Slashdot Mirror


User: Animats

Animats's activity in the archive.

Stories
0
Comments
14,273
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 14,273

  1. Who's behind BatMax on Nanotech Brings Battery Life Extender for Mobiles · · Score: 5, Informative
    Anonymous businesses are illegal in many states, but they're usually not as anonymous as they'd like to be.

    Whois is "Domains by Proxy", so that's not immediately helpful.

    BatMax, Inc. is a valid Florida corporation, but their mail drop is "WORLD CORPORATE SERVICES, INC., 2665 S. BAYSHORE DRIVE, SUITE 703, MIAMI FL 33133". Again, not too helpful.

    The USPTO shows a trademark for BatMax: "BatMax Corporation, Suite # 3A, 9250 West Bay Harbor Drive, Bay Harbor Islands, FLORIDA 33154". That's a condo in Colony Bay Harbor Condos. It's a small residential building, and doesn't look anything like the "picture of BatMax skyscraper headquarters" on their web site. The building pictured on the web site is Espirito Santo Plaza in Miami, which is still under construction although partially occupied.

    From a BatMax press release, we get a name: Alain Aisenberg, and a phone number, (305) 865-1400.

    We find Alain Aisenberg talking about BatMax on an MIT mailing list.. There, he gives his cell phone number.

    A public records search finds that name in Miami, and gives us enough information to run a background check.

    But I'll stop there.

  2. Re:Have you ever BEEN to CHINA? on Taking My Freedom With Me to China? · · Score: 2, Interesting

    "The mountains are high and the emperor is far away."

  3. AT&T was supposed to be the valuable part on SBC Might Buy AT&T · · Score: 1
    AT&T was supposed to be the valuable part of the Bell System after the breakup. Freed from regulation, they would be the most powerful communications company in the world. The local operating companies, derided as "WACOs" (Wire and Cable Operators") were stuck with all the old, obsolete plant.

    That has totally turned around. The valuable part of the deal turned out to be the local wire monopoly. Being #1 in a competitive long distance market turned out to be of minor value.

  4. Hey, it beats Healthon on Tech Giants Push Open Standards for Health Network · · Score: 1

    Remember when Healtheon, Jim Clark's disaster, was going to do this with a proprietary system that put them in the middle of every health care transaction? At least this is an open standard.

  5. In other news, GM coming out with 2006 models on Apple Website Points to PowerBook G5 · · Score: 4, Funny

    There's also a rumor that General Motors will be coming out with new models later this year.

  6. What you can actually do with this exploit. on Zimmermann Enters Debate on Microsoft Encryption · · Score: 1
    This is a simple little bit of cryptanalysis, but it won't lead to a program that gets you a nice clean decrypted Microsoft Word document. If you have at least two versions of a document encrypted with the same key, you can just XOR them together. The result will be all ones up to the first change, and then it will be two texts XORed together.

    Separating two English texts that have been XORed together is quite possible. That's been known since Vernam two-tape systems of the 1940s were cracked. The paper described in Footnote 2, "E. Dawson and L. Nielsen. Automated cryptanalysis of XOR plaintext strings. Cryptologia, (2):165-181, April 1996.", covers the technique. This is a statistical technique, based on the fact that English is so redundant that two English texts XORed together can usually be separated.

    You won't get 100% recovery. You'll probably get back most of the English words. Images, no. Formatting information, no. The end result will look something like what you see if you look at a Word file in a text editor, only worse.

    For a classic example of this mistake, see Venona. The KGB's New York resident reused one-time pads in the 1940s. Cryptanalysis of that produced the information that A-bomb design data was being leaked, and after several years of frantic work, where the leak was.

  7. Re:Verifying compiler? Correctness proving tools? on Grand Challenges For The Next 20 Years · · Score: 1
    Wrong again.

    First, formally the halting problem is decidable for deterministic machines with finite memory. Either it halts or repeats a previous state. This isn't a particularly useful result, because the time required to repeat a state can be very large, but it does answer the undecidability problem.

    Second, if a useful program has tough decideabilty problems, it's defective. If you can't easily tell if a loop will terminate, the program has a problem.

  8. Anti-Firefox move on MS To Limit Security Fixes to Legal Copies of Windows · · Score: 1
    You're missing the real implication. This has the effect of forcing you to run Internet Exploder, so you can run Windows Update. It's an anti-Firefox move.

