mit.edu · Domains · Slashdot Mirror

Re:This is really, really simple to understand by bill_mcgonigle · 2013-11-26 02:04 · Score: 1 · on Researchers Build Covert Acoustical Mesh Networks In Air

If you're gonna do paranoid, you might as well do it right.

What's the point? We all know that Intel puts special logic in that changes the operation of the CPU given certain parameters. That's why Intel RdRand isn't directly accessible but has to be accessed through the hashing logic unit. That way They just have to sneak in a small bit of malware that will hose up your RNG and then your keys can be trivially cracked into the future.

Then we have the news that GCC has been compromised for years, and all of the linux distros need to be completely recompiled (that's gonna hurt the mirrors).

(apply Poe's Law liberally but don't miss the broader point)

Start at the begining by koan · 2013-11-24 06:03 · Score: 1 · on Ask Slashdot: How Do You Protect Your Privacy These Days? Or Do You?

What are the reasons we want privacy?

http://groups.csail.mit.edu/mac/classes/6.805/articles/privacy/Privacy_brand_warr2.html

Re:Consequences? by grep+-v+'.*'+* · 2013-11-23 17:13 · Score: 1 · on IRS Left Taxpayer Data Vulnerable and Lied About It

... as no one has actually been punished for this.

Punished? Of course they have -- they still work there, don't they?

(I was going to go for the "comfy Chair" line -- but, well, that just seemed as easy as shooting congressmen in a barrel. Waay too easy.)

Re:Question by umafuckit · 2013-11-23 03:50 · Score: 1 · on Detecting Chemicals Through Bone

Isn't MRI practically NMR? NMR is used for chemical analysis. Then how come MRI machines can't be programmed to do the same?

I think they have/are been: http://www.ncbi.nlm.nih.gov/pubmed/9339439 http://www.ncbi.nlm.nih.gov/pubmed/23494381 http://www.ncbi.nlm.nih.gov/pubmed/12891651 http://web.mit.edu/newsoffice/2010/brain-imaging-0301.html

Re:A big improvement indeed by charles2678 · 2013-11-19 02:43 · Score: 1 · on GCC 4.9 Coming With Big New Features

My point was that this is mainly useful on programs that already have flaws

How many programs don't?

I strongly recommend reading (or at least doing a quick pass over) http://pdos.csail.mit.edu/papers/ub:apsys12.pdf to get an idea of the scope of the problem.

Re:Orders of magnitude errors dont inspire confide by romons · 2013-11-16 13:46 · Score: 1 · on Global Warming Since 1997 Underestimated By Half

Or perhaps the world's poor, many of whom don't have access to grid electricity as it stands can bypass that step and go directly to solar power. How much would a 1 kW solar panel with a battery improve the lives of many rural people in Africa who have to go into town every week to charge up their cell phones and have no electric light at night?

Wind power is simpler and cheaper. So is small scale hydroelectic, which can be done with a small electric motor. Steam power heated by solar energy is also a good way to go. Bill Gates should start making drop-in hydro, wind or solar power stations, complete with liquid metal batteries. Nuclear isn't going anywhere with the current terrorist situation. He needs to drop that approach.

Marisa Taylor's PGP Public Key by George+Maschke · 2013-11-14 02:07 · Score: 5, Informative · on US Gov't Circulates Watch List of Buyers of Polygraph Training Materials

I should have mentioned in the original post that investigative reporter Marisa Taylor of the McClatchy newspaper group has a PGP public key (7DCA14DC) that can be used to securely contact her. I've signed it with my own key (316A947C).

Marisa Taylor's PGP Public Key by George+Maschke · 2013-11-14 02:07 · Score: 5, Informative · on US Gov't Circulates Watch List of Buyers of Polygraph Training Materials

I should have mentioned in the original post that investigative reporter Marisa Taylor of the McClatchy newspaper group has a PGP public key (7DCA14DC) that can be used to securely contact her. I've signed it with my own key (316A947C).

Re:Meanwhile... by Eunuchswear · 2013-11-11 21:45 · Score: 1 · on Fukushima Floating Offshore Wind Turbine Starts Generating Power

And nothing has happened. The amount of radiation released from the leak, while the leak should be repaired ASAP, is minute and is still LOWER than the background radiation.

[citation needed]

http://tech.mit.edu/V131/N13/yost.html

That link has nothing to do with you claim. It is also very old, and as it turns out wildly optimistic.

Re:Meanwhile... by StephenThomasKrausJr · 2013-11-11 06:06 · Score: 4, Insightful · on Fukushima Floating Offshore Wind Turbine Starts Generating Power

And nothing has happened. The amount of radiation released from the leak, while the leak should be repaired ASAP, is minute and is still LOWER than the background radiation. http://tech.mit.edu/V131/N13/yost.html If you have taken College Chemistry, you'll know why even the radiation released from the leak is nothing compared to both the background radiation in the ocean due to dilution and not even a drop in the bucket compared to the radiation released from nuclear testing we conducted in the Pacific Ocean.

