Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment Port knocking (Score 5, Informative) 157

Port knocking is where the inbound system won't connect until a series of unsuccessful attempts is tried on a known sequence of ports - the system will open the door only when the visitor gives the "secret knock".

For example, a system won't normally accept connection requests. If the visitor attempts (unsuccessfully) ports 1010, 1050, 3042, and 4725 in that order, the system then accepts a connection at port 9000. (Use different numbers and length as needed for security.)

It is nigh impossible for a security audit to detect this type of camouflage. This technique has been well-known for years.

If China were putting back-doors in hardware systems, they could make them virtually impossible to find.

That's circumstantial evidence that this isn't a case of espionage on the part of the manufacturer. It's more likely a flaw in the software or a debugging port that wasn't compiled out in the released version.

News

Submission + - Machine gun fire from military helicopters flying over downtown Miami (miamiherald.com) 1

Okian Warrior writes: Multiple police agencies and the military are currently (Monday night) conducting training exercises over Miami and elsewhere in the county. The exercise includes military helicopters firing machine-gun blanks while flying over highways and buildings.

This YouTube video shows helicopters strafing highways with blank rounds near the Adrian Arts center.

There are reports of similar actions in Houston

From the Houston article: "if you see the helicopters or hear gunfire, it's only a drill."

Not to be alarmist or anything, but, um... WTF?

Submission + - UK defense contractor hacked, confidential documents leaked (cyberwarnews.info)

An anonymous reader writes: Britam, a UK defense contractor company was hacked and a collection of confidential documents were released. The documents include a passports, incident reports, contracts and also a very controversial e-mail in which Britam reveal an "approved by Washington" plan to stage a chemical weapons attack in Syria and blame the Assad regime for it.
Piracy

Submission + - WTO Approves Antigua's Pirate Website (torrentfreak.com) 1

hydrofix writes: On Thursday TorrentFreak broke the story (verified by BBC) that the government of Antigua and Barbuda, a tiny island nation on the Caribbean, was planning to launch a legal "pirate" website selling movies, music and software without paying a penny to U.S. copyright holders. Now, the World Trade Organization has given its final approval for the Antigua government to launch the website. The decision follows from long-running trade dispute between the countries, related to online gambling, which was ruled in Antigua's favor in 2005. After the United States refused to compensate, the WTO granted Antigua the right to "suspend" U.S. copyrights for up to $21 million annually.

Comment Tyler Durden (Score 1) 184

FWIW, I did get the reference (and I own the movie).

I was addressing the intent of the reference in its original context. There's lots of reason to despair the heartless actuarial calculations of corporations, but only where warranted.

Note that I didn't snark your post (an urge that I find difficult to control). Don't be disheartened - your post wasn't modded "Funny", even though it's a valid attempt. I was just trying to supply some background.

Perl

Submission + - Perl Isn't Going Anywhere -- For Better Or Worse (infoworld.com)

snydeq writes: "Deep End's Paul Venezia waxes philosophical about Perl stagnancy in IT. 'A massive number of tools and projects still make the most out of the language. But it's hard to see Perl regaining its former glory without a dramatic turnaround in the near term. As more time goes by, Perl will likely continue to decline in popularity and cement its growing status as a somewhat arcane and archaic language, especially as compared to newer, more lithe options. Perhaps that's OK. Perl has been an instrumental part of the innovation and technological advancements of the last two decades, and it's served as a catalyst for a significant number of other languages that have contributed heavily to the programming world in general.'"

Comment Nuanced response (Score 5, Informative) 184

So what you're really saying is "Take the number of [batteries] in the field, A, multiply by the probable rate of failure, B, multiply by the average out-of-court settlement, C. A times B times C equals X. If X is less than the cost of a recall, we don't do one. "

The actual answer is more nuanced.

FAA regulations define 5 levels of critical for safety systems: levels A through E.

