Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment let's rewrite that to reflect reality... (Score 1) 199

Two senior Democratic lawmakers with access to classified intelligence on Thursday accused Russia of "making a serious and concerted effort to influence the U.S. election,"


Two senior Democratic lawmakers (because all the Republican ones were "out to lunch") with access to classified intelligence (which they shouldn't have revealed even the existence of, if they're really and truly classified) on Thursday (the best day for reporting viral news) said that the people (who were actually aliens wearing face-masks) who came to them (without providing any concrete verifiable proof of their credentials) put some bits of paper in front of them (without any way for those lawmakers to verify the authenticity of the documents) which had some words in it *claiming* to "accuse Russia of making a serious and concerted effort to influence the U.S. election,"

what a complete crock. over how many pairs of eyes do these people *really* think that this can be pulled? oh wait.... they've probably run the numbers, and they only need to make it look like *DEMOCRAT* Lawmakers are incompetent, so that a large enough percentage will vote for Republican.... and the rest they can swing by manipulating the numbers using that new-fangled "percentage" adjustment they added into the backdoors after the last time some of the vote totals went NEGATIVE. i wonder if they remembered to do rounding to integers? we'll find out soon enough, if the number of votes comes out to "25012.79" won't we!

Comment just install skype (Score 1) 86

y'know... skype used to have this feature, y'know? it wasn't completely undetectable, but it *used* to have the ability to disguise itself as pretty much anything, so that it would "just work" in the face of badly-configured firewalls, DNS servers, idiot companies that blocked *all* incoming and outgoing traffic stone-dead including ICMP (including BGP and other absolutely crucial traffic) with the statement "you've got unrestricted access to port 80, that's the 'internet' isn't it, what the hell are you complaining about yer lame-techie-wannabe-tuck-fard??"

it also had the ability to create any kind of tunneling over pretty much any port and any protocol (TCP, UDP, you name it, it could do it) such that it was pretty much impossible to shut it down.

AND THEN.... for no good reason WHATSOEVER [1], skype changed hands not once but THREE TIMES in succession. now it's under the "control" of microsoft, and anyone considering installing it now is a fool. it's been turned into a "cloud is all" protocol. there's no peer-to-peer capability. that leaves it vulnerable to being mass-IP-range blocked. anyone can work out what the IP range(s) are of the various "cloud" servers used by microsoft are... and just block them (regardless of consequences).

so i *would* have said "just tell them to install skype". except we can logically deduce that it was SOME FUCKWIT IN THE U.S. GOVERMNENT who caused skype, in its current release, to lose its inherent firewall-busting capabilities to be COMPLETELY REMOVED.

and with skype being proprietary, and the "startup" (bootstrap) nodes no longer being run or "supported", we cannot even run older versions of skype any more because the older versions have been shut down. oh, and it's proprietary, so it would be man-decades before it is properly reverse-engineered. oh, and the original creators are likely to have been asked (or threatened) to enter into some serrrrious non-compete contract which, even if it wasn't legally enforceable, they probably understood the full implications were that if they wanted to keep all their body parts, they'd better like, y'know, not even *think* about writing a replacement / competitor, y'ken. they did try setting up a company called "joost", but interestingly, it "failed". i don't wonder why, not any more.

so, this appears to be a golden opportunity for software libre and proprietary software writers alike, but honestly it's a poisoned chalice. one department in the U.S. does *NOT* want such software to even *EXIST*... another is offering money to anyone willing to CREATE such software.... it's either a case of "left hand doesn't know what the right hand is doing", or it's just plain entrapment: the NSA wants to know if you have the CAPABILITY to write such software (and you're going to tell them who you are for god's sake!)

