Slashdot Mirror


User: fuzzyfuzzyfungus

fuzzyfuzzyfungus's activity in the archive.

Stories
0
Comments
15,204
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 15,204

  1. Re:Linux will save us on Is 'Quadroid' the New 'Wintel'? · · Score: 1

    NT was actually designed with portability as a goal(development didn't even begin on x86, that was a later port) and existed at least briefly in the wild on x86, AMD64, IA64, Alpha, MIPS, and PPC, along with a few others that never made it to release; but saw active development use.

    The third-party software scene, on the other hand, is pretty much a joke on anything that isn't x86 or, gradually, AMD64, so the only exotic survivor is IA64 in a few niche environments.

    Now, the fact that Android is designed for most 3rd-party software to run inside the Dalvik VM, on the other hand, could make a serious difference in portability(analogous to what NT's history might have looked like if Windows development had been .net CLR rather than win32 from the beginning...). The only trick would be those applications that make use of Android's native code access mechanisms, or those that only function at acceptable levels on hardware with particular characteristics.

  2. Re:In a word: no on Is 'Quadroid' the New 'Wintel'? · · Score: 4, Interesting

    I'm guessing that it will be rather worse for customers than Wintel...

    Wintel duopoly = lower margins for the companies that "make" the computers = greater incentive to take payments in exchange for bundling shitware and/or attempt to 'differentiate' with vendor shovelware.

    With cellphones: Same thing; but the customer is cryptographically prevented from uninstalling the crap unless the model is popular enough to attract a really solid mod scene and an easy-to-use custom firmware...

  3. I feel so terribly guilty now... on Google Algorithm Discriminates Against Bad Reviews · · Score: 3, Funny

    I wrote my favorite escort a glowing review, all about how much and how hard she sucks, and now google is going to downrank her and it will be all my fault! This is terrible...

    On a more serious note, correctly assigning "positive" or "negative" to a given adjective or phrase, across a wide range of subject areas, must actually be something that would give the computational linguists a bit of trouble(or 10,000 interns a very boring time of it)... Simply parsing star ratings or "out of 10" is easy enough; but is a vacuum cleaner that sucks good or bad?

  4. Re:Anyone checking these source file changes? on ProFTPD.org Compromised, Backdoor Distributed · · Score: 1

    As with SSL, you run against the fundamental problem of mechanisms that attempt to both verify and identify...

    It costs money to identify people/corporate entities, make sure they are who they say they are, etc. Therefore, nobody is going to issue a cryptographically incontrovertible statement about who you are for free. However, there are lots of people who really just want the crypto, not the ID, which means that(in absence of some sort of strong central control, like a state or Microsoft) you'll see strong downmarket pressures, to the point where my nonexistent cat could probably find some 'trusted' CA who would be happy to issue it a certificate for bankofamerica.ru... Then somebody dreams up "Extended Validation: what certs were always supposed to be; but for real this time, we promise!". And so begins the cycle again...

    The only vaguely novel quasi-solution I can see to this problem would be the concept of "stability attestation". There would be a number of servers(similar to DNS) that would operate as follows: I generate a keypair and an object(domain name, email address, etc.) that I wish to stabilize. I send that tuple to one or several "stability attestation servers". The server says "Ok, fuzzyfuzzyfungus, if that is in fact your public key, pass this challenge-response test.". If I do, the server generates a signed manifest stating that the tuple {fuzzyfuzzyfungus/slashdot account, $Public_Key} passed verification at $TIME.

    At any future point, anyone can query an SAS, with my tuple and receive either "Verified at $TIME" or "Yeah, not so much, a tuple containing the same object; but a different public key, verified at $TIME. Impersonation suspected."

    This would be useful in situations where you want the ability to do crypto with someone, as with SSL or PGP; but knowing somebody's real name/SSN/whatever either won't help you much, or is not something they want.

