Slashdot Mirror


User: jd

jd's activity in the archive.

Stories
0
Comments
13,841
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,841

  1. Re:Relativity DOESN'T impose cosmic temperature li on Is There Such a Thing As Absolute Hot? · · Score: 1

    I'm half asleep right now, but are you certain you're not mixing up heat and temperature? The two are not the same, and I could easily see heat increasing without limit but temperature increasing relativistically to a finite value.

  2. No, it's Fortran. on Is There Such a Thing As Absolute Hot? · · Score: 1

    This allows God to be real, unless declared integer. (See fortune cookie for details.)

  3. Re:Recently become available? on Mastering POSIX File Capabilities · · Score: 1
    Oh, I completely agree that that is what is done in practice. However, I think it's stupid and naive - even if you completely trust all the users, you can't trust all of the users' applications to be so bug-free all the time that they don't disrupt the system or delete critical files. For that matter, from the earliest known AT&T malware to computer viruses, malware has got itself added without the knowledge of users onto software.

    If you want to get a bit more paranoid, the sorts of companies using high-end clustering and HPC systems tend to be cut-throat, and viruses are cheaper to develop than products. I'm not saying that that has happened, but if you wanted to poach trade secrets, or screw up other people's results, that would seem to be an obvious weak link that would be much easier to hide and sustain than the usual social engineering techniques.

    If you want to get really paranoid, social engineering techniques ARE commonly used to break into systems. Unless all of the users undergo lie-detector tests using fMRI on a daily basis, how much should a company trust the users? Whether it's an aerospace corporation, a pharmacutical company or a Formula 1 racing team, the expense needed to pull a few Mitnick-like stunts but with hostile intent would be so insignificant compared to the cost of the projects these businesses do that it would be insane to assume it couldn't happen.

    Yes, you are absolutely correct. There are no B3-class clusters, at least not that I know of, and none of the Linux clustering software bothers with security beyond the most basic at the gateway point. HPC hardware generally has little or no support for security of any kind, aiming to maximize throughput. Admirable an desirable, but pointless if it means the results can't be used for anything.

  4. Re:Neocortex too complex on Researchers Simulate Building Block of Rat's Brain · · Score: 2, Interesting
    Even a single neuron is not well-understood. It was recently shown that neurons are not simply-connected, that a single neuron can carry complex information sufficient to describe emotional states, to definable subsets of the outputs. A typical computer simulation of a neuron generally resembles an N-input gate, where the combinations of inputs that would trigger an output could be likened to a user-definable truth table. Inputs are either there or absent, and certain combinations of input would produce an output. Multi-state inputs or outputs are done, but are less common.

    In practice, neurons seem to be a lot more complicated than that. Certainly, the inputs are variable state, the wiring is known to change over time (even in the adult brain, the wiring is dynamic), but if I'm understanding the current work correctly, then there are potentially multiple independent outputs, that triggering one output will not necessarily trigger any other output.

    Ok, you can simulate multi-state logic with binary logic - well, with enough binary logic - and you can simulate N independent outputs with N independent single-output neurons. This would mean you could simulate, say, 10,000 biological neurons with, oh, 16 independent outputs on average and where you have 16 independent inputs where each has 16 potential states, with 40,960,000 binary computer-simulated neurons. First, the current knowledge on neuron I/O probably post-dates the analysis in this study, invalidating the conclusions. Second, if it didn't and the study incorporated the knowledge, there is simply no way they could have simulated enough neurons to produce the results they claim.

    My conclusion is that the study would have to be evaluated in light of what is known now, not what was known at the time this study was conducted, by experts in neurological science and computer science, to determine if what the study is thought to show is what it actually shows. My belief is that it probably does not, but there's a reason peer review doesn't include the opinions of bloggers. Peer review is only valid when it is conducted by knowledgeable people in the field who have full access to potentially contrary knowledge and who are willing to use that knowledge to challenge and test a paper to its limits. Nonetheless, anyone can spot potential flaws.

