Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:What videos exactly? (Score 1) 85

People rarely have a lot of love for the party in the position to charge them more; but the fact that a 'search company' apparently can't make any useful promises regarding where your ads will end up is probably not helping their position on this one.

Even in situations where everything is pretty banal; advertisers generally want some targeting of the impressions they are paying for to the audience they are trying to reach. If Google can't demonstrate an ability to avoid certain contexts on request, why would an advertiser believe that they are any more accurate or honest when it comes to targeting certain audiences?

Comment Re:Uhm... (Score 1) 345

Trump's relationship with the truth isn't so much interesting in that it's fairly casual; but in how self-destructive it seems to be.

People lying in order to advance their interests is an issue; but hardly unexpected or particularly abnormal. People who can't stop lying even when they'd be trivially better off keeping their mouths shut are a different matter. Something like the inagural crowd size thing: that's an idiotic lie. Trivially verifiable, hilariously petty; and completely unnecessary. He didn't lose much by it, since nobody actually seems to expect better; but he had virtually nothing to gain even if it had worked; and no reasonable expectation that it would work.

Comment Impressive work. (Score 4, Insightful) 71

Aside from the egregious delay in fixing these things; does anyone else get a very, very, bad feeling about the expected quality of the firmware when 'supply a string longer than a normal user would type' is a successful attack?

If you aren't sanitizing your inputs against that one; what are you sanitizing?

Comment Re:Mercator straight lines are not great circles! (Score 1) 319

Ironically, that's the main sense in which arguments that Mercator projections are 'imperialist' aren't total nonsense:

You don't 'imperialize' by drawing the other guy's country really small and hurting his feelings; you do so by having the maritime expertise to deliver troops and maintain supply lines across large areas of the world; and conquering the other guy's country.

As a rather useful projection for navigation, Mercator can definitely help you out with that; the wonky land areas are just a minor side effect.

Comment Re:Geometry is hard, as is geography (Score 2) 319

The trouble isn't with the Mercator projection, it does what it was designed to do well enough; but the somewhat baffling decision to make a map whose main virtues are for marine navigation the quasi-default for classroom applications mostly focused on what happens on land.

I've never heard a particularly cogent justification for that one.

Comment Re: Not if the NRA has any balls! (Score 1) 62

It's considered tacky to talk about 'blocking' GPS; but if you look for 'GPS signal generators' or 'GPS simulators', you can get hardware that doesn't merely interfere with GPS; but can produce a fairly convincing GPS fix for a time/location/etc. that you specify. Tricky and subtle to fool a suitably nice GPS system that is actively paranoid about the possibility; a couple of antennas on the ground just doesn't look quite like a satellite constellation; but can fool more naive GPS systems quite effectively.

It is suspected that this is the technique behind a few surveillance drones that were led off course and (mostly) soft-landed in hostile areas(I think the most recent case was a US drone that got a little too close to the Iranians). Really shoddy firmware might get fatally confused if you suddenly present it with some wild fantasy data; but if you start feeding accurate GPS signals, and gradually skew them, error can quickly and quietly accumulate much faster than a naive target might suggest.

I imagine that the power of blocking or spoofing GPS depends mostly on how many backup instruments you have; and how paranoid you are. GPS is preferred because it provides very well-behaved data from a chip that costs peanuts; but it's not as though everyone just stumbled around and got lost before it was available. A drone built right down to budget and weight might not have anything to fall back on; but compasses, terrain-following, inertial navigation, even celestial navigation if it isn't too sunny are all options.

Comment Re:type of technology (Score 2) 187

I assume that someone with service provider MiTM access could do a bunch of SS7 weirdness, in order to confuse attribution; but that's my understanding: if you have privileged access at the provider level, you don't need to do anything to traffic routing/redirection that might attract attention, you can just grab a copy as it passes by; while if you don't have provider-level cooperation;, you either need to try to get the traffic sent somewhere you do have access to(or run the comparatively great risk of sending people out with stingrays to do it in person; which is likely a poor plan unless you are the local cops.

Sort of like when something deeply unsettling happens to the world's BGP configurations. Ma Bell doesn't need to mess with those to tap your stuff; but some backwater that normally doesn't pass traffic worth spying on needs to modify things if they want to intercept something of interest.

