a pilot if the wages are shit and the hours are long.

However, if you piss off the wrong FAA guy and he decides to ride you like a pony, you will go broke and enter bankruptcy trying to comply with the specific and individual demands he makes in the name of safety regarding your plane, or you will stop participating in aviation altogether.

So don't piss him off.

When they raise the standards for safety so high that pilots and airlines go broke as super expensive FAA certified mechanics throw away perfectly good parts from their planes, the FAA is clearly failing again.

Just because a part is functional and not yet broken does not mean it is inappropriate to take it out of service. I'm sure you can find examples of something silly done by some FAA employee but the fact remains that without them the safety record of the aviation industry would not be anywhere close to what it is today.

Oh and the airlines industry right now is reporting record profits. Airlines going broke? Only the badly run ones. They've finally figured out that having excess capacity is economically stupid and they've started charging ticket and other fees that are high enough to actually generate a profit. What a concept...

Comment: Passive cooling != No cooling (Score 1) 207

by sjbe (#49187695) Attached to: French Nuclear Industry In Turmoil As Manufacturer Buckles

Well as an example, the new thorium reactors don't even need cooling as the reaction is cut off immediately when there's a failure.

Thorium reactors don't need cooling? I think you don't understand the physics involved. Some newer reactor designs have passive cooling systems which are (theoretically) safer but they still need and have cooling systems. Fission generates heat which is used to drive turbines. If you have heat you must have a cooling system. It takes a substantial amount of time for a fission reactor to cool even once the reaction is shut down and you have to have some form of cooling system in place to do that.

Comment: Nuclear is not cheap (Score 2) 207

by sjbe (#49187665) Attached to: French Nuclear Industry In Turmoil As Manufacturer Buckles

Nuclear is cheap.

Nuclear (specifically fission) power generation is cheap. All the safety systems, regulatory oversight, large construction projects, waste management/disposal, licensing, project management, environmental impact, financing and maintenance of nuclear power are tremendously expensive. And you cannot separate the power generation from the rest of those items.

Comment: Re:Try and try again. (Score 2, Interesting) 369

I am currently an avid Android user.

I used to be an avid Windows Mobile user. WM5/6 were actually, when they existed, the MOST power-user/business-friendly mobile OSes out there. They were more geek-friendly than any of the horrifically locked-down "Linux-based" mobile OSes.

Then Microsoft dropped WP7 on the world - an OS which was unusable for nearly 100% of the core WM5/WM6 user base. At the same time, Android was coming onto the scene, which had everything that WM5/WM6's core user base wanted. MS never recovered, they utterly screwed up. NEVER alienate the majority of your core user base, even if it's trying to reach a "new" audience - especially when the "new" audience you're targeting is already drooling over a competitor (Apple).

Comment: Re:What could possibly go wrong? (Score 1) 119

by swillden (#49182821) Attached to: Linux 4.0 Getting No-Reboot Patching

If someone gains root, they can swap out the on-disk boot image that contains the kernel, and wait for someone else to reboot it as part of normal maintenance.

Assuming there isn't something that prevents the boot image from being replaced. See my other, more extensive, comment in this thread.

Comment: I respect the FAA (Score 4, Interesting) 58

by sjbe (#49181607) Attached to: US Air Traffic Control System Is Riddled With Vulnerabilities

The FAA is one of a very few government agencies that takes its job seriously and focuses on quality.

They're better than that. Surgeons in operating rooms are cribbing from the FAA for techniques and procedures to improve patient safety. The safety record of the airline industry is quite remarkable and the FAA deserves a huge amount of the credit for that achievement. I've worked as a quality engineer and whatever their other flaws might be, the FAA groks quality and safety as well as any organization I've ever seen.

I'd trust them to take IT systems security seriously and delegate the work to competent engineers.

As would I. The only thing I really worry about with the FAA is in keeping Congress from meddling with them too much. They are in my opinion one of the best run agencies in our government. That's not to say they don't have their flaws but on the big picture stuff, especially safety, they do a pretty good job overall even when they don't have all the resources they might.

