Slashdot Mirror


User: mlts

mlts's activity in the archive.

Stories
0
Comments
5,534
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,534

  1. Re:Question: on Larry Ellison Rips HP Board a New One · · Score: 2, Funny

    Society never finds equilibrium. It merely heads to the state with the lowest energy and the highest entropy.

  2. Re:I gotta say... on Google Secret Privacy Document Leaked · · Score: 2, Interesting

    I have worked at businesses who wouldn't even think of bothering with these questions. Instead it would look like this: "Would selling the stored info we have on our customers help this FQ's numbers? Yes? Get legal to sign the contract, and the DBA to do an export of the database and E-mail [1] it to the client."

    [1]: These are PHBs talking, so they wouldn't understand a 1TB database export can't be E-mailed.

  3. Re:I gotta say... on Google Secret Privacy Document Leaked · · Score: 1

    There are two ways to make money:

    1: You can have a business that has a reliable, established name that makes profits year after year where it looks ahead years ahead to see what may be the biggest thing, and does R&D to capitalize on it, funneling profits back into R&D to be able to keep ahead of the curve and maybe even developing a new product line that might be profitable, similar to how IBM went from cash registers to computers.

    2: Or you can just focus on the next quarter above all else. Whatever profits are made are made only thinking of this quarter. R&D? buy a company or license something. Here, ethics do not matter because if the company goes bankrupt, that is for the shareholders and the government to clean up.

    Unfortunately, most companies are all about being full of #2. Companies that are quiet and grow solidly year after year (Mag Instruments, Harley Davidson, IBM, Corning, RedHat) don't tend to be in the public eye that much because they are busy researching and in general, too boring for the press to follow.

    Yes, companies are out there to make a profit, but there are short term gains and long term gains. It would be nice to see companies eying 2, 3, five, even ten year plans so they are relevant and profitable in the future.

  4. Re:"pirate" flag of convenience ? on Servers Ahoy — Startup To Build Floating Data Centers · · Score: 1

    If the CG can't, the Navy can. Don't expect not to be boarded even when in international waters. A friend of mine who used to sail around the globe has found that out the hard way.

  5. Re:Well on Servers Ahoy — Startup To Build Floating Data Centers · · Score: 2, Interesting

    Circulating seawater has its bad points. There are a LOT of critters in that water, and in time, barnacles and other stuff will start forming in the pipes, essentially sealing them off once they get big enough and there are enough of them. Of course, one could filter the seawater or use a heat exchanger system, but that is added engineering effort and more items that can break down.

    Marine engineering is a fight to itself. It already is tough keeping a datacenter on land operating... add the perils of the sea (water intrusion, corrosive salt spray, humidity, etc.) and it becomes actually a daunting task.

  6. Re:Well on Servers Ahoy — Startup To Build Floating Data Centers · · Score: 1

    If a data center is in international waters, *any* country's navy can come by and seize it. There, might makes right essentially.

    I'm reminded of a guy on another forum who was wanting to do this and offer essentially a floating warehouse to customers for long term storage not on land. He found out the hard way about life on the high seas when a salvage crew from another nation slurped all his floating containers and sold all the contents.

  7. Re:Fee Wi-Fi are a drain on the bottom line? on Some LA Coffee Shops Are Taking Wi-Fi Off the Menu · · Score: 1

    There are coffee shops in Austin that have turned off their Wi-Fi networks as well. And their business actually has picked up:

    More tables are available so people stick around and buy stuff, as opposed to people playing FarmVille all day.
    People tend to chat or read books, and not just be in their own worlds.
    The people that really want/need Internet access can pull out their phones, flip on tethering, and go at it.

    IMHO, there is a happy medium, because there are times when a person does need to get out of the house (or dorm), take a laptop and do some studying in a different environment. What a coffee shop wants are some tables taken to make the place appear busy, but so jammed full that people just walk off, or don't have a place to sit. This can be done in two ways:

    1: Turn off Wi-Fi during lunch or peak times where people are going in to eat. This clears out the table campers for paying customers when demand is high. Alternatively, restrict it to 10-20 minute increments during these hours.

