Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment: I thought the point of the charge ... (Score 1) 21

by Ungrounded Lightning (#48929295) Attached to: Spider Spins Electrically Charged Silk

I thought the point of the charge was to make the "wooly" side-fibers of the strands wrap around the prey's limbs and/or the microscopic irregularities in the exoskeleton, tangling to it. "Tying" the fibers to the prey would have a similar binding effect to gluing them to it, without the need for glue, and lots of little fibers could make a very strong attachment.

(Stretching fibers made of long chains makes them stronger by aligning the chains along the direction of the stretch.)

Comment: Also: lots of code has been vetted for decades (Score 1) 46

Why are they still using C to deal with network protocol? Is the performance so critical that it's worth all the troubles?

Also, because there's a lot of C code that has been in heavy use, and tested for correctness, for decades, suitable for reuse with substantial confidence that it's correct (though you check it anyhow...).

Let's see you find code like THAT for a language that hasn't been AROUND for decades. B-)

Comment: For starters, because it's transparent. (Score 1) 46

Why are they still using C to deal with network protocol?

For starters, because it's transparent. The "K&R compliant assembly laguage", as one of my former colleagues once characterized it, translates to object in a clearly understandable way (especially if you turn optimization down or off). Though it gives you more opportunities to create bugs, it makes it hard for the bugs to hide from inspection.

The "higher-level" the language, the more it takes over and inserts its own stuff between you and the metal, and the more opportunity for that to inject an invisible vulnerability - which you might have trouble removing even if you DO discover it.

Meanwhile, many of the things "higher-level" languages protect you from can also be detected and flagged by both modern C compilers and code examination tools - starting with the venerable "lint".

Comment: Re:Not really. (Score 1) 219

by dpilot (#48927313) Attached to: Gamma-ray Bursts May Explain Fermi's Paradox

There's a bit more to it than that. My tops would be two points.
First, we're memetically infectuous. Plant a new idea here, and someone will run with it, most likely in some direction you never wished for. Many of our memetic infections are downright dangerous, lethal, destructive, etc. Contact might well be considered irresponsible, no matter how well intended.
Second, there's the thing I mentioned about our reverse-engineering technology. They might accidentally give us more capability than they wanted to. Not that we'd be any threat to them, but we've been sitting here for however long with the Doomsday Clock close to midnight. Give us something new that can be weaponized, (We've been able to turn just about everything into a weapon, perhaps the most resistant invention was the "death ray", the laser - it's had so darned many peaceful uses and has been very hard to make into aweapon.) and we will do so. Perhaps that weapon might be what tips the scale, ticks the clock, or whatever metaphor you like.

Comment: My experience is different. (Score 2) 21

by khasim (#48927043) Attached to: Book Review: Designing and Building a Security Operations Center

The truth is that many firms simply don't have the staff and budget needed to support an internal SOC. They also don't have the budget for an MSSP. With that, Mike Rothman of Securosis noted that these firms are "trapped on the hamster wheel of pain, reacting without sufficient visibility, but without time to invest in gaining that much-needed visibility into threats without diving deep into raw log files".

In my experience it is not the budget but the politics.

Is your company's security worth the expense of an additional tech? Or are office politics the reason you cannot get an additional tech?

Does whomever is in charge of your technology have the authority to say "no" to requests from other departments? And the political capital to make it stick?

I've seen too many examples of companies "suffering" from the problems their own decisions/environment created.

Retrofitting security is not the answer.

