Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment Re:The basic question is answered...but still... (Score 1) 461

No, we're all too focused on "Who's fault is it?" and nobody has properly considered "What do we do about it?"

We know exactly what to do about it: move to less convenient fuels (excuse me, "renewables") , adopt less comfortable living conditions (aka "reduce energy consumption"), reduce the amount of disposable consumer goods in our lives, etc. And those of us in the developed world have to cut enough from our carbon budgets to make allowances for the populations of the developing nations who want to better their standards of living, a move that is guaranteed to build resentment on both sides of the equation.

What you're missing here (either honestly or deliberately) is that the problem is ongoing, and that because it's caused by economic activity, the people who are profiting from it want to continue to profit from it, and they are actively working to derail efforts to correct or even acknowledge the problem.

And those of us in the developed world are not too excited about fixing it. The benefit we get from fossil fueled energy is great and immediate; the impact we feel from CO2 emissions is so low we have to be 40 years old before we have enough experience to notice the impact on our own lives. Rising water levels on a few tropical islands is a long way from stepping on a gas pedal in North Dakota.

So yeah, we need to do both: stop the people who are encouraging the growth of the problem, and we have to accept some sacrifices as a result. Neither is fun, so ... you first.

Comment Re:The basic question is answered...but still... (Score 1) 461

Every single argument I've ever heard from the "deniers" is based on either a real lack of understanding of science, or they've assumed an argumentative position based on their political leanings. They don't understand the difference between weather and climate. They don't understand trends or statistical sampling. They don't understand the difference between tolerances and allowances, accuracy and precision, or how averages are computed. They don't understand how data from ice cores is calibrated and tested. They don't understand how geologic climate data works. They make faulty assumptions about CO2 data collection methods.

And you know what? That's OK. Not everyone can be expected to learn all that. But if they can't, then they at least need the honesty to either try to learn from people who do understand, or at least refrain from echoing arguments made by others - because those others aren't making those arguments out of pure stupidity. They are making them to advance their political agenda, or to at least delay someone else's agenda.

In any collection of people, there will be some "deniers" who will not listen to reason, meaning we will never see unanimity. The trick is recognizing when enough rational people have accepted the arguments. Once the percentage of "deniers" drops far enough below the population of rational people, it's time to stop trying to convince everyone and moving on to accomplish tasks. We have to know when the delays have run their course, because nothing will ever get done if we wait for every last denier to come into accordance.

As far as your argument goes, there are 50 years of science, 150 years of direct climate measurements, thousands of years of indirect climate measurements, and geological evidence going back much further. I think climate science is a lot further along than still trying to establish first principles.

Comment Re:Assumes it ever lived (Score 2) 456

While I agree that emulating the parts of the iOS ecosystem that we all hate (the walled garden, and the over-dependence on for-rent services) was their biggest mistake, I just don't have the same loathing for Microsoft as I do for Apple. Apple innovated the walled garden model, and got millions of fanbois to promote it. Apple is like an abusive spouse, constantly telling their users they're too damn stupid to own anything as cool as their gear; and yet those people are grateful. Apple is straight up evil.

Microsoft just copied everything Apple did, stupidly hoping they'd stumble upon some magical formula for success. But it always seemed like somewhere deep inside Microsoft there was a tension caused by really talented people who knew the whole Apple idea was evil, and were trying to do the right thing. So I can't hate them as much.

Comment Re:Nine years of pair programming? (Score 1) 186

You're maybe a better coder than I or people I've worked with. I find the majority of my time isn't spent "writing" it is spent finding the stupid little errors like a != that should be an == or forgetting to do a null check etc.

You'd probably benefit from a good static code analyzer. While they can't catch errors in logic where your code doesn't meet your requirements, even the simple ones can catch a lot of dumb things like skipped null checks, boundary violations, pointer violations, memory leaks, etc. The better tools are very sophisticated and can do deep examinations, and will track your code quality over time. They are also available as IDE plugins, you can run them on a build server, or both. They can save you hours of time checking for those stupid little errors.

Comment Re:You get what you pay for (Score 2) 77

Here's a nice warm thought to keep everyone up at night: What is to keep hackers who enjoy this sort of thing from buying devices at BestBuy, hacking them to insert remote back doors, and then returning them to BestBuy the next day? If they put it back in the packaging, possibly with new shrink-wrap, they could claim they never even opened it, and it would go right back on the shelf for some unsuspecting victim to buy.

But ... that could never happen. There's yellow tape on the box assuring me that it was inspected and repackaged by Best Buy experts. Experts! And we all know only experts are permitted access to the yellow tape dispenser.

