Become a fan of Slashdot on Facebook


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment In other news... (Score 1) 434

... Hardware bought from costs even less than Macs because it's pre-vetted by their 3-man company to "Just Work". the only "support" calls that they get are down to flaky USB host chipsets, BIOS DRM/whitelisting which prevents certain WIFI cards from being recognised, and the *very* very occasional request for driver support for OSes that are getting on for 15 years old. they sell ACM dial-up modems because they get calls from people who have upgraded from windows xp only to find that their old conexant softmodem is "so old" it no longer works. they buy and sell printers that don't require firmware uploads and have "generic" drivers - postscript, PCL and so on. we don't *have* to live on the treadmill: it's a choice, to tolerate the pain, cost, stress and distress of living with hardware that's designed for obsolescence, trapped by our own desire to pay less for less.


CIA 'Siren Servers' Can Predict Social Uprisings Several Days Before They Happen ( 174

Through a combination of machine learning and deep learning, the Central Intelligence Agency (CIA) is using powerful supercomputers, dubbed "Siren Servers" by computer philosophy writer Jaron Lanier, to predict social unrest days before it happens. The Sociable reports: CIA Deputy Director for Digital Innovation Andrew Hallman announced that the agency has beefed-up its "anticipatory intelligence" through the use of deep learning and machine learning servers that can process an incredible amount of data. "We have, in some instances, been able to improve our forecast to the point of being able to anticipate the development of social unrest and societal instability some I think as near as three to five days out," said Hallman on Tuesday at the Federal Tech event, Fedstival. The CIA deputy director said that it was "much harder to convey confidence for the policymaker who may make an important decision from advanced analytics with deep learning algorithms." Now that the CIA claims to be able to predict social unrest days in advance, there are some interesting theoretical possibilities that can come of this. One is that the CIA's siren servers will become so efficient that they will predict all social uprising and will be able to prevent it. If they are successful in doing that, there would be no need for the CIA as their technology could predict and prevent any societal upheavals, and the agency would be obsolete. Another potential outcome would be that the CIA could use the data and not tell anyone, just like the finance sector did, and then make calculated decisions on whether or not to intervene in any socially distressing situation.

Comment Re:This isn't a thing. (Score 2) 117

I don't see them keeping the schematic to themselves as being a real solution

schematics are not protected by copyright law. as in: they are uncopyrightable, by definition of them being a "functional description". it is a common mistake (even amongst the open hardware community) to assume that schematics may be copyrighted. what *may* be copyrighted is for example an aesthetic layout of a PCB, because that is a creative process.

Comment let's rewrite that to reflect reality... (Score 1) 199

Two senior Democratic lawmakers with access to classified intelligence on Thursday accused Russia of "making a serious and concerted effort to influence the U.S. election,"


Two senior Democratic lawmakers (because all the Republican ones were "out to lunch") with access to classified intelligence (which they shouldn't have revealed even the existence of, if they're really and truly classified) on Thursday (the best day for reporting viral news) said that the people (who were actually aliens wearing face-masks) who came to them (without providing any concrete verifiable proof of their credentials) put some bits of paper in front of them (without any way for those lawmakers to verify the authenticity of the documents) which had some words in it *claiming* to "accuse Russia of making a serious and concerted effort to influence the U.S. election,"

what a complete crock. over how many pairs of eyes do these people *really* think that this can be pulled? oh wait.... they've probably run the numbers, and they only need to make it look like *DEMOCRAT* Lawmakers are incompetent, so that a large enough percentage will vote for Republican.... and the rest they can swing by manipulating the numbers using that new-fangled "percentage" adjustment they added into the backdoors after the last time some of the vote totals went NEGATIVE. i wonder if they remembered to do rounding to integers? we'll find out soon enough, if the number of votes comes out to "25012.79" won't we!

Comment just install skype (Score 1) 87

y'know... skype used to have this feature, y'know? it wasn't completely undetectable, but it *used* to have the ability to disguise itself as pretty much anything, so that it would "just work" in the face of badly-configured firewalls, DNS servers, idiot companies that blocked *all* incoming and outgoing traffic stone-dead including ICMP (including BGP and other absolutely crucial traffic) with the statement "you've got unrestricted access to port 80, that's the 'internet' isn't it, what the hell are you complaining about yer lame-techie-wannabe-tuck-fard??"

it also had the ability to create any kind of tunneling over pretty much any port and any protocol (TCP, UDP, you name it, it could do it) such that it was pretty much impossible to shut it down.

