Slashdot Mirror


User: Animats

Animats's activity in the archive.

Stories
0
Comments
14,273
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 14,273

  1. IRS tax rules for nonprofit/for-profit links on Wikipedia's Search Engine Plan · · Score: 1

    Yes. It's going to be interesting to see if Wales reports this conflict of interest. It should be reported on IRS Form 990, under "Relationship to Other Organizations". That's where, if you're involved with both a for-profit and a non-profit in the same area, you have to report it.

    Form 990 is a public record. GuideStar has them all on line, although you have to register there.

  2. Re:They announced this AFTER the shutdown? on Alternatives To SF.net's CompileFarm? · · Score: 3, Insightful

    It was announced afterwards for a reason. They're not really taking it down because nobody wants it or anything, it's because they lack manpower to keep it working. It basically needs a lot of work to get it back in a usable state, and it's not widely used, so they're just dropping it.

    This is the classic downside of "software as a service".

  3. Re:U.S. instituted you-can't-leave list on No Passport For Britons Refusing Mass Surveillance · · Score: 2, Informative

    The U. S. Department of State says this:

    The United States government does not have exit controls at the border. There is no way to stop someone with valid travel documents at the United States border. The U.S. government does not check the names or the documents of travelers leaving the United States. Many foreign countries do not require a passport for entry. A birth certificate is sufficient to enter some foreign countries.

    But that's now obsolete. Now there's the Western Hemisphere Travel Initiative:

    • Beginning January 23, 2007, U.S. citizens traveling by air between the United States and Canada, Mexico, Central and South America, the Caribbean, and Bermuda are required to present a valid U.S. passport, Air NEXUS card, or U.S. Coast Guard Merchant Mariner Document.
    • As early as January 1, 2008, U.S. citizens traveling between the U.S. and Canada, Mexico, Central and South America, the Caribbean, and Bermuda by land or sea (including ferries), may be required to present a valid U.S. passport or other documents as determined by the Department of Homeland Security.

    Here's the Federal Register reference. The first phase (the "air phase") is already in place; the second phase (the "sea and land phase") may require further Congressional approval.

  4. They announced this AFTER the shutdown? on Alternatives To SF.net's CompileFarm? · · Score: 5, Interesting

    Posted By: wdavison
    Date: 2007-02-16 00:13
    Summary: Compile Farm News

    As of 2007-02-08, SourceForge.net Compile Farm service has been officially discontinued.

    Shutdown on Feb. 8, announcement on Feb. 16th?

    With behavior like that, SourceForge can't be considered a safe location for important code. I'd suggest that it's time to get projects off SourceForge. Make offsite backups of anything important now.

    Latest announcement from VA Software, which owns SourceForge:

    VA Software Corp., whose software and online media are targeted for the open-source software community, said Thursday it named Scott E. Howe to its board of directors.

    Howe is president of a division of digital marketing company aQuantive Inc.

    "Scott's extensive knowledge of the media markets will be invaluable as we continue to focus on our core media assets and strive to secure alliances in the global competitive landscape," VA Software President and Chief Executive Ali Jenab said in a statement.

    VA Software slipped a penny to close at $4.24 on the Nasdaq Stock Market.

    If VA Software thinks they're now a "media company", it's time to get off SourceForge.

  5. This is gross irresponsibility on SSL Optimization Over WAN Needs Scrutiny · · Score: 2, Insightful

    Any administrator who puts in a security hole like that to get a minor reduction in bandwidth is grossly irresponsible. No device in the middle of the network should have the end to end decryption keys. Ever.

    If you have too much traffic to your secure servers, take a look at what they're sending. Maybe the canned images can be moved to a non-secure server, where they can be cached locally. You're probably not actually sending huge volumes of secure data to a browser.

    Or maybe you just need to find out who's downloading videos and stop them.

  6. It needs serious language support on Why Is "Design by Contract" Not More Popular? · · Score: 5, Informative

    If you're serious about design by contract, you need to use a language that supports it. Eiffel does, of course, and so does "Spec#", Microsoft's verifiable variant of C#, but other than that, "support" is a collection of half-baked add-ons that don't provide any strong assurances.

