Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment Re: Pierson's Puppeteers (Score 1) 591

Another is if it pushes the heat toward areas of weaker insulation and away from areas of stronger insulation. If the outside is cooler than the inside, then the temperature will leak out more rapidly. If the outside is warmer than the inside, then the warmth will leak in more slowly.

You're exactly wrong, and I'll try to show you why:

Consider your two premises for the "hot outside" situation:
(a): There are (at least two) areas with different insulation, and
(b): The outside is warmer than the inside.

If the air is still, you will reach an equilibrium, where the weak insulation spot can't easily cause more heat transfer to the air on the inside, because the air on the inside is already pretty hot. You end up with a room with areas that are hotter than others, and heat transfer within the room is mainly radiation and not convection.

Now, if you circulate the air on the inside, you provide cooler air to the (a) areas. Cooler air which can absorb more heat from the outside. You've disturbed the equilibrium, and go towards a new one where all the air in the room is subject to being heated through the (a) spots.
In effect, you create a convection oven, which works precisely on the principle of bringing cooler air to the heating elements.

Comment Re:Always one (Score 1) 57

Do you use Directory Services of any kind

Not for anything security related. DNS as an example of a hierarchical database is useful. But if you have to be certain that you are talking to the correct remote host (due to possible corruption of the DNS system) it's better to use an authentication system based on something external to that. And there are better models than hierarchical for managing key and certificate exchange and peer to peer trust.

Submission + - BleachBit stifles investigation of Hillary Clinton

ahziem writes: The IT team for presidential candidate Hillary Clinton used the open source cleaning software BleachBit to wipe systems "so even God couldn’t read them," according to South Carolina Rep. Trey Gowdy on Fox News. His comments on the "drastic cyber-measure" were in response to the question of whether emails on her private Microsoft Exchange Server were simply about "yoga and wedding plans."

Perhaps Clinton's team used an open source application because, unlike proprietary applications, it can be audited, like for backdoors. In response to the Edward Snowden leaks in 2013, privacy expert Bruce Schneier advised, "Closed-source software is easier for the NSA to backdoor than open-source software," in an article in which he stated he also uses BleachBit. Ironically, Schneier was writing to a non-governmental audience.

Comment Re:Presumption of Innocence... (Score 1) 55

Actually, I can presume anything I want about anyone I want. I just can't act on it. That's when the evidence has to be presented to a court (usually via law enforcement authorities, but that's not a hard and fast rule). The court can then issue warrants, if they believe the evidence constitutes sufficient justification for further investigation or arrest.

I have security cameras on the front of my house. They snap pictures of everything that passes in front of them. Should a burglary of my house or the neighbors occur, it is quite reasonable that the police/courts will base further action upon the stored video that might reasonably be related to the crime. Same idea with the iPhone.

Comment Re:Sketchy (Score 1) 43

How is this not some kind of insider trading and/or pump and dump scheme? Only company principals would have access to this type of info and it's not legal to divulge such prior to public filings... SEC should look very closely at who has established short positions in this security.

As long as it's an independent researcher, it's fine. No reason you need to be an insider to spot security flaws. That's how the stock market works: you have all the companies engaged in just-borderline-legal puffery, exaggeration, and hockey sticks, and you have the short-side researchers trying to spot the biggest liars. It works well overall because the analysis becomes public quickly enough, giving ordinary investors a chance to learn both sides of the story.

Not so much from a white-hat security perspective, of course. But as long as they aren't working for the company, nor of course out there exploiting the flaws to kill people, they're OK. It's not insider trading if you're an outsider.

Comment Re:Not sure Microsoft is to blame (Score 2) 216

"All" might be hypebole, but they got rid of the vast majority between 2014 and the 2015 mass layoffs. I knew several people who were affected. SDT isn't really a role there any more any more: some made the transition to SDE, some found one of very few remaining niches, most were out of luck.

It really sucks because most of the other big employers in the area also don't have QA (or very few), since we're all smoking the DevOps crack: managers pretending you can just hire devs, since they're smart enough to do QA and ops. Stupidest fad ever.

Comment So you have to disclose it to the government (Score 1) 25

30.8 5G Provider Cybersecurity Statement Requirements.

(a) Statement. Each Upper Microwave Flexible Use Service licensee is required to submit to the Commission a Statement describing its network security plans and related information, ...

So the applicant has to publish his whole security architecture in order to get a license.

On one hand this conforms to the best practices recommendations of the security community: Expose the algorithm to analysis and keep the security in the keying secrets.

On the other hand this gives the government the opportunity to pick-and-chose only those systems it can break.

Oh, gee. Which way will it work?

