Follow Slashdot stories on Twitter


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Devices should be de-brickable (Score 1) 170

Yes, yes, that's all very clever of you, except for the fact that iPhones do have that. You can reset the firmware, or all the internal storage, from a plugged-in computer. Almost every single byte of internal flash can be rewritten by Apple, or, hell, by an end user with iTunes. (I think the only parts that can't be overwritten are the parts that allow the phone to enter recovery.)

These 'bricked' phones? They enter recovery mode just fine, and all their internal memory can be rewritten just fine. Everything works fine there.

The problem here is that the current time, of course, is not part of a system recovery, because the damn current time is not saved to the phone's flash memory. How would that even work?

The clock in an iPhone operates the same way the clock in a PC operates, in a separate very low-power clock-tracking chip that runs off a battery. (Which in this case is the device battery.) There is absolutely no way to alter this from outside the device, and, really, no device has even needed such an ability before. iOS just has a really stupid bug.

And the way the iPhone is designed does not allow easy removal of the battery, which, really, is the problem here. If Android had this problem, it would be laughed off, 'Just unplug the battery, that will fix it'. But you can't do that with an iPhone.

I suspect that, within days, Apple will have produced a iOS update that can be put on the device (Even after it has been 'bricked'.) that either checks the time and fixes it, or just doesn't have whatever bug is causing this in the first place. (In fact, it should be possible to put a tiny image on there whose sole purpose is to change the clock, and then put the *original* image back.)

Comment Re:Common sense? In MY judiciary? (Score 1) 457

No shit.

I'm all for warning drivers to be legal (Which, it must be pointed out, is applicable to situations besides the police, and can be for all sorts of warnings of road conditions.), but flashing brights at people is *itself* dangerous.

What we need a precedent that turning your lights off for a split second is free speech, not 'driving with your lights off'. (Probably need some sort of threshold of about a quarter second.)

Comment Re:And so, it begins (Score 1) 383

Yeah. I always found it funny that the conspiracy theory brought in the British news media. I mean, it's absurd to give anyone a script, but the British news media?

<sarcasm>Because if there's any group that would just fall in line with the Bush administration murdering thousands of people, it's the British news media.</sarcasm>

I remember when the assertion that one of the terrorists was actually still alive showed up...and my response was 'So you assert the US government, instead of just making up Iraqi terrorists to pin this on to invent a war, used pre-existing Saudi terrorists that they could not confirm were already dead?'

And the less said about the 'using missiles instead of planes' theory the better. Man, was that one silly or what?

There are two kinds of conspiracy theories out there. One that postulates plausible causes for actual events. I mean, Jack Ruby _did_ have mob ties, and the Kennedy administration was cracking down on the mob, so if you want to assert that Oswald did a mob hit of JFK, and then was taken out, hey, I don't quite believe you, but you're not _insane_. That is indeed plausible.

The other kind of conspiracy theory is where you take some event and randomly find 'inconsistencies', which are usually just things said in confusion that are untrue, or misunderstandings of what is going on, or things that are completely normal but don't look normal to people who don't understand disaster, and try to build a massive conspiracy using every single one of them. None of which will hold up to the single question of 'Why the hell would anyone running that conspiracy actually do that?'

Which, in the context of the Kennedy assassination, is basically trying to make there be more other active shooters beside Oswald, elaborate conspiracy theories about misunderstanding of physics and bullets instead of just saying 'Yes, Oswald shot him...but _why_?', which is a much better question.

Comment Re:They have *worse* to hide? (Score 1) 383

I'm suspecting it's doublespeak. He used other people's the sense that they didn't even bother giving each individual person their own login. I'm sure he wasn't technically 'supposed' to have access to some of that information, but that probably means he just copied it directly from some accessible file share instead of using their crappy web UI.

The intelligence infrastructure is a joke. It is a giant uncontrolled operation flailing around randomly sucking up all the data it can, with no controls on anything internally.

And Snowden did a huge service for this country. Not in the information he stole, not in the operations he revealed. That as nice to know, and to all those asshats who assert that intelligence operations need to be kept secret...sure, individual operations should be secret, yes. Not what type of operations and spying exist.

But, anyway, the truely great service is that Snowden demonstrated that literally every intelligence agency in the world already has that information. Trust me, they are, at least, communally, as smart as Snowden, and as it is apparently fucking easy to just be invited to b given access to everything, everyone else already has it.

In fact, considering how shitty the controls apparently are, it makes much more sense for other intelligence agencies to spend their time and effort subverting subdivisions of contractors of our intelligence services than trying to run their own network, letting them use our intelligence resources in real time. Without Snowden, the public at large would have no idea this was happening.

