Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment let's rewrite that to reflect reality... (Score 1) 199

Two senior Democratic lawmakers with access to classified intelligence on Thursday accused Russia of "making a serious and concerted effort to influence the U.S. election,"

>>>>

Two senior Democratic lawmakers (because all the Republican ones were "out to lunch") with access to classified intelligence (which they shouldn't have revealed even the existence of, if they're really and truly classified) on Thursday (the best day for reporting viral news) said that the people (who were actually aliens wearing face-masks) who came to them (without providing any concrete verifiable proof of their credentials) put some bits of paper in front of them (without any way for those lawmakers to verify the authenticity of the documents) which had some words in it *claiming* to "accuse Russia of making a serious and concerted effort to influence the U.S. election,"

what a complete crock. over how many pairs of eyes do these people *really* think that this can be pulled? oh wait.... they've probably run the numbers, and they only need to make it look like *DEMOCRAT* Lawmakers are incompetent, so that a large enough percentage will vote for Republican.... and the rest they can swing by manipulating the numbers using that new-fangled "percentage" adjustment they added into the backdoors after the last time some of the vote totals went NEGATIVE. i wonder if they remembered to do rounding to integers? we'll find out soon enough, if the number of votes comes out to "25012.79" won't we!

Comment just install skype (Score 1) 86

y'know... skype used to have this feature, y'know? it wasn't completely undetectable, but it *used* to have the ability to disguise itself as pretty much anything, so that it would "just work" in the face of badly-configured firewalls, DNS servers, idiot companies that blocked *all* incoming and outgoing traffic stone-dead including ICMP (including BGP and other absolutely crucial traffic) with the statement "you've got unrestricted access to port 80, that's the 'internet' isn't it, what the hell are you complaining about yer lame-techie-wannabe-tuck-fard??"

it also had the ability to create any kind of tunneling over pretty much any port and any protocol (TCP, UDP, you name it, it could do it) such that it was pretty much impossible to shut it down.

AND THEN.... for no good reason WHATSOEVER [1], skype changed hands not once but THREE TIMES in succession. now it's under the "control" of microsoft, and anyone considering installing it now is a fool. it's been turned into a "cloud is all" protocol. there's no peer-to-peer capability. that leaves it vulnerable to being mass-IP-range blocked. anyone can work out what the IP range(s) are of the various "cloud" servers used by microsoft are... and just block them (regardless of consequences).

so i *would* have said "just tell them to install skype". except we can logically deduce that it was SOME FUCKWIT IN THE U.S. GOVERMNENT who caused skype, in its current release, to lose its inherent firewall-busting capabilities to be COMPLETELY REMOVED.

and with skype being proprietary, and the "startup" (bootstrap) nodes no longer being run or "supported", we cannot even run older versions of skype any more because the older versions have been shut down. oh, and it's proprietary, so it would be man-decades before it is properly reverse-engineered. oh, and the original creators are likely to have been asked (or threatened) to enter into some serrrrious non-compete contract which, even if it wasn't legally enforceable, they probably understood the full implications were that if they wanted to keep all their body parts, they'd better like, y'know, not even *think* about writing a replacement / competitor, y'ken. they did try setting up a company called "joost", but interestingly, it "failed". i don't wonder why, not any more.

so, this appears to be a golden opportunity for software libre and proprietary software writers alike, but honestly it's a poisoned chalice. one department in the U.S. does *NOT* want such software to even *EXIST*... another is offering money to anyone willing to CREATE such software.... it's either a case of "left hand doesn't know what the right hand is doing", or it's just plain entrapment: the NSA wants to know if you have the CAPABILITY to write such software (and you're going to tell them who you are for god's sake!)

bottom line is, there's a phrase which covers this scenario in the security world - it's called "a honey pot". my advice to anyone who reads this: stay the FUCK away from this "offer" unless you're such a huge software libre team (over 100 people would do it) that it would be clearly obvious if one or more people suddenly "went missing", or "received sudden lucrative job offers" or "went on holiday" or "won the lottery" or "had an accident". what would *really* do it is if EVERYBODY who is capable of collaborating on this (including people from proprietary software companies) joined *ONE* single software libre team (with a single person allocated as the front-man), where everybody else used anonymous two-way communications with that front-man), and through them proposed one single entry for the "competition". 100, 200, 300 people, the more the better. if the application *requires* that every single person on the "team" be named individually and separately (either before or after the application), then you can logically deduce that it's extremely likely to be a honeypot. if the application's mysteriously "denied" when there's only the one entry, you can logically deduce that it's extremely likely that the exercise was a honeypot.