Level A is for things that can knock a plane out of the sky when they fail; for example the stall speed alarm.
Level C is for things that can cause injury or at most a single death; for example, the cabin pressurization system
Level E is for things that don't affect flight safety; such as, in-flight entertainment or the microwave in the galley

For reference, I wrote the software for cabin pressurization systems. It's level C (hardware == B), which means that failure in pressurization is an emergency situation, but isn't expected to kill everyone on board. The masks drop and the pilot immediately dives to under 10,000 feet to restore breathable air.

If the cabin fills with smoke, it's not life-threatening per se. The pilot can override the pressurization system and "dump" the cabin atmosphere, and it clears pretty quick. (The captain also dives to under 10,000 feet if necessary.)

The battery catching fire isn't a problem SO LONG AS the fire itself won't cripple the aircraft. The battery underpowering the plane when the alternator dies MAY BE a problem which would kill people.

The people who design these things take these levels into consideration, and the general rule is "fail safe". If you can't "fail safe", then "fail in the least dangerous way". In my experience, the engineer must make many choices when designing an aircraft unit. The answer is always "do it *this* way, because if *that* happens it will be less dangerous.

Let's wait and see what the investigation uncovers. Here are some Cliff notes:

1) Li-Ion batteries might behave differently at altitude (cabin pressure is reduced while flying)
2) The battery may be performing to spec, while trying to compensate for a more dangerous problem
3) Smoke in the cabin is not as dangerous as you might think
4) Things that burn are designed to not damage things when burning
5) People who design aircraft are pretty smart, and have a generally high moral standard.
6) People who investigate aircraft incidents are really, really thorough, and have a good track record.

(Note: Glossing over some details to make an easier read.)

Comment Epson interlocks (Score 2) 39

Epson printers (and most inkjet printers in general) have a single photo-interrupter that detects proper paper feed. These are simple units - not the complex photocopiers in your workplace.

In the case of Epson, once the motor starts the paper has to trip the photo-interrupter within a window of some milliseconds (like - between 1/2 and 1 second) or the unit will throw a paper jam error.

After removing all the gears and rollers in the back of the printer, you have the photo-interrupter in hand, still wired to the unit. An easy way to use it is to make a "carrier board" on which to place your medium (filter paper, for instance). Put a notch in the front corner of the carrier so that when the first part of the carrier goes through the paper feed it doesn't trip the interrupter, but past the notch it does. If you cut your notch to the right length the timing is obeyed and the carrier is processed as a piece of paper.

(IOW, the leading edge of the carrier is 8" wide, because a 1/2" strip is cut from one side. Two inches further in the paper is 8 1/2" wide. The photo-interrupter is placed so that the notch doesn't interrupt, but the full width does.)

The print head rides above the paper surface roughly .06" (varies with printer, and is adjustable on some printers), so you may need to raise the print head a little. A dremel tool cutoff wheel and some washers for spacing will work here.

Comment Epson printers (Score 1) 39

Epson printers use piezo print heads. These are available for thin money everywhere, sometimes for free: salvation army store, town dump, craigslist.

Hackers are using these to print etch-resist directly to copper-clad boards for making PCBs. The Epson ink is wax based instead of pigment based, so some of the inks make good etch resist (Mispro yellow apparently works best.) (Glossing over a few details.)

The cartridges are counter locked, but you can purchase a reflash tool on eBay for under $5 that will reset the code counter on any cartridge.

You can also purchase new, empty cartridges for just about any printer online (example: inksupply.com). That might be more convenient than trying to wash out a used cartridge, and the used cartridge may have wear-and-tear anyway.

The original article claims that the small nozzle/droplet size of modern printers make them unsuitable for biological printing. I'm skeptical of this claim, but if they say so...

Comment Some suggestions for video (Score 0) 44

Slashdot, you're really not hitting the high registers with these videos.

A video of people talking is good, but you need to punch it up a little. Use some powerpoint-style slides with text bullet points, then have the speaker read out the text as the audience follows along.

Here's an example of what *not* to do.

