Forgot your password?

Comment: Re:Moron (Score 1) 67

by tlhIngan (#48027635) Attached to: Robotic Taster Will Judge 'Real Thai Food'

Thai food is known for its balance of flavours. It's a delicate balance of a minimum of 2 (but usualy 4) of spicy, sweet, bitter, salty and sour in a dish.

It's also VERY easy to screw up.

As an aside, Jet Tila was appointed the Culinary Ambassador to Thailand for his role as a guide to Thai cuisine. (People from LA and Food Network viewers will recognize the name for he's had numerous appearances on various shows).

I guess we'll have a new Food Network special - Jet Tila vs. this machine.

Comment: Re:Why isn't this auto-update? (Score 4, Insightful) 81

by tlhIngan (#48027533) Attached to: Apple Fixes Shellshock In OS X

I have 10.9.5 and checked for software updates. None. Why do I have to click the link in the slashdot article and manually download the patch?!?!?

Because of many reasons.

First off, the patch isn't complete. Sure there was a patch last week, but did you know it didn't fix the problem? Yes, it fixed the obvious error, but there were still more (and new CVE was opened for Shellshock). Bash devs are still finding more holes related to this issue, and it goes down a deep rabbit hole. This hole may never be full patched for a long time.

Second, there aren't many OS X systems that are exploitable. Remote exploits require a server to take parameters, format them as environment variables and then call the shell (usually through system()). HTTP and CGI scripts are a common vector because that's exactly how they work. Most webservers out there run Linux and there really isn't a special reason to run OS X + httpd + CGI over running it on Linux especially on a public server. So for the scant few servers, those admins can update the shell.

And on OS X, the webserver is disabled by default and most users won't know how to turn it on. I don't think even OS X server has it on by default - given the server is really just a bunch of admin tools nowadays.

Third, well, I don't think many OS X apps actually bother using a call like system() to perform a task - there's probably a native Cocoa API that is supposed to be used instead.

So it's more of a hotpatch for those few machines that are potentially vulnerable. In fact, the patch that was provided last week wasn't fixing the issue, more working around the issue so it's harder to exploit (i.e., instead of an arbitrary variable containing a function, it has to be prefixed with _BASH_FUNC_ in order to be allowed as a definition).

There is currently no root-cause fix for the issue - it's actively being worked on by Bash developers and others. This isn't like heartbleed where the mistake was a little programming oversight - it's a full on design issue that dates back 20+ years. There are probably going to be dozens of patches to fix the issue in the end.

Comment: Re:This isn't going to work. (Score 1) 91

by tlhIngan (#48027345) Attached to: Tor Executive Director Hints At Firefox Integration

I'd love to see more people using Tor, but the experience has to change a lot before we can do that.

Being anonymous and secure on Tor is not easy. It's a major inconvenience to disabling browser features like Javascript, and it requires firm behavioral changes from the user.

Putting a mainstream user into the same environment is simply not going to work.

In fact, I'd wager most Tor users who were "discovered" were not taking basic precautions - they just plainly sent identifying information over it through an exit node. I mean, it's well known the NSA runs a pile of exit nodes for the purposes of monitoring Tor, and Tor isn't a magic bullet that magically makes you disappear. But it's been advertised that way (especially when the Snowden revelations came out and everyone said "Use Tor!"), and users will be users and use their Facebook, Twitter, and online shopping at Amazon and others over Tor assuming "they're magically protected".

Well, they are, sort of. It's just the whole anonymization thing doesn't work when the user sabotages it by being non-anonymous.

So no, even if every Firefox user used Tor by default, nothing would really happen. Just Tor would get slower from all the YouTube and other traffic sent by users who go forth and de-anonymize themselves by logging into the sites.

Comment: Re:Android version req - long time coming (Score 1) 363

It depends on what the apps are. For example, the text message interface may be counted as one of the 20 "apps" but it is a requirement for a functional phone.

Well, that would be Hangouts now, replacing the AOSP Messages/SMS app with an all in one messaging system that combines Google Hangouts, SMS and other media.

