Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment But then who audits the auditors? (Score 1) 177

The solution is pretty simple, but often skipped:
1) The reason for every search should be required and logged by the searcher. ...
2) The logs be randomly spot-checked by an auditor(s) who verifies the reasons given by interviewing the person(s) who searched.

But to check it the auditors need detailed access to the records. So who audits THEM?

This kind of question has been asked repeatedly since at least the Roman Empire.

(The U.S. answer to "Who guards the guardians?" , at least for direct abuse of person under color of law, is the Fourth and Fifth amendments and the "fruit of the poisoned tree" doctrine: Fail to follow the law and you don't get a conviction, because misbehaving police are FAR more of a problem for the population than even a lot of violent private-enterprise crooks going back to work. But while it does reduce the incentive, it doesn't block the behavior.)

Comment The invisible hand strikes. (Score 4, Interesting) 123

Not one organization I have ever worked for has seriously cared about IT security.

When it comes to rolling out new products, ignoring security is the norm.

This is because the "window of opportunity" is only "open" for a short time - until the first, second, and maybe third movers go through it and grab most of the potential customers. Companies that spent the time to get the security right arrive at the window after it closes.

This happens anywhere the customers don't test for and reject non-secure versions of the "new shiny" - which means enterprises sometimes hold suppliers' feet to the fire (if the new thing doesn't give them an advantage commensurate with, or perceived as outweighing, the risk) but consumer stuff goes out wide open.

Then, if you're lucky and the supplier is clueful, they retrofit SOME security before the bad guys exploit enough holes to kill them.

I expect this will continue until several big-name tech companies get an effective corporate death penalty in response to the damages their customer base took from their security failings. Then the financial types will start including having a good, and improving with time, security story (no doubt called "best practices") among their check boxes for funding.

Comment Re:Why not coax? (Score 1) 152

And the reason you cannot do this with radio is that the noise from the transmitter is greater than the received signal.

Actually you CAN manage it with radio - very difficultly, with very careful antenna design.

But the combined antenna has to be far from anything that reflects, absorbs, or just phase-shifts any substantial amount of the transmitted signal energy. If not, the discontinuity destroys the careful balance that nulls out the transmitted signal at the receiver. That gets you back to the "transmitter shouts in the receiver's ear much louder than the distant communications partner" case. So it's not very practical in the real world.

Comment Re:Why not coax? (Score 1) 152

Coax is half-duplex too

No, it's not.

With proper impedance matching networks and reasonable termination at the ends of a run you can send separate signals at the same frequency/band of frequencies down a cable in each direction. (Impedance discontinuities DO reflect some of the signal going one way back the other way, causing some interference. But even that can be "tuned out" by suitable corrections if it's too severe to just ignore.)

You can do it on a balanced pair, too. Telephones have done this with audio for more than a century, and I recall encountering a simple hack to do it all the way down to DC back in the days of discrete-transistor logic. (And it has nothing to do with two wires being involved, either. With N (= any power of 2) conductors and "phantoming" you can have up to N-1 balanced and one unbalanced two-way transmission lines on N wires.

Time Domain Reflectometry does this to FIND and MEASURE discontinuities in a cable, essentially firing a pulse down the cable and listening to the reflections, radar-style.

Comment Re:Coming from Detroit (Score 1) 76

There is no security on the CAN communications of any modern vehicles that I know of. Any person connected to the bus can masquerade as anyone else.

That's why Tesla has several layers of bus, with firewalls between them, inside each car.

Get on one of the buses, you get to tweak the stuff on THAT bus. But you have to convince a firewall you're cool (i.e. doing something the firewall recognizes as legitimate) before it forwards your transaction to anything on even an adjacent bus.

Comment Not quite the end of the story. (Score 1) 326

In most countries the government is in charge of health care and they have a VERY easy way to regulate price gouging such as this. In any single payer system the national health service basically sets the price they are willing to pay and that's what it costs. End of story.

Well, not quite.

In any price control regime, the authority sets the price, and there are three options:
  1. They HAPPEN to hit the "market clearing" price on the nose.
  2. They set the price lower.
  3. They set the price higher.

1. is a small target, and very hard to get right even if you're trying. (Even market economies only get there by constant feedback in the form of purchase decisions.) Further, there are strong political pressures on regulators on where to set prices, so they aren't even trying. So 1 just doesn't happen.

