Slashdot Mirror


User: Animats

Animats's activity in the archive.

Stories
0
Comments
14,273
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 14,273

  1. "Continuously encrypted list"? on Netcraft: 5,600 Phishing Sites Since December · · Score: 1
    Yet the list of "phishing" sites is apparently encrypted. That helps out the crooks.

    Is that list being provided to law enforcement?

  2. It's tough keeping a location from being lost on Time Travelers' Convention · · Score: 1
    Trying to keep a piece of information like that from being lost over time is tough.

    At the 1939 World's Fair, Westinghouse buried a time capsule to be opened in 5000 years. So that it wouldn't be forgotten, thousands of copies of a book, "The Book of Record of The Time Capsule of Cupaloy Deemed Capable of Resisting the Effects of time for Five Thousand Years Preserving an Account of Universal Acheivments Embedded in the Grounds of the New York World's Fair 1939", were printed and distributed worldwide, to libraries, museums, and monastaries - institutions that seemed to have staying power.

    It's hard to find a copy of that book today. Not impossible; hundreds of copies still exist. But it's hard to find.

  3. Re:Eleven Reasons Why Jaron Lanier stalled on What Ever Happened to Virtual Reality? · · Score: 2, Insightful
    I've met Jaron, and I tried his very first VR system back in the 1980s. He still isn't admitting what's really wrong.

    Now that there's no real hardware obstacle to gloves-and-goggles VR, it's clear that the basic concept is flawed. There are two fundamental problems. First, eye-hand coordination in empty space sucks as an input method. And second, full-surround visual motion without physical motion makes you feel funny.

    Various "haptic interfaces" have been tried, and some of them actually work. Most of them are for small motions, as in sculpting or surgery. For those applications, it's often easier to use an ordinary screen than goggles.

    Working in VR? Imagine riding a rollercoaster as a job. Eight hours a day. While trying to do real work.

  4. AM radio? Is that still on? on Viacom Launches Podcast-Only Radio Station · · Score: 1

    Does anybody listen to AM radio in cities? It's useful for covering big open spaces, but an AM radio station based in San Francisco seems pointless.

  5. We need new SF on Hitchhiker's Guide Reviewed · · Score: 0, Redundant
    This recycling of old space operas must stop. Star Dreck has run its course. Star Roars bottomed out with Jar Jar. Battlestar Galactica sucked the first time around.

    There are far better space operas with movie potential. Honor Harrington. Sten. Even the old Lensman series. For comedy SF, Snow Crash had more potential. And what are we getting? Dr. Who, The Next Generation.

    When Space, 1999 comes back, we'll know it's hopeless.

  6. What prevents a man-in-the-middle attack? on Using Diamonds to Create Unhackable Code · · Score: 1

    Even if you can't listen in, you can receive and retransmit.

  7. The problem is C, not the hardware on Is the x86 Architecture Less Secure? · · Score: 4, Interesting
    It's certainly possible to build machines which prevent buffer overflows. Burroughs did that from 1958 to about 1990, quite successfully. Every array is in its own segment. Memory addresses aren't numbers; they're a sequence of descriptors, more like a pathname than a pointer. The last element of the pathname is the array subscript. A descriptor that goes off the end of an array generates a subscript-out-of-range exception.

    But it's tough to run C on that kind of architecture. C wants pointers to be addresses. The "array is a pointer" convention is a bad fit to a true segmented architecture. You can run Pascal just fine, but running C is tough. It can be done, but basically requires allocating all the variables in one big "array" at the hardware level, so you lose the protection. When C came in, the Burroughs machines (by then the Unisys A series) died off.

    So it's quite possible to fix this, but you have to dump C. This may happen as Java and C# get more traction.

    C++ doesn't help. It's part of the problem.

  8. The input-side limitation on Dvorak Trashes Modern Gaming Industry · · Score: 1
    The real problem with gaming is on the input side, not the output side. There are only a few things you can do fluidly with a mouse, joystick, or game pad - move around, shoot things, pick up stuff, and invoke canned commands. Most games are built around those limits, which is severely limiting. Dance Dance Revolution breaks through those limits, one of the very few successful games to do so. A few combat arcade games with sword or body move sensors exist, but they're rarities.

