Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Hash indexes are faster than Btree indexes? (blogspot.in)

amitkapila writes: PostgreSQL supports Hash Index from a long time, but they are not much used in production mainly because they are not durable. Now, with the next version of PostgreSQL, they will be durable. The immediate question is how do they perform as compared to Btree indexes. This blog has tried to answer that question.

Submission + - US Secretary of Defense: Climate Change National Security Issue (propublica.org)

omaha393 writes: Secretary of Defense James Mattis identified climate change as a national security risks to the Senate Armed Services Committee, according to unpublished comments sent to the Senate Armed Services Committee. Secretary Mattis joins several scientific and policy experts as well as the Pentagon Study urging action to address climate change. While Secretary Mattis’ position seems at odds with other members of the White House cabinet, this is hardly the first time Mattis has offered contrary opinions on major policy decisions. Other members of the cabinet, including Secretary of Energy Rick Perry, have changed their tones on the subject, now supporting the evidence that man-made climate change is real and may pose a threat to national security. How climate change will be addressed under the new administration remains to be seen, as advisors the White House have indicated the administration intends to pull out of the Paris Climate Accords and the recently revealed "budget blueprint" seeks to slash funding to climate change alleviation.

Submission + - Trump's proposed budget would result in big spending cuts for renewables (computerworld.com)

Lucas123 writes: The Trump administration's newly released 2018 budget proposal outlining changes to discretionary would likely cut spending on renewable energy. For example, not only does the proposed budget cut the EPA and Energy Department budget by 31% and 6%, respectively, it would also not fund the Clean Power Plan and other climate change programs. With the CPP gone, the U.S. would likely see fewer retirements of coal-fired power plants due to carbon emissions and less impetus for the procurement of utility-grade solar power. The good news for renewables: the budget would not have any impact on the solar investment tax credit, carbon tax proposals or state-based solar subsidies, according to Amit Ronen, director of the Solar Institute at George Washington University. Additionally, renewable energy resources, such as solar panels, have gained too much momentum and aren't likely to be deterred by regulatory changes at this point, according to Raj Prabhu, CEO of Mercom Capital Group, a clean energy research firm. For example, even with the dissolution of the CPP, the number of coal-fired generators is still expected to be reduced by about one-third through 2030, or by about 60 gigawatts of capacity, according to the U.S. Energy Information Administration (EIA). Meanwhile, wind and solar are by far the fastest growing energy sectors, which indicates an appetite by utilities and consumers that is highly unlikely to be slowed by regulatory changes at the federal level, experts said.

Submission + - Critical Information for Aviators Bogged Down In 'Ridiculous' 1920s NOTAM System 2

Freshly Exhumed writes: Mark Zee of OpsGroup, an entity that provides airlines and aircraft operators worldwide with critical flight information, has had enough of the NOTAM system of critical information notices to aviators, decrying that it has become 'absolutely ridiculous. We communicate the most critical flight information, using a system invented in 1920, with a format unchanged since 1924, burying essential information that will lose a pilot their job, an airline their aircraft, and passengers their lives, in a mountain of unreadable, irrelevant bullshit.'

Submission + - Google releases open source 'Guetzli' JPEG encoder (betanews.com)

BrianFagioli writes: Today, Google releases yet another open source project. Called "Guetzli," it is a JPEG encoder that aims to produce even smaller image file sizes. In fact, the search giant claims a whopping 35 percent improvement over existing JPEG compression. If you are wondering why smaller file sizes are important, it is quite simple — the web. If websites can embed smaller images, users can experience faster load times while using less data.

While Google didn't aim to improve JPEG image quality with Guetzli, it seems it has arguably done so. It is subjective, but the search giant surveyed human beings and found they preferred Google's open source offering 75 percent of the time. Smaller file sizes and better image quality? Wow! Google has done something amazing here.

Comment Re:The past is not always a good guide to the futu (Score 3, Interesting) 68

Artificial intelligence is highly adept at spotting patterns and making predictions that are much too small and subtle for humans to pick out

But all the patterns that AI extracts are historical. They all assume that the events in the future will be caused by, and will act out, the same things that happened in the past.

The recent past remains statistically a good guide to the near future. Contingency plans deal with the rest. Using the former better saves money and makes the latter *less* likely.

