Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment: wrong arrest (Score 2) 302

by Tom (#49525709) Attached to: Futures Trader Arrested For Causing 2010 'Flash Crash'

The real people to throw in jail are the ones who made it possible. The guys who deregulated the markets so much, the ones in oversight of the finance system who didn't see these things approaching and the people who dissolved all the protections of the real economy against the finance market because they were greedy for quick bucks.

Politicians, mostly, but we should also go after the lobbyists and their employers who influenced them.

Of course, that will never happen. Society rarely becomes self-conscious enough to get rid of its parasites.

Comment: Re:failed industry (Score 1) 66

by Tom (#49523033) Attached to: How Security Companies Peddle Snake Oil

That is exactly what I mean. I would even go one step further at the end: Without the risk of the computer compromising the user. Because the computer in itself is worth its scrap metal value and that's it. Everything of actual value is in the user - the data, the communication, the access to 3rd party networks and services. Not that one particular user in front of the machine, maybe, but a user.

Comment: Re:failed industry (Score 1) 66

by danaris (#49522395) Attached to: How Security Companies Peddle Snake Oil

Try this, "drivers are a threat to our road system." They clog it up and very often they crash into each other and cause serious issues to traffic. We need to protect the road system against *drivers*. Can we automate *cars* so they work without *drivers* as much as possible?"

Lo and behold, Google and any number of other entities are working on this very problem.

Except that that's not a valid analogy.

Automobile-based transportation systems (consisting of road, car, and car occupants) will, indeed, work just fine once we have made the cars run without drivers.

But if you remove the user from the equation of computer security, suddenly all you have is a bunch of perfectly secure computers that no longer have any purpose to their existence.

The reason we have computers is so that people can use them to perform a variety of tasks. It is fundamentally impossible to remove the user from the equation while still achieving the desired result—unless you have become so skewed with tunnel vision as to believe that the desired result is a perfectly secure computer.

The result we should all be aiming for is a computer that can perform the tasks required of it by its users without them running the risk of compromising security through their activities.

Dan Aris

Comment: failed industry (Score 4, Interesting) 66

by Tom (#49517301) Attached to: How Security Companies Peddle Snake Oil

I've exited the security industry after 15 years, no longer believing that it does any good. And TFA is pretty spot on.

The issue is that security is both wide and deep. You need to cover all your weak spots, and you need to cover them completely. As an industry, we have succeeded in finding technical solutions to almost every challenge, but we've failed in creating a systematic approach to the field. Look at the "best practice" documents - they are outdated and mostly a circle-jerk. I did a quick study some months ago checking the top 100 or so for what the academic or scientific or just substantiated-through-sources basis is, and the result is pretty much: None at all.
Even the different standards, including the ISO documents, are collections of topics, not systematic wholes. It's like high school physics: This month you get taught optics, next month Newton mechanics, the third month electromagnetism. The only thing they have in common is the class room.

Nowhere is it more visible than our treatment of the user. It's clear that most security professionals treat users as disturbances, as elements outside their field of security. I imagine what roads would look like if their planners would look at accidents and say "cars are a threat to our road system. They clog it up and very often they crash into each other and cause serious issues to traffic. We need to protect the road system against cars. Can we automate roads so they work without cars as much as possible?"

We need a much more systematic, holistic view on the whole field than we have right now. In a pre-scientific field, snake oil is the norm. It was the same in medicine (where the term originates), in chemistry (alchemy), in psychology (astrologie, numerology, one hundred other primitive attempts at understanding and predicting human behaviour) and virtually every other field, even many non-scientific areas, such as religion/magic.

Comment: No mutually acceptable options (Score 3, Insightful) 101

I would say it's unlikely to the point of ridiculousness that Comcast would ever accept the kinds of restrictions on the merger that would prevent things from getting worse than they are already, let alone start to reverse the merciless devastation of the public interest and regulatory capture that's already happened.

I think the most likely outcomes of this are the DoJ allowing the merger with some relatively superficial conditions (like the 5-year enforcement of net neutrality regulations that was imposed for the merger with NBC/Universal) or blocking it entirely. Much depends on how much the DoJ people in question actually value their role as regulators, versus their role as toll (aka bribe) collectors.