But the other sare like Google Play, Google Play Store Music, Google Play Movies, Google Play Books (which really seem just duplicates of Google Play Store), then there are the likes go Google+, GMail (which doesn't replace the mail app), Google Search

Comment: Re:HL7 & MUMPS (Score 1) 71

by tlhIngan (#48021827) Attached to: Medical Records Worth More To Hackers Than Credit Cards

Here is a great mumps tutorial for those of you that aren't familiar & for those of you who only know "modern" languages, it's a timely Halloween horror show...

The Daily WTF features a few MUMPs, uh... code. A shorthand overview and a collection of MUMPS articles. If it wasn't so specialized and used in so few areas, they'd probably have to institute a "no MUMPS stories" policy to avoid being flooded.

Comment: Re:Maybe not so silly (Score 1) 89

by tlhIngan (#48020277) Attached to: Blood For Extra Credit Points Offer Raises Eyebrows In Test-Mad China

Well, the problem is it takes advantage of the educational system and gives a reward for donating.

The problem is in Asia, there is a strong fixation on "the big test". The one that determines your future - do you score high enough that you can CAN go to university, or are stuck doing a trade, or even worse, labourer?

(No, I don't think there's anything wrong with the trades, but in Asia, a plumber or electrician is seen as a lower level of prestige than an office worker).

It's why there is a high rate of teen suicide (the pressure imposed means many succumb, before AND after), and why many will literally study themselves to death (wake up, go to school, come home, do homework, study, study, study, study, study, go to bed). Students who "pass" (i.e., get university) often are rewarded handsomely for their hard work (luxury cars, condos, video game machines, etc). Students who fail, well, if the family is well off, they'll send them overseas to study at a UK or US university. If not, they get shamed and may even be disowned or kicked onto the street with little more than the clothes on their back.

Rewarding donations is not a new idea, but it has to be done VERY carefully because most of the time it results in the most desperate doing the most donations when they can least afford to do so (and at the detriment to themselves and the blood bank who may end up with substandard blood (e.g., infected, etc)).

Comment: Re:Why the preference for video? (Score 1) 94

by tlhIngan (#48020125) Attached to: Ask Slashdot: Multimedia-Based Wiki For Learning and Business Procedures?


Videos aren't easy things to produce, and properly producing them will take longer than writing them up.

That said, there is value in doing a video - it can be easier to show complex steps by doing it in a video that one can pause and rewind as well as show things like where you turn around the object rather than try to illustrate it.

However, that doesn't mean you shouldn't have a text description, and you shouldn't have long videos - no more than a couple of minutes. If it's a long procedure, then have multiple videos because the user may only need help in one area and having to sit through everything else gets old quick.

Comment: Re:C=128 (Score 1) 165

by tlhIngan (#48019887) Attached to: Why the Z-80's Data Pins Are Scrambled

If the 6502 and Z80 waveforms for various instructions are examined, it quickly becomes apparent that the Z80 effectively divided its clock by 2 before using it. This is why, for the technology available in any particular year, they had comparable performance but the Z80 used twice as many clock cycles.

Actually, the problem was the ALU of the Z-80 was only 4 bits wide. So processing an 8 bit operand required two trips through the ALU, thus incurring twice the number of clocks or half the effective clock rate..

The 6502 and others had an 8-bit ALU which meant they could do an 8-bit operand in half the clocks.

Comment: Re:How it happened? Easy: PATENTS expired. (Score 1) 69

by tlhIngan (#48019569) Attached to: How 3D Printers Went Mainstream After Decades In Obscurity

No, the availability of cheap parts did.

The 80s and 90s were marked by a distinct downturn in the "maker" movement, or rather, hobbyists who would tinker for fun. You can see it in the magazines - former hobbyist mags started turning into consumer electronics extravaganzas as people cared less about soldering bits together and assembling PCs and doing all sorts of nifty software stuff with them. Interfacing things became a whole lot less interesting.

The 2000s changed all that when people started getting interested in making things for fun again (Arduino had a big hand here, but there was a revival).

