Slashdot Mirror


User: swillden

swillden's activity in the archive.

Stories
0
Comments
18,006
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 18,006

  1. Re:Investments on Could New York City Cut Emissions 90% By 2050? · · Score: 1

    Banks wouldn't have to slash their mortgage profits, instead interest rates for non-green buildings would be higher

    Unless the higher rates were forced by regulations, this would never happen. The banks charging higher rates for mortgages on less-efficient buildings would be immediately undercut by other banks, and buyers would go where the rates are lowest. Mortgage lending is an extremely competitive industry.

    For that matter, even if higher rates were forced by regulations, the system would have to be watched very closely because banks would benefit from selling the higher-rate mortgages, so competition would push them to find other ways to incent people to buy those. Creative solutions might well end up pushing effective rates to parity. There's also the risk that if there's any sort of crunch in that supply of capital to lend, banks might actively avoid lending for green buildings, since it would be less profitable.

    If you want to use government power to alter private choices, don't try to hide it by doing it through some other private intermediary, because you'll get all sorts of unanticipated side effects. Just do it directly. Tax credits and subsidies for "green" buildings work, though it creates opportunities for people to analyze the letter of the provided definition of "green" and perhaps do things other than what was really intended. The simplest and most effective method is simply to increase the cost of whatever you'd like to reduce. Tax fossil fuels, for example. To make it even more effective, take the proceeds and use them to fund research into alternative energy sources, making them cheaper at the same time you're increasing the cost of CO2-emitting fuels. Or if your real goal is reducing CO2 emissions, just tax those directly, and invest the money in carbon sequestration projects.

  2. Re:By all accounts, the Model S is a great car. on Elon Musk Lays Out His Evidence That NYT Tesla Test Drive Was Staged · · Score: 1

    The charging stations are in the parking garage, yes. They're reserved for EVs until 11 AM. So I just need to make sure I get there before 11. If I happened to arrive later and needed to charge, it would be easy enough to send an e-mail and get someone to move, though that has yet to happen.

    In scenario that I simply cannot use any of the four charging stations at the office (I don't see that happening), there's a Nissan dealership 1 block north of the office which has another four charging stations, and a Walgreen's two blocks north that has two more charging stations. According to the map there's another two-station charging location about a block to the south but I've never looked into where that is, exactly.

    Finally, I can always plug in anywhere I can find a 110V outlet, which is pretty easy to do. However, that will be a much slower charge than the 240V charging stations.

  3. Re:No one will own cars on Tesla, Ford, Amazon Hint At Cloudy Future For Cars · · Score: 1

    Haha. Yeah, I would like to see a future where taxis were cheap to ride in. $50 for a JFK to manhattan taxi

    The bulk of the cost of a taxi ride is the driver's pay. I'm talking about self-driving taxis. Even if the computer and sensors double the price of the vehicle, the fact that it's kept in operation almost continuously will make a self-driving taxi's cost per mile far lower than that of a personally-owned vehicle. People dramatically underestimate how much money they pay to keep a vehicle sitting in the driveway/garage.

  4. Re:1 Hour of Recharging every 200 miles? on Elon Musk Lays Out His Evidence That NYT Tesla Test Drive Was Staged · · Score: 1

    Depends on the day. When I'm driving around with my GF, going to several widely spread casinos, restaurants, and other places, I easily exceed 100 miles.

    A feat easily achievable even with the likes of a Nissan LEAF or a Mitsubishi i-Miev, much less a Tesla Model S. 100 miles for a LEAF or an i-Miev is at the outer limits of its capability -- but only if you don't charge at all during the day. There are a lot more places you can charge than most people realize, even if you don't count random power 110V power outlets. I find that many, many restaurants and other businesses have outlets on their exterior, and almost none of them will object to you sucking up 50 cents worth of their electricity if you're going to be spending money at their establishment.

    Of course, 100 miles is easily within the range of a Model S, so your described day isn't even an issue.

  5. Re:Theory on Elon Musk Lays Out His Evidence That NYT Tesla Test Drive Was Staged · · Score: 2

    There is a possibility that might explain this.

    My Nissan LEAF's owner's manual warns against leaving the car parked out in cold weather, unplugged. The issue is that cold temperatures can damage the battery, so when the temperatures drop below a certain point heaters built into the battery kick on to keep it warm. Of course, the energy to run the heaters comes from the battery so this will draw the battery down, unless the car is plugged in to external power.

    The impression that I got from the manual was that even in very cold temperatures it would take weeks, not hours, or even days, to drain the battery, and my car's battery is much smaller than a Model S battery (24 vs 85 Kwh), but perhaps the Model S is more aggressive about keeping the battery warm, and the larger size means it has more battery to heat as well as more storage capacity to draw upon. But perhaps a 7% overnight drawdown is possible, given very cold temperatures. I don't have any direct experience with this, since I always plug in while parked overnight or at work -- plus my typical parking spaces are heated garages.

    On the non-linearity of the mileage drop, that doesn't surprise me at all, and I don't think it's related to the charge/discharge curve non-linearity. That curve should be very close to linear in that range. No, I'm sure it's because the car estimates mileage based on observed driving efficiency over the last few miles, and when it was turned on in the morning it saw that the last 50 or whatever miles appeared to be extraordinarily costly in terms of energy usage, because of the 7% of the capacity which just "evaporated".

