Become a fan of Slashdot on Facebook


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Random Numbers (Score 3, Insightful) 179

That's possible, true.

But it is hard to see that someone would "fix" that problem using the approach given in the code sample. Basically their "fix" only produced 64 bits of entropy for a 128 bit key, which is a 101-level cryptography mistake. It also took more time and was much more complex than a straightforward implementation, which kind of kills the argument about the authors having to work quickly. This is one of those screwups that required thought and effort. I'm left with two possibilities:

(1) The NSA is hiring complete amateurs to write their exploit tools, and they aren't giving any adult supervision (or code reviews) to the products of those amateurs.

(2) The NSA/Equation Group didn't write this code at all.

Comment Re:The basest, vilest (Score 1) 1017

Firstly, anybody that could have wanted those emails already has them.

Secondly "Cybercrime"... is no crime at all if no one is harmed and the information that is put in the hands of those that should have had it to begin with. I mean who would the victim be!? If anyone was ever going to have harm come to them from those emails... it's already happened, the guilty party is Hillary for breaking federal law regarding the security of government communications.. not to mention basic common sense security measures.

Well, maybe we can start with the people who had their names, addresses, social security numbers, and credit card numbers inadvertently released. Maybe they are "collateral damage?"

I find it humorous and a little bizarre that in many people's minds the DNC emails and the emails on Hillary Clinton's private server seem to be one and the same.

Comment Re:Old stuff "discovered" by the ignorant (Score 1) 519

I think the whole idea misses a couple of other important points, as well:

  • Many production processes are highly nonlinear. For any code I write (or any song I write) that doesn't translate into a fixed N minutes of computer time (or entertainment). Especially in the presence of automation, there isn't necessarily a strongly linear correlation between labor hours input and widgets output.
  • The whole innovation process would get stuck. Quickly. Someone would invent a new gadget, say, a computer, and the people acting as venture capitalists would say they needed, oh, five or six of them, and then they would move on.
  • Nobody here has noted that "optimal" doesn't necessarily mean a nice place to live or even a particularly stable one. Maybe the optimum solution for maximizing output is to have minimal agriculture to keep everyone fed and have everyone else writing gaming apps for cell phones. In the presence of a lot of infinities it is easy to imagine ridiculous "optimal" solutions. It is also easy to see a lot of things that we enjoy, like "bacon" or "scotch" being less efficient to produce than say "tofurkey" or "gin". But that wouldn't be any fun at all.

Comment Re:It lost its luster years ago (Score 1) 163

Being in Silicon Valley makes sense if your goal is to obtain VC money. If your goal is to make a successful tech business, though, Silicon Valley hasn't been the place to be for a very long time.

... except that a lot of the infrastructure a startup needs (office furniture, law firms, accounting firms, pr companies, &c) is in the valley and is used to dealing with startups. In a lot of cases your VC can steer you to a pr firm or a leasing firm that will rent you office space -- and you often can pay at least partially with warrants. You can't get that same level of support elsewhere. Yet.

The other point is that most of the top-tier VC firms are in the valley. If you are just down the road from Kleiner Perkins they are a lot more likely to drop by and check you out as opposed to being in Kansas City or Omaha. Keep in mind that the top tier VC firms get literally thousands of business plans per month. They cannot possibly make money and fly all over the country to check out promising startups. But if you are in the Bay Area it is a lot more likely you will get a call back. Same thing goes with acquisitions.

Comment Re:Coding (Score 1) 342

I tought myself BASIC on a little home computer many years ago. Is there not a modern equivalent of doing that? Something that maybe runs on a cellphone so more than rich white kids can have access to it. (I bet there are dozens)

It isn't actually the programming language (although I would love a version of BASIC that ran on a cell phone, just for the novelty value). The big issue is with toolkits and infrastructure.

Consider writing a web page that lets you enter two numbers and displays the product of the two numbers when you hit the 'submit' button. The code behind that very simple web page is a lot more complex than the two-line BASIC equivalent. If you for some reason add persistence to your web page it gets uglier very quickly.

