Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment: Love collision avoidance in my Volvo (Score 3, Interesting) 247

by swb (#48892907) Attached to: Government Recommends Cars With Smarter Brakes

If I had bought my car new and was looking at features to add or avoid, I would have put the collision avoidance system on my "meh" list and would not have paid extra for it.

As it turns out, I really like it. I have the control setup for maximum distance, which means more false alerts. But although most alerts seem "false" they're only false because I'm really paying attention and have anticipated the traffic in front of me. About 25% of the time I think it's actually valuable and there was some risk of either a really quick stop or maybe even a fender bender.

The feature that goes along with it (they share the same radar system), distance sensing cruise control, I REALLY like. I wish it would beep or something when you get behind a vehicle driving 3+ MPH slower than your set point. On the Interstate its kind of easy to get in traffic going slower than I want to by small amounts and not noticing it because the car just matches pace with the vehicle in front.

Comment: Re:The noob is you (Score 1) 173

by swb (#48892121) Attached to: China Cuts Off Some VPNs

I would think that traffic heuristics -- volume of packets, frequency of packets, persistence of TCP sessions, volume of data transferred, types of TCP connectivity would provide some hints of a VPN session versus other kinds of encrypted traffic -- would possibly provide a way to compare it to known types of encrypted traffic and see VPNs. It's not like the Chinese don't have terabytes or even petabytes of real-world wild sample traffic to compare against.

I wonder if there would be some way to beat it by combining steganography and encryption to make a VPN's traffic look like some kind of unencrypted web browsing session. Embed encrypted data into retrieved pages as GIFs and plaintext mixed in with nonsense plain text and pace the traffic patterns to more closely resemble the pace of actual page views, forcing new TCP sessions for each view.

About the only weakness would be consistently contacting the same server.

It might be less useful for the kinds of normal VPN uses (low data volume, long latency as traffic was fetched) but I would think you could beat the expectations of what VPN traffic is supposed to look like.

Comment: Re:Yawn ... (Score 1) 223

by swb (#48886361) Attached to: Eric Schmidt: Our Perception of the Internet Will Fade

Your bigger problem isn't going to be lighting which could be rewired without tearing up the whole house but that any receptacles up there are probably on shared circuits with the rooms below, so when someone trips a breaker below the fucking AV setup goes dark too.

Your easiest solution is to just add a subpanel up there and power the room off the subpanel.

Comment: Re:Absolutely fair.. (Score 4, Interesting) 114

by swb (#48883261) Attached to: Apple Agrees To Chinese Security Audits of Its Products

Fear one may just be outright industrial espionage.

I'm guessing that security in Apple products goes above and beyond whatever (likely modified) FOSS libraries they use, but would also include stuff like their whole-disk encryption system, the touch ID sensor and its encodings, etc. So there's a fair amount of proprietary tech in these devices.

Fear two might be obtaining what amount to currently unknown zero-day exploits that could conceivably open all iDevices to security risks exploitable by Chinese intelligence.

AFAIK, recent models and OS levels have a generally accepted level of security that makes them difficult to break or exploit and I think this has come to be seen as a competitive advantage. Even if the security is beatable by the NSA in a lab situation, the marketing value is to businesses worried about lost devices or devices used in vertical markets with security compliance regulations.

Which is why I wondered how much Apple can control the terms of a security audit. Do the the Chinese just get handed a memory stick with ios-82-iphone6-source.tgz they can take back to their office or do they sit in a plain white room with locked down desktops that do a one-way remote console to a machine with source code? Or worse, a plain white room with a bunch of binders of printed source code?

Comment: Re:Layers (Score 1) 101

by swb (#48883209) Attached to: Google Plans Major Play In Wireless Partnering With Sprint and T-Mobile

Do MVNOs automatically get roaming on compatible carriers other than those they get wholesale agreements with? I have no idea how roaming works on the back end, but I would think that it would be something that AT&T could block if it wanted to (at least technically).

Even if it "just worked" from a handset usage perspective, there's still the question of the billing side of a roaming agreement. I think inside the US nobody thinks about roaming anymore because all the carriers have roaming agreements. To be competitive with carriers with a larger footprint, smaller carriers eat the roaming imbalance fees without upcharging their uses for roaming.

But would smaller carriers cover this imbalance for MVNOs or pass them on at cost or with some kind of added surcharge?

I still don't see how the economics of this works for Google or Apple. Both would have to be at least competitive on monthly subscriber rates compared to a direct consumer to carrier agreement, which at best would be break-even or a tiny loss. I can see Google eating a larger loss by monetizing the data analytics.