[1] when you see 3 companies in a row throwing of the order of magnitude of a billion dollars at a single company for a single piece of software with such a limited use-case (chat, voice, video), you cannot possibly expect anyone to believe that they're each doing so because it's "financially justified". the logical conclusion is that there was some other factor involved... such as HEY WE'RE THE NSA, WE'LL GIVE YOU LOTS OF EXTRA BUSINESS IF YOU GET THAT SOURCE CODE AND GIVE US A COPY. remember: the original creators of skype were extremely clever, and utterly paranoid: they let NOBODY see the source code. back when it was initially created, the core library was ONLY made available in BINARY form EVEN to the GUI front-end developers(!) and it had a "protection" mechanism where it could detect that it was running under a Virtual Machine, detect if it was being "debugged" (single-stepped), and it would self-destruct and shut down automatically. the NSA even offered a million dollars to anyone who was willing to "break skype". yes, really, that's a matter of public record! nobody managed it. all the "social engineering" tricks and presumably various trojans that are normally successfully used to perform industrial espionage presumably failed... so they had to go to the drastic lengths of actually inducing some lame-fool company to buy the ENTIRE company. for a billion dollars. well done the founders of skype is all i can say!

Comment failure of the three laws of robotics (Score 1) 68

what many people do not appreciate is that asimov's books were a logical demonstration spanning asimov's lifetime and beyond that the three laws of robotics were a FAILURE. this is only really truly and clearly spelled out in the works written under contract by asimov's estate, for example in the book by Greg Bear. the three laws were so hard-wired into the positronic brain with billions upon billions of checks being carried out to ensure strict compliance with the three laws that there was no room for creativity - at all - and secondly that no robot could possibly allow a human being to take *any* form of risk because it *might* result in "harm", be that physical or psychological.

it would appear that BSI is unaware of this and is intending to force the three laws of robotics onto us without understanding the harm that that will do.

Comment Analysis of the videos (Score 0, Troll) 251

"Trending" means it's popular. People won't watch (and share) something that they don't actually want to watch. Here's the thing though about those WTC and Building 7 videos: a simple analysis of any of the off-the-street real-time videos - of which there were several so it's not like they could all be faked - by using simple equations of motion from O'Level Physics it is undeniably obvious that the tops of all of those buildings are in free-fall, accelerating at 9.8 metres per second squared.

Now, if a building is hit two thirds of the way up and becomes damaged, you would expect that damage to cause the top to fall over. Maybe some of the outer walls would fall off, but there would be a central core at least 1/2 to 1/3 of the height of the building sticking up. Bits would hit other bits, and it would take a long time and there would be rubble strewn out across a wide area, damaging the surrounding buildings and killing or injuring the people in them. You certainly would not expect it to collapse in a tidy heap at the speed of gravity where the entire building becomes a neat pile of rubble without any kind of significant damage to surrounding buildings.

For a quite insightful analysis which goes beyond the above brief invitation to use simple physics equations, logical analysis and reasoning, you might want to read this: https://steemit.com/tyranny/@b...

Bottom line is: not everything that "trends" under automatic algorithms (which would be filtered out by humans too scared of what they're seeing) is bullshit.

Comment Re:Bye Project Ara, Hello Fairphone (Score 3, Informative) 74

ah NO. please do some research BEFORE recommending fairphone to people. you'll notice that Fairphone has REMOVED (reneged on) their promise to provide a "Fair OS". their naivety (and the fact that they haven't listened to extremely experienced software libre developers) is well-documented - a good example is here: http://blogs.fsfe.org/pboddie/...

the Fairphone is only "modular" if you are mechanically-minded. i know of people who are competent engineers who, in attempting to repair a laptop, have managed accidentally to destroy FPC12 connectors because they weren't anticipating quite how tiny and fragile they would be.

"Modularity" also doesn't really solve the problem of chipsets being proprietary *and* insecure - google "900 million qualcomm android security vulnerability". you have to actually *design* the phone in *advance* to take into account these sorts of things. Neither google nor Fairphone have done that.