    2: There are may ways to limit Wi-Fi access. I like the idea of "preferred" accounts for people with unlimited wireless, and 30-120 minute tickets if one isn't on the list. This way, at least people using the Wi-fi have bought something recently, while people in the "premium" club with a yearly membership have a perk to keep renewing.

    3: Use a WISP service and let someone else manage the Wi-Fi stuff.

  8. Re:Well...uh thanks on Abandon Earth Or Die, Warns Hawking · · Score: 1

    There have been lots of debates that have raged about what the best means of exchange would be. The trick is to find one that is the most resilient against the norms of human greed and corruption. And it doesn't mean pure capitalism, pure communism, pure command economies either, but a mixture.

    I probably say that the best mix is a mixture of capitalism that is regulated by governments. Unregulated capitalism is just as bad as a pure dictatorial command economy, as the bank failure of 2008 and the subsequent chronic recession has shown us.

  9. Re:right over their heads on Some LA Coffee Shops Are Taking Wi-Fi Off the Menu · · Score: 1

    Even if you don't work for the military, it is good to always keep basic security. On a lot of Wi-Fi hotspots, I'd seriously consider using a VPN like StrongVPN. This not just protects you against spoofers, but also keeps geo-locating trackers off of your location.

  10. Re:Well...uh thanks on Abandon Earth Or Die, Warns Hawking · · Score: 1

    This is something that needs to be done. However, I wonder if/when this will be possible. China keeps exploding stuff to show off and making LEO impassible due to Kessler Syndrome. NASA is but a ghost of what it was, and it keeps getting defunded.

    The problem is that space travel requires deep pockets, and until people with deep pockets see a ROI, all space ventures will end up being for either finding ways to get new satellites in space, and militias of various countries figuring out how to shoot the satellites down. Space travel is not going to happen unless there is another cold war, or there is something of value gotten by doing so.

  11. Re:Privacy on Saudi Says RIM Deal Reached; BlackBerry OK, If We Can Read the Messages · · Score: 2, Interesting

    The minute people seriously suspect that AES is breakable in large numbers, will be the minute China proposes their own IETF draft of an algorithm and the whole banking sector, and essentially the Internet will change algorithms overnight.

    I have seen this discussion in every major security program, be it PGP back in the 90s, TrueCrypt, BitLocker, or any other program that is relied upon to provide security. This can be reduced to three states:

    1: Governments do not have an easy backdoor. Result: This won't be told to anyone to keep the blackhats from flocking to the program.

    2: Governments have a backdoor that is known to the world: e.g., their country uses Clipper chips, all SSL traffic has to use an escrow key, or the originator and his family is put to death, security appliances are used to MITM all traffic and insert their own keys, or other items. The blackhats will find another mechanism like steganography [1], tunneling over various protocols, or even go back to dead drops with physical media. As always, there will be low hanging fruit nabbed to show that the backdoors are working to catch criminals, but people that mean real harm will be out of reach.

    3: Governments have a backdoor that nobody outside their intel department knows about. This could consist of a hole in the encryption algorithm, a backdoor in x86 chips that allow certain microcode instructions to be executed in ring 0 if it uses a certain undocumented header, a hidden RSA override key, or just knowledge of a weak link (hashing to 40 bits, using the hash as the actual key.) Here, if a government had access to information (like a criminal case where it was presented that data was obtained due to an algorithm or key storage weakness), the minute people found out that this was possible, the whole world would immediately change their algorithm selection or create an add-on which used another encryption technology. For example, if AES was found to be the cause of leaked data, TDES [2] would be reused or another algorithm used in AES's stead. Other means of encryption would either replace the algorithm, or have another pass using the new algorithm if it couldn't be replaced to ensure security. If the weakness was in hardware, countries will be building/contracting chip fabs and seeing about multiple architectures [3]. So in reality, a government could not use the fact that they had a backdoor for anything but the largest of cases, because the game will change fast once the security issue is known.

    The RIM deal will put KSA into category #2, which is what they want. The smart criminals will have to move to another means of communication while the dumb ones are easily scooped up and made examples of.

    [1]: Real stego programs, not the antiquated ones from the '90s that the Russian spies used. There are a lot of data streams that can easily have random bits inserted in them and nobody notice/care.

