Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Re:Google Deepmind has a definition (Score 1) 41

> Google Deepmind has a definition for AGI,

Thats not a definition, its just a set of subjective heuristics for measuring. And its not even as useful as the basic turing test, which is a much more concise yardstick.

Definitions of AI all seem to come down to "we'll know it when we see it" which is the exact same thing as saying "we have no idea what it is"

Comment Re:"user friendliness" (Score 1) 286

lol, no, unicode is not broken. Human languages are just complex things, and there is no universal way to upper/lowercase things.

Changing the case of a string is language specific, and thus should not and cannot be well implemented at this filesystem level, because a file system should work for any language.

Linus is right.

Comment Re:It's not WhatsApp isn't secure... (Score 1, Troll) 59

> So Signal knows where you are, at what time, and your phone number.

exactly; its a mass invitation to get spied on while thinking you are secure.

Signal also has truly terrible user identification design, as the recent war planning leak shows. Instead of requiring in person exchange of certificates, and having any kind of external certificate validation system, its basically "blindly trust someone based on their phone number".

i dont think there is any safe way to operate signal, due to the lethal combination of closed source parts, centralized servers, and extremely bad user identification and authorization practices.

Submission + - Another large Black hole in "our" Galaxy (arxiv.org)

RockDoctor writes: A recent paper on ArXiv reports a novel idea about the central regions of "our" galaxy.

Remember the hoopla a few years ago about radio-astronomical observations producing an "image" of our central black hole — or rather, an image of the accretion disc around the black hole — long designated by astronomers as "Sagittarius A*" (or SGR-A*)? If you remember the image published then, one thing should be striking — it's not very symmetrical. If you think about viewing a spinning object, then you'd expect to see something with a "mirror" symmetry plane where we would see the rotation axis (if someone had marked it). If anything, that published image has three bright spots on a fainter ring. And the spots are not even approximately the same brightness.

This paper suggests that the image we see is the result of the light (radio waves) from SGR-A* being "lensed" by another black hole, near (but not quite on) the line of sight between SGR-A* and us. By various modelling approaches, they then refine this idea to a "best-fit" of a black hole with mass around 1000 times the Sun, orbiting between the distance of the closest-observed star to SGR-A* ("S2" — most imaginative name, ever!), and around 10 times that distance. That's far enough to make a strong interaction with "S2" unlikely within the lifetime of S2 before it's accretion onto SGR-A*.)

The region around SGR-A* is crowded. Within 25 parsecs (~80 light years, the distance to Regulus [in the constellation Leo] or Merak [in the Great Bear]) there is around 4 times more mass in several millions of "normal" stars than in the SGR-A* black hole. Finding a large (not "super massive") black hole in such a concentration of matter shouldn't surprise anyone.

This proposed black hole is larger than anything which has been detected by gravitational waves (yet) ; but not immensely larger — only a factor of 15 or so. (The authors also anticipate the "what about these big black holes spiralling together?" question : quote "and the amplitude of gravitational waves generated by the binary black holes is negligible.")

Being so close to SGR-A*, the proposed black hole is likely to be moving rapidly across our line of sight. At the distance of "S2" it's orbital period would be around 26 years (but the "new" black hole is probably further out than than that). Which might be an explanation for some of the variability and "flickering" reported for SGR-A* ever since it's discovery.

As always, more observations are needed. Which, for SGR-A* are frequently being taken, so improving (or ruling out) this explanation should happen fairly quickly. But it's a very interesting, and fun, idea.

Submission + - Surado, formerly Slashdot Japan, is closing at the end of the month. (srad.jp) 1

AmiMoJo writes: Slashdot Japan was launched on May 28, 2001. On 2025/03/31, it will finally close. Since starting the site separated from the main Slashdot one, and eventually rebranded as "Surado", which was it's Japanese nickname.

Last year the site stopped posting new stories, and was subsequently unable to find a buyer. In a final story announcing the end, many users expressed their sadness and gratitude for all the years of service.