Comment Phonebloks disappointment is half the story (Score 1) 74

https://davehakkens.nl/news/re...

dave hakkens is the person who really inspired the modular smartphone movement and brought it to prominence (buglabs was the first to really implement the concept, almost a decade ago). however we don't really have an actual explanation of what went wrong with project ara. here's some hints (search in this document for "ara" obviously): http://rhombus-tech.net/whitep...

basically it's down to the fact that google has more money than they have creative sense. they therefore tried to use "financial brute force" to solve problems. the summary is: with their financial resources they created a "backbone standard" called MIPI UniPro... forgetting that in the process it would be patented by the partners, thus AUTOMATICALLY locking out ANY kind of interoperability and competition for the next 20 years. how, exactly, is that supposed to be "open"???

if we want modular smartphones to be successful, we need PROPERLY OPEN STANDARDs that have no vendor lock-in, but that are also properly protected by a Certification Mark (the standards-equivalent of a Trademark) and a Foundation (or CIC or Benefit Corporation), which is given the financial clout by its sponsors to jump on anyone who wrongly implements the standard in such a way as to cause short-circuits (and end up killing someone due to lithium battery fires for example). it's not like a software standard, where interoperability failures cause a segfault: a HARDWARE fault can genuinely be dangerous.

also the standard needs to be made up of *other* standards that are unencumbered and royalty-free, so that companies and makers alike are incentivised to create modules (using 3D printers and low-cost off-the-shelf circuits), for example this one, under development: http://elinux.org/Embedded_Ope... . Google *literally* did the total opposite of this strategy in every single conceivable way. paying companies to develop new chipsets (patented, proprietary) and saying "here! it's open! sign our NDA, agree to our policy, and you'll be fiiiine!" i'm just staggered by the naivety of a billion-dollar company that had to add me to a special list "stop phoning this person to invite them to interview, you've called them five times already over the past 10 years".

the other thing is, whilst i am delighted at dave's success in bringing the benefits of modularity to a wider audience, he doesn't have any technical knowledge. he views an *increase* in the number of companies on the phonebloks.com front page as being a good thing. the key question which illustrates the point without having to spell it out: are any of the products listed on the phonebloks page interoperable in *any* way?

so. if there is anybody who would like to see this done properly - in an open fashion so that the mistakes of both google and fairphone are not repeated (see http://blogs.fsfe.org/pboddie/...) do reach out on the arm-netbook mailing list http://lists.phcomp.co.uk/mail... i've been investigating and researching this for years and waiting for the right opportunity. often it's good to wait for "big" corporations to fail to deliver, because it means that the hugely-public lessons sink in. a "small person" saying "this ain't gonna work no matter how much money they throw at it" tends not to be believed until the predicted failure comes about.

just as i did with the successfully-crowd-funded modular libre eco-laptop i've set up a stub page (for now) http://rhombus-tech.net/commun... which is a hybrid phone that acts "dumb" and may be upgraded to "smart" by plugging in a computer-on-a-module in Compact-Flash form-factor. "peripheral modules" can be done by re-using 8-pin SIM Card connectors. these are already available in massive volume: they also carry quite a lot of current. 8 pins is just enough to carry Power, USB and 4 signals (suitable for audio PWM for example). it's *not* necessary to spend $250,000 on tooling of new connectors. it's *not* necessary to spend $200m+ on new chipsets. we *really can* do this in a truly open and community-driven fashion, based on sponsorship instead of VC funding.

Comment Re:That's a pretty light particle... (Score 1) 240

i've been studying this for 25 years (as a reverse-engineer from a software background). i've started to have to go to the field of optics to fully understand why it is that this "extra force or maybe a particle" has not been discovered. look up the work by "Ido Kaminer" and his team and you find that (for the purposes of creating "optical tweezers" - google it) it's possible to create phase-coherent X-Ray beams that *LITERALLY* bend in parabolic arcs or even semi-circles, and as they do so the phase rotates by 1/2 the angle of the amount of curvature.

how the hell could that even happen, ehn?

ok, so it goes like this: the phase-coherent beam does "cancellation" such that it curves a tiny but, but this is the crucial bit - as it moves forward the phases REMAIN COHERENT which is pretty frickin awesome.

now, it's not so hard to imagine that photons (x-rays) could conceivably be created which are so totally phase-coherent that they *LITERALLY* come back to their starting point, and thus (because light has no friction) continue circulating forever. what would we call this? well.... i'd call it... a particle!

what types of particles would you call it? well, we know from radio that you have something called I / Q (which is to do with phase), and i *believe* that if the majority of the photon's phase is in the "real" numberspace you'd end up with an electron, but if it's imaginary it would be a NEUTRINO. utterly hard to detect.