Dan Aris

Comment: Re:Execute the fastest way possible (Score 1) 590

Whilte it originally was introduced in order to execute painlessly, following basically your logic, it has since turned out that this is not true and the Guillotine is actually a fairly cruel execution method.

It is great for market-square entertainment, though. Maybe that's what you're really after?

Comment: interesting (Score 2) 58

by Tom (#49509515) Attached to: Computer Beats Humans At Arimaa

Actually much more interesting than I thought at first glance.

The game is designed intentionally with computational complexity in mind. It failed. The rules (WP has them, or a dozen other sites) are mostly designed to increase the search space. For example, instead of the fixed setup in chess, you get basically the same pieces, but you can put them into your 2 rows in any way you want. I'm too lazy to calculate the initial starting positions, but thanks to the Internet, someone else did it and came up with ~10^15. That makes an opening library practically impossible.

However, I'm a hobby game designer, so I look at rules with slightly different eyes. The complexity of the game is largely artificial. Brilliant minds will, like in a badly designed crypto-cipher, find tons of places where the complexity can, for the practical purpose of actually playing and winning a game, be reduced dramatically. Remember that in theory chess has 20 valid opening moves for white. The vast majority of them you will never seen in any real game.

I'm also bothered by the fact that complexity is reached by the addition of rules, instead of the subtraction. Go is a perfect example for how you can reach complexity with very simple rulesets. When building games, especially board games, you generally strive to keep the ruleset as simple as possible and check every rule for whether or not it adds anything worthwhile to the gameplay or not. For a simple, conventional style 2-player board game, the ruleset is overly complex IMHO. Maybe that's why I never heard about this game before - it doesn't actually appeal to many human players, except those interested in not being beaten by a computer.

Comment: new rules (Score 1) 229

by Tom (#49509455) Attached to: Whoah, Small Spender! Steam Sets Limits For Users Who Spend Less Than $5

New at Steam: We replace people who don't give a fuck with people who really don't give a fuck.

No, don't get me wrong, it's a step in the right direction. But the step itself begs questions. In general, the great firewall is the first cent - people who spend nothing at all and people who spend something, no matter how much. If you don't believe me, try charging 10 cents or something ridiculously small for any free web service you offer, and you'll find your user numbers drop through the floor.

I don't think there's a measurable difference between $5 and $4 or $3 -- the number is entirely arbitrary. A psychological barrier would be $10 (the two digits, the reason almost nothing in any shop in the world costs $10, it will always be $9.99 or $9.95).

Comment: No, he's not (Score 3, Insightful) 190

by Sycraft-fu (#49509271) Attached to: Assange Talk Spurs UK Judges To Boycott Legal Conference

The UK handled everything per the law. They received an extradition request from a country they have a treaty with regarding this. They are required by the treaty to deal with these, they can't ignore them. So they reviewed it in court, to make sure it was a valid request per the treaty and decided it was. He appealed and the case moved up the chain until the high court heard it and decided that this extradition request is legitimate under the treaty, the UK has no standing to refuse.

Up until this point, Assanage was in no trouble in the UK, he hadn't broken UK law, they were just acting based on the extradition request. However then he fled. That is now a violation of UK law. He violated the conditions of his bail. That makes him a criminal in the UK. Skipping bail doesn't make you a "political prisoner" it makes you a standard criminal.

Comment: I don't think it is crappy (Score 1) 229

I mean it is a really, really minimal legit player base it could possibly effect. You would have to be someone who plays only F2P games, and has made so few in-game purchases that you haven't even spent $5. There are just extremely few people who are like that. Further, even people like that can still play, they just can't participate in some of the other Steam features. The games are still available to them.

Comment: Particularly since you can still play games (Score 1) 229

None of the restrictions are on buying or playing games. So even if you've never spent money (I'm not clear that retail doesn't count but let's say it doesn't) you can still play all the games you've got, and buy more games to play (at which point your account becomes unlocked). So you can do with it the main purpose: Play games, including free to play ones. It isn't like they are demanding money to unlock an account.

Also in the event this really was an issue for someone, they could just buy something cheap. I mean if you've dropped $50+ on a retail game it is not that big a deal to spend another $5 if it comes to that.

To the landlord belongs the doorknobs.