    In the early days of virtual reality, I was involved with Autodesk, which built the first prototype PC-based gloves-and-goggles virtual reality system. (It took two chassis of special-purpose boards, but the CPU was a 286.) Early thinking was that you'd be able to design and assemble things in virtual reality. Didn't work, and not for technical reasons. Without really good touch and force feedback, trying to do anything in VR is like trying to work while wearing heavy mittens. Working with your hands in empty air is slow, tiring, and error-prone. VR CAD turned out to be a dead end.

    But shooting works well in games and VR. This, fundamentally, is why shooting occupies such a central place in games.

  9. Re:Practical on Practical Common Lisp · · Score: 1
    For example, why would it be practical to do web programming in LISP instead of a platform like PHP, JSP, ASP.NET, or even Perl?

    Yahoo Store (previously Viamall) was a LISP application. That was something of a secret at the time; the developers didn't want to give up their competitive advantage.

  10. Real WalMart foundation site reads like a parody on Wal-Mart Parody Site Censored by DMCA · · Score: 1
    "Water Bottles Produced For Donation"
    "The Wal-Mart "Donated Water" label and program is one of the latest efforts to support our military." ... "If you know someone serving in the military, they may have been one of the first to see a new bottle of water produced for Wal-Mart and SAM'S CLUB purely for donation purposes. With this bright new label it is easy to see that both Wal-Mart and SAM'S CLUB are making the donation."

    That's their idea of a donation? That's advertising, not a charitable donation.

  11. Really paranoid security on Security for the Paranoid · · Score: 1
    One could do more than that, and much more effectively.
    • All mail is converted to plain text at the firewall.
    • All incoming web connections are filtered by software that drops all binary content other than JPEG and GIF images.
    • All other ports are blocked.
    • All serious work is done on a machine running NSA Secure Linux and fully locked down.
    • Gaming machines are stateless - on every startup, the entire system is flushed back to a known state. (There's a commercial software/hardware system to do this, and it's widely used by Internet cafes.)
    • No wireless connections.
  12. Re:PDF is A-OK on Microsoft to Introduce PDF competitor 'Metro' · · Score: 5, Insightful
    Why does Preview take a a matter of milliseconds to do what takes Acrobat fifteen seconds or more?

    Just think of all the extra things Acrobat has to do.

    • Load ads from Yahoo into toolbar.
    • Load and verify the "webbuy.dll" DRM system.
    • Load the PDF form management system.
    • Check with Adobe for updates.
    • Check with Adobe for more products to try to sell you. ("There's more to Acrobat than the Reader!")
    • Coming soon: Acrobat/Flash interaction. At last, animated PDFs!
  13. NEVER do that against Cravath on SCO Missing 16,209 Files? · · Score: 1
    One of the basic reasons that Cravath, Swaine, and Moore wins most of their big cases is that they make very few mistakes. And they catch those made by others.

    This is accomplished by sheer manpower. Cravath is a team operation - everything important, and most of the little stuff, gets checked by several different people. Cravath and IBM introduced the litigation support systems decades ago, and by now, they're wel integrated into the operation. Everything in the case goes in and gets indexed and linked.

    Dumping a ton of documents on Cravath will not help your case. Buildings will be filled with clerks, paralegals, and servers, until every document disclosed has been examined for anything that will help their side. If there's a contradiction in there, it will be found and used.

    It's not impossible to beat Cravath, but you have to have a strong case. Handwaving will not work. Opponents who try that will be shot down again and again by "You said that your company had never done that. But in document #B13549034, page 374, paragraph 5, your company admitted doing exactly that."

    Since Cravath's approach is well known, it's surprising that Boies let SCO go forward with their bogus arguments. This case is consuming about 0.01% of IBM's revenue. They're not going to cave.

  14. Who really needs CS majors? on Interest in CS as a Major Drops · · Score: 2, Insightful
    Many employers would like to have computer science majors, but how may really need them? In particular, how many need CS majors with advanced degrees?

    Xerox PARC is gone. DEC SRL and DEC WRL are gone. HP Labs is dead. Interval Research is gone. Bell Labs is a shadow of what it once was. Sarnoff Labs doesn't do much. IBM Almaden is being dismantled. SGI is in tatters. Apple R&D is very limited. And DARPA is going to stop funding CS research.

    Who's doing advanced work? Google and Microsoft seem to have the only big remaining CS research labs in the US.

