Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment Re:It'll make Linux better (Score 1) 1051

like the other commenter said, you have a serious disconnection from reality.
There *needs* to be a "top dog" who dictates the qualities of the project, otherwise it ends up being endless debate and project systematic individual style hacks introduced, in the end no one knows how it was supposed to work and how it does work now.

Certainly, it will create some grief on the short term when someone is adamant about bad quality and breaking things, in the long run however -> things work better as a result of that.

Those doing bad job needs to be punished, and those doing a good job needs a reward.

Comment Re:Still.... (Score 1) 1051

Still Linus was right in doing this.
Any bad coder out there like that - who doesn't test properly and breaks things horribly deserves some wrath.
I've seen too many bad, so called coders out there, even hired some. Excellent CV has not been a guarantee that even basic processes of the person doing the job is anywhere near the required level for the job.

Especially lack of testing, even if manual 5min testing, is something which is completely unacceptable.
In this case, the person probably did not need to do more than compile the kernel, boot a KDE environment and try to play a song. I've not looked into this patch which caused the trouble, but usually you can immediately tell from glancing at the code what to test.

And your example is wrong - in this case Linus is stopping crap to be introduced to mainline and making sure quality is maintained - anyone with basic reading comprehension skills can see that, and infact, for sensible persons that's positive marketing -> knowing that "heads will drop" if quality is not maintained.

Comment Re:Simples! (Score 1) 314

By far not sufficient when you get to that level of required security.
If there is no alarms, monitoring etc. and reinforced walls, a thief can potentially get inside without anyone noticing through another wall, ceiling or floor.

Practical security:
  * Use linux with GRSEC
  * All network daemons turned off
  * Firewall all ingress, don't even allow ping etc.
  * Firewall all egress, only make sure what's ultimately needed is accessible, potentially building a whitelist if possible
  * No excess software what-so-ever, just what is ultimately needed
  * ROOT account: No logins, create another account which can only be locally logon to, which can sudo. Password 16 chars, potentially automatically rotating. Possibly also having 2 factor authentication. You can trivially create this step by even creating a PHP Script as the shell :)
  * USER account: Limited to only what is required, potentially chrooted to the exact data which is required to be accessible etc. Depends on the usability required
  * Watch logins: More than 2-5 failed logins, shut the system down immediately using "magic" SYSRQ, wrong username? Instantly
  * Full disk encryption, on top of which potentially using a bit obscure filesystem to make it that much harder to break. The required data should have 2nd level encryption unless doing that creates a potential attack vector on the first level encryption

Hardware:
  * Potentially use hardware where you can review the firmware/bios if possible
  * HW firewall "integrated" to the motherboard, motherboard network connectors are removed and hardwired to this HW firewall, so that even a skilled person would require atleast 20mins to bypass the HW Firewall
  * HW Firewall configured in the same sense as the SW firewall, potentially with additional protections.
  * Super Epoxy glue all connectors, modules etc. including the HW firewall buttons and it's mainboard into the motherboard etc. -> Stops quick tampering.
  * Disk drives and CPU needs cooling, so CPU heatsink could use heat transfer glue to the CPU and super epoxy from the sides on to the motherboard. Disk drives can have little spacing with the super epoxy.
  * The whole case is epoxied together/welded. No connector should be accessible, but peripherals mounted permanently with super epoxy to avoid inserting capturing devices directly.
  * Braided stainless steel sleeves for all cabling to make splicing in harder.
  * Epoxy on the other side of the peripherals as well ;)

FW Config: Potentially disabling all unencrypted connections, verifying against known certificates, no other connections allowed, if possible. Potentially also limiting data transfer rates so that if anyone tries to transmit data outside -> it will take long enough for security to take notice.
GRSEC configuration is very involved, but can be teached.
Process list should be verified and checked against.

This will create a secured SW + HW environment.
If you cannot use a motherboard/devices which firmware you can verify, the extreme FW measures taken (both SW + HW) should ensure no data gets transmitted without permission. It is highly doubtful that same organization can be behind a security hole in the motherboard AND the HW FW, but you can also create your own HW FW using things like Arduino where you would be the person creating the firmware as well.

Epoxy: Modern cars are glued together, so just use similar industrial strength epoxy.

In the end it's all about making accessibility slower if it's a highly skilled attacker with knowledge about the system upfront, which can potentially stop the attempted attack all together if it's deemed too secure.
BUT Security via obscurity is still not security, i see people changing their SSH ports, blocking Ping etc. but that doesn't really add to security, as the information can still be gathered very quickly.

