Slashdot Mirror


User: fuzzyfuzzyfungus

fuzzyfuzzyfungus's activity in the archive.

Stories
0
Comments
15,204
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 15,204

  1. Re:Secure wipes? on Mobile 'Remote Wipe' Thwarts Secret Service · · Score: 4, Informative

    Depends on the phone model, I suspect.

    My understanding is that the accepted "proper" way to do it is to have all the user-relevant data on the phone stored in encrypted form, with a stored key making it transparently accessible. That way, when the "wipe" command comes, you just have to nuke the key, which takes mere moments, rather than a potentially quite large block of Flash, possibly hiding behind one or more controller chips that are abstracting things, and remapping, and doing other stuff that interferes with your ability to wipe the data hard enough to resist an adversary willing to physically inspect the memory chips, or even a raw dump of their contents.

    If a phone implements that correctly, any three-letter-agency without a magic quantum computer stolen from the Greys isn't going to be able to do much about it. If there is some nasty flaw in their implementation, or if they use an inferior system of some sort, it is quite possible that fairly trivial attacks will reveal most or all of the information.

  2. Re:Personally Identifiable Information on EFF Says Forget Cookies, Your Browser Has Fingerprints · · Score: 4, Informative

    The trouble is, you only need to fuck up once(or, perhaps more realistically, a few times to let the algorithms bump their confidence in the ID high enough) for that information to become personally identifiable. And, once gathered, a body of "non-personally identifiable" information can persist for a time limited only by the plummeting costs of storage and can, at any future time, be linked with enough new data to make it personally identifiable.

    Some percentage, varying by person(and by whether or not your ISP is selling you out to anybody like Phorm), of site visits are personally identifying with a fairly high degree of confidence. For a substantial number of people, that's probably just facebook. In other cases, patterns of activity across a few websites make inferring your identity with fairly high confidence reasonably plausible. Because things like 3rd-party ad networks and whatever "I can't believe its not beacon" tech facebook is using today, have cross site reach, often remarkably broad, it is by no means unrealistic to expect that, over time, at least one of your personally identifiable visits or visit clusters will overlap with the reach of one or more ad networks with extensive "non-personally identifiable" knowledge of what your browser fingerprint has been up to. At that point, the previously "non-personally identifiable" is suddenly personally identified.

    Most people aren't even paying attention. Even the ones that are are likely imperfect in their execution, and keeping up with the scope and sophistication of what a competent data-miner could infer would practically be a full time job. Unless you are a truly bland person, you can probably be identified with fair confidence on surprisingly little data. Worse, as TFA notes, a lot of the common "privacy" measures and extensions and so forth actually make your browser substantially more unusual than it would otherwise be.

  3. Re:Oil at Key West already. on Gulf Oil Spill Nearing Loop Current · · Score: 3, Funny

    On the plus side, with recent advances in DNA computing, we should just be able to introduce bzip2-capable e. coli into the environment, which will shrink the tarballs to a more manageable size in no time...

  4. Re:How old are they? on Gulf Oil Spill Nearing Loop Current · · Score: 3, Funny

    Those guys are morons.

    Everybody knows that Haliburton's patented petro-evil technology is the best in the business for artificially triggering earthquakes near impoverished nations as a pretext for the militarized export of neoliberal capitalism; but if you want nano-sized Black Helicopters, you need the nanotech that SAIC acquired when the reverse-engineered the Roswell Grey artefacts under contract from the Rand corporation...

  5. Re:Quantum Bullshit on Commercial Quantum Cryptography System Hacked · · Score: 1

    And endure the outside chance that the prime factorization guys will come up with something useful in the real world in 10...

    Obviously, for the vast majority of applications it is total overkill. Quick quiz: Do you own/seriously lease the actual fiber over which you are transmitting? If not, you are definitely not a candidate. If so, you are probably not a candidate.

    There are, though, probably some applications where the risk of future disclosure is simply unacceptable.

  6. Re:Quantum Bullshit on Commercial Quantum Cryptography System Hacked · · Score: 2, Insightful

    In a sense, though it is called "cryptography", quantum crypto is basically about link integrity detection, rather than anything resembling cryptography in the classical sense.

    Basically, if you have a fiber run that you want to make sure nobody is tapping, you can either station trustworthy guys with guns every few yards along its length or you can put a quantum crypto box at each end. Given that the guys-with-guns approach is largely impractical(especially for buried or undersea lines) the potential to get the same effect just by putting a pricey network box on each end is rather attractive. Almost wholly unlike classical crypto, which is designed around keeping information useless without the key, even across known-untrusted links.

  7. Re:In reading kernel changelogs... on Linux 2.6.34 Released · · Score: 1

    It's a pity that the TWL4030 is rather less interesting than it sounds. Unless "power and performance management" is some banal-yet-slightly-intimidating BDSM euphemism...

  8. Re:This is great! on Software Recognizes Sarcastic Tweets · · Score: 1

    Assuming that it worked, and was available in a form factor that didn't creep people out(which could be tricky: machine vision system implies video camera and I suspect that a lot of people would find "Oh, yeah, I've got a video camera in my glasses, analyzing your every facial motion for me. Plus, you have no way of knowing what I'm doing with the footage" just a touch creepy) it would be pretty useful, and interesting.

