Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Entropy Canary (Score 1) 102

I have considered keeping a "Ransomware canary" around. I'm thinking of, say, a Word .doc file on a network drive. A process on some separate computer then checks its entropy on a regular basis, or on file change notification if available, to make sure file entropy has not grown huge.

The idea fails for local files because (as I recall) the more sophisticated ransomware inserts itself as a filesystem driver. That's a likely problem for some of these researchers' heuristics as well.

(Expanding on something I wrote a while ago)

Submission + - Student sues police for fine after refusing Breathalyzer

schwit1 writes: A Michigan high school student who was fined when she refused to take a Breathalyzer test — even though she was only a passenger in the vehicle — has filed a federal lawsuit claiming her constitutional right to be free from unreasonable searches was violated.

The law violates Guthrie’s Fourth Amendment right to be free from unreasonable searches, her Detroit lawyer told NBC News. “Her rights were violated when she was forced to submit to Breathalyzer to prove her innocence,” attorney Mike Rataj said. “That is not how the criminal justice system works. This is a girl who has never been in trouble before and has no criminal history.”

It can be argued that a driver has made a deal with the state, which provides roads and regulates their safe use, and must submit. She however was merely a passenger, and thus any search of her body really does require a warrant, as per the Bill of Rights.

Comment Re: How quickly we forget the 90's (Score 1) 85

Publicly held companies are one of the main ways the "little guy" can save for retirement or his kids' college. They help ordinary people to participate in the capital side of the economy. One of Thomas Piketty's points (whether you agree or not) was that great amounts of income are accruing to capital these days. The situation would be far worse if regular folks could invest only in government bonds.

On the general topic of regulation for publicly traded US companies, I will further add that there is strong evidence it should be reduced. If you look at the growth in the overall market valuation over the last few decades, you will see that much of that growth has come from new entries into the market, like Facebook, and relatively little has come from subsequent value increases (though Facebook itself has increased). That is to say, it shows large segments of privately-held capital are responsible for most of the growth in valuation during the time these firms are held by VCs and pre-IPO (or pre-private equity).

We need MORE ways for the general public to participate in economic growth, not fewer. A scandalous Enron here or there is not worth making IPOs so onerous that everyone avoids them as much as possible, which is kind of the current situation.

Here's an analogy: if you have worked for a giant firm or big university you have probably found many of its procedures or business process sclerotic. How did it get that way? Well, every time something went wrong, somebody asked the question "How can we prevent this problem from ever occurring again?" They then went ahead with the prevention methods without regard to the corresponding cost in organizational flexibility.

Comment Re:In 10 years this will run on phones. (Score 1) 111


What I want is not a computer player that never wins, nor one that wins all the times. Those are EASY to program in comparison to one that CONVINCINGLY challenges you enough that you have to play slightly better each time in order to win, without trouncing you or letting you walk all over it.

Amen. I happened to be trying to tune the Pachi Go AI to something slightly better than my current level just last night. It's very frustrating -- one can control the number of cores and calculation time, and attempt to zero in from there, but each game takes long enough that (even on reduced-size boards) it's a slow process.

Comment Ransomware canary (Score 4, Informative) 124

I wonder how useful it would be to keep a "Ransomware canary" around. I'm thinking of, say, a Word .doc file on a network drive. A process on some separate computer then checks its entropy every few minutes to make sure it has not grown huge.

The idea fails for local files because (as I recall) the more sophisticated ransomware inserts itself as a filesystem driver.

Comment Time Machine safe, for now (Score 1) 109

From the technical analysis section of the research document

In addition to this behavior, it seems like KeRanger is still under development. There are some apparent functions named “_create_tcp_socket”, “_execute_cmd” and “_encrypt_timemachine”. Some of them have been finished but are not used in current samples. Our analysis suggests the attacker may be trying to develop backdoor functionality and encrypt Time Machine backup files as well. If these backup files are encrypted, victims would not be able to recover their damaged files using Time Machine.

So it would appear that Time Machine's current design keeps it's data safe -- for now -- from having one's online backups encrypted. As others have pointed out, that's not likely to last and offline backups are a *very* good idea.

Comment Re:The point is to have informed citizens (Score 1) 209

Fair point. As a mathematician it pains me to say this but I would suggest replacing requirements for trig and geometry with requirements for statistics and computer science. So, of course, as the trig and geometry classes remain available for STEM-loving students to add back in.

Comment The point is to have informed citizens (Score 2) 209

Many posters here are asking what "use" the curriculum could reasonably be expected to have for the students. They are taking the wrong perspective.

As with math classes, chemistry classes, and even literature classes, the point of this would be to have students graduate with a general awareness of how the world works. Those who need a professional level of understanding will almost all enjoy deeper subject material in college.

Here on Slashdot, we often bemoan how the average citizen is uninformed about security, how business managers don't understand why some problems are hard (http://xkcd.com/1425/), and what sorts of things coders need to think about. A class like this is aimed at mitigating those problems.

Comment How about errors and debugging? (Score 2) 187

I feel that one of the weakest points of R is the error handling, reporting, and debugging available.  Do you have advice on tools or techniques for people coding in R (aside from using RStudio?  Are there plans for improvements in this area?  The current facilities are reminiscent, at least to me, of using gdb back in the 1990s.

I have in mind cases like the following, in which a confusion about list access using the [ operator (when the [[ should have been used) provides a cryptic error message with no traceback available.

> symlog_scaler <- list(linear_to=2.5,  abscissa=2.0,
+    scaling_function=function(x,linear_to=2.5,abscissa=2.0){
+        y <- x; linear_to = abs(linear_to); big_ix = (linear_to<x)
+        y[big_ix] = linear_to + log(1+(x[big_ix] - linear_to), base=abscissa)
+        small_ix = (-linear_to>x)
+        y[small_ix] = -(linear_to + log(1+(-x[small_ix] - linear_to),base=abscissa))
+        y})
> symlog_scaler$scaling_function(-5:5)
[1] -4.307355 -3.821928 -3.084963 -2.000000 -1.000000  0.000000  1.000000  2.000000  3.084963
[10]  3.821928  4.307355
> symlog_scaler['scaling_function'](-5:5)
Error: attempt to apply non-function
> traceback()
No traceback available

Slashdot Top Deals

The star of riches is shining upon you.