Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Trademarks (Score 1) 103

okay, so this is about trademarks. canonical's trademark is being brought into disrepute by the irresponsible action of some cloud providers: it's perfectly reasonable for them to sort this out. now, here's where i have an issue with canonical: why do they think it's okay to have *canonical* not brought into disrepute, when they are themselves acting in a criminal capacity, bringing the *linux* trademark into disrepute by illegally distributing linux kernel source code after they lost their right to do so under the GPLv2, by including the (binary) incompatible ZFS kernel module?

China

Russia Falls Behind In Annual Space Launches For First Time Ever (themoscowtimes.com) 93

From a report on the Moscow Times: This year, for the first time in history, Russia has fallen behind the United States and China as the world's leading launcher of space rockets. Russia will finish 2016 with just 18 launches, according to open source data, compared to China's 19 and America's 20 launches. Alexander Ivanov, deputy chief of Russia's Roscosmos space agency, said on Nov. 29 that the launch rate has decreased because Moscow's space strategy has changed. Currently, it's top priority is reviving existing and aging satellite groupings. But there are other reasons Russia's launch rate may be falling behind. Since the 1957 launch of Sputnik, the world's first satellite, Russia has been the undisputed leader in annual launch rates -- a figure that spoke to the general health of its space program and aerospace industry. At the peak of the Soviet space program, Russia often launched around 100 rockets a year. Since 1957, Russia has launched over 3,000 rockets -- roughly twice as many as the U.S. But with the Russian economy in crisis, space budgets have plummeted. Funding for the next decade of Russian space activity stands at just 1.4 trillion rubles ($21.5 billion), a figure that was only finalized after three rounds of cuts to proposed funding, which began at 3.4 trillion rubles ($52.3 billion). The U.S. space agency, NASA, received a budget of $19.3 billion in 2016 alone. To make matters worse, Russian rockets are becoming uncharacteristically undependable.

Comment OSHWA Certification is an accident waiting to happ (Score 1) 57

i tried explaining the problem to the OSHWA group: they didn't get it. the problem with their Certification Programme is that there's nothing in their document which covers liability if a design causes injury or death (deliberate or accidental). the OSHWA group is therefore setting themselves up for a class action lawsuit where some incompetent person designs something extremely badly, slaps an OSHWA logo on it, then a chinese company goes and copies it (logo included... without bothering to find out what the logo's actually for), somebody dies in an electrical fire and the family gets an aggressive lawyer to sue and blame (rightly in this case) the people they deem to have been responsible.

what's particularly troublesome is that the OSHWA's Programme is "self-certifying" Certification Programmes *NEED* to actually have clout behind them, with money put aside to be able to take legal action against people who bring the Certificate into disrepute (using Trademark Law - not patents, not copyright), and there needs to be clauses and phrases that define and assign responsibility and liability. the OSHWA document has been written by well-meaning and unfortunately very naive people who cannot comprehend how much of a risk they are taking, who have not thought things through properly. they haven't taken legal advice, and they have no idea of the distinction between "Libre" and "Open".

what is useful however is that their mailing list is a focus for like-minded people to congregate and communicate.

Comment "consumption" of video??? (Score 2) 48

". According to the report, an estimated 279m music tracks, 56m TV shows, 34m movies, and 5m video games were consumed in the three month period."

how were they "consumed"? did they print them out on rice paper, frame by frame and then and only then manage to EAT them?? this is how the cartels manage to make it look like people are criminals - by using words like "pirate" and "consumption". videos are not "physical objects". copies can't be "stolen". or CONSUMED. the watching of a video does NOT subtract any physical substance from the universe (except perhaps indirectly reducing brain matter due to complete boredom and lack of stimulus). we're being duped here. time to take back control.

Comment Re:If all you have is a hammer... (Score 1) 153

I won't waste my time explaining you why NoSQL databases are suitable for many use cases

at the request of a client i did an evaluation of a range of databases, mongodb, postgresql, mysql, and after none of them matched up to the required performance tried leveldb and lmdb (which ended up the winner by a long, long margin). mongodb's performance was the worst of the worst. it wasn't so much that it was below the performance of the other databases, it was the *MASSIVE* pauses which began after about 90 seconds of continuous INSERTs, and continued to increase to over THIRTY SECONDS, that really put the nail in its coffin.

so after only ten minutes of INSERTs i gave up on the testing because it was clear that mongodb had some form of internal cacheing and administrative overhead that took absolute precedence over data entry. as the use-case was for the storage of real-time data, having massive pauses that effectively took the entire database offline was completely unacceptable, and i will not be using mongodb, ever.