bottom line is, there's a phrase which covers this scenario in the security world - it's called "a honey pot". my advice to anyone who reads this: stay the FUCK away from this "offer" unless you're such a huge software libre team (over 100 people would do it) that it would be clearly obvious if one or more people suddenly "went missing", or "received sudden lucrative job offers" or "went on holiday" or "won the lottery" or "had an accident". what would *really* do it is if EVERYBODY who is capable of collaborating on this (including people from proprietary software companies) joined *ONE* single software libre team (with a single person allocated as the front-man), where everybody else used anonymous two-way communications with that front-man), and through them proposed one single entry for the "competition". 100, 200, 300 people, the more the better. if the application *requires* that every single person on the "team" be named individually and separately (either before or after the application), then you can logically deduce that it's extremely likely to be a honeypot. if the application's mysteriously "denied" when there's only the one entry, you can logically deduce that it's extremely likely that the exercise was a honeypot.

[1] when you see 3 companies in a row throwing of the order of magnitude of a billion dollars at a single company for a single piece of software with such a limited use-case (chat, voice, video), you cannot possibly expect anyone to believe that they're each doing so because it's "financially justified". the logical conclusion is that there was some other factor involved... such as HEY WE'RE THE NSA, WE'LL GIVE YOU LOTS OF EXTRA BUSINESS IF YOU GET THAT SOURCE CODE AND GIVE US A COPY. remember: the original creators of skype were extremely clever, and utterly paranoid: they let NOBODY see the source code. back when it was initially created, the core library was ONLY made available in BINARY form EVEN to the GUI front-end developers(!) and it had a "protection" mechanism where it could detect that it was running under a Virtual Machine, detect if it was being "debugged" (single-stepped), and it would self-destruct and shut down automatically. the NSA even offered a million dollars to anyone who was willing to "break skype". yes, really, that's a matter of public record! nobody managed it. all the "social engineering" tricks and presumably various trojans that are normally successfully used to perform industrial espionage presumably failed... so they had to go to the drastic lengths of actually inducing some lame-fool company to buy the ENTIRE company. for a billion dollars. well done the founders of skype is all i can say!

Comment failure of the three laws of robotics (Score 1) 68

what many people do not appreciate is that asimov's books were a logical demonstration spanning asimov's lifetime and beyond that the three laws of robotics were a FAILURE. this is only really truly and clearly spelled out in the works written under contract by asimov's estate, for example in the book by Greg Bear. the three laws were so hard-wired into the positronic brain with billions upon billions of checks being carried out to ensure strict compliance with the three laws that there was no room for creativity - at all - and secondly that no robot could possibly allow a human being to take *any* form of risk because it *might* result in "harm", be that physical or psychological.

it would appear that BSI is unaware of this and is intending to force the three laws of robotics onto us without understanding the harm that that will do.

Comment Shell Mode & Magit FTW (Score 1) 131

My typical Emacs session has 3-4 Shell Mode buffers, each typically with tens of thousands of lines of input and output (often spanning weeks or months of work). I watch co-workers running in xterms (or equivalent), running commands repeatedly to see their output or using "more" (or "less"), or not catching or remembering some error message or whatever and I just cringe internally. I want to scream "It's 2016--you can have a searchable record of more than the last screenful of output!". But I don't :-) I explicitly try to extend my Emacs skills periodically and it's had great pay-off. Earlier this year a co-worker introduced me to Magit (a Git UI that runs inside Emacs). It took a little while to get the hang of it, but it's been a life-changer. Check it out. -- Happy Emacs user since 1980.
Open Source

Vim 8.0 Released! (google.com) 125

Long-time Slashdot reader MrKaos writes: The venerable and essential vim has had it's first major release in 10 years. Lots of new and interesting features including, vim script improvements, JSON support, messages exchange with background processes, a test framework and a bunch of Windows DirectX compatibility improvements. A package manager has been added to handle the ever-growing plug-in library, start-up changes and support for a lot of old platforms has been dropped. Many Vimprovements!