Comment Same model NAME! (Score 1) 30

Latest phone supported is the international version of the Galaxy S III (I9300) ... Note: The U.S. version of Galaxy S III is a different motherboard and chip - the same model number on a different device.

The same model NAME on a different device. Model number is different, which is how you tell for sure you got the right one.

Comment One word: Replicant (Score 1) 30


Android. Fork of Cyannogen Mod that is fully Open source. Even the drivers and firmware. Latest phone supported is the international version of the Galaxy S III (I9300) (2G and 3G but no 4G LTE). (Note: The U.S. version of Galaxy S III is a different motherboard and chip - the same model number on a different device.)

Stable release is a couple years old (4.2) due to thinning of the development crew. But the project got new blood (post-Snowden) and a 6.0 port (for the 19300 so far) is in alpha.

Some devices (WiFI, Bluetooth, user-facing camera) require closed firmware, which you can load separately. (It's supported but not distributed with the base distribution.

Some (3-D graphics acceleration, GPS) are just not supported. (Use 2-D graphics and, if you really want your phone to know where you are, a plugin GPS device based on a different chip.) GPS is not supported because the phone's GPS chip also requires a proprietary CPU-land driver, which is an open-source no-no.

Comment I remember farther back. (Score 2) 67

Sigh, I remember when Slashdot used to be a news place for Nerds and not this stupid political bull crap of pointing fingers at one another.

I remember farther back. (Note that I have two fewer digits in my I.D.)

It's always been like this. We may have a few more professional grass-roots trolls now that we have a couple orders of magnitude more eyeballs. But come politics season people's political leanings come out.

Face it: Politics IS "news for nerds" and "stuff that matters".

Comment Re:For the percentage impaired... (Score 1) 82

Can you link to something authoritative so I can cure my ignorance?

Sorry, I didn't find anything definitive either. However, it follows from the normal use for ratios less than unity. The only difference is the magnitude. Taking "two times" to be equivalent to "200%", and "1/2 times" (or simply "1/2") to be equivalent to "50%":

50% as fast (as the original) = 1/2 (times) as fast = 0.5 * original speed
100% as fast = one times as fast = 1 * original speed
200% as fast = two times as fast = 2 * original speed

50% faster (than the original) = 1/2 (times) faster = (0.5 * original speed) + original speed
100% faster = one times faster = (1 * original speed) + original speed = 2 * original speed
200% faster = two times faster = (2 * original speed) + original speed = 3 * original speed

The expression has two parts. The first can be either "X%" or "X times", both relative to the original amount. If the second part is "as fast" or "as much" (etc.) then this is the final result. If the second part is a relative term like "faster" or "more" then this implies addition, and the first amount, after multiplication, is the difference between the result and the original amount.

Few would disagree with the statement that "50% faster" is equivalent to "150% as fast", and not "50% as fast", but for some reason many become confused by "200% faster" when the formula is exactly the same.

Comment And individuals should have no limits either. (Score 1) 67

Candidates have some limits, but PACs lost those restrictions in the suprime court ruling known as Citizens United.

And ordinary citizens shouldn't have limits for the same reasons - but didn't have the big pockets to argue that in court like the organized lobbyists do.

Campaign spending limits are a bait-and-switch. They pretend to level the playing field by cutting down the big spenders' power. But instead they block the grass-roots' influence - individually or when organizing - while leaving the rich able to circumvent them, and (by building a complex paperwork maze to navigate) give incumbent politicians a further massive advantage against upstart challengers.

What they're really about is helping those currently in power STAY in power.

Comment Re:$70K sounds pretty low (Score 1) 67

I don't claim to know any political internals, but $70,000 to get legislation that you basically write yourself passed sounds extremely low.

Part of the POINT of government corruption is that the cost is low compared to the benefits.

If using the money to actually build something consumers wanted to buy had a better return - and politicians didn't gate-keep and demand ransom ("rent-seeking behavior"), businesses wouldn't spend a dime bribing politicians - or at least those that did would be out-competed and driven out of business by those that didn't.

Politicians know this, and set their prices accordingly.

Comment Huh? (Score 1) 67

The more that ISPs seek to rewrite the rules in their favor, the more likely it is that the citizens will ignore those rules.

I give up. How do we ignore those rules?

Start our own ISPs - and get everything seized by the government for failing to play by their rules?

Hack the infrastructure - and get busted for "stealing service" or "unauthorized access to a computer system" - and get everything seized by the government, plus a felony conviction and the resulting revocation of constitutional rights for the rest of our lives?

Did you have something else in mind? I'm really confused about what you mean.

Slashdot Top Deals

The only problem with being a man of leisure is that you can never stop and take a rest.