Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Comment Re:Could they? (Score 1) 389

And the subset of that group which is willing to accept that aliens may be the most likely answer, based on current knowledge and theories.

Since we have zero knowledge of, or evidence for, aliens, I don’t see how that can ever be the most likely answer.

We also have zero knowledge of, or evidence for, the lack of aliens. The law of parsimony suggests that since we have no specific reason to believe that we're unique in the universe, we should assume that we're not.

When you consider the immense distances between stars, and the vast aeons of time our galaxy has existed, even if life had arisen elsewhere and, against all odds, evolved intelligence, the chances of them being our contemporaries is, well, astronomical.

This is only true if you believe that intelligent life is extremely rare and/or short-lived.

Also, Fermi’s Paradox.

Fermi's Paradox ignores the fact that human recorded history, and especially human technological history, is a vanishingly short interval of time. Given the abundance in the universe, there's no reason for an interstellar traveling species to be particularly interested in our planet. It seems likely that the only thing remotely interesting about Earth is us, and we've only been a detectable feature for a little under a hundred years (when we started pumping out radio waves). Given the light-speed propagation delay of that information, even assuming intelligent, spacefaring species are relatively abundant, how many can even know we exist yet? For that matter, we may *still* not be advanced enough to be interesting to interstellar travelers. Also, even if Earth is interesting enough for a visit, who's to say they didn't drop by several thousand years ago. How would we know unless they stayed? For that matter, they could have stopped by just a few hundred years ago, and as long as they were circumspect we'd never have noticed.

No, I think the only thing that the Fermi Paradox line of thought tells us is that faster than light travel probably is as impossible as we currently think it is. If FLT were feasible, then it's much more likely that someone within the ~200 light-year sphere within reach of our radio waves might have noticed us and have had time to come visit. Assuming we're interesting enough to visit, that is, which is a big assumption.

Comment Re:Shouldn't be punishable anyway (Score 5, Interesting) 295

he just made a crude unfunny joke

Actually, it wasn't intended to be that much of a joke. A little, sure, but the only source of humor was the shock value.

His real point, and his reason for using such a surprisingly crude phrase, was a very serious one. He was making the point that in America one can say the nastiest things possible about the most powerful government officials without fear of consequences. His rant was about free speech, about how crucial it is and about how Trump has absolutely no respect for it... but in spite of Trump's lack of respect for the principle, the principle holds, and Trump's power can do nothing about it.

When you understand the whole context, this FCC ruling is an important victory for all Americans, even those who found it offensive. Which, to be honest, included me, though I understood the point and appreciated the value of the point and the fact that the very offensiveness of the comment was what made the point forceful.

Comment Re: Fucked (Score 3, Informative) 295

In trying to say the most insulting, offensive thing he could think of to paint Donald Trump with, he thought of an act of love between two men.

With all respect, I don't think the phrase "cock holster" implies any sort of love, regardless of the genders involved. It doesn't imply an act of giving pleasure, it implies use as a storage location.

Comment Re: Single biological authentication doesn't work (Score 1) 72

Your nuclear weapons plant security is a pipe dream.

Have you ever worked in nuclear weapons security? I have. I have a very good idea of what is and is not practical in that context.

However, I will readily admit that I exaggerated both systems; I described a phone scanner that is considerably worse than real devices, and a nuclear weapons storage entry scanner that is probably stricter than what would really be implemented.

Comment Re:Security vs Convenience (Score 1) 72

I think you misunderstood my point.

I did. Thanks for the clarification.

As for iris being better than fingerprint.

And I think you misunderstood mine :-).

I wasn't claiming that iris is generally better than fingerprint, I was saying that it's likely more secure against penetration by a phone thief. Security is context-dependent, and in that context iris is probably harder to get past than fingerprint. Iris is probably less secure than fingerprint against friends and family, who probably have many high-quality photographs of your eyes, and can easily get more.

I suspect that the speed and accuracy of the fingerprint scanner adds more to it's convenience than the iris scanner

Perhaps. If the iris scanner is extremely good and fast it could actually be more convenient than fingerprint. Suppose that all you had to do was to point your phone vaguely in the direction of your face (as you must do to look at it), and it unlocked in 50 ms (instantly, from a human perspective).

Additionally, despite leaving my prints on my phone, the odds of retrieving one that is clear enough to work with are relatively low.

Not as much as you might think. A couple of guys on my team tested Nexus 4, 5 and 6 a couple of years ago, and found that all three of them captured great fingerprints that could be recovered by shining a light on the device at the correct angle and taking a photograph with another phone. The N5 and N6 were actually better than the N4, even though the N4 has a glass back. Smooth plastic seems to hold fingerprints better than glass, even though they're less visible. They tend to smudge a little more easily on glass, I think.

Comment Re:Single biological authentication doesn't work (Score 1) 72

You constantly ignore the problem. I don't talk about secrecy. I don't talk about rotation.

I talk about that a compromised security system has to be replaced or to be repaired -- whatever the breach was.

But you can't neither replace nor repair your own biometrics. Once they are compromised, they stay compromised.

You're confusing the system with the data.

Okay, let's try this. Suppose I have two systems: my phone, and the nuclear weapons storage facility that I work at. The phone has a cheap scanner will accept anything that looks vaguely like my fingerprint. The nuclear weapons storage facility has a high-quality fingerprint scanner with such tight matching parameters that I must scrub my finger clean before attempting to scan it, and is overseen by an armed guard who checks that my finger is my finger, nothing more and nothing less. He knows how to spot fake finger overlays.

Now, suppose that someone steals my phone, lifts my fingerprint off of it, makes a photocopy, and my phone accepts that photocopy and unlocks. The phone has been completely compromised.

Now, does this also compromise the nuclear weapons storage facility?

