Please create an account to participate in the Slashdot moderation system


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Good! (Score 1) 507

Let them make what they can of the data. If they can't come up with any substantial, then it validates the data and your theory. If they come up with something you can't counter, then they've found a serious problem with your theory or your methodology which needs to be addressed.

Definitely, let them keep at it. But it's already been a few decades and very little evidence seems to be falling on their side. We can't and shouldn't wait until every single one of them is convinced. 97% of people actively researching in this area are convinced humans are causing global warming*. How certain do we have to be before start to act?

* From wikipedia:
A 2010 paper in the Proceedings of the National Academy of Sciences of the United States (PNAS) ( reviewed publication and citation data for 1,372 climate researchers and drew the following two conclusions:

(i) 97–98% of the climate researchers most actively publishing in the field support the tenets of ACC (Anthropogenic Climate Change) outlined by the Intergovernmental Panel on Climate Change, and (ii) the relative climate expertise and scientific prominence of the researchers unconvinced of ACC are substantially below that of the convinced researchers

Comment Re:Good! (Score 1) 507

I found Hansen's book to contain a good explanation of the science and data telling us that CO/2 is warming us up. Much easier to read than the studies themselves, but still much more detailed than what you get from any journalist. And plenty of pointers to studies if you want to look those up.

Comment Re:Google is evil. RMS was right. (Score 1) 171

The thing is labeled as a "Chrome Experiment". It was the New York Times and Slashdot submitter that decided to advertise it as an HTML5 demo. Yes it uses some HTML5, but the name "experiment" implies it's an attempt to see what can be done with bleeding edge web technologies that may or may not be supported by all browsers just yet.

Comment Re:WEBGL makes the drivers more visible. (Score 1) 503

There's a big difference between the two: a PNG or WebM library may contain exploitable bugs, but they are difficult to exploit because these formats are fundamentally data. GLSL is not, it is executable code which not only has to be run, it has to be run as fast as possible. This means that it's compiled to native code (if you're on an open source OS and not using blob drivers, odds are that it's compiled using code that I worked on). It takes very little in terms of bugs for this to be exploitable, and that's not helped by the fact that the target - the GPU - is typically a horrible design from a security standpoint. This is why 3D was one of the last things for VMs to support, and why they still recommended that you don't enable enable it if you care about security.

News flash for you -- modern javascript engines also go to great pains to make javascript code run fast. Including things like compiling it down to native code. I could see exploiting bugs to crash people's systems, but beyond that I don't see how javascript code issuing WebGL commands is going to be able to do much.

Comment Re:Microsoft should know... (Score 1) 503

Just as with any native code (like a DirectX game, for instance) there is no way to ensure "safety"...although I'd think almost any other attack vector would be easier than WebGL.

I do wonder. Of course it would mean targetting specific GPU vendors, and perhaps specific driver versions as well. But imagine what you could do if you were able to play with DMA... bye bye to any OS security.

This is NOT native code we're talking about here! This is a javascript API that lets you send shader programs written in a high level language to the GPU! Both the javascript code and the shaders are jit compiled (in a modern browser) before being run. The javascript WebGL api has no way for you to get anywhere near a DMA handle. They GPU may use DMA under the hood, but big whoop, GPU accelerated 2D canvases like IE9 has now do the same thing. You can't get any closer to getting your hands on a DMA handle with WebGL than you can with the 2d canvas context API.

Comment Re:Microsoft should know... (Score 1) 503

Put another way -- saying "Oh noes! It lets you run shader code DIRECTLY ON THE GPU!!" is not much different from saying "Oh noes! It lets you run javascript DIRECTLY ON THE CPU!!!". In neither case is anything actually running "directly" on the metal. Both go through layers of interpretation before getting to their respective processors. And there are no GPU instructions that have any way to do anything to files on your machine, just like there are no javascript functions that do.

Comment Re:Microsoft should know... (Score 1) 503

I'm not a security guy, but I think the access that shaders give you to the "bare metal" is a lot less than you seem to believe. The code you write is not some kind of assembly instructions executed directly on the GPU. Even what they call shader assembly code is actually just a low-ish-level language that is first processed by the video card driver. DOS attacks are the main worry, and they're being addressed by ARB_robustness.

Comment Re:I dunno, man (Score 1) 449

Nobody's saying PCs will go away any time soon (well, except maybe that sensationalist headline). But you have to ask yourself how many people have that same need you do, versus the number that, say, need to play Angry Birds? And even people who do need to write a lot, what is the balance of time spent in that activity vs more casual comsumption activities? If the aggregate demand for casual experiences outstrips that for serious productivity experiences, then it stands to reason devices that cater to the former will eventually outnumber those that target the latter.

Comment Re:Awesome stuff, but it doesn't take off like a b (Score 1) 250

Maybe because Slashdot's system for posting sucks and is stuck in the 1990's? Why is there no way to log in *when* you post something? If you've written a nice long informative post then realize you weren't logged in, logging in at that point totally loses your context: the story you were looking at, the post you were responding to, and the response you'd already written. I don't see why Slashdot still makes this such a pain.

Comment Re:Prophecy (Score 1) 764

You need to learn about exponential curves, sonny. Production has been increasing since its discovery, yes, but so has demand. Both have been increasing roughly exponentially. But one of those curves is about to start going down, while the other will continue to try to go up. A video you should probably watch:

Comment Re:Possible hoax (Score 1) 100

Lots of things conduct besides fingers. Could be the paper was treated with dots of some conductive ink. You could use the relative locations of a pattern of conductive dots (which the iPad would interpret as multiple "fingers") to encode a bit of information that tells you what a particular object is. I haven't seen the actual video, but within limits, certainly seems feasible to me that you could do Surface-like things on an iPad. One main limitation will be the maximum number of contacts that the iPad tracks. A lot of multitouch systems max out at 4 touches, some at 10 touches. Not sure what the max is on the iPad.

Slashdot Top Deals

I don't want to be young again, I just don't want to get any older.