Become a fan of Slashdot on Facebook


Forgot your password?

Comment Re:Sanctions lifted ... (Score 1, Interesting) 229

The Chevy Malibu is a good example: the 2010 model was as good as any in its class and better for North American driving conditions than most of its European- and Japan-optimized competitors. I haven't seen the 2016 yet but early reviews are that is it substantially improved over the 2009-2011 type. There are many very good Big 2.5 designed and built models on the market that are competitive with anything (particularly in North America). Also some not-so-great models - which is also true of Mazda, Toyota, Nissan, etc (not even getting into the VW cult/mess). Toyota automatic transmissions? Woah, there's a great design ;-(


Comment Re:So basically.. (Score 5, Insightful) 179

What I'm taking away from this is that anything David ever has made or will make in the future should not be trusted.

While I'll grant that the you're partially justified by the ridiculously bad summary, your takeaway is dead wrong.

First, having just skimmed through the article and the (very interesting!) paper, let me point out why the summary is ridiculously bad. Chaum's protocol does not include a backdoor, and certainly not "just to please governments".

What Chaum did was to describe a really cool anonymous routing and communications protocol, with a number of highly desirable properties. The biggest one is that his protocol is designed to be secure against nation state access, unlike Tor. It should also be quite a bit faster than Tor because communications require no public key cryptographic operations; everything is done with very-fast symmetric crypto, building on top of a precomputed homomorphic encryption. Making this scheme work, though, depends on the existence of a trusted third party (TTP).

In general, relying on a TTP is problematic in contexts where there isn't any obvious person or organization who could be trusted. And for a global communications network that will be used by lots of people and which many governments might like to penetrate, and which in fact is specifically focused on trying to prevent penetration by nation states, there clearly exists NO such single party.

Chaum's solution to the problem of how to trust when no one is trustworthy (a common problem in security design, actually) is to distribute the trust (a common solution, though Chaum's implementation is particularly clever). By arranging things so that the TTP role is spread across many different nations, each of which is fairly trustworthy except in particular areas, and selecting those nations so the areas in which they're untrustworthy are different, and designing the cryptography so that any abuse of the TTP role requires willing participation of 100% of said nations, it may be possible to construct a TTP which is trustworthy in the aggregate, even though no individual member is fully trustworthy.

This is a very clever solution to what I would have said is a completely intractable problem.

Comment Re:we all get what most of us deserve (Score 1) 406

You present it as though there were a choice. As internet access spread beyond a small number of geeks (and people started to buy stuff via the internet) then adverts began to appear in earnest and what you describe is more less inevitable.

This is true, it was inevitable, but you give the wrong reason.

Telling people (at least the non-tech "general public") not to use sites that have advertising is akin to telling them not use the web at all. When a platform becomes as widely used and powerful as the web then it inevitably becomes of interest to the rich and powerful who wish to control it.

No, the reason advertising was inevitable on the web has nothing to do with class warfare.

The real reason is that while it's practical to self-fund a small server in your basement, dorm room or university computer room that can serve static or semi-static content to a small population of users, it's an entirely different proposition to build and operate infrastructure capable of serving dynamic information to a billion users. Doing the latter requires tens of billions of dollars of infrastructure and billions of dollars of annual operation expenses.

Scaling the web up to where it could serve the entire population of the developed world, as it does now, required lots and lots of money. Where was that money going to come from? It ultimately had to come from the users, and there were really only two obvious ways for that to work: subscriptions or advertising. A subscription-based approach would have either placed barriers all over the web that made its core feature -- hyperlinking -- nearly useless, or else required the establishment of some sort of enormous micropayments system. But micropayments suck in all sorts of ways. I won't go into why because that's another (lengthy) post.

Advertising, however, has long proven to be the ideal way to fund large-scale mass media infrastructure. It made inexpensive newspapers possible, and then paid for free radio and television broadcasts, paying for armies of reporters and tens of thousands of local radio and TV broadcast stations. It works even better in the case of the web. It scales beautifully with the size of the audience, adds no friction to cross-site links and enables the economic creation and distribution of all sorts of mass-market content and services. Further, on the web it's possible to do targeted advertising, which increases the revenue potential and therefore decreases the amount of advertising necessary to fund the web (if you think there's a lot of advertising on the web now, be glad you're not seeing what it would look like without targeting).