    If you're going to take object invariants seriously, you have to take object invariance seriously. Objects can't be allowed to change other than when control is inside them, and when control is inside the object, no public method of the object can be called. This means you have to be able to catch cases where object A calls object B which then calls a public method of A. The invariant of A isn't established at that point, and so, calls into A are illegal. This strict notion of inside/outside is fundamental to class invariants, but many so-called "design by contract" approaches gloss over it. You need a way to explicitly say "control is now leaving this object temporarily" when calling out of an object, and the object's invariant must be true at that exit.

    Threading and locking have to be handled in the language. The language needs to know which locks protect what data, or invariants aren't meaningful.

    Then there's the problem of how to express an invariant, entry, or exit condition. Are quantifiers provided, or what? How do you talk about concepts like "forward and back pointers of the tree must be consistent"? There's known formalism for that sort of thing, but it's not something you can express cleanly in, say, C or C++.

    Without smarts in the compiler, run time checking tends to be too expensive. The compiler needs to know that member function F can't change member variables X and Y, and therefore, invariants concerning X and Y don't have to be rechecked. Without optimizations like that, you end up rechecking everything on every call to every access function.

    I'd like to see more design by contract, and I'd like to see it work well enough that when something breaks, you know which side of the interface to blame. I used to do proof of correctness work, and it's quite possible to do this. But you can't do it in C or C++; the languages are too loose. It's been done well for Modula and Java, and a DEC R&D group had a very nice system going just before Compaq canned DEC's Palo Alto research labs. The rise of C killed off verification work; the decline of C may bring it back.

  7. Why Linux won't happen on the desktop on Five Things You Can't Discuss about Linux · · Score: 0, Troll

    Widespread adoption of Linux on the desktop isn't going to happen. Here's why.

    In 2004, it looked close. You could buy Linux desktop machines, and even laptops, at WalMart. Dell and HP had offerings. Today, the Linux laptops are gone from mainstream vendors.

    What happened?

    First, the laptop has replaced the desktop. Laptops used to be niche machines, expensive, fragile, and less powerful than desktops. That's changed. Today, for many users, a laptop is their primary machine. Laptops have less-standard hardware, and getting Linux to run reliably on a laptop without manufacturer cooperation remains iffy. Take a look at the laptop support instructions on Linux.org. Almost all the machines listed are out of production. (Many of the companies listed no longer even make laptops.)

    Second, the ability to handle content in proprietary formats has become much more important to consumers. Want to play a DVD, or talk to the iTunes store? Tough. There's been talk of a "legal DVD player" for Linux since 2000, and although two companies came close to shipping such a player, neither still does. Linspire does have one, but only for their version of Linux, and there are some players licensable by OEMs for embedded devices. Seven years after the first claims of "real soon now" in Wired, it didn't happen.

    Linux missed the window. Microsoft won. Deal with it, fanboys.

  8. DOT may already be paying for Vista on Microsoft Responds to DOT Ban on Vista, Office, IE · · Score: 5, Interesting

    ..it's our job to help DOT maximize the value of its Enterprise Agreement through the adoption of our technology.

    In other words, DOT is already paying for Vista, even if they're not using it. Remember how Microsoft enterprise-level "software assurance" works. You pay by the year, upgrade or not.

  9. Re:An aggressive GCAS might be a good thing on Remote Control To Prevent Aircraft Hijacking · · Score: 1

    The F-16 system isn't working from a terrain model, it's looking at the real world with radars. It avoided power lines and mountains; a building is no problem.

  10. An aggressive GCAS might be a good thing on Remote Control To Prevent Aircraft Hijacking · · Score: 5, Informative

    "You can't fly any lower describes an advanced ground contact avoidance system developed in Sweden and tested on F16s. This is really impressive.

    After moderate checks of the system at shallow dive angles and an aborted run or two, Prosser simulated several fatal mishaps. The first replicated a pilot flying on night-vision goggles (NVG) and losing situational awareness. With Auto-GCAS minimum descent altitude set at 500-ft. AGL (a medium-risk test condition), Prosser rolled into a partially inverted 5g turn, then back to a 90-deg. bank before relaxing his grip on the stick. The mishap pilot had lost the night horizon and, thinking he was approximately wings-level, let the nose fall. He was unknowingly diving toward the ground. Similar NVG-related accidents have killed F-16 and A-10 pilots.