2. means the consumer gets gouged. (But now he can't go to some competitive supplier to get the product or service at a better price. EVERYBODY who is selling is selling at that price. So the gouging is institutionalized. The only way to get a lower price is to apply pressure to the regulators (see 1.) or go to a black market (with lots of risks, including issues of quality, reliability, contract enforcement, and bad encounters with law enforcement and the rest of the legal system).

3. is where the regulators usually end up. But a price lower than market-clearing means suppliers chose to spend their resources supplying something else, so the supply dries up. You could buy it at a sale price IF you could buy it at all. But it isn't available, so you can't buy it at any price.

A free market has its own problems. For starters, with a single supplier (a monopoly) market forces encourage gouging. With two suppliers they encourage an approximately even division of the market (a duopoly) and, again, gouging, with only price signals, not collusion, to coordinate their behavior. The incentive to engage in competition that drives the prices down to market-clearing level doesn't appear until there are three players, and doesn't become strong until there are four or more.

(Unfortunately, US regulations generally have a built-in assumption that two suppliers are "competition". Thus you get things like the landline/cable internet duopoly, or the built-into-channel-allocations local duopoly (collapsing to local monopolies) of the early, analog, cellphone system.)

Comment Knew a math professor without eyes ... (Score 1) 69

Back in the 1970s I was an undergraduate at a highly-ranked math department. One of the professors there had no eyes. (It was a birth defect - they had not formed, and his face was slightly collapsed where they should have been.)

When a student would try to skip doing some part of a rigorous proof by substituting a geometric drawing, the other profs would ask "How would you explain it to [him]?".

This guy was VERY good. But he had a "blind spot" occasionally when a graphic analogy would have pointed him to some existing proof that would apply. (I recall once when he was discussing some bottleneck in what he was working on and another professor pointed out that the troublesome piece of the problem was equivalent to an angle trisection with compass and ruler.)

Comment Re:Seven phucking photons? (Score 2) 106

Can you please convert that to Olympic swimming pools or football fields? I am american. Thanks!

So am I. Let's see...

10,000 gram moles of x-ray photons...

Take 22 pounds of hydrogen. Turn each atom of hydrogen into an x-ray photon.

Hydrogen bombs do something like that... But let's use total annihilation because the numbers are easier to find.

1 gm of antimatter + 1 gm of matter -> 43 kilotons of TNT equivalent. So call it 21.5 kilotons per gram.

Energy equivalent of a proton's mass is really close to 1 GEv. We don't know what energy x-rays they were detecting, so let's use the energy of photons from a typical dental x-ray machine: 70 kEv. So 10^4 * 7*10^4 / 10^9 = 0.7 grams of energy, or about 15 kilotons of TNT-equivalent emitted per measurement interval.

The Hiroshima bomb was estimated at 15 kilotons, Nagasaki at 20. So call it "Almost exactly one Hiroshima bomb" or "3/4 of one Nagasaki bomb" of x-ray energy released during the observation interval.

(Or maybe boost it up a bit, because I assumed perfect efficiency for the x-ray telescope's mirrors and detector, which I suspect is quite optimistic.)

How's that?

Comment Re:uninstaller unrunnable in safe mode (Score 2) 387

I don't know any company that's fallen further or faster in consumer esteem (once upon a time, a time I still recall, HP calculators represented the pinnacle of consumer esteem) except perhaps for the Hudson's Bay Company, but to comprehend that story you have to know what it once owned: a list of assets many nation states would envy. They spun off oil companies, railroads, real estate. What did they keep? Zellers.

Two words: Carly Fiorina.

Comment Re:Not "exactly" humane (Score 1) 429

Easiest method is car exhaust into a closed container via some tube.

Not since emission controls got good. There's essentially no CO (or NOx) in exhaust these days (unless, sometimes, if the car is in the sealed room and also breathing its own exhaust.) It's just a hotter and wetter version of the CO2 suffocation method.

Comment Re: F-35 is an amazing airplane! (Score 1) 192

Stealth sucks when there are multiple radars from different aspects, or using longer wave radar that stealth can't hide from.

Or radar systems where the transmitting and receiving system are separated: Those shapes are all about sending the radar signal anywhere BUT back where it came from.

(Or is that what you were talking about when you said "multiple radars from different aspects"?)

Of course the shapes are really good at their intended reflect-it-somewhere-else mode. (The engineers knew they had it right when they opened the hanger one morning and found a bunch of dead bats that had crashed into the airframe during the night. The shape had the same effect on bat sonar.)

Slashdot Top Deals

It seems that more and more mathematicians are using a new, high level language named "research student".