    In my case, for example, knowing my real name wouldn't help you much in determining whether "fuzzyfuzzyfungus" is full of shit or actually a pretty insightful guy. My bio is just pretty bland, and I have no real desire to tie it to slashdot. However, knowing that I'm the same "fuzzyfuzzyfungus" as the one who posted my last N messages allows you to judge me by my record, and would allow you to reset your trust metrics if I suddenly changed.

    The same is true of most websites, FOSS authors, small companies, and so forth. Knowing "Who they are in real life" barely matters. Knowing that their server got hacked yesterday and that I SHOULD NOT extend my historical trust metrics on them into the present is highly valuable...

  5. Re:Anyone checking these source file changes? on ProFTPD.org Compromised, Backdoor Distributed · · Score: 3, Insightful

    I suspect that the real problem would be chicken-and-egg adoption issues. Anybody with competence in the right area could probably bang out a functioning prototype firefox plugin addressing either the cases of SSLed sites also being expected sign their binaries with their existing SSL setup, or the FOSSier case of developers signing with their GPG keys and posting MD5 hashes in approximately an afternoon.

    Trouble is, unless broadly and swiftly adopted, people won't see the "this package is not cryptographically verified" message as being problematic in the slightest, if that is the case, the attacker can simply not sign, and nobody will care(the current situation on Windows, which offers cryptographic verification of installers before install is largely this way. Enough outfits, even fairly respectable ones, just don't bother, that the security gains are minimal, despite the mechanism being technically and mathematically sound). If you make the message scarier and/or harder to get around, people will just go with something that doesn't get in their way. Only if lack of signature was considered a shocking fault would anybody really be saved...

    Architecturally and mathematically, the solution works just fine; but it fails on the critical adoption mass problem...

  6. An odd object... on British Aircraft Carrier For Sale On Auction Site · · Score: 4, Insightful

    Obviously, anything made of that much steel, and capable of being tugged where you want it, has a floor value as a substantial amount of quality scrap; but I have to wonder if it has much more than that. Given its age and poor condition, refitting it will be fairly expensive and require some expertise. It also presumably lacks any refinements made in carrier design in the past 20-30 years.

    Unlike, say, low end armored vehicles, for which there is always demand because even tinpot dictators have even more tinpot rebels to crush with them, aircraft carriers are sort of a "superpower or nothing" weapon. Unless you have the cash to maintain one, the air force to be worth projecting into blue water, and the support/defense/meat-shield carrier group ships to protect the thing, it is nearly useless to you. I would assume, therefore, that your standard "diamond/oil/cocaine/etc. kingpin who buys weapons because his country is a shithole with no internal industry" is basically off the table, unlike the case of some APCs or crates of RPGs or such. On the other hand, even if the ship is actually a good deal for some developing wannabe power, enough military procurement decisions are made as pork/spoils/makework deals that support for just buying the thing, rather than having some native shipyard build one, would seem doubtful, unless a country simply has no such capabilities.

    Can anyone think of a buyer, without invoking Snow Crash?

  7. Re:For years on Dolly the Sheep Alive Again · · Score: 1

    Little did she know, when she went into the hospital, that she would be going out the back door and an entire new species of pluripotent mono-cellular eukaryotes would be leaving out the front...

  8. So it is written. on Dolly the Sheep Alive Again · · Score: 3, Funny

    Abduhl Al-Hazred, in his Necronomicon wrote:

    "That is not dead which can eternal lie,
    And with strange aeons even death may die."

  9. Re:That old saying applies on Attack of the Trojan Printers · · Score: 1

    You can skip the hardware effort, in a fair number of cases. Your modern workgroup network printer is running a pretty beefy board(400+mhz ARM/MIPS, 128+MB of RAM, and an embedded OS that often hasn't been looked over with especially impressive care. It should, with a fair few models; be possible to be running the attack/surveillance code directly on the otherwise bone-stock printer control board. When somebody screwdrivers it open to clear a jam, they won't notice that...