  5. A decade? on Afterlife Will Be Costly For Digital Films · · Score: 1
    1997? Hell, magnetic formats were in widespread use in the 1960s! (The BBC used mag tape for recordings they didn't intend to preserve, so they could reuse the tapes.) Nor is the modern hard drive the sole storage format people will have used. You used any MLM hard drives recently? Drum drives? Laserdisks? (Remember the BBC's Domesday project, which can be accessed on a total of two or three machines today.) Bubble memory? 8" floppy disks? Variable-speed floppy disks? Cartridge drives? There were backup packages that could use VCR tapes - you think Betamax backups would be very usable today?

    Not that this is unique to digital formats. "Missing Presumed Wiped" often recovered recordings so old that only one or two machines still existed that could play them. I shudder to think of the technical complexities of the salvage efforts that were used to recover the Pathe Newsreels from the late 1800s. I've even got photographic negatives from a mining township in Africa from 1909, but you think it would be trivial for me to get reprints? I can't exactly take those down to Walmarts. Given how explosive old film was, I'm not even certain I can keep those negatives without violating fire and safety regulations.

  6. Re:Great news on Tcl/Tk 8.5.0 Released · · Score: 5, Funny

    Yeah, but coders who prefer other languages might be tk'ed off.

  7. Re:Recently become available? on Mastering POSIX File Capabilities · · Score: 2, Insightful
    Patches for POSIX ACLs have existed for some time. Patches for controls in excess of POSIX have also existed for some time. Some filesystems have also supported ACLs (POSIX or their own) for some time, independently of the rest of the kernel. Linux also has very sophisticated security modules, including Linux capabilities and SELinux.

    Linux having full POSIX capabilities is good, but frankly there are getting to be too many wholly independent security mechanisms. That's not to say that a single system would be good for everyone, but rather there should be only a few fundamental mechanisms which can be skinned to look like any of the "standard" mechanisms. The skins would then replace most of the implemented mechanisms, they would merely be configuration details. This reduces the possibility of insecurity by having too many opportunities for bugs, without limiting the system admins.

    The biggest problem I see with the current system is that it isn't comprehensive. There's no easy way to provide trusted computing to memory (especially shared on the system, distributed or otherwise networked), security models generally don't work over clusters (eg: migrating a process from one machine to another won't necessarily migrate security labels or permissions), VNIC and Infiniband cards can RDMA direct into and out of memory without reference to security models, etc. This isn't a Linux problem, per se, in most cases. It's a hardware problem. Hardware is designed to be insecure, by design, and there is nothing any OS can do about such limitations.

  8. Re:Dammit on Plexiglass-like DVD to Hold 1TB of Data · · Score: 2, Funny

    Then why are new kernels always released -after- I finish compiling the last one? :)

  9. Re:$30 ? on Plexiglass-like DVD to Hold 1TB of Data · · Score: 1

    Nonono. The writers will be legal, but the lasers they need will only be sold on the black market as an add-on.

  10. Re:$30 ? on Plexiglass-like DVD to Hold 1TB of Data · · Score: 2, Funny

    No, the second product is the disk reading drive. The third product will be the disk writing drive, and the fourth will be the drivers needed to use the second and third products.

  11. Re:Dammit on Plexiglass-like DVD to Hold 1TB of Data · · Score: 3, Insightful

    You do understand that that is how progress happens? When the number of people who have just bought a technology exceeds the critical threshold, new products are announced. Who'se ever heard of a new product announcement for something that hasn't just been bought? How often do you hear of a breakthrough that never led to a product, all because there were too few who has just bought the last generation? You are to be honored, for you are of Those Special Buyers who exceeded the threshold for optical mass storage.

  12. Re:Airline? on CEO of Red Hat Steps Down · · Score: 2, Funny

    Depends on whether you want something that crashes. If you do, an airline exec would be the ideal choice.