    While the flat Rosamond Dry Lake raced upward at us, filling my out-the-canopy field-of-view, I glanced at my back-seat HUD repeater and saw two large chevrons moving toward the center of the display. Their arrow-points touched, and we immediately snap-rolled to wings-level and pulled sharply to about 10 deg. nose-up. When the "You got it!" annunciation sounded, we were climbing at about 317 kt. and 2,940 ft., roughly 600+ ft. above the lakebed--an artificially high altitude established for safety reasons.

    This thing is dealing with flight situations much tougher than anything the big transports do. It's designed not to interfere with typical attack aircraft maneuvers. We flew about 200 ft. above the ground at 520-560 kt., popping over high-tension power lines, hills and small ridges. Slipping through cuts in the desert mountains, rolling inverted to pull down the backside of ridges, and carving around the sides of rocky hills, Prosser demonstrated that a pilot could fly a normal, low-level tactical mission without experiencing a single nuisance fly-up. But go a little too low, and there's a "speedbump" as the system nudges the aircraft up a bit.

    The system turns off when you're set up for landing: slow speed, wheels down, flaps down.

    This would have saved United 93, where they had a fight in the cockpit. If the computers take over when the plane is headed into the ground, a number of situations become survivable. Not just hijackings; crashes due to pilot distraction or navigational error; what's called "controlled flight into terrain".

  11. Re:Too many demands on eyes on IBM Many Eyes After One Month · · Score: 1

    More specifically, there is only so much trained attention to go around. In the case of Many Eyes, interpreting the visualization takes a uni graduates equivalent of training. Not a degree, but similar capacity. Other slashdotters may argue to set the bar lower, but how much lower than High School Grad can it be in educational terms?

    Er, yes. This just showed up in Wikipedia: "On April 30, 1789, Spencer Shepherd, standing on the balcony of Federal Hall on Wall Street in New York, took his oath of office as the first President of the United States." It's taking the time of about five people to deal with this, clean up the mess, stop further vandalizing by the same author, and kick the offending user off of Wikipedia.

  12. Report this to "StopBadware.org" on Microsoft WGA Phones Home Even When Told No · · Score: 5, Informative

    This should be reported to "StopBadware.org". StopBadware.org's definition of badware requires prior consent to send personally identifiable information to a site. This should be enough to put WGA on the Badware list.

    Google is now flagging sites that have been identified by StopBadware.

    StopBadware is run by law professors from Harvard and Oxford, with assistance from Consumer Reports. StopBadware is effective. They complained about the Jessica Simpson screensaver, which installed spyware in May 2006. The makers of that didn't listen. In October of 2006, a US federal judge shut that outfit down.

  13. And Ataturk himself wasn't into censorship on Turkey Censors YouTube · · Score: 5, Informative

    The ironic thing is that Ataturk himself wasn't big on censorship. He was something of a liberal dictator, and was responsible for turning Turkey into a secular, liberal democracy. Turkey is the only Islamic country in the Middle East that works.

  14. You're probably witnessing a scam. on Telling Your Superiors Their Financial Data Is At Risk? · · Score: 2, Informative

    Remember Enron? WorldCom? Both had major telcom billing fraud components. You may be looking at a fraud.

    If there's an internal audit department, they should know about this. They have Sarbanes-Oxley responsibilities to check that internal audit controls are sufficiently tight.

    Sarbanes-Oxley has whistleblower protection: "Sarbanes-Oxley creates severe criminal penalties (including substantial fines, and up to 10 years in prison) for retaliation against whistleblowers who raise concerns about violation of any federal criminal statute, not simply laws limited to financial fraud." So if your boss threatens you, you can threaten back.

    Also, "Congress required corporate Audit Committees to create mechanisms for receiving anonymous employee concerns about financial improprieties." Find out how that channel works and make a report.

    The burden of proof is on the employer in these cases. This law has real teeth.

    Here's a lawyer who specializes in Sarbanes-Oxley whistleblower claims.

  15. Let's look at the change log on Source Control For Bills In Congress? · · Score: 4, Informative

    First, we're talking about 109th Congress, H.R. 3199, section 502, "INTERIM APPOINTMENT OF UNITED STATES ATTORNEYS." Version control is in Thomas, run by the Library of Congress. (Unfortunately, you can't link to Thomas documents effectively; it's a front end to a non-Web system and the URLs are temporary.)

    So where did that go in? The versions passed by the House and Senate are quite different, and this bill was rewritten in conference committee. This language isn't in either the House or the Senate version. We go to the Bill Summary and Status File, and look under "Amendments". This is the change log for the bill. Nothing about this is in there.