    [2]: TDES was a hack so solid encryption could be done without a major hardware revamp. But other than for the tiny block and key size, it proved to be remarkably secure over a long time.

    [3]: I'm sure that China could easily use their knowledge gained from various sources, or just what is done in their country's chip fabs to create their own architecture with an embedded hypervisor that could virtualize x86 machines. UNIX based operating systems could be easily cross-compiled for the new architecture (probably something like the Itanium with a crapload of registers, lots and lots of cores, and maybe even FPGA-like functionality to make any core on the die act as a GPU, CPU, FPU, x86 core, POWER6 core, or dedicated AES cruncher. Since the government would throw big dollars to subsidize this, even if it cost significantly more than an x86 chip, it would be mandated.)

  12. How about old fashioned measures? on Web-Based Private File Storage? · · Score: 1

    Instead of using Web based measures, what about a cryptographic token and TrueCrypt? This way, someone had to have the token, know the token's password, and have the TC passphrase and volume. If someone guesses the passphrase on the token too many times, it goes boom and there will be no access for anyone, which may be what is wanted.

    Another option is to build a custom file server with Windows Server 2008 or Windows Server 2008 R2, enable TPM + PIN + USB flash drive, and use BitLocker. This way, for someone to bypass the file access, they will need an item, a passphrase, and to not have altered the computer (and some computers can be configured to have the TPM to drop all keys if the case is opened.) This way, data can physically reside on a decently secure machine.

  13. Re:And the internet... on Google CEO Schmidt Predicts End of Online Anonymity · · Score: 1

    Be careful about saying that. I remember that said that any device would be broken by clued hackers back in 2000. Fast forward to present day: The PS3 has not been even near scratched, much less cracked. HD-broadcast signal is still untouched. Blu-Ray is a cat and mouse game. The iPhone has only been jailbroken on a userland basis.

    It can be extremely simple to push out Internet infrastructure changes that would all but ensure that only the blackhats had anonymity:

    First, a treaty (now law, as treaties supersede laws and may even supersede the Constitution in the US if judges go by precedent) would get passed that required backbone ISPs to have NAC on their core routers, where any and all downstream routers enforced a set of permissions or the connection would be terminated.

    Second, the second tier of routers would enforce NAC and communicate with endpoint devices. If the TPM is bypassed on the device or the OS was non-signed, the device would be barred from connecting.

    Third, root and Administrator would be taken away from users, even on computers. If a machine is jailbroken or rooted, it is immediately yanked off the network similar to how Xbox 360s are killed.

    Finally, after this is done, a DRM stack will definitely follow, where any install of any app has to be authorized and even if the app cost thousands, unless the auth server said it was OK to install or run, it wouldn't. Same with music.

    End result: Totalitarian governments are happy, as they can push spyware to machines and the users can't disable it. The large businesses are happy because this forces legit users to keep sending money their way even for versions that were legally licensed. OS makers would be happy because F/OSS projects would be completely killed [1] so there would be no competition. Of course the proles lose out, but that seems to be the status quo these days.

    [1]: I remember before Linux and BSD were commonly out. Those days, want a UNIX OS? Pay $1500. Want a compiler? That's another $2000. C++ Libraries? Open your wallet. More than two users? Another fee. Want a file server? Spend $5000 for Netware 3.1.2 and don't forget the cost per client.

  14. Re:This will not end well on Google CEO Schmidt Predicts End of Online Anonymity · · Score: 1

    Even with a required ID, I'm sure there will be people happy to spread malware to proxy their traffic under the person's name. Or if the ID is just a number, just type in that number on every form that asks for it (like what they do in South Korea).

    Result: Identity theft crime skyrockets, bad guys still don't get caught, and Joe Citizen ends up facing criminal/civil charges for stuff he never did. If this becomes commonplace, one would see a Tor-like system under a bunch of people's IDs, and if someone's "exit node" had something objectionable, they would just shrug, say "oops, I got hacked again", and go on.