  15. OpenOffice is better on OpenOffice vs. MS Office for Education? · · Score: 1
    • It has built-in "PowerPoint". Students can make presentations easily.
    • OpenOffice Draw is better than the one in Microsoft Word. (Visio costs extra, remember.)
    • It generates PDFs.
  16. Paul Allen is out of Microsoft. Way out. on EU Trade Commissioner Enjoyed MS Hospitality · · Score: 2, Insightful
    He left Microsoft in the 1980s. It's generally agreed that this was good for Microsoft. Allen's businesses since then, from Interval Research to the Experience Music Project to the Seattle Seahawks, along with a long list of little companies, have generally been flops. The phrase "the hell that is a Paul Allen company" is known in Silicon Valley.

    You don't want to take a ride on his yacht. It might sink.

  17. The Empower standard for DC distribution on Sensibly Powering DC Technology? · · Score: 1
    There's a standard for this, established for airline in-seat power outlets. Those provide 15VDC, and up to 10 amps.

    This works fine, but it's overkill for most applications. A box with four Empower outlets would need a 600W power supply.

    This might catch on if cars start coming with Empower outlets at the seats.

  18. Hostile code - forges SSL certs on Spyware or Researchware? · · Score: 5, Informative
    It's more than spyware. This thing reroutes all your browser traffic through their proxy. That's how they see what you're doing. It includes rogue SSL certificates so it can capture encrypted connections. Yes, they get to see all your credit card numbers. Major universities, including UCIC, UCLA, UC Riverside, UCSD, Texas Tech, Windsor, UNC, Old Dominion, Michigan, Iowa, McGill, Carlton, Cornell, American University, Stanford, and Columbia are blocking conections to Marketscore for this reason. If you have Marketscore installed at one of those schools, you get a warning page like this.

    Some banks also block online banking sessions coming in via Marketscore's proxies.

    This is the same spyware previously known as "netsetter". There's no question about this being spyware.

    Here's Stanford's Information Security Office's statement on Marketscore.

    • Security Alert: MarketScore Spyware
      11 Jan 2005

      MarketScore (also called NetSetter) is a spyware-like application that compromises the security of all data sent or received by your web browser, even on "secure" encrypted web sites. All external browser communications are re-routed through MarketScore's proxy servers, so they have access to any "secure" traffic/passwords/accounts that otherwise would be encrypted.

      If you have MarketScore installed on your computer and have used your browser for any services that require WebLogin, your password should be considered compromised. After you have removed MarketScore from your computer, we strongly recommend that you change your SUNet password. This advice also applies to any other secure web sites you may have visited with your browser.

      The Information Security Office is directly contacting owners of machines that appear to behave as if MarketScore is present.

      Technical Detail

      MarketScore reconfigures the browser to use a "proxy server" for all non-local connections, including HTTPS connections. A proxy server is a machine that acts as a middle-man, brokering web page requests intended for other sites. So if the browser on machine A wants to visit web sites C, D, and E it makes all those requests through the proxy server B. B then contacts C, D, and E and passes the results back to A. This is usually transparent to the user on machine A after the browser has been configured to use the proxy.

      Web proxies are typically used in a corporate environment where all web traffic must be controlled or inspected centrally, although in the case of secure HTTPS traffic there is ordinarily nothing the proxy can do except forward the connection or refuse it. In this case, the proxy servers belong to a company called ComScore where they collect and analyze the intercepted data.

      While ordinarily an HTTPS connection would simply pass through a proxy securely, in this case MarketScore also installs a new root certificate in your browser so that it can decrypt all intercepted SSL connections (a "man-in-the-middle" attack) without triggering a security warning from the browser. In normal operation, browsers would complain if a site certificate doesn't match the domain of the URL, but the new root certificate tells the browser to trust ComScore's site certificate for any URL.

    This goes well beyond what Marketscore claims their program does.

    That seems to settle the issue.

  19. Why should there be "printer administration"? on One Year Later - CUPS Admin Still Lacking? · · Score: 2, Insightful
    Printing should work roughly like this:

    You ask an application to print something. At most, you should have to specify which printer. The system should have figured out by itself everything it needs to know about directly attached printers. Anything on the local network that offers printing should have already been recognized. Faraway printers may have to be specified in some way, but even there, you'd expect a directory system or search engine to do the heavy lifting. There should be no need for explicit "system administration".