    This change was added in the House-Senate conference committee, which is how stuff like this usually sneaks in.

    The only reference to this change is in the conference committee's report, at House Congressional Record page H1130. The text is:

    Section 502. Interim appointment of United States Attorneys

    Section 502 is a new section and addresses an inconsistency in the appointment process of United States Attorneys.

    That's where it went in. But there's no indication of who put it there. The members of the conference committee were appointed by the Speaker of the House, and they were:

    • Sensenbrenner
    • Coble
    • Smith (TX)
    • Gallegly
    • Chabot
    • Jenkins
    • Lungren, Daniel E.
    • Conyers
    • Berman
    • Boucher
    • Nadler
    • Scott (VA).
    • Hoekstra
    • Wilson (NM)
    • Harman.
    • Norwood
    • Shadegg
    • Dingell.
    • Oxley
    • Bachus
    • Frank (MA)
    • King (NY)
    • Weldon (PA)
    • Lofgren, Zoe

    One of those members of Congress is responsible.

  16. Too many demands on eyes on IBM Many Eyes After One Month · · Score: 4, Insightful

    Too many people are trying to make others do work for them for free. There's only so much attention to go around. And we're running out.

    Wikipedia made people think this could work, but Wikipedia today is mostly cruft. Most of the good articles were added when Wikipedia was a tenth the size it is now. What's coming in now is mostly dreck. Existing articles suffer from ongoing churn, as people make marginal edits and others revert them, without much real progress. Jimbo got out at the peak of the bubble.

    Then there are all those "rating sites". Those suffer from a scaling problem - rating only works when the number of raters is large compared to the number of things to be rated. Otherwise, stuff gets rated up by people promoting it.

    What we need is more automation, not more eyeballs.

  17. Re:Slow lasers on 9 Laws of Physics That Don't Apply in Hollywood · · Score: 1

    That's George Lucas. Star Wars combat is modeled on WWI. The space fighter moves are copied directly from WWI biplanes. Nobody can hit anything when they shoot, even at point-blank range. Even in ship-to-ship combat. Spacecraft in space make noise. Armies are huge, stupid, and have tactics from the 19th century.

    It's magnificent, but it's not war.

  18. Associated Google ads on 9 Laws of Physics That Don't Apply in Hollywood · · Score: 4, Funny

    Ads by Goooooogle for this article:

    Radiation Exposure?
    You May Be Entitled To Compensation.
    We are Grand Junction CO attorneys.

    Artillery shells
    Browse a huge selection now.
    Find exactly what you want today.

    The second one links to eBay, of course.

    Google AdWords needs to be smarter about understanding the content from which it extracts ad targets.

  19. And there used to be so little on-line data on Digital Big Bang — 161 Exabytes In 2006 · · Score: 5, Interesting

    What's really striking is how little data was available in machine-readable form well into the computer era. In the 1970s, the Stanford AI lab got a feed from the Associated Press wire, simply to get a source of machine-readable text for test purposes. There wasn't much out there.

    In 1971, I visited Western Union's installation in Mawah, NH, which was mostly UNIVAC gear. (I worked at a UNIVAC site a few miles away, so I was over there to see how they did some things.) I was shown the primary Western Union international gateway, driven by a pair of real-time UNIVAC 494 computers. All Western Union message traffic between the US and Europe went through there. And the traffic volume was so small that the logging tape was just writing a block every few seconds. Of course, each message cost a few dollars to send; these were "international telegrams".

    Sitting at a CRT terminal was a woman whose job it was to deal with mail bounces. About once a minute, a message would appear on her screen, and she'd correct the address if possible, using some directories she had handy, or return the message to the sender. Think about it. One person was manually handling all the e-mail bounces for all commercial US-Europe traffic. One person.

  20. Re:Timeline 1997 on Microsoft Wanted To Drop Mac Office To Hurt Apple · · Score: 1

    That's the famous Apple-Microsoft deal.

    1997 was the year that Jobs sucked up to Gates on the big screen at MacWorld. That was when Gates' face appeared on the big screen, reminiscent of the Apple "1984" video. A 5-year deal was announced under which Microsoft would continue to support Office on the Mac, and Apple would settle patent and antitrust claims with Microsoft.