Re:The US of A by mysidia · 2013-11-03 11:59 · Score: 5, Informative · on Full Details of My Attempted Entrapment For Teaching Polygraph Countermeasures

Try asking anyone under 30 if they know what the phrase "Papers Please!" denotes

It's just two words... It's a lot of things.

It's when the Military place soldiers in a natural disaster area such as New Orleans after Katrina requiring you to show military ID or proof of government authorization, to avoid arrest, or having vehicles impounded

It's an attack onAmerican birthright citizenship

It's two words that succinctly describe America's dark future.

Personal and Professional Encounters with Surveillance

anti-state.com: May I See Your Papers Please?

It's what Mr. Hiibel of Nevada went to jail for refusing to comply with

It's what police do now to ordinary people minding their own business.

It's congress work on the REAL ID act

It's a name given to a section of an Arizona law upheld by the Supreme court.

It's the name of a complaint against changes the US is making starting this Fall 2013 to further restrict the free travel of Americans and greatly increase the difficulty of US citizens getting passports

It's the name of a dystopian video game about communist immigration control.

It's the name of an anti-TSA blog

It's a request you comply with when asked by the police; otherwise, you face immediate arrest.

Texas 77 year old Grandmother arrested after refusing to show ID
Police arrest for refusing to show ID while on private property
Exhibit 1
Exhibit 2: According to the Supreme Court, the police may arrest for failure to identify
Arrested at Circuit City for refusing to show ID: "It all started when I refused to show my receipt to the loss prevention employee at Circuit City, and it ended when a police officer arrested me for refusing to provide my driver's license."
I follow the blog of a guy who walked across the country (California to New York) last year. He was arrested in Greencastle, Indiana last summer, after a prison worker called the police to report him as a suspicious person after they exchanged words while he was walking past the prison complex.
Florida Cops Tase man for refusing to show ID
Refusal to show id in Georgia (arrest)
Man in Arizona arrested for refusing to surrender firearm to officers who refused to show their own ID

Re:Tube wells and arsenic contamination by Guppy · 2013-11-01 12:41 · Score: 1 · on Bill Gates: Internet Will Not Save the World

Wanted to post a clarification:
http://web.mit.edu/j-pal/www/book/Arsenic_InfantMortality_feb10.pdf

On the other end of the spectrum, the calculations by Lokuge et al. (2004) of the dis-
ease burden from arsenic exposure that take into account only "strong causal evidence" from
existing studies estimate that arsenic-related disease leads to the loss of 174,174 disability-
adjusted life years (DALYs) per year among the population exposed to arsenic concentrations
of more than 50 ppb, which amounts to 0.3% of the disease burden, compared with diarrheal
disease which accounts for between 7.2% and 12.1% of the total disease burden.

Since infant mortality results in a disproportionate DALY impact compared with adult morbidity and mortality, I suspect the percentage of DALY disease burden impact gets skewed, but overall I think my previous point stands.

Tube wells and arsenic contamination by Guppy · 2013-11-01 12:16 · Score: 3, Informative · on Bill Gates: Internet Will Not Save the World

A decade or two later, we found that many of these wells accessed aquifers that were contaminated by arsenic. And that thus we kids had funded the wholesale poisoning of people in Africa, and that a lot of them had arsenic-induced cancers that were killing them.

Are you sure you're not mixing up two different stories here? Although trace amounts of Arsenic are common in aquifers that contact certain kinds of alluvial sediments, only a few areas have experienced really high concentrations. In particular, this has happened with shallow tube wells in India and Bangladesh. These types of wells were extremely cheap, and were drilled in the millions starting around the 1970's with UNICEF assistance; I am unaware of any similar large-scale occurrence of contamination in Africa.

On looking at the morbidity and mortality modeling from the WHO link, I wouldn't automatically label it an complete tragedy right away, either. The amount of Cancer and other diseases from arsenic contamination (chronic ingestion, the concentration is not the kind required for acute poisoning) is definitely non-trivial. However, following the implementation of the tube wells, infant mortality dropped by something like half (keeping in mind this that the high starting point of mortality means half of a fairly big number), with substantial reductions in prevalence of waterborne diseases. It is entirely possible that the number of lives (and maybe person-years of life) saved by the wells could outnumber those that were lost.

Actually, I strongly suspect that the person-years of life saved could be greatly more than the number lost, but I can't directly substantiate the possibility with numbers, except to say there is evidence that recent anti-arsenic campaigns have resulted in increases in infant mortality, due to avoidance or loss of well water leading to greater use of microbially contaminated water supplies.

