Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Re:So upgrade already (Score 1) 829

A new car will not use old parts, but it WILL reuse the same design of the engine and the transmission, and possibly the same door locking mechanism. If you find a bug in the way the doors are locked that lets you bypass the lock and enter the car, chances are the same bug also exists in older models.

Components of goods : When I buy a car, I pay for the thought gone behind implementing the lock (and engine, transmission, putting it all together etc.) AND the steel / plastic / ICs that the car physically consists of. Cost (not price) of building a car is about 90% (+-20%) for the material / labour used in building the car directly or indirectly, and 10% the thought behind it and expression into physical machines. If older lock has a vulnerability and newer car shares the vulnerability, I fully expect a huge discount in the 10% thought portion of the car, and "Refurbished" sticker on the thought sold separately (if).

It is this 10% (+-100%) that is identical in Microsoft's software and cars which is why I made the analogy.

When I buy a software (download), the cost of the item I buy is ALL in the thought and expression into machine code. So I expect the same huge discount and Refurbished sticker on 100% of the item.

Expectation from security : In physical locks, there is also the impossiblity of having a perfect lock - that comes from a near impossibility of remote exploit as well as the impossibility of a lock being secure in spite of physical access to the device (car). So the lock is little more than keeping honest people honest. It is NOT so with Software, where remote exploit is very feasible. If vulnerability exists because of physical access to a computer, Microsoft for its OS is off the hook because it doesn't sell most conputers itself. So expectations from security in Software "goods" is very high.

A car with remote exploit across models over multiple years would expect to lose more for the manufacturer than they ever spent on the "thought" behind ALL of the car.

I also mentioned that Microsoft

skimped on effort (code reuse), resulting in a poor product (shared security bugs with ancient software). Why does that not result in much cheaper software, or at least a sticker "Refurbished"?

Which is the point that stands regardless of the suitability of the analogy, and which you didn't address.

Comment Re:So...? (Score 1) 189

On several occasions I have tried to get data from researchers. Most of them guard their data jealously and will give any number of excuses for not distributing it

Did you have any right to the data? Moral / legal / procedural ? If publicly funded, most people should have right to the data, but there might be a procedure to access it, I wouldn't blame anyone for establishing a light procedure to bug their scientists.

Comment Re:Is it really an issue (Score 1) 365

space travel mean nothing to investors

Exactly. You're the one that does NOT invest in space travel. Could it have been simpler?

There is always someone who does not invest in some crashing or upcoming industry. You're the one for this space industry. You could even have a hobby - not investing in space travel. A great conversation point, I am sure.

Comment Re:So upgrade already (Score 1) 829

A NEW car salesman cannot afford to say that reusing cars is a perfectly valid option. And that of course if you reuse old cars, they don't start easily in winters, and rattle a bit when you drive, and leak in rains. That it is all perfectly normal for the car industry.

If Microsoft reused code, why am I being sold a NEW software ? I expect used software prices. Microsoft skimped on effort (code reuse), resulting in a poor product (shared security bugs with ancient software). Why does that not result in much cheaper software, or at least a sticker "Refurbished"? Why is this perfectly normal for the software industry? Why are you defending it?

Comment Re:Allow me to burn som Karma by saying (Score 1) 489

What's the answer? Lower cost of currency exchange, limited unofficial acceptance of a few different currencies by businessmen, cooperation between countries to catch counterfeiting in other countries too.

Cost of currency exchange is not fundamentally high, but common currency is fundamentally infeasible.

Problems being there doesn't mean non-solutions(long term) should be adopted, especially ones difficult to undo.

Comment Re:Allow me to burn som Karma by saying (Score 1) 489

If the Euros could make the EU work

This is fundamentally infeasible. The reason it is ok for a country to have common currency all over is that they largely represent an "economy", economically. Economic culture is likely similar, economic decisions by the "government" are identical etc. So a country with "better" economy, in the sense that other countries want to do a lot of business with it, leads to its currency appreciating over time. Now imports are easier, and exports are harder. This gives the countries with worse economies a better chance (incentive) to be able to export more, and import less. A stable equilibrium, if you will.

With a common currency, but different economic decisions and greatly different economic culture, this equilibrium is not stable any more. No one wants to do business with Portugal (say), but that doesn't give it the benefit of a depreciating currency to encourage exports because people would kill to do business with Germany which uses the same currency. So the Portuguese economy does not "improve", and STILL no one wants to do business with Portugal.

Comment Re:RSA sold you out (Score 1) 464

Given a perfect understanding of the universe (all reasons including quantum mechanical and other for the thermal noise in the said amplifier, for example), there is nothing "pure" random. It is really random of the gaps that we call "pure" random.

Do you have a definition of "pure" random other than one based on random of the gaps ?

Comment Re:RSA sold you out (Score 3, Insightful) 464

1. For preserving randomness from independent sources, multiplication and division are rarely useful. These operations at times reduce randomness - take for example, the well known, multiplication by zero. Otherwise what was very good randomness, is destroyed. Even multiplication by a very small number takes away much of the randomness derived from other sources. If a Slashdot topic is not conducive to AC posting (or any posting at all), there goes all other randomness in the bin.

Similarly division - division by large numbers have similar effects as multiplication by small numbers.

XOR is typically better. But then one has to be careful that the "independent" sources have very low correlation - otherwise probability of zero bits increases drastically.

2. You need random, and you need it quick. The hunger of modern computer systems is difficult to satiate simply by the sources you suggest - at least initially. E.g., if you want to download all these figures from the internet, would you want to download such sensitive stuff in plaintext ? Of course not, you need SSL. For SSL, you need random. So you are stuck with good quality hardware RNG for best results, bad quality randomness without that, or depend on system entropy.

Once you get SSL, you could store lots of random numbers, but then you get into the problem of people / attack vectors trying to read that store. Performance vs. non-storage is a tough problem to solve.

Comment Re: "because it originated from the wireless netwo (Score 1) 547

If you are capable of committing the crime, and have the antisocial tendency, how about this :

1. Give warning of crime.
2. Actually commit the crime according to the warning.

Now you not only have succeeded in committing the crime , which you wanted to do anyway, you have granted a tool in the hands of your antisocial friends who are themselves not capable of committing the crime. They will now be able to send society into a tizzy just by giving a false warning of the crime about to be committed.

Comment Re:supplementing the diet of well-nourished adults (Score 1) 554

One apple will give you less than 10% of RDA of most vitamins and minerals. If the top 30 vitamins and minerals are being considered, apple 75c is a big wastage. Some other fruits would score at least 70% of a few top-30 vitamins and minerals, leaving 30% for rest of the food, which is reasonable. Not apple, though.

Apple is not even value for money if fibre is what you are after.

Comment Re: UEFI excludes too much (Score 1) 201

Yes, I know later people were able to do it. But phoronix being unable to do it for a while is proof that the question being asked :

Is that easy on all UEFI implementations?

Does not have an answer "yes". For sane values of "easy".

And this question being asked does not have anything to do with SecureBoot, so I have no idea why you deemed it necessary to bring it up here. (U)EFI , or at least its particular implementation, is the problem, as you yourself mention.

Slashdot Top Deals

"The fundamental principle of science, the definition almost, is this: the sole test of the validity of any idea is experiment." -- Richard P. Feynman