    Remember, after you run IE, you have to reboot to flush it out, because it doesn't exit.

  9. Re:They need to learn basic compsci on Grand Challenges For The Next 20 Years · · Score: 2, Informative
    just is NO WAY to do what they are talking about.

    Wrong. Machine-verified proof of correctness is quite feasible. We did it twenty years ago. The DEC SRL people did a nice proof of correctness system for Java in the 1990s, before Carly shut down DEC research. It's hard to build such systems, but not impossible. The theory is well understood now, which wasn't true when we did it.

    It's not that hard to prove loop termination. You must define some measure which, for each iteration of the loop, decreases. For many loops this is trivial. For most loops it isn't too hard. For loops so complicated that it's hard, add a loop counter to detect non-termination as an error.

    Proof of correctness went out of favor because C won the programming language battle, and C semantics are so ill-defined that formalization is hopeless. Java, though, isn't bad.

    The "design by contract" people have the right idea, but it's hard to retrofit design by contract to C++ in a sound fashion. If you're going to have object invariants, you need to insure that control never enters the object when the object is not in its stable state. This is a constant problem in C++, because you can call out of an object and then back in. (GUI systems are notorious for this.) You need to be explicit about inside/outside issues. There needs to be an explict way to say "control is now leaving this object" at the point you call something that could call you back. Without that, object invariants are meaningless.

    Hardware proof of correctness tools are widely used. Look up VHDL verifiers.

  10. Re:Persistence on Coyotos, A New Security-focused OS & Language · · Score: 1
    No, that was an improvement.

    First, if you put "persistence" in the OS, the OS has to know about disks, which, otherwise, a microkernel does not.

    More significantly, "persistence" means keeping your mistakes around. Memory leaks are forever. Software upgrades are very tough.

    OS design needs to go in the other direction, that of efficient transaction processing, where execution environments are created, used, and quickly flushed. That's better from a security and reliability standpoint.

  11. Yet another RPC protocol on What is JSON, JSON-RPC and JSON-RPC-Java? · · Score: 1
    Here we go again, a new RPC protocol based on a new marshalling protocol. We already have SunRPC (with binary marshalling), Java RMI (again with binary marshalling), and SOAP (with XML marshalling). Nobody seems to be using LISP S-expressions for marshalling. JSON has its own marshalling protocol, vaguely reminiscent of that used for VRML 97.

    There are some tempting "simplifications" in JSON, most of which may cause trouble if deployment becomes widespread.

    First, it's an RPC protocol, which means the client can call arbitrary functions on the server. This is always a potential security hole. Every function available on the server is effectively trusted. Expect attacks based on this. It's at least as vulnerable as CGI, but it's new, so new mistakes will be made. The most likely holes will involve not crashes, but the ability to make broader database queries than was intended, via "SQL scripting" type attacks. Resource exhaustion denial of service attacks by clients that make repeated calls is also a possibility.

    Second, there's no versioning. This works fine as long as a new client is downloaded on each use. If it's possible to get the client out of sync with the server, something will break.

    Third, error handling consists of closing the connection on any problem. This equates to one support call per problem.

    This new protocol will become bloated like the others as those problems are fixed.

  12. Total message integration on Google Plans Free VoIP In the UK · · Score: 5, Insightful
    Voicemail shows up in your gmail inbox, e-mail gets summarized in voice messages, voicemail is indexed...

    And it all has ads.

  13. Oh, foi a standard recharging plug on Wireless Power Recharging Nears Fruition · · Score: 1
    If the portable electronics industry could agree on a standard low-voltage outlet, life would be simpler.

    We have two standards now, the big, dumb 12V cigarette lighter outlet, and the ARINC 628 connector found at aircraft seats. The latter has more of a future.

    More ground-based stuff for ARINC 628 would be useful. Many laptops will already recharge from it. It is intended for consumer environments, protected against overload, and has a rugged connector. There are even pins for a data connection. But nobody seems to sell a desktop power supply with an ARINC 628 outlet.

  14. Yes, it's basically an improved PS2 on A Look Into The Cell Architecture · · Score: 2, Interesting
    That's exactly right. Despite all the hype, this is basically a new generation of the PS2 architecture. There's a conventional CPU and a number of dataflow vector units. The dataflow units have a small amount of fast local memory and access to main memory. Just like the PS2. This time around, everything is bigger and better, and there's more of everthing, but it's the same idea.