Comment Re: Not if the NRA has any balls! (Score 1) 62

That might work in select locations; but CIWS isn't cheap(Phalanx is north of $5 million a pop; albeit probably more because of the support electronics than the gun alone); and ammunition isn't inexpensive and is a nontrivial danger to everyone in the area; and both factors are going to limit the number of places you can get away with deploying it.

Comment Good news everyone! (Score 3, Interesting) 62

This should improve the odds that cheapo Chinese drones start to feature more robust IMU/gyro/etc. based fallbacks for dealing with excessive RF noise!

In all seriousness, jamming a drone obviously makes life harder, since it excludes all 'basically just an RC airplane' hardware; prevents the operator from getting footage or issuing new commands, and so on; but it's hardly some rule of the universe that 'just make a docile attempt at landing' is the inevitable response to hitting a nasty RF spike. A variety of options, from heuristics of various sophistication for backing out and trying to escape the jamming; to attempts to fly straight toward where the emissions are most intense and ruin the jammer's day; to just dead-reckoning via onboard sensors and a backup flight path, all exist.

And that doesn't include the drones that actually have some nontrivial machine vision capabilities, or sensors other than cameras that can be used for navigation, though such tend to be rather more expensive.

Comment Re: Generic engineers? Really? (Score 3, Insightful) 197

If they are being paid in a way that reflects their being competent-or-better actual engineers; expecting them to play IT isn't necessarily unreasonable; but it seems pretty dumb.

You don't want to deal with lousy IT, no matter how much money you 'save'; because that's just miserable; but if you are paying an electrical engineer to spin up EC2 instances or a civil engineer to be poking at a recalcitrant data logger rather than thinking guru-level thoughts about concrete loading, you are arguably squandering relatively expensive and rare talent on problems that a reasonably competent small-shop IT generalist is exactly the sort of person to make go away so that your subject matter experts can do their thing.

Engineers who can't handle writing(or at least prototyping) simulation code are potentially more of an issue(expecting them to whip out their l33t optimization skills to save you a modest amount of CPU time by rendering the code unmaintanable is often folly; but it's been a while since most engineering disciplines were amenable to calculations entirely on slide rules and legal pads); but even there the value of an engineer who can go from Debian_netinst_x86-64 to 'fully configured numPy environment' is something that is a trifle hard to stress over as long as they know what to do with a development environment once set up.

I have a personal fondness for generalist tinkering, so I sympathize; but I also recognize that much of my generalist tinkering is purely recreational because it involves either fiddling with stuff that I'm not very good at; or doing things that someone cheaper could easily do because I'm interested in how they work. In this case, I'd be severely doubtful of the wisdom of trying to impose IT stuff on a bunch of actual, went-to-engineer-school-and-are-priced-to-reflect-that, engineers rather than investigate the possibility of finding a reasonably flexible IT/lightweight 'CS' with strong tinkering background person who appreciates the variety of an office too small for rigid specialization and the chance to poke at a wide variety of problems; and making that person available to your engineers for fiddling with peripherals, basic network and systems administration, any EC2 jockeying, etc.

Comment Re:A leftist cost-based solution won't work. (Score 1) 66

"What is a non-leftist solution to this problem?

It's actually quite simple: just avoid storing all of this sort of data to begin with!"

So it's just Dun & Bradstreet's well-known dedication to establishing the dictatorship of the proletariat that caused them to accumulate all these data? Not, y'know, the fact that it's how they make money? This seems eminently plausible...

Comment Don't worry! (Score 1) 66

Just remember; focus on the 'scary hackers' side of the story; not the 'the data were already aggregated and available, and presumably in use, well before the leak occurred' aspect.

As long as giant databases remain in respectable hands, no harm can come of them; so just worry about whether it was a nation-state actor or an 'advanced persistent threat'. Nothing else to see here.

Comment I believe this 100%! (Score 1) 102

Since demonstrating your loyalty by listening to the company podcast is voluntary; I, for one, express childlike faith that it is completely impossible that compliance statistics would be gathered in the background; or ever factored in to a decision to not-fire-because-they-aren't-employees somebody. That sort of covert stuff just isn't Uber's company culture!

Slashdot Top Deals

I'd rather just believe that it's done by little elves running around.

Working...