Follow Slashdot stories on Twitter


Forgot your password?

Comment Sherlock's theorem (Score 0) 165

Many security bugs are really failures to implement correctly a requirement of the form "No matter what the input to this program is, it must not do X."

This is a special case of Sherlock's theorem:

Once you have eliminated the disallowed, whatever remains, however unintuitive, must be the robust.

It's far easier to debug a sin of omission than a sin of commission. If a piece of code never performs a disallowed function (e.g. leaking memory, failing to sanitize user input) then all failures that remain are sins of omission: the program doesn't actually transfer the file requested, out of excessive restraint on some edge case the programmer never even considered.

Well, the programmer needs to get in there and consider the omission in the harsh light of day. Then the specification document needs to be updated.

And questions need to be asked about the user environment when an edge case is tripped three years into a heavy use cycle.

The only way to achieve software up-front with no failure modes and no functional omissions is to massively gold-plate the validation process, and this rarely works anyway.

I'm never happier writing code than when I'm subtracting stupid.

Comment Re:Not very practical (Score 1) 103

So the next time you appear in a photo consider the fact that a simple procedure might reveal who you are with.

Yeah, I hang out all the time in public spaces with KH-11 prosumer cameras concealed behind 1970s ceiling tiles in every room and corridor.

It's this increasingly common tag line on the article submissions that makes Slashdot news for slack-jawed mooncalves.

Comment Re:Not enough, (Score 1) 415

He committed a crime, there were witnesses, AND he confessed. You don't get any more guilty than that.

Not true. You're a hell of a lot more guilty if a victim harmed by your crime steps forward and presses charges. Meanwhile, back at the office, he did as much to protect the safety of his fellow countryman and soldiers as any venerated war hero known to the public.

Technically, just about every person in Russia sent to the gulags first signed a confession for crimes against the state, if only committed inside their heads.

If that's the standard of guilt, guilt can go fuck itself.

Comment the amazing unicycle with sidecars and yoke (Score 2) 199

I'm sympathetic to PHK, but I could never have written this piece myself without commenting on a single disadvantage of the Chinese wheelbarrow.

You seem to be stuck with one of three problems:
* using a small wheel that won't easily roll over path obstructions
* having the wheel intrude into the barrow, obstructing tending or shifting the load
* having a large wheel under the barrow with a high center of gravity (what could possibly go wrong?)

The large carts at my nearby Costco are set up so that they won't pivot at the front (only at the middle). This is fine if you can find space to make a 90 degree turn on the spot. It's not at all good for creeping around a tight bend. Moreover, you've got both the front and back end swinging at the same time—which is the number of places you can visually attend plus one—so your chances of taking down some rickety display item are fairly decent if try to wing it.

Furthermore, nothing prevents two people from grabbing different handles on the European wheelbarrow. Also, PHK is wrong about the weight distribution. With a heavy load, it's customary to pile as much as possible up against the lip that protrudes over the front wheel in many front-wheel designs. I'd guess an European wheelbarrow front-loaded with wet clay has about a 4:1 lever arm in vertical displacement of the handle compared to vertical displacement of the load.

Wouldn't a Chinese wheelbarrow be something like a small unicycle with saddlebags and a trailer hitch? If you need to clear some brush (where only your wheel fits the path), you've got no way to jack the suspension under the load, either.

And wouldn't it be much harder for short and tall people to share the Chinese design unless equipped with some sort of adjustable handle. Somehow I'm just positive that the Chinese design from 1000 [BC|AD] comes replete with ergonomic dongles for the comfort of whatever schlep needs it next.

But then, with a billion identical people growing rice on ten million identically manicured terraces, I'm sure the Chinese design is a total win.

Comment Android: death by a thousand peeping toms (Score 3, Insightful) 117

No kidding. I had to look through dozens of "flashlight" apps to find one that didn't want my calendar, SMS, internet access, and GPS.

The Android permission system blows goats. It's not just the "all or nothing" approach to app acceptance. It runs deeper. It's also the app store itself, where I can't restrict (or prioritize) search results based on permissions demanded.