Advertising also sucks. It gets in the way of the content that users are actually seeking. Advertisers devise and implement various tricks to make their ads more prominent than others, and more prominent than the content it's bookending. On TV, for example, ads are louder than most programs. Users develop schemes to avoid having to see the unwanted advertising content, and advertisers find ways to thwart these schemes. On the web, it's potentially even worse because of the possibility of malware getting inserted into advertising channels. And targeted advertising creates privacy concerns.

BUT the servers have to be funded somehow, and the old web model of donated equipment and bandwidth simply can't serve the entire population. And while advertising sucks, it sucks much less than the other alternative funding mechanisms.

So, advertising is inevitable. And given that there's a big money hose, it's then inevitable that the rich and powerful will be looking to find ways to siphon some of that money off for themselves. But that's an effect, not the cause, of advertising on the web.

Comment Re:Bad research (Score 1) 274

That is a classic justification mechanism for crazy morons in denial. There are tons of studies on this subject, with contradictory results (as is usual for medical studies with a political component). Sure, you can pick just the few percentage of studies that you agree with, but that doesn't mean you aren't a biased moron.

So far, we're pretty confident of the following: 1) Alcohol consumption correlates with lower mortality 1a) But people in at-risk groups drink less, including poor, extremely unhealthy, and teetotalling ex-alcoholics. 2) Alcohol improves on some health markers 2b) But makes others worse. 2c) Which probably makes alcohol's cost/benefits dependent on other things, such as whether you have heart disease.

I think the clearest conclusion we can make is that the effect of light to moderate alcohol consumption on health is very small. It may be positive, negative or neither, and perhaps we could identify specific populations in which it has larger effects, overall it's is negligible. However, this only applies to light to moderate consumption; heavy consumption is clearly very bad for you.

(And before the AC calls me out for being an alcoholic in denial, I'll mention that I'm a non-drinker. I've never consumed an alcoholic beverage in my life.)

Comment Re:I don't know which I hate worse? (Score 1) 122

- - - - - I get that for high-traffic websites need a better scalable solutions than the traditional databases, and I get that you have to sacrifice some of the features of those traditional databases to do so. - - - - -

Whenever I read something similar to this as related to a database I immediately think that what is being sacrificed is transaction integrity and multi-user contested performance/scaleability, but that's just me.


Comment Re:Database of the year? (Score 1) 122

- - - - - Oracle is such a pile of shite it does not actually work unless you have a support contract. and even then, the features you use are likely to be abandoned without warning unless you are a major first world government (and probably even then, but I cant speak from experience on that).

That's funny. I learned Oracle when I inherited a midrange ERP/WMS system at a small manufacturing company that used a vendor-supplied 8i as the base. It pretty much just ran for two years under heavy load with just the basic DBA maintenance instructions provided by the ERP vendor in a 1-hour training. Meanwhile our peers in the software user group reported crashes, lockups, lost transactions, and extremely poor reporting performance on their MS SQL Server installations of the same package.

Over that two years as my staff and I taught ourselves Oracle, good performant SQL practices, and good reporting practices my respect for the DBMS and its fundamental design grew. I'm very, very skeptical about software and its vendors in general but by the time we upgraded to 9i I was (and remain) a very strong Oracle RDBMS supporter.

I do find that people who have self-trained on databases via Excel, MS Access, and MySQL have a very hard time with Oracle (and presumably also PostgSQL and DB2). I also have seen a lot of really bad, transaction-unsafe, non-performant MS SQL Server code. So YMMV.


Comment Re:Liberty Minded (Score 4, Insightful) 388

Well, you certainly illustrate the point that there are thoughtful libertarians out there. An interesting point on libertarianism along the lines of what you're saying... I once volunteer-taught a class on American politics for some adult ESL students. When I introduced "libertarian versus statist" as a dimension that is distinct from liberal and conservative, it was pretty new to most of them. That is, while almost all societies grapple with the how much control the state should exercise over various kinds of activities, it's only in the US that we have a name for that (Liberty!) and a group that (nominally) wants to minimize state control over everything. The US has a long lefty-libertarian tradition that has fueled many important social advances (freedom to love and marry whoever you please being the most recent example), while our righty-libertarians have also served to keep the US out of some of the worst excess of statist economics (think price controls).

That said, it's pretty hard to line up with libertarianism in it's current form. The three axiomatic views that most turn me off are
1. The private sector does everything better than the government does or might do
2. Everyone can always have everything if they only try hard enough
3. Social well-being can only be maximized by increasing individual well-being

What drives me nuts is how often these are asserted as axioms in spite of numerous and obvious counterexamples. Skepticism that government intervention will solve a problem is necessary, healthy, and frequently true. But there are so many readily available counterexamples that these cannot be axioms.