And guess what? 3D printers are back because the maker movement has ready access to cheap computing (Arduino, rpi, etc) that talk to computers super-easy (back then, you needed to build an ISA card, deal with DOS, etc, now, you can do with Linux or Windows, talk using USB, etc) and subsequently parts like stepper motors and all that.

It was less patents, and more hobbyists. People were 3D printing in the 80s and 90s, but they were big companies who could afford the equipment, and hobbyists were pretty much left high and dry - either you talked to a PC using ISA or if you were skilled, PCI, because cheap microcontrollers that were very capable were hard to get and even harder to assemble. Then you needed the skills of a mechanical guy to help build the xyz platform. Something the internet made readily available.

So basically the revival of the maker movement or hobbyist tinkerer, coupled with the rapid availability of talent via the Internet (and the availability of parts and supplies - being able to order anything online without it taking 6-8 weeks is a real boon), plus cheap and easily accessible microcontroller platforms that interface to everything make the whole project doable.

Was it doable in the 80s? Yes. Was it easy? Not so much. When you're mail ordering parts because you can't find it locally, having to start, stop because you miss something etc., and then finding someone to help you with parts of it can be challenge.

Comment: Re:3G is terrible for all these things (Score 1) 115

by tlhIngan (#48017217) Attached to: World's Smallest 3G Module Will Connect Everything To the Internet

Sure 3G for Vehicle-to-Vehicle communication might make sense since the yearly cost in a car is far higher than the cost of 3g connection and there's plenty of electricity to go around,

Actually, V2V communications is going less high-tech. There's no need for 3G or WiFi radio broadcasts for V2V because you don't need to transmit further than a few cars either way. So they're moving towards lights. Modulating the headlights (daytime running lights mean they're always on), brake lights, and other lights because well, light communication is short range anyways, and it's really only of importance to those around you (e.g., if you're braking, it's important to the guy behind you in the same lane and adjoining lanes (because why you braked may also be going into their lanes).

Using WiFi or other mechanisms mean the guy on the intersecting street gets the information too (useless, has to be filtered out), as well as opposing traffic (who probably know why you're stopping anyways by nature of coming the other way).

Anyhow, smart meters can use either 3G or WiFi (proprietary licensed band) already. Meters are limited by standards to draw at most 12W of power (which is a ton of power when multiplied by the number of meters out there - a million businesses and homes? That's 12MW, or roughly 12,000 homes by the old measurement). Given they only check in periodically, a 3G modem doesn't consume all that much power idling (otherwise your battery life would be much less than a day).

Comment: Re:We've really gotten wrapped around the axle (Score 1) 90

by tlhIngan (#48017135) Attached to: Mobile Phone Use Soon To Be Allowed On European Flights

We've really gotten wrapped around the axle on this whole electronic devices on aircraft thing. The local oscillator of an ordinary FM radio receiver is 10.7mhz above the indicated frequency... which makes 100mhz on your FM dial 110.7mhz... which meant there was a carrier in the middle of the COM/NAV band that aircraft use. So we had to (understandably) prevent FM radios from operating on aircraft. But thru the years it has turned into all electronics. It's like the "five monkeys with bananas and water" experiment gone wrong. We've gotten so wrapped around no electronics we forgot WHY.

Actually, there are plenty of oscillators that happen between 108-122MHz.

In fact, the FCC allowable limits for equiment has a noticable dip around that region.

No, it's not because of a receiver, but all the other oscillators in the system. A big one is the pixel clock on things like cameras and LCD screens - they often do run smack right in the middle with a loud spike.

Then there are all the higher frequency devices. A certain model of cellphone was known to cause GPS unlocks on the aircraft GPS. This wasn't a problem because the only ones using GPS extensively was military and GA, but these days with RNP and GPS approaches, a GPS unlock could screw up everything.

Even to this day there are still incidences of suspected EMI causing havoc - usually things like unexplained instrument drift. My favorite was where my flight instructor had a phone call (we were taxiing back to the ramp) and I could hear both sides of the conversation through the avionics (my instructor had removed his headset to answer the phone - given the low power setting of taxiing, it wasn't necessary).