  10. Re:Curious... on SanDisk, Nikon and Sony Develop 500MB/sec 2TB Flash Card · · Score: 1

    Given that 1080p is only actually ~2megapixels, while any camera that can shoot it is at least 10, it seems reasonable to prepare for the day when either the average resolution of the household TV increases, (or at least the time when video editors would really like to have some extra resolution to throw away while doing their tricks, in the same way that Photoshop guys really prefer huge source images, even when they'll be baking them down considerably at the last step) and embedded camera ASICs rise to the challenge. If you want 10megapixel 60hz video, or some 3d foolishness, or HDR, or somesuch, requirements will rise.

    Also, if I were the CF SIG, I'd seriously consider the possibility of a future in the enterprise storage arena... Let's assume, pessimistically, that the new CF card will be the size of a 54mm Expresscard: Allowing 1cm for socket and PCB, the CF card would occupy an area 85 mm deep, 54mm wide(call it 60, to allow for walls/guiderails) and 5mm thick(again, call it 9 or 10 just to be on the safe side.

    Under such assumptions, a 1u chassis could accomodate 4 CF cards high by 8 wide. 32 fully accessible, front mounted modules in a single 1U. A more serious storage shelf might take advantage of the fact that the cards could be mounted upright in a 2U(though it would be a bit tight) or quite roomily in a 3U drawer. Depending on how deep the drawer is, you could potentially get 60-100 rows of 8 into a single 2 or 3u unit.

    Obviously, the enterprise use of SSDs(crazy IOPS) is different than the camera use of SSDs(low power, shock resistant, reasonably fast linear speed); but economies of scale would still apply to cases, connectors, PCBs, flash, (and quite possibly even controllers, some of which would simply have two different firmwares, tweaked for different purposes).

    Even if cameras never need more than 2TB, overlooking the chance to gain extra economies of scale by being the next industry-standard crazy-dense SSD form factor seems shortsighted...

  11. Re:/. attitude on SanDisk, Nikon and Sony Develop 500MB/sec 2TB Flash Card · · Score: 2

    You really don't want to see the price sheets, which is why the SSDs that actually sell are still in the 16-256GB range; but 1TB SSDsare at or close to commercial availability in 2.5 inch sizes. You can already get 2TB, possibly 4, out of the larger PCIe expansion card type ones. Again, you'll be looking at 10k+ for toys like that; but they exist, and they can be expected to keep shrinking until the solid state physics guys come back with very bad news...

  12. Re:Good luck with that. on The Pirate Bay Co-Founder Starting P2P-DNS · · Score: 1

    It was an intended(perhaps botched) joke. There is a phrase "He tripped and hit is head on a bullet", used colloquially to describe an absurdly suspicious death that is officially accidental. Similarly "three rounds to center mass, one to the head" is obviously impossible to hit your head on; but is intended to suggest an "accident" carried out by well drilled individuals who want to be very sure, not just some junkie doing it for $50 and a dimebag.

  13. Re:Specification on SanDisk, Nikon and Sony Develop 500MB/sec 2TB Flash Card · · Score: 4, Interesting

    On the other hand, the "reader" should be as simple as a mechanical adapter for your Expresscard slot or some sort of PCIe card+extender cable for your desktop, since both options already provide a native PCIe lane, and at least the former is definitely hot-pluggable and the latter might well be...

    Technically, CF cards were in a similar position vs. IDE; but since IDE freaked out and dropped its marbles if you tried to hot-plug something, this was really only useful for building cheap, small, low-end SSDs for x86 embedded devices(a fair few embedded motherboards actually came with CF slots directly, replacing one of the IDE slots, to save you the trouble of the pin adapter. Super useful when building firewalls and stuff that needed more punch or professionalism than a hacked WRT-54G; but didn't want a bunch of spinning disks sucking power just to store less than 128MB of M0n0wall...)