We have seen this with computerised trading: that all they can do is find a past pattern of actions and try to fit that to what is happening now and will continue into the future. AIs have no ability to understand when the rules have changed, or when new and previously unseen conditions need to be applied.

The UKs electricity generation often runs very, very, close to its limits in the winter. Mainly due to cost-cutting: why spend money on maintaining plant and excess capacity when it won't be used?

To employ AI to shave further percentage points and thereby run even closer to the limits simply reduces the margin for the unexpected. And being unexpected, you can't blame an AI for not spotting those patterns in the past.

A dangerous game.

It's more likely about better scheduling/forecasting than cutting any reserve.

Cover for the largest expected single generator failure were increased when Sizewell (nuke) and then Longannet (coal) tripped in close succession in 2008. Maybe better modelling would have had the increased cover in place *before* then and 500,000 people would not have lost power.



PS. BTW, I worked with low-latency traders. I suspect it doesn't work quite how you imagine.

Comment Lots of opportunities like this (Score 1) 68

Here was one I wrote up at the weekend:


Guess what could compute a daily forecast ready to upload to those phones and laptops, just for example, as well as some real-time polling?

Some of it could be based on the data used here:




Submission + - Aquion Energy criticized as another "Solandra" (foxnews.com)

rmdingler writes: Longtime, RFTA-challenged, Slashdot poster, *rmdingler*, reports: A cutting-edge battery maker that received millions from taxpayers has become the latest government-backed energy firm to file for bankruptcy – reviving the controversy over how stimulus dollars were spent under the last administration. Seven years after Aquion Energy received a $5.2 million stimulus-tied grant from the federal government, the Pennsylvania company on Wednesday filed for Chapter 11 bankruptcy. A whole $5.2 million US? Gosh, that's like, a sub-sub-sub Agency's rounding margin for the company Independence Day BBQ.

Submission + - Hey Siri, Flatten the Duck! (earth.org.uk)

DamonHD writes: How could Apple help #FlattenTheDuck and do a little more to combat climate change at zero user cost?

With Apple's tight control over, and integration of, its hardware and software, there are some simple tweaks that it could make to its battery charging controls to effectively add significant chunks of storage to various electricity grids around the world and make them greener and more efficient.

Related adjustments would also help off-grid users of Apple's rechargeable battery-powered devices, from phones to laptops.

Submission + - Robotic surveys resume at Fukushima Daiichi 1 (world-nuclear-news.org)

delvsional writes: Tokyo Electric Power Company (Tepco) is preparing to insert a Hitachi-developed robot into the primary containment vessel of the damaged unit 1 of the Fukushima Daiichi plant. Last month, a Toshiba-developed robot was used to survey the vessel of unit 2.

Submission + - Micrometeorites -- Cosmic Dust In Your Lettuce. (nytimes.com)

SlashGodet writes: Your car is covered with cosmic dust, you eat it on every bite of lettuce. Micrometeorites rain down on the planet continuously, so small and lightweight that they drift down to the Earth’s surface without melting. But the specks have eluded detection by chemical analysis. Mr. Jon Larsen, "a true citizen scientist whose work will aid the global hunt for the tiny specks," found a way to find the dust — a method the experts had missed — he eyeballed it in a microscope! Worried about a hair in your soup? Move up to a better worry.

Submission + - Android Devices Can Be Hacked via New Headphones Attack

An anonymous reader writes: The Android Security Bulletin for March 2017 contains a bugfix for a unique security flaw exploitable via the headphones audio connector that could be leveraged to leak data from the device, break ASLR, reset phones to factory settings, or even access the Android HBOOT bootloader.

The attack is carried out via a modified UART cable connected to a headphones jack, which if connected to a phone's audio connector, allows an attacker to start a FIQ debugger interface. This FIQ Debugger does not need a reboot to become active and is available and responsive to commands even if the Android OS is already up and running. This simplifies exploitation compared to similar multiplexed wired attacks. Furthermore, the FIQ debugger provides users access to a wealth of commands, not available in most debuggers. Google rated the CVE-2017-0510 vulnerability as "Critical," its highest severity rating. Similar research was carried out in 2013, when researcher accessed a phone's debugger via an USB cable without using the actual USB software.

Submission + - How the spammers almost nuked Rosetta@home (BOINC) (bakerlab.org) 1

shanen writes: One of the larger BOINC projects is called Rosetta@home. I can't find my copy of the email broadcast message, but the help-us message mentioned how many computing hours were being lost each day of the outage. Some number too vast to hold in my head, sorry.

