Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
Richard Stallman Speaks About UEFI
An anonymous reader writes "Despite weaknesses in the Linux-hostile 'secure boot' mechanism, both Fedora and Ubuntu decided to facilitate it, by essentially adopting two different approaches. Richard Stallman has finally spoken out on this subject. He notes that 'if the user doesn't control the keys, then it's a kind of shackle, and that would be true no matter what system it is.' He says, 'Microsoft demands that ARM computers sold for Windows 8 be set up so that the user cannot change the keys; in other words, turn it into restricted boot.' Stallman adds that 'this is not a security feature. This is abuse of the users. I think it ought to be illegal.'" -
Richard Stallman Speaks About UEFI
An anonymous reader writes "Despite weaknesses in the Linux-hostile 'secure boot' mechanism, both Fedora and Ubuntu decided to facilitate it, by essentially adopting two different approaches. Richard Stallman has finally spoken out on this subject. He notes that 'if the user doesn't control the keys, then it's a kind of shackle, and that would be true no matter what system it is.' He says, 'Microsoft demands that ARM computers sold for Windows 8 be set up so that the user cannot change the keys; in other words, turn it into restricted boot.' Stallman adds that 'this is not a security feature. This is abuse of the users. I think it ought to be illegal.'" -
Open Compute Project Driving Open-Source Hardware Development
The Open Compute Project was launched by Facebook early last year to facilitate collaborative development of highly-efficient computing infrastructure. They wanted to make datacenters cheaper and less energy-intensive to operate. Since then, many industry heavyweights have joined up, and the effects of the project are becoming evident in how companies buy hardware. "Instead of the traditional scenario in which the company’s buying decisions are determined by what the Original Equipment Manufacturers (OEM) such as Dell, HP, and IBM are offering, open sourcing hardware give companies the ability to buy the exact hardware they want. Businesses are increasingly more curious about open source, and many of them are already deploying open source tools and the cloud, [Dell's Joseph George said]. They are increasingly looking at open source software as viable alternatives to commercial options. This level of exploration is moving to the infrastructure layer. 'Driving standards is what open source is about,' George added. With specifications at hand, it is possible to manufacture server and storage components that deliver consistent results regardless of who’s in charge of production. -
Canadian Supreme Court Entrenches Tech Neutrality In Copyright Law
An anonymous reader writes "Last week, a Canadian Supreme Court decision attracted attention for reduced copyright fees for music and video. Michael Geist has a detailed analysis that concludes there are two bigger, long term effects. First, Canada has effectively now adopted fair use. Second, the Supreme Court has made technological neutrality a foundational principle of Canadian copyright. The technological neutrality principle could have an enormous long-term impact on Canadian copyright, posing a threat to some copyright collective tariff proposals and to the newly enacted digital lock rules." -
EU Investigating Microsoft Over IE Bundling Again
vu1986 writes, quoting GigaOm: "Microsoft has confessed to violating its browser choice agreement with European antitrust regulators, after they opened up a fresh investigation into the company's behavior. This is a big deal, not least because it means the company could now face a fine of up to 10 percent of its annual turnover — $7 billion at last count." Microsoft agreed in 2009 to inform users they could install other browsers. They did, mostly, but Windows 7SP1 users didn't get the software update. Microsoft is claiming it was just a software bug, and have taken actions to fix it. -
Rob CmdrTaco Malda AMA On Reddit
TheNextCorner writes with news on where CmdrTaco has been hiding. Quoting Malda's IamA blurb over at that Reddit thing: "In 1997 I started Slashdot.org. For several years, we pioneered news aggregation and on-line communities while exploring our niche of the 'net under the slogan, 'News for Nerds, Stuff that Matters.' Our work was later expanded upon at countless other more successful sites including Reddit and the Huffington Post. I left Slashdot last year, took a long time off, and then started work at the Washington Post Co's WaPo Labs their digital media R&D skunkworks group. I work as their Chief Strategist and Editor-at-Large, contributing what I can to a variety of projects ranging from their Social Reader, to some projects under development. From here I am able to continue to explore my interests in news, journalism, technology, and communities. ... I'll hopefully be answering from 2pm-5pm ET" -
China Third Country To Be Hit By 'Brown Tide'
ananyo writes "The species of alga that causes 'brown tides' in the United States and South Africa is also to blame for massive blooms along China's east coast on the Bohai Sea, researchers have found. The finding could be the first step to tackling the problem. It is the fourth consecutive year the country has been hit by the bloom (Slashdot's story on the 2010 bloom), with the situation worsening each time the bloom returns." -
China Third Country To Be Hit By 'Brown Tide'
ananyo writes "The species of alga that causes 'brown tides' in the United States and South Africa is also to blame for massive blooms along China's east coast on the Bohai Sea, researchers have found. The finding could be the first step to tackling the problem. It is the fourth consecutive year the country has been hit by the bloom (Slashdot's story on the 2010 bloom), with the situation worsening each time the bloom returns." -
Why We Should Remain Skeptical of the Ouya Android Console
An anonymous reader writes "We recently talked about the 'Ouya' console — a conceptual Android-based gaming device that's had a massively successful Kickstarter campaign. While most people are excited about such a non-traditional console, editorials at 1Up and Eurogamer have expressed some more realistic skepticism about the claims being made and the company's ability to meet those claims. Quoting: 'Even if we set aside the issue of install base, one of Ouya's selling points could make developers wary of investing in it. Through the pitch video and on the Kickstarter page, Ouya emphasizes the ability to root the system and hack it without fear of voiding the warranty. With a standard USB port and Bluetooth support, it will be possible to use controllers and peripherals with it other than the one it comes with. What this also opens the door for is piracy and emulation. No doubt a chunk of the audience interested in Ouya are those intrigued by the idea of having a box that hooks up to a TV and can run Super Nintendo or Genesis emulators. Others will look at the system's open nature as an invitation to play its games for free; if it's as open as advertised, it should not be difficult to obtain and run illegally downloaded copies of Ouya games.' Ouya CEO Julia Uhrman has responded to the skepticism, saying, 'Ouya will be just as secure as any other Android-powered device. In fact, because all the paid content will require authentication with Ouya's servers, we have an added layer of security. Hacking and openness are about getting what you want to do with the hardware. Rooting the device won't give you any more access to the software.'" -
Book Review: Drupal 7 Multi Sites Configuration
Michael Ross writes "All the leading content management systems (CMSs), including Drupal, use a combination of source code, in files, and user/configuration data, in a database. There may be some mixing of the two types of components — such as configuration settings stored in small files, or JavaScript code stored in the database — but most CMS-based websites generally employ this separation. One significant benefit is that updates to the non-custom code (the CMS's "core") can be easily made without overwriting user data or custom configuration settings. However, each website has its own copy of the core code, even if the websites reside on the same server — which wastes disk space and wastes developer time when all of those instances of core need to be updated. Thus there is growing interest in running multiple websites on a single core instance, despite the dearth of documentation for how to do so. For those in the Drupal world, one resource is a new book by Matt Butcher, Drupal 7 Multi Sites Configuration." Read below for the rest of Michael's review. Drupal 7 Multi Sites Configuration author Matt Butcher pages 100 pages publisher Packt Publishing rating 8/10 reviewer Michael J. Ross ISBN 978-1849518000 summary A tutorial on how to run multiple Drupal 7 web sites from a single installation. Released on 26 March 2012 by Packt Publishing under the ISBN 978-1849518000, the book spans 100 pages, organized into five chapters. For developers familiar with the subject — particularly those who have read the (few) articles that cover Drupal multisite — it may seem inconceivable that such a subject could fill an entire book. Yet for the countless Drupal developers and administrators who have encountered critical problems in implementing the advice proffered in the aforesaid articles, a definitive book could be invaluable. Even a brief perusal of the book's table of contents will show that there are more topics to be covered than one might have imagined. This review is based upon a print copy of the book kindly provided by the publisher. An electronic edition is available as well. More details can be found on the publisher's page, where visitors will find an overview, a table of contents, a brief author biography, and links for purchasing the print and electronic versions of the book.
In the first chapter, the author presents the fundamental ideas and many benefits of basing multiple Drupal websites on a single code base, known as "multi-site hosting." He discusses the most common configuration options, and then focuses on the one used throughout the book, namely, Drupal's built-in multi-site capability. One thinks of Drupal (and any other PHP applications) as running on top of the web server layer (typically Apache); so readers will likely be confused by the statement that virtual hosting "is a layer higher than Drupal's multi-site feature" (page 8). Aside from that, the discussion is straightforward.