Comment: Re:Absolutely fair.. (Score 2) 114

by swb (#48883153) Attached to: Apple Agrees To Chinese Security Audits of Its Products

This was my first thought -- it's a search not for security of the devices, but a search for exploits of these devices and/or some form of industrial espionage.

But I wonder -- can Apple set the terms of the audit? Ie, you get to examine whatever it is you examine in our office using our provided systems which aren't connected to the Internet. You may not bring any electronic devices into the audit facility. You may not reproduce any code you review in our facility by any means, including notes, pseudocode, block diagrams, etc.

I suppose there's still some risk -- ie, deliberate subterfuge involving copying in some way or the use of a memory savant or some error so obvious they know how to attack it without any information exfiltrated.

I don't know, but I also assume that a truly thorough security audit of a large, novel (ie, you didn't write it) code base is hard and may be dependent on 2nd order effects, like the actual generated object code. Which may make it extremely time-consuming -- didn't the funded audit of TrueCrypt take an extremely long time just to do the initial audit?

Comment: Re:Layers (Score 1) 101

by swb (#48876327) Attached to: Google Plans Major Play In Wireless Partnering With Sprint and T-Mobile

But this seems more about a third party just dealing with real estate and physical infrastructure upkeep. I think when talking about cell "towers" most people aren't just talking about a steel skeleton rising from a concrete pad with a blockhouse at the bottom and a fence around it.

They're talking about both the physical structure AND the telecommunications infrastructure, from backhaul to site electronics.

It would be another thing altogether if a third party could build the structure AND provide all the electronics and signalling and all the carrier had to do was drop in fiber to connect to the rest of their network.

Comment: Re:Layers (Score 1) 101

by swb (#48875997) Attached to: Google Plans Major Play In Wireless Partnering With Sprint and T-Mobile

For some reason I seem to recall Apple also looking to build some kind of MVNO operation.

Build a phone capable of operating on all major networks and then you just pay Apple for "service" while the phone just seeks out the best signal/connectivity depending on your location.

But it makes me wonder what motivation carriers would have to support this. I guess I see Sprint and T-Mobile going along with this, but AT&T and VZW never participating because it ultimately turns them into low-margin wholesalers.

Even if Google or Apple could strike MVNO deals with all carriers, I would imagine that VZW and ATT would price their wholesale agreements such that the passthrough price to consumers would be more than a direct subscriber agreement. If the MVNO priced connectivity at competitive rates they would lose money or worse, steer connections to weaker networks where their wholesale rate was superior even if the connectivity was much worse than available networks. This would make it much less appealing.

Comment: Re:Layers (Score 1) 101

by swb (#48873993) Attached to: Google Plans Major Play In Wireless Partnering With Sprint and T-Mobile

If you think about it, the cellular networks are really pretty inefficient.

Every carrier requires their own towers (to the extent that colocation of antennas on a tower doesn't fit their network footprint), radio frequencies and extensive backhaul networks. Carriers leverage this to create anti-competitive incompatibilities and lock-in that makes switching carriers hard to impossible and raises the costs to handset makers through extensive handset model splits to support their differing frequencies or intentional incompatibilities.

The general amount of duplication is ridiculous and painful on the spectrum side since increasing data consumption requires more spectrum and/or more towers at lower radio power to allow for subdividing cells as density and usage increases. And they're not making more spectrum, especially in the more useful lower frequencies.

The ways I can think of to fix this all involve regulation, but maybe its needed. Signalling seems to be converging on LTE and maybe the FCC could consider a mandate for network interoperability -- ie, a single radio signalling protocol that all carriers had to support combined with a "must carry" rule that required any tower to allow any handset on any carrier to use it with some back-end settlement process so that carriers with less backend would have to pay for carriage they didn't provide back-end for.

Phones would be built to handle all radio frequencies, so depending on signal strength and geography, they would associate with the "best" tower not necessarily a "home" tower, balancing out any existing overlap in coverage to reduce the amount of cell subdivision required in built-up areas and encourage development of poorly served areas.

Comment: Private currency (Score 1) 39

by swb (#48871745) Attached to: Jim Blasko Explains 'Unbreakable Coin' (Video 2 of 2)

I kind of wonder if a group of companies could create a kind of private currency that would be represented as a store credit, say Amazon, Google Play and maybe Alibaba (to pick 3).

They could denominate it in dollars and provide incentives to customers and vendors to accept some of their income or refunds at a dollar premium in private currency as well as making it transferrable to other people (using a cryptocurrency model, maybe) as well as being portable to other core vendors. They could even offer to process transactions for other web site that wanted to be able to accept it.

They might even save operating expenses if it became widespread enough that it allowed them to reduce currency exchange issues. A combination of Amazon, Google and whoever would also probably be deep-pocketed enough that there wouldn't be much risk of the credits being defaulted on.