Comment Re:Simples! (Score 1) 314

Not sufficient. No computer is secure if it's in any way accessible, operable, even a computer buried underground, with no direct access is secure.

In practice however?

Just operate within a reinforced concrete and steel building, ie. a warehouse, signals get so weak that barely modern cell phones work, and you can forget data for the most part, even if there is just 1 layer of blockade. If you have physical security around no one can get close enough to get reliable signal through, especially if you place couple of scramblers.

Yet inside off the building you can even utilize wireless communication within the network - tho i wouldn't allow that, scramblers all around.

In the end, if the computer has human accessing it -> that's your weakest link most likely.

Comment Re:...and where they got your number (Score 3, Insightful) 451

it's FREE, so people tend to demand better than commercial product support etc.
Anything FREE and you will attract the worst "customers" the planet earth has to offer, they demand extraordinarily much, and will shy from even 1$ payment.

That's just the nature of the business, they need to find a way to deal with it, sure. But will it end? Probably never.
Biggest thing they can change is their attitude towards these kind of people, and make sure support terms (cost) is WELL Communicated, so anyone reading the bullshit review will easily know the author of the BS review is at the very least questionable authority.

Many people using free stuff will not even bother to glance at the terms of the free offering, and the company is by default at fault if the moon is not given in 5seconds flat.

Comment Re:Cast in a negative light, obviously (Score 1) 301

For joe average a lot of the "bank red tape" is because of stupid things like chargeback etc. not because of opportunity to steal from the bank.
Opportunity is with those who are working in the banking industry.

Chargeback btw is a major nuisance for many merchants, it gets mostly abused. For actual fraud i think the individual who lost their CC should be liable or a additional insurance for that case included in all CCs. It should not be the merchants responsibility to cover for that.
Probably 95%+ of Chargeback cases is just individuals looking to get free stuff in any case.

Comment Re:Seconds? (Score 3, Informative) 151

AC is correct.

In motorsports few seconds is a very long time. The lap times are not mentioned.
The raceway in question is probably this: http://thunderhill.com/staticpages/index.php?page=TrackMap
But which variation? Long version 2.866miles record times tend to be just over the 2minute mark for somewhat normal cars.
Short version is 1.769miles for which SCCA website is missing the record times, the medium version is 1.814miles and record times tend to be close to 1:30 mark with somewhat regular cars.
Also they don't say how good race car driver was the AI against, there is a huge variety of race car driver skill levels.

Few seconds? They are being vague, i bet it was more than just 2 seconds because they are being vague.
Some racing series have 3% rule to qualify, ie. within 3% of the best time, for 1:30 lap time that is 2.7seconds, in other words this AI wouldn't even qualify. :)

All that being said, great work! Got to start from somewhere.
In theory AI could become better than humans, but then again AI will most likely always lack intuition, so could well be that a human will always surpass AI.
Nevermind that a very highly skilled human with very high motivation can do some insane reaction and completely remove the guesswork some of the time when surpassing the limits, ie. see Ayrton Senna. For AI we'd need sensor capable of few ms polling rates with data returned, then compute all the data within few milliseconds and then some insane fast and accurate servos to achieve that level.

Few millisecond polling rate doesn't sound like much until you realize that for example USB has 90ms, PS/2 is in theory capable of 5ms, and serial port even faster, but that doesn't account for data transfer rates.
There's a reason why we cannot even build a simple ECU/EMS with standard off-the-shelf hardware: Polling rates are too slow.

Comment Re:On the one hand... (Score 1) 316

US:
Domains are being taken completely off the hands of the owners without due process, not just censored.
Censoring happens via DMCA in avery widespread manner, "under penalty of perjury" doesn't do much to stop abuse.
US tries to impose it's laws and regulations to other nations.

At the opposite is countries which are trying to cut off themselves form the global internet.

But there is also countries which have total freedom on internet usage, we don't just see it on news because they don't censor etc. causing debacles like that.

I would prefer all countries in the world have a say, in relation to their populace connected, with streamlined same rules for everyone.
Currently as a business owner i find it sometimes overwhelming trying to conform to a bunch of different laws different organizations are attempting to enforce on us at times. Sometimes our upstream providers laws have direct conflict with our laws, and the situation gets very delicate not to break either our law nor our upstream provider's.

A intergovermental, global organization could make rules the same for everyone, and this would help greatly businesses to provide services. Probably also would make it easier for companies like Netflix to provide their services globally.
BUT only if it's a sensible, sane organization, not under the influence of US corporate lobbyists. It also needs to transparent, so thinks like SOPA, ACTA, PIPA, CETA cannot be sneaked in.