the implications of this quite rational and logical progression are enormous - because it's not the only particles that could have such "imaginary" or complex-number properties, totally invisible to us because they *DON'T* interact in the normal E/M field but they'd only really start to interact at the atomic particle distances.

my feeling is that neutrons are *NOT* a "neutron" but may in fact be a "neutron-atom-with-an-orbiting-neutrino". further, that just like with Hydrogen (H2) there's no reason why two neutrons would not bond together in a Neutron-2 "atom"... utterly impossible to detect, being both chemically stable as well as electrically and magnetically invisible... *this* i believe is our missing "dark matter".

it's a huge logical chain of progression but i haven't seen any evidence which contradicts anything in the chain. the only problem is that there are too many scientists worshipping the "Church Of The Standard Model" or should i say, "stuck for funding if they stray outside of the Standard Model Holy Grail". it thus becomes extremely hard to interact with them (i've tried) as they have literally zero common ground for discussion (not enough experience with the field of Optics), the people in the field of Optics don't have enough interest in particle physics... gahh :)

Comment License (Score 4, Insightful) 146

https://fuchsia.googlesource.c...

the consequences that we've seen from google's failure to use a self-protecting license includes:

* companies incorporating GPL'd code into Android (particularly video players) and not releasing the source
* performing DRM or other lock-downs ("Tivoisation") and in the case of qualcomm ending up with 900 million devices that are basically landfill
* causing confusion in the minds of corporations over the fact that the linux KERNEL (and u-boot) is still GPL'd

do i need to continue the list? i don't but i believe a reference to mjg59's list is appropriate:
http://www.codon.org.uk/~mjg59...

google seems unable to comprehend the severe detrimental consequences of its actions, and the effects that their decisions have on the rest of the software libre community. i appreciate that they're an advertising company so are required to maximise the effective distribution of devices so that they can thus maximise the number of devices through which they can advertise, but pissing all over the free software community that MADE IT POSSIBLE FOR THEM TO HAVE A BUSINESS AT ALL is completely unethical, not to mention the detrimental consequences and money that users have to throw away when devices turn out to have major security flaws that the designers CAN'T FIX IN THE FIELD. http://arstechnica.com/securit...

Comment solving the wrong problem (Score 2) 62

y'know... it occurs to me that seeing CENTRALISED trust mechanisms break down really is no surpise, at all. it's a simple mathematical equation which can be explored by doing e^(1/N) * N where you increase N, then make a tiny *tiny* change in the 1/N value. so E^(1/100,010) * 100,000 for example is drastically divergent from E^(1/100,000) / 100,000. point being: the more you CENTRALISE trust, the greater the chance of it being violated (exponentialy greater)

    solving this will take moving away from CENTRALISED trust to DECENTRALISED trust. does anyone remember keynote (an IETF RFC), or advogato, or even the moderation system behind slashdot, and how effective those are? we really really need to start moving to things like blockchain. as in, don't arse about expecting the incumbents to move to blockchain (because they have financial incentives not to do so) - just move to blockchain-based SSL Certificates.

Submission + - SPAM: New Jeep hack proves cars still exposed

lkcl writes: When automotive security researchers Charlie Miller and Chris Valasek take the stage Thursday morning (August 4) at the Black Hat conference in Las Vegas, they will outline new methods of CAN message injection. The two researchers who now work for Uber’s Advanced Technology Center will demonstrate how to physically seize control of the braking, steering, and acceleration systems in a vehicle.
Link to Original Source

Comment Re:Because.se one size does not fit all (Score 1) 122

Perhaps you aren't aware how low the low end of the Intel processor linecard goes? In particular, see the X3-C3230 and X5-Z8300.

i wasn't! oh _good_ - the collaboration between rockchip and intel actually produced results. why the hell didn't my contact at intel get in touch?? ok *sigh* i'll speak to him and find out if they have a reference design.... that *doesn't* have the backdoor co-processor in it....

right. interesting. the "brief" - and by brief i mean "so sparse and devoid of information it's pretty useless" - says that it was released Q1 2015. i believe it wasn't long after this that intel announced the COMPLETE TERMINATION of their involvement in the smartphone and tablet industry.

now, whether that applies to the rockchip collaboration remains to be seen. anyway, thank you for making me aware of this one, i'll keep an eye on it.

l.

Slashdot Top Deals

Just go with the flow control, roll with the crunches, and, when you get a prompt, type like hell.

Working...