Hardware Hacking

How I Freed My Android Tablet: A Journey in Reverse Engineering (www.thanassis.space) 79

Slashdot reader ttsiod is an embedded software engineer at the European Space Agency, and shares this story about his quest to "dominate" his new tablet: Just like it's predecessor, I wanted to run a Debian chroot inside it -- that would allow me to apt-get install and run things like Privoxy, SSH SOCKS/VPN tunnels, Flask mini-servers, etc; and in general allow me to stay in control. But there was no open-source way to do this... and I could never trust "one-click roots" that communicate with servers in China... It took me weeks to reverse engineer my tablet -- and finally succeed in becoming root. The journey was quite interesting, and included both hardware and software tinkering. I learned a lot while doing it -- and wanted to share the experience with my fellow Slashdotters...
He writes that "I trust Debian. Far more than I trust the Android ecosystem," and describes everything from how he probed the boot process and created his own boot image to hunting for a way "to tell SELinux to get off my lawn".
The Military

Air Force Says F-35 Glitches Mean the A-10 Will Keep Flying 'Indefinitely' (jalopnik.com) 325

The A-10 aircraft "is just too effective to get rid of," wrote one defense blogger -- especially in light of ongoing issues with the F-35. schwit1 quotes Jalopnik: Strategists have feared that the jet will be axed in favor of funding the F-35, but the U.S. Air Force recently confirmed that it plans to keep the A-10 flying "indefinitely." While the Air Force is theoretically supposed to be diverting the A-10's operating expenses to feed the F-35 Joint Strike Fighter, the people in charge are now planning to keep the plane running...

Air Force Materiel Command chief Gen. Ellen Pawlikowski told AviationWeek in a interview, "Our command, anyway, is approaching this as another airplane that we are sustaining indefinitely." While the beancounters and product planners are trying to push the A-10 off the board, Materiel Command is going to keep on keeping the planes in peak condition, which will give the A-10 it's best chance of proving its worth over and over again. And it seems to be working -- the A-10 posted a 5% increase in its availability rate from 2014 to 2015, and the Air Force seems to keep postponing its demise.

In Congress one representative has even suggested an operational testing "fly-off" between the two aircraft -- a jet-vs-jet competition to determine whether any more A-10s get retired.
Google

Google's 'Project Zero' Hid A Major Vulnerability in Apple's OS and iOS Cores (thestack.com) 88

In June Google's task-force against zero day exploits "identified a coding exploit in the underlying kernel of Apple's OSX and it's mobile operating system iOS, which could allow for root-level escalation of privileges for an attacker in a non-updated version of the OS," according to The Stack.

An anonymous reader writes that Google "initially refused Apple's request for sixty days' grace, but eventually settled on September 21st for disclosure. But when Apple's last-minute September fix turned out to be ineffective, Project Zero agreed to keep quiet, eventually granting Apple nearly five months of silence about the task_t bug -- which has now been fixed in the latest updates to Mac OS and iOS." The fix was released Monday, the Stack reports: Since the task_t bug allows the user to gain any entitlements they may want, it could also nullify kernel code signing, which would allow unauthorized programs to run with elevated privileges on a Mac system. Any current OSX or iOS user who has applied the latest system updates is not susceptible to the task_t vulnerability.
Intel

Intel Announces Atom E3900 Series - Goldmont for the Internet of Things (anandtech.com) 68

Intel has announced the Atom E3900 series. Based upon the company's latest generation Goldmont Atom CPU core, the E3900 series will be Intel's most serious and dedicated project yet for the IoT market. AnandTech adds: So what does an IoT-centric Atom look like? By and large, it's Broxton and more. At its core we're looking at 2 or 4 Goldmont CPU cores, paired with 12 or 18 EU configurations of Intel's Gen9 iGPU. However this is where the similarities stop. Once we get past the CPU and GPU, Intel has added new features specifically for IoT in some areas, and in other areas they've gone and reworked the design entirely to meet specific physical and technical needs of the IoT market. The big changes here are focused on security, determinism, and networking. Security is self-evident: Intel's customers need to be able to build devices that will go out into the field and be hardened against attackers. Bits and pieces of this are inerieted from Intel's existing Trusted Execution Technology, while other pieces, such as boot time measuring, are new. The latter is particularly interesting, as Intel is measuring the boot time of a system as a canary for if it's been compromised. If the boot time suddenly and unexpectedly changes, then there's a good chance the firmware and/or OS has been replaced.