Obviously, it would be great to have both clean water with no arsenic at all. Possible with deeper but more expensive wells that have been gradually replacing the older wells (it sounds like other strategies like filtration and rain-water storage have sustainability problems when implemented out in the field), but I doubt UNICEF or similar charitable organizations can get the money they need these days to replace them all at a sweep.

Re:News flash by parkinglot777 · 2013-10-30 01:35 · Score: 0 · on How Your Compiler Can Compromise Application Security

This is why it's so important to document your code. Once the compiler reads your comments it will understand your intent and decide whether you or your code is unstable.

What? Do you think a compiler reads human readable comments? Do you really know what a "compiler" is? From what you said, I highly doubt you know what this topic is all about.

Speaking of this article, to me, it is talking about a software (STACK http://css.csail.mit.edu/stack/ ) implemented by MIT researchers that could detect bugs from complied codes. These bugs are from optimization in compilers -- remove undefined behavior from the original code while compiling the code. As a result, the compiled code could have security holes.

Re:TFA does a poor job of defining what's happenin by Spikeles · 2013-10-29 11:59 · Score: 4, Informative · on How Your Compiler Can Compromise Application Security

The TFA links to the actual paper. Maybe you should read that.

Towards Optimization-Safe Systems:Analyzing the Impact of Undefined Behavior

struct tun_struct *tun = ...;
struct sock *sk = tun->sk;
if (!tun)
return POLLERR; /* write to address based on tun */

For example, when gcc first sees the dereference tun->sk, it concludes that the pointer tun must be non-null, because the C standard states that dereferencing a null pointer is undefined [24:6.5.3]. Since tun is non-null, gcc further determines that the null pointer check is unnecessary and eliminates the check, making a privilege escalation exploit possible that would not otherwise be.

x86 memory model is to blame? by codeusirae · 2013-10-29 11:41 · Score: 1 · on How Your Compiler Can Compromise Application Security

"To understand unstable code, consider the pointer overflow check buf + len | buf shown in Figure 1 .. While this check appears to work with a flat address space, it fails on a segmented architecture" ref

Do you think most-all exploits are down to the defective x86 segmented memory architecture.

"Unstable" code? WTF? by Anonymous Coward · 2013-10-29 11:26 · Score: 1 · on How Your Compiler Can Compromise Application Security

"Unstable" code is not a technical term used by any self-respecting programmer. Researchers love to make up terms that nobody but themselves use. Props to the MIT News article for correctly avoiding that term.

Re:Siri doesn't have free will by Mr.+Slippery · 2013-10-21 12:05 · Score: 3, Interesting · on Physicist Unveils a 'Turing Test' For Free Will

Is "free will" even a clearly defined concept?

No, it's not. The whole question is mis-asked. Raymond Smullyan's piece Is God A Taoist? has the best explanation I've seen:

Mortal:
What do you mean that I cannot conflict with nature? Suppose I were to become very stubborn, and I determined not to obey the laws of nature. What could stop me? If I became sufficiently stubborn even you could not stop me!
God:
You are absolutely right! I certainly could not stop you. Nothing could stop you. But there is no need to stop you, because you could not even start! As Goethe very beautifully expressed it, "In trying to oppose Nature, we are, in the very process of doing so, acting according to the laws of nature!" Don't you see that the so-called "laws of nature" are nothing more than a description of how in fact you and other beings do act? They are merely a description of how you act, not a prescription of of how you should act, not a power or force which compels or determines your acts. To be valid a law of nature must take into account how in fact you do act, or, if you like, how you choose to act.
Mortal:
So you really claim that I am incapable of determining to act against natural law?
God:
It is interesting that you have twice now used the phrase "determined to act" instead of "chosen to act." This identification is quite common. Often one uses the statement "I am determined to do this" synonymously with "I have chosen to do this." This very psychological identification should reveal that determinism and choice are much closer than they might appear. Of course, you might well say that the doctrine of free will says that it is you who are doing the determining, whereas the doctrine of determinism appears to say that your acts are determined by something apparently outside you. But the confusion is largely caused by your bifurcation of reality into the "you" and the "not you." Really now, just where do you leave off and the rest of the universe begin? Or where does the rest of the universe leave off and you begin? Once you can see the so-called "you" and the so-called "nature" as a continuous whole, then you can never again be bothered by such questions as whether it is you who are controlling nature or nature who is controlling you. Thus the muddle of free will versus determinism will vanish. If I may use a crude analogy, imagine two bodies moving toward each other by virtue of gravitational attraction. Each body, if sentient, might wonder whether it is he or the other fellow who is exerting the "force." In a way it is both, in a way it is neither. It is best to say that it is the configuration of the two which is crucial.

Re:Like libraries? by fuzzyfuzzyfungus · 2013-10-17 21:24 · Score: 3, Insightful · on Has Flow-Based Programming's Time Arrived?