    Instead of spoofing MAC addresses, blackhats will spoof IDs. Even if we went to a smart card system and every website requiring a client certificate, I'm sure someone out there will make malware to MITM between the card and the Web browser to allow them to browse, but have the browsing be done as the victim's key.

  15. Re:Not to worry on Tech Specs Leaked For French Spyware · · Score: 2, Interesting

    Perfect way to frame someone too... just fake "OMG, this guy is P2P-ing copyrighted stuff" a few times, and now the roomie or whomever owns that computer is banned from any access to the Internet.

    I'm sure someone will make an easy to use app or website to visit on a mark's computer just to trip this software.

  16. Re:Not to worry on Tech Specs Leaked For French Spyware · · Score: 4, Insightful

    Just wait until the blackhats get ahold of this and change the phone home site from the standard to the blackhat's servers. Voila, instant botnet that is illegal for a French citizen to remove. I'm sure the guys on Elbonia are just drooling over that they can do once they can poison an ISP's DNS to get command/control access to the machines.

  17. Re:Not the first try to revive airships on The Second Age of Airships · · Score: 2, Informative

    Popular Mechanics had a decent article on this last year:

    http://www.popularmechanics.com/technology/aviation/airships/4242974

    I hope the Cardington team gets funding and critical mass, because airships are quite usable for various tasks, and moving one around is a lot cheaper than moving a plane merely because that the lift is provided already. Airships have a lot of practical uses:

    1: Transportation of goods across the Atlantic or Pacific. It won't be as fast as a jet, but if done right, will be a lot faster than a freight ship. To boot, the destination does not have to be a port, it can be a city well inland, provided there is right of way through the airspace. It wouldn't be hard to find corridors for airships to travel safely on, although storms may be a risk.

    2: Travel to areas after a disaster, even with no airport.

    3: Passenger travel. This would be a method of getting people across the US in a decent amount of time, faster than Amtrak. Of course, it isn't as fast as a jet, but would take far less fuel. Of course, the engineering problem would be speed because it needs to be somewhat competitive with regular commercial airline travel to get people using it. Plus, people are used to getting from one end of the US in a day, rather than having to spend a night on a vehicle. Maybe for regional transportation this would be useful, such as getting people from LA to SF and back.

    4: Cruises. It would be a gamble, but if someone put the mega (or more accurately giga) bucks into making a gigantic airship that rivaled luxury cruise liners, it might be something people would use for vacations. Perhaps slow trips to another country there and back.

    The $50,000 question is getting people to buy into airship technology. It may not be as cool as a Harrier or other VTOL aircraft, but a well-designed airship can do a lot of basic tasks cheaper in the long run than a plane.

  18. Re:DRM on Rethinking Computer Design For an Optical World · · Score: 1

    True, but a lot of people are not going to be pirating movies, nor getting people to do so. Things splashed in the front pages of x00,000,000,000 (number exaggerated, of course) people sued for $LOTS do keep Joe Sixpack from torrenting the latest flick. That, plus in reality it takes a long time for a lot of torrents, as opposed to just sticking in a disk, hitting "play".

    I am sure that we will have this DRM mess come 3D movies, 3D sets, et al. It is just the perfect chance that Hollywood has to tighten the noose a notch, just like 720p+ video was a chance to get HDCP and upgradable encryption in for movies. It also is the perfect thing to keep the TV makers in business, because even though Joe Sixpack's set he bought in 2010 shows 3D movies that were made this year perfectly, the new movies don't work unless the flash is upgraded, of course, the TV won't take an upgraded OS (but it is promised that the 2011 models can be upgraded to the 2012 HDCP encryption), so he has to go into Best Buy and pick up a 2011 model TV with the latest HDCP and DRM standards.

  19. Re:wow on Dog Eats Man's Toe and Saves His Life · · Score: 3, Insightful

    Don't forget that few people have decent health insurance, so it is understandable why some people would put it off, because of fear that it would result in complete loss of coverage, as well as bankruptcy, loss of job. In this economy, one bad injury or illness can get a person's family on the streets.

    This may be one reason why he put it off so long. Regardless, it is tragic.

