Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Security is hard... (Score 1) 733

by pehrs (#49345267) Attached to: Germanwings Plane Crash Was No Accident

My instincts tell me that the door is good on the cost-benefit calculation. We have had multiple instances of intrusion into the cockpit over the years, in some cases with fatal results, in other cases with the planes being diverted. This type of events are getting increasingly rare, and I think we can attribute that to improved security. The last decade there has been less than 6 hijackings a year, while in the 1993 alone there was 36 hijackings.

Yet we have had about 10 cases of pilots deliberately downing traffic planes in murder-suicides in the last few decades. It would be good if we could include both threats and build a security system to prevent them. The two-man-in-the-cockpit concept is one easy way, but it's expensive and not obvious that it will always work. Federal Express Flight 705 is one example where it barely worked.

Comment: Security is hard... (Score 5, Interesting) 733

by pehrs (#49344037) Attached to: Germanwings Plane Crash Was No Accident

Designing security systems is very hard, and this crash seems to be a classic example of why it is so hard.

The reinforced cockpit door, and the access control system, was introduced after 9/11. Before that the cockpit door was typically a flimsy thing you could break down with a few good kicks. The reinforced door is designed to prevent passengers from obtaining access to the cockpit. The threat model includes attempts at brute force (the door has to withstand roughly an hour of abuse with anything that can be found in the cabin) and tries to coerce the cabin crew for keys or codes (as the pilots control entry). Airbus (and also Boeing, I am pretty sure) also has an emergency procedure which lets you enter the cockpit should the pilots be incapacitated, but the pilots can disable this. There is a nice video here which illustrates hos the access control system airbus uses works:

If media is correct one of the pilots wanted to crash the plane, and used the cockpit security system to prevent the other crew from interfering. This was not part of the threat model, and that made the current security system work in favor of the attacker instead of the rest of the crew. Not good. It cost 150 lives.

There are ways to get around this. Some airlines require two people to be present in the cockpit at all times, in an effort to prevent this kind of attack. It makes it a lot harder, but not impossible. It could also be possible to allow people on the ground to override the lock on the cockpit door. But in both cases you need to actually design your security system to deal with the threat, which I am sure people are rushing to do now...

Comment: From a security perspective... (Score 4, Interesting) 224

by pehrs (#48967311) Attached to: If a Financial Institution Mishandles My Data, What Recourse Do I Have?

Frankly, the risk of somebody doing something nefarious with the information they got it pretty low. Even on the internet the wast majority of people are nice and behave like decent human beings. Most people don't even know how they could use that information for financial gain. So if you go to a court you will have a hard time proving actually damage for what is obvious a mistake, which means any recuperation is either going to be based on good will or specific laws covering data breaches.

In a larger perspective, you are right now encountering (and worrying about) a fundamental flaw in the way many American business work. There is a big confusion between identity, authentication and authorization. Identity (name, address, date of birth, social security number, bank account etc,) is not the same as authentication (I am the Identity) nor authorization (I am allowed to act as the Identity). None of the information the bank leaked really should be secret, and in Europe you could probably find most of it (except for bank account numbers) in public databases.

Comment: Re:America is HUGE (Score 1) 255

by pehrs (#48906657) Attached to: Verizon, Cable Lobby Oppose Spec-Bump For Broadband Definition

According to sources like this, about 85% of Sweden's population is in urban areas. When you only have 15% of the population that's really spread out, of course it's easy to just spend the extra money to wire all of them up.

You mean unlike the USA, which have to deal with the punishing 17% non-urban population which makes it impossible to roll out a decent infrastructure? Different for different states, of course, but less densely populated states also have a smaller population which you need to cover.

The population of Sweden is so small, you really can't extrapolate out from it very much to US sized problems either. You could barely fill the NY metro area here with everyone in Sweden.

I would argue the exact opposite. You can perfectly well extrapolate from Sweden, and use that extrapolation as an inspiration of where the USA can get with decent policies.

And our sparse states make Northern Sweden look like a huge party. Nationwide US policy has to consider what's feasible in states like Montana and Wyoming, at 2.7 and 2.3 people per sq km. And then there's Alaska at 0.5...a single state that is also 4X as big as Sweden, too.

So what kills decent broadband in the USA is rural Alaska, which has less than 0.24% of the US population? There are two ways you handle this problem. First of all, you begin by building out good infrastructure to the 50/90/95/99% which is cheapest to deploy. Secondly, you let those living in areas where building infrastructure is cheap sponsor the buildout in more expensive (typically rural) areas. As the value of networks grow with the number of people connected this is, within reasonable levels, profitable for everybody.