  13. Re:Virtual? You mean real on IBM Finding Business Uses for Virtual World · · Score: 1

    There are many perspectives, one being that matter is just organized energy and therefore nothing physical is "real". Alternatively, matter is 99.9999% empty space, only the electromagnetic and nuclear forces create the illusion of solidness. Finally, there is no obvious way to distinguish between a physical universe and a simulated one, provided it is a consistant, bug-free simulation. All that being the case, what constitutes virtual?

  14. Re:Google Cache Reveals Cause of Death on NetBSD 4.0 Has Been Released · · Score: 0
    If that is the case - and I've no reason to question your investigative technique - then this was not only tragic but probably needless. Depression isn't always treatable, but in many cases it is, provided it is spotted quickly enough, the doctors get the meds (if any) correct fast enough (it's a complex process), provided the person is assisted as necessary in keeping with the regimen, and provided the person gets additional assistance in figuring out what (if anything) external is triggering or worsening the condition.

    Hey, that's no small deal, but it can be done and is done. Those who have chronic, clinical depression and have both neutralized it in the short-term and are working to minimize or eliminate the underlying factors in the long-term deserve medals of honor. It's hard work and it's often expensive work. It is, nonetheless, doable work.

    It is wrong to blame anyone who kills themselves. It is also wrong to blame those who might have ben able to step in. It is, however, entirely appropriate to ask how things could have gone so far and what factors - including perhaps cultural - that led to this outcome rather than another.

    Science and technology have far too many tragic heros - people who have contributed much but died far too young for whatever reason. It is not the fault of their subject - science isn't toxic - but if we merely cry for the individuals and then do nothing different, all we will end up with is more people, exceptional extraordinary people, dying far too young, with far too much to still offer the world. (Not that anyone dying young is good, but there is a qualitative difference when it's someone who is working to make some sort of difference. There aren't many of them.)

  15. Re:I'm more interested in AoE on Intel Announces Open Fibre Channel Over Ethernet · · Score: 1

    Fixed Index Router Encapsulation has been deprecated, under the Directive for Emergency Management Of Nucleic Infrastructure Codices for Logical Abstraction Underlying Granular Hardware.

  16. Re:When is.... on New York Decision On ODF Vs. OOXML Approaching · · Score: 1
    Perhaps we ought to have "varying" standards for road design... or we should have ever-changing standards for building construction.

    South Carolina doesn't give even highways a foundation - their roads are built on piles of sand, with maybe a little gravel crushed on top. Not even the three-layer roads of Macadam and nowhere near the five-layers of Telford. As for building construction, building codes change after disasters (rarely before, when it might have been useful) and aren't exactly impressive. Particle board and vinyl?!?! In hurricane-prone areas?!?! And where does the ground line go on a plug board, when most wall sockets support only two pins?

    Seems to me that Microsoft's standards have one redeeming feature - they're comparable on IQ with all the other standards in use. True, that's not much... On the other hand, maybe if people are more willing to actually look at what they are agreeing to before they agree to it, we won't see such stupidity in such extraordinary proportions in future.

  17. Several problems on More Mac Vulnerabilities Than Windows In 2007? · · Score: 2, Interesting
    First, most announcement services won't/can't announce until the vendor approves. If Microsoft doesn't approve any announcements, then they will always be "perfect" by counting announced flaws. Second, the exploitability of a flaw matters. A hundred flaws that could never actually leave a system vulnerable in practice would obviously be superior to even one single flaw that leaves a system wide open to attack. Third, not all announcement services will cover all reported flaws. There are too many OS' and too many bugs being discovered to report everything. As a result, there is bound to be some degree of cherry-picking. It's not to say anything bad about any given service, it's just a consequence of the volumes involved. Lastly, there is the quality of the bugfixes. I can't remember the last time anyone actually recommended the first Microsoft service pack for an OS, although that's by no means unique to them.

