Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment: Re:As with all space missions: (Score 1) 178

by rwa2 (#48618775) Attached to: NASA Study Proposes Airships, Cloud Cities For Venus Exploration

I hate to bring politics into a science discussion, but unfortunately politics is what determines funding. And politics is what put humans on the moon.

Yes, putting humans anywhere in space (or anywhere hostile to biological habitation) is basically a super-expensive camping trip. That never stopped us in the past from building capsules that can take humans to the bottom of the oceans or hurtling across the skies or stationed at the south pole and other places where robots could do the job just as well or better.

Politically, will countries / corporations be able to "own" the resources (or even just the science / IP) discovered in space without a human presence to plant a flag and occupy? I mean, we're not to that level of competition yet, but say sometime in the future when we're mining asteroids and there's a really valuable asteroid that everyone's trying to claim. Would we consider it legal for the first mining robot to arrive to claim the entire thing? Or is it fair game for whichever robot gets there first to take their fill? Is it an act of war for a robot to knock out / disable a competing country's robot? It obviously is if you're knocking out a human-inhabited space colony, but otherwise you're just squabbling over money.

Anyway, I'm glad that NASA is doing the math on what is at this point just a proposal / thought exercise. No harm in having thought things through, in the off-chance that Venus was suddenly struck with a strong case of unobtanium-fever.

Comment: Re: This is not the problem (Score 1) 551

by rwa2 (#48618451) Attached to: Economists Say Newest AI Technology Destroys More Jobs Than It Creates

Huh, well, I learned something... I always thought they were getting their "checks" for free. ... I'm still working on building up that minimum average daily balance so I qualify for free or reduced orders on checkbooks... must be nice to have enough to go platinum and not have to worry about that.

+ - Vessel Identification and Tracking System Is Profoundly Insecure->

Submitted by chicksdaddy
chicksdaddy (814965) writes "Researchers from the firm Trend Micro are warning that the Automated Identification System (or AIS) — a monitoring system that is used on over 400,000 ocean-going vessels — is profoundly insecure and vulnerable to both software and radio-based hacks, The Security Ledger reports. (https://securityledger.com/2014/12/research-finds-cyber-physical-attacks-against-vessel-tracking-system/)

AIS is a global system for tracking the movement of vessels. It is intended to supplement marine radar and relies on ship, land and satellite-based systems to exchange data on ships’ position, course and speed and is used for everything from collision avoidance to security, ship-to-ship communications and weather forecasting.

AIS is required to be deployed on all passenger vessels and on international-voyaging ships with gross tonnage of 300 or more. However, researchers Marco Balduzzi and Kyle Wilhoit found that AIS is rife with exploitable software- and protocol vulnerabilities. Chief among them are flaws in the AIS protocol which was developed in a “hardware epoch” and lacks even basic security features such as authentication and message integrity checks. While hacks of radio-based systems like AIS would have been expensive and difficult to conduct 10 or 15 years ago, the advent of tools like Software Defined Radio make it possible to craft sophisticated attacks with just a small investment, the researchers discovered.

In their work, Balduzzi and Wilhoit – working with an independent security researcher – were able to use software-defined radio based attacks to trigger a range of phony messages, from false SOS and “man in the water” distress beacons to fake CPA (or Closest Point of Approach) alert and collision warnings on an AIS system set up in a lab environment. A copy of their ACSAC presentation slides can be found here: http://blog.trendmicro.com/tre...

The two have written about AIS vulnerabilities before, including susceptibility of AIS to man-in-the-middle attacks (http://blog.trendmicro.com/trendlabs-security-intelligence/captain-where-is-your-ship-compromising-vessel-tracking-systems/). Their latest work expands the list of attacks and vulnerabilities found in AIS to include both software and RF-based hacks, SQL injection, buffer overflow and so on."

