Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Yes (Score 1) 245

Let's audit our system, then. First, we need to audit the CPU . . . oh, wait, do you have a tunneling electron microscope, cause I don't and we need to be sure that the actual die matches the supposed schematics. So we'll have to buy 10 CPUs from different locations, and analyse 9 of them to trust the 10th one. Yeah, the AMT is in there, but you have to get that first part of the audit done first.

Now, assuming you've gotten that far, and are willing to postpone auditing the AMT for now, it's time to audit the Z170, X99, or whatever chipset you are running. Should buy several motherboards with your desired chipset, just to be sure the motherboard companies are all using the same chips, and that they are all authentic Intel Z170, B170, X99, whatevers; you'll need the VHDL or schematics here, too.

Wow, we're finally out of the motherboard and CPU combination, that's probably taken a few years off our collective lives. Time to audit the USB chip, cause it does have interrupt access to the CPU and even with all the VHDL/Verilog/Schematics there could be one of those hidden register tricks like Kjella mentioned, so we'll need to make sure that it's behaving as it should and not feeding in bad bits. Then over to the HDs, because sprite_tm showed that you could bury some malware into the drive controller and the Equation Group software has been found in those. Wouldn't want one of those chips to go un-audited.

And we have even gotten to the sound chips, the graphics cards or, oh gods, the ethernet/wifi chips. Those bastard internet I/O chips, who knows what kinds of back doors are lodged in those. For all we know, there could be a port knock code in the Intel Gigabit Ethernet chips that causes it to log all HTTPS traffic and send it out over a side channel (do the ethernet chips still have SSL accelerators, or is that a thing of the past? It plays for hyperbole, but I'm not sure where in the hardware the HTTPS decoding gets done anymore).

Seriously, have you audited any of the parts of your computer? Have you read reports from anyone else who has done any auditing? Or is this just a plea for karma? Because you don't sound informative, you sound uninformed. Every chip in your system has to be trusted, and I doubt you have attempted to audit any of them or any of the software or firmware involved either. Even with the code in hand, the long process of determining "which compiler and flags were used to build the TrueCrypt software for windows" experiment a few years ago would show you how you could have all the parts available and still have a hard time proving that the device or software you have came through a trusted source (they did eventually find the flags that built TrueCrypt and the version of MSVC used, but it took a while). That assumes that, for software, the compiler you and your provider use is not backdoored itself. Thompson's "Reflections On Trusting Trust" shows that even if you have the compiler source code, and the code for the project you want to build, and the compiler bootstrap executable, you still can't be sure that it's all "audited safe and clear".

So, there you have it. Yes, you have to trust, because it is literally outside yours, or mine, or damn near anyones to audit every system configuration out there to ensure that everyone and every device is safe. You don't trust Intel, fine. You shouldn't trust AMD, either, for the same reason. And you probably shouldn't trust SlashdotMedia, so until you can audit all of the possible data that you might get sent from the web, you might just want to disconnect from the internet. You know, to be safe from that "potential danger".

Comment Re:Yes, it's a non-free OS. Always was. (Score 1) 355

I love of Stallman talks about how much he hates iThings, Losedos, and Swindles, but doesn't explain a thing about why he hates them. Does the Kindle provide a platform to read DRM-laden books that Amazon sells? Yes, it does. It also reads PDFs, mobi, epub, doc and others. You don't have to even buy DRM-laden books for it, I have a ton of books from the Baen library in DRM-free formats.

He seems to also think that childishness is directed at the right target. I'd say he's off for targeting the e-reader instead of the marketplace that makes DRM it's top priority. Then again, of all the marketplaces, Amazon is the only one I know that does have the capability to lend books purchased there, even if it is for a lowly 14 days; no one else seems to have even taken that risk. Maybe, in the words of GPL worship everywhere, you have the source code available to make a website market, go make one that does what you want. Oh, the book publishers don't like that? You have the ability to be a book publisher, go . . .

Comment Re:is this really still an OS anymore? (Score 1) 355

Strange about that "recognizing your hand" problem. My touchscreen tablet (ATIV Tab 7) has a nice little option in the stylus and touch screen settings to turn off finger detection completely and only recognize the stylus, and has at least decent rejection of the side of my hand when using the stylus with the touch screen still on. I thought that was a default thing in windows with wacom sensors.

Comment what? (Score 1) 355

17 U.S. Code 512 - Limitations on liability relating to material online
This is that whole section that makes it "not the service providers fault" for the DMCA, and provides the ways they can obey copyright laws.