The question is not 'Do you trust our government with all your private information', or even 'Morally, think about how would you feel if you knew the Chinese were doing the esame thing to you, and you'll understand how this makes other countries feel.''s 'How do you like the fact that the Chinese are spying on you, right now, using your own tax money and your own government agencies.'

Because they are. Or, at least, could be if they thought you were the least bit interesting. (Incidentally, 'interesting' to intelligence services is not as high a threshold as people think. Do you, for example, work in the technology field and could conceivably be a useful asset to get malware somewhere they want it? Or have access to proprietary business secrets? Or medical information?)

Comment Re:Air Gaps are Evil (Score 1) 107

Erm, okay, you're talking about something completely different...

...but still not making much sense to me.

The problem is that 'If you instead had a wire to the machine in the room, you could monitor the transactions over the wire. You could ensure a non turing complete language is used in the wire protocol. You can deny humans access. You can apply defense in depth to a wire. No so much to a room full of humans.' you can do _on an air-gapped machine_.

What you have just proposed doing is to put the UI of the secure machine outside the secure machine, and locking down interactions between it and the secure machine...which is fine, but there's no reason you can't put that UI _inside the air gap_. And in fact that makes much more sense.

You, uh, just need two of them in the room. One that people can physically access, and one, locked behind bars, that they cannot, connected via a wire, with an air-gap between that system and the outside world.

This is a bit of an overkill, though. If you are worried about the people who access the air-gapped computer being a weak link, in actuality you _build the UI with security_ (Just like your hypothetical wire protocol, but much easier.) and then don't let them physically access the CPU or disks. (I recommend a external CD-RW drive.)

And you 'analyze' what they do by simply recording the screen and keyboard. Which you can do by either unidirectional wiring or by literally recording it with a camera. Or having watchers.

Or, alternately, if you want, you can do it like I said and just put a UI computer in the air-gap room also. You can even render the UI computer fairly difficult to hijack by building it solely out of read-only storage. It would be the perfect place for some sort of dumb terminal that is just running a web browser connected to the actual secure machine, which is locked up inside a box inside the air-gap and none of the users can get to it.

Comment Re: Some Technical Details. (Score 1) 107

Now I'm imagining someone trying transmit a Skype conversation over the air-gap via audio. Or just the audio, at least.

It seems extremely silly, but then I started thinking about a hypothetical audio bug that literally just relayed the audio _as_ encoded audio...but in a way that was easier to hear through walls and windows and stuff. Like pumping it at higher volume, but at frequencies we couldn't hear. Or doing it much slower (Presumably with some sort of voice activation so it would only record 8 hours of audio a day, or whatever, and could take 24 to play it back.) which would allow more error correction.

Everyone always talks about the high-than-human audio frequencies, but I wonder...if you encode it tight enough, and can transmit audio 24/7 and it's not recording that much, could you possibly transmit it on _lower_ frequencies?

Of course, no one actually knows if this is workable but the CIA.

But transmitting data is easy if you can get someone inside where the data is. For example, I once had a weird idea for an bug that pretended to be CFL bulb, but it would slightly modulate the light frequency in response to audio. I think intelligence services have actually done that sort of thing before, but it was amplitude modulation whereas I'm talking about frequency modulation.

Comment Re:Air Gaps are Evil (Score 1) 107

Do you even have the slightest idea how key signing works?

People sign keys on their own computer. Because you signs someone's _public_ key (Which of course you is freely available over the internet, although obviously you should confirm it is their key before signing it.) with your _private_ key.

There's no reason for _anyone_ to access anyone else's computer while signing keys.

But none of that has anything to do with air-gapped computers, which have exactly no role to play in this. Why? Because people do not take air-gapped computers places and leave them unattended. Hell, they probably don't ever take them places, period. That entire concept is perhaps the ultimate in absurdity.

I know it allows you to feel extremely smug imagining some sort of universe where some other smug idiots take air-gapped computers and set them up and _leave them unattended_ while running around handing out keys at a key signing party, and now you're smarter than them.

However, I am sad to say, you have literally just invented those people out of thin air.

There probably are people who have their PGP private keys on some air-gapped computer...and that air-gapped computer is almost certainly stashed in a safe at their house and otherwise never out of their sight. When they sign a key, they get handed it on CD or USB, and it's carried home with them, signed, and carried back out.(1)

Those people are key signing parties? _Those_ people are not air-gapped, and 99% of the time they're downloading everyone's key off the internet and everyone's just wandering by and confirming their hash.

1) Now, they do have to get the key from somewhere, which I guess in theory introduces some sort of security issue in that they are accessing something externally...but if their computer is so insecure as to be exploitable via inserted CD or USB than their computer is probably already hacked, and it's hard to imagine how that is a security issue while transferring things around a random network is not. You actually can confirm a USB device is legit. (Granted, there are firmware hacks and other fake USB things...but that's why you find some old random flash drive somewhere and use _that_ to actually transfer the files in and out. Or just get a DVD-RW.)