Comment Re:Good riddance to geo-blocking (Score 1) 206

and in many countries that is illegal because you are circumventing copy protection.
Illegal even if making backups or converting to another media for playing it on different devices is legitimate.

Here in Finland you are permitted to make anyway you wish a backup of any copyrighted material for your own usage.
Just the bypass of copyprotection is illegal, but there is no punishment for that.
Also downloading anything/gaining a copy of protected is legitimate for the individual, but distribution is illegal, which in some rare cases does result into fines or even jail time.

To add insult to the injury, every single CD, DVD, BluRay, any media to what you can save data, includes a copyright fee so you are free to copy for your own personal usage.

Businesses can purchase non-copyright fee media for backup purposes and other proven legitimate uses. Also many order media directly from Estonia to avoid the copyright fees.

Comment Re:It's not just games (Score 2) 206

Someone mod parent up and quick!

Exactly what is going on globally everywhere.
Just couple days back here in Finland i read news that a online TV broadcasting firm is being sued for copyright violations. What they did was rebroadcast the channels over internet, allow recording etc. basicly a TiVO/DVR via the net. For each customer there was even a receiver attached to stay on legal side.

They were sued by all major finnish tv channels, even our BBC counterpart which is funded by actual taxes starting 1st of Jan, 2013.
They did not rebroadcast paid channels, only free channels.
All the channels stood only to gain if they just worked with the internet broadcasting company, which has been under discrimination and persecution ever since it's inception.

They also provided access to Finns living elsewhere in the world, because things are so shitty here (A lot of it has to do with taxes and how those taxes are spent). A LOT, and i mean A LOT of finns move abroad, some of them eventually come back like my dad, some frequently visit finland, but many of them never comes around anymore.
It was the only means for "out finns" to watch finnish broadcasts. In that case however it's questionable legitimacy as "out finns" don't pay the public broadcast tax, but ad sponsored channels again stood to gain a lot. Ethically and morally i think "out finns" should be eligible to watch any Finnish TV or Radio channel for free, after all those are the very same guys taking the finnish culture out there - so why should we deny them from appreciating finnish culture in the form of TV or Radio?

Comment Re:Net energy? (Score 2) 580

Doesn't matter really, because for wind farms, solar etc. this is way better store of energy than batteries.

1) Build a huge ass solar plant in desert
2) Have these turn it all into gasoline
3) Haul the gasoline on cheapest energy consumption method to everywhere in the world
4) PROFIT

OR

Have an existing wind farm/solar plant but it produces more at times than can be consumed nearby. Use these to turn the excess into gasoline. When there is no wind or sun shine burn the gasoline to supply the baseline, all excess gasoline sell at the pumps :)

Comment Re:recipie for disaster (Score 1) 391

I'm sorry but i got to say you don't have much experience driving cars hard, while better cars WILL make you faster, you should be able to take a corner of your description.

Learn counter steering, weight transfer and get a feel on the car, most modern cars, even sport cars, lack a proper feel. If you want a new car to learn with i suggest GT86 from Toyota, excellent response from the chassis i hear. Doubt it's anywhere near what the car's icon was, but closest thing to the real if you want a new car.

Not sure what's tight roundabout in your sense, and were you trying to go full 360 on it, or straight, or a 90 degree turn to the right, ie. the first out.
Now, go and do the same on snow (with STUDDED tires also containing friction ribbons or whatever they are called in english) and take it at 80km/h entry speed maintaining at least 60km/h exit speed if you are taking first or going straight.

Better yet, take a small, nimble, agile RWD car to a track day, you WILL have a blast while learning to drive better. Just start slow and at each lap go slightly faster. At the go too you could take it to a tiny autocross setup and learn dynamics of grip and weight transfer.

But you are absolutely right, regular cars have a boat feeling to them. I got gifted a Calibra as a daily driver, it's sufficiently old that it only has ABS and very low fuel consumption so i use it for daily driving etc. while my proper cars are at garage, it's absolutely terrifying experience at any speed above crawling when exiting corners, being automatic and FWD. Fortunately i'm going to use for the winter my '83 Corolla with a '97 1.6L 20valve VVT-i engine, roll cage, heavily modified suspension, heavily stiffened chassis with about 160whp and now that i finish this round of upgrades HOPEFULLY weighing in at just 840kg :)
The next model of that car is still the best in F-group rally. Shares same chassis bottom plate even, almost everything can be just bolted in from the next model to this older model, but this older model as Sedan model is some 150kg lighter from the factory.

Slashdot Top Deals

One good suit is worth a thousand resumes.

Working...