17 U.S. Code 1201 - Circumvention of copyright protection systems
Okay, this does make libdvdcss2 illegal to make or distribute, but not to use. Get it from an outside the USA source, don't distribute it, and you are legally fine.

17 U.S. Code 1205 : Nothing in this chapter . . . weakens the provisions of . . . any Federal or State law that prevents the violation of the privacy of an individual in connection with the individual’s use of the Internet. (cleaned up synonyms of weakens)
Uh, I don't know what the problem with this one is, unless you meant all of Chapter 12.

17 U.S. Code 1301-1332 - this is just how patents work and get protected. If your point is still about libdvdcss2, then the response to 17 U.S. Code 1201-1205 still applies.

28 U.S. Code 4001 - Assumption of contractual obligations related to transfers of rights in motion pictures
I begin to think you are smoking something here. This is mostly concerning the legal ways for film studios to transfer copyright of films between themselves; and allowing partial transfer of copyright either only allowing broadcast rights or transferring rights but withholding broadcast rights. Nothing here is about the legality or illegality of watching DVDs using libdvdcss2 or the crypto systems in Tails.

17 U.S. Code 101 - copyright is detailed and terms are explained.

17 U.S. Code 104 - Berne convention stuff, and how copyright applies in the USA for works created outside the USA.

17 U.S. Code 104A is that damned restored copyright amendment that allowed works that were in public domain to go back under copyright protection.

17 U.S. Code 108 -how a library can make 3 copies of unpublished works to prevent them from disappearing forever, and what copies they can make of published works.

17 U.S. Code 112 makes it legal for a broadcaster to have a temporary copy of something while they are broadcasting it. Otherwise that delay in a live game wouldn't be there, and they couldn't paint those fake first down lines in handegg or highlight players in football.

17 U.S. Code 114 and 117, more of the same as above.

17 U.S. Code 701 - How the Copyright Office, Register of Copyrights, and Library of Congress work and who gets paid what.

That closest you have to "tails is illegal to use, distribute, or even possess in the United States" is that libdvdcss2 is illegal to distribute in the USA. That's why no one does that. Use and possession of it are perfectly legal. Tails is something that the NSA looks down on, and may be illegal one day, but it isn't at the moment. For all that quoting of legal stuff, you missed your intended point by a long ways.

Comment Re:Drug trials (Score 1) 232

I've been on Fentanyl for over 2 years for chronic pain that can not be surgically corrected. The first year, I didn't need any sort of extra for break-through pain; even the lowest dose was strong enough to keep me both pain free and mobile (if a little sleepy now and then). More recently, I've gotten morphine instant release added to the regimen, even after increasing the dose of the fentanyl a little (by accounting for metabolism and skin in how/where/when I wear a patch) it still doesn't provide the same amount of relief. Rather than double the dose of the main medication, which is unfortunately the next available step, I get an adjunct.

Not to disparage, but 4 or 5 months around a known accident is not chronic pain. Chronic pain would be if your hand continued to hurt (even a 5 out of 10 is considered "treat this") years later. Level of pain is only an issue in how much treatment a person needs, not the kind of treatment that's used. What sucks is that our options for treating low level chronic pain are tylenol (which causes liver failure in large doses), aspirin (causes gastric bleeds in some), and . . . that's about it. A step up you have tramadol and tordol, the first a synth-opioid that can't make you high but can raise serotonin levels so much that it can't be prescribed with most psychiatric medications (and if you have chronic pain and aren't depressed about it, you are rare) while the second is a very strong version of aspirin that causes even worse gastric bleeds if you are prone to them. Above that, opioids, just opioids. Well, there is burenorphine, a synth-not-quite-opioid that can be used for pain if you aren't too tolerant of the other drugs, but it's only got a small therapeutic index for pain (starting dose is 1/4th the max dose) and switching from the lowest fentanyl patch to butrans patches required the second strength level, so not a lot of room to go up.

Comment Re: Interesting - TTP = FAIL (Score 1) 179

Yeah, your view isn't universal. There are people out there trying to trace dissidents and political opponents electronically because those dissidents know they'll be in jail for a long time or killed if caught. That law enforcement "should" only get involved when dissent becomes violent is a nice thought, but in China the police become involved if you happen to mutter that the local cops are corrupt, or if someone mentions that you practice meditation and believe that materialism isn't the bees knees.