  14. Re:/. attitude on SanDisk, Nikon and Sony Develop 500MB/sec 2TB Flash Card · · Score: 3, Interesting

    A spec is quite reasonable(though, so is pointing out that their spec is essentially a set of references to existing interconnects, which is again a perfectly reasonable way to build a spec. There don't seem to any major complaints with PCIe, the PCIe SIG is providing steady advances in bandwidth per lane for nearly free(to the CF guys), it exists in both PCs and embedded devices, making transfer easy, and you can always add a "pro" variant which contains two or more lanes if you really need the extra bandwidth)...

    The only part that doesn't make sense to me, especially if they are shooting for the Serious Pros market(since SD has basically devoured everything from 'just expensive enough to populate the expansion header' up to 'mid-level DSL') is the 2TB limit. That limit has already very nearly been reached in 3.5inch and 2.5 inch SSDs, and the Large Format Digital(why yes, I am shooting 50 megapixel RAWs, because I'm better than you) and DSLR HD Video (Yup, full 1080p with the limited compression provided by a camera ASIC...) markets are certainly reaching the point where the idea of 2TB is more of a "workable, if irksome" limit rather than a "Please pick my jaw up from the ground where it has fallen, oh magical miracles of the future" type of thing.

  15. Curious... on SanDisk, Nikon and Sony Develop 500MB/sec 2TB Flash Card · · Score: 4, Insightful

    The move from PATA to either SATA or PCIe was pretty much as expected(PATA being a dead end, development wise, and lots of pins and traces not doing your BOM costs any favors). The 2TB limit surprise me, though. Obviously, you can save a few bits here and there by reducing the maximum address size; but(by virtue of exponential growth and powers of two) you can absolutely blow the roof off the maximum size limit for just a few bits more here and there.

    If this standard were promulagated in 1995 or something, when 2TB hard drives were basically science fiction, and 2TB solid state drives not the size of entire rooms and costing the GDP of one of the smaller European nations were also basically science fiction, I could understand a 2TB limit(just as the old-school sub-48-bit-LBA HDD size limits are annoying but understandable in context). However, you can buy 1TB SSDs right now. They are not cheap; but they cost less than a decent car. 2TB devices that are basically the PCBs of the 1TB devices with a cheap RAID chip in there somewhere are also in existence. If you are developing a new standard, one that completely changes the electrical substrate and will thus never be backwards compatible(unlike earlier CF standards bumps, which, with the exception of 5v/3.3v changed nothing on the physical side), why would you set a limit that will probably be exceeded in the lab inside two years, and available to the more-money-than-sense crowd in 5? Are the few extra bits that would take you from 2TB to a zillion Petabytes so expensive?) It wouldn't be cheap; but you could(using bare dice and clever stacking and the case as a heat sink) get roughly 1TB worth of flash silicon, plus a controller of some kind, into the size constraints of a CF card right now. Doubling that can't be too far away, unless we hit some nasty wall, and interconnect standards have a way of sticking around for years. Why hobble this one?

  16. Re:I love the idea, on The Pirate Bay Co-Founder Starting P2P-DNS · · Score: 1

    Don't give the dark lord Murdock any ideas...

  17. Re:Good luck with that. on The Pirate Bay Co-Founder Starting P2P-DNS · · Score: 1

    I suspect that all but the most techno-clueless-my-gun-is-a-penile-prosthesis fed types are yawning right now. Alternate DNS schemes(albeit typically based on exactly the same tech as conventional DNS, just with different root servers) have been around for years, often as part of an attempt to squat on TLDs that ICANN hasn't approved yet, and all have foundered for lack of adoption. Less dramatically, it is totally unsurprising, and quite common, to encounter all sorts of odd setups inside corporate and institutional networks. The local institutional DNS servers are commonly both lying about certain registered domains(why yes, facebook.com is located at 127.0.0.1, their servers must be down...) and providing valid responses to totally unregistered stuff(printers, network scanners, etc.) that isn't reachable from the outside and thus has no need to be consistent with the global DNS hierarchy.