Comment Analysis of the videos (Score 0, Troll) 251

"Trending" means it's popular. People won't watch (and share) something that they don't actually want to watch. Here's the thing though about those WTC and Building 7 videos: a simple analysis of any of the off-the-street real-time videos - of which there were several so it's not like they could all be faked - by using simple equations of motion from O'Level Physics it is undeniably obvious that the tops of all of those buildings are in free-fall, accelerating at 9.8 metres per second squared.

Now, if a building is hit two thirds of the way up and becomes damaged, you would expect that damage to cause the top to fall over. Maybe some of the outer walls would fall off, but there would be a central core at least 1/2 to 1/3 of the height of the building sticking up. Bits would hit other bits, and it would take a long time and there would be rubble strewn out across a wide area, damaging the surrounding buildings and killing or injuring the people in them. You certainly would not expect it to collapse in a tidy heap at the speed of gravity where the entire building becomes a neat pile of rubble without any kind of significant damage to surrounding buildings.

For a quite insightful analysis which goes beyond the above brief invitation to use simple physics equations, logical analysis and reasoning, you might want to read this: https://steemit.com/tyranny/@b...

Bottom line is: not everything that "trends" under automatic algorithms (which would be filtered out by humans too scared of what they're seeing) is bullshit.


Finland Prepares Their First Tests Of A Universal Basic Income (futurism.com) 630

Finland is getting ready to launch their first pilot program with a Universal Basic Income -- one of several countries which are now testing the concept. An anonymous reader quotes a report from Futurism.com: Finland is about to launch an experiment in which a randomly selected group of 2,000-3,000 citizens already on unemployment benefits will begin to receive a monthly basic income of 560 euros (approximately $600). That basic income will replace their existing benefits. The amount is the same as the current guaranteed minimum level of Finnish social security support. The pilot study, running for two years in 2017-2018, aims to assess whether basic income can help reduce poverty, social exclusion, and bureaucracy, while increasing the employment rate.
In January a basic income program will also begin testing in the Netherlands, according to the article, which points out that Y Combinator has also launched a test program in Oakland, California. And there's now also calls for a Universal Basic Income in India, where one social worker argues it's "sound social policy," while pointing out that it's already being implemented in other countries. "In Brazil, it targets the poor and has been a way out of poverty; in Iran, it has substituted for subsidies and citizens receive about $500 a year..."

Comment Re:Bye Project Ara, Hello Fairphone (Score 3, Informative) 74

ah NO. please do some research BEFORE recommending fairphone to people. you'll notice that Fairphone has REMOVED (reneged on) their promise to provide a "Fair OS". their naivety (and the fact that they haven't listened to extremely experienced software libre developers) is well-documented - a good example is here: http://blogs.fsfe.org/pboddie/...

the Fairphone is only "modular" if you are mechanically-minded. i know of people who are competent engineers who, in attempting to repair a laptop, have managed accidentally to destroy FPC12 connectors because they weren't anticipating quite how tiny and fragile they would be.

"Modularity" also doesn't really solve the problem of chipsets being proprietary *and* insecure - google "900 million qualcomm android security vulnerability". you have to actually *design* the phone in *advance* to take into account these sorts of things. Neither google nor Fairphone have done that.

Comment Phonebloks disappointment is half the story (Score 1) 74


dave hakkens is the person who really inspired the modular smartphone movement and brought it to prominence (buglabs was the first to really implement the concept, almost a decade ago). however we don't really have an actual explanation of what went wrong with project ara. here's some hints (search in this document for "ara" obviously): http://rhombus-tech.net/whitep...

basically it's down to the fact that google has more money than they have creative sense. they therefore tried to use "financial brute force" to solve problems. the summary is: with their financial resources they created a "backbone standard" called MIPI UniPro... forgetting that in the process it would be patented by the partners, thus AUTOMATICALLY locking out ANY kind of interoperability and competition for the next 20 years. how, exactly, is that supposed to be "open"???