The second half of the chapter provides detailed instructions on two methods for setting up a server for multi-site usage. The first method utilizes virtualization, specifically VirtualBox and Vagrant, which supposedly are ideal for spinning up disposable websites. However, the instructions for "Installing our tailored Vagrant project" quickly become problematic: The MultiSite Drupal Vagrant Profile directs the user to perform a git clone command, and then "cd multisite_drupal_vagrant_profile," which works fine, as that directory exists. But the next step, on page 15 of the book, calls for the reader to cd into "multisite_vagrant," which does not exist. Was the aforesaid directory intended? Apparently so, as otherwise the third command, "vagrant up," fails. Windows users, at the very least, may find these steps and those that follow to be quite perplexing. In my case, both VirtualBox and Vagrant initially appeared to fail installation; yet upon trying them again, they were apparently running. But certain operations discussed in the book, were never executed. I slogged my way through numerous cryptic error messages, and eventually gave up. Any other reader who experiences anything similar may also chuckle at the author's claim that "This made it easy to get an entire server environment configured and running without dealing with the nuances of configuration" (page 17). The second method presented for setting up a multi-site environment is to manually configure Apache and MySQL. Even though this approach is probably what most readers will settle upon, it is sadly given a backseat to Vagrant.
In the second chapter, "Installing Drupal for Multi-site," the author explains how to perform the standard Drupal 7 installation, but for three example instances. For those readers unable to get the Vagrant method working fully, or who for some other reason choose not to use it, the author's frequent references to Vagrant will likely be increasingly annoying. Fortunately, it tapers off about halfway through the chapter, as the author explicates the details of multi-site configuration, concluding with some tips on where the reader can find assistance if she encounters any difficulties during an install. The only flaw is, on page 41, where the author states that "the lines that typically need changing are highlighted," but none of them are.
The complexities of sharing configuration settings among multiple websites, compose the first topic addressed in the third chapter. All of the technical information appears to be sound, except for the advice on page 46 to add the line "global $conf;" in the shared settings PHP file, which is included in the site-specific settings files. A "global" keyword would only be needed if the line setting the array value $conf['site_slogan'] were inside a function, in which case the variable $conf would have only local scope without the keyword. The PHP documentation on variable scope notes that, for a (non-global) variable, its "scope spans included and required files as well." (I confirmed this with a quick test, in which a shared settings file changed the slogans of two different websites.) The author then explains how to share modules and themes among multiple websites, or keep them separate. The chapter concludes with information on how subthemes in separate Drupal 7 instances can use a single base theme.
The fourth chapter, "Updating Multi-site Drupal," focuses on the administration of multiple websites sharing Drupal code. Readers will learn of the numerous pitfalls that can catch the unwary (or at least the inexact). The fifth and final chapter, "Advanced Multi-sites," continues the discussion of other factors that can complicate and undermine working off a single Drupal code base: favicons in themes, robots.txt files, shared authentication, shared content, and other topics that one may never encounter if only working with simple websites — but could be critical otherwise. The only readily apparent flaw is his referring to the project at http://drupal.org/project/virtual_site as "the Virtual Site module" (page 80), when in fact it is the Virtual Sites module — not be confused with the actual Virtual Site module.
Unlike most Packt Publishing books, this one contains relatively few errata: "served [a] few" (on the first "About the Reviewers" page), "start its" (page 17; should read "start it"), "Drupal looks for, for site configuration" (page 30), "trouble shooting" (42), and a missing ")" in the first sentence on page 67. Scattered throughout the book are several instances of title case used inappropriately when referring to generic concepts that are not proper names, e.g., "Version Control System" (page 10). Fortunately, all of these flaws are quite minor, and should have been caught by the publisher's production team.
Some of the narrative is a bit redundant, such as a question being asked at the end of one section, only to be repeated at the beginning of the next section, sometimes more than once. The (unneeded) chapter summaries add to the repetition, as do the introductory paragraphs of each chapter, many of which merely tell the reader what she just read in the previous chapter. Yet the author's narrative style is generally clear and easy to understand.
The main problem with this book is the VirtualBox and Vagrant pair — specifically, the (unjustified) heavy emphasis upon them, and the spotty instructions for configuring them, which could easily confuse and discourage readers. The information is mostly confined to the first two chapters, yet all of it should have been left out, or consolidated and relegated to an appendix — especially as most readers would not use Vagrant for their development environments, and probably no one would use it for a live production environment.
But for anyone interested in setting up multiple Drupal-based websites that share a single code base, these blemishes are of little consequence. Although modest in size, Drupal 7 Multi Sites Configuration provides the most thorough coverage to date of this worthwhile yet oft-neglected subject.
Michael J. Ross is a freelance web developer and writer.
You can purchase Drupal 7 Multi Sites Configuration from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Book Review: Drupal 7 Multi Sites Configuration
Michael Ross writes "All the leading content management systems (CMSs), including Drupal, use a combination of source code, in files, and user/configuration data, in a database. There may be some mixing of the two types of components — such as configuration settings stored in small files, or JavaScript code stored in the database — but most CMS-based websites generally employ this separation. One significant benefit is that updates to the non-custom code (the CMS's "core") can be easily made without overwriting user data or custom configuration settings. However, each website has its own copy of the core code, even if the websites reside on the same server — which wastes disk space and wastes developer time when all of those instances of core need to be updated. Thus there is growing interest in running multiple websites on a single core instance, despite the dearth of documentation for how to do so. For those in the Drupal world, one resource is a new book by Matt Butcher, Drupal 7 Multi Sites Configuration." Read below for the rest of Michael's review. Drupal 7 Multi Sites Configuration author Matt Butcher pages 100 pages publisher Packt Publishing rating 8/10 reviewer Michael J. Ross ISBN 978-1849518000 summary A tutorial on how to run multiple Drupal 7 web sites from a single installation. Released on 26 March 2012 by Packt Publishing under the ISBN 978-1849518000, the book spans 100 pages, organized into five chapters. For developers familiar with the subject — particularly those who have read the (few) articles that cover Drupal multisite — it may seem inconceivable that such a subject could fill an entire book. Yet for the countless Drupal developers and administrators who have encountered critical problems in implementing the advice proffered in the aforesaid articles, a definitive book could be invaluable. Even a brief perusal of the book's table of contents will show that there are more topics to be covered than one might have imagined. This review is based upon a print copy of the book kindly provided by the publisher. An electronic edition is available as well. More details can be found on the publisher's page, where visitors will find an overview, a table of contents, a brief author biography, and links for purchasing the print and electronic versions of the book.
In the first chapter, the author presents the fundamental ideas and many benefits of basing multiple Drupal websites on a single code base, known as "multi-site hosting." He discusses the most common configuration options, and then focuses on the one used throughout the book, namely, Drupal's built-in multi-site capability. One thinks of Drupal (and any other PHP applications) as running on top of the web server layer (typically Apache); so readers will likely be confused by the statement that virtual hosting "is a layer higher than Drupal's multi-site feature" (page 8). Aside from that, the discussion is straightforward.
The second half of the chapter provides detailed instructions on two methods for setting up a server for multi-site usage. The first method utilizes virtualization, specifically VirtualBox and Vagrant, which supposedly are ideal for spinning up disposable websites. However, the instructions for "Installing our tailored Vagrant project" quickly become problematic: The MultiSite Drupal Vagrant Profile directs the user to perform a git clone command, and then "cd multisite_drupal_vagrant_profile," which works fine, as that directory exists. But the next step, on page 15 of the book, calls for the reader to cd into "multisite_vagrant," which does not exist. Was the aforesaid directory intended? Apparently so, as otherwise the third command, "vagrant up," fails. Windows users, at the very least, may find these steps and those that follow to be quite perplexing. In my case, both VirtualBox and Vagrant initially appeared to fail installation; yet upon trying them again, they were apparently running. But certain operations discussed in the book, were never executed. I slogged my way through numerous cryptic error messages, and eventually gave up. Any other reader who experiences anything similar may also chuckle at the author's claim that "This made it easy to get an entire server environment configured and running without dealing with the nuances of configuration" (page 17). The second method presented for setting up a multi-site environment is to manually configure Apache and MySQL. Even though this approach is probably what most readers will settle upon, it is sadly given a backseat to Vagrant.
In the second chapter, "Installing Drupal for Multi-site," the author explains how to perform the standard Drupal 7 installation, but for three example instances. For those readers unable to get the Vagrant method working fully, or who for some other reason choose not to use it, the author's frequent references to Vagrant will likely be increasingly annoying. Fortunately, it tapers off about halfway through the chapter, as the author explicates the details of multi-site configuration, concluding with some tips on where the reader can find assistance if she encounters any difficulties during an install. The only flaw is, on page 41, where the author states that "the lines that typically need changing are highlighted," but none of them are.
The complexities of sharing configuration settings among multiple websites, compose the first topic addressed in the third chapter. All of the technical information appears to be sound, except for the advice on page 46 to add the line "global $conf;" in the shared settings PHP file, which is included in the site-specific settings files. A "global" keyword would only be needed if the line setting the array value $conf['site_slogan'] were inside a function, in which case the variable $conf would have only local scope without the keyword. The PHP documentation on variable scope notes that, for a (non-global) variable, its "scope spans included and required files as well." (I confirmed this with a quick test, in which a shared settings file changed the slogans of two different websites.) The author then explains how to share modules and themes among multiple websites, or keep them separate. The chapter concludes with information on how subthemes in separate Drupal 7 instances can use a single base theme.