    In the end, it is impossible to analyze the security of software by means of analyzing second-hand or third-hand reports, and extremely difficult to do so by means of black-box testing by means of probably incomplete documentation. However, I cannot seriously imagine Apple or Microsoft conducting a thorough security audit and software analysis. For that matter, I don't believe either could afford to do so. Microsoft may be rich, but Vista is big and the kind of skills required to conduct a comprehensive audit wouldn't come cheap, certainly not in the volume needed to conduct such an audit fast enough to get the results before software changes invalidated said audit.

    (Having said that, given that the world economy is so utterly dependent on the reliability of the IT infrastructure these days, there is also the question of how long it will be before it is uneconomic at a global level for there not to be such an audit. If an audit would cost a trillion dollars over the course of a year, then it only requires the total direct and indirect cost to business and government over the entire globe from such flaws to be a trillion and one dollars over the course of a year for it to be worth it almost instantly. However, the costs of flaws will always add up with interest but a single audit might easily be sufficient for the lifetime of an OS, if it's good enough. Given a long enough shelf-life and a high enough interest rate, how unreliable can we afford to have any software these days?)

  18. Hmm. Uhh, why? on How Feds are Dropping the Ball on IPv6 · · Score: 1

    What you can't discover via anycast, you can discover via the Service Location Protocol, Avahi, or by one of a myriad other discovery and announcement services. Why on Earth would you need to hard-code the address of DNS servers in this day and age? That's so quaint by today's standards.

  19. Re:What is IPv6 compliance? on How Feds are Dropping the Ball on IPv6 · · Score: 1

    Ok, 2.0.20. This is Slashdot, where typos are the norm. :)

  20. Re:I'm more interested in AoE on Intel Announces Open Fibre Channel Over Ethernet · · Score: 1

    But that only works correctly for Holistic Ethernet Link-Layer data centers providing Basic Realtime Infrastructure Management Support Technology Over Nextgen Ethernet.

  21. Re:I'm more interested in AoE on Intel Announces Open Fibre Channel Over Ethernet · · Score: 1

    That acronym is already used by a security scanner. (Which had a patch which renamed it SANTA for evangelical network admins.)

  22. I did on Vista Named Year's Most Disappointing Product · · Score: 4, Funny

    I had an expectation of 0, but the reality was closer to the square root of -1.

  23. Re:The astronomers explained on Black Hole Blasts Neighbor Galaxy with Deadly Jet · · Score: 1

    I'm more concerned with the fact that they describe the Jet protocol as deadly.

  24. Re:Web 2.0 on Bees Can Optimize Internet Bottlenecks · · Score: 1

    It is no longer called Web 2.0, that's so twentieth century. To conform to the new bee paradigm, it is now referred to as Honeycomb 1.5. Malware has also been renamed to Wasp. File transfer rates are now calculated in mead casks per unit druid. P2P systems no longer use seeds, they pollinate.

  25. Re:Academic Attitude on How Feds are Dropping the Ball on IPv6 · · Score: 1
    A few suggestions for getting into IPv6. First, there are a number of free IPv6 tunnel brokers. If you're using a DSL router that you can program with OpenWRT, all the better, as you can get the broker to talk direct to the router without any real effort on your part.

    Secondly, there are some excellent online guides to IPv6, describing the packet structure, the additional capabilities, history, and so on. There are also several mailing lists, the 6Bone archives, and pretty much all of the information circulating to do with Internet 2.

    Finally, software is good. The Linux kernel and the Linux-IPv6 project are good places to start, as is the KAME project. It is somewhat ancient now, but NRL had an excellent library for setting up sockets independently of whether they were IPv4 or IPv6. The library took care of the underlying issues. To learn about routing, I suggest starting with an implementation of RIP-ng or OSPFv6, both of which exist in many Open Source software routers. BIND has supported IPv6 sockets and resolving for some time. DHCPv6 is provided with most distros. RADVD is also a good program to look at. Apache is another good one, as it has some of the most heavily tested IPv6 code of any software package.