AND THEN.... for no good reason WHATSOEVER [1], skype changed hands not once but THREE TIMES in succession. now it's under the "control" of microsoft, and anyone considering installing it now is a fool. it's been turned into a "cloud is all" protocol. there's no peer-to-peer capability. that leaves it vulnerable to being mass-IP-range blocked. anyone can work out what the IP range(s) are of the various "cloud" servers used by microsoft are... and just block them (regardless of consequences).

so i *would* have said "just tell them to install skype". except we can logically deduce that it was SOME FUCKWIT IN THE U.S. GOVERMNENT who caused skype, in its current release, to lose its inherent firewall-busting capabilities to be COMPLETELY REMOVED.

and with skype being proprietary, and the "startup" (bootstrap) nodes no longer being run or "supported", we cannot even run older versions of skype any more because the older versions have been shut down. oh, and it's proprietary, so it would be man-decades before it is properly reverse-engineered. oh, and the original creators are likely to have been asked (or threatened) to enter into some serrrrious non-compete contract which, even if it wasn't legally enforceable, they probably understood the full implications were that if they wanted to keep all their body parts, they'd better like, y'know, not even *think* about writing a replacement / competitor, y'ken. they did try setting up a company called "joost", but interestingly, it "failed". i don't wonder why, not any more.

so, this appears to be a golden opportunity for software libre and proprietary software writers alike, but honestly it's a poisoned chalice. one department in the U.S. does *NOT* want such software to even *EXIST*... another is offering money to anyone willing to CREATE such software.... it's either a case of "left hand doesn't know what the right hand is doing", or it's just plain entrapment: the NSA wants to know if you have the CAPABILITY to write such software (and you're going to tell them who you are for god's sake!)

bottom line is, there's a phrase which covers this scenario in the security world - it's called "a honey pot". my advice to anyone who reads this: stay the FUCK away from this "offer" unless you're such a huge software libre team (over 100 people would do it) that it would be clearly obvious if one or more people suddenly "went missing", or "received sudden lucrative job offers" or "went on holiday" or "won the lottery" or "had an accident". what would *really* do it is if EVERYBODY who is capable of collaborating on this (including people from proprietary software companies) joined *ONE* single software libre team (with a single person allocated as the front-man), where everybody else used anonymous two-way communications with that front-man), and through them proposed one single entry for the "competition". 100, 200, 300 people, the more the better. if the application *requires* that every single person on the "team" be named individually and separately (either before or after the application), then you can logically deduce that it's extremely likely to be a honeypot. if the application's mysteriously "denied" when there's only the one entry, you can logically deduce that it's extremely likely that the exercise was a honeypot.

[1] when you see 3 companies in a row throwing of the order of magnitude of a billion dollars at a single company for a single piece of software with such a limited use-case (chat, voice, video), you cannot possibly expect anyone to believe that they're each doing so because it's "financially justified". the logical conclusion is that there was some other factor involved... such as HEY WE'RE THE NSA, WE'LL GIVE YOU LOTS OF EXTRA BUSINESS IF YOU GET THAT SOURCE CODE AND GIVE US A COPY. remember: the original creators of skype were extremely clever, and utterly paranoid: they let NOBODY see the source code. back when it was initially created, the core library was ONLY made available in BINARY form EVEN to the GUI front-end developers(!) and it had a "protection" mechanism where it could detect that it was running under a Virtual Machine, detect if it was being "debugged" (single-stepped), and it would self-destruct and shut down automatically. the NSA even offered a million dollars to anyone who was willing to "break skype". yes, really, that's a matter of public record! nobody managed it. all the "social engineering" tricks and presumably various trojans that are normally successfully used to perform industrial espionage presumably failed... so they had to go to the drastic lengths of actually inducing some lame-fool company to buy the ENTIRE company. for a billion dollars. well done the founders of skype is all i can say!

Comment failure of the three laws of robotics (Score 1) 68

what many people do not appreciate is that asimov's books were a logical demonstration spanning asimov's lifetime and beyond that the three laws of robotics were a FAILURE. this is only really truly and clearly spelled out in the works written under contract by asimov's estate, for example in the book by Greg Bear. the three laws were so hard-wired into the positronic brain with billions upon billions of checks being carried out to ensure strict compliance with the three laws that there was no room for creativity - at all - and secondly that no robot could possibly allow a human being to take *any* form of risk because it *might* result in "harm", be that physical or psychological.

it would appear that BSI is unaware of this and is intending to force the three laws of robotics onto us without understanding the harm that that will do.

