Please create an account to participate in the Slashdot moderation system


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:Why (Score 1) 921

Wanting to eject Muslims from the US is a political aim

Bullshit. As of now I've yet to see any policy about ejecting muslims from the US.

I was making the point that one need not seek policy in order to be working towards a political goal... and you respond that you don't see anyone seeking policy, apparently completely missing the point.

Comment Re:The sharing of table scraps economy not viable? (Score 1) 144

They're transporting people in bulk, that means some oversight from a public safety perspective is warranted

In some places, taxis are actually subject to some oversight from a public safety perspective. In those places, it's reasonable to be upset about Uber not doing those things well. In other places, they really aren't. There's really no oversight occurring. In those places, it is not reasonable to be upset at Uber, because they at least do minimal background checks in at least most places where they do business. Taxis are not as safe as you imagine, nor are taxi drivers (in any sense.) Taxi drivers who have been reported repeatedly as rapists continue to work, and rape again. With Uber, those people would get poor ratings and eventually be worked out of the system. It's terrible that it takes such a cold, impersonal, and capitalistic system to remove rapists from the transportation system, but that is still an improvement over at least some licensed taxi services.

Uber (as a corporation) is, drivers aside, no doubt made up primarily of sleazebags. But the situation is far more complex than "Uber is dangerous and irresponsible1!!!11!ones!" and complaining about it without acknowledging that seems sophomoric at best.

We'll see if taxis survive self-driving cars.

Of course they will. They will be self-driving taxis. The difference will be your contract terms.

Comment Re:Apples and Oranges (Score 1) 50

It seems 2 different things to me. The content producers and the content distributors are different groups with different specialties. The top producers and physical studios can rent themselves out to Netflix if the deal is right, for example. Neither is stapled to each other.

Most of the top producers today are the physical studios, and the publisher/distributor. That's what this question is about; can new media companies like Netflix and Amazon achieve dominance over the entrenched megacorporations which make the majority of the top-grossing movies today? And of course, the answer is yes. The people who actually do the technical things rarely work directly for the studio on an ongoing hourly basis; companies which make movies which are entirely CG aside, most of the employees are contractors, and it doesn't take an act of God to build a sound stage. Christ, the studios don't even own the camera equipment, everyone rents that from the same small group of businesses.

Comment Re:Five bucks says they get sued (Score 1) 43

Touch the ECU and they'll void the entire warranty.

Sure, they could do that. And then you could take them to court to cover the cost of repairs. And you'd do it in small claims court, unless you were into the big big money because you bought a big expensive automobile, in which case you can afford to go to real court.

Comment Re:Cue Automakers (Score 1) 43

It already is an EPA regulation. Companies, by law, have to make a best effort to avoid people trying to change anything that can affect emissions regulations.

The automakers have to do that. The rest of us can sell auto hacking tools with impunity as long as they have substantial non-infringing use, and our right to develop them is actually explicitly protected by law (even through reverse engineering.) So the automakers might well be prohibited from giving us the information we need to tune the vehicle, but it's legal for us to sniff the bus while they do it.

Comment Re:Five bucks says they get sued (Score 1) 43

I've got a $5 bet that says automobile manufacturers file for an injuction against them and/or sue them and/or file for a DMCA takedown because they're violating copyright.

How long do we have to wait to collect our five dollars from you? They're not getting sued. There's already a ton of devices which do this.

Comment Re:Maybe, but maybe not (Score 1) 144

One has to question the integrity of one or two disgruntled employee's.

Does one? One does not, because we're not seeing reports about Uber by just one or two disgruntled employees. Also, you don't know how to use apostrophes. Someone should take those away from you.

Lets remember that we need to treat all news from the entertainment industry with a grain of salt. There's big money in cabs and it's not outside the realm of possibility that this is part of a concerted attack on Uber.

It's not outside the realm of possibility that you have something valid worth saying, but I scanned your comment, and nope. You're just using FUD against victims.

Comment Re:just like lightbulbs in a transition economy (Score 1) 144

I have a LED lamp and I hate it. Just like I hate my LED flashlight. LED sucks, it's very bright, I guess it would work well in a surgery room but for home it's awful.

You know, ye olde 7W Cree lamps which are just a few bucks now that they're brought out better ones have none of these problems. They are dimmable, they don't flicker, and they put out a nice warm light in a reasonable quantity. There's lots of lamps put out since which are even better.

