Please create an account to participate in the Slashdot moderation system


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Fake suggestions from facebook... (Score 3, Informative) 120

by wirelessbuzzers (#34148340) Attached to: Google Challenges Facebook Over User Address Books

From what I've heard, it's a quarter-truth rather than an outright lie. If Alice finds Bob using friend finder, then this message can appear with Bob's name on it. Because there's no way to tell if a friend request came from friend finder, Bob doesn't know that he's "found friends using friend finder".

Comment: Re:Hmm ... (Score 1) 111

by wirelessbuzzers (#32343196) Attached to: Busting, and Fixing, Frame Busting

A "study" that determines that disabling Javascript will not allow you to execute Javascript.

A study that shows that many high-profile websites (which follow the previous best practices) are insecure because they don't take this into account, and proposes enhanced defense mechanisms.

I wish *I* could get paid obscene amounts of money to make "studies" like these.

If you can repeatedly find security flaws in web best practices, you're welcome to come join the lab. It pays about $15/hr, plus half your health insurance.

Disclaimer: I work with these guys.

Comment: Advanced features (Score 4, Interesting) 138

by wirelessbuzzers (#32224868) Attached to: AMD's Fusion CPU + GPU Will Ship This Year

In addition to the CPGPU or whatever what they're calling it, Fusion should finally catch up to (and exceed) Intel in terms of niftilicious vector instructions. For example, it should have crypto and binary-polynomial acceleration, bit-fiddling (XOP), FMA and AVX instructions. As an implementor, I'm looking forward to having new toys to play with.

Comment: Re:Thermodynamics (Score 1) 187

by wirelessbuzzers (#31533668) Attached to: Piezo Crystals Harness Sound To Generate Hydrogen

Actually, the #1 problem here would be that it would be disgustingly expensive, an ineffective sound barrier and an inefficient energy source.

To start with, lining the highway with any kind of fancy tech would be fabulously expensive. Maybe you could install parabolic concentrators to reduce the cost, but it would still be impractical this side of Dubai.

Second, consider how loud a speaker with a few watts of power, compared to a nearby highway. Truck rumblings will probably hit the wall with something on the order of a few watts per square meter, tops.

Third, if this is 18% efficient, that's not even 1 dB down.

Hydrogen isn't nearly as dangerous as people think. It doesn't have a very high energy density, and it rises as it burns. In the Hindenberg disaster, an airship with 200,000 m^3 of hydrogen caught fire while still in the air, then crashed into the ground, and almost 2/3 of the passengers and crew survived. I'm pretty sure a car colliding with this barrier would be less spectacular.

Comment: Re:Partially oxidizing? (Score 1) 379

by wirelessbuzzers (#31448758) Attached to: 50% Efficiency Boost From New Fuel Injection System

Because hot fuel explodes harder inside an engine cylinder?

Pretty much, yeah. The fuel burns rapidly, and its heat increases the pressure in the cylinder. The more heat, the more pressure. Obviously, adding the heat earlier could cause some problems: it could result in less fuel and air in the cylinder (higher initial pressure), or it could damage components, or it could leak heat out, or it could cause the cylinder to fire at an inconvenient time, or whatever. But in principle, it doesn't have to be a problem.

And for your information, honey is delicious and pre-eaten.

Technically, yes, but the bees didn't digest it and burn the calories out of it, or we'd call it 'poop' instead of 'honey.'

OK, so maybe yogurt is a better example.

Comment: Re:on-board AES? (Score 1) 219

by wirelessbuzzers (#31088114) Attached to: Intel Details Upcoming Gulftown Six-Core Processor

Intel also added an instruction called PCLMULQDQ which does polynomial multiplication over F_2. If it's fast (I can't find timing numbers, but hopefully it's something like latency 2 and throughput 1) then it will be very useful for cryptography in general...

Latency 15 cycles, throughput 10 cycles. That's a shame. Also, AESENC has thoughput 2 cycles/round, only half as fast as I expected.

Comment: Re:on-board AES? (Score 1) 219

by wirelessbuzzers (#31088058) Attached to: Intel Details Upcoming Gulftown Six-Core Processor

Hopefully, this will cause people to stop using CBC mode, but perhaps I'm too optimistic.

I don't quite get the point. Are there flaws in CBC mode or do you think it's just better to use i.e. OCB or GCM mode because many developers often forget to add proper MACs to their protocols?

I overstated the case. CBC mode isn't terrible, it's just not the best mode out there.

The main problem with CBC mode is that it isn't parallel. This means that most of the new, faster, timing-attack-resistant libraries can't handle it efficiently (the one I wrote is an exception, but it only works on recent Intel procs and it's ~10% slower than Kasper-Schwabe for bulk encryption). It also means that CBC is a factor of 3 slower on Westmere, maybe 1.5 on VIA chips and 1.5 on the PowerPC G4. Due to optimizations, CBC mode is an additional 15-20% slower than CTR mode in most software libraries. It also has a larger attack surface than CTR mode, and unlike CTR mode it requires decryption.

OCB and GCM modes are really nice because of the integrated MAC. Too bad OCB is patented... if you fit the constraints, there really isn't a better mode for AES.

Professional wrestling: ballet for the common man.