I have little doubt the same experts refurbished one of the returned washing machines I was looking at. I wanted to see how the drain filter would work so I opened it, and while I looked disgustedly at the slimy lint still trapped in the filter, about a gallon of water poured into their carpets. I guess that's what karma looks like.

Submission + - Unmasking the Stingray (theverge.com)

plover writes: The Verge has a feature story on the criminal who figured out he was caught due to his prepaid cellular device, and discovered the existence of the Stingray.

Comment Re:We actually don't WANT better ransomware (Score 1) 67

My point was only that publishing this code isn't likely to benefit anyone, even those who have an interest. "Legitimate" anti-virus companies aren't likely to need it, because they generally deal with the binary code anyway. If there are a few such companies that could benefit from it, the code could be made available to them via special arrangement instead of a public publishing process. It certainly doesn't have to be an exclusive deal; if you think Symantec, ESET, Kaspersky, and Trend Micro are all legitimate AV companies that deserve a copy, send them all a copy.

Comment Re:We actually don't WANT better ransomware (Score 3, Interesting) 67

1) Making malware code public helps malware programmers (current and aspiring) write better malware programs.

This request is specific to ransomware, not generic malware. Anyone with poor ethics can deploy either, but ransomware has the potential to make an irreversible impact on victims. Yes, malware can reformat a drive and wipe data, but ransomware provides greater motivation to attackers because of the potential for direct profit.

2) Making malware code public helps anti-malware programmers (current and aspiring) write better anti-malware programs.

Anti-malware code is a specialized field, and there are fewer than 50 companies who have much marketshare. Entry into this field is a high bar, requiring the trust of many people. Even then, many of the products are of poor quality, and/or have their own unethical behavior. An aspiring anti-malware author will have much greater difficulty breaking into the field than an ordinary app developer. There isn't much of a market for specialized anti-ransomware.

Who benefits more? I honestly don't know. However, my bias is towards openness over secrecy, and I think it needs to demonstrated that the risks of making malware code public outweigh any potential benefits.

Publishing the ransomware code creates very specific risks. If perfectly executed, ransomware results in absolute hijacking of the user's data. But as we know from legions of flawed security software, writing perfect code and implementing cryptographic algorithms perfectly is very difficult. Recent ransomware made the news because it was imperfect, allowing investigators to recover the encrypted data for all clients without paying the extortionists. The fear is that publishing the ransomware code will give a working example of properly executed encryption that researchers can't break.

You also have to consider how anti-malware code typically works. Much of it is still signature based, meaning that a working copy of the code can simply be tweaked or recompiled to evade signature detection, and the recompiled code will remain effective. Source code won't help the anti-malware authors much.

So overall, publishing the code will greatly benefit the attackers, and will be of only marginal benefit to anti-malware authors. It is hoped that anyone in possession of ransomware source code already understands these points, and will not be compelled to release the code for "noble purposes", as there would be virtually no nobility in the gesture.

If you are still interested in how ransomware works, I would recommend "Malicious Cryptography: Exposing Cryptovirology", by Drs. Young and Yung (Wiley, 2004.) This book was one of the first scholarly works on ransomware. You don't need the source code to learn about it.

Comment Re:Interesting - (Score 2) 179

Three keys for satellites up in the sky
Seven for the hackers, in their mommies' homes
Nine keys for sysadmins in collusion with the spies
One for the Dark Lord, in his Oval Office.
In the land of Bruce, where the Schneier lies.
One key to crack them all, one key to find them
One key to bring them all and in the HSM bind them.
In the land of Bruce, where the Schneier lies.

Comment Re:So at first... (Score 4, Informative) 168

The request came from the Department of Justice. These are to be installed in fixed locations, such as the roof of a prison. Just because Airbus created them does not mean they intend to install them on their aircraft.

And very few prisons are traveling at 4 miles per minute, even those on final approach. :-)

Comment Re:jamming (Score 1) 168

Disrupting the control signal to a simple drone may cause it to fly erroneously and crash (not necessarily straight down). Who to blame for damage then?

The pilot, 100%. If this is a "no fly zone" for models, it's nobody's fault but the person who chose to fly their model into the zone. And they aren't going to mess with GPS -- too much risk, too many legal issues.

As I posted above, they're not looking to solve every problem, and jam every possible frequency, and stop every possible type of navigational system. They're looking to stop the gang members from buying a quadcopter at the mall, duct-taping a gun or cell phone to it, then flying it into their buddy's prison. This is a practical approach to reducing the current problems, not a perfect fix that eliminates every possible type of R/C aircraft.

Slashdot Top Deals

All life evolves by the differential survival of replicating entities. -- Dawkins

Working...