if we want modular smartphones to be successful, we need PROPERLY OPEN STANDARDs that have no vendor lock-in, but that are also properly protected by a Certification Mark (the standards-equivalent of a Trademark) and a Foundation (or CIC or Benefit Corporation), which is given the financial clout by its sponsors to jump on anyone who wrongly implements the standard in such a way as to cause short-circuits (and end up killing someone due to lithium battery fires for example). it's not like a software standard, where interoperability failures cause a segfault: a HARDWARE fault can genuinely be dangerous.

also the standard needs to be made up of *other* standards that are unencumbered and royalty-free, so that companies and makers alike are incentivised to create modules (using 3D printers and low-cost off-the-shelf circuits), for example this one, under development: http://elinux.org/Embedded_Ope... . Google *literally* did the total opposite of this strategy in every single conceivable way. paying companies to develop new chipsets (patented, proprietary) and saying "here! it's open! sign our NDA, agree to our policy, and you'll be fiiiine!" i'm just staggered by the naivety of a billion-dollar company that had to add me to a special list "stop phoning this person to invite them to interview, you've called them five times already over the past 10 years".

the other thing is, whilst i am delighted at dave's success in bringing the benefits of modularity to a wider audience, he doesn't have any technical knowledge. he views an *increase* in the number of companies on the phonebloks.com front page as being a good thing. the key question which illustrates the point without having to spell it out: are any of the products listed on the phonebloks page interoperable in *any* way?

so. if there is anybody who would like to see this done properly - in an open fashion so that the mistakes of both google and fairphone are not repeated (see http://blogs.fsfe.org/pboddie/...) do reach out on the arm-netbook mailing list http://lists.phcomp.co.uk/mail... i've been investigating and researching this for years and waiting for the right opportunity. often it's good to wait for "big" corporations to fail to deliver, because it means that the hugely-public lessons sink in. a "small person" saying "this ain't gonna work no matter how much money they throw at it" tends not to be believed until the predicted failure comes about.

just as i did with the successfully-crowd-funded modular libre eco-laptop i've set up a stub page (for now) http://rhombus-tech.net/commun... which is a hybrid phone that acts "dumb" and may be upgraded to "smart" by plugging in a computer-on-a-module in Compact-Flash form-factor. "peripheral modules" can be done by re-using 8-pin SIM Card connectors. these are already available in massive volume: they also carry quite a lot of current. 8 pins is just enough to carry Power, USB and 4 signals (suitable for audio PWM for example). it's *not* necessary to spend $250,000 on tooling of new connectors. it's *not* necessary to spend $200m+ on new chipsets. we *really can* do this in a truly open and community-driven fashion, based on sponsorship instead of VC funding.


Falcon 9 Explodes On Pad (npr.org) 338

Reader Mysticalfruit writes: NPR is reporting that a Falcon9 carrying the AMOS-6 satellite that was supposed to launch on Sat exploded during it's scheduled static fire. No injuries are reported. They're reporting that this was going to be the first reflown first stage.
The Verge adds:SpaceX's Falcon 9 rocket, meant to launch a satellite this weekend, exploded on the launch pad at Cape Canaveral, Florida this morning. The explosion occurred during the preparation for the static fire test of the rocket's engines, NASA told the Associated Press. The blast reportedly shook buildings "several miles away." The company confirmed to The Verge the loss of the Falcon 9 an hour later: "SpaceX can confirm that in preparation for today's static fire, there was an anomaly on the pad resulting in the loss of the vehicle and its payload. Per standard procedure, the pad was clear and there were no injuries."
The Internet

New SWEET32 Crypto Attacks Speed Up Deprecation of 3DES, Blowfish (threatpost.com) 53

Researchers "have devised a new way to decrypt secret cookies which could leave your passwords vulnerable to theft," reports Digital Trends. Slashdot reader msm1267 writes: New attacks revealed today against 64-bit block ciphers push cryptographic ciphers such as Triple-DES (3DES) and Blowfish closer to extinction. The attacks, known as SWEET32, allow for the recovery of authentication cookies from HTTPS traffic protected by 3DES, and BasicAUTH credentials from OpenVPN traffic protected by default by Blowfish.