Comment Re:I reported my rape and got fired (Score 0) 90

Porat was asked a question that was about a gender-related complaint and Schmidt apparently stopped the complaint from being discussed

Yeah, I mean Gods forbid Eric Schmidt the goddamned chairman of the fucking board have the temerity to open his mouth to lead the discussion when an exalted womyn is dropping her pearls of wisdom before the ungrateful swine.

I mean...the nerve.

Yeah, how dare she expect that she should feel comfortable at work.

Comment Re:I reported my rape and got fired (Score 1, Interesting) 90

If being interrupted by the opposite sex is a "gender-related" thing by now then I should top the charts of oppression and my wife has a lot of 'splainin to do.

The problem wasn't the interruption so much as the context. Porat was asked a question that was about a gender-related complaint and Schmidt apparently stopped the complaint from being discussed and turned it into a joke. Depending on the nature of the complaint, that could be really hurtful to the person who'd screwed up their courage enough to ask such a question in front of the whole company (I'm assuming the "large company meeeting" was the weekly whole-company TGIF).

Note that although I work for Google, and occasionally read "Yes, at Google", I haven't read anything about the described scenario other than what's in the summary here. I don't know the context, or even if it really happened. I'm just commenting on the hypothetical.

I'll add that I think the mailing list is awesome. Its purpose isn't to chastise anyone, or tell management about problems... those are HR functions and shouldn't be handled through an open mailing list. Its purpose is simply to raise awareness of the fact that sometimes really bad things happen at Google. Google is an open, friendly, egalitarian place and it's tempting for people to think that sexual harrasment, racial discrimination, etc., couldn't happen at Google. The mailing list shows otherwise and serves to help people learn to notice it. It also serves to raise awareness of the small ways in which people make their co-workers uncomfortable, often without even realizing it. It exposes people to different viewpoints and broadens their outlook.

The mailing list is a good thing. You should start one at your workplace.

Comment Re:Security vs Convenience (Score 1) 72

I think by now everyone on Slashdot knows that biometrics provide very little actual security.

It depends on the context and on the details of the biometric system. Of course, this is *always* true; "security" not only isn't a boolean, it's not even a continuum. It's an n-dimensional tensor. To determine what security you have, you have to think about the avenues of attack, the nature of likely attackers and the risk that you're trying to protect against.

For example, it would be fine to use a fingerprint sensor to control access to a nuclear missile silo. The fingerprint sensor wouldn't be the only element of the security system, but it would be perfectly reasonable to use as a method to authenticate an authorized individual... as long as the system ensures that faking fingerprints is extremely difficult. Given an armed guard who is trained to spot fake finger overlays, and with instructions to detain or kill anyone who attempts to subvert the system, the security level would be quite high.

In fact, nuclear weapon security *does* rely on biometric authentication, but it's normally the old-fashioned face recognition kind, where one human attempts to match another human's face against a small photo on a plastic card. Fingerprint scanners are harder to fool than that, assuming the guard doesn't know the entrant personally.

Of course, we're talking about biometric scanners in consumer devices, where the attacker has complete freedom to try anything he likes to fool them. That's a different context.

That said, they do provide a very real solution to a very real problem. My phone has too much information on it to leave completely unprotected, but at the same time, I unlock it so many times a day that entering a long and complex passphrase each time is impractical.

Yes, this is the reason biometric authentication on phones is a good idea. Now, if you have really important data on your phone a fingerprint may still not be good enough. You have to decide.

I see the fingerprint authentication on my phone as being enough to stop my toddler from doing too much harm to my settings, or my friends from pranking me at the bar

It's worth pointing out that against your friends and family, a fingerprint is probably more secure than a simple password (or PIN or pattern; they're all passwords). Unless you have unusual friends or family, it's very likely that they would find shoulder surfing much easier than manufacturing a fake fingerprint, even though they have ready access to your prints.

it's also enough to foil the vast majority of casual pickpockets

Here's an area where iris authentication may be better than fingerprint. A phone thief who is willing to go to the effort of manufacturing gummi fingers to fool fingerprint scanners is likely to be able to lift a copy of your fingerprints off of the surface of your phone. He's less likely to be able to get an infrared photograph of your eye.

Now if I was asked to use biometrics to authenticate my car, house, workplace, or bank account, I'd object a lot more

Are you sure your phone isn't a key to any of those things? Odds are good that it *is* a key to your bank account.

Comment Re:Single biological authentication doesn't work (Score 1) 72

Any pair of key and lock which is compromitted should be replaced. You change your locks once someone broke in your home, or someone has a key you don't trust any longer. You change your password once you notice someone was in your account. But you can't change your biometrics. So what happens to the locks your biometrics were the key to?

Locks are a bad analogy, just like passwords. Locks also rely on secrecy, in this case on the secrecy of the shape of the key.

Rather than trying to analogize, analyze the security of biometric systems directly, on their own basis. Assume that the biometric data is known to the attacker (this is the only reasonable assumption), and if rotation were feasible, that that attacker would also know the new data. Think about the contexts in which the system will be used, and the obstacles that the attacker must overcome in order to successfully present the known data to the system. Those obstacles represent the security level of the system. Secrecy is irrelevant, therefore rotation is irrelevant.

Comment Re:Permafrost (Score 1) 177

It has been significantly warmer, when we weren't alive. It has been significantly cooler, again when we weren't alive.

The key is we know the score in terms of our current standard of living and current climate. Sure we can dream up better climate consequences in theory, in practice though we know how to play the game in front of us, and we can't be sure of how we can play in a new scenario, and we know that once changed, undoing it is going to be impossible or at least much much harder than avoiding the change in the first place, so the risk/reward benefit for rolling the dice on change is poor.

Slashdot Top Deals

"my terminal is a lethal teaspoon." -- Patricia O Tuama