Slashdot Mirror

The part where they feed them green jelly beans.
http://xkcd.com/882/

It's winter here. The only thing you're likely to see is a hungry bear and a bunch of clouds.

We don't do tan lines in Alaska. Global warming hasn't quite got that far.

Yes, here: http://is.gd/7q1YoR
and here: http://is.gd/A29tl4

Why am I still here? Why are you still here?
I guess http://xkcd.com/386/

I had to use urban dictionary to understand wtf a "photog" was:
http://www.urbandictionary.com/define.php?term=photog

Slang for Photographer apparently. Although I've never heard or seen anyone use the term and apparently those writing the summary title thought they were being "hip".

You might have used the regular dictionary instead, and learned that the word "photog" has been in use for over a century. Congrats, you're one of today's Lucky 10,000!

No the first option should be a bobcat, then the nuke.

thisAlgorithm.BecomingSkynetCost=999999999

Problem solved

Instead of jaguars, article contained serious prose. Would not read again.

You'd have thought someone would've thought to check the results?

They're trying to avoid this effect, where they search for hundreds of different signals and find a statistically significant one by sheer coincidence. Instead, they lock their data carefully away and don't look at it, while they spend a few years working on their statistical tests and picking the most meaningful one. Then they release the data, apply the test - and in this case, find a signal.

This is about right...

http://xkcd.com/435/

From your blog:

Who develops software? The same people who make money on our searches...the people who develop software aren't going to develop that program

You are never going to find helpful developers with an attitude like that. I don't work for a web advertiser, in fact of the 100s of professional software acquaintances I have, only two work with google, and they aren't in search or advertising. We are people too. We have varied political opinions and we have identities of our own to protect. We use and write whatever software we believe will be best for ourselves and others. There is no conspiracy against implementing your ideas, we just find them less practical than the ideas that we do implement. In fact, if you'd like your ideas implemented, but have somehow alienated all the developers around you: http://www.codeacadamy.com./

Besides, developers _have_ released tools for your ideas, but people just don't use them. For one example: https://addons.mozilla.org/en-US/firefox/addon/trackmenot/. I built myself a similar program so I could better control the searches it was making. I thought it solved the "child porn problem" AthanasiusKircher was talking about, but the right combination of innocent words can still be used against you (plus it doesn't hide my cookie dough fetish). The other problem pointed out by the other poster, but also confirmed in practice by me, is that sort of people who are going to go through your search history don't care what chance there was that you visited a websites or your camouflager did. Depending on their motives, they will raise 3 times the shit storm or serve you three times the ads when they find you are searching ramen noodle fetishes and fruit fly sex on top of cookie dough pounding.

Back to your post:

flood the identity theft market with fake personalities

You first have to penetrate into the market place and earn some street cred pedaling and buying good identities. Easy to say, but I hear it's rather long and involved to do. Then, you can start mixing your fake identities in with the real ones. Except, you quickly blow the trust you earned with your buyers and have to go back to step one. If you are the FBI, it would be easier to immediately arrest everyone who bought the fake identities, rather than having to supply enough real identities so that sellers don't catch on.

Before blaming everyone else for conspiring not to implement your ideas, go try them yourself, you'll discover they aren't really as easy as writing a blog post. Also, know that this is what you sound like to us with the ability to implement your ideas. http://xkcd.com/793/

I just want to say that, though I often attack, bully, and sometimes insult people on this very forum, I'm not a paid shill.

It's more of a "calling".

(Wait... what? I can also get *paid*?)

My Slashdot Suggest Bot recommends attaching one or more of the following to a comment that has already achieved +5 insightful:

I for one welcome our new chatbot overlords!

This is why I don't have a Facebook account!

As if we need more evidence that software patents are broken!

I am a bot you insensitive clod!

Obligatory XKCD: http://xkcd.com/948/

Obligatory XKCD: http://xkcd.com/632/

Whatever happened to "Don't be evil?!"

In soviet Russia bot chats you!

My Slashdot Suggest Bot recommends attaching one or more of the following to a comment that has already achieved +5 insightful:

I for one welcome our new chatbot overlords!

This is why I don't have a Facebook account!

As if we need more evidence that software patents are broken!

I am a bot you insensitive clod!

Obligatory XKCD: http://xkcd.com/948/

Obligatory XKCD: http://xkcd.com/632/

Whatever happened to "Don't be evil?!"

In soviet Russia bot chats you!

http://xkcd.com/605/

Close enough.

Seriously: "Can it run Linux" was the first question that popped into my head.

I am sure you were hoping for "No it cant because it has some restriction" but the answer is "yes it can" so now the ball is in your court. It is all free and open but guaranteed nothing will come of it, it is *always* like this with Linux nerds.

http://xkcd.com/16/

So hopefully they'll give us some new spontaneous material to drive into the ground with endless repetition for decades to come? (And i admit, i'm as guilty of that as the next geek.)

http://xkcd.com/538/

This is NOT an issue with encryption.

This is an issue with a wrench. You can have it encrypted 5 different ways, but when the NSA comes a knocking, DEMANDING The data, and your alternative is to get shut down, go to jail, etc... guess what, they key's become suddenly available anyway.

Its another type of brute force encryption hacking that always succeeds. The RIAA and MPAA figured this out (mostly) long ago when they realized that from a technical standpoint it is a no win situation. At that point just let the government and/or courts solve the issue for you.

The NSA isn't going to crack any codes, they are going to ask for the keys, and if you don't give it to them they will destroy you.

Reminds me of the http://xkcd.com/435/ but wtih plain vanilla Debian instead of Mathemeticians.

I've read the whole thread and this is the first post off which I can legitimately hang an obligatory XKCD reference.

There ya go: http://xkcd.com/538/

I'm from the future, where we have google search.

Relevant link: http://what-if.xkcd.com/48/

Anonymous Coward is not talking about the Commonwealth: http://what-if.xkcd.com/48/

People are busy and lazy. They don't want to have to learn new things.

Rubbish, people will learn new things if it provides benefit to them, they won't spend time learning something utilitarian if it is pointless. Why bother learning Linux? Sure some people do it for the joy of learning (debunking your other idiotic assertion) but they are a niche, of course not everybody wants to do that. The problem is its lack of tangible benefit, Android provided tangible benefit over its competitors in the smartphone world which is why it has flourished but Linux has never offered such things in the desktop world and still its proponents continue to blame the user, it's getting fucking pathetic now.

Learning for the joy of learning is going out the door and has become 'vocational learning' only. Universities even back in the 70's were dropping art and history courses as well as classical languages and history etc.

Because university courses cost significant amounts of money so those that have no vocational value were unpopular and became niche courses offered by various institutions that matched the low demand for such things.

The industries that have run the American economy that has influenced the world in these things so much just want consumers. People who know what the specials are at the dept store, but don't really think much. They know how to use facebook, are not savvy enough to avoid the ads and know how to use youtube enough to view cat videos. Mostly, they know how to buy, buy, buy and consume what they are told to consume. Stupidity is the desired outcome. Stupid consumers who just buy whatever crap is dished out to them.

yeah yeah yeah, i suppose it makes you feel special though.

Unlike a basic $35 baby-monitor, the $250 Owlet bootie and accompanying app can alert parents if anything serious has gone wrong, like if a kid stops breathing, or if his heart stops beating.

This XKCD comes to mind for some reason.

Babymonitor App, 4.0 stars, 4 reviews
Three five star reviews, then one one star review. "App did not warn me when baby died."

Want a slightly more serious take on it?

For the first 10 months of her life, her mother, Yasmin, kept detailed records of Elle's sleep patterns, feedings, and diaper changes, noting the data points with a pencil and paper on a clipboard. A few months in, she digitized the logs, graphed the data, and became a more knowledgeable parent.

Unfortunately for the Lucero family's sleeping habits, Yasmin never found a definitive answer. Per the data, Elle was just fussy.

That last line accurately sums up every infant I've ever had in my charge. Not sure what pattern you could discern from graphing all of this data, if my experiences are any guide it would make for one hell of a random number generator. I doubt one can find a better entropy source than a newborns sleeping "schedule". ;)

oblig xkcd

Well, you and I need more than the kernel. By the way, obligatory xkcd.

Obligatory XKCD.

If you can't defend something, you can't own something.

Shoot for the moon!

http://xkcd.com/1291/

Well, either he's created the mother of all LISP macros, or it's simply vaporware. Love to see it when they publish it. Code or it didn't happen.

Here is the obligatory xkcd, panel two.

Or swordfight? (You knew this link would be posted. Don't lie to me.)

There's a huge opportunity for improvement by applying programming ideas to the legislative process (version control, "parsing" the laws to find duplicate code, conflicts, etc. -- legalese seems a lot more like a programming language than regular English, by the way)... The hard part would be getting the lawyers to care.

Also, you're doing it wrong.

plastic penises in every classroom!

crap, I posted a obXKCD link. I feel dirty now.

*cough* that's just "several", not "several of". I should have just stuck with " a couple of", as defined by XKCD: http://xkcd.com/1070/

Personally, I've considered results with p values between 0.01 and 0.05 as merely 'suggestive': "It may be worth looking into this more closely to find out if this effect is real." Between 0.01 and 0.001 I'd take the result as tentatively true - I'll accept it until someone refutes it.

If you take p=0.04 as demonstrating a result is true, you're being foolish and statistically naive. However, unless you're a compulsive citation follower (which I'm not) you are somewhat at the mercy of other authors. If Alice says "In Bob (1998) it was shown that ..." I'll tend to accept it without realizing that Bob (1998) was a p=0.04 result.

Obligatory XKCD

Obligatory

My attempt showed me only plans to have my soul devoured by demons, but I think I accidently typed a negative ZIP code.

2 kilograms per kilogram?

The malware was uncovered when the astronauts started getting pop-up ads about girls within the area wanting to hook up.

http://xkcd.com/713/

No. The additional speed the asteroid gains by just depends on the difference in the gravity potential between the place where it "starts" and where it "ends" (=impacts). If it just passes closer to the earth, it will be sped up a bit while closing in, but it will lose the same amount of speed on the "way out". Of course, there's an appropriate XKCD. It really doesn't matter which path you take, it's just the difference in height on that graph that affects the kinetic energy of an object moving from one point to the other.

Gravity slingshots need to be aimed properly, otherwise they are just as likely to reduce speed (used e.g. for the MESSENGER probe) as they are to increase it. Given the high relative (to the earth or the moon) speed of asteroids, I wouldn't expect much of a difference with "just" the earth and random trajectories.

oblig

So it has come to this...

XKCD 1057.

So are you saying that fake Twitter followers increase your Google page rank? How does Google connect a Twitter user to a web page? I can see how posting a link to your website and having lots of people click on it is potentially useful, but I don't see how having a bunch of fake robotic followers clicking on the links you tweet about does anything other than look suspicious to Google. And maybe I'm cynical, but I don't see how anybody can sell "getting real people to be interested in the stuff you Tweet and pay actual attention to it" for fractional pennies per human follower.

He's choosing the Third Way.

Thanks, found it.

A car is certainly larger than the hypothetical table in this xkcd what-if. A Hubble-like telescope specifically built for earth surface (in other words, a spy satellite) could therefore definitely see a car from space. And as more than just a few pixels.

Percentage of people eventually dying:
With guns: 100%
Without guns: 100%

7% of all people who have ever lived are alive today, meaning human mortality is currently somewhere around 93%.

http://what-if.xkcd.com/27/

It fails at what it was designed for, in a worse way than captcha.

The theory behind such passwords or passwords enhancement, it to introduce something which is pretty damn simple for a human to perform (reading and typing something down, or making a few simple cognitive tasks), while being awully complicated for a bot to do in order to slow down automated attempts.

Even if you have 10 such images to match each with one of 10 user-generated phrases, that *only* has 10! combinations, which more or less is equivalent (21bits of security), to a 4-5 letters case-*IN*sensitive password (or 3 signs long "mixed case, alphanum with punctuations" passwod). That's something that's absolutely trivial to brute froce for a computer.

If they use the test password as a generator for the images, this is only like extending it by a couple of caracters. Not even doubling the size of the password (doubling would have been better).

Meanwhile, trying to make some sense out of this ugly colored mess is quite taxing on the human brain.
These image don't mean anything directly. And if you try using imagination, it's going to be very hard remembering which is what. If you're not in the same mood, it could take quite some time to remember which of the two collection of colored dot reminded you of "a bunch of kittens in a basket" and which one looked more "jesus face appearing on the surface of a peanut buttered toast".
By the time you finish wondering, a brute force method would have already found the answer several times in a row.

Things get even worse if they use the text password as a generator of images:
maybe the reason that you cannot find which image was the "fat lady spanking a midget" is that you mistyped the password and thus generated the wrong set of pictures.

Only two methods to help:
- ask user to use a very simple password:
congratulation, you've successfully reduced the security of the whole system. you've combined a very easy password to brute force, with something that's almost trivial (only extends the security by 21bits).
- proceed in two rounds: first validate the password against (preferably against a KDF like Scrypt, but will very probably be only a easier-to-bruteforce hash in most applications). And then a second step using images generated using the now guaranteed correct password. As said above, such a second step is almost trivial to brute-force. Most of the time spent in bruteforcing such 2-step authentication would go in the first step. The presence of the 2nd step doesn't pose much problems to a brute-forcer, while being a real pain in the ass for humans.

In short, it looks like this Dilbert strip.
Very inconvenient to put in practice.

And that's not even counting disabilities that would prevent a human from even being able to operate this: I'm not even thinking about weird disabilities propopagnosia (impossibility to distinguish faces), but much more frequent and mundane like colourblindness (and thus striping one information you could use to distinguish between image, like "picture 1 is 'redest of the serie' and picture 5 'has the most gree') or simply being a socially awkward geek (and having a much smaller reference pool in term of faces).

If you're not confident enough on relying on Pass-*phrases to increase brute-force search space, at least use something that is not too cumbersome for the end-user (2-factors identification. Either get an SMS or sign something with a private key in you QR-code enabled smartphone).

Mod Parent Up. Also: Security

Lobster used to be prisoner food, until someone got the bright idea to use the newly available railroad to sell canned lobster to inland dwellers who didn't know better and considered all seafood a delicacy.

Well, I agree with this guy, so I don't even care to check if you're right.

Foie gras used to simply be a kosher source of cooking fat (since lard isn't kosher). It wasn't until the French gourmands elevated it to a delicacy.

Citation needed. Ancient Egyptians made foie gras too (or effectively the same thing). They were worried about it being kosher?