The only thing that may save this is if it's like if you try to use your phone on a cruise ship where you get "Cellular At Sea". Though I suspect in a couple of months we'll see people complaining about $1000 phone bills because they couldn't do anything but yak the whole way. Even worse, because these kind of guys make NO roaming agreements with anyone, your carrier won't be able to write off the bill because they have to pass on the full rate - a roaming agreement means their cost is far lower than what you're paying (down to cents a minute when you're paying tens or dollars a minute).

Yes, your phone will eventually roam onto it - because they are not a preferred carrier though, your phone will go through many anxious searching rounds before it'll reluctantly find service at the PMITA carrier. (It's non-preferred, because the carrier can't make much money off it).

Comment: Re:that's sorta the problem (Score 2) 188

by tlhIngan (#48012331) Attached to: NVIDIA Begins Requiring Signed GPU Firmware Images

Chips are designed for the max freq of the specification. If they fail that spec, they are retested at a lower spec, and if they pass that spec, they are sold at that frequency. Why else do you find many diffrent chips in the same family run at diffrent speeds?

Many times the chip is %100 capable of running at faster speeds, but they had too much of the higher bin, and not enough of the lower bin.

But yes, taking a chip that didn't pass a higher speed, flashing it to the firmware of its faster/more capable cousin, and then selling it as such is ripping people off.

Except in the world of GPUs, there are enough "crazy people" out there who want the best of the best. So much so that the top bin is almost always empty - so you'll never have top-end chips binned as lower spec ones.

At best, you'll find possibly the low end chips that could be mid-range chips, but given the low end generally isn't too popular when mid-range chips are the most common and most desired.

Shortages of the top-end cards isn't unheard of - either people who are still trying to make a go at it for bitcoins, or gamers. (And given the price of the high end, they could come down a bit before binning takes place - they're still big profit centers).

Comment: Re:Smart move moron (Score 2) 221

Considered that the article refers to him as a "worker" and not an "ex-employee" he may not have even been fired yet. If he wasn't fired before he definitely will be now and no unemployment benefits as it is termination for cause.

Well, he does have SOME benefits. He'd get free room and board and meals for a number of years now.

Comment: Re:You know what this means (Score 4, Informative) 181

by tlhIngan (#48005341) Attached to: Breakthrough In LED Construction Increases Efficiency By 57 Percent

Why the hell did the industry move away from using red LEDs for power indicators?

Because people wanted to be "trendy" and "futuristic" and thus started putting blue LEDs (which only came out two decades ago) in their equipment. Red was dull and boring (being done way back in the 60s) as was yellow. Green as we know it today (rather than a sickly yellow-puke-green) was a mid-90's invention. Blue LEDs came out in the mid-late 90s.

So since they were so recent and popular, people stuck them on everything to show they were progressive.

Comment: Re:If I own the car (Score 1) 266

by tlhIngan (#48003329) Attached to: 2015 Corvette Valet Mode Recorder Illegal In Some States

Whats illegal is taping them without their knowledge. They could potentially make a call to their lawyer or doctor after they park it and you could unintentionally record privileged information. At some point such systems will be so common you wont have to mention it anymore.

While true, taking personal calls on the job is generally considered very poor form (and many service-oriented places do not allow it, like restaurants), especially where a motor vehicle is being operated. And given most valet driving trips last under a minute, it doesn't seem unreasonable to hold the call until the driving is done and the valet has exited the vehicle.

So practically speaking, I'd consider that scenario a non-issue.

Anyhow, the easy solution is since most cars have an LCD display for navigation as well as in the instrument cluster, when the valet key is used (which limits the car to certain abilities anyways) the displays could all say "This vehicle is under audio and video surveillance" constantly. After all, the LCD in the instrument cluster typically shows information valid for driving and irrelevant otherwise (e.g., fuel efficiency, trip routes, etc, none of which are needed to go between the entrance and the parking lot), and the radio/navigation screen isn't needed (I would hope the valet knows how to get to the parking lot!, and they shouldn't be touching your radio anyways - perhaps even have it be off if the valet key is used?).

Add in a notice on the valet keyfob as well and I think all possibilities are covered. Bonus is that there's no tacky stickers or signs for normal driving.

Debug is human, de-fix divine.