    My wife notices a related problem every time she drives my LEAF. I'm a pretty efficient driver, averaging almost 5 miles per Kwh, which gives a fully-charged range of nearly 120 miles. My wife gets in the car and sees a range to empty of, say, 115 miles. But she is not a very efficient driver. Her driving averages about 3.2 miles per Kwh, even without running the heater. On cold days she cranks the heater to max and is lucky to get 2.5 miles per Kwh. So when she starts driving the range remaining begins to drop very quickly. Partly because she's using approximately twice as much energy as the car's estimate had assumed, but it's more than that. If it were just that, after driving 10 miles she should see 115-20 = 95 miles remaining. But the car adapts its estimate based on her driving pattern, so over the 10 miles she drives, she sees the range drop from 115 miles to about 50 miles.

    If I then get in the driver's seat, it's pretty common for the range to stay constant or even climb slightly for the first few miles as the car adapts its estimates. Ideally, the car should build driver profiles and base its estimates on those, plus information about the planned route (if available) rather than just going off of recent history.

    Anyway, I think the Model S in this case revised its range estimate based on looking at the battery level change over some recent interval, and assuming that future driving would show comparable rate of energy usage. This is a bug, IMO, but an understandable one.

  6. Re:By all accounts, the Model S is a great car. on Elon Musk Lays Out His Evidence That NYT Tesla Test Drive Was Staged · · Score: 1

    They are selling them faster than they can make them and it has received spectacular reviews from the automotive press--or at least any automotive press that hadn't already made up their minds that "electric cars suck".

    Electric cars do suck unless you own your own home. Since unless you do, there's going to be nowhere to plug it in since you cant exactly retrofit your rental.

    It's not like home ownership is a rare thing, and around here (Boulder, CO) at least, some apartment complexes have begun installing charging stations.

    Personally, I charge my electric car (Nissan LEAF) almost entirely at work. I do top it up at home on weekends sometimes, and I've had occasion to charge it at various Nissan and Mitsubishi dealerships, as well as a few Walgreen's stores, but having the chargers at the office pretty much eliminates my need to charge anywhere else for normal day-to-day commuting.

  7. Re:No one will own cars on Tesla, Ford, Amazon Hint At Cloudy Future For Cars · · Score: 2

    no way am i sharing a car with any of those people. nope. you can't make me.

    Calm down. No one will try to make you share. You will be able to own your own car -- it'll cost an order of magnitude more than using an automated car service, but you'll have that option.

    In a world where self-driving cars are the norm, everyone will view vehicles the way people living in densely populated urban centers view them now: owning a car of your own will be an expensive extravagance, but you can do it if you choose to spend your money on it. Most people will just use the automated taxis, which will cost much less per mile than driving your own car does now.

  8. Re:Yvonnee Lee's resume is awful! on Reasons You're Not Getting Interviews; Plus Some Crazy Real Resume Mistakes · · Score: 1

    Apparently, she is 3rd level to me on linkedin. I looked at her Endorsed skills. Only two of them are actually skills. The rest of them are social traits.

    Me too, apparently. 3rd level to me, I mean. I love this bit from her experience descriptions (emphasis mine):

    Created an elearning and professional development website using HTML, CSS, WordPress, BuddyPress, and add-ons supporting social media, security, and social media.

    What attention to detail!

    Also, judging by the comments on this article, her community-building skills may need some work. Granted that what works with many communities is likely to be less effective on slashdot. The key to building rapport with anti-social nerds is to be one yourself.

  9. Re:"GUI File" is the Future on Oracle Open Sourcing JavaFX, Including iOS and Android Ports · · Score: 1

    "GUI File" is fine right up until your application gets more complex than a simple login page.

    This is why the web has failed for any application that requires anything more complex than a simple login page.

  10. Re:Define 'everyone' on Oracle Open Sourcing JavaFX, Including iOS and Android Ports · · Score: 2

    I can assure you Java would fall flat on it's face (in fact it and the companies that bet on it did...) if you tried to handle securities trading volumes

    Or if you tried to run really massive-scale web sites on it, like, say, Google. Oops... much of Google is built with Java, including plenty of performance-critical code.

    Java works just fine at really large scale, and at extremely high transaction volumes. It tends to require more RAM than a comparable system built with C or C++, but performance is close to identical assuming good engineering of both -- and it generally requires less effort in Java than in C or C++, even when you include the tuning efforts required to get maximum efficiency out of Java.

  11. Re:CEO Switchout on Tesla Motors Battles the New York Times · · Score: 4, Insightful

    It wasn't fully charged, but he didn't need it to be fully charged. It had plenty of charge indicated to get him to the next charging station.

    He charged until the computer said he had sufficient juice for his planned route and driving style (assuming the Tesla is like my LEAF, the car estimates your driving efficiency based on your past driving). Then he took a longer route and drove more aggressively. Surprise, surprise, the charge the computer (correctly) estimated was sufficient for one route and style was not enough for