Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Confusion of terms. (Score 1) 233 233

The article claims that NTP is the cause of the leap second. NTP is just a protocol that handles keeping computer clocks in sync with each other and with the official time (UTC, IIRC).

If NTP handles leap seconds by increasing update frequency and then coming to the conclusion: "Whoa! my offset just went from 0.3 ms to 1000.25 ms, lets step the clock a second once we're sure this was not a fluke measurement". then that's a bad way of handling it in my opinion. (also suddenly speeding up does not provide a smooth-enough transition).

One of the things that is bad about this is that when normal operation can handle (the bandwidth of) most hosts updating every 1024 seconds, and a few hosts (just rebooted, just installed, sync lost, whatever), now all of a sudden a synchronized (pun intended!) attack will take place where many many hosts will increase their update frequency by several order-2 magnitudes.

For google, they internally have needs for synchronized clocks. Why I don't know, and I don't care. They have decided to handle the leap second in a more controlled way. It's actually not that hard. Just make sure that everything syncs off one level-0 server, and during the 20 hour period leading up to the leap second, add a variable number of microseconds to the exported time.

Comment: Re:Doesn't matter, so why do it? (Score 1) 233 233

The thing that people-who-don't-know-better are suggesting is that the second will be the same all the time.

They think that nothing bad will come from "thirty years from now, the sun is in the south at 11:59:30" (assuming an average of 1 leap-second per year).

(I can't think of anything bad that would happen... but I know my limitations. It's probably annoying as hell to /some/ fields of research or something....)

Comment: Re:Infinity (Score 1) 1067 1067

Suppose I have a variable A that ends up with the value Y*X. (Y might be a difficult calculation). Next I want to calculate B = A/X .

This could happen for example when I'm doing physics calculations where the parameter X eventually cancels out.

Anyway, this will end up with B = Y if you do the math and cancel out the X. However, if you let a computer follow through with the calculations, when X=0, you'll end up with a variable A with the value zero. And if you assign a value of "1" to 0/0 you'll silently get a wrong result when Y != 1.

So: The computer should throw an error. There is no way a compiler can come up with a reasonable answer for the variable B.

If you want it your way, you write B = X?A/X:1; If you want get rid of that expression everywhere in your code, you get a few choices. In C++ you could probably define a "myfloat" that overloads the division operator. Or you could make a "mydiv" function.

Comment: Re:Opportunities as well as problems (Score 1) 98 98

Directional is an option for the satellites. But on the ground you'd have to be tracking all the time, and you'd have a dropout the moment one satellite goes away and another comes into view.

Oh, about the height. Suppose you're at 1000km. Then the area that can see the satellite at at least 45 degrees above the horizon is about 1000km in diameter. This covers an area of about 3 million square km. The earth is about 450 million square km. You'd need about 300 satellites to cover the earth with each spot getting on average two satellites (hopefully you can then arrange for every spot to get at least one satellite). If they need 4000 satellites they are apparently aiming for about 300km height! -> my calculation comes to 3000 satellites, they probably have a few in reserve, require a higher number of satellites to cover everywhere all the time etc.

Anyway, that would come to "too low" for the drag/orbit deay reasons..... So that would mean they are aiming for "the lowest the orbit-decay will alow".

Comment: Re:Challenges... (Score 2) 98 98

Older satellite internet systems used technologies borrowed from "TV broadcasting". What they effectively did is broadcast everybody's downlink via the satellite and everybody-for-himself had to use a land-line for the uplink. The idea being that you like having a big downlink pipe and it might be acceptable to have "only" 56k uplink.

All that is going overboard, as I understand things. Yes, people are going to transmit their uplink bits to the satellites: the stated goal of these projects is "internet everywhere", even where landlines don't come. So on most my calculations (I hope all of them :-) ) I calculated the round-trip delay via satellite.

On the other hand, I did not take the groundstation-to-destination delays into account. Those are on the order of 60ms minimum for a transatlantic link, for exactly the same reason that a transatlantic satellite link will take that amount of time: the light speed.
(I just tried tracing packets to three American companies from Europe. All were reachable in less than 10ms (not enough to cross the ocean), with google performing worst from the three I tried: google, nbc, cnn. Apparently they all have servers serving european users here in europe).

Comment: Challenges... (Score 5, Informative) 98 98

Google and facebook have realized that some problems are not (economically) surmountable.

The problems are the following: The closer you fly your satelite to the earth, the more resistance it has from the atmosphere. The density of the atmosphere reduces by a factor of 100 each 46 km of height. So at "100km", you have about 10000 times less air than at the surface. Some people call that space. At 200km the air pressure is about 100 million times less than what it is over here. That is enough to have a reasonable decay rate of weeks/months/years. "skylab" came down after a few decades, right?

The further away you fly your satellites, the longer the travel times will be for the signals. This equates to ping-times. Hmm. 200km is 0.6 ms, quite acceptable. Both ways. 1.3ms. Still fine. Double the distance to 400km for slower decay times, and you're still about 10 times faster than a normal ADSL line. Acceptable. Not a problem. (the problem here is the same for everybody. The satellites will then play "pass the hot potato" to one that's flying above the ground station and beam your packet down to earth. Assuming your halfway around the globe, that will be about 10000 km. That's with 66ms (round trip) already more than what you get with a residential ADSL line. Still not too shabby.)