Comment: Re:America is HUGE (Score 4, Insightful) 255

by pehrs (#48903771) Attached to: Verizon, Cable Lobby Oppose Spec-Bump For Broadband Definition

Oh, yes the "UG, why need sharp stone? Dull stone kills deer also, easier to make." argument.

If you don't want to be at a severe competitive disadvantage you need good telecommunication infrastructure. Wireless bandwidth is, for physical reasons, severely hampered, which means that fixed lines is the only way to provide it.

When it comes to the population density, you should note that Sweden has a considerably lower population density than most of the American states, yet much better telecommunication infrastructure. Northern Sweden has a population density of about 4 people per square km, yet good access to telecommunication services. It may cost a bit to roll out, but the alternative of being left behind technologically is much more expensive.

Comment: Technical limitations (Score 5, Interesting) 255

by pehrs (#48903683) Attached to: Verizon, Cable Lobby Oppose Spec-Bump For Broadband Definition

There are some technical reasons that the telecom monopoly lobbying groups REALLY don't want broadband to be defined at high speeds. It rules out a wide range of very cheap technologies which can be used to claim that they do provide broadband. At 25/3 you need to offer at least ADSL2+M (ADSL2 won't cut it), DOCSIS systems will be severely limited in the number of subscribers, GPRS is out (you need to move to HSPA) and so on. Setting a very low limit for what is broadband is a perfect way to polish the numbers and make it look like good service is provided at very reasonable prices. We have sold refurbished telecommunication equipment to the US, which was no longer considered competitive in the northern European market, but was state of the art for many parts of the US.

While it is certainly nice to have a place to unload old equipment I don't think it is in the best interest of the USA to play catch up on infrastructure just to help a few telcom companies to keep their profit margins high...

Comment: Re:I'm shocked, SHOCKED! (Score 1) 190

by pehrs (#48794079) Attached to: Tesla vs. Car Dealers: the Lobbyist Went Down To Georgia

Maybe I am missing something here, but the Tesla has an recommended annual inspection or every 12,500 miles, which is exactly the same as my old Toyota has. Why anybody would need to do wheel alignment yearly is beyond me. The rest are typical service points included in the service of my car. Last I checked the price of service for the Tesla was actually more than the service cost of my plain old Diesel burner.

A Tesla may be many things, but it is not a cheap way to get around...

Comment: Re:Not sure if it adds up (Score 1) 85

by pehrs (#48448205) Attached to: Bidding In Government Auction of Airwaves Reaches $34 Billion

We tried that. It's called "beauty contests". There have been plenty of those, specially with the spectrum allocations in Europe the 1990ths.

They tend not to give very good outcomes. It is much easier to hold companies to paying a certain sum than it is to hold them to promises, especially after a few years of restructuring and consolidation in the market. In many cases companies have been sitting on huge chunks of spectrum without doing anything, sometimes just paying the fines for returning the spectrum after a while. In addition, the rules and ruling in beauty contests tend to become hives of corruption.

Beauty contests may be a good idea in some emerging markets where there is very little incentives to pay for spectrum. In the rest of the world, let the market decide what the spectrum is worth, and let the teleco's pay through the nose for the spectrum. There is no reason to give away something that valuable.

Comment: Re:"Swedish Video Game." (Score 1) 642

by pehrs (#48402131) Attached to: Sweden Considers Adding "Sexism" Ratings To Video Games

You have no idea of what impact Sweden has on the computer game market, do you? Sweden is a big player in the computer game industry. Companies like Avalanche, EA Dice, GRIN, King, Massive, Mojang, Overkill, Paradox and Starbreeze are all based in Sweden.

Comment: Re:Then how did the pilot die? (Score 5, Informative) 150

by pehrs (#48300937) Attached to: SpaceShipTwo's Rocket Engine Did Not Cause Fatal Crash

Eh? No, the crew of Columbia did not survive all the way down. Perhaps you are thinking of challenger, where there is some debate on if they survived until impact. In the case of Columbia the crew was dead four times over before impact. The lethal factors NASA identified were:

1. Depressurization of the crew module at or shortly after orbiter breakup.
So, we start with denying the crew oxygen. None closed their helmets when pressure dropped to 0 in a fraction of a second at the start of the breakup.
2. Exposure of unconscious or deceased crew members to a dynamic rotating load environment with a lack of upper body restraint and non-conformal helmets.
Then we bang them around a bit in what can be best described as a rolling garbage compressor full of sharp and heavy things, in helmets not designed to protect against this kind of force and without proper seat belts.
3. Separation of the crew from the crew module and the seat with associated forces, material interactions, and thermal consequences.
Then we break the box apart, exposing the crew to an unprotected reentry into atmosphere
4. Exposure to near vacuum, aerodynamic accelerations, and cold temperatures.
Finally we let them free-fall back to earth...