    It would be interesting to see, though, whether or not it came to feel "natural". Consider the difference between your native language, and doing a translation assignment for $FOREIGN_LANGUAGE_101. By consulting the vocabulary and grammar lookup tables often enough, you can puzzle through the latter; while the former you can use without even thinking about it(or, perhaps more accurately, using it and thinking are practically one and the same).

    Having my augmented reality glasses tell me whether to shut up or keep talking would be useful; but I imagine that it would be difficult to build automatic, confident, empathic responses based on what a computer is telling you.

  9. Re:So Lets See, on MIT Designs Aircraft That Uses 70% Less Fuel Than Conventional Planes · · Score: 4, Funny

    Well, that and a bottle of jack daniel's, yeah...

  10. Re:DRM, restrictions, outcry on iPhone SDK Agreement Shuts Out HyperCard Clone · · Score: 2, Interesting

    To be fair, Microsoft, like Apple, has one platform of each type(actually, two of each type; because "monolithic and slightly confused" is how MS rolls).

    You've got your PCs running Windows. With the exception of kernel driver signing requirements on 64-bit Vista and later, you can pretty much do whatever the fuck you want.

    Then you have the Xbox360. Here, you can either pay nontrivial money to be Microsoft's special development buddy, and do native development and have your binaries cryptographically blessed, or you can pay substantially less money to be one of the XNA-based 'app store' developers. More accessible to small timers; but your applications still only run by the power and mere pleasure of MS.

    Since this is Microsoft, and they are huge, you also have the divide between WinCE/WinMo6 and lower and Windows Phone 7. The former is largely open, from the application perspective. The latter, Microsoft has said, will basically be a .net walled garden, along the lines of the App Store.

  11. Next on Fox... on Scientists Question Safety of New Airport Scanners · · Score: 4, Insightful

    "Why Does Liberal Academia Hate Security?"

  12. Re:You Know DRM is a Pervasive Problem When ... on Software Recognizes Sarcastic Tweets · · Score: 1

    Obviously, consumers just need to be "educated" about the benefits of next-generation premium-content ecosystems...

  13. Re:Same goes for flipping off cops on ACLU Sues To Protect Your Right To Swear · · Score: 3, Insightful

    When your power is conditionally granted to you by the people, for their security and greater good, abusing it is a very serious matter.

    If cops want to be assholes in their capacity as private citizens, that is not my problem. If they cross the line into employing state resources or power to do so, then they are lower than dirt in my eyes. Best case, they should find another line of work. Worst case, we can always run a little "How long will the crooked cop last in prison?" experiment...

  14. Re:This is great! on Software Recognizes Sarcastic Tweets · · Score: 5, Interesting

    As someone with Asperger's Syndrome(yes, actual extensive-testing-and-medical-consensus-of-qualified-shrinks, not "well, I like computers and girls make me nervous"), I suspect that it won't be of much use for that purpose.

    Many, though not all, Asperger's types actually have average to excellent parsing of written communications, or the strictly verbal component of other people's utterances(ie. the part that would get written down, if a transcriptionist were in the room). Odds are, most such people could easily outperform this algorithm(since, obviously, the purpose of the algorithm is to provide large volumes of adequate analysis for cheap, not to be human level).

    The part of communication that is really difficult, though, is the nonverbal component, the stuff that doesn't show up in text. Tone of voice, expression, tiny muscular movements and reconfigurations around the eyes, that sort of thing. Since typical social standards of politeness and interaction actually discourage direct statement of things(ie. "Your story bores me." "Yes, I am interested." "No, go away") in favor of relying on subtle nonverbal communication of those message, this can be a real handicap. You care about what others around you are thinking, since you naturally want to be on good terms with them(or, even if you don't, you want to be on bad terms deliberately, not accidentally); but you just can't tell, unless somebody explicitly says something, which is rare, unless you've already really fucked up.

    In fact, in my experience,(and yes, "my experience" = "N of 1" = "anecdote") I tend to find text-based communication comfortable for exactly these reasons. For normal people, strict text-based communication is harder, because they are denied the nonverbal cues that they normally take for granted. For me, I don't see the nonverbal cues that never mean much anyway, and we are both forced to rely on strict verbal expression, which is my best-practiced level.

  15. Re:Same goes for flipping off cops on ACLU Sues To Protect Your Right To Swear · · Score: 4, Insightful

    Police can waste people's time with power trips pretty much everywhere. Hence the phrase "you can beat the rap; but you can't beat the ride"...

    What is worse is that there are so seldom any repercussions for them doing so.

  16. Re:Can we move on? on Seagate Confirms 3TB Hard Drive · · Score: 3, Insightful

    Probably because "the big boys" in HDD manufacture have basically nothing interesting to bring to the SSD table(other than, possibly, some fairly generic interface patents). With the possible exception of HDD r/w head manufacture, which has gotten more chip-fab like as sizes and tolerances have gotten more demanding, the manufacturing methods for the two types of drive are basically nothing alike.