Comment Re:Scam Alert: Copy of an OBD2 Recorder (Score 3) 43

And a cheaper one, you might add. These Macchina guys are anticipating $55 just for the interface board. But then they claim they made it as small as possible, which is bullshit because it's multiprotocol. They say they made it small so that you could fit it under the dash or hood, but then they went and put an OBD-II connector on it which just takes up a lot of space. If I'm permanently installing it, I can splice into the wires I need. I also don't need protocols I'm not going to use. Then they added an xbee module slot. xbee modules are primarily used for long-range communications. Up close, you use bluetooth or wifi. You can get an esp8266 module which goes into an xbee slot, but the module they specifically talk about is the new cellular xbee module. There's no reason to give the device a cellular uplink unless your plan is to use it remotely.

Which brings us full circle: this device was designed first and foremost to be used as a weapon. It's designed to be installed into a target's vehicle, and to be used to attack the vehicle remotely. We know this because of their choice of wireless interface module standard, which is oriented towards long-range communications, and because the broad multiprotocol support is otherwise at odds with the desire to make the device as small as possible. So is the addition of a soldered OBD-II connector, which is not desirable in many installation types. It is useful, however, if your goal is to connect as rapidly as possible.

Comment Re:"In the wild" - slight exaggeration (Score 1) 125

Umm, that is an uncited claim in the summary. Nothing of the sort is stated in any of the links. The summary links to a paper that provides more details of the attack. Very heavy and technical though a few inital takeaways from it is that implementations only take a few days to run on gear they have so does seem safe to assume that SHA-1 collisions are pretty much pwned.

The Python script in question doesn't find new SHA-1 collisions. It takes two input PDFs and produces two output PDFs that hash to the same value. It uses some quirks of how PDFs work, plus that original SHAttered collision generated by the Google researchers. Finding another collision is a lot of work. Using a known collision to generate PDFs with the same hash value is not.

Comment Re:Turn it off (Score 2) 172

I've spent this weekend trying to repurpose an old laptop as a media/streaming machine, and decided to go Linux rather than Windows. It most certainly has not been easier. Maybe if you've worked with the system for years and know the ins-and-outs it is second nature, but Linux has caused all sorts of issues I wouldn't have had on Windows.

If you've worked with Windows for years and know the ins-and-outs of that system, it's a lot easier to set Windows up than something else. Personally, when I have to set up a Windows system, I have a lot of issues I wouldn't have on Linux.

I know because I had to install a Windows system for the first time in about a decade a few months ago. It took me all day and lots of hair-pulling to figure out how to find and install all of the drivers needed to make the thing run. At the end I was still left with a few devices showing errors in the device manager, which I was simply unable to get working. It worked enough, so I gave up on the rest. The worst part of the process was that right after installation Windows had no functioning drivers, for ethernet, Wifi or USB, which made it really hard to get drivers onto the box. I solved this by booting a Linux LiveCD (which worked out of the box), creating a small FAT32 partition, downloading the ridiculously bloated 250MB (WTF?!?) ethernet driver onto it, then booting Windows again and installing from the FAT32 partition. I have no idea how a Windows guy would have solved that.

Comment Re:What's wrong with public domain code? (Score 1) 39

Stallman may argue that you need to make sure the code is free in the future, but I'd settle for the code being free now.

I don't see any reason they shouldn't do both. They should release it under a good copyleft license, but note on their repository that all source code from the DoD is in the public domain. Those who wish to take the federal code and carefully verify that no non-federal contributions have been added (or who are willing to strip out all of the non-federal code) can use it in whatever way they like, since it's in the public domain. Contributions by others, however, will by default be owned by the contributor but licensed under the copyleft license. In the event someone uses their code in a way that violates the license, they'll have standing to sue for infringement, though the DoD will not.

Comment Re:People without a clue commenting on crypto (Score 1) 185

There's nothing wrong with that use of SHA1, but I can't think of a threat model in which it actually accomplishes anything useful, not because SHA1 is defective, but because passwords are. If an attacker gets the hash, he can almost certainly recover the password. Further, your implied threat model seems to assume that an attacker may be inside the system (which is a good assumption), where he can grab the in-flight hashes. But if that's the case, what prevents the attacker from replaying the hashes? At that point in the system, the hashes are the passwords, they unlock access. So the attacker doesn't even need the user's password.

Also, have you benchmarked SHA256? On modern hardware it's generally cheaper than SHA1. Assuming there actually is a good reason for hashing, you may be able to quiet the complainers and improve performance with one change.

Slashdot Top Deals

"There... I've run rings 'round you logically" -- Monty Python's Flying Circus