Comment Re:End of November (Score 1) 250

Only true of the government offerings. You can sign up for private health insurance anytime you damn well please. And none of them can turn you down.

Firstly, there are no 'government offering'. Everything on the exchange is private insurance.

Secondly, none of them can turn me down because of the ACA's preexisting condition ban. You know, the ACA, the thing you just hoped would fail.

The important part of ACA is the mandate and the ban on preexisting conditions. The only thing that can possibly cause the ACA to collapse is if the mandate doesn't work and health people choose not to sign up for insurance. Which would cause the ban on preexisting conditions to threaten to destroy insurance companies, as people would only sign up when sick.

The idea that you think 'none of them can turn me down' but you 'hope they don't vote for any extensions and let this thing collapse and fail under its own weight.' show you really have very little idea of what's going. The fact that none of them can turn me down is exactly what could cause this thing to collapse under its own weight, as it tries to insure only unhealthy people. So if it does collapse, I sure as fuck won't continue to be allowed to sign up!

The exchanges are basically a non-important part of the ACA. Every single aspect of it could have been the same without them. The exchanges are just to provide an easy place to purchase insurance, because insurance companies never bothered to set up any sort of place for people to shop before. (Because they did not particularly want individual customers.) And it provides an easy way for the government to verify subsidies.

Comment Re:This will only fix the shiny object (Score 1) 250

You can fiddle with the numbers some, but as long as the truly big cities vote more strongly Dem then vast amounts of GOP real estate vote GOP the GOP is gonna have an edge in House districts.

No. What you're saying was true, in the past.

However, at this point, Democrats are so far ahead it wouldn't actually give the GOP enough of an edge to retain the majority. 'Rural' counties have cities also, and right now cities are being chopped Republicans. They draw a vast rural area, and then a single tiny line into the city to 'eat up' some of the city's Democrats...and do that over and over.

If the districts were actually as compact as possible, following pre-existing political boundaries as much as possible, than the GOP would, indeed, have a slight bias towards them (Both from urban vs. rural and from the fact each state has at least one Representative)...but they'd still lose their majority.

In mid-January if we don't have 7-8 million people signed up on the exchange ObamaCare could look like a total disaster. The GOP could look like saviors for a) getting that annoying website news off our damn screens and b) having a potential solution to the website problem. Moreover in January if the problems aren't fixed Manchin/Landriue/etc. will be under intense pressure to throw Obama under the bus. The GOP will need six Dems to force Obama to veto a plan that solves the debt/budget problems while gutting ObamaCare, and under those circumstances they could get it. Especially if they do a brilliant thing and include some bribes like immigration reform.


Sure, the 2007 Republicans could do that, no problem.

In 2013? Fuck no. That would be compromise and compromise is, I believe, actually unconstitutional at this point, according to the Republican base. I'm pretty certain just speaking to Democrats can be considered treason.

In mid-January if we don't have 7-8 million people signed up on the exchange ObamaCare could look like a total disaster.

A lot of the 'failure of people to sign up' has been completely exaggerate by the simple fact that insurance companies don't count people as 'enrolled' until people have already paid. And, of course, no one is going to pay now for health insurance they don't get until January. They're going to pay for it a few days before the deadline to get insurance by Jan 1, which is December 15th.

This why 'enrollment is in the single digits' and nonsense like that.

And, on top of that, low enrollment is only a disaster if the people who don't sign up are the healthy people. Interestingly, young people are a higher percentage of early signups than predicted. If only 1 million people sign up, but half of them are young health people, I'm sure the right will try to paint that as a failure, but they're going to do that regardless. It sure as hell won't be a failure in any objective sense, as it will drive rates down.

And, uh, 7-8 million is too high in the first place. There were only 50 million uninsured, and a large portion of those are supposed to be covered (But won't in many states) by the Medicaid expansion, and another few million by their employers. And 11 million are undocumented, who deliberately aren't covered.

There are only about 25 million who are supposed to be covered by the health care exchange, and assuming that a full third of them will already have signed up for insurance by the first day it's provided is a bit silly.

Comment Re:End of November (Score 1) 250

The pain it causes will reflect on what a true piece of crap the Obama administration has foisted upon the US, and hopefully, that will be reflected in the next election cycle.

Yes, that piece of crap that will allow me, for the first time in my life, to actually purchase insurance.

That's what I'd do if I didn't have insurance.

Only you deserve to have insurance, apparently.

I don't think the penalties at this point, are worse than paying for the insuranceâ¦so, it would make sense to anyone that does the numbers for themselves, and for many, that is EXACTLY what is going to be the best for them expense-wise.