Comment Re:What goes up (Score 3, Insightful) 33

look at the price of the dollar over the last 110 years. It went up exactly once and almost destroyed the country.

Thats what microstrategy is betting against: the US dollar.

Considering the limits of fed policy, its pretty much a guaranteed win.

Unless the government bans bitcoin or somehow prevents microstrategy from holding it, they cant really lose. The dollar cannot change its stripes.

Comment Re:I would rather eat grass (Score 1) 300

> LN isn't all that it's cracked up to be. From a strictly technical PoV, a chain that can achieve high throughput on the main chain without sidechains or "payment channels" is going to win out.

Lol, this is such an insane comment.

You think every single micro-purchase of a coffee needs to be memorialized on a world-wide extremely replicated immutable ledger for all of time?

If you dont see why that is a bad idea, then you arent really qualified to have an opinion on the matter.

Obviously, only the most important and largest transactions truly belong there, and mostly everything else small and ephemeral belongs on a second or third layer above that.

Nothing is going to beat bitcoin, ever. Bitcoin is not a thing or even a specific technology even; its an economic concept with a continuously evolving and adapting set of supporting technologies.

Comment Re:Good and bad (Score 1) 29

> there always needs to be less secure means of authentication because hardware-based authentication must be replaced, sooner or later.

Thats not the case; there is a much better approach which doesnt require a security compromise: spare passkeys pre-configured as fallbacks apriori.

Google already implements this by requiring 2 passkeys when you enable their highest security settings. One is the active/primary, and the other serves as a backup in case your primary passkey gets lost or destroyed. So you can leave one at home in a safe place and keep your primary with you. You can be confident the hardware passkeys have zero ability to export secrets whatsoever, so cannot be cloned nor leaked. And you are not limited to one spare, you can have many spare passkeys if you suspect you will need them.

Allowing secret exports utterly undermines the very foundational security of passkeys in the first place. If a secret can be exported, it can be intercepted. People are going to get phished of their passkeys via the backup mechanism - because a big part of the design of passkeys was that average users are not smart about handling secret keys so they should neither need nor have the ability to leak them.

And the vast majority of passkey hardware devices are not set up with the needed mechanisms to even enable advanced users to do such an export safely. (basically a on-device dedicated screen and keyboard would be needed to safely export with zero risk of intercept)

The real motive for backups is of course to allow centralized service providers to have the option to spy on the secrets and/or monitor user activity across sites for ad farming.

Comment Re:Why not just look to past stories? (Score 1) 14

> I mean we talk about linux ransomware very very very frequently.

Oh we talk about it a lot, almost like we wish it was a thing. People do *make* linux ransomware, but it doesnt do much. By by and large, there just isnt much of a real market for anti-ransomware for linux.

Its like trying to sell a special helmet that prevents you from getting your head stuck in a bucket.

People do sometimes get their head stuck in a bucket, its just not very common. And there are no shortage of bucket makers. But most people arent really interested in an anti-bucket helmet, and many of them would argue the helmet is worse than the bucket in the first place.

Comment This is beyond idiotic (Score 1) 90

You either can do a job or you cannot. It does not take 15 years of working at a company to figure out of someone is incompetent unless your company is incompetent from top to bottom.

Lying about credentials is barely a crime; at most it should result in a firing for dishonestly. This prosecution is political revenge for making them look bad and revealing their their promotion track is entirely divorced from merit.

If he worked there for so long and rose through the ranks with no education or skill, the people going to jail should be the executives and/or politicians in charge of the agency, the ones who promoted him and gave him internal evaluations. They are the ones who defrauded the public, not him. He was not in charge of his own promotions nor in charge of evaluating his own work.

The Daniel guy could fake his resume, but he cannot fake 15 years of work. His work record is what it is. Not liking it now suddenly because it was based on a lie makes them look utterly corrupt.

