Follow Slashdot stories on Twitter


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Which part is secret? (Score 1) 289

Rather naughtily replying to my own post, I should own up that on reflection even a time-limited key could presumably be circumvented by resetting the computer's date. That doesn't detract from the main point of my post, which is that publication of a passphrase on its own would never have been this much of a problem if private keys had been used and kept private.

Comment Re:Which part is secret? (Score 1) 289

I concur. I'm also not sure what's up with these assertions in the ABC article linked to from the post:

<quote>In a subsequent reply to the ABC, Wikileaks said, "It is false that the passphrase was temporary or was ever described as such. That is not how PGP files work. Ask any expert."

It's clear that security experts are indeed agreeing with this.</quote>

I don't claim to be an expert, but I'm pretty sure I can easily create a PGP key that is time-limited, which would render the Wikileaks position bogus. At least, GPG certainly supports such keys.

There's a deeper issue here, though. Possibly the system used here wasn't the public-private key encryption that I associate with PGP. I'm confused by what I've read so far. Either this case used private keys, in which case the bittorrent file could not be decrypted with the password alone (unless the private key was included in the download, which would be a totally brain-dead loss of security from the Wikileaks side), or it used a simple password-protection protocol which is always going to be inherently less secure. Whichever way I spin it, I can't get Wikileaks to not look pretty incompetent when it comes to security. Which is surprising, considering what they do.

Comment Re:Banking adverts, anyone??? (Score 1) 359

How true. This story could just as easily be from Good Housekeeping as far as I'm concerned (uh, not that I'm a reader, you understand).

News for Nerds, Stuff that Matters indeed.

<token attempt at relevance>
WWW::Mechanize (or Selenium, depending on requirements) FTW.
</token attempt at relevance>

Old Slashdot would have had people chiming in with genuinely useful ideas, not this echo chamber.

Comment Re:I mostly agree! But let's soften it a little. (Score 1) 483

All good points. I think your last point nicely introduces the difference between the real estate and stock markets which is often overlooked. "Casual" investors in the stock market typically take a long position and often don't risk any more sophisticated trading (I'm including myself in this category). However, at least in this country (UK) by far the commonest way to get onto the housing "ladder" is to take out a substantial mortgage. So in effect, most of the trades on the real estate market are heavily geared, which means I think negative equity is a much commoner problem in this market than margin calls are in the stock market. This could well be a significant counterargument to the crowd that frequently claims investing in housing is safer than the stock market. It turns out reality is (surprise, surprise) more complicated than that.

I realise you've already alluded to all of this, but I think it really bears spelling out in detail.

Comment Re:R in a nutshell = Rpy (Score 1) 91

R does support fully user-defined types, inheritance and polymorphic methods. You just have to want to use them enough to dig through the multiple OO implementations available as part of the core. The commonly used systems, S3 and S4 objects, don't exactly play nicely together. I personally lean towards S4 since it seems much cleaner, but a lot of legacy code still uses S3 so it looks like there won't be a rationalisation of these two systems any time soon. The Bioconductor R modules generally (but not exclusively) use S4, so check those out for examples.

Comment Re:Here is how you do science. (Score 2, Insightful) 764

I think it's worth pointing out somewhere in this thread (and here seems pertinent) that there are many branches of science which have already confronted the question of data and software disclosure, and have generally come to the conclusion that if you want to publish you should disclose everything. My own branch, biology, has for many years been sharing sequence, protein structures, microarray and high-throughput sequencing data freely at the point of publication. 9 million data points are a drop in the ocean; I'm currently working on a dataset with 5 billion data points, and even that's small compared to the cutting edge. Now, I'm not going to pretend it's perfect, since it's up to the journals to police their data disclosure policies, but the point often missed is that in return for disclosing your hard-won data, you get access to everyone else's data as well. That alone makes it worth it, speeding up the process of scientific discovery which is, after all, what we're all about.

The climate research community badly needs to get itself an international data repository along the models of EMBL/Genbank, GEO/ArrayExpress, and PDB.

Comment Re:Increase in number of runs per second (Score 2, Insightful) 623

And yet, Twitter is still around and still relevant. Which shows that one can get away with taking these short-cuts and still achieve the ultimate aim of your project. I see people getting bogged down in the details of which software architecture/model to use all the time (never mind sort algorithms!), so much so that they lose sight of their objectives. What often happens is that someone (usually me) then does a quick end-run around them in <insert scripting language here> and we eventually move on. People wonder about the prevalence of dodgy scripts in the world today; I say this habit of programmers taking their eye off the ball is one of the reasons. Never underestimate the advantage of being first to market.


Debunking a Climate-Change Skeptic 807

DJRumpy writes "The Danish political scientist Bjørn Lomborg won fame and fans by arguing that many of the alarms sounded by environmental activists and scientists — that species are going extinct at a dangerous rate, that forests are disappearing, that climate change could be catastrophic — are bogus. A big reason Lomborg was taken seriously is that both of his books, The Skeptical Environmentalist (in 2001) and Cool It (in 2007), have extensive references, giving a seemingly authoritative source for every one of his controversial assertions. So in a display of altruistic masochism that we should all be grateful for (just as we're grateful that some people are willing to be dairy farmers), author Howard Friel has checked every single citation in Cool It. The result is The Lomborg Deception, which is being published by Yale University Press next month. It reveals that Lomborg's work is 'a mirage,' writes biologist Thomas Lovejoy in the foreword. '[I]t is a house of cards. Friel has used real scholarship to reveal the flimsy nature' of Lomborg's work."

Slashdot Top Deals

"I'm not a god, I was misquoted." -- Lister, Red Dwarf