Almost can't believe I'm saying this, but it would seem they have good workers.

Why should it shock you? We have many people in our government who are remarkably competent. I'd be happy to introduce you to some that I know personally. The FAA does not only have good workers but they have a safety first framework and have built a culture and procedures to support that. They also have the advantage of not being a political football for Congress to fight over. A good worker can be put into a system that doesn't work and chances are they will fail. Safety and reliability are NOT about competent people working hard. Those are important things but they will not get the job done unless you also have an organizational framework that supports them properly. The FAA has oversight over the entire process from certifying the airplanes before they even get built, to overseeing the ongoing maintenance and supply, to being able to force private companies to be grounded if they don't do what they are supposed to do when they are supposed to do it. They are able to get into all the corners of the industry that affect safety and they largely do a good job of ensuring that things are done properly like a regulator is suppose to.

Comment: Re:What could possibly go wrong? (Score 3, Informative) 119

by swillden (#49181487) Attached to: Linux 4.0 Getting No-Reboot Patching

But what you're saying is that rebooting is somehow a magic cure-all that guarantees the system isn't infected somehow

Don't be condescending. I'm not saying rebooting is a magic anything.

Whether or not this matters depends on the threat model and why the attacker is interested in patching the kernel. For example, one purpose would be to disable other kernel security features, such as SELinux, or dm-verity. Most SELinux rules are configured and the configuration can be altered by root, but some are compiled into the kernel and can only be modified by modifying the kernel. Altering the persistent kernel image may not be possible for a variety of reasons (read-only media, SecureBoot, etc.). In addition, in security-sensitive and mission-critical contexts an unexpected reboot may well be noticed.

I don't understand your assertion about SecureBoot. Are you referring to some known vulnerability of some particular secure boot system? Given a decent implementation of secure/verified boot, an attacker should not be able to convince the system to boot a modified kernel image, which means that run-time modification of the kernel is the only option if the attacker needs to bypass some kernel security enforcement.

In general, the security model of a high-security Linux system assumes that the kernel is more trustworthy than root. The ability for root to modify the running kernel invalidates this assumption, which most definitely is a security issue.

In the context of a system without mandatory access controls there may not be any reason to care, since once an attacker has obtained root there probably isn't any limit to what he can do.

Comment: Re:Necissary, not sufficient. (Score 1) 94

by pavon (#49181093) Attached to: Has the Supreme Court Made Patent Reform Legislation Unnecessary?

I think you're misguided. The criteria for patentability has never been bad, and has actually gotten worse since the recent change to "first to file".

Yes it has been, and your following paragraphs demonstrate clearly why this is so

The problem is it's impossible for anyone to know what can or cannot be patented without spending hundreds of thousands of dollars hiring an entire team of lawyers to search through the back catalogue of patents and inventions and court precedents.
The patent office does not have enough staff to do proper research while a patent is being filed. If they did proper research, they would only be able to approve a handful of patents per year with the number of employees currently working at the PTO.

The problem with the current system is that the PTO has taken the approach of only rejecting patents if they can find documented evidence that someone has done the exact same thing before. If there is a single independent claim for which they can't find exact prior art in a timely manner, then they approve the patent, regardless of how similar it is to other prior art. They deliberately ignore the obviousness of the patent because they don't want to have to defend subjective decisions against appeal.

The recent Supreme Court rulings have forcefully asserted that this is not acceptable. The law clearly states that obviousness is one of the criteria for patentability and therefore the USPTO and courts must take that into consideration when deciding patentability. Furthermore, they have stated that if the improvement that an invention makes on prior art is not patentable by itself, then the invention is not patentable. This is a huge decision because it rules out a ton of "on a computer" and business model patents that combined things that weren't patentable on their own into something that was patentable in aggregate. This second issue is likely to have an even bigger impact as it can be applied more objectively than the first which increases the chances that the USPTO will embrace it. Furthermore, if anything these changes decrease the amount of research the PTO has to perform for an average application.

