Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment Evil Things RDRAND Could Do (Score 3, Informative) 566

Yes, RDRAND could do evil things. It could go play Towers of Hanoi when you execute it. It could Halt and Catch Fire. It could email your MAC address to the KGB. So could any other instruction, if Intel wanted to be malicious, just when you thought it was safe to go back in the register pool.

If the NSA has convinced Intel to do evil things with RDRAND, the most likely one would be to hand out low-quality entropy when claiming that it's high-quality. It's still useful, and like any entropy source, it shouldn't be the only entropy source you use, and you shouldn't use it without hashing it together with a bunch of other hopefully-not-broken entropy. But it's still useful, and as somebody said, the NSA isn't your only enemy.

Especially when you're starting up a machine (physical or virtual), you really need good entropy and you don't have a lot of sources available yet. If you don't trust RDRAND, or even if you do, hash it together with some secret password and the clock and whatever else you've got.

Comment You missed the Golden Age Pulps, I guess (Score 1) 322

Somebody at Worldcon said that the circulation of paper magazine SF is down to something like 20,000 copies/month, from millions back in the day. Short stories work differently from books, and the choices are pretty much to do them in magazines, or in anthologies, or now the internet, but it's a tough market. (And short story writers are getting paid far less per word today, adjusted for inflation, than back in the 50s. The going rate is under 10c/word, while the 3c/word the old guys used to get would be maybe 30c-$1 in today's money.)

Comment Books also have better pictures and audio (Score 1) 322

There are exceptions - "2001: A Space Odyssey" was a better movie than book (even without drugs :-) and "Star Wars" (the original non-re-edited one) was too. But for the most part, the visual effects and sound are a lot better when you're reading a book and playing them inside your head than when some movie producer with a finite budget tries to interpret them.

Comment How can you not read a Wordstar 1.0 floppy? (Score 1) 440

All these mechanisms have their limitations, and if you've ever tried to do real-world data collection from a wide-ranging group of people who have data in random formats, it's a mess. People used to send me tapes in VMS Backup format, or with a duct-tape label indicating which tape it was and an Nth-generation photocopy of what some of the fields on the tape were, or 8" floppies in RSX-11 format. I've got useful data on Sun cartridge tapes, ZIP drives, and several generations of floppies, not that I've got readers for all of them (or ways to plug the readers into my current computers.) My department at $DAYJOB had the last 800-bpi 9-track tape drive in my building 20+ years ago; these days I don't know anybody with a 1600- or 6250-bpi tape drive, though I suspect there are some here in Silicon Valley besides the Computer History Museum and Digibarn.

Data formats rot. Hardware formats rot. The only way to keep the stuff is to keep copying onto newer media, and keep extensive documentation.

Comment X-Don't-Wiretap-Me-,-Bro!: (Score 1) 202

Yeah, that'll work.

Protecting your messages with crypto is a start, and using traffic mixers like Tor and Mixmaster to resist traffic analysis, but it's a hard job when the Bad Guys have Moore's Law on their side and unlimited unaccountable budgets and politicians who want to keep it that way.

Comment Big Government is a Right-Winger thing (Score 1) 202

Look, you right-wing trolls like to talk about how liberals and progressives want big government, but we're dealing with Bush's Homeland Security Mafia here, and the right-wing Drug War, and the right-wing Big Military-Industrial-Complex which goes conquering other countries on behalf of Big Oil and Hating Foreigners. And you guys talk about "Intellectual Property" like it's as sacred a thing as owning real dirt property that we stole from the Indians, so the Copyright Police are as much your fault as they are the liberals' fault. And if Obama were actually a liberal, we'd have some Hopey Changey Stuff and the warrantless wiretappers and Gitmo torturers would be in jail, instead of him telling his Justice Department to defend the Bush Administration policies.

Comment You secure it with Crypto, not Guns. (Score 1) 202

You and your friends don't have enough guns to outgun the NSA (who are typically not armed), much less the FBI, Pentagon, and Copyright police. If you want your data not to get wiretapped, you need to use crypto, end-to-end, and use various traffic analysis obfuscation services in the middle, and get enough people doing it to have some actual cover traffic (because being the one person using an anonymity service doesn't do the job.)

Comment I had to stop using them :-) (Score 1) 290

For a few years I tended to use "linksys" as my mobile data ISP, and from my apartment I can usually see 5-10 other wifi nodes, so if my DSL was down or my wifi router was hosed, I could borrow from a neighbor, and vice versa. But when 802.11g came out, and especially by the time 802.11n came out, most of the wifi modems started strongly encouraging users to set up authentication; I don't think I can connect to any of my neighbors' networks any more. (And I eventually had to get 802.11n because the signals seem to be enough stronger that my laptop connections would drop if I was in the dining room where my neighbors' routers would drown out my 802.11g.)

Since then coffee shops have become much more reliable sources of connectivity than random linksys boxes ever were, and I've got data on my phone so I can check email if I have to.