In response, OpenSSL is expected to remove 3DES from its default bulid in 1.1.0, and lower its designation from High to Medium 1.0.2 and 1.0.1. OpenVPN, meanwhile, is expected to release a new version as well with a warning about Blowfish and new configuration advice protecting against the SWEET32 attacks. The researchers behind SWEET32 said this is a practical attack because collisions begin after a relatively short amount of data is introduced. By luring a victim to a malicious site, the attacker can inject JavaScript into the browser that forces the victim to connect over and over to a site they're authenticated to. The attacker can then collect enough of that traffic -- from a connection that is kept alive for a long period of time -- to recover the session cookie.

Comment Re:That's a pretty light particle... (Score 1) 240

i've been studying this for 25 years (as a reverse-engineer from a software background). i've started to have to go to the field of optics to fully understand why it is that this "extra force or maybe a particle" has not been discovered. look up the work by "Ido Kaminer" and his team and you find that (for the purposes of creating "optical tweezers" - google it) it's possible to create phase-coherent X-Ray beams that *LITERALLY* bend in parabolic arcs or even semi-circles, and as they do so the phase rotates by 1/2 the angle of the amount of curvature.

how the hell could that even happen, ehn?

ok, so it goes like this: the phase-coherent beam does "cancellation" such that it curves a tiny but, but this is the crucial bit - as it moves forward the phases REMAIN COHERENT which is pretty frickin awesome.

now, it's not so hard to imagine that photons (x-rays) could conceivably be created which are so totally phase-coherent that they *LITERALLY* come back to their starting point, and thus (because light has no friction) continue circulating forever. what would we call this? well.... i'd call it... a particle!

what types of particles would you call it? well, we know from radio that you have something called I / Q (which is to do with phase), and i *believe* that if the majority of the photon's phase is in the "real" numberspace you'd end up with an electron, but if it's imaginary it would be a NEUTRINO. utterly hard to detect.

the implications of this quite rational and logical progression are enormous - because it's not the only particles that could have such "imaginary" or complex-number properties, totally invisible to us because they *DON'T* interact in the normal E/M field but they'd only really start to interact at the atomic particle distances.

my feeling is that neutrons are *NOT* a "neutron" but may in fact be a "neutron-atom-with-an-orbiting-neutrino". further, that just like with Hydrogen (H2) there's no reason why two neutrons would not bond together in a Neutron-2 "atom"... utterly impossible to detect, being both chemically stable as well as electrically and magnetically invisible... *this* i believe is our missing "dark matter".

it's a huge logical chain of progression but i haven't seen any evidence which contradicts anything in the chain. the only problem is that there are too many scientists worshipping the "Church Of The Standard Model" or should i say, "stuck for funding if they stray outside of the Standard Model Holy Grail". it thus becomes extremely hard to interact with them (i've tried) as they have literally zero common ground for discussion (not enough experience with the field of Optics), the people in the field of Optics don't have enough interest in particle physics... gahh :)


Canadian Fined For Not Providing Border Agents Smartphone Password (www.cbc.ca) 276

Reader da_foz writes: A Canadian was reentering Canada when he was arrested and charged with hindering or obstructing border officials. At the time traces of cocaine were found on his bags and he was carrying $5,000 in cash. He provided his smartphone to border agents as requested, however refused to provide the password. Canada Border Services Agency officials asked for Philippon's smartphone and its password. From a report: "He handed over his BlackBerry but refused to disclose the code to access the phone. Philippon was arrested and charged under the federal Customs Act, accused of hindering or obstructing border officials." It is unclear if he provided the password while agreeing to the fine.

Slashdot Top Deals

According to the latest official figures, 43% of all statistics are totally worthless.