Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:NOT TO BE TRUSTED (Score 1) 88

by tburkhol (#49179389) Attached to: Schneier: Either Everyone Is Cyber-secure Or No One Is

1 Companies that sell software... better have all code open sourced (not same as free) or should be labelled "NOT TO BE TRUSTED".

No way to tell whether the provided source code matches the provided firmware

Code (including scripts and updates) is then compiled locally and before first execution hash checked automatically against non-centralized database (p2p technology similar to bitcoin block chain)

1) binary code will vary depending on the specific architecture, optimizations, and libraries during compilation. 2) a hash can be falsified as easily as a binary.

3. All hardware sold with precise technical diagrams... or should be labelled "NOT TO BE TRUSTED"

At least an order of magnitude less effective than open source, and we've seen that even "important" OSS like openssl can go decades without independent code review.

4. All encryption always on client side.

Quite sensible, although I suspect that people will rapidly become frustrated when they forget their pass phrase, or lose their private key, and 5 years of family snapshots disappear. Or when grandma dies, taking access to her archive of family history with her.

5. Get rid of centralized authorities for security (looking at you SSL) Centralized servers have big fat sign that say "NOT TO BE TRUSTED". P2P.

Because you'd rather trust 1000 amateurs to secure all of their systems than one professional to secure his server?

7. Shaming lists on NGOs (applause to EFF). Any politician that votes for mass surveillance or doesn't adhere to above principles. put on NGO lists as "HUMAN RIGHTS VIOLATORS"

Yeah, ranks right up there with executing journalists and kidnapping babies. Among the most certain ways to get people to ignore you is to blow your cause completely out of proportion. If you use the same words to describe digital surveillance as other people use to describe the Khmer Rouge or Stalin, then people are going to think you're a nutcase.

Comment: Re:Jail time (Score 1) 478

Well, if anybody else in government did this, they'd get fired, lose their pension, and possibly face criminal charges.

Still waiting on charges against Sarah Palin, for the same offense. I'm guessing it will be a cold day in hell before either sees any consequences beyond partisan propaganda. In fact, I'm pretty sure this is one of those rules, like declaring any gifts over $50, that gets employees a firm warning not to do it again.

Comment: Re:Good grief... (Score 1) 675

by tburkhol (#49110461) Attached to: Bill Nye Disses "Regular" Software Writers' Science Knowledge

"Computer Systems Engineering" covers it pretty well -- it's a mix of EE and CS so you end up with a ground-up understanding from transistor to circuit to chipset to architecture to OS to software.

But it's often not "Computer systems engineering" anymore, it's CS: computer science. Dropping the E allows you to skimp on or abstract the transistor/circuit, and focus on architecture and software. CSE these days seems to mean "Computational science and engineering," which is a completely other thing, having more to do with the simulation of experiments than the design of computer/software (although you may need to write some software to simulate your expeirments).

Comment: Re:Good grief... (Score 1) 675

by tburkhol (#49110371) Attached to: Bill Nye Disses "Regular" Software Writers' Science Knowledge

Oh, because dave420 is soooo much more identifiable, right Einstein? Pot, Kettle...

AC posts a joke. Sardaukar86 disses AC for not 'hav[ing] the guts' to put his name to it. dave420 points out the hypocrisy in pseudonymously railing against anonymity.

dave420 may or may not agree with sardaukar86's point (that one should have the courage to post insults under his own name), though likely not. dave420 is making a completely different point, that distinguishing between anonymous and pseudonymous is silly. Your 'pot, kettle' reference is appropriately applied to Sardaukar86, not to dave420.

Comment: Re:But CNN Said... (Score 5, Interesting) 266

by tburkhol (#49099807) Attached to: The Robots That Will Put Coders Out of Work

We will have self driving cars long before we have robots that write code.

But we already have robots that write code. Almost no one actually writes machine code anymore, depending instead on assemblers, compilers, templates, or interpreters to do it for them. Those 'robots' have gotten progressively more complex and progressively better at figuring out what the programmer means by larger language constructions. The languages have moved closer to natural languages.

Already, it seems like the difficult part is getting the managers to properly specify the desired functionality. It's not a huge leap to imagine that one might construct a formal language for program specification that would allow you to automate translation of the spec into a code skeleton.

Comment: Re:Port 443 makes it even worse... (Score 1) 153

by tburkhol (#49086707) Attached to: Samsung Smart TVs Don't Encrypt the Voice Data They Collect

But my point was that usually 443 is a clear indicator of encryption, and hackers don't bother to try it, let alone run a packet sniffer on the port.

Maybe if you're talking about a web browser. If you're talking about a bit of custom software embedded in a TV, then ports 80 and 443 only say "traffic that will probably be allowed by firewall rules."

Comment: Re:No Trust (Score 2) 153

by tburkhol (#49086653) Attached to: Samsung Smart TVs Don't Encrypt the Voice Data They Collect

The problem is the date being sent in the fist place. A likely application is a nice speech-sample database that can then be used to identify people where other means do not work.

You have a microphone in people's living room, broadcasting every conversation they have, and the application you come up with is voice-print identification? Not listening for people reciting strings of numbers like account or social security. Not people discussing passwords, drug deals, or plots to blow up the Capitol. Not people talking about a new car, a new pregnancy, or an imminent wedding. The content of these conversations is (presumably) being sent home at least to do Siri-like speech to text, so even Samsung clearly has the processing power to generate transcripts for all of those conversations, easily searchable, tied to a specific consumer, and salable to marketing or security services.

Comment: Re:Web site gets hacked... (Score 3, Informative) 125

by tburkhol (#49086095) Attached to: Jamie Oliver's Website Serving Malware

Why, always, 11, ... ?