The problem with putting satellites high is that the distance to the user becomes large. You want them as close as possible.

The closer you put them, the more you need. -> 4000 of them. This however is not just a one-time investment: because they are low, their orbits decay and they fall back to earth on relatively short notice. If you need 4000 of them, they are not going to be large. So they are small. If you have a cubesate (10cm cubed) weighing 1kg, its orbit will decay just like a 100kg satellite of 10x100x100cm (flying the wrong side towards the front). But a bigger satellite is likely to be 100x100x100cm and weigh not 100, but 1000kg. The extra weight helps keep it in orbit, the extra size in the flying direction does not make a big difference. So the small satellites decay fast as well!

Comment: Next time.... (Score 1) 535 535

... arrest the 5-year-old with glasses in a superman costume. Everybody knows that Superman's glasses are a lethal weapon.

The shoot first, ask questions later attitude in the US is making me afraid. And the willingness of the police to come up with "charges" when they find nothing out of the ordinary.

The idea of a free country is that you can go about your business without getting arrested and thrown in jail for nothing. That "business" should include say hobbies that not everybody shares. Some people like to dress up. Some girls "fancy", some guys "as girls" and some nerds "as TV characters".

If on the report of a "gun sighted" the police rush out: Great. If they then arrest him, take him to the police station and then tell him: You had us scared for a moment, please don't do this again, that's "so so". But if they then CHARGE him with things just to make their trip seem useful then that's bad.

If they tell the man who reported this: Hey, that was just a guy in a costume from a TV show, please look better before you call us over. Then that's good. If they tell him: "great! we arrested the guy", then that's bad.

Comment: Re:Missing option (Score 4, Insightful) 225 225

If what you're saying is true, that's a truely bad system.

IF he was not accused in trial of the 'murder-for-hire" situation, then that has not been legally proven to have happened. Think about it. Suppose you end up in court for something minor and when it comes to sentencing, the judge suddenly sentences you to the maximum allowable sentence because he heard you tried to hire a hitman. Well, I hear you say that you didn't hire a hitman? That's my point! You have not been on trial for that, you have not been able to disprove that accusation.

That's what a legal system is about. When proven beyond reasonable doubt, after hearing both sides, THEN people can be convicted and senteced to prison.

Comment: What if.... (Score 3, Insightful) 190 190

What if the protection on planes is so bad that a passenger can use the inflight entertainment system to gain virtual access to the controls of the plane?

Suppose you are a security researcher and find this out. What do you do? Tell boeing! They... do nothing. Tell the airline! They.... do nothing.

It all starts with a belief issue. You hack into the entertainment system, compromise the firewall and see plane-control messages flying around on the network you now have gained access to. This is enough for a sufficiently technical person to be convinced of having gotten too far for comfort. At that point you know you are only one step away from taking control of the airplane.

Tell anybody less technical about it and they will not be convinced that you'd be able to move the plane. For example, today with this news today someone already voiced: "he might only THINK he moved the plane" (... while in fact the pilots initiated that maneuver).

So... to prove to the world that there indeed is a dangerous situation, you need to actually make the plane move.

And this is where everybody gets their panties in a knot. Suddenly the guy who reports that the planes are not secure enough is the bad guy and needs to be thrown in jail.

Examples of people reporting security problems and being ignored include: On a saturday night two men walking their dogs notice that the bank has left a window open. A person can just climb into.. the bank! So monday morning they walk into the bank, tell them about it, bank says thank you and... nothing happens. Next weekend, window is again left open. So they tell the bank again. And again. After a few times, to prove the point, they decide to climb in, and photograph what access they have once inside the bank. They got into a lot of trouble for that. But since then, the window has been closed.

Personally I have reported security problems in computers without going that extra mile of "making the plane move". In one instance I've reported such a misconfiguration to over 100 system administrators. Two hours later, saturday afternoon, the first response: "Thanks, fixed". Come monday morning, one response: "we know, not a security issue, get lost.". And all others were "no response". A year later more than 50% of the computers where I reported the configuration error were still vulnerable.

With laws being written in such a way that the "white hats" (*) can be thrown in jail, we create an environment where the white hats are either ignored or thrown in jail. Before you know it, the "white hats" are too afraid to report anything and stop reporting real problems. In that situation, you only find out the problems when a bad guy ends up crashing a plane.

Boeing: invite the guy over to show you the problem. Once that hole has been closed, invite him over, pay his hotel an meals for a week while he hacks at a "fixed" plane on the ground at your facilities. Credit him for making aviation safer.

(Do this, before someone makes it stick that: "Boeing created this system with such bad security that it put passengers at risk.").

(*) the researchers that report the problems they find without causing real harm,

Comment: Re:So... (Score 1) 63 63

They found a statistical relationship between the results from "normal" people and "people with cancer". This means that it MIGHT be possible to develop this into a test.

But this "result" (a statistical difference) might be that they got an average score of 98 +/- 10 for the healty people and 102 +/- 10 for the people-with-cancer. So someone who scores 100, healty or has cancer? 105? Can still go both ways.

Counting in binary is just like counting in decimal -- if you are all thumbs. -- Glaser and Way

Working...