The fourth chapter, "Updating Multi-site Drupal," focuses on the administration of multiple websites sharing Drupal code. Readers will learn of the numerous pitfalls that can catch the unwary (or at least the inexact). The fifth and final chapter, "Advanced Multi-sites," continues the discussion of other factors that can complicate and undermine working off a single Drupal code base: favicons in themes, robots.txt files, shared authentication, shared content, and other topics that one may never encounter if only working with simple websites — but could be critical otherwise. The only readily apparent flaw is his referring to the project at http://drupal.org/project/virtual_site as "the Virtual Site module" (page 80), when in fact it is the Virtual Sites module — not be confused with the actual Virtual Site module.
Unlike most Packt Publishing books, this one contains relatively few errata: "served [a] few" (on the first "About the Reviewers" page), "start its" (page 17; should read "start it"), "Drupal looks for, for site configuration" (page 30), "trouble shooting" (42), and a missing ")" in the first sentence on page 67. Scattered throughout the book are several instances of title case used inappropriately when referring to generic concepts that are not proper names, e.g., "Version Control System" (page 10). Fortunately, all of these flaws are quite minor, and should have been caught by the publisher's production team.
Some of the narrative is a bit redundant, such as a question being asked at the end of one section, only to be repeated at the beginning of the next section, sometimes more than once. The (unneeded) chapter summaries add to the repetition, as do the introductory paragraphs of each chapter, many of which merely tell the reader what she just read in the previous chapter. Yet the author's narrative style is generally clear and easy to understand.
The main problem with this book is the VirtualBox and Vagrant pair — specifically, the (unjustified) heavy emphasis upon them, and the spotty instructions for configuring them, which could easily confuse and discourage readers. The information is mostly confined to the first two chapters, yet all of it should have been left out, or consolidated and relegated to an appendix — especially as most readers would not use Vagrant for their development environments, and probably no one would use it for a live production environment.
But for anyone interested in setting up multiple Drupal-based websites that share a single code base, these blemishes are of little consequence. Although modest in size, Drupal 7 Multi Sites Configuration provides the most thorough coverage to date of this worthwhile yet oft-neglected subject.
Michael J. Ross is a freelance web developer and writer.
You can purchase Drupal 7 Multi Sites Configuration from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Hollywood Acts Warily At Comic-Con
gollum123 writes "Peter Jackson wowed the crowd with 13 minutes of highly anticipated footage from the first of his two ultra-expensive Hobbit movies. But he also played it safe — very safe — by not so much as mentioning, much less demonstrating, the filmmaking wizardry at the heart of the project. That left big questions about the movie industry's future unanswered and added to a theme of this year's Comic-Con: Hollywood has come to fear this place. Mr. Jackson is shooting his two Hobbit movies, the first of which is to arrive in theaters in December, at an unusually fast 48 frames a second, twice the standard rate. But an estimated 6,500 fans did not have that experience when they gathered in Comic-Con's cavernous Hall H moments earlier to see the new footage. Still, Mr. Jackson, one of Hollywood's boldest directors, made the unexpectedly timid decision to present The Hobbit: An Unexpected Journey in a standard format here — it was not even in 3-D — because he feared an online outcry that could hurt box-office results." -
SQL Vs. NoSQL: Which Is Better?
Nerval's Lobster writes "For the past 40-some years, relational databases have ruled the data world. Relational models first appeared in the early 1970s thanks to the research of computer science pioneers such as E.F. Codd. Early versions of SQL-like languages were also developed in the early 70s, with modern SQL appearing in the late 1970s, and becoming popular by the mid-1980s. For the past couple of years, the Internets have been filled with heated arguments regarding SQL vs NoSQL. But is the fight even legitimate? NoSQL databases have grown up a bit (and some, such as Google's BigTable, are now mature) and prove themselves worthy. And yet the fight continues. Tech writer (and programmer) Jeff Cogswell examines both sides from a programming perspective." -
Yahoo! Closes Security Hole That Led To Breach
An anonymous reader writes "Yahoo! has patched the security hole that allowed hackers to access some 450,000 email addresses and passwords associated with Yahoo! Contributor Network and ultimately publish them last week. In the meantime, the group responsible for the hack of the official forum site of technology company NVIDIA has also dumped some user 800 records taken during the breach." -
NBC Purchases MSNBC Rights From Microsoft
flatt writes "Ending a sixteen year partnership between the now Comcast-owned NBCUniversal and Microsoft, the MSNBC.com website has been immediately renamed to NBCNews.com. Both parties note that the integration between both parties is deep and will require 2 years to complete the decoupling. For the immediate future, NBC will continue to provide news content for MSN.com and Microsoft will continue to be the advertising provider for the site. Content control, brand confusion, and partisan content are cited as reasons behind the breakup. Microsoft sold its 50% share in the MSNBC TV rights to NBC back in 2005." -
NBC Purchases MSNBC Rights From Microsoft
flatt writes "Ending a sixteen year partnership between the now Comcast-owned NBCUniversal and Microsoft, the MSNBC.com website has been immediately renamed to NBCNews.com. Both parties note that the integration between both parties is deep and will require 2 years to complete the decoupling. For the immediate future, NBC will continue to provide news content for MSN.com and Microsoft will continue to be the advertising provider for the site. Content control, brand confusion, and partisan content are cited as reasons behind the breakup. Microsoft sold its 50% share in the MSNBC TV rights to NBC back in 2005." -
Report from HOPE: Cryptocat And Encryption in the Cloud
In a world increasingly dominated by the cloud, privacy is often sacrificed for convenience. Imagine a world where you could use cloud services without allowing the provider to read your data. Author of Cryptocat (a browser-based secure chat system) Nadim Kobeissi shared the problems he faced developing Cryptocat, his solutions, and future of client-side cryptography. Read on for more.
Update: 07/18 03:48 GMT by U L : Slides (PDF) from and video of the talk are now online.
Despite giving workshops on Off- the-Record messaging to Middle Eastern Activists, Kobeissi found that adoption was low because of the complexity of installing new chat software, plugins, generating keys, verifying your friends, etc. Especially when the person on the other end had not been taught how to use OTR. At the end of the talk he gave some reasons why North American users may find it easier: we develop this software and export it so we have a community of developers available for support, whereas in the Middle East this is foreign software lacking context.
Since he was interested in client-side cryptography and there was a clear problem getting people to securely communicate, he set out to experiment with the former while solving the latter. He identified several problems thwarting success:
- Code delivery is insecure (will it be intercepted and modified? Can you trust the original server?). Compounding this, code in browsers is ephemeral, making it nigh impossible to trust.
- The JavaScript random number generator, while fine for most uses, is not good enough for encryption (its only seed is the current time, making it vulnerable to attack).
- There are no standardized primitives for working with cryptography algorithms in JavaScript, and libraries available at the time were not very good.
- Browser sandboxing was often incomplete and exploitable (a situation which has improved, but new bugs are still occasionally found). If the sandbox breaks, all bets are off.
To each problem there is a solution. For code delivery, Chrome apps proved ideal. There are interesting client side security features, bundles can be signed, sandboxing is effective (aside from the occasional convoluted exploit), and you only have to verify the source once. For encryption, he developed his own implementation of the Fortuna CSPRNG and several cryptography primitives in JavaScript, using keypress timing, mouse movement, window position, etc. for entropy (on mobile devices, the accelerometer has proven useful). Chrome later added their own implementation (which has access to the system entropy source) with Firefox support coming soon.
But where to go from here?
We need an API for transparent encryption: it should be as enforceable and easy as https. We need a full crypto toolkit in the browser, protected key storage (the author suggested protected JavaScript variables), OpenSSL compatibility (certificate formats, not the horrendous C API). And we need secure communications usable by mere mortals.
The W3C formed a web cryptography working group six months ago, with a specification due in 18 months.
Working with the Guardian project, the Cryptocat developers hope to introduce AweSoMe (always secure messaging), which aims to build a suite of utilities for easy and secure messaging (guaranteed message delivery, verifiable end-to-end encryption, and control over logging).
Development of Cryptocat2 is in progress, using XMPP rather than their experimental protocol, and mpOTR which extends OTR with group chat features and newer ciphers. The specification is half complete, and contributions were encouraged.
Although secure chat for the masses is being worked on, there is still much work to be done on securely storing data in the cloud. Luckily, the lessons learned developing Cryptocat will apply to future projects.
-
Report from HOPE: Cryptocat And Encryption in the Cloud
In a world increasingly dominated by the cloud, privacy is often sacrificed for convenience. Imagine a world where you could use cloud services without allowing the provider to read your data. Author of Cryptocat (a browser-based secure chat system) Nadim Kobeissi shared the problems he faced developing Cryptocat, his solutions, and future of client-side cryptography. Read on for more.
Update: 07/18 03:48 GMT by U L : Slides (PDF) from and video of the talk are now online.
Despite giving workshops on Off- the-Record messaging to Middle Eastern Activists, Kobeissi found that adoption was low because of the complexity of installing new chat software, plugins, generating keys, verifying your friends, etc. Especially when the person on the other end had not been taught how to use OTR. At the end of the talk he gave some reasons why North American users may find it easier: we develop this software and export it so we have a community of developers available for support, whereas in the Middle East this is foreign software lacking context.
Since he was interested in client-side cryptography and there was a clear problem getting people to securely communicate, he set out to experiment with the former while solving the latter. He identified several problems thwarting success:
- Code delivery is insecure (will it be intercepted and modified? Can you trust the original server?). Compounding this, code in browsers is ephemeral, making it nigh impossible to trust.
- The JavaScript random number generator, while fine for most uses, is not good enough for encryption (its only seed is the current time, making it vulnerable to attack).
- There are no standardized primitives for working with cryptography algorithms in JavaScript, and libraries available at the time were not very good.
- Browser sandboxing was often incomplete and exploitable (a situation which has improved, but new bugs are still occasionally found). If the sandbox breaks, all bets are off.
To each problem there is a solution. For code delivery, Chrome apps proved ideal. There are interesting client side security features, bundles can be signed, sandboxing is effective (aside from the occasional convoluted exploit), and you only have to verify the source once. For encryption, he developed his own implementation of the Fortuna CSPRNG and several cryptography primitives in JavaScript, using keypress timing, mouse movement, window position, etc. for entropy (on mobile devices, the accelerometer has proven useful). Chrome later added their own implementation (which has access to the system entropy source) with Firefox support coming soon.
But where to go from here?
We need an API for transparent encryption: it should be as enforceable and easy as https. We need a full crypto toolkit in the browser, protected key storage (the author suggested protected JavaScript variables), OpenSSL compatibility (certificate formats, not the horrendous C API). And we need secure communications usable by mere mortals.
The W3C formed a web cryptography working group six months ago, with a specification due in 18 months.
Working with the Guardian project, the Cryptocat developers hope to introduce AweSoMe (always secure messaging), which aims to build a suite of utilities for easy and secure messaging (guaranteed message delivery, verifiable end-to-end encryption, and control over logging).
Development of Cryptocat2 is in progress, using XMPP rather than their experimental protocol, and mpOTR which extends OTR with group chat features and newer ciphers. The specification is half complete, and contributions were encouraged.
Although secure chat for the masses is being worked on, there is still much work to be done on securely storing data in the cloud. Luckily, the lessons learned developing Cryptocat will apply to future projects.
-
When Art, Apple and the Secret Service Collide
theodp writes "Last July, Slashdot reported on Kyle McDonald, the artist who had the Secret Service raid his home at the behest of Apple, who was miffed with Kyle's surreptitious capture of people's expressions as they stared at computers in Apple Stores. A year later, Wired is running McDonald's first-person account of the preparation for and fallout from his People Staring at Computers project. 'I really wasn't expecting the Secret Service,' McDonald begins. 'Maybe an email, or a phone call from Apple. Instead, my first indication that something was "wrong" was a real-life visit from the organization best known for protecting the President of the United States of America.'" -
Cell Phones: Tracking Devices That Happen To Make Calls
An anonymous reader writes "An article in the NY Times argues that the devices we call 'cell phones' should instead be called 'trackers.' It would help remind the average user that whole industries have sprung up around the mining and selling of their personal data — not to mention the huge amount of data requested by governments. Law professor Eben Moglen goes a step further, saying our cell phones are effectively robots that use us for mobility. 'They see everything, they're aware of our position, our relationship to other human beings and other robots, they mediate an information stream around us.' It's interesting to see such a mainstream publication focus on privacy like this; the authors say that since an objects name influences how people think about the object, renaming 'cell phones' could be an simple way to raise privacy awareness." -
Valve Continues Recruiting Top Linux Talent
An anonymous reader writes "Valve Software, in their Linux Steam / Source Engine effort, plus the rumored Steam Box, is continuing to hire top Linux developers. So far they have poached the lead developers of the DarkPlaces open-source engine used by Nexuiz/Xonotic, the founder of Battle for Wesnoth, and just yesterday they hired Sam latinga, creator of Simple DirectMedia Layer. According to Michael Larabel, they are still trying to hire more Linux kernel developers, driver experts, and other 'extremely talented Linux developers.'" -
RMS Responds To NPR File-Sharer's Blog
New submitter UtucXul points out that Richard Stallman has penned a lengthy response to NPR intern Emily White for her post on the organization's site about how she failed to pay for a significant amount of recorded music, acquiring it instead through Kazaa, friends, and CDs owned by the radio station at which she was employed. (We previously discussed musician David Lowery's response; quite different from RMS's, as you might expect.) Stallman wrote, "Copying and sharing recordings was not a mistake, let alone wrong, because sharing is good. It's good to share musical recordings with friends and family; it's good for a radio station to share recordings with the staff, and it's good when strangers share through peer-to-peer networks. The wrong is in the repressive laws that try to block or punish sharing. Sharing ought to be legalized; in the mean time, please do not act ashamed of having shared — that would validate those repressive laws that claim that it is wrong. You did make a mistake when you chose Kazaa as the method of sharing. Kazaa mistreated you (and all its users) by requiring you to run a non-free program on your computer. ... However, that was in the past. It's more important to consider what you're doing now, which includes other mistakes. You're not alone — many others make them too, and that adds up to a big problem for society. The root mistake is treating a marketing buzzword, 'the cloud,' as if it meant something concrete. That term refers to so many things (different ways of using the Internet) that it really has no meaning at all. Marketing uses that term to lead people's attention away from the important questions about any given use of the network, such as, 'What companies would I depend on if I did this, and how? What trouble could they cause me, if they wanted to shaft me, or simply thought that a change in policies would gain them more money?'" -
Why Is Wikipedia So Ugly?
Hugh Pickens writes "Megan Garber writes in the Atlantic that aesthetically, Wikipedia is remarkably unattractive. 'The gridded layout! The disregard for mind-calming images! The vaguely Geocities-esque environment! Whether it's ironic or fitting, it is undeniable: The Sum of All Human Knowledge, when actually summed up, is pretty ugly.' But Wikipedians consider the site's homeliness as a feature rather than a bug. 'Wikipedia has always been kind of a homely, awkward, handcrafted-looking site,' says Sue Gardner, executive director of the Wikimedia Foundation, adding that the homeliness 'is part of its awkward charm.' Facebook, Twitter, and Tumblr have built followings in part because of their exceedingly simple interfaces. Everything about their design says, 'Come on, guys. Participate. It's easy,' while Wikipedia, so far, has been pretty much the opposite of that. 'The free encyclopedia that anyone can edit' might more properly be nicknamed 'the free encyclopedia that any geek can edit.' This is particularly problematic because one of the Wikimedia Foundation's broad strategic goals is to expand its base of editors. While the editing interface is friendly to the site's super-users who tend to be so committed to Wikipedia's mission that they're willing to do a lot to contribute to it, if Wikipedia wants to make itself more attractive to users, a superficial makeover may be just the thing Wikipedia needs to begin growing in a more meaningful way." -
Putting the Raspberry Pi Into Orbit
Jack Spine writes "The Raspberry Pi is likely to be blasted into space, according to project founder Eben Upton. The $35/$25 credit-card-sized single-board educational computer could be used in sounding rockets, satellites, and high altitude balloon tests, according to Upton. Raspberry Pi has proved wildly popular since its launch, with one developer planning to build into a model boat to sail it across the Atlantic." -
Putting the Raspberry Pi Into Orbit
Jack Spine writes "The Raspberry Pi is likely to be blasted into space, according to project founder Eben Upton. The $35/$25 credit-card-sized single-board educational computer could be used in sounding rockets, satellites, and high altitude balloon tests, according to Upton. Raspberry Pi has proved wildly popular since its launch, with one developer planning to build into a model boat to sail it across the Atlantic." -
Bas Lansdorp Answers Your Questions About Going to Mars
You asked questions of Bas Lansdorp, who's behind a project to send a quartet of astronauts to Mars — on a one-way trip. Lansdorp provides below his answers to inquiries about food, fuel, suicide, privacy, and more. So whether you're curious enough to put in for a Mars-bound ship or skeptical that this enterprise will get off the ground, read on. Participant Psychosis?
by eldavojohn
This question may boil down to cultural differences but I'm an American, fairly non-nomadic and I have a lot of cargo -- both mentally and physically. There are places of my youth that I may never return to and I currently sit a thousand miles away from. But I'm okay with this because if I flipped out one day I could just board a plane or road trip it back. I'm aware that settlers who came to the Americas faced similar issues but they were moving to a new land that was already inhabited by humans and had new places to offer them. Mars ain't the kind of place to raise your kids. In fact, it's cold as hell. I would surmise that someone would need to be legally insane to willingly go to a place without society, without parks, without schools, without culture, without even atmosphere, without children, without the elderly and without the prospect of seeing those things first hand again. Furthermore, should a sane person make such a decision I can see no perceivable way they would remain sane. Even if the person is nomadic or adventurous in nature, you will bring them to a new world and require four of them to remain cooped up in a thousand cubic meters.
Call it cabin fever, call it space madness, call it batshit insanity, call it whatever you want but aside from bombarding them with digital crap from Earth, how are you going to combat it? I know your ratings go up but what happens when all your reality television is 90% insane ramblings of home?
Bas Lansdorp: Will the astronauts go insane? The author of the question has answered a large part of this question in his own text. The key to success is a very careful selection procedure. The author 'has a lot of cargo -- both mentally and physically' — typically a person that will not be selected (and in this case would not even apply) for the position. However, the author should not forget that not everyone is alike. I'm quite sure that the author would not have applied for a position in the team of South Pole explorer Shackleton. This was the announcement:"Men wanted for hazardous journey, small wages, and bitter cold, long months of complete darkness, constant danger, safe return doubtful, honor and recognition in case of success."
Despite the ominous tone of the ad, the response was overwhelming.
Mars One will carefully select the crew for a number of skills and qualities. They will be people who have dreamt their whole life of going to Mars and in many case will have pursued careers that will increase the odds of being selected for this kind of mission. The selected team will be very smart, skilled, mentally stable and very healthy. They will go to Mars to live their dream.
On Mars, they will be busy. They will improve the habitat and extend it with new units sent from Earth and with local materials. They will do research — their own research but also gather data for the research of others (for example universities). And they will prepare the settlement for the second crew that lands two years after. Every two years a new crew will arrive, such that the settlement will slowly become a small village and a more attractive place to live for more and more people.
We have discussed our plan with experienced psychologists. One of Mars One's advisers is Norbert Kraft M.D., who has worked on astronaut selection at NASA and JAXA. He wrote an interesting article on this in the Huffington Post together with Prof. Dr. Raye Kass.
What are the entertainment options like?
by alen
If I move to mars for the rest of my life, what are the entertainment options? What am I supposed to do in my off time?
BL: The astronauts will have many things they can do on Mars. They can do most of the indoor activities that people can do on Earth: read, play games, write, paint, work out in the gym, watch TV, use the Internet, contact friends at home and so on. There will be some limitations because of the long distance between Earth and Mars, resulting in time delays: they will have to request the movies or news broadcasts they want to see in advance. So if an astronaut would like to watch the Super bowl, he (or she) could request it and it would be uploaded to the server on Mars. There will always be the time delay of at least three minutes, so the people on Mars would know who won a few minutes after the people on Earth.
Easy Internet access will be limited to their preferred sites that are constantly updated on the local Mars web server. Other websites will take between 6 and 45 minutes to appear on their screen - first 3-22 minutes for your click to reach Earth and then another 3-22 minutes for the website data to reach Mars. Contacting friends at home is possible by video, voice or text message (e-mail, whatsapp, sms), but a real time dialogue is not possible because of the time delay.
Suicide options?
by Anonymous Coward
Will the astronauts be supplied with the means to end their lives if they find themselves facing hopeless circumstances (e.g., slow life-support failure, debilitating depression)?
BL: The design of the Mars settlement will include a very high level of redundancy on all crucial systems like life support. The astronauts will have received extensive training in repairing any failure in the system, either with spare parts, or with parts harvested from other broken equipment.
Also, the astronauts will have been carefully selected by psychiatrists. In the early days of space flight astronauts received cyanide capsules. Our astronauts will not receive such pills. Mars One will select and train the crews to have the ability to respond adaptively to the challenges of unanticipated problems and to collaborate under highly stressful conditions.
Put your lives where your mouths are
by Lanfranc
I just have one very simple question: I understand that Mars One intend to send four people at a time to Mars. I also note that the Mars One team currently consists of four people. So are you and your three business partners willing to be the first group to go, and if not, why not?
BL: As explained in the first answer, crew selection will be the key to success for a Mars mission. The selected astronauts will be very smart, skilled, mentally stable, sociable and very healthy. It's unlikely that even one of us would live up to the high requirements, let alone that we would be the perfect team. Also, it is our goal to involve the whole world so the team should be international. The public selection process where the audience can influence who gets to go is a very important part of involving the world. The people on Mars are our eyes and ears: they will tell us what it is like to be on Mars. By asking help of the audience to select them, we make sure that they are people that humanity would like to be their reporters on life on Mars.
The astronauts that we send to Mars will be very smart people. They will understand every risk and will have ample time during their years of training to weigh the risks. They can always decide not to go.
In-Situ Fuel Production?
by Cap'nSmithers
Are you exploring any possibilities for creating fuel for a return trip while on Mars? There is at least one study for the possibility, most likely more. If you're planning on the trip being a one-way mission, why not at least experiment with the idea for future Mars missions? And if it works, you get a ride home, and you've made some pretty hefty contributions to space travel.
BL: Mars One is proposing a mission where humans settle on Mars for the rest of their lives. This eliminates the need for fuel production and the great power requirements, fuel storage capabilities and hardware equipment weight and volume that are associated with fuel production.
Producing the fuel is actually not the hardest part of returning humans to Earth. The hardest parts are the rocket that should launch them from the surface to Mars orbit and it's the Earth return vehicle with all the supplies that needs to take them from Mars orbit to Earth. Fuel production with elements present on Mars and in Mars-like conditions has already been demonstrated on Earth. There are several products that can be produced on Mars. We are very interested in techniques to build habitat extensions from Martian materials, build a power production system on Mars with local materials or a machine that can produce plastics. We believe that providing the astronauts with building blocks to improve their lives on Mars more important than demonstrating fuel production. However, fuel production is certainly interesting once the above technologies are available on Mars. Fuel for a manned return trip may not be required for a long time, but a sample return mission would also greatly benefit form fuel produced on Mars. Such a sample return mission would also build the experience to send future manned missions back to Earth.
Pioneers
by tmosley
It seems to me that a mission of this type which is meant to be permanent must by necessity focus on the production of those things which are necessary for survival on Mars. This means that your colonists, and they should be called colonists, will need to focus on the production of air, water, food, living space, and manufactured goods, in that order. Media spectacle or no, that is the order that things must take, prior to wasting time with research (wasting time in the hunter-gatherer sense).
I think that the only way you are going to be able to get your colonists to do what you want them to do will be to have them earn money with their scientific research/media nonsense such that it funds resupply missions.
That said, what is your business plan with regards to production of goods on Mars, and resupply missions?
BL: Local production of water, breathable air and food will be provided from the start. Water and breathable air will even be produced on Mars before the astronauts depart from Earth. (Please read here.)
Providing them with a way to produce habitable volume and energy with local materials is also high on our list, but these technologies are not 'off the shelf'. Mars One plans to send out a request for proposals to have these technologies developed. The poser of the question is absolutely correct: getting things up and running on Mars and survival are more crucial than research.
The astronauts will however have a keen interest in doing science on Mars. One of the crew might well be a biologist or a geologist. While the scientific research may not be high on the list of priorities, the media will be. This is a major source of revenues for the mission and the astronauts will obviously know this. They know that they are on Mars thanks to the public interest. The media revenues will be required to finance supply missions and new crews going to Mars.
Power Draw?
by eldavojohn
Exactly how do you plan on broadcasting reality TV of your mission? Mars seems like a difficult place to get energy. When people's lives are at risk in a mercilessly harsh environment, isn't it a bit selfish for us to be asking them to use their solar panels to send us video of their daily lives? I understand the need for communications but how do you plan on sending enough video and audio back from the teams to make a reality show?
Is the following statement morally reprehensible to you? "I know you've had a long day but we need someone to do a walk out to dust off the south solar panels because we're not getting enough power to transmit cameras five and six to monitor you while you sleep."
BL: Mars One plans to use solar panels for the Mars mission. Solar power is very reliable on Mars. The system will be designed to deliver enough power for essential systems in the settlement during a solar storm, yielding in a large surplus power when there is no storm (read more on that here). The data transmission system to the Mars orbiting satellite requires only a limited amount of power, which is included in the power budget for dust storm conditions. Our goal is to put humans on Mars, our business model is the media event around the humans mission. The media event is what makes it possible to finance the mission to Mars. The communications system design allows for 4 video + audio channels streaming full time from Mars to Earth. The astronauts know this and know that it will be part of their tasks on Mars - they are on Mars thanks to the public interest. If your moral question actually is "won't the reality TV be too intrusive?" please note that there won't be any camera's in their bedrooms, so there will be no energy wasted on transmitting video images of sleeping astronauts.
Environmental Questions
by Reality Master 101
I've always been of the opinion that once a private Mars mission gets close to becoming reality, scientists and the government will go in league to shut it down because of environmental contamination. The question of whether there is life on Mars is still open, and once you have a group setting up a settlement, the planet is potentially contaminated forever with Earth bacteria, which might even kill off native bacteria, if any.
My question is, are you concerned with the contamination question and do you think you might be prevented from going if scientists get the right politicians to listen? You sort-of have a FAQ question about this ("Will the mission be harmful to Mars' environment?"), but you don't really answer it.
BL: Mars One will discuss with the COSPAR panel of planetary protection and the COSPAR panel of exploration what measures need to be taken with respect to contamination of the Mars with Earth life forms. Prof. Dr. Pascale Ehrenfreund of the COSPAR panel of exploration is one of our advisers. From discussions with these two panels, Mars One will take the required actions.
Space for growing food?
by Mr. Theorem
Your FAQ, in the "sustainability" question, states: "The first four will also be carrying a device similar to a portable greenhouse, that will allow them to grow their own food."
If we take 2000 calories per day as a baseline human need, that's 730,000 calories per [Earth] year, or about 3 million calories per Earth year per four-person crew, and the total need will grow by 3 million calories per Earth year every two years as more missions arrive. The diet would need to be varied, both to guard against catastrophic crop failure and to provide an appropriate spectrum of nutrients, and a reasonable estimate (e.g. based on a combination of corn, beans, and squash) suggests that 1 acre on Earth can provide such 3 million calories. But Mars gets, on average, only about 44% of the insolation as Earth does, so the first-order estimate suggests you'd need about 2.3 acres per mission-load of astronauts to grow a subsistence diet. This presumes that radiation won't negatively impact the crops, that the yield throughout the Mars growing season scales comparable to the Earth's, that your soil is comparable to Earth's, and many more things. You'll also need enough additional carbon and water to make the non-edible parts of the plants and soil, and you'll need to make sure there exists a suitable microbial community to decompose crop waste and turn it back into a useable food-growing medium (i.e. compost).
I don't see in your concept drawing anything that approaches the size of land that would be needed to come anywhere close to such sustainable food production. Do you even have a back-of-the-envelope plan for sustainable food production, or is the bulk of the astronauts' calories going to need to come in perpetuity from the Earth?
BL: Food from Earth will only serve as emergency rations, the astronauts will eat fresh food that they produce on Mars. Mars One will make use of high efficient plant growing methods that require much less space (e.g. www.plantlab.nl). Food production will be hydroponic, eliminating the need for soil. Food production will happen indoor, lighted by LED lighting. By providing the plants with only the frequencies of light that they use most efficiently, power consumption is limited. Some of the plants will be grown in multiple levels on top of each other, limiting space requirements. In total there will be about 50 m2 available for plant growth. A thick layer of Martian soil on top of the inflatable habitat will protect the plans (and the astronauts) from radiation. CO2 for the plants is available from the Mars atmosphere and water is available through recycling and from the soil of Mars. Non-edible parts of the plants will be recycled, or will be stored until more advanced recycling equipment is shipped from Earth.
Funding sources
by Katatsumuri
Are you considering a mix of different funding sources, like Kickstarter, private donations / investors, government / corporate sponsorship? TV show alone may not be sufficient. Maybe accept free hardware / volunteer labor / services like rocket launches as donations, too?
On a related note, are you going to start the selection and training as soon as you have enough money for that first step? Or do you think it only makes sense if you have secured the funding for the actual trip? I personally think once this starts rolling, it will be easier to attract more funding.
BL: We are considering all the revenue possibilities that you mention. We do not expect to be offered free rocket launches, especially not of the quality that we need for our Mars missions. Mars One will make limited use of free hardware for use on Earth and volunteer labour that is offered to us. Already, people are helping us with improvements to our website and with translation of the subtitles of our YouTube movie.
We will start the selection and training of the astronauts long before collecting the complete funding for the trip. As you say, it will be easier to attract funding when there is more publicity around our plans, and more progress achieved. We intend to start with the selection process within one year, after the completion of the conceptual design studies by our suppliers.
Mars One plan to obtain the necessary funding
by AnotherBlackHat
No media spectacle in the history of the Earth has garnered 6 billion dollars. Why should we believe that your Mars landing would?
BL: Mars One is not just landing people on Mars, we are creating an adventure for everyone in the world to follow from 2013, when we start the astronaut selection, through 2022, when we depart to Mars, 2023 when the first crew lands to 2050 and beyond when there are dozens of people living and working on Mars. NBC recently paid $4.4 billion for the broadcasting rights for the Olympic games in the USA only, from 2014 until 2020. That's the Winter Olympics of 2014 and 2018 and the Summer Olympics of 2016 and 2020, a total of 12 weeks of entertainment. This number does not include other revenues like sponsorships. The Olympic games of 2006 (winter games) and 2008 (summer games) together created revenues of $5.450 billion
We have discussed the business case with various large parties in the media industry. They are without exception convinced of the revenue model. -
Apple Goes Back To EPEAT
An anonymous reader writes with a followup to news from last weekend that Apple had turned its back on the EPEAT hardware certification standard. After hearing criticism from customers, the media, and governmental organizations that Apple wasn't being environmentally friendly, the company's Hardware Engineering VP, Bob Mansfield, wrote today that its earlier decision was a mistake, and all of Apple's eligible products are back on EPEAT. (EPEAT welcomed Apple back with open arms.) Mansfield repeated an earlier statement from Apple that EPEAT does not measure all the ways in which the company's products are environmentally friendly. Mansfield said, "For example, Apple led the industry in removing harmful toxins such as brominated flame retardants (BFRs) and polyvinyl chloride (PVC). We are the only company to comprehensively report greenhouse gas emissions for every product we make, taking into account the entire product lifecycle. And we’ve removed plastics wherever possible, in favor of materials that are more highly recyclable, more durable, more efficient and longer lasting. Perhaps most importantly, we make the most energy-efficient computers in the world and our entire product line exceeds the stringent ENERGY STAR 5.2 government standard. No one else in our industry can make that claim." -
Apple Goes Back To EPEAT
An anonymous reader writes with a followup to news from last weekend that Apple had turned its back on the EPEAT hardware certification standard. After hearing criticism from customers, the media, and governmental organizations that Apple wasn't being environmentally friendly, the company's Hardware Engineering VP, Bob Mansfield, wrote today that its earlier decision was a mistake, and all of Apple's eligible products are back on EPEAT. (EPEAT welcomed Apple back with open arms.) Mansfield repeated an earlier statement from Apple that EPEAT does not measure all the ways in which the company's products are environmentally friendly. Mansfield said, "For example, Apple led the industry in removing harmful toxins such as brominated flame retardants (BFRs) and polyvinyl chloride (PVC). We are the only company to comprehensively report greenhouse gas emissions for every product we make, taking into account the entire product lifecycle. And we’ve removed plastics wherever possible, in favor of materials that are more highly recyclable, more durable, more efficient and longer lasting. Perhaps most importantly, we make the most energy-efficient computers in the world and our entire product line exceeds the stringent ENERGY STAR 5.2 government standard. No one else in our industry can make that claim." -
Ask Joseph Palaia About Building Lunar Machines and Living On Mars
Joseph Palaia is an entrepreneur, engineer and technologist who is working on creating the first permanent settlement on Mars. In 2009, he served as executive officer and chief engineer for a one-month simulated Mars mission at the Mars Society's Flashline Mars Arctic Research Station on Devon Island in the Canadian arctic. He has played an integral role in two commercial design studies of the first permanent Mars settlement. He is co-author of technical papers on the topics of Mars nuclear power plant design, Mars settlement architecture, space economics and the economics of energy on Mars. In addition to his work on inhabiting Mars, Joseph is also the Chief Operating Officer & Director of Earthrise Space, Inc. ESI is a research laboratory whose goal is to design, build, and operate spacecraft with the help of students. They are currently working on both a lunar lander and lunar rover for the Google Lunar X Prize. Joseph has agreed to take off his spacesuit and answer any of your questions about building moon machines with students, long-term survival in space, and all things Kuato related. Ask as many questions as you like, but please confine your questions to one per post. -
Ask Joseph Palaia About Building Lunar Machines and Living On Mars
Joseph Palaia is an entrepreneur, engineer and technologist who is working on creating the first permanent settlement on Mars. In 2009, he served as executive officer and chief engineer for a one-month simulated Mars mission at the Mars Society's Flashline Mars Arctic Research Station on Devon Island in the Canadian arctic. He has played an integral role in two commercial design studies of the first permanent Mars settlement. He is co-author of technical papers on the topics of Mars nuclear power plant design, Mars settlement architecture, space economics and the economics of energy on Mars. In addition to his work on inhabiting Mars, Joseph is also the Chief Operating Officer & Director of Earthrise Space, Inc. ESI is a research laboratory whose goal is to design, build, and operate spacecraft with the help of students. They are currently working on both a lunar lander and lunar rover for the Google Lunar X Prize. Joseph has agreed to take off his spacesuit and answer any of your questions about building moon machines with students, long-term survival in space, and all things Kuato related. Ask as many questions as you like, but please confine your questions to one per post. -
Facebook Scans Chats and Posts For Criminal Activity
An anonymous reader writes "Facebook has added sleuthing to its array of data-mining capabilities, scanning your posts and chats for criminal activity. If the social-networking giant detects suspicious behavior, it flags the content and determines if further steps, such as informing the police, are required. Reuters provides an example of how the software was used in March: 'A man in his early 30s was chatting about sex with a 13-year-old South Florida girl and planned to meet her after middle-school classes the next day. Facebook's extensive but little-discussed technology for scanning postings and chats for criminal activity automatically flagged the conversation for employees, who read it and quickly called police. Officers took control of the teenager's computer and arrested the man the next day.'" -
Digg.com Sold To Betaworks For $500,000
New submitter MyFirstNameIsPaul writes "The once popular social news website Digg.com, which received $45 million in funding, is being sold to to Betaworks for $500,000. From the article: 'Betaworks is acquiring the Digg brand, website, and technology, but not its employees. Digg will be folded into News.me, Betaworks' social news aggregator. This is not the outcome people expected for Digg. In 2008, Google was reportedly set to buy it for $200 million.'" Update: 07/13 12:26 GMT by S : Looks like real number is about $16 million. -
Interviews: Ask Physicist Giovanni Organtini About the Possible Higgs Boson Disc
Giovanni Organtini of Italy's National Institute of Nuclear Physics (well, Instituto Nazionale di Fisica Nucleare) has agreed to answer questions about the recent observations of a particle consistent with the Higgs Boson. Dr. Organtini is part of the CMS experiment at the Large Hadron Collider. He is careful to note that while the researchers "[believe] that this new particle, with a mass 125 times that of a proton, is the famous Higgs boson," they "need to study that new particle more deeply in the next months to be conclusive on that. Organtini likes free software (he's written Linux device drivers, too) and has his own physics-heavy YouTube channel, mostly in Italian. Please confine questions to one per post, but feel free to ask as many as you'd like. -
New York Experiments With Wi-Fi From Payphones
Payphones have been famously disappearing from public life; cell phones and other means of communication have made them ever less important in many contexts (and for most people). Some places, it's hard to find not only payphones, but usable wireless signal as well. Still, there are a lot of payphones left in the wild (though the enclosed kind seem to be disappearing faster than on-premises ones), and now there's a plan in New York City to extend payphones' useful life by outfitting them as public Wi-Fi hotspots, beginning with a 10-phone trial already underway. It's not the first such project; we mentioned a similar multi-city wi-phone deployment in Canada 10 years ago. And in Austin, I've spotted at least one payphone fitted out as a solar-powered charging station for cellphones; probably not enough to get much charge, but at least it lets users place an emergency call with a flagging or dead battery. Covering Manhattan and the other boroughs with overlapping free Wi-Fi nodes, though, is a different beast entirely. -
New York Experiments With Wi-Fi From Payphones
Payphones have been famously disappearing from public life; cell phones and other means of communication have made them ever less important in many contexts (and for most people). Some places, it's hard to find not only payphones, but usable wireless signal as well. Still, there are a lot of payphones left in the wild (though the enclosed kind seem to be disappearing faster than on-premises ones), and now there's a plan in New York City to extend payphones' useful life by outfitting them as public Wi-Fi hotspots, beginning with a 10-phone trial already underway. It's not the first such project; we mentioned a similar multi-city wi-phone deployment in Canada 10 years ago. And in Austin, I've spotted at least one payphone fitted out as a solar-powered charging station for cellphones; probably not enough to get much charge, but at least it lets users place an emergency call with a flagging or dead battery. Covering Manhattan and the other boroughs with overlapping free Wi-Fi nodes, though, is a different beast entirely. -
New York Experiments With Wi-Fi From Payphones
Payphones have been famously disappearing from public life; cell phones and other means of communication have made them ever less important in many contexts (and for most people). Some places, it's hard to find not only payphones, but usable wireless signal as well. Still, there are a lot of payphones left in the wild (though the enclosed kind seem to be disappearing faster than on-premises ones), and now there's a plan in New York City to extend payphones' useful life by outfitting them as public Wi-Fi hotspots, beginning with a 10-phone trial already underway. It's not the first such project; we mentioned a similar multi-city wi-phone deployment in Canada 10 years ago. And in Austin, I've spotted at least one payphone fitted out as a solar-powered charging station for cellphones; probably not enough to get much charge, but at least it lets users place an emergency call with a flagging or dead battery. Covering Manhattan and the other boroughs with overlapping free Wi-Fi nodes, though, is a different beast entirely. -
New York Experiments With Wi-Fi From Payphones
Payphones have been famously disappearing from public life; cell phones and other means of communication have made them ever less important in many contexts (and for most people). Some places, it's hard to find not only payphones, but usable wireless signal as well. Still, there are a lot of payphones left in the wild (though the enclosed kind seem to be disappearing faster than on-premises ones), and now there's a plan in New York City to extend payphones' useful life by outfitting them as public Wi-Fi hotspots, beginning with a 10-phone trial already underway. It's not the first such project; we mentioned a similar multi-city wi-phone deployment in Canada 10 years ago. And in Austin, I've spotted at least one payphone fitted out as a solar-powered charging station for cellphones; probably not enough to get much charge, but at least it lets users place an emergency call with a flagging or dead battery. Covering Manhattan and the other boroughs with overlapping free Wi-Fi nodes, though, is a different beast entirely. -
EU Commission: CETA 'Totally Different From ACTA'
itwbennett writes "Slashdot readers will remember the hullaballoo that arose yesterday over a leaked version of CETA containing key clauses that were 'nearly identical to ones found in ACTA.' Now the European Commission is saying you shouldn't believe every leak you see and that the 'language being negotiated on CETA regarding Internet is now totally different from ACTA.' Well, maybe with the exception of language that appears in both CETA and ACTA but didn't 'originate' in ACTA and therefore doesn't count." -
DHS Still Stonewalling On Body Scanning Ruling One Year Later
OverTheGeicoE writes "About a year ago, the District of Columbia Circuit Court of Appeals ruled on EPIC v. DHS, a lawsuit that sought to end TSA's use of body scanners. The Court found that DHS violated federal law by not seeking public comment before using body scanners as a primary search method. They ordered TSA to take public comment on its body scanning policy but did not require TSA to suspend its use of the scanners during the comment period. Several months later nothing had been done yet. One year later TSA has still done nothing, and even EPIC, the original plaintiff, seems to have given up. Others have apparently picked up the torch, however. Jim Harper, director of information policy studies at the libertarian think tank the Cato Institute, has posted a piece on Ars Technica about TSA's violation of the court order. He also started a petition on Whitehouse.gov asking TSA to comply with the order. An earlier petition ended with a non-response from TSA Administrator John Pistole. Will the latest petition fare any better, even in an election year?" -
DHS Still Stonewalling On Body Scanning Ruling One Year Later
OverTheGeicoE writes "About a year ago, the District of Columbia Circuit Court of Appeals ruled on EPIC v. DHS, a lawsuit that sought to end TSA's use of body scanners. The Court found that DHS violated federal law by not seeking public comment before using body scanners as a primary search method. They ordered TSA to take public comment on its body scanning policy but did not require TSA to suspend its use of the scanners during the comment period. Several months later nothing had been done yet. One year later TSA has still done nothing, and even EPIC, the original plaintiff, seems to have given up. Others have apparently picked up the torch, however. Jim Harper, director of information policy studies at the libertarian think tank the Cato Institute, has posted a piece on Ars Technica about TSA's violation of the court order. He also started a petition on Whitehouse.gov asking TSA to comply with the order. An earlier petition ended with a non-response from TSA Administrator John Pistole. Will the latest petition fare any better, even in an election year?" -
DirecTV Drops Viacom Channels
An anonymous reader writes "DirecTV has dropped all of Viacom's channels. This includes channels such as MTV, Comedy Central, and Nickelodeon. The drop is reported to be over a carrier fee dispute. It appears programming content can magically disappear from satellite, too, and not just from streaming services. Viacom said it was 'because contract talks with DirecTV had “reached an impasse.” DirecTV, in turn, said in a statement that it had offered Viacom “increased fees for their networks going forward; we just can’t afford the extreme increases they are asking for.”' I guess pirating and physical media is the only way to make sure the content we pay for doesn't disappear." -
CowboyNeal On Dota 2, Modern Games, and Software Development
CowboyNeal writes "Unless you don't care about PC gaming at all, by now you're aware of Valve's entry into the MOBA/ARTS genre, Dota 2. Despite still being in a closed beta, it's currently the number one game on Valve's Steam gaming service, and judging from Valve's earlier declaration regarding Steam on Linux, it's only a matter of time, even if that time be a year or more, before we see Dota 2 come to Linux as well as Mac. Valve has big plans for Dota 2, no less big than what happened with Team Fortress 2, even if it took them a few years to get to where Team Fortress 2 is today. What makes the current state of Dota 2 noteworthy, however, is that it has managed to displace Team Fortress 2 as Steam's most popular game, while still being tested in a closed beta." Read on for the rest of CowboyNeal's thoughts on games, and what it's like being a Slashdot poll option. The term "closed beta" here doesn't really directly apply, either. Starting already last summer, Valve invited sixteen Dota teams from around the world to compete in a Dota 2 tournament, which naturally, featured the then-current state of Dota 2. What's interesting to note is that while Dota 2 at that time didn't sport all of the available heroes from its Dota All-Stars ancestor, everyone involved felt comfortable enough with the game to stage a tournament. Even if the game was lacking dozens of heroes at the time, players from the professional Dota scene were able to adjust to Dota 2 quickly, given that Valve had successfully recreated the nuances of the original mod within the Source engine. Following The International 2011, Valve resolved to open up the beta to more people, and sent out several waves of invites last fall, over the winter, and this spring. They gave out beta access as prizes during their Christmas Sale event. And now, for $39.99, or whatever that equates to in your local currency, you can buy an invite to the beta, directly from the Dota 2 store in-game. In this way, it's not very closed anymore, save for in name.
All of this is a long way from how games, and software in general, were handled in days of yore. In the before-time, the long-long-ago, one would go to the store or mail order some disks with the software on it, install it, and that was that. Patches were next to unheard of. After the advent of the internet, one would still likely go to the store and buy a game on discs, and then begin the process of downloading patches off of the internet, if one was so lucky to have their product see post-launch support. Today, it's not uncommon to see a game be patched once or twice in a week's time, especially so if it's a game with an online component to it.
With games like Dota 2, and recently-released Tribes Ascend, and the wildly successful Minecraft before that, the entire software development cycle gets hazy at best. PC Gamer recently asked its readers whether or not they should review Dota 2. There's still a list of things to come for Dota 2. There's also already a selection of purely cosmetic items available for purchase for your heroes, tying in closely to Valve's hat-based strategy for revenue. It's no wonder that reviewers are left wondering. Buyers are wondering too. There are plenty of people playing Dota 2, and presumably some of those players are having fun doing it. I think it could also be successfully argued that Minecraft was "done" long before Mojang slapped a 1.0 version number on it. On the flip side of the coin, it's been five years since Valve released Team Fortress 2, and the TF2 that players play today is very little like the one that was bundled with the Orange Box on release. Games developed, or even merely published by Bethesda are notorious for launch-day bugs, some of which are so egregious that they come perilously close to breaking the "sacred bond of trust between gamer and gaming mega-corporation." Sometimes Bethesda fixed up their games with a post-game patch, other times we have to just wait and bear it, and eventually at some point, like the days of yore, post-launch support just ends, and bugfixes are left to the community to handle.
I think that in the end, the "release early, patch often" approach is beneficial to consumers. It allows developers to get player feedback in an early and ongoing fashion, and adjust their product accordingly. In the long run, it makes it easier to decide whether or not it's worth plunking down our cash for a game. It does, however, make it much more difficult to decide to do so on launch day. It's difficult to see the future and know if and how a given title will be supported post-launch, which is now a reasonable issue to consider before purchasing a AAA title that can cost between $50 and $60. The hard part, of course, is waiting for our old ideas about game reviews to catch up, since a review doesn't get patched, unlike the games they cover. The best a review can hope for is to be revised during an expansion pack. -
Contest To Crack William Gibson Poem Agrippa
An anonymous reader writes "A new cracking contest to cryptanalyse a William Gibson poem. The electronic poem ('Agrippa') was written back in 1992 and self-encrypts after being displayed once. The person who successfully cracks the encryption will win a copy of every published Gibson book." The poem/program binary was recovered in 2008, but it looks like no one has managed (bothered?) to crack the code. -
Ouya Android Console Blows Past Kickstarter Goal
mikejuk writes with a winner for quickest follow-up in a while as the Ouya console managed to raise over $2 million in a mere eight hours. From the article: "On the surface it all sounds like a really good idea. The OUYA games console is planned to be an open competitor to the likes of Xbox and PS3. It seems so good that it has been crowd funded to the tune of $1 million — but why exactly is it needed? There must be a good reason — after all the wisdom of crowds is never wrong. The simple answer seems to be freedom. The company claims that you can do what you want to the machine. A CyanogenMod port would allow you to do what you like to the OS and it wouldn't void your warranty. You can hack the hardware or software. However, it is important to note that this isn't open hardware. ... In the same way the software seems to be open and yet controlled. ... The Kickstarter page says 'When we say, "open" we mean it. We've made many decisions based on this philosophy:..' But it isn't Open Source. And yet it is so much better than the alternative. Perhaps this is a sign of just how desperate we all are to get away from the control of the big console manufacturers, that we will fund anything that sounds even slightly reasonable. The walled gardens of Apple, Sony and Microsoft no longer seem the warm and welcoming places they once did (if they ever did)" Issues not raised on yesterday's post; the console will require a significant number of binary blobs just to function, and it's really unclear whether or not it will actually be DRM free. Anyone remember Indrema? -
Ouya Android Console Blows Past Kickstarter Goal
mikejuk writes with a winner for quickest follow-up in a while as the Ouya console managed to raise over $2 million in a mere eight hours. From the article: "On the surface it all sounds like a really good idea. The OUYA games console is planned to be an open competitor to the likes of Xbox and PS3. It seems so good that it has been crowd funded to the tune of $1 million — but why exactly is it needed? There must be a good reason — after all the wisdom of crowds is never wrong. The simple answer seems to be freedom. The company claims that you can do what you want to the machine. A CyanogenMod port would allow you to do what you like to the OS and it wouldn't void your warranty. You can hack the hardware or software. However, it is important to note that this isn't open hardware. ... In the same way the software seems to be open and yet controlled. ... The Kickstarter page says 'When we say, "open" we mean it. We've made many decisions based on this philosophy:..' But it isn't Open Source. And yet it is so much better than the alternative. Perhaps this is a sign of just how desperate we all are to get away from the control of the big console manufacturers, that we will fund anything that sounds even slightly reasonable. The walled gardens of Apple, Sony and Microsoft no longer seem the warm and welcoming places they once did (if they ever did)" Issues not raised on yesterday's post; the console will require a significant number of binary blobs just to function, and it's really unclear whether or not it will actually be DRM free. Anyone remember Indrema? -
FTC Reportedly Fining Google $22.5 Million Over Safari Privacy Abuse
New submitter Slashbots writes "Google will settle with the FTC for nearly $22.5 million over its bypassing of Apple's Safari browser privacy settings. It would be the largest settlement with the FTC over privacy-related charges ever. By abusing a privacy hole in Safari, Google circumvented user settings to show them advertising and track the user. 'Safari, unlike other browsers, blocks cookies from ad networks like Google's. But because of a loophole, Google had been able to avoid the block, as researchers discovered in February. It installed cookies and tracked Safari users across the Web to show them personalized ads.'" -
Formspring Hacked - 420,000 Password Hashes Leaked
wiredmikey writes with news of yet another business suffering a data breach. From the article: "Formspring, the Social Q&A portal ..., admitted to being breached on Tuesday. The compromise led to the loss of 420,000 passwords, forcing the site to reset all member passwords. Mirroring the recent LinkedIn breach, Formspring said that it was alerted to a forum post that contained 420,000 password hashes. Engineers shutdown the service and confirmed the passwords were indeed theirs. In less than a day, an investigation revealed that the attacker(s) had 'broken into one of our development servers and was able to use that access to extract account information from a production database' .... There have been no reported incidents of individual account compromise, but there were reports of Phishing by some users on Twitter attempting to capitalize on the incident." -
RIM CEO On What Went Wrong
AZA43 writes "After releasing some very ugly financial numbers in late June, BlackBerry-maker RIM went on a media blitz to downplay the significance of its latest earnings and counter increasingly negative media attention. ... But a new Q&A with BlackBerry chief Thorsten Heins offers a unique take on what exactly went wrong at RIM — Heins blames the company's downfall [partly] on LTE in the U.S. — and he actually seems genuine in his answers." A peek into the mind of RIM's upper management. -
San Francisco To Stop Buying Apple Computers
New submitter djnanite writes "Following on from the story that Apple has exited the 'Green Hardware' certification program, the BBC reports that City officials in San Francisco plan to block local government agencies from buying new Apple's Macintosh computers. Will they be the first of many, or will cheaper products override people's conscience? 'Other CIOs in government and educational institutions, where Apple has a strong presence, could find themselves asked to drop MacBooks and iMacs. The federal government, for example, requires 95% of its laptops and desktops be EPEAT-certified.' Apple defended the move by saying their products are environmentally superior in areas not measured by EPEAT." -
A Fresh Look At Multi-Screen PC Gaming
crookedvulture writes "It has been quite a while since Slashdot last covered multi-monitor gaming. A lot has changed in the interim. Monitors prices continue to fall, and improved AMD Eyefinity and Nvidia Surround implementations make creating multi-display arrays incredibly easy. Graphics cards have gotten faster, allowing high-end models to handle the latest games at the ultra-high resolutions that multi-screen setups enable. Developers are doing a better job of supporting those resolutions, too, although HUD placement and single-screen cinematics are still problematic in some titles. Even in the games that do have niggling flaws, the wider perspective of a triple-screen config can offer a more engaging and immersive experience. As stereoscopic 3D implementations fail to catch on, multi-screen setups look like the best upgrade for PC gamers."