The sad fact is that in our modern world you need to be fluent in not just a couple of programming languages, but also a whole body of other tools and toolkits in order to write interesting applications. That is a formidable barrier to entry that we aren't doing a very good job of solving.

Back in the elder days, before Unix came on the scene and became commonplace, writing code to open a file and read or write to it was ugly and complicated. You quickly got into weird messy stuff about logical and physical record types, weird operating system commands that would create and allocate space for the files in question, and code that looked completely different than code that wrote the same information to standard output. The big awesome insight in Unix was that if you treated a file as an array of bytes you could bypass all of that.

We desperately need a similar set of breakthroughs on how we write software in this fallen world.

Comment Re:Baloney (Score 1) 157


I suspect that the exact signature of the coil whine is extremely system-dependent. Given that manufacturers often change parts even within a given model (especially of parts like capacitors) even "identical" models might have different coil whines. Coil whine is probably also very temperature sensitive, both to ambient temperature and how hard your PC is working.

One other thought is that TFA says that RSA keys can be extracted "within one hour". Does that mean you need to listen to coil whine for an hour to build up a big enough sample set? In which case this is a non-problem because no one ever spends a whole hour doing RSA encryption. Or does the "within one hour" refer to analyzing a much shorter sample? The article is ambiguous.

Finally, if the system jiffy time is small enough and the time to do an RSA encrypt/decrypt long enough one could probably blind this attack by running several cpu-intensive processes at the same time. Or at least make the attack much, much more expensive.

Comment Re:We've got to get off fossil fuels faster (Score 1) 70

My own suspicion is that this survey greatly overestimates the growth rate of electrical power generation and greatly underestimates the deployment rate of renewables.

The economics of renewables are extremely compelling. A wind farm or utility-scale PV array can go from a proposal to actually generating electricity and revenue in six months. Coal plants take more like five years, and even NG plants take about two years. Couple that with the fact that you can partially finish a wind farm and still generate revenue, partially finish a coal plant and you have a big empty building. If you are a bank the risk is much, much lower and that translates to a lower interest rate to finance your project. Given how close the cost of electricity between NG and wind power is right now, even a 1 percent difference in interest rates makes the difference between wind power being profitable and an NG plant not being profitable. And the spread between them is likely a lot more than 1 percent.

Yes, you can explain to the bank that your power plant is dispatchable and will generate electricity even at night or when the wind doesn't blow. They will agree with you and still stick you with a higher interest rate.

That doesn't even begin to take into account that we are still bending the cost curve on wind and solar, while coal plants and NG turbines are a more mature technology that isn't likely to have dramatic cost reductions or efficiency improvements.

Comment "better" is kind of subjective... (Score 1) 317

If "better" means warmer, sunnier days, then you won't get enough rainfall and that will make it difficult to grow food. Unless your "better" weather is perfectly balanced in the 20 percent of counties where there would presumably be more rainfall and you could grow all of your groceries there.

And also, warmer, sunnier weather means drier weather, and drier weather means wildfires. While "fires" aren't weather, they certainly are not pleasant and do not contribute positively to ones quality of life in the short term.

Comment Re:Correct statement, wrong reasoning (Score 2) 281

He's right that teaching every kid coding is a waste of time. Not because coders will become obsolete (who will write the code that writes code for everyone else?), but because not everyone has interest in or the proclivity for coding.

Actually, I simultaneously agree and disagree with this statement. In the sense that teaching kids to code in say, Javascript as a job skill, I agree wholeheartedly.

In the sense that learning to code teaches a bunch of other important skills I disagree. Learning to code is an excellent way to learn general problem-solving skills, and also how to coherently communicate complex ideas.

Although probably the most important life skill that can be taught by learning to code is that all programs have bugs. And that you shouldn't trust software any more than you absolutely have to, and if your navigation software tells you that dirt road through the Mojave Desert is a great shortcut you might want to reconsider.

Slashdot Top Deals

The opposite of a correct statement is a false statement. But the opposite of a profound truth may well be another profound truth. -- Niels Bohr