    The PS2 was revolutionary, in that it was the first successful non von Neumann machine. There have been many exotic architectures along these lines, from the Illiac III to the Transputer to the nCube to the Connection Machine, but they've all been failures in the marketplace. The PS2 sold in volume and made money. That was enough to get people to develop techniques for programming dataflow machines, which aren't fun to program. Working out those problems delayed games for the PS2 by a year or two, but now it's been figured out.

    Now that the techniques have been worked out, at least within the game development community, a new generation of the same approach makes sense. Especially for graphics, which parallelizes well. You can keep throwing hardware at graphics until you get to one processor per pixel per triangle, and still get performance improvements.

    Note the limitations. Each vector processor has only 128K (not MB) of local memory. This is like DSP programming; you don't have much local storage. There's access to main memory, but it will stall the vector processor, so you can't overdo it. Bashing your problem into chunks that fit that constraint is a major hassle.

  15. Spam is on the way out on The Spam Conference 2005 · · Score: 4, Interesting
    Spam, as an advertising vehicle, is dying out. If it's an obvious ad, it gets filtered out, and if it's a fake, it's a CAN-SPAM act violation. Either way, it's useless to an even vaguely legitimate business. There's still plenty of spam being sent, but the amount being read by anybody is down.

    Spam for fraud schemes is growing. But even there, some kinds of frauds are dying out. We don't see many stock pump-and-dump spams any more. This is partly due to action by the SEC, but it's mostly due to lack of investor ignorance. Spamming about a stock doesn't affect stock prices much any more.

    Fraud schemes are a law enforcement problem, and we're seeing more action there, because the "phishing" thing has grown to be such a big problem.

    Between lawsuits by Microsoft and AOL, enforcement by the SEC, banks watching for phishing schemes, and, finally, some activity by the FBI and FTC, being a spammer is becoming more hazardous. We've seen a few spammers go to jail, which should have some deterrent effect.

  16. Pioneer is NOT a US company on Chinese DVD Makers Sue Over Royalties · · Score: 1

    Pioneer's corporate headquarters is at 1-4-1 Meguro, Meguro-ku, Tokyo 153-8654, Japan. Its president is Kaneo Ito. Main plants are in Tokyo and Saitama prefectures. Production is being moved to plants in Southern China.

  17. It's not a US technology on Chinese DVD Makers Sue Over Royalties · · Score: 3, Informative
    This has nothing to do with US technology. The 3C patent group is Sony, Pioneer, and Philips.

    You cannot build a CD or DVD device without licensing technology from Japan. Or even a VCR, as Go Video found. American companies no longer own the key consumer electronics technologies.

  18. Re:It's WEBSideStory , not WestSideStory on Firefox Continues Gains against IE · · Score: 1

    Not to be confused with Webstrands Platform, from the first Spiderman movie.

  19. Re:Fun with rotary on Build Your Own Rotary-Dial Cell Phone · · Score: 1

    The absolute minimum needed to make a call on an analog phone line is a speaker and two wires. Put it across the line, and you'll get dial tone. Disconnect for a fraction of a second, and you've sent a dial pulse. Talk into the speaker, and you'll transmit, weakly. The speaker will work just fine as a receiver.

  20. Overoptimistic yield assumptions on What You'll Wish You'd Known · · Score: 1
    10% long term returns are totally unrealistic. Realistic long term returns are around 5%. Maybe less. Over the past five years, the average return on US investments has been near zero. In Japan, it's been near zero for the last 20 years. US stocks are overpriced by about a factor of two based on historical P/E ratios. Only desperate attempts by the Fed have kept stocks up where they are now. That's partly why interest rates are so low. Otherwise everyone would bail out of stocks and buy bonds, which is starting to happen.

    The bubble in the 1990s was just that, a bubble. It's over. More than that, the hangover after a bubble and crash takes decades to overcome. Historically, the DJIA increases at about 2.5% per year, except during "booms". There have been two "boom" periods, 1941 to 1954 (about 8%/year), and 1983-1999 (about 13%/year). The boom in the 1920s could be counted, too, but it came and went so fast it didn't affect the long-term trend.

    On top of that, there's the demographic issue. For twenty years or so, there's been a net inflow of money into stocks. As boomers retire, there will be a net outflow. This will gradually depress the market over the next 2-3 decades.

    Bush's scheme for privatizing Social Security is an attempt to pump money back into the market to boost stock prices. (Brokerage houses are salivating over the fees, commissions, and the opportunities to make big money off the dumb money.) It won't be a big win for people who opt for that scheme.