In the US, the traditional time for networks to show their nightly news is 11pm, after the 'prime time' entertainment and kids have gone to bed. Any unsold prime-time commercial slots are filled with teasers for these news programs, generally of the form "Shocking ways that Foo can kill you! Details at 11," or "Weird tricks to save you money! News at 11."

Comment: Re:C4 (Score 2) 389

by tburkhol (#49075319) Attached to: What To Do After Robots Take Your Job

If there are fewer jobs, how can it not mean unemployment?

Not fewer jobs, different jobs. When the cotton gin put all the seed-pullers out of work, it created demand for cotton pickers. When steamships put the wind jammers out of business, it created demand for longshoremen. You (and I) may not be clever enough to figure out what to do when they automate elevator operators or McWendyKing burger flippers, but there will be something, even for unskilled workers. Think about how many baristas there were in 1980. Or how many microbreweries in 1990. Kids today are going to work in fields that didn't exist 10 years ago.

Comment: Re:For targeted advertising? (Score 1) 227

How are they planning on delivering that? Through injecting ads in your traffic, email spam or letterbox spam?

From AT&T's faq:

For example, if you search for a car online, you may receive an email notifying you of a local dealership's sale.

So expect this to mean out-of-channel advertising. In fact, it sounds like they mean primarily to deliver targeted email, rather than to inject html. I can't really imagine that an email address is worth $30/month to advertisers, so this really does sound like a punitive charge on people who are concerned about privacy.

Comment: Re:Thought process (Score 2) 227

You do realize that page basically says they're going to collect enough information to bill you for services, right? And that

Other information from the use of Google Fiber Internet (such as URLs of websites visited or content of communications) will not be associated with the Google Account you use for Fiber, except with your consent or to meet any applicable law, regulation, legal process or enforceable governmental request.

This is very different than AT&T's system, where they say

we may use information about your individual Web browsing activity to deliver ads and offers tailored to your interests. For example, if you search for a car online, you may receive an email notifying you of a local dealership's sale.

Comment: Re: Nothing is possible. (Score 5, Interesting) 249

by tburkhol (#49072645) Attached to: Game Theory Calls Cooperation Into Question

Well please find an economic system that deals with the issue of sacristy, and insures its contributers exceed its detractors. At the same time insuring personal liberity.

The Kula Ring in the Trobriand Islands, where the residents of different islands developed a tradition of exchange of 'gifts,' distinct from barter-like trade. There are a number of other 'gift economies' among isolated, pre-industrial cultures. Participation is managed by social expectation and taboo, so one can argue that these systems will necessarily break down once you have enough sociopaths. One can also argue that such communities are better at recognizing and isolating sociopaths so they can't propagate their genes/behavior.

Nor is 'free market' an especially good way to deal with scarcity. If it were, then you wouldn't need social support programs. Or maybe you're going to tell me that anyone receiving social security of SNAP is not truly participating in the economy...

I don't even know where you're going with 'personal liberty.' The economic system has so little to do with what you're allowed to say, which god you're allowed to worship, or how you spend your free time as to be completely orthogonal.

Comment: Re:Impossible (Score 2) 93

by tburkhol (#49069009) Attached to: Inside the Mind of a Schizophrenic Through Virtual Reality

Just because the simulation is imperfect, that doesn't make it worthless. Schizophrenia affects more than two million Americans. It is the most common permanently debilitating mental disorder.

But putting out a 'schizophrenia simulator' that emphasizes perceptual hallucinations completely glosses over that mental disorders alter the processing of thoughts. There's no way to communicate the subjective experience of reality, and emphasizing the visual and auditory aspects risks turning a serious disorder into a fun-house ride. It suggests that you can just learn which experiences are real and filter out that which is not.

Another example: it's quite common for people with stroke to draw clocks with all the numbers scrunched into one quadrant. They'll report that this looks just like the clock on the wall (or sometimes to know that there's something off about the drawing, without being able to say what). This is not a visual hallucination, but a disruption of the comparative processes and a disruption of spatial awareness. A VR system that distorts reality to match the drawings of stroke patients would be a terrible stroke simulator.

Comment: Re:Another silly decision (Score 1) 480

by tburkhol (#49037257) Attached to: The Mathematical Case For Buying a Powerball Ticket

People will typically buy much more house than they were renting
Finally, a lot of people spend a lot of money on improvements that do not add value.

These are pretty much the assumptions made by all those people saying "buying is a sucker's bet." They're basing their math on comparing renting a 2BR apartment against the costs of maintaining a 4BR house. Or pretending that a renter is smart enough to choose an apartment that "comes with" a pool, but that a buyer chooses to add one after the purchase. They believe that the renter is perfectly happy to use the same stove and appliances for 20 years (or that the landlord replaces them "for free"), but the owner has to replace them periodically.

The only circumstances where it's better to pay mortgage, maintenance, taxes and landlord profit than just mortgage, maintenance and taxes, are if you want the landlord to help you forgo improving your lifestyle. If you can make it all the way to retirement, in the same residence, with the same fixtures, as you lived as a newlywed, then you will definitely have more savings than anyone who spent those 40 years upgrading their house or moving into ever-nicer apartments. Never mind any small distinction due to equity in the house.

Comment: Re:Another silly decision (Score 1) 480

by tburkhol (#49037131) Attached to: The Mathematical Case For Buying a Powerball Ticket

As a non-native English speaker, I struggle to understand the meaning of the "Just Saying" statement. It is always done as a last statement though, so sounds passive-aggressive.

I think you've got it exactly right. It's absolutely passive-aggressive, and you might imagine it's a abbreviated form of "I'm just saying that you're wrong, not that you're an idiot."

One can't proceed from the informal to the formal by formal means.

Working...