  21. GDC less technical now, because the industry is. on GDC Losing Focus In E3's Wake? · · Score: 1

    The GDC used to be more technical, but that's because the field is more mature now.

    Back in the late 1990s, people were struggling with trying to get game physics, programmable shaders, NPC control, and MMORPG services to work at all. So there were heavy technical sessions on subjects like that. Most of those problems have been solved now; improvements continue, but the basic problems are understood.

    Today, most of the problems in game development aren't algorithm-related. They're more concerned with scaling issues: more users, more terrain, more detail, more staff to coordinate. There's more concern about the production pipeline and less about algorithms.

    There are some harder-core conferences than GDC for game developers. I once went to a "Hardcore Physics" conference for game developers. Three days in an airport Marriott, with people filling up white boards with math. No exhibits, no distractions, no fanboys, no suits, but all the top people in game physics were there. That's where the real work gets done.

  22. Related perceptual issues give a clue here on Humans Hardwired to Believe in Supernatural Deity? · · Score: 1

    We're starting to get an understanding of this. There are some well known mechanisms in the brain which confer a survival advantage but are not rational. One is the tendency to see structure in random data. Related to this is a tendency to perceive cause and effect relationships that aren't justified by the data.

    Some of this has a survival advantage. It's useful to trigger the flight or fight reflexes before the situation is clearly dangerous.

    Someday we'll get to the bottom of the human tendency to band together under insane males, and then we'll make real progress.

  23. It's broken in Linux, too. Clear security hole. on Hacker Defeats Hardware-based Rootkit Detection · · Score: 2, Informative

    This sort of thing is why security people sometimes act so devoid of hope.

    Yes. The ability to directly access memory space by address from a FireWire connection is a totally inappropriate "feature" on a machine with an operating system. It's intended for embedded system debugging and remote device control. The FireWire interface hardware has it off by default. Windows has to explicitly turn it on. Despite the fact that, as far as I know, that feature is never used for anything legitimate.

    And yes, it's broken in Linux. I just looked at the hardware spec (see figure 5-28) and the source code for "fw-ohci.c", and there it is:

    reg_write(ohci, OHCI1394_PhyUpperBound, 0x00010000);

    That line says "external FireWire packets can access any physical address below (0x10000 << 16)", or, in other words, the first 4GB of memory. Apparently this security hole hasn't been upgraded for 64 bits yet, although the hardware supports a 48-bit memory address. Note the lack of any comments in that area. That one bit opens up a huge security hole, one known for three years, and nobody has fixed it.

    I'd suggest changing that value to 0, which turns this "feature" off.

  24. FireWire access can also be redirected on Hacker Defeats Hardware-based Rootkit Detection · · Score: 1

    The slide set mentions accessing memory via FireWire, but doesn't say much about it. FireWire understands packets for "reading and writing memory", along with ordinary data packets. But whether memory access packets actually read and write physical memory is up to the driver, when it configures the FireWire controller. The driver can set controller registers so that the physical address range accessible from the hardware controller is limited. Other addresses just pass the packets to the driver.

    So it should be straightforward to make a FireWire port return whatever contents of memory the attacker wants to display. Especially since, on PCs, that function isn't otherwise used for much.

    In fact, for security, a PC shouldn't accept FireWire memory read and write packets at the hardware level. (Does Windows? I know that QNX does not, having written a FireWire driver for it, and I don't think Linux does, but I'm not sure.) There's nothing that talks to a PC that needs that feature. It's used mostly for talking to "device registers" in peripherals (where, typically, the "device register" is implemented as a switch statement in firmware.) For example, you turn on and set up a FireWire camera by sending packets that write to "device registers". But the images from the camera come back as FireWire data packets, processed by software. They are not "external DMA transfers." You can only read or write one 32-bit word per "memory access" packet anyway, so it's a very inefficient way to move data. All sizable FireWire data is sent in longer packets processed by software.

    (FireWire is really a LAN, not a bus. FireWire controllers work a lot like Ethernet controllers, with buffer rings for input and output, although Ethernet uses collision detection and FireWire uses an arbitrarily-chosen master node to schedule the wire. It's not at all like the PCI bus.)

  25. Bad hiring decision on Wikipedia's Wales Reverses Decision on Problem Admin · · Score: 1, Interesting

    Wales did not comment on whether EssJay would continue to serve in his paid position at Wikia, the for-profit cousin of Wikipedia."

    Ulp.