Comment In other news... (Score 1) 524

... Hardware bought from thinkpenguin.com costs even less than Macs because it's pre-vetted by their 3-man company to "Just Work". the only "support" calls that they get are down to flaky USB host chipsets, BIOS DRM/whitelisting which prevents certain WIFI cards from being recognised, and the *very* very occasional request for driver support for OSes that are getting on for 15 years old. they sell ACM dial-up modems because they get calls from people who have upgraded from windows xp only to find that their old conexant softmodem is "so old" it no longer works. they buy and sell printers that don't require firmware uploads and have "generic" drivers - postscript, PCL and so on. we don't *have* to live on the treadmill: it's a choice, to tolerate the pain, cost, stress and distress of living with hardware that's designed for obsolescence, trapped by our own desire to pay less for less.

Government

CIA 'Siren Servers' Can Predict Social Uprisings Several Days Before They Happen (sociable.co) 174

Through a combination of machine learning and deep learning, the Central Intelligence Agency (CIA) is using powerful supercomputers, dubbed "Siren Servers" by computer philosophy writer Jaron Lanier, to predict social unrest days before it happens. The Sociable reports: CIA Deputy Director for Digital Innovation Andrew Hallman announced that the agency has beefed-up its "anticipatory intelligence" through the use of deep learning and machine learning servers that can process an incredible amount of data. "We have, in some instances, been able to improve our forecast to the point of being able to anticipate the development of social unrest and societal instability some I think as near as three to five days out," said Hallman on Tuesday at the Federal Tech event, Fedstival. The CIA deputy director said that it was "much harder to convey confidence for the policymaker who may make an important decision from advanced analytics with deep learning algorithms." Now that the CIA claims to be able to predict social unrest days in advance, there are some interesting theoretical possibilities that can come of this. One is that the CIA's siren servers will become so efficient that they will predict all social uprising and will be able to prevent it. If they are successful in doing that, there would be no need for the CIA as their technology could predict and prevent any societal upheavals, and the agency would be obsolete. Another potential outcome would be that the CIA could use the data and not tell anyone, just like the finance sector did, and then make calculated decisions on whether or not to intervene in any socially distressing situation.

Comment Re:This isn't a thing. (Score 2) 117

I don't see them keeping the schematic to themselves as being a real solution

schematics are not protected by copyright law. as in: they are uncopyrightable, by definition of them being a "functional description". it is a common mistake (even amongst the open hardware community) to assume that schematics may be copyrighted. what *may* be copyrighted is for example an aesthetic layout of a PCB, because that is a creative process.

Comment let's rewrite that to reflect reality... (Score 1) 199

Two senior Democratic lawmakers with access to classified intelligence on Thursday accused Russia of "making a serious and concerted effort to influence the U.S. election,"

>>>>

Two senior Democratic lawmakers (because all the Republican ones were "out to lunch") with access to classified intelligence (which they shouldn't have revealed even the existence of, if they're really and truly classified) on Thursday (the best day for reporting viral news) said that the people (who were actually aliens wearing face-masks) who came to them (without providing any concrete verifiable proof of their credentials) put some bits of paper in front of them (without any way for those lawmakers to verify the authenticity of the documents) which had some words in it *claiming* to "accuse Russia of making a serious and concerted effort to influence the U.S. election,"

what a complete crock. over how many pairs of eyes do these people *really* think that this can be pulled? oh wait.... they've probably run the numbers, and they only need to make it look like *DEMOCRAT* Lawmakers are incompetent, so that a large enough percentage will vote for Republican.... and the rest they can swing by manipulating the numbers using that new-fangled "percentage" adjustment they added into the backdoors after the last time some of the vote totals went NEGATIVE. i wonder if they remembered to do rounding to integers? we'll find out soon enough, if the number of votes comes out to "25012.79" won't we!

Comment just install skype (Score 1) 87

y'know... skype used to have this feature, y'know? it wasn't completely undetectable, but it *used* to have the ability to disguise itself as pretty much anything, so that it would "just work" in the face of badly-configured firewalls, DNS servers, idiot companies that blocked *all* incoming and outgoing traffic stone-dead including ICMP (including BGP and other absolutely crucial traffic) with the statement "you've got unrestricted access to port 80, that's the 'internet' isn't it, what the hell are you complaining about yer lame-techie-wannabe-tuck-fard??"

it also had the ability to create any kind of tunneling over pretty much any port and any protocol (TCP, UDP, you name it, it could do it) such that it was pretty much impossible to shut it down.