Link to Original Source

Comment: Re:Some practical examples (Score 1) 151

by rwa2 (#48612571) Attached to: In IT, Beware of Fad Versus Functional

Ugh. Never played with Rails, but I've had to convert a lot of bash / python cluster management work into Chef / Ruby and it's been awful. I easily spend 10x longer doing trivial tasks, and in the end, I have to write a bash ssh job to verify that chef did the right thing anyway.

To be fair, there's a lot in the framework that I do like... the somewhat built-in unit and integration testing (which, for some reason, is surprisingly absent in production where you'd most want it). I sort of like the RuboCop coding convention watchdog, mostly due to the irony of it making ruby even more sensitive to whitespace formatting than python ever was. But for the most part, all this stuff just adds more pieces that randomly breaks things every 3 months, and most people trying to get actual work done end up disabling and ignoring all of it, which is a shame because doing things in The Chef Way(TM) also balloons every little 10-line bash/sed script into a monstrosity spanning multiple overlapping files, attributes, templates, and data bags. It's also dog slow and wasteful to nuke-n-pave for every little change, and/or inconsistent about deploying rolling updates and giving you no mechanism to roll back (OK, so it does provide some backup of some configuration files it touches, whooop-dee-doo).

I left my old job largely because the new tech manager wanted to introduce Chef as the silver bullet that would launch them into the next phase of their career, and forced hundreds of prod machines to start using it while they were still figuring out all of its vagaries. Of course the final straw was that we weren't allowed to in any way blame Chef on any outages or project delays, since the execs were already breathing down his neck for the ham-fisted migration.

Got another job still doing Chef-based work, but at least now I have support from management to take as much time as it needs to maintain things properly. Still spend way more time maintaining the tool instead of plying our trade, but whatever, it pays the bills. OpsCode has really got a little cottage industry going in maintaining DevOps job security, and I get a lot of coffee breaks while "waiting for my ruby scripts to converge in test-kitchen".

Comment: Re:been there, done that (Score 2) 259

by rwa2 (#48612261) Attached to: Ask Slashdot: How Should a Liberal Arts Major Get Into STEM?

Mod parent AC up.

Some of the best IT workers I've known were originally English majors. A STEM worker that doesn't communicate well can be just as bad or worse than a less-technical worker with some decent collaboration skills.

So you have a BA degree... Use it to get a technical writing or training job in some field you would enjoy. Then use the tuition benefits / training provided by your employer to get a BS / MS in something. From there you'll be able land a whole bunch more jobs that require a technical degree.

The hardest part is getting your foot in the door... unfortunately, it's usually easier to have the BS / STEM degree first, and then using your employer's continuing education benefits to study whatever the hell you like. But it can work the other way around too.

Comment: Re:I played GTA: San Andreas years ago (Score 1) 427

by rwa2 (#48611403) Attached to: Virtual Reality Experiment Wants To Put White People In Black Bodies

Seriously, GTA III:SA did an awesome job putting you in the shoes of a black kid from the hood. Character development was amazing, as you start out on bikes doing jobs for your moms, dealing with corrupt cops (both white and black), getting trapped in drug & gang wars, losing everything, rebuilding yourself as a lackey for a gangsta rapper and the CIA... it really makes you want to rage.

GTA IV, OTOH, was pretty lame in comparison... zero character development (certainly didn't help that the main voice actor was the only one who could pull off a convincing Russian immigrant accent, esp. compared to the "extras" like the Thai prostitute in the opening sequence). It just didn't make me feel anything for his plight or his family, and when bad things happened to him I was like "good!".

Comment: Re:MOD DOWN Supply and also MOD DOWN PARENT POST (Score -1, Troll) 190

by rwa2 (#48604475) Attached to: Why Didn't Sidecar's Flex Pricing Work?

Heh, I lol'd .

But anyway, to go off on a tangent, where was the /. coverage of the Car2Go outage from Friday? The one caused by the meltdown of their "German-based" mobile carrier due to some network roaming bug? I assume they're trying to deflect the blame to T-mobile without directly impacting their stock price...
http://www.thetruthaboutcars.c...