It simply isn't possible for a small company to defend themselves at all, their only viable option is to settle out of court which inevitably means nobody actually knows whether or not the patent is valid. After years of watching this issue closely I have never seen a small company defend themselves in court. Some have tried, but every single one gives up and settles out of court half way through the process.

Agreed which is why we need these reforms. They proposed two important changes. First is to strictly limit how much information the plaintiff can subpoena during discover. This prevents fishing expeditions and prevents discovery from turning into a war of attrition, which will make defending oneself against patent claims faster and less expensive. Secondly it allows defendant to challenge the validity of the patent before discovery has taken place, potentially avoiding the vast majority of the expense of defending oneself, if the patent is determined to be invalid by the new post-Alice standards.

Personally I don't see how any reform could possibly fix the problem. There are certainly ways to improve the situation but I don't think anything can truly fix it. I've never seen anybody suggest a viable solution.

I have no disillusions that these changes will magically make the patent system perfect. In fact I expect the USPTO and the lower courts to continue to be slow to adopt them, but they address the two biggest issues with the patent system today - the low standards for patents and the cost of defending against them - which is more than I can say about any other proposed changes to the patent system in the last 50 years.

Comment: Re:What could possibly go wrong? (Score 2) 119

by swillden (#49180351) Attached to: Linux 4.0 Getting No-Reboot Patching

It's no more a risk than current patching that requires a reboot, except that you don't have the downtime of a reboot.

Sure, if your concern is error, rather than malice. An attacker who gains root could use this to dynamically patch a backdoor into the running kernel. Rebooting the machine would potentially enable someone to notice.

As another poster noted, though, you can already dynamically patch the kernel for malicious purposes by loading a malicious module, assuming that hasn't been disabled. In contexts where security is crucial, I would disable both dynamic module loading and run-time patching.

Comment: Re:Pretty pointless (Score 1) 321

by swillden (#49179733) Attached to: Ask Slashdot: How Does One Verify Hard Drive Firmware?

I assume the communication companies were handing over a lot more than the NSLs can demand in the spirit of cooperation and that is why the retroactive immunity was necessary

The GP wasn't suggesting that excessive data was handed over, he said that an NSL could be used to demand installation of a backdoor. If I were a vendor, even one who really wanted to be cooperative, I'd balk at that, because the chances of something like a backdoor being discovered are too high. It would be actively sabotaging my customers, and not just to the NSA... a backdoor can't distinguish between users, it lets in anyone who figures it out. And, of course, if the existence of the backdoor were published it would do serious damage to my business.

Even companies who want to cooperate are going to be reluctant to do potentially business-destroying favors for the government. There would be a great deal of incentive to fall back on the law and refuse on the grounds that the law doesn't authorize such requests.

Comment: Re:FDE on Android doesn't work as of yet (Score 1) 118

by swillden (#49179701) Attached to: Google Backs Off Default Encryption on New Android Lollilop Devices

I'm skeptical that an Android device would survive running flat out for two years to crack a PIN. The heat and battery life issues I experienced when I tested it demonstrate clearly that mobile devices simply aren't designed to run full-speed 24x7.

Also, it should be pointed out that the attack I described is far from easy to carry out. Among other things, it requires dumping the contents of flash, which basically requires removing the flash chips from the mainboard without damaging it, then either putting the flash chips back or installing new flash, then the device must be unlocked, a custom, hostile OS flashed, and finally the attacker can start the multi-year process.

Note that the 630-day figure I cited is on average. It would take twice that long for a guaranteed break.

Finally, if you add one more character to your passcode (7-character alphanumeric), the crack time jumps from 630 days on average to 124 years.

I agree that Lollipop FDE still needs some improvement, but it's already quite good.

Breadth-first search is the bulldozer of science. -- Randy Goebel

Working...