Comment Re: Lock them up. (Score 0) 276

> That *something* should be done is fairly clear, but just what I find much less certain.

Its pretty obvious, imo, and not hard to do. Fix what you broke.

The penalty for stealing is to pay back what you stole, to the person you stole it from (not the government), plus reasonable damages plus reasonable punitive penalties if applicable.

If you cannot pay it back, you are offered a voluntary live-on-site labor job, including a payment plan to make up for the harm you caused. Typically something like undoing the harm you caused, cleaning up streets, removing grafitti, etc.

If you refuse to pay it back, or skip out on your payment plan, or you are a chronic repeat offender, then you are declared an outlaw, and lose your human rights.

Easy, costs the taxpayers nothing, and solves the problem.

Comment Re:I respectfully disagree that Signal was hacked. (Score 1) 98

> Please do not confuse document retention with actually being hacked.

You are missing the point, utterly.

In a secure system, documents stored either sit behind high entropy or do not get stored at all. Signal defaults to storing all messages sent, and doesn't require anything more than trivial entropy protecting them. To be secure, it should either default to deleting old messages, or else require a high entropy local password. It does neither, so most people have zero privacy with signal.

And, you blithely ignored the arguable more important points about centralized key swap , and a fundamentally insecure phone platform being used.

Security can be dead easy; it can be so easy anyone can do it. It does have some hard prerequisites however, which most people just dont bother with or even have awareness of.

To wit: Knowing how to remember a 128bit password, knowing of the need to exchange keys in person, and strictly using secure open source platforms that do not use have closed source or centralized servers.

Comment Re:Doesn't matter what you call it... (Score 1) 184

> Whether it's Waterfall or Agile or a various 'dialect' of Agile, the fundamental problem is just pervasive mismanagement.

Isnt that the whole point of agile though?

What it comes down to, at the heart, is less management. To not waste time predicting what cannot be predicted, planning instead of doing, and imagining non-existent overhead into existence where non was needed. To have fewer and fewer ceremonies and meetings, until you reach the state where you have essentially none at all.

Heck, the engineering manager has literally no role in the agile process whatsoever. Managers are completely unneeded.

The key problem with "Agile" is that people arent doing it. If someone claims their company is doing agile, but they still have a pyramid shapes company structure with reporting going up via managers, thats a good hint that maybe they arent doing agile at all.

Having worked at many big firms, their version of "agile" is just waterfall with extra steps, and yes, of course, it doesnt work. But they are politically and mentally incapable of escaping that box.

Comment seems like the proof is all in the pudding (Score 0) 98

Moxie can jabber all he wants, but you never hear about people using GPG on a linux getting all their communication broken, meanwhile it seems like the NSA has every last signal message before you even finish typing it.

Signal traffic from Sam Bankman Fried, The Proud boys, The Oathkeepers, and countless others have been on open display as if it is a matter of course that the government has access to all signal messages.

Maybe he should rethink the philosophy of making something so easy that anyone can use it intuitively. Maybe there is a minimum standard of learning needed to be able to safely use encryption, and there is a minimum standard of platform to be able to build securely on top of, and signal meets neither of those.

Cellphones are riddled with backdoors and closed source code. Starting from that platform, then downloading a closed source executable from an app store, then blindly trusting a centralized service to perform key exchange... this is what moxie would have you believe is secure? Both common sense and commonly available evidence would testify otherwise.

Comment Re:appalling (Score 1) 159

> Why is the suggested code terrible? It doesn't look awful to me.

Its pretty bad, with a "precondition" that is mysteriously complex and invariably going to result in invalid Location construction, which will not throw an error at the right point because its numerically stable.

The entire problem design is bad, and the solution worse.

Part of the blame can be laid on Java, which is statically types and object oriented, both of which serve as rocket fuel for suck in this problem definition and that hideously low performing answer.

Slashdot Top Deals

In a five year period we can get one superb programming language. Only we can't control when the five year period will begin.

Working...