The Columbia Crew Survival Investigation Report is a 400 page long and very dark document, but the executive summary is just a couple pages. You can find it here: The bodies of the astronauts were mangled beyond recognition, which is hinted in the report, but out of respect of the astronauts details of the injuries are redacted from the report.

Comment: Re:results from different practices among discipli (Score 1) 81

by pehrs (#48267981) Attached to: The Most Highly Cited Scientific Papers of All Time

In engineering, there tends to be less of a tendency to cite a paper with methodological info: Very few people using an FFT cite the Cooley-Tukey paper; likewise, someone talking about using an ADC for sampled data isn't going to cite Nyquist, even if they say "the sampling rate was 5 time the Nyquist frequency". Likewise, in engineering, you don't see: The dice were attached to the substrate using a eutectic mixture of lead and tin as recommended by Agricola in "de re Metallica".

Yes and no. In computer science experienced authors rely on a common and rather broad knowledge base when writing their publications. There is a tradition not to cite things which are part of the common knowledge. I would not cite just because I was using the FFT, unless I was doing something out of the ordinary with it which actually requires understanding all the details of the original publication.

A very common sign of an inexperienced author is sloppy references. Typically there are too many references, and to works which are not strictly relevant for the author. When you see an introduction with 60 references outside a survey you can usually toss the paper in the trash bin and tell the authors to start over...

Comment: Re:Idiot (Score 1) 942

by pehrs (#48034227) Attached to: David Cameron Says Brits Should Be Taught Imperial Measures

The only problem with that is that there are at least 3 definitions of cup that I know of (metric, imperial and U.S. customary), which kind of defeats the purpose of having a recipe in the first place.

And the approximation problem is something you constructed for yourself. Here we typically describe recipes using deciliters. Which is a nice, standard unit which you can scale up or down as needed. And, no, we don't start with imperial measurements and round off. If you want to do scones my way you will have to add 1.26 cups of standard milk, 3.38 cups of flour and 0.22 lb butter (among other things).

Comment: Re:Please stop and think (Score 5, Interesting) 359

by pehrs (#47694097) Attached to: Ebola Quarantine Center In Liberia Looted

A good and insightful post.

The only thing you forgot is to mention why Liberia is one of the most miserable parts of Africa.

Liberia is the only country in Africa founded by United States colonization while occupied by native Africans. It was financed by the American Colonization Society, an organization created to remove unwanted freed black slaves from America, to avoid a slave uprising like what happened in Tahiti. The colonizers became known as Americo-Liberians and promptly started to enslave the locals and selling them back to the US (with support from the American Colonization Society). The Americo-Liberians, led the political, social, cultural and economic sectors of the country and ruled the nation for over 130 years as a dominant minority. The atrocities under that regime were too many to count.

The US continued to keep it a hell hole in the effort to fight communism, and from 1940 and forward pumped enormous sums into the budget country (about half the GNP was American aid for a while...). Of course most of this money vanished in corruption. But in return the evil communists were kept out. Eventually there was a coup in 1980, finally removing the Americo-Liberians, and starting two civil wars, killing about half a million and displacing about half of the country population. About 85% of the people live under the poverty level today.

We sometimes speak of the Ghost of King Leopold, after the horrors in Congo. But when it comes to colonialism the American version seen in Liberia was at least as bad. And by doing it as a private enterprise they ensured that, unlike the state colonies, there never was a decolonization with support for forming a stable state.

Comment: Re: Apply liberal amounts of gloss. (Score 5, Informative) 219

by pehrs (#47645727) Attached to: Point-and-Shoot: TrackingPoint's New Linux-Controlled AR-15s

You would be surprised how bad people shoot in the real world... I hunt. I fire about 50 shots on big game (mostly boar, deer and moose) a year, and well over thousand if you count small game. I compete, primarily in sporting and skeet but also 300 meter rifle.

In my experience the wast majority of shooters have a hard time hitting a deer sized targets with a rifle at 300 meters without special training. Add any sort of complication, like a little bit of stress, moving target, bad light or the like, and most people won't hit a deer sized target consistently (that is, 10 out of 10 in the heart-lung area) at 100 meters. The performance of the cartridge barely matters. Most people simply need a lot of training to aim and fire a rifle well, especially under stress.

I spend a considerable amount of my spare time tracking down deer which were wounded by people with the "Any dope can make a 300 yard shot" attitude. They are typically not quite so tough at 4 am in the morning when we have spent a few hours tracking down the deer they wounded. While it is good training for the dogs, and it is very rewarding work, it would be better if people learned how hard it is to shoot well on distances over 100 meters.

All great ideas are controversial, or have been at one time.