Comment Shell Mode & Magit FTW (Score 1) 131

My typical Emacs session has 3-4 Shell Mode buffers, each typically with tens of thousands of lines of input and output (often spanning weeks or months of work). I watch co-workers running in xterms (or equivalent), running commands repeatedly to see their output or using "more" (or "less"), or not catching or remembering some error message or whatever and I just cringe internally. I want to scream "It's 2016--you can have a searchable record of more than the last screenful of output!". But I don't :-) I explicitly try to extend my Emacs skills periodically and it's had great pay-off. Earlier this year a co-worker introduced me to Magit (a Git UI that runs inside Emacs). It took a little while to get the hang of it, but it's been a life-changer. Check it out. -- Happy Emacs user since 1980.
Open Source

Vim 8.0 Released! ( 125

Long-time Slashdot reader MrKaos writes: The venerable and essential vim has had it's first major release in 10 years. Lots of new and interesting features including, vim script improvements, JSON support, messages exchange with background processes, a test framework and a bunch of Windows DirectX compatibility improvements. A package manager has been added to handle the ever-growing plug-in library, start-up changes and support for a lot of old platforms has been dropped. Many Vimprovements!

Comment Analysis of the videos (Score 0, Troll) 251

"Trending" means it's popular. People won't watch (and share) something that they don't actually want to watch. Here's the thing though about those WTC and Building 7 videos: a simple analysis of any of the off-the-street real-time videos - of which there were several so it's not like they could all be faked - by using simple equations of motion from O'Level Physics it is undeniably obvious that the tops of all of those buildings are in free-fall, accelerating at 9.8 metres per second squared.

Now, if a building is hit two thirds of the way up and becomes damaged, you would expect that damage to cause the top to fall over. Maybe some of the outer walls would fall off, but there would be a central core at least 1/2 to 1/3 of the height of the building sticking up. Bits would hit other bits, and it would take a long time and there would be rubble strewn out across a wide area, damaging the surrounding buildings and killing or injuring the people in them. You certainly would not expect it to collapse in a tidy heap at the speed of gravity where the entire building becomes a neat pile of rubble without any kind of significant damage to surrounding buildings.

For a quite insightful analysis which goes beyond the above brief invitation to use simple physics equations, logical analysis and reasoning, you might want to read this:

Bottom line is: not everything that "trends" under automatic algorithms (which would be filtered out by humans too scared of what they're seeing) is bullshit.


Finland Prepares Their First Tests Of A Universal Basic Income ( 630

Finland is getting ready to launch their first pilot program with a Universal Basic Income -- one of several countries which are now testing the concept. An anonymous reader quotes a report from Finland is about to launch an experiment in which a randomly selected group of 2,000-3,000 citizens already on unemployment benefits will begin to receive a monthly basic income of 560 euros (approximately $600). That basic income will replace their existing benefits. The amount is the same as the current guaranteed minimum level of Finnish social security support. The pilot study, running for two years in 2017-2018, aims to assess whether basic income can help reduce poverty, social exclusion, and bureaucracy, while increasing the employment rate.
In January a basic income program will also begin testing in the Netherlands, according to the article, which points out that Y Combinator has also launched a test program in Oakland, California. And there's now also calls for a Universal Basic Income in India, where one social worker argues it's "sound social policy," while pointing out that it's already being implemented in other countries. "In Brazil, it targets the poor and has been a way out of poverty; in Iran, it has substituted for subsidies and citizens receive about $500 a year..."

Comment Re:Bye Project Ara, Hello Fairphone (Score 3, Informative) 74

ah NO. please do some research BEFORE recommending fairphone to people. you'll notice that Fairphone has REMOVED (reneged on) their promise to provide a "Fair OS". their naivety (and the fact that they haven't listened to extremely experienced software libre developers) is well-documented - a good example is here:

the Fairphone is only "modular" if you are mechanically-minded. i know of people who are competent engineers who, in attempting to repair a laptop, have managed accidentally to destroy FPC12 connectors because they weren't anticipating quite how tiny and fragile they would be.

"Modularity" also doesn't really solve the problem of chipsets being proprietary *and* insecure - google "900 million qualcomm android security vulnerability". you have to actually *design* the phone in *advance* to take into account these sorts of things. Neither google nor Fairphone have done that.