    That's how it should work. Yes, it's not easy to do it that way. Yes, there are some older printers that can't be automatically identified via their electrical interface. Yes, sometimes the system may have to find and download some format conversion program.

  20. Yet another garage band site on Indy: Auto-Discover Free Music to Download · · Score: 1
    There are already too many sites with free music by bands that suck. Endless archives of bad techno. "Collaborative filtering" won't help if the content isn't there.

    And why not just use a web site? What does "peer to peer" add, except inefficiency?

  21. Tape? They're not allowed to use tape. on Ameritrade Customer Data Lost · · Score: 3, Informative
    Brokers aren't allowed to use magnetic tape. SEC Rule 17a-4, "Records to be preserved by certain exchange members, brokers and dealers", requires write-once media.
    • (2) If electronic storage media is used by a member, broker, or dealer, it shall comply with the following requirements:

      (i) The member, broker, or dealer must notify its examining authority designated pursuant to section 17(d) of the Act (15 U.S.C. 78q(d)) prior to employing electronic storage media. If employing any electronic storage media other than optical disk technology (including CD-ROM), the member, broker, or dealer must notify its designated examining authority at least 90 days prior to employing such storage media. In either case, the member, broker, or dealer must provide its own representation or one from the storage medium vendor or other third party with appropriate expertise that the selected storage media meets the conditions set forth in this paragraph (f)(2).

      (ii) The electronic storage media must:

      (A) Preserve the records exclusively in a non-rewriteable, non-erasable format;

      (B) Verify automatically the quality and accuracy of the storage media recording process;

      (C) Serialize the original and, if applicable, duplicate units of storage media, and time-date for the required period of retention the information placed on such electronic storage media; and

      (D) Have the capacity to readily download indexes and records preserved on the electronic storage media to any medium acceptable under this paragraph (f) as required by the Commission or the self-regulatory organizations of which the member, broker, or dealer is a member.

    Brokers are required to use a storage medium where tampering is evident. Once that was bound ledger books written in ink. Later, it was bound books of computer printouts. Then it was microfiche. Today, it's CD-ROM or DVD-ROM. But not magnetic tape. Not even for backup.

    And if a securities firm outsources some of its back office operations, the outsourcing firm has to make certain filings with the SEC:

    • (i) If the records required to be maintained and preserved pursuant to the provisions of Sec.Sec. 240.17a-3 and 240.17a-4 are prepared or maintained by an outside service bureau, depository, bank which does not operate pursuant to Sec. 240.17a-3(b)(2), or other recordkeeping service on behalf of the member, broker or dealer required to maintain and preserve such records, such outside entity shall file with the Commission a written undertaking in form acceptable to the Commission, signed by a duly authorized person, to the effect that such records are the property of the member, broker or dealer required to maintain and preserve such records and will be surrendered promptly on request of the member, broker or dealer and including the following provision ...
    Ameritrade needs to address these issues. As a broker, they are not allowed to be casual about record-keeping.
  22. "There" tried this. Didn't work on Sony Online To Sell Virtual Property · · Score: 1
    "There" not only did this first, they overdid it. With branding. "Buy Nike shoes for your avatar." Didn't sell.

    There's a secondary market in Second Life currency. Gaming Open Market used to do this for other games, including Everquest, but they encounted publisher opposition.

  23. Apple is paying for this on iPods Valuable in the College Classroom? · · Score: 2, Interesting
    Duke is a bit vague about how much Apple is paying them to do this, but there's definitely Apple money in this:
    • Q: "What services are Apple providing?"

      A: "Apple is providing project management expertise and technical and functional resources."

  24. Ubiquitous, seamless, personalized spam on Grand Challenges in Networks for the Next 15 Years · · Score: 4, Interesting

    The major Internet applications, by volume, are spam, piracy, and advertising. This trend will continue. By 2020, 98% of all Internet traffic will be illegal in some way.

  25. The sump pump approach to security on A 2nd Core to Keep Windows Chugging Along? · · Score: 2, Interesting

    People bitch about the 20% or so worst case overhead for a secure microkernel, and then they want to tie up a processor running anti-virus software. This is like dealing with a roof leak by install a sump pump.