    The feds have been tolerating FreeNet for years, despite the empirical fact that it is so slow and irritating to use that it is largely kiddie porn, a dash of copyright infringement, and a few idealists. It just isn't a threat. Similarly, any Fed who hasn't been hitting the CIA LSD stash while watching old James Bond films and channeling the spirit of ol' Joe McCarthy, american hero, will realize that a project of this sort is A) unlikely to succeed. B) going to get streisanded all to hell if its founder dies in a mysterious falling down three flights of stairs and hitting his head on three rounds to center mass and one to the head accident and C) likely to have some network signature that will actually making locating the paranoids, pirates, and general naer'do'wells easier than it would otherwise be...

  18. Re:I love the idea, on The Pirate Bay Co-Founder Starting P2P-DNS · · Score: 5, Insightful

    I'd be more concerned by advertisers/audience tracker types than spammers(though, it is true, the botnet herders probably have enough hosts that, barring clever design, all domain names will point to h3rbal v15gra...)

    There was a story a while back, I think it hit slashdot, about a university research group that set up a bugged tor node in order to explore that network. Because, unlike most of the idealists and tinfoil hats running tor nodes, they had a 100Mb symmetric line or something equally punchy, they had become the exit node of choice for some alarming percentage of the system by the end of their study.

    Similarly, in the classic P2P scenarios, there are usually a few super seeders on University or colo connections, who end up moving a surprising percentage of the total traffic; because their connections are markedly better(and have basically 100% uptime compared to all the casual kids. Even when the casual kids actually introduce the material to the swarm, much of it ends up moving through the big guys.

    I would imagine, again barring careful design(which would be tricky; because speed is of the essence with DNS lookups, unless you want your experience to suck), that it would be fairly trivial for google, Phorm, Neilson(if they aren't still living in the 19th century), or the like to set up a few P2P DNS servers that, for a few hundred bucks a month per geographic region, are by far the most responsive and fastest in the area(basic dual-socket 1u colo box on a gigabit line, we aren't talking crazy money here) which would give them near-ISP level of insight into where users of the P2P DNS are going...

  19. Re:Two eyes are better than one on Combining Two Kinects To Make Better 3D Video · · Score: 1

    The (testable but not yet tested by the public, to my knowledge) question is whether a Kinect unit needs a prohibitive number of frames withits own IR unit on in order to figure out what is going on.

    If it takes 30-60 frames to do so, that is only a 1-2 second delay, which is nearly irrelevant from the perspective of the standard use case. Just have the menu do some slightly sci-fi transition during that time and they will never even notice.

    If, however, you are trying to use two or more Kinects with shutters, you go from "two Kinects, each at half frame rate; but no distortion" to "two kinects, approximately 1 usable fix every second or two' but no distortion". That isn't totally useless(if imaging a static object, throwing a few kinects on the floor and letting each take their turn, then crunch the results, is still pretty easy; but it is way too slow for 3d video purposes.

    If a Kinect can get a fast fix on startup, all is well and shutters would work, if not, you'd pretty much have to play wavelength tricks or put up with some interference...

  20. Re:Two eyes are better than one on Combining Two Kinects To Make Better 3D Video · · Score: 2, Interesting

    There is a class of visual inputs that makes the human brain just tie itself in knots, even once you know that the trick is, "optical illusions", Escher stuff, and the like.

    I wonder what the class of "optical illusions" for the Kinect's vision system and algorithms is... Off the top of my head, I'd imagine that retroreflective materials might kind of freak it out; but I'd be curious to know if there are any stimuli that cause it to wig out in weird ways, the way that optical illusions do the human visual system.

  21. Anybody in optics? on Combining Two Kinects To Make Better 3D Video · · Score: 4, Interesting

    How cost and/or physics prohibitive would it be to exploit the fact that "IR" actually covers a number of frequencies of invisible-to-the-naked-eye light with similar properties? Could one modify a Kinect with appropriate narrow-band filters, so that a second Kinect, with filters for a different narrow band wouldn't even see the dot pattern of the first? If possible, how many Kinects would it be possible for(or, at what point does the required narrowness and wavelength tolerance requirements become absurdly costly?)