Comment: Re:HR underestimates domain knowledge training (Score 1) 261

by swb (#48869907) Attached to: The Tech Industry's Legacy: Creating Disposable Employees

I think there's a lot of truth to that.

Even figuring out how the company "works" and how to work within its systems can be time consuming and lead to a lot of inefficiency for employees. This is obvious in large companies with many systems, departments, people and sometimes even space.

It's less obvious in small companies like the one I work in, but as a small company with only 10 years history we are terrible about processes and our own domain knowledge. New employees are often in the dark about a lot of things and aren't effective until they have figured out a lot of information on their own, the hard way.

Comment: Re:Police (Score 1) 148

by swb (#48868387) Attached to: Paris Terror Spurs Plan For Military Zones Around Nuclear Plants

It's not a complete solution, but it should be possible to ameliorate this sort of problem by making assimilation a more attractive option for immigrants, or segregation a less attractive option.

The left's embrace of multiculturalism has made such a solution politically impossible.

But we have our own internal issues that make a lot of this difficult. We could be much more strict about enforcing secularism in public education, barring the display of religious symbols and restrictive dress and refuse to allow prayer in our schools. Trouble is, our own religionists in the US are so busy trying to put religion back in school they would never support this.

We also have a fair body of case law that prohibits religious discrimination at workplaces and generally forces employers to allow religious clothing and some types of religious activity at work.

I also think that enforcing an official language would help, too. If you can't take your religion to school or work and the only way you can interact with the government is in English you have a lot of motivation to assimilate. If you don't at that point, I guess you're everything I want in a fellow citizen -- someone who supports themselves, stays out of government and keeps their religion to themselves.

Comment: Re:Police (Score 1) 148

by swb (#48867921) Attached to: Paris Terror Spurs Plan For Military Zones Around Nuclear Plants

"seem to". Christianity is a whole lot less homogenized than Islam, which itself does have distinctions.

The funny thing with Islam is that it is, AFAIK, less centralized than Christianity, whose primary denominations (at least by membership) tend to belong to larger governing bodies who control doctrine, ordination, such as the Catholic church, the Lutheran synods, the Anglican Communion, and the branches of Eastern Orthodox Christianity. Despite it's apparent schismatic nature, Christianity has a lot of central authority even if it is weak authority.

Islam as a religion doesn't have any central structure like this, excepting within Islamic states where it is controlled by the government or organized within a given nation. There's no central authority that ordains Imams or is able to establish an orthodoxy, This has been one of the major problems with Islamic Fundamentalism -- you can't go to the Islamic pope and say tone it down. Anybody can grow a beard, grab a Koran, claim to be an Imam and try to be more conservative than the guy next door who he labels an infidel.

  Most so-called Christians aren't particularly religious,

And this is largely what makes Christianity in many ways more compatible with secular modernism -- the dominant flavors available don't lay outright claim to civil governance. Unlike Islamic upheavals, the 30 Years' War was settled with the Peace of Westphalia which established an idea of non-interference in other states' internal affairs, putting an end to the imposition of pan-state Catholic meddling in national affairs and in effect greatly curtailing theocratric governance in the Christian world.

Christian belief tends to be more personal and its edicts begin -- and end -- with its members, and they don't really have explicit civil authority. The Islamic world still is invested in notions of theocratic governance -- there isn't civil law and religious law, there is only one body of law, Sharia. I think one thing that frustrates Muslims is this lack of enshrinement of their religious beliefs in civil law.

Comment: Re:Police (Score 2) 148

by swb (#48864097) Attached to: Paris Terror Spurs Plan For Military Zones Around Nuclear Plants

Which is why I said "sense of powerlessness" -- I don't know that anyone is ever totally powerless, outside of maybe some kind of prison inmate in a 24-hour solitary confnement situation.

Obviously a member of a more or less free society can project physical power through some kind of violence (guns, bombs, going batshit nuts with a knife in a crowd, even).

But the belief that one lacks the kind of conceptual power to shape their future or influence their larger environment is what I was getting at. And usually the greater the perceived sense of powerlessness, the more over the top the physical response usually is.

The problem with talking about the actual power of "the Muslims" (a fraught concept in and of itself) is that in most ways of looking at it, relative to the West, the Muslims power seems pretty small, politically, militarily, and perhaps even culturally and ideologically.

It strikes me that most flavors of Islam are ideologically and culturally non-competitive with secularized cultures through their rejection of forms of social organization and interaction that limit their ability to adapt or innovate. As one example, suppressing women seems to cut off half your source of economic power, intellectual innovation and inhibits social values that even traditionally patriarchical cultures like Christianity seem to have embraced.

You are in a maze of little twisting passages, all alike.

Working...