Comment: Re:Unless it has support for Bitcoin... (Score 2) 152

by rwa2 (#48604371) Attached to: Small Bank In Kansas Creates the Bank Account of the Future

Eh, you're not on the hook for paying taxes with a babysitter if it's under $1900/yr. or $1000 per quarter
http://www.forbes.com/sites/an...
So I guess if you have a pool of different babysitters, you're all set.

Though more likely what will happen is that we'll go back to the dark ages and live with family members who can take care of our kids for us instead of entrusting them to near-total strangers, and, like, maybe learn how to get along while living in close proximity of our in-laws and stuff. You know, like the way things work in the third world.

Nah, I'm probably expecting too much from US society.

Comment: Re:Supply and demand (Score 1) 190

by rwa2 (#48602787) Attached to: Why Didn't Sidecar's Flex Pricing Work?

Plus, there's plenty of alternatives in the Seattle area. Most tech workers get a monthly bus pass for free through their work. Since Seattle doesn't really have a "major" mass transit network yet, the bus service it actually pretty good (as long as you're commuting to/from Seattle -- good luck if you're trying to commute between suburbs). The city of Seattle paid for everyone to get Car2Go memberships, and ZipCar has a pretty good presence here too. The airport shuttles are great if I have more luggage than I care to lug on transit, and they're cheaper than cabs since you can share the ride with others on the van. I have and use all of these things, but never used a cab or any of these new unlicensed / unregulated cab-like services. That's just not how I roll.

Having lived in the third world, I think the only way taxi (and taxi-like services) will get cheaper is through a glut of competition through the right amount of regulation/deregulation (like the licensed taxis in Thailand, which are everywhere and you can summon them in minutes with a wave of your hand, yet metered so they don't rip off tourists as much as they used to), and shared jeepney services (like those used in Puerto Rico and the Philippines) which essentially work like airport shuttles. Both of these could be much improved and optimized with information technology, and large employers like Microsoft and Google already run their own intelligent taxi/vanpool services for their commuters and on campus, so it's likely just a matter of time before they start offering some of that publicly... if there wasn't so much competition from public transit.

Comment: Re:Really.. (Score 1) 112

by rwa2 (#48601983) Attached to: Apple and Samsung Already Working On A9 Processor

Huh interesting points... I would have guessed that this might be a ploy for Apple to grab some of the military-industrial complex work. I've never seen apple junk in the defense sector before, but if they can get security officers to begin insisting on using US-sourced electronics, then Apple has a honey pot of high margin contracts to reap.

Comment: Re:Over to you, SCOTUS (Score 1) 378

by rwa2 (#48576417) Attached to: Congress Passes Bill Allowing Warrantless Forfeiture of Private Communications

Still looking for a political solution? Look for the silver lining... if everyone KNOWS that the government is mining your communications for whatever ends they see fit, then that's all the more reason to apply technical solutions to the problem. We've been trying forever to get people to start encrypting their emails and stuff, this might be the thing that finally gets everyone to accept real technological measures for achieving encryption and anonymization on the internet.

I, for one, am kinda glad that this type of thing is out in the open so we can deal with it more effectively with technological measures... vs. before where we would say "well, I'll just conduct all of my communications out in the open since the Constitution said the government guarantees our privacy without their fingers crossed behind their backs"

+ - Congress passes 'Unlimited Access to Communications of Every American'

Submitted by mi
mi (197448) writes "A provision of "Intelligence Authorization Act for FY 2015" passing through Congress would create an Executive government's right to collect all communications of Americans. The Executive is already doing it claiming "executive authority", but they will no longer need to. In "exchange" the bill mandates deleting all such records within five years, which is the current practice anyway. Congressman Justin Amash (R-Michigan) is raising awareness."

I've got all the money I'll ever need if I die by 4 o'clock. -- Henny Youngman

Working...