Which is, uh, why you can't do that. You can only sign up from January to March. (Well, you can sign up early, but you only get insurance Jan 1.)

Comment Re: Raft of failures (Score 1) 250

Do about what? The untrue allegation the CGI Federal was the sole bidder on a contract?

You want to reform the actual problems government contracting, feel free to propose something.

You want to stop this idiotic gibberish of subcontracting out every single fucking thing the government does, count me in. I'll bring the posterboard and stapler to the protest, you bring the markers and wooden sticks.

You want to pretend that the fact that someone in government contracting went to an elite college and happened to be in the same year as the first lady?

Well, first off all, you better have some sort of evidence that that is even statistically relevant, considering that over 1000 people a year graduate from Princeton, and I suspect that rather a lot of them are vice presidents of something or other, and the US government issues a fuckload of government contracts each year.

And just as many graduate from the other colleges and high schools that the president and his wife go to. Together, the president and his wife have been in three colleges and four graduating classes, probably with a total amount of 'classmates' somewhere near 3000. Care to guess how many of those elite college graduates of Columbia, Princeton, and Harvard Law are vice presidents at some company or another?

Care to guess how many of those vice presidents are vice presidents of the tens of thousands of companies that are federal contractors?

Statistically, this is a coincidence. It is noise. It's like Tommy Lee Jones and Al Gore being roommates, except not actually interesting.

And then second, you have to demonstrate that somehow the president actually did influence that decision in some way. (If that is true, I won't even make you prove that this was at his wife's urging.)

It might be fun to find those four contractors who supposedly didn't get a chance to bid (Which is completely unsubstantiated, and not how government bidding works anyway.) and figure out they link to Obama. I bet at least once of them has as close a connection as 'one of their CEOs happened to go the same college as a relative of Obama's'.

Comment Re:This will only fix the shiny object (Score 1) 250

The geography means that voting base would give them the House without any work.

If by 'work', you don't mean gerrymandering.

If districts were assigned randomly, or groups by political boundaries, or even deliberately grouped evenly...the Republicans would lose their majority.

They win whites, they win older people, and they win rural areas.

Actually, there real problem is that they actually aren't winning whites and older people so much anymore. They still have an advantage, but it's fairly weak. (Especially you include 'white women', which the GOP is losing by droves.)

They are still winning rural areas, but the secret that no one wants to talk about is that rural areas are massively losing population, while urban areas are gaining. This has always been a general trend, but has now been accelerated by recession. (Just like it was during the great depression.)

Hence the requirement to gerrymander.

Altho if the Federal Exchange still isn't working in January the political environment might be better for a shutdown.

I have no idea what you mean by 'the political climate'. You are correct in that the exact same Republicans might want a shutdown again. (Although I actually think we're all good until February so that's when it would happen, but that doesn't change your point.)

This would be even more of a disaster for the GOP, though.

Comment Re:Raft of failures (Score 1) 250

LOL. Are you serious?

Do you have any idea the sheer levels of nepotism and cronyism on the right?

President Bush, under the direction of VP Cheney, awarded contracts to the company Cheney previously was CEO of.

CGI Federal, while apparently rather incompetent, has actually been a government contractor for decades.

Not to mention the completely idiotic 'fact' that the president of CGI Federal became a donor to Obama after he got the contract. Yeah, and he became one to Mitt Romney also. Obama, apparently you got scammed there, he's playing both sides!

Comment Re:It may all be for naught (Score 1) 250

I'm not sure that actually matters.

Who has standing to sue that the government can't offer tax credits to people? I don't see any standing at all, either on part of the states or individuals. (Individuals who don't get the tax credit are irrelevant, individuals who do can't sue over something they can just refuse.)

Also, there are people arguing that the Federal government can't give health insurance subsidies to people because the law doesn't say it can, but somehow the Federal government can just ignore the mandate, which the law actually says?! That makes no sense at all. If the government doesn't give them subsidies, then they're _possibly_ excluded from the mandate because they can't find insurance cheap enough, but it still exists as a general rule and people will fall under it.

And, as an aside: Wow, Republicans really are determined to bring the building down on themselves, aren't they?

1. Do not let people in Republican-lead states have Medicare.
2. Do not let people in Republican-lead states have subsidies.
3. ????
4. PROFIT!!!

<sarcasm>That is a really good way to stay in power. It's completely impossible that people without insurance in said Republican-lead states will notice an adjective phrase in common and work to change that.</sarcasm>

Here's a hint, Republicans: You could just ignore the law, or attempt to replace it. But this is the point where you have to stop fighting it, because people can already see how helpful it is.

Slashdot Top Deals

God made machine language; all the rest is the work of man.