# 3 might be a little different than the others, and I'd actually be interested in a thoughtful libertarian critique of it. It is what Pope Francis calls "subsidiarity", the idea that humans actually gain meaning and satisfaction from feeling that they are subsidiary to something bigger than themselves. I'm no Catholic, but I see this in a lot of things. An individual who is free of all external obligations is a lonely, disconnected person, and I have a hard time believe that there are many people who are happier this way. Clearly there is such as thing as too much obligation to society, but what about too little?

A potent example of #1 is the lunatic response to Obamacare. This was an idea from 1970s "conservative" think tanks that was a pragmatic compromise right up until someone tried to implement it. And all told the ACA has a pretty non-statist system architecture: the state does not mandate what insurance you get, it does not mandate which company you choose it from (in fact there are standards to ensure a minimum of choice), it does not say what doctor you can or cannot go to are always free (like Liberty, not beer) to go to a doctor that is not in your plan, and Obamacare makes that EASIER not harder.

The mandate components of the law (health insurers have to take anyone who wants insurance ---> everyone has to buy insurance) that elicit all this yelling about "state force" and "FBI marshalls frog-marching me" are just system architectures to deal with real and fundamental problems.
The business of insurance is to collect as many premium dollars as possible, and it's very, very easy for insurers to cheat without some rules (oh, you got cancer in the rain on Sunday... if you look in Appendix R20421.13 subsection 7 of your plan, you'll see that this is not covered). Likewise it's really easy for covered people to cheat without some rules (oh, I rode motorcycle without a helmet for 10 years and now I crashed and am paralyzed from the neck down... pay for all my healthcare). This is what happens in the real world, and we as engineers/technologists are the ones who stick our heads out and find a set of tradeoffs that makes things a little better. And we are also the ones who deal with the sucky parts of the architecture we chose. So I can't understand when this type of thinker can't relate to what Obamacare is about.

Comment Re:Sweet (Score 1) 126

Unlocking the bootloader and flashing a ROM requires a backup, wipe, and restore. What's the easiest way for a user to be sure that a backup tool downloaded from Google Play Store actually saved everything in a way that it can restore?

What apps do you use that need to be backed up? Games, I suppose... if you care about having your progress saved.

Personally, I don't worry about backup/restore. When I reflash, or get a new device, I just start clean. Pretty much everything I'd care to back up and restore is synced to the cloud anyway, so it just shows up. Android Marshmallow made it particularly slick the most recent time. It asked if I wanted to restore all my apps and stuff from my old phone and it did an outstanding job. Nearly everything was automatically installed and it even laid out my home screen and set my background. It still took a few minutes to set up a few things, and then for a while I was having to log into various apps the first time I used them, but all in all it was quite painless.

I suppose if you turn off all of the cloud backup options then it would be a different story.

Comment Re:Android security? lol! (Score 1) 126

You mean your 4 year old phone that you bought while Google had a published 2 year (from first sale) major update, 3 year (again, from first sale; or 18mo from last sale in the Google store) security update policy? If you're claiming you didn't know what you were buying, that's on you.

To be fair, Google didn't have an official support policy for Nexus devices when the Galaxy Nexus was released. In fact, Google didn't have such a policy until August 2015. It was understood previously that devices would get updates for a couple of years, but there was no specific commitment.

Actually, it seems that official update policies for mobile devices are a new idea. AFAICT Google's was the first, and I don't know that any other company has yet matched it. That includes Apple -- though in practice Apple usually supports devices for longer than 2-3 years.

(Disclaimer: I'm a Google Android engineer, working on the Android security team. I'm speaking for myself, though, not for Google.)

Comment Re:Well of course ... (Score 1) 113

And you don't get to whine if people stop buying your products because they can't trust you anymore.

Why the hell not?

If my government is damaging my business, against my wishes, in order to spy on me (and the rest of the world), I'd damned well better not just whine but yell and shout. I suppose the "you" in your statements was intended to refer to the US as a whole, but the US as a whole didn't do it and isn't on board with it. Unfortunately, a lot of voters who don't understand the issues and are afraid of brown people are on board with it. That just means those of us who do understand need to educate them.

Fortunately or unfortunately, depending on your perspective "we're losing billions of dollars every year because the world won't buy our goods and services because the NSA has been piggybacking spyware on them" is an argument said voters will understand. Once it gets bad enough.

Slashdot Top Deals

Just about every computer on the market today runs Unix, except the Mac (and nobody cares about it). -- Bill Joy 6/21/85