    Even the controller/controller firmware design isn't all that similar. HDD controllers have the task of extracting useful digital data from the ever fainter and denser analog magnetic fields on the platter. SSD controllers basically spend their time papering over the fact that Flash has highly asymmetric read/write behavior.

    Unless they fancy the idea of trying to recast themselves as semiconductor companies all of a sudden, the HDD guys are doing pretty much the most sensible thing available to them: running like hell in the direction of capacities that SSDs can't touch for less than a king's ransom.

  17. Re:KVM on Linux 2.6.34 Released · · Score: 2, Informative

    I can't speak for HP; but some of Dell's recent laptops appear to have had BIOSes written by either crack addled monkeys, or shareware programmers from 1995 equipped with VB6 -> assembly converters.

    The E6500, for instance, supposedly a solid business-class laptop, was announced August 12, 2008. As of January 25, 2010, it had enjoyed its twentieth BIOS update.

  18. Re:In reading kernel changelogs... on Linux 2.6.34 Released · · Score: 1

    I'm not sure exactly. The trend for modern oddball devices seems to be doing them in userspace with a libUSB driver. That isn't really a huge issue with game controllers, though, because virtually all of the modern ones are either USB HID or bluetooth HID, possibly with funny connectors(or, in the case of the Xbox360, some proprietary wireless protocol; but the PC dongle is, I believe, USB HID). For such modern devices, Linux does effectively have abstraction layers, either USB HID, or libUSB + userspace component.

    The "gamecon" module depends on "parport", though, so it would appear to be the place where oddball legacy controllers that can be bit-banged into working with a parallel port; but do not speak any PC-standard bus, go. Given that the parallel port is on its way out, as are most of these oddball controllers(either just wearing out, or having adapters that turn them into USB HID devices released, easy enough to find on ebay and similar), it wouldn't surprise me if no elegant "libparport" analog to libUSB exists for doing this in userspace and that there is basically no impetus in favor of one, given that this is basically just a hobby problem, and one for which relevant hardware isn't getting any younger....

  19. Re:pdf? on Scientists Propose Guaranteed Hypervisor Security · · Score: 2, Insightful

    Seems perfectly reasonable to me. Who would care more about provable hypervisor security than somebody with a badly infected guest?

  20. Re:Dangerous on Scientists Propose Guaranteed Hypervisor Security · · Score: 3, Interesting

    Well, to be fair, CS is math, and can involve definite formal proofs, Now, once you compromise on hardware requirements(Due to a scarcity of Turing machines, $IDEAL_ALGORITHM has been ported to x86...) or have to produce software at the speed of programming rather than the speed of proof...

  21. Re:Perhaps !1984 in TX, all doublespeak at Guardia on Texas Schools Board Rewriting US History · · Score: 2, Insightful

    It's funny. At some point, being held to, and holding yourself to, high standards seems to have fallen out of fashion.

    The reason that the stuff in Texas receives more outrage and attention is twofold: one, Slashdot is a largely, though hardly exclusively, US audience, so a fair slice of its members may be not too many steps away from being personally affected. More important though, is that nobody expects various authoritarian theocracies to act well, so when the don't, nobody is surprised. Texas, by contrast, is supposed to know better, so people are disappointed when they don't.

    Seriously. When did "Oh yeah, at least we aren't like those rag-heads and commies!" come to equal "good enough"?

  22. In reading kernel changelogs... on Linux 2.6.34 Released · · Score: 5, Funny

    I'm always amused by at least one strange juxtaposition of the big-serious-enterprise-server stuff that the corporate devs are most interested in and the oddball hobby projects that can get included as well, so long as they follow the kernel process.

    In this case, I think it was all the "multi-petabyte scaleable filesystem, esoteric btrfs improvements, kernel virtualization networking stuff, gamecon: add rumble support for N64 pads" that did it.

  23. Re:I thought we already had LSD on Using Augmented Reality To Treat Cockroach Phobia · · Score: 1

    Depends on your insurance coverage. If you've got the good stuff, you get the VR Goggles, that indeed do something.

    Otherwise, they slap a pair of CVS reading glasses taped to a USB cable on you and have a research assistant dump a box of cockroaches on the desk.

    If you have nothing at all, they just send you home, on the theory that you should be able to do plenty of exposure therapy there.

  24. Re:I thought we already had LSD on Using Augmented Reality To Treat Cockroach Phobia · · Score: 1

    Easier to pull the plug on electricity...

    Plus, with the googles, --oh-fuck-man-they-are-everywhere and --horrible-lumps-crawling-under-my-skin-cannot-scratch-deep-enough have to be explicitly specified when the program is invoked(unless they are specified in ~/.roaches, which is read at startup. Incidentally, if /etc/skel contains a .roaches file, you should really consider moving to a slightly less seedy hosting provider...).

  25. Re:easiest way to get involved on Getting Started Contributing Back To Open Source · · Score: 2, Funny

    C'mon, man. My bug is, like, totally repeatable on my l33t overclocked box. Neither you nor the guy who wrote Memtest86 can code well enough to keep up with its incredible speed...