+ - Spider spins electrically charged silk->

Submitted by sciencehabit
sciencehabit (1205606) writes "In their quest to make ultrastrong yet ultrasmall fibers, the polymer industry may soon take a lesson from Uloborus spiders. Uloborids are cribellate spiders, meaning that instead of spinning wet, sticky webs to catch their prey, they produce a fluffy, charged, wool-like silk. A paper published online today in Biology Letters details the process for the first time. It all starts with the silk-producing cribellar gland. In contrast with other spiders, whose silk comes out of the gland intact, scientists were surprised to discover that uloborids’ silk is in a liquid state when it surfaces. As the spider yanks the silk from the duct, it solidifies into nanoscale filaments. This “violent hackling” has the effect of stretching and freezing the fibers into shape. It may even be responsible for increasing their strength, because filaments on the nanoscale become stronger as they are stretched. In order to endow the fibers with an electrostatic charge, the spider pulls them over a comblike plate located on its hind legs. The technique is not unlike the so-called hackling of flax stems over a metal brush in order to soften and prepare them for thread-spinning, but in the spider’s case it also gives them a charge. The electrostatic fibers are thought to attract prey to the web in the same way a towel pulled from the dryer is able to attract stray socks."
Link to Original Source

Comment: Re:CA requires commercial licenses for pickup truc (Score 1) 208

I can guarantee you that if the Govt. left it up to drivers to get the proper training and instruction on how to operate vehicles safely, people wouldn't do it.

Interesting claim - since it doen't work that way for guns.

Where the government requires training, most gun purchasers take the minimum required, then stop. Where it doesn't, most people start with the course recommended by the gun stores (which is far more comprehensive - and more focussed, with less time spent on political indoctrination B-) ) and also do substantially more range time, until they feel adequately competent. (Then there are those that get interested in shooting as a hobby...)

A similar effect is the reason police normally don't shoot at private ranges simultaneously with civilians. Most police are embarrassingly HORRIBLE shots and pistol-handlers - because they do only the minimum training and practice required by the department (which has lots of other stuff for them to do while they're being paid for their time), and almost never have to actually fire their gun during their work.

Comment: Re:CA requires commercial licenses for pickup truc (Score 1) 208

Ford F150 Lariat.

For the 5 1/2 ton towing capacity (which also translates to "won't blow the engine head gasket towing a loaded trailer up CA 88 like the van did" - turns out they designed that vehicle's engine with the cylinders too close together so this one pair had a very thin piece of gasket between them,..).

(No time to get the GVR before I have to get to work...)

+ - New Micro-Ring Resonator Creates Quantum Entanglement on a Silicon Chip ->

Submitted by Zothecula
Zothecula (1870348) writes "The quantum entanglement of particles, such as photons, is a prerequisite for the new and future technologies of quantum computing, telecommunications, and cyber security. Real-world applications that take advantage of this technology, however, will not be fully realized until devices that produce such quantum states leave the realms of the laboratory and are made both small and energy efficient enough to be embedded in electronic equipment. In this vein, European scientists have created and installed a tiny "ring-resonator" on a microchip that is claimed to produce copious numbers of entangled photons while using very little power to do so."
Link to Original Source

+ - We May Have Jupiter To Thank For the Nitrogen In Earth's Atmosphere->

Submitted by Anonymous Coward
An anonymous reader writes "Nitrogen makes up about 78% of the Earth's atmosphere. It's also the 4th most abundant element in the human body. But where did all the nitrogen on Earth come from? Scientists aren't sure, but they have a new theory. Back when the solar system was just a protoplanetary disk, the ice orbiting the early Sun included ammonia, which has a nitrogen atom and three hydrogen atoms. But there needed to be a way for the nitrogen to get to the developing Earth. That's where Jupiter comes in. During its theorized Grand Tack, where it plunged into the center of the solar system and then retreated outward again, it created shock waves in the dust and ice cloud surrounding the sun. These shock waves caused gentle heating of the ammonia ice, which allowed it to react with chromium-bearing metal to form a mineral called carlsbergite. New research (abstract) suggests this mineral was then present when the Earth's accretion happened."
Link to Original Source

Comment: Re:Not all code is vulnerable - getaddrinfo() is f (Score 2) 205

by spitzak (#48920231) Attached to: Serious Network Function Vulnerability Found In Glibc

As pointed out in the article, the program must use gethostbyname() on a name supplied by the attacker.

A much more mitigating factor is that the bug is only exercised if the name looks like a numerical id, and according to their search most software first checks this using inet_aton() and only calls gethostbyname() if this fails, thus avoiding the bug.

Whom the gods would destroy, they first teach BASIC.

Working...