Using aSpotCat, under android.permission-group.PERSONAL_INFO I've got AdService, Chrome, Firefox, Gmail, Google Play, Pebble, and RunKeeper. I've had to bail on the installation of close to fifty apps to keep this list this short.

Basically the Android security model deters me from actually installing software, to the point where I no longer regard it as a platform.

This xmas between an Android tablet and an eReader, I'm likely to get an eReader (Kobo here in Canada), which is not a platform either, and doesn't play one on TV.

I was reading reviews that commented that a Kobo Aura is about the price of a servicable, entry level tablet from Walmart. Several of the reviewers commented "you might as well get the full Android platform for the price". What platform? Android is mainly a platform for sharing far more about myself than I wish to divulge with strangers I don't even know. Whatever information is gleaned will never be under my control ever again: it will almost certainly be amalgamated from one low-life to another ad nausium.

I'd be quite happy if not a single vendor knew my location ever, who wasn't providing me with a map for my own purposes (such as RunKeeper). If they need to know, I'll tell them. Yet 90% of Android applications demand to hoover this up and the Google play store provides no mechanism to put these applications on a personal shit list, so that better-behaved applications float to the top of the candidate list.

Android: Death by a thousand peeping toms. Where's well-behaved Waldo? Crushed by the throng. Eventually Diogenes tires of visiting the Turkish baazar and begins to subsist on juniper berries.

Comment Re:Obama forgot he works for the Americans ! (Score 1) 312

He allowed ...

Try again. Frame your narrative in terms of viable choices.

Indicate whether you think that previous health care reform efforts failed because the previous reform-oriented administrations A) didn't try hard enough; B) had the wrong approach and were justifiable opposed; C) accepted failure entirely against their best judgment lacking sufficient political power to ram the bill through (whether good/bad for America); or D) accepted failure when entrenched ideological opposition effectively made America ungovernable (a condition which shows no sign of abating any time soon).

Given the nature of the ideological quagmire, one might reasonably argue that the best is the enemy of the good.

I'm personally of the opinion that the status quo of the American health care system (about twice the cost of any other developed nation) had become permanently incompatible with fiscal austerity, and that America had reached the point where the wrong fix is still better than no fix. If the Republicans know what the right fix looks like, they had their chance and didn't even swing at the ball.

Without the expensive Republican war and expensive Republican banking sector bail-out (with hardly any reform of the banking sector), America could have afforded the status quo health care system for a long while yet.

Reality bites.

Comment nose peas for gasping Aspers (Score 1) 59

after a pilot program in which none of 868 students were hired failed

"What kind of gibberish is that?" It's unemployable gibberish. To start with:

after a pilot program failed in which none of 868 students were hired

It still sucks. No amount of rephrasing will fix it. It's trying to create an infantile shock reaction while tiptoeing around the essential factoid:

The vast majority of the students were from outside the United States, and many were working professionals.

We don't want to think, we just want to gasp at straws.

Slashdot: Nose peas for gasping Aspers, snuff that smatters

Comment Re:Regulations a bit premature (Score 1) 1146

they are already cheaper than incandescents if you aren't as short-sighted as the typical wall-street broker

Try this one. I live in a mild Canadian climate (snow happens, but not often) in an older residence with electric heat. In winter we keep the house at 18 degrees C, almost always warmer than the sea air, which means the electric heat runs intermittently throughout most of the dark season. For this half of the year—which represents 75% of our lighting needs—our little incandescent space heaters are 100% efficient: we need the heat anyway, and it's electric either way.

I've had CFLs in every fixture where they make sense for years and years. The one LED bulb I purchased I couldn't install so it sits in a drawer. It's not rated for installation into a recessed socket because of heat problems. If I hadn't read the packaging closely, my LED bulb would have burned out or degraded in no time at all.

If we had gas heat there wouldn't be an incandescent remaining in any socket used more than twice a week.