    Is that A)Wholly impractical, because of some sort of effect the reflecting materials would have on the IR wavelengths, B)Sure, it's possible; but have you checked the supplier's price list for narrowband IR filters recently, or C)Just a bit of ebay and some steady hands?

    Perhaps more practically, I wonder if the Kinects could(with some mixture of hardware shutters and firmware or driver mods) be made to trade off sample rate for coverage(ie. if the kinects are ordinarily taking 60 frames/second, could two kinects be made to take 30 frames/second each, turning off their IR source when it isn't their turn, and turning it on when it is) or does their mechanism of operation require too much time to calibrate itself on startup?

  22. Re:I hope it's moderated on George W. Bush Live From Facebook · · Score: 5, Insightful

    Are you one of those who have managed to ignore the steady stream of FBI and other professional interrogators who claim that torture is, at best, no more effective that conventional techniques and, at worst, actually directly counterproductive, along with causing you to stoop to your enemy's level?

  23. Re:I hope it's moderated on George W. Bush Live From Facebook · · Score: 1

    Given that he was waterboarded at least 183 times, according to official figures, I imagine he got lots of practice(or fell into the increasingly unresponsive state that looks a lot like broken compliance; but is actually pretty useless because the suspect is too shot to tell you what you want to know, or even lie about it, they just sort of collapse into profound lethargy)...

  24. Re:I hope it's moderated on George W. Bush Live From Facebook · · Score: 5, Informative

    "During the Spanish-American War, a U.S. soldier, Major Edwin Glenn, was suspended from command for one month and fined $50 for using "the water cure." In his review, the Army judge advocate said the charges constituted "resort to torture with a view to extort a confession." He recommended disapproval because "the United States cannot afford to sanction the addition of torture." Yet President Theodore Roosevelt defended the practice. "The enlisted men began to use the old Filipino method: the water cure," he wrote in a 1902 letter. "Nobody was seriously damaged." A Punishable Offense In the war crimes tribunals that followed Japan's defeat in World War II, the issue of waterboarding was sometimes raised. In 1947, the U.S. charged a Japanese officer, Yukio Asano, with war crimes for waterboarding a U.S. civilian. Asano was sentenced to 15 years of hard labor. "All of these trials elicited compelling descriptions of water torture from its victims, and resulted in severe punishment for its perpetrators," writes Evan Wallach in the Columbia Journal of Transnational Law. On Jan. 21, 1968, The Washington Post ran a front-page photo of a U.S. soldier supervising the waterboarding of a captured North Vietnamese soldier. The caption said the technique induced "a flooding sense of suffocation and drowning, meant to make him talk." The picture led to an Army investigation and, two months later, the court martial of the soldier. Cases of waterboarding have occurred on U.S. soil, as well. In 1983, Texas Sheriff James Parker was charged, along with three of his deputies, for handcuffing prisoners to chairs, placing towels over their faces, and pouring water on the cloth until they gave what the officers considered to be confessions. The sheriff and his deputies were all convicted and sentenced to four years in prison." From here.

    As for it being torture or not, there are a couple of convenient tests(The first is Erich "Mancow" Mueller, talk radio host, attempting to refute critics of waterboarding, the second is Christopher Hitchens writing about his experience with trying it).

    There are certainly even nastier ways of hurting people(which, in part, is why waterboarding is so popular, none of that pesky physical evidence) but it is apparently way less fun than it sounds, especially if it can be repeated over and over, in combination with sleep deprivation, isolation, and the like...

  25. Re:And in other news... on Aging Reversed In Mice · · Score: 1

    I'm too worried about Union Aerospace's potential legal liabilities. They managed to take a surprisingly small one time writedown last fiscal year over the "horrific demonic entities spilling through a portal from hell" incident; but Microsoft's trademark infringment and brand diminishment lawsuit over their use of the "Union Aerospace: Where do you really, really, not want to go today" trademark has the potential to be much harder and more expensive to deal with...