The Rosetta@home project was down for several days because of what should have been a minor DNS problem. What should have been a 10-minute correction took 4 (or 5?) days to straighten out.

The URL for the story is not a permanent link, but right now (2017-03-11) it's the top entry there. http://boinc.bakerlab.org/rah_...

My take is that the spamemrs are to blame. Not that the spammers meant to nuke BOINC. Just more of their collateral damage. Let me explain:

It seems that the DNS problem was ultimately due to increased security for domain registrations. The driver for making the domain registration process more secure is that spammers and various other cyber-criminals need domains to abuse. I'm going to lump all of them under the tag "spammers" because the spammers were the first cyber-criminals and because I really HATE spam. Also, I believe that spamming was the entry point (gateway drug?) for most of them, the first step in losing their souls, so to speak, as well as the source of most of their seed capital.

The abuse their domains in MANY ways. You probably know that 419 spammers like to use bulletproof domains to harvest their suckers. The anti-google PageRank attackers want vast networks of controllable domains for the links they can create.

However, in the case of BOINC the threat of a hijacked domain for ANY project is vastly greater. I know it's hard, but imagine there is a bug in the BOINC client. Imagine that bug allows a downloaded work unit to hijack (AKA pwn) the computer. Now imagine that the spammer hijacks the project's domain and captures ALL of the client computers for his zombie network. This spammer now "owns" the most powerful spam-generation system in the world and could probably DDoS attack the Pentagon with his spare cycles.

As a sort of sick joke, I sort of blame Al Gore. If he hadn't been so competent and effective in giving the nice creators of the Internet all that nice money, then maybe they would have considered real-world economics in the design. SMTP didn't have to assume the world is full of nice people who deserve "free" email. (No such thing, per my sig.)

Solution time? Really hard to get all of the worms and cats back into the bag now, but focusing just on email, I think there are two basic approaches. I used to advocate for a non-SMTP-based email system with tracking that would automatically slow down the spammers so their marginal costs would rise to infinity from the present zero, but now I think it's too much trouble.

Instead, what I would like now is an anti-spammer tool that would let nice volunteers donate bits of their human time towards breaking the spammers' economic models. Actually the same tool could be extended to fight against most kinds of cyber-crime, and I still think most people are nice, notwithstanding how much the spammers seem to outnumber us. One implementation would be as a "Fight spam" button added to an online email system (such as Gmail).

If you choose to be a good Samaritan, then it would parse your suspected spam and let you confirm the analysis in a webform. There would probably be several rounds of iteration, where you would adjust and correct the analysis and help select the best countermeasures and their priorities.

As the joke goes, lots of details available upon polite request. Even better if you have a stronger and more constructive alternative.

Submission + - Proposed US Law Would Allow Employers to Demand Genetic Testing (businessinsider.com)

capedgirardeau writes: A little-noticed bill moving through the US Congress would allow companies to require employees to undergo genetic testing or risk paying a penalty of thousands of dollars, and would let employers see that genetic and other health information. Giving employers such power is now prohibited by US law, including the 2008 genetic privacy and nondiscrimination law known as GINA. The new bill gets around that landmark law by stating explicitly that GINA and other protections do not apply when genetic tests are part of a 'workplace wellness' program.

Submission + - Attack Traffic Against Apache Servers Dropping Off (threatpost.com)

msm1267 writes: Malicious traffic stemming from exploits against the Apache Struts 2 vulnerability disclosed and patched this week has tapered off since Wednesday.

Researchers at Rapid7 published an analysis of data collected from its honeypots situated on five major cloud providers and a number of private networks that shows a couple of dozen sources have targeted this vulnerability, but only two, originating in China, have actually sent malicious commands.

Cisco Talos said on Thursday that attacks had risen sharply since word leaked of publicly available exploits and a Metasploit module. But it conceded that it was difficult to ascertain whether probes for vulnerable Apache servers could be carried out benignly.

Rapid7 said that in a 72-hour period starting Tuesday, a handful of events cropped up peaking at fewer than 50 between 11 a.m. and 6 p.m. Wednesday.

“We are really seeing limited attempts to exploit the vulnerability,” said Tom Sellers, threat analyst and security researcher at Rapid7.

Slashdot Top Deals

1 Mole = 25 Cagey Bees