Comment Phonebloks disappointment is half the story (Score 1) 74

dave hakkens is the person who really inspired the modular smartphone movement and brought it to prominence (buglabs was the first to really implement the concept, almost a decade ago). however we don't really have an actual explanation of what went wrong with project ara. here's some hints (search in this document for "ara" obviously):

basically it's down to the fact that google has more money than they have creative sense. they therefore tried to use "financial brute force" to solve problems. the summary is: with their financial resources they created a "backbone standard" called MIPI UniPro... forgetting that in the process it would be patented by the partners, thus AUTOMATICALLY locking out ANY kind of interoperability and competition for the next 20 years. how, exactly, is that supposed to be "open"???

if we want modular smartphones to be successful, we need PROPERLY OPEN STANDARDs that have no vendor lock-in, but that are also properly protected by a Certification Mark (the standards-equivalent of a Trademark) and a Foundation (or CIC or Benefit Corporation), which is given the financial clout by its sponsors to jump on anyone who wrongly implements the standard in such a way as to cause short-circuits (and end up killing someone due to lithium battery fires for example). it's not like a software standard, where interoperability failures cause a segfault: a HARDWARE fault can genuinely be dangerous.

also the standard needs to be made up of *other* standards that are unencumbered and royalty-free, so that companies and makers alike are incentivised to create modules (using 3D printers and low-cost off-the-shelf circuits), for example this one, under development: . Google *literally* did the total opposite of this strategy in every single conceivable way. paying companies to develop new chipsets (patented, proprietary) and saying "here! it's open! sign our NDA, agree to our policy, and you'll be fiiiine!" i'm just staggered by the naivety of a billion-dollar company that had to add me to a special list "stop phoning this person to invite them to interview, you've called them five times already over the past 10 years".

the other thing is, whilst i am delighted at dave's success in bringing the benefits of modularity to a wider audience, he doesn't have any technical knowledge. he views an *increase* in the number of companies on the front page as being a good thing. the key question which illustrates the point without having to spell it out: are any of the products listed on the phonebloks page interoperable in *any* way?

so. if there is anybody who would like to see this done properly - in an open fashion so that the mistakes of both google and fairphone are not repeated (see do reach out on the arm-netbook mailing list i've been investigating and researching this for years and waiting for the right opportunity. often it's good to wait for "big" corporations to fail to deliver, because it means that the hugely-public lessons sink in. a "small person" saying "this ain't gonna work no matter how much money they throw at it" tends not to be believed until the predicted failure comes about.

just as i did with the successfully-crowd-funded modular libre eco-laptop i've set up a stub page (for now) which is a hybrid phone that acts "dumb" and may be upgraded to "smart" by plugging in a computer-on-a-module in Compact-Flash form-factor. "peripheral modules" can be done by re-using 8-pin SIM Card connectors. these are already available in massive volume: they also carry quite a lot of current. 8 pins is just enough to carry Power, USB and 4 signals (suitable for audio PWM for example). it's *not* necessary to spend $250,000 on tooling of new connectors. it's *not* necessary to spend $200m+ on new chipsets. we *really can* do this in a truly open and community-driven fashion, based on sponsorship instead of VC funding.


Falcon 9 Explodes On Pad ( 338

Reader Mysticalfruit writes: NPR is reporting that a Falcon9 carrying the AMOS-6 satellite that was supposed to launch on Sat exploded during it's scheduled static fire. No injuries are reported. They're reporting that this was going to be the first reflown first stage.
The Verge adds:SpaceX's Falcon 9 rocket, meant to launch a satellite this weekend, exploded on the launch pad at Cape Canaveral, Florida this morning. The explosion occurred during the preparation for the static fire test of the rocket's engines, NASA told the Associated Press. The blast reportedly shook buildings "several miles away." The company confirmed to The Verge the loss of the Falcon 9 an hour later: "SpaceX can confirm that in preparation for today's static fire, there was an anomaly on the pad resulting in the loss of the vehicle and its payload. Per standard procedure, the pad was clear and there were no injuries."
The Internet

New SWEET32 Crypto Attacks Speed Up Deprecation of 3DES, Blowfish ( 53

Researchers "have devised a new way to decrypt secret cookies which could leave your passwords vulnerable to theft," reports Digital Trends. Slashdot reader msm1267 writes: New attacks revealed today against 64-bit block ciphers push cryptographic ciphers such as Triple-DES (3DES) and Blowfish closer to extinction. The attacks, known as SWEET32, allow for the recovery of authentication cookies from HTTPS traffic protected by 3DES, and BasicAUTH credentials from OpenVPN traffic protected by default by Blowfish.

In response, OpenSSL is expected to remove 3DES from its default bulid in 1.1.0, and lower its designation from High to Medium 1.0.2 and 1.0.1. OpenVPN, meanwhile, is expected to release a new version as well with a warning about Blowfish and new configuration advice protecting against the SWEET32 attacks. The researchers behind SWEET32 said this is a practical attack because collisions begin after a relatively short amount of data is introduced. By luring a victim to a malicious site, the attacker can inject JavaScript into the browser that forces the victim to connect over and over to a site they're authenticated to. The attacker can then collect enough of that traffic -- from a connection that is kept alive for a long period of time -- to recover the session cookie.

Slashdot Top Deals

Brain off-line, please wait.