So yeah, ideally this is how internet communication would work. But if that was how it worked, why in hell would we have needed to start encrypting dissent and opposition in the first place?

Comment Play any instruments with Line Out? (Score 1) 135

Guitar distortion pedals can be a cheap and easy thing to build. The simplest form is just an amp (either op-amp or single transistor) followed by clipping diodes. One potentiometer to control the voltage out of the amp stage (higher voltage means the diodes clip more, means more distortion) and another controls the output volume by dropping the signal to ground. And if the kids are the ones playing the instruments, they might enjoy the different effects that can be gained by just using one diode, or mismatching them (silicon one way, germanium the other). Any instrument can be run through a homemade one, even a microphone if someone plays non-electric instruments.

Comment Re:psycho Acoustic imaging headphones (Score 1) 135

That last degree of freedom is the combination phase and volume. Louder on the right than the left? Must be to the right of the listener. The brain then processes the phase of the soundwave to determine the angle forward or backward, up and down.

Now, the brain can't use that information alone to determine if some sound came from 45 in front or 45 behind (vision helps that), but height above ground can be approximated by echo and interference. Truthfully, the subconcious 'sound map' of the place you are at also informs the brain where a sound came from. A large soft object behind you means a loud sound roughly 30 off axis with no echo or distortion probably came from in front of you. A hard object behind you would instead cause an echo of sounds from the front, but the brain just does that processing without you even taking note.

As for implementing it on the cheap? Only if research time is free; that's a very deep rabbit hole.

Comment Re:Faith Required (Score 1) 308

I disagree. Mental illnesses are visible if you have the empathy to look when someone tells you they have one. There are even physical ailments that can't be seen on an image or diagnosed by quantitative measures; chronic pain from nerve inflammation, fibromialga, chronic fatigue. It doesn't take faith to see that a person with depression can't get out of bed some days, that is plainly visible. It takes empathy to believe them when they tell you why they can't get out of bed. Empathy lets you believe a person gets anxious when there are too many people around them.

I don't know why empathy is something so lacking in people. I understand the generation that believed mental illness meant someone needed to be locked-up; they were misinformed. But this generation has access to all sorts of information to learn about mental illnesses and understand each other better, and simply doesn't. I used to assume that I was the odd one, since I had to teach myself to be empathetic towards other people as I had no natural inclination to be. I know other people feel empathy at a young age, I've seen plenty of kids get sad when their friends get hurt; something either erases that as they grow, or I'm not as odd as I thought and people really do need to be taught how to be empathetic towards each other.

Comment Re:Keepass (Score 1) 258

Me either, for the same reason. Well, I do know my password to start Keepass.

There are two password databases, one kept on relatively public cloud services. (Google Drive, Amazon, Dropbox, I won't say). It is linked to a password that can be typed on a phone and a keyfile that exists on my tablet and phone. This contains email passwords, social network and Steam passwords, etc. Stuff that I use on those devices. Then it gets deleted from the device, cause who needs to be carrying it all the time.

The important passwords are on my desktop, similarly encrypted with a different key file and only synced locally to my tablet (which is more a pen art tablet than a travel device with an i5 and a load of ram). Yes, it means when I travel my tablet could be intercepted with the keyfiles, so full drive encryption or no passwords while I travel.

But, honestly, I can only tell someone the password to get into KeePass and that wouldn't do them much good without the database and the windows account and the keyfiles that don't look like keyfiles. And luckily the 5th amendment so far protects a password that isn't written down, like the one that opens all of that.

Comment Re:what do you want for $50? (Score 1) 145

Pixels and brightness cost battery life, you just won't get a week's battery out of a 768x1024 OLED screen. The new AMOLED screen on the samsung g s6 uses more than 1/3W at 1nt.

But with a slight limit in refresh rate, like the non-action games that the GameBoy was great for, e-ink might be the more realistic option.

Comment Re:what's the problem? (Score 1) 145

Does the paperwhite have some problem with calibre? I did a cursory glance at the calibre forums, and it seemed that .mobi books would show up in "my docs" or you could format shift the books to azw3 and have them show up on the main screen. Is there some more recent development?

I ask because I'm trying to pawn off my kindle 3 to some family member or another to upgrade to the paperwhite or voyage. They just look so pretty, and my older model hasn't complained about a books source ever.

Slashdot Top Deals

I've never been canoeing before, but I imagine there must be just a few simple heuristics you have to remember... Yes, don't fall out, and don't hit rocks.

Working...