But we don't, so your efficiency calculation is just plain myopic concerning our circumstance. But good on you for mocking stockbrokers with your one-size-fits-all efficiency arithmetic.


Munich Open Source Switch 'Completed Successfully' 275

Qedward writes "Munich's switch to open source software has been successfully completed, with the vast majority of the public administration's users now running its own version of Linux, city officials said today. In one of the premier open source software deployments in Europe, the city migrated from Windows NT to LiMux, its own Linux distribution. LiMux incorporates a fully open source desktop infrastructure. The city also decided to use the Open Document Format (ODF) as a standard, instead of proprietary options. Ten years after the decision to switch, the LiMux project will now go into regular operation, the Munich City council said."

Comment Re:Now I feel old. (Score 1) 82

Getting "gobs" of RD-RAM involved fat modules.

Aside from muck-raking HP, The Register also did a lot to raise public awareness of problems with Intel in the P4 era.

Caminogate failure finally explained

RD-RAM was supposed to support three slots, but they couldn't make it work. It was one fiasco after another.

Mercifully, we got AMD64 out of the deal and a healthy competitor until Intel's Israeli team kicked out the CoreDuo.

Intel subsequently played the UEFI card, but it's a dim echo of their original agenda.

Comment everything you can't disprove is true (Score 4, Interesting) 433

The fixation on "best" accepted theory is more about hubris than insight.

The Kolmogorov/Chaitin view is that you should believe every statement about the universe that you can't formally disprove—all at the same time— using an exponentially weighted average based on the minimum description length of each viable description (baroque theories with billions of epicycles are down-weighted by k^-1e9, where k is the mean entropy of your typical epicycle). I don't really know the math, so take that with a grain of salt, but it's at least the general idea.

The standard model is extremely cogent and concise. It will exponentially outweigh practically everything else.

The only reason this isn't used is that we pretty much never know the minimum description length for anything (there's a result where something akin to minimum description is length is formally proven to be the hardest computation definable), and we can't take the exponentially-weighted integral of all as-yet undisproven theories by any convenient method.

Any undisproven theory that comes along with the potential to be formulated as cogently (or nearly so) as the standard model should be regarded as valid until proven otherwise (either false, or irredeemably baroque).

There's no sane reason to impose incumbency politics on theory. Theory is not a vote.

Comment Re:Publish or perish must go (Score 1) 106

Saying "Publish or perish must go" is great, we all like the sound of that. But then what do you replace it with?

Duh, it's not so hard. The scientists could actually bother to replicate more than a tiny sliver of all results published, and citations of papers not replicated could be treated at damning with faint praise.

One thing peer review can not catch is chance aberration in the experimental data (structural aberration is a different matter).

Without actually replicating the significant results, it all degenerates into he said/she said and the act of citation becomes a political act, not a scientific act.

There is practically no funding made available to replicate past results, other than the biggest and most important. No prestige accrues from taking this work on, either.

Comment tiresome dweeb (Score 1) 259

What is a cynic? A man who knows the price of everything and the value of nothing. And a sentimentalist, my dear Darlington, is a man who sees an absurd value in everything, and doesn't know the market place of any single thing.

I think this needs updating.

What is a tiresome dweeb? A poster who knows the logic of everything and the proportion of nothing.

That was the point of my first response.

Comment Re: Breach of contract, copyright infringement (Score 1) 259

Tie the copyright to someone's life? So all I have to do to make a copyright lawsuit disappear is to have them killed?

Tonya Harding is on the line, with a prior claim to that idea. I think you should pay up, or else.

You can also kill people to prevent them from voting. Surprised it doesn't happen more often as it's so easy to do.

Comment flamebait for wankers (Score 1) 141

The summary's deliberately phrased to be inflammatory, and imply that she was persecuted for whistle-blowing.

A Google search for "Slashdot" still comes up Slashdot: News for nerds, stuff that matters, but a single story summary this shitty sure puts paid to that aspiration.

For stories like this one, if my account wasn't a pseudonym I'd have to wear a bag over my face just to post here.

Slashdot Top Deals