Comment Getting telcos to do the expensive fix (Score 1) 290

Back in the 1980s, I had two phone lines at home, one for talking, one for a modem for work. The modem line started having trouble, and wouldn't sync up at 2400 baud any more, just 1200, and the telco had trouble with my explanation about the problem ("What's it sound like?" "It sounds like }}}iii}}i}}}") so they told me it wasn't a data-rated business line anyway and blew me off. Eventually it reached the point that it sounded like "KKXKKTHKKHKKSSHHHKKXKK" on voice calls, so they came out and fixed the drop line that was rubbing against a tree trunk and after that it was fine. Another friend who did computer connectivity for a university in Utah had to explain to some of the non-big-city telcos what "phase jitter" sounded like.

I've had a bit of dealing with Bell Canada, mostly when customers wanted to put call centers into old fishing villages where anybody still in town would be happy to take a call center job and spoke good English. Most of the problems were just getting cable diversity into places where it had never been needed before and the geography might not support it, but we also had trouble getting T3 lines into some places, because we wanted an actual whole T3 for data, not just a bundle of voice T1s, and there was mux equipment left over from the early days when T1s were bundled into 6 Mbps T2s which were bundled into T3s, so you really couldn't get all the bits for yourself.

Comment Unbalance of caps vs. bandwidth (Score 1) 290

If you're downloading a steady 1 MB/sec (so 8 Mbps, ~half of your 15 Mb/sec "official" cable speed), you'd blow through that 74 GiB in less than an 86400-second day, and hit your 250GB monthly cap in 3 days or so. At 1 Mbps (so FAR less than your 15 Mbps), you'd still hit your monthly cap (though maybe you wouldn't hit 300 GB.) You're probably not going to do that watching TV or downloading movies for yourself, unless you're really watching two full-4.7GB movies a night, but if you're running a good bittorrent connection you probably wouldn't have trouble hitting that.

Hollywood produces about 600 movies/year, so that's a bit under 2 movies/day; you could watch ALL of them on a 1 Mbps download if you didn't mind waiting a couple of days during busy release weeks. (I think that's studio movies, not counting indies that haven't gotten past film festival distribution.) Bollywood produces about twice that many, and the world output is something like 2500 feature films/year. (That's not counting pr0n, or non-studio movies that don't get into theaters, or home movies on YouTube, or whatever... That's a lot larger than Hollywood+Bollywood+Europe+HongKong, and most of it will only get watched on DVD or the Internets.)

Comment Retiring Old Mobile Phone Protocols (Score 1) 290

Believe me, your wireless companies would like to retire the old protocols as fast as they can scrape up the capital budget, at least in the cities and medium-large suburbs, though less so out in the boonies.

The issue isn't just selling you an iPhone N+1 to replace your iPhone N-2 or have your tablet hit your monthly bandwidth cap in 2 days instead of 5, it's mostly that the newer protocols use their radio bandwidth a lot more efficiently, so if they can migrate the 2G and 2.5G users over to LTE or at least 3G, they can reuse the spectrum that's tied up handling older-protocol users.

They'd also be happy to migrate HSPA+ users to LTE, partly because of spectrum efficiency but almost as much because everybody's marketing says that "4G is Much Better Than 3G", so they're stuck scrounging up bandwidth to reallocate to LTE without messing up the HSPA+ users who haven't migrated yet and who might change carriers if their service degrades.

(Disclaimer: I work for AT&T, but not in the cell phone part of the company, this is my own opinion and not the company's, blah blah blah, and as far as I can tell, all the major carriers are roughly in the same bind on this issue, though the non-GSM carriers have extra incentives to move to LTE.)

Comment Two different ISPs at work (Score 1) 290

Until recently, when we started doing some new cloud projects that have their own connectivity, I had two different ISP-equivalents at work. One was the Corporate IT department network, which connects to my desktop, the corporate email, internal web servers, and firewalled access to the public internet, doesn't have any bandwidth limits other than the 100 Mbps wire to my desk, but has a lot of access filtering to cut out NSFW material, including Dangerous Evil Hacker Sites (I do computer security research - that blocks most places that have useful security tools as well as malware and Tumblr/Instagram/Facebook/Dropbox :-) The other's my lab, which has an unfiltered T3 and a couple of fractional T1s we use for testing, and we want to have occasional access to dangerous evil sites, though most of the malware we get is from our test load generator throwing Gbps of ugly stuff at security tools to see when they fall over.

Comment Not close (Score 1) 290

8 Mbps down is 1 MB/sec, so 86.4GB/day, so you could hit a 250 GB monthly data cap by about Wednesday the first week. (I'm running 3 Mbps DSL, but since Comcast keeps talking about data caps, and won't let you run servers at home, I've got no respect for their claims to be 10x faster...) Of course, if they're blocking The Pirate Bay, that cuts way back on their total bandwidth needs :-)

Slashdot Top Deals

The finest eloquence is that which gets things done.