AND THEN.... for no good reason WHATSOEVER [1], skype changed hands not once but THREE TIMES in succession. now it's under the "control" of microsoft, and anyone considering installing it now is a fool. it's been turned into a "cloud is all" protocol. there's no peer-to-peer capability. that leaves it vulnerable to being mass-IP-range blocked. anyone can work out what the IP range(s) are of the various "cloud" servers used by microsoft are... and just block them (regardless of consequences).

so i *would* have said "just tell them to install skype". except we can logically deduce that it was SOME FUCKWIT IN THE U.S. GOVERMNENT who caused skype, in its current release, to lose its inherent firewall-busting capabilities to be COMPLETELY REMOVED.

and with skype being proprietary, and the "startup" (bootstrap) nodes no longer being run or "supported", we cannot even run older versions of skype any more because the older versions have been shut down. oh, and it's proprietary, so it would be man-decades before it is properly reverse-engineered. oh, and the original creators are likely to have been asked (or threatened) to enter into some serrrrious non-compete contract which, even if it wasn't legally enforceable, they probably understood the full implications were that if they wanted to keep all their body parts, they'd better like, y'know, not even *think* about writing a replacement / competitor, y'ken. they did try setting up a company called "joost", but interestingly, it "failed". i don't wonder why, not any more.

so, this appears to be a golden opportunity for software libre and proprietary software writers alike, but honestly it's a poisoned chalice. one department in the U.S. does *NOT* want such software to even *EXIST*... another is offering money to anyone willing to CREATE such software.... it's either a case of "left hand doesn't know what the right hand is doing", or it's just plain entrapment: the NSA wants to know if you have the CAPABILITY to write such software (and you're going to tell them who you are for god's sake!)

bottom line is, there's a phrase which covers this scenario in the security world - it's called "a honey pot". my advice to anyone who reads this: stay the FUCK away from this "offer" unless you're such a huge software libre team (over 100 people would do it) that it would be clearly obvious if one or more people suddenly "went missing", or "received sudden lucrative job offers" or "went on holiday" or "won the lottery" or "had an accident". what would *really* do it is if EVERYBODY who is capable of collaborating on this (including people from proprietary software companies) joined *ONE* single software libre team (with a single person allocated as the front-man), where everybody else used anonymous two-way communications with that front-man), and through them proposed one single entry for the "competition". 100, 200, 300 people, the more the better. if the application *requires* that every single person on the "team" be named individually and separately (either before or after the application), then you can logically deduce that it's extremely likely to be a honeypot. if the application's mysteriously "denied" when there's only the one entry, you can logically deduce that it's extremely likely that the exercise was a honeypot.

[1] when you see 3 companies in a row throwing of the order of magnitude of a billion dollars at a single company for a single piece of software with such a limited use-case (chat, voice, video), you cannot possibly expect anyone to believe that they're each doing so because it's "financially justified". the logical conclusion is that there was some other factor involved... such as HEY WE'RE THE NSA, WE'LL GIVE YOU LOTS OF EXTRA BUSINESS IF YOU GET THAT SOURCE CODE AND GIVE US A COPY. remember: the original creators of skype were extremely clever, and utterly paranoid: they let NOBODY see the source code. back when it was initially created, the core library was ONLY made available in BINARY form EVEN to the GUI front-end developers(!) and it had a "protection" mechanism where it could detect that it was running under a Virtual Machine, detect if it was being "debugged" (single-stepped), and it would self-destruct and shut down automatically. the NSA even offered a million dollars to anyone who was willing to "break skype". yes, really, that's a matter of public record! nobody managed it. all the "social engineering" tricks and presumably various trojans that are normally successfully used to perform industrial espionage presumably failed... so they had to go to the drastic lengths of actually inducing some lame-fool company to buy the ENTIRE company. for a billion dollars. well done the founders of skype is all i can say!

Comment failure of the three laws of robotics (Score 1) 68

what many people do not appreciate is that asimov's books were a logical demonstration spanning asimov's lifetime and beyond that the three laws of robotics were a FAILURE. this is only really truly and clearly spelled out in the works written under contract by asimov's estate, for example in the book by Greg Bear. the three laws were so hard-wired into the positronic brain with billions upon billions of checks being carried out to ensure strict compliance with the three laws that there was no room for creativity - at all - and secondly that no robot could possibly allow a human being to take *any* form of risk because it *might* result in "harm", be that physical or psychological.

it would appear that BSI is unaware of this and is intending to force the three laws of robotics onto us without understanding the harm that that will do.

Slashdot Top Deals

"Why waste negative entropy on comments, when you could use the same entropy to create bugs instead?" -- Steve Elias

Working...