  21. Most of that is wrong, although law is going there on Think Secret Gets Lawyer · · Score: 1
    Until 1985 or so, that was totally wrong. Until 1996, that was mostly wrong. And in some states, it's still wrong.

    Historically, the law was hostile to trade secrets. If a third party not bound by contract found out a trade secret, it wasn't a secret any more. If you wanted to protect a technology, you had to get a patent, which has narrow coverage and a limited lifetime.

    That's changed, due to the Uniform Trade Secrets Act and 1996 Federal legislation. But it varies from state to state. Massachusetts hasn't enacted the Uniform Trade Secrets Act. Federal law is about "commercial advantage". It's not clear how this will unwind.

    Compare, for example, Popular Mechanix spy photos of prototype cars.

  22. Not in 30 years - debug time problem on Do You Want to Live Forever? · · Score: 1
    One problem with life extension technology is that it takes a long time to debug. Decades. It will take a century to test out a life extension genetic mod. It's not like you can do accelerated life cycle testing.

    Despite that, we'll get this right eventually. Mammals don't wear out; their own cells kill them by evolved-in timeout first. We'll probably reach the point where people die at the rate of about 0.5% per year independent of age.

  23. Wiretapping has been outsourced to Verisign on Why Did The FBI Retire Carnivore? · · Score: 4, Informative
    Verisign, the first name in wiretapping, offers their NetDiscovery service to law enforcement. In their words,
    • Complete Lawful Intercept Service

      VeriSign's NetDiscovery service provides telecom network operators, cable operators, and Internet service providers with a streamlined service to help meet requirements for assisting government agencies with lawful interception and subpoena requests for subscriber records. Net Discovery is the premier turnkey service for provisioning, access, delivery, and collection of call information from operators to law enforcement agencies (LEAs).

    Verisign does this for telephony by using (or abusing) their control of Signalling System 7., the routing network for telephony. When a wiretap request comes in, they change the SS7 routing data to route calls to/from the phone of interest to their call monitoring center, from which the call is then routed outward again. To the telephone network, this looks like call forwarding. This approach requires no additional hardware at the wireline carrier; it's done through the existing SS7 infrastructure. (Incidentally, this should increase latency, depending on how far you are from Northern Virginia. But they may have remote monitoring centers by now to cut that down.)

    Verisign also offers wiretapping services for mobile phones, and cable-based VoIP.

    Efforts are underway to integrate NetDiscovery capability into future Cisco routers.

    Verisign takes the carrier or ISP completely out of the loop. "Authorized Government agencies" can submit their wiretapping request to Verisign, where they are "reviewed by a paralegal" and then implemented. There's no need for the carrier or ISP to even be aware of the wiretap.

    So that's why there's no need for Carnivore any more.

    Verisign - your full service wiretapping solution provider.

  24. Re:Bluetooth maybe? [no text] on Phishing In The Channel · · Score: 1
    No, no, no. You don't want something where someone can access a token without the user's knowledge.

    Something where you hold the token up to a barcode on the screen is more like it. Users would understand that as "signing" something.

  25. Been there, done that. It sucks. on Are Extensible Programming Languages Coming? · · Score: 1
    There are real problems with too much extensibility in programming languages. The code becomes unreadable. There was a minor fad for extensible programming languages in the early 1980s, and it was a disaster. All the extensible languages died out.

    Ever come across C code like this?

    #define BEGIN {
    #define END }
    ...
    int main()
    BEGIN
    printf("Hello, world");
    END;
    Not fun. Macros are usually a problem, not a solution. (Sometimes XML seems that way. XML enthusiasts are making every mistake made by S-expression enthusiasts in the LISP era.)

    There's been some discussion of a system for adding attributes in C++. C++ has "auto", "static", "explicit", "volatile", "extern", and "const". Microsoft's version adds another dozen or so more. These are all keywords, and every time a new one goes in, it breaks things. Plus the interaction of attributes and overloading is very ad-hoc. But so far, nobody has made a proposal that looks workable. And that's a minor bit of extensibility in an area where people agree there's a problem.

    Another issue is how to manage non-text assets in software. This is a medium-sized problem for most programmers. It dominates game development, where you have everything from level maps to motion capture data to manage. There are specialized tools for game developers, like Alienbrain, to store, track, and maintain version control on all those assets.