Become a fan of Slashdot on Facebook


Forgot your password?

+ - Reverse Engineering the Nike+ FuelBand's Communications Protocol->

Submitted by Anonymous Coward
An anonymous reader writes "Security researcher Simone Margaritelli has reverse engineered the Bluetooth low-energy communications protocol for his Nike+ FuelBand SE, a wrist-worn activity tracker. He learned some disturbing fact: "The authentication system is vulnerable, anyone could connect to your device. The protocol supports direct reading and writing of the device memory, up to 65K of contents. The protocol supports commands that are not supposed to be implemented in a production release (bootloader mode, device self test, etc)." His post explains in detail how he managed this, and how Nike put effort into creating an authentication system, but then completely undermined it by using a hard-coded token. Margaritelli even provides a command list for the device, which can do things like grab an event log, upload a bitmap for the screen, and even reset the device."
Link to Original Source

+ - New Study Says Governments Should Ditch Reliance on Biofuels

Submitted by (3830033) writes "The NYT reports on a new study from a prominent environmental think tank that concludes that turning plant matter into liquid fuel or electricity is so inefficient that the approach is unlikely ever to supply a substantial fraction of global energy demand and that continuing to pursue this strategy is likely to use up vast tracts of fertile land that could be devoted to helping feed the world’s growing population. “I would say that many of the claims for biofuels have been dramatically exaggerated,” says Andrew Steer, president of the World Resources Institute, a global research organization based in Washington that is publishing the report. “There are other, more effective routes to get to a low-carbon world.” The report follows several years of rising concern among scientists about biofuel policies in the United States and Europe, and is the strongest call yet by the World Resources Institute, known for nonpartisan analysis of environmental issues, to urge governments to reconsider those policies.

Timothy D. Searchinger says that recent science has challenged some of the assumptions underpinning many of the pro-biofuel policies that have often failed to consider the opportunity cost of using land to produce plants for biofuel. According to Searchinger if forests or grasses were grown instead of biofuels, that would pull carbon dioxide out of the air, storing it in tree trunks and soils and offsetting emissions more effectively than biofuels would do. What is more, as costs for wind and solar power have plummeted over the past decade, and the new report points out that for a given amount of land, solar panels are at least 50 times more efficient than biofuels at capturing the energy of sunlight in a useful form. “It’s true that our first-generation biofuels have not lived up to their promise,” says Jason Hill said. “We’ve found they do not offer the environmental benefits they were purported to have, and they have a substantial negative impact on the food system.”"

Comment: US politics are tainted with money (Score 4, Insightful) 120

by sinij (#48899441) Attached to: Fark's Drew Curtis Running For Governor of Kentucky
US politics, thanks to judicial rule-writing, is forever tainted with money. "Regular citizens" have absolutely no chance to get elected, unless they sell-out in exchange for campaign contributions.

If Jesus Christ returned and was running for congress today, we would probably see attack adds smearing his family, alleging connections to Romans, and questioning the time he spent on the cross.

Comment: Re:its nothing new really. (Score 1) 820

by sinij (#48877681) Attached to: Fake Engine Noise Is the Auto Industry's Dirty Little Secret
You don't need a tachometer for standard gearbox, most of the drivers will shift by sound or speed and will never look at the tachometer.
Had a friend who drove a manual car without tachometer. Ford-something. It had "shift up" dash light that would come up above 4000ish rpms. Was only weird the first time you drove it.

Comment: Data mining (Score 5, Insightful) 238

by sinij (#48858299) Attached to: Google Thinks the Insurance Industry May Be Ripe For Disruption
I would not want Google, a massive data mining company, to use its access to private and confidential information to sell anyone insurance. Just imagine "You searched 'hit and run' twice in the past year, and 'how to dispose of a dead body' once, your premium goes up by 1000%".

Comment: Re:Large TV, hight contrast (Score 1) 63

by sinij (#48836263) Attached to: Ask Slashdot: What Tablet and Software For a Partially Sighted Person?
Imagine having to use 2 inch tablet to send out emails. That how using a regular-sized tablet would feel like to a legally blind person. I have one in the extended family, and while they could see the tablet, reading from it is out of the question.

It is one thing to be supportive, it is another thing to set them up for failure. There are limitations imposed by their condition, and it is unwise to ignore these.

Comment: Money talks, electric car walks (Score 1, Interesting) 181

by sinij (#48812981) Attached to: Tesla To Produce 'a Few Million' Electric Cars a Year By 2025
I love the idea of electric cars, and Tesla is on my "lottery win" shopping list. With that said, if you apply hard numbers these cars do not make any sense at the current gas prices. Tesla's battery mega factory may change these numbers, but as of right now electric car premium substantially overshadows any and all gas savings. This is even before we start talking about hidden costs of scaling electric car ownership up.

As to mass-producing these cars, I have doubts that infrastructure could handle mass-adoption. The key issue is time it takes to charge, with gasoline one fuel pump can get driver in and out under 5 minutes. With charging stations you need 30 minutes or so. So Tesla has to build lots and lots concurrent "charging slots" and then develop congestion-mitigating techniques at the popular sites. Then they will have to invest into electric grid to support massive loads incurred by charging stations (ironically, the cost effective way to do this is by building 'load balancing' natural gas generators). Then they will have to mitigate inevitable increase in electricity costs due to supply&demand curves. Imagine what will happen to electricity costs during peak usage when everyone runs AC AND charges electric cars at the same time!

So we have following major roadblocks: a) cost of batteries b) cost of expanding charging stations network c) cost of electric grid infrastructure upgrades d) cost of accommodating increased load during peak times . Could all of these challenges be met? Sure, but it is unlikely achievable without public funds.

Comment: Re:Dewhat? (Score 1) 150

by sinij (#48806057) Attached to: Wireless Keylogger Masquerades as USB Phone Charger
Well, I advocate and practice usage separation. Have a secure device dedicated for "important" tasks like banking. This way you can have usability in most cases, and security in cases that requires it.

As to how do you educate users that their keyboard, smart TV, smart thermostat, router, in-car infotainment system, child monitoring system, fitness band, implanted defibrillator all require security patches? You can't. Unless they are Dick Cheney, who has a very well deserved reason to be paranoid.

"The algorithm to do that is extremely nasty. You might want to mug someone with it." -- M. Devine, Computer Science 340