All that action and movement does little to enhance the video, and the scripted text makes it seem somehow terse. Don't do that - the discluencies - "ah", "uhmmm", "you know", and so on - are what make the speech sound normal. Drag the dialogue out a little!

And the cuts! A dozen or more different scenes in the example video doesn't add to the experience - just use one or two as you are currently doing. Showing someone flipping screens on a tablet is good - we need more articles about apps and products that people can purchase.

And be sure to put your video intro at the front every time. That way if the viewer is uninterested in the video, at least they will have spent the time looking at your logo.

Overall though, it's a pretty good video. Keep up the good work! It's hard to find videos of interest to tech people.

Comment It might be epic (Score 5, Interesting) 154

The bloggers are not testing the scientific method, they are testing methods that are scientific. Those are two vastly different concepts. Their work is important, but not epic.

I'm not so sure about that.

We believe in a scientific method founded on observation and reproducible results, but for a great number of papers the results are not reproduced.

Taking soft sciences into consideration (psychology, social sciences, medical), most papers hinge on a 95% confidence level. This means that 1 out of every 20 results arise from chance, and no one bothers to check.

Recent reports tell us depression meds are no better than chance and scientists can only replicate 11% of cancer studies, so perhaps the ratio is higher than 1 in 20. And no one bothers to check.

I've read many follow-on studies in behavioral psychology where the researchers didn't bother to check the original results, and it all seems 'kinda fishy to me. Perhaps wide swaths of behavioral psychology have no foundation; or not, we can't really tell because the studies haven't been reproduced.

And finally, each of us has an "ontology" (ie - a representation of knowledge) which is used to convey information. If I tell you a recipe, I'm actually calling out bits of your ontology by name: add 3 cups of flour, mix, bake at 400 degrees, &c.

This assumes that your ontology is the same as mine, or similar enough that the differences are not relevant. If I say "mix", I assume that your mental image of "mix" is the same as mine. ...but people screw up recipes, don't understand assembly instructions, and are confused by small nuanced differences in documentation.

Does this happen in chemistry?

(Ignoring the view that reactions can depend on aspects that the researchers were unaware of, or didn't think were relevant. One researcher told me that one of her assistants could always make the reaction work but no one else could. Turns out that the assistant didn't rinse the glassware very well after washing, leaving behind a tiny bit of soap.)

It's good that people are reproducing studies. Undergrads and post-grads should reproduce results as part of their training, and successful attempts should be published - if only as a footnote to the original paper ("this result was reproduced by the following 5 teams..."). It's good practice for them, it will hold the original research to a higher standard, and eliminate the 1 out of 20 irreproducible results.

Also, reproducing the results might add insight into descriptive weaknesses, and might inform better descriptions. Perhaps results should be kept "Wikipedia" style, where people can annotate and comment on the descriptions for better clarity.

But then again, that's a lot of work. What was the goal, again?

Comment Dumasses are where you find them (Score 1) 211

So nice to see that so many dumbasses are out there willing to trust people like that with their data. What could possibly go wrong.

What part of "data is encrypted at the client using javascript" don't you understand?

I'll be happy to explain it to you. Was it the "javascript" part? Or maybe "encryption"? I can go over the difference between "client side" processing and "server side" if you like.

Please tell us. I've got a professional interest in sorting the dumbasses from the rest of the internet, and you seem to be able to tell the difference.

Comment It's just so obvious (Score 1) 709

The best part of the article is this quote from [Guardian correspondent] Felicity Lawrence:

"You get what you pay for," wrote Felicity Lawrence in the Guardian.

"The only surprise about the latest adulteration scandal, in which beefburgers at rock bottom prices turn out to contain horsemeat and traces of pig, is perhaps that they contain meat at all."

It's just so obvious! The low price should have been a clear tipoff to consumers that the beef advertized as beef wasn't what it seemed.

I can't wait to hear Felicity's special in-depth report on generic drugs.

Slashdot Top Deals

Computer programs expand so as to fill the core available.

Working...