Actually, sounds more like LabView. Fishing through that programming environment's icon set for the correct function is very close to what I imagine hell must be like.

I suspect that it's pretty strongly dependent on implementation, with two main drivers: On the one hand, you have the needs of essentially-not-programmers-at-all, who have some input that needs to travel through a series of tubes and get transmogrified. The results aren't going to be pretty; but it's a legitimate need. (there are also those who argue that it's a good pedagogical approach for young children, as in classic Klick 'n Play(published by Maxis in the US, international publishing and titles are strangely all over the map, or the more recent Scratch.

On the other hand, "Flow-based programming" is essentially another flavor of Functional Programming, which seems likely to never truly die, no matter how obscure in real-world use, because of how central the concept of 'functions' in some reasonably generalized sense is to mathematics, ensuring a ready supply of people ready to charge into the breach and try to bring the elegance of pure mathematics to programming. Again.

Re:that powersaving claim might want to come by icebike · 2013-10-17 06:45 · Score: 2 · on A Thermoelectric Bracelet To Maintain a Comfortable Body Temperature

The real article is here: http://web.mit.edu/newsoffice/2013/madmec-design-competition-1017.html

(Damn slashdot editors allowing blog hyping instead of linking to the actual sources!!!)

Close reading of that indicates this is just a huge trick played on the body's temperature regulation system.
There is no actual heating or cooling of the body. Its probably dangerous at some level, and the body would
also probably "learn" to ignore it.

Re:Waveforms? by icebike · 2013-10-17 06:32 · Score: 5, Insightful · on A Thermoelectric Bracelet To Maintain a Comfortable Body Temperature

Once your follow the link from the self promoting blog to the actual article from MIT you find this

Over the course of developing its technology, the Wristify team made a key discovery: Human skin is very sensitive to minute, rapid changes in temperature, which affect the whole body. They found they needed to heat or cool any body part (in their case, the wrist) at a rate of at least 0.1 C per second in order to make the entire body, overall, feel several degrees warmer or colder.

After 15 prototypes, the team landed on its final product, which resembles a wristwatch and can be powered, for up to eight hours, by a lithium polymer battery. This prototype demonstrated a rate of change of up to 0.4 C per second.

The “watch” part of the prototype actually consists of the team’s custom copper-alloy-based heat sink (a component that lowers a device’s temperature by dissipating heat). Attached is an automated control system that manages the intensity and duration of the thermal pulses delivered to the heat sink. Integrated thermometers also measure external and body temperature to adjust accordingly.

Its clear from the article that there is no actual heating of the body involved. Their system does not have enough power to heat 150 pounds of (essentially) water even one degree in the time period mentioned, let alone maintain any elevated temperature over 8 hours.

They are simply tricking the body into thinking it is warm enough or cool enough so that you don't FEEL cold / hot. You still actually ARE too cold or too hot.

This sounds interesting but I wonder just how safe it is to trick the body's thermal regulation its cool enough such that it no longer pays attention to the fact that it might be running dangerously close to heat induced stroke? Or trick it into thinking its cold, so it ramps up the metabolism.

In fact this might be a more useful as w weight loss device than an energy saving device.
But I'm still not convinced we should let engineers start micromanaging bodily functions, when all they are worried about is the device and the energy consumption.

Technology to do the same thing was invented a LONG time ago. Its called a sweater.

Even cheaper is a simple cap. Put it on, and you reduce heat loss through your head sufficiently enough to actually warm your entire body. Take it off and the reverse happens. The cap will last for years with no need for environment polluting batteries, and never has to be plugged in or recharged.

Re:As a geek who went to business school ... by rjstanford · 2013-10-17 04:28 · Score: 2 · on Ask Slashdot: As a Programmer/Geek, Should I Learn Business?

Interesting stories. The correct link for part four is http://tech.mit.edu/V130/N19/dubai.html by the way.

Re:As a geek who went to business school ... by mellyra · 2013-10-16 21:10 · Score: 3, Interesting · on Ask Slashdot: As a Programmer/Geek, Should I Learn Business?

How do you explain the hordes of McKinsey/Accenture/pwc/BCG/Bain "consultants" who walk into a business and proclaim to the execs that they have all the answers? Usually, these consultants are in their late 20s, got their MBA right after their undergrad years, never worked anything more complex than a retail job, and are immediately hired to dispense advice.

Strategic consultants aren't hired to provide answers, they are hired to provide "independent" "scientific" justification for those answers that your execs have already decided upon but don't want to be held responsible for.

I recommend you read the third part of this article series in which a young former consultant recounts his experience with BCG in Dubai:

Part I: The city of tomorrow

Part II: Welcome to your caste

Part III: The story BCG offered me $16,000 not to tell

Part IV: Dispatches from the collapse