Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:The new antipattern (Score 1) 484

by tricorn (#49340805) Attached to: No, It's Not Always Quicker To Do Things In Memory

I wouldn't say the results are invalid, but the relevance is restricted to people who don't understand algorithms or statements such as "disk is slower than memory".

I once had to fix a program that was reading all the file names in a directory into a linked list, sorting it (using operations to retrieve, remove, and insert elements using an index, which worked by starting at the beginning of each list and counting elements until it got to the correct one), then using the resulting sorted list to process the first 10 files.

Rather than fix the abominably slow sort, I used the fact that all the file names were decimal numbers, and all the numbers were sequential, to scan the directory for the smallest number, then just increment that to find the next one. Needless to say, it was both much faster and used very little memory.

Algorithms matter, and the shame of ever faster processors and "more productive" languages is that too many programmers don't understand them.

Comment: Re:HOWTO (Score 1) 1081

by tricorn (#49272581) Attached to: How To Execute People In the 21st Century

Certainly CO2 shouldn't be used without previously rendering the person unconscious. I read that some studies had some indications of distress from straight N2 suffocation, hence using N2O first might be more humane.

Since part of the "humane" aspect of it is how it appears to observers, that should be taken into account as well. I don't know if CO2 would cause a faster death than N2 when used in conjunction with N2O, or if there's a difference in visible signs while it's happening.

Comment: Re:Issue will be resolved... (Score 1) 347

by tricorn (#49248417) Attached to: FCC Posts Its 400-Page Net Neutrality Order

The section I quoted defines "Broadband Internet access sevice". What you're talking about is irrelevant for the purposes of this rule.

What the 25 Mbps / 3 Mbps defines is not "broadband" but "advanced telecommunications capability". See the actual rule (actually "Broadband Progress Report and Notice of Inquiry"):

Comment: Re:But the MEANING is hundreds of pages (Score 1) 347

by tricorn (#49248085) Attached to: FCC Posts Its 400-Page Net Neutrality Order

The actual regulation is 8.5 pages, about 22K characters. The rest is commentary. You'll find the commentary in the Federal Register. You won't find it in the actual regulations (Code of Federal Regulations, CFR).

There's the index, 576 paragraphs of commentary of various sorts, 12 paragraphs of procedural stuff, APPENDIX A which contains the actual rule, and APPENDIX B which contains a required analysis of the rules. APPENDIX B alone is 110 pages long.

The 8.5 pages is the actual program. The rest is the README and HOWTO combined with the man/info page, the makefile, the comments that would be in the code and a code review. The code itself is presented as a diff onto the existing codebase. Since it's a scripting language, there is no binary.

Comment: Re:The Rules (Score 1) 347

by tricorn (#49247991) Attached to: FCC Posts Its 400-Page Net Neutrality Order

It isn't 400 pages of regulation, it's about 8.5 pages of (new/modified) regulation, including all the definitions, procedures for filing complaints, etc.

The other 391 pages are commentary, explaining the rationale, the legal authority, discussing the public comments and rebuttals, talking about the implementation and implications, and so on.

Saying this is 400 pages of regulation is totally false. The 400 pages are in fact going to be published, and can be used by courts when deciding cases influenced by the new regulations, but they are not themselves regulations.

Comment: Re:The actual text of the new rules is only 305 wo (Score 1) 347

by tricorn (#49247355) Attached to: FCC Posts Its 400-Page Net Neutrality Order

Most of the 400 pages are commentary on the rules - justification, clarification, intent, responding to comments, legal authority, possible legal challenges, implications, etc.

I don't know about the "305 words" bit. The actual rule (the part that says "amend this part to read ... renumber section x to y ... insert a new section x that reads ..." is 8.5 pages long (page 283 through 290, which is about half a page long). If I copy directly from the PDF version and run it through fmt (default 65 wide) it yields 347 lines, 22542 characters.

However, the heart of it is contained in 3 short sections, about 1200 characters depending on encoding and whether you include the editing directives:

8.5 No blocking.
A person engaged in the provision of broadband Internet access service, insofar as such person is so engaged, shall not block lawful content, applications, services, or non-harmful devices, subject to reasonable network management.

  8.7 No throttling.
A person engaged in the provision of broadband Internet access service, insofar as such person is so engaged, shall not impair or degrade lawful Internet traffic on the basis of Internet content, application, or service, or use of a non-harmful device, subject to reasonable network management.

  8.9 No paid prioritization.
(a) A person engaged in the provision of broadband Internet access service, insofar as such person is so engaged, shall not engage in paid prioritization.
(b) “Paid prioritization” refers to the management of a broadband provider’s network to directly or indirectly favor some traffic over other traffic, including through use of techniques such as traffic shaping, prioritization, resource reservation, or other forms of preferential traffic management, either (a) in exchange for consideration (monetary or otherwise) from a third party, or (b) to benefit an affiliated entity.

Comment: Re:Issue will be resolved... (Score 1) 347

by tricorn (#49246733) Attached to: FCC Posts Its 400-Page Net Neutrality Order

The definition in the rule makes no such reference to speed:

8.2 Definitions.

a) Broadband Internet access service. A mass-market retail service by wire or radio that provides the capability to transmit data to and receive data from all or substantially all Internet endpoints, including any capabilities that are incidental to and enable the operation of the communications service, but excluding dial-up Internet access service. This term also encompasses any service that the Commission finds to be providing a functional equivalent of the service described in the previous sentence, or that is used to evade the protections set forth in this Part.

Comment: Re:"F" rating? (Score 1) 315

by tricorn (#49226341) Attached to: Clinton's Private Email System Gets a Security "F" Rating

I'd be curious to know what problems would have been found AT THE TIME (not now, a few years later), with the e-mail server itself (not web front-ends other than as actual vectors to compromise the system, not just an individual connection; is there any indication Clinton ever used a web front-end?), and compare that with the e-mail server (also at the same time).

Comparing this to someone using a gmail account is irrelevant. The biggest threat to security is probably going to be the people at a commercial business.

The distinction between "personal" or "private" or "government" e-mail systems is sort of dumb when she's using a specific system AS a "government" e-mail system. Perhaps she even had it authorized through whatever route that might take, maybe having State IT people take a look at it.

What were the data retention policies for the e-mail server at the time? Did they retain every single piece of mail, so you could ask now to see how many Viagra spams she received while in office? If she deleted a message, was it archived or is it gone now? Would outgoing messages be retained? What if an e-mail client was configured to send outgoing e-mail directly to the recipients server (I realize that's becoming harder to do now as more and more servers are set up to require relaying through an official authenticated server via DNS records, but what was the situation then?)

The people to put on the stand here are the IT people responsible for the e-mail servers and the IT people that Clinton used to set up her server.

Comment: Re:The patents (Score 1) 186

by tricorn (#49132765) Attached to: Jury Tells Apple To Pay $532.9 Million In Patent Suit
Many years back is 9 (when that particular patent was filed) or 16 (based on the priority date, though I'm unclear what that priority date is based on). Buying things over the Internet wasn't some stroke of genius, and couching things in standard patent-speak doesn't make it any more innovative. Makes me want to file a patent on "A Method and System of Using A Computing Device", put in all sorts of vague claims with "data means" and "storage means" and "communication means" and "user interface means", include something really specific like "a processor using graphene), then wait until someone creates something nifty after graphene has become common in chip fabrication, then sue everyone for violating my innovative patent, since I was the only person in 2015 who could have foreseen graphene being used in computers. Of course, as every new potential technology is reported on, I file a continuation on my patent and add in the new technology. Perhaps a cool new public key system is devised, I can toss using that as part of the data communications means of using my Computing Device. This will cost me some money, of course, so I'll deserve a big payout at the end for having taken so much risk in developing my innovative technology.

Comment: Re:The patents (Score 1) 186

by tricorn (#49132063) Attached to: Jury Tells Apple To Pay $532.9 Million In Patent Suit
I read a few of them. They appear to be continuations of continuations of continuations based on a foreign application of a continuation of .... Trying to figure out what was ACTUALLY claimed to be innovative a the priority date of 1999, and what was added since the iPod and other systems supposedly infringing came out, is pretty difficult. Indeed, trying to understand the claims themselves doesn't really tell you much, and I fail to see how ANY jury, with anyone with a hint of software knowledge excluded, could form a reasonable decision as to validity. As near as I can tell from the ones I read, it's basically "You know that music and stuff you can download off the Internet onto a portable device? What if you had to pay for it first?" There really is nothing more non-obvious than "sell something - OVER THE INTERNET".

Comment: Re:Really? (Score 1) 215

by tricorn (#49069263) Attached to: New Encryption Method Fights Reverse Engineering

With hardware support in the CPU this can be done properly.

CPU-unique public/private key pair generated by the manufacturer. Public key signed by manufacturer's private key. To install program, CPU public key is validated, program is encrypted with unique key, unique key is encrypted with CPU public key, program and encrypted key is sent to customer.

CPU would then be givent the execution key, which it decrypts internally with private key and saves securely (no access via JTAG, no instructions to access it in any way). Instructions are then decrypted on-the-fly into internal secure instruction cache. You could do the same thing with data, with specific instructions to read/write unencrypted (after all, you do have to get the results out somehow), using a random key internally generated by the CPU. That key could be read/stored, but only encrypted with the instruction key (and changing the instruction key would wipe the data key).

Encryption key for each block would include the location of that block (e.g. take decrypted key and hash with location, then use that as the key for the block). A final step could be to have a block of (encrypted) hashes of each block that would be verified as each block is decrypted (with immediate wipe of decryption keys and cached code if it fails).

Breaking the private key of an individual CPU would, of course, allow you to emulate such a processor and break any program that's been keyed to it, but if such a CPU also required booting into encrypted firmware it could be very difficult to do (assuming the hardware is properly hardened), with the only practical attack being to break it using the public key. If you could do that, there are much better targets to go after than to get a free copy of some expensive program.

Comment: Re:Better way (Score 1) 289

by tricorn (#48763009) Attached to: Extra Leap Second To Be Added To Clocks On June 30

That's a terrible solution. It simply guarantees that there will be even more significant problems when you do trigger that Leap Minute. Having this occur every year or two means you have an incentive to handle it correctly. Having it occur once every 60-100 years means that no one will bother handling I correctly, or will implement handling it incorrectly.

Think of a critical system that hangs for a minute rather than a second. The results would be much more damaging.

That's like fixing a memory leak by adding more memory to your system. You're just pushing problems down the line and making them more significant.

To err is human -- to blame it on a computer is even more so.