  20. Re:DRM on Rethinking Computer Design For an Optical World · · Score: 1

    DRM comes to mind, as well as forcing/offloading various graphic rendering commands to the monitor. So when DirectX changes or gets upgraded, you have to buy not just a new card, but another monitor. I'm just waiting for HDCP to start having versions so someone with HDCP 2010a won't be able to watch Blu-Ray movies, nor HD TV unless they pitch the monitor and buy themselves a TV with HDCP 2010b or something along those goofy lines.

  21. Re:I can see compromised hardware being an issue on Malicious Hardware Hacking May Be the Next Frontier · · Score: 1

    Maybe this is a job for NIST, where they either make a chip fab, or have a contractor under strict guidelines do this exact type of thing.

    What I'd like to see is a chip with TPM-like functionality on it, but on a SIM card. This way, people concerned about DRM stacks don't have to worry because there is just a tray for the chip, while people who want additional assurance of their data can just buy a card, slide the card in and go from there. Perhaps stick a little bit of flash on it for encrypted storage similar to IronKey, and this device might become extremely useful. It won't replace CACs or smart cards by any means, but it will provide authentication for the machine.

    Perhaps SIM, R/UIM, and TPMs can merge onto one secure chip. This way, one can store keys, validate a machine hasn't been tampered with, and establish a communications channel onto 3G or LTE with very little user intervention.

  22. I can see compromised hardware being an issue on Malicious Hardware Hacking May Be the Next Frontier · · Score: 1

    All it takes is the ability to do a flash of a motherboard with a ROM that does everything, except adds a keylogger, and a driver that checks for Windows, and reinstalls the botnet client.

    Exact same mechanism that LoJack for Laptops uses to reinstall itself. Except done by the blackhats instead of the whitehats. With more and more machines having motherboards with independent network stacks, it would be trivial to enable two-way NAT and have botnet clients that are easily communicated with this way.

    Only real way to prevent these attacks is to go with a TPM based system. However, other devices can be easily flashed. A keyboard that stores macros might be able to be flashed to double as a keylogger.

  23. Re:Maybe other technologies as well on The Limits To Perpendicular Recording · · Score: 1

    Two disadvantages: The time it takes to move the head from the inside to the outside, and the time it takes for the drive to physically rotate the data to the head. Computers work in nanoseconds and faster. Drives have millisecond access time which is millions of times slower if one doesn't factor in caching. This is why seek algorithms and finding the best path for a drive head to pick data up from tracks is so important on a HDD.

    With advances in hierarchical storage, I can see a half height 5.25" drive form factor consisting of multiple 2.5" drives and some flash memory. The HDD controller will have to be intelligent enough to figure out what stuff goes on the slow platters versus what stays on flash, and when the drive is not busy doing I/O, move things up or down the storage tiers for the most efficient way to store files. For example, WoW screenshots which are taken and forgotten end up on the outer edge of the slowest spinning platters, while a VM swap file winds up on the flash part.

  24. Maybe other technologies as well on The Limits To Perpendicular Recording · · Score: 2, Interesting

    There are other technologies that I'm sure HDD makers have waiting in the wings. If areal density doesn't go up fast enough, I'm sure that HDD makers will go back to stacking platters, and we will start seeing fatter 2.5" drives. Perhaps even a return of Bigfoot drives, or double-height 2.5" drives as a new form factor. Of course, these drives will have to have some engineering done to keep performance.

    I can see a full height 5.25", a monstrosity these days, but inside it would have a bunch of tiered storage with the controller doing the work and multiple caches using not just DRAM, but flash RAM, and wise positioning of data (more commonly accessed stuff closer to the spindle for example.)

    This is the last resort of drive makers, but I'm sure if nothing else pans out to keep capacities growing, they will start adding platters.

  25. Re:It's down to the cost of one disk? on The Recovery Disc Rip-Off · · Score: 1

    I really don't get why Microsoft has different backup programs in different OS editions. This is why I tell people to go with a third party solution because regardless of what type of Windows edition, Retrospect or Acronis will back it up, and allow for a complete restore.

    This sounds like she had Windows 7 Home Premium, because the backup utility does not do a complete WIM image of the system, but copies document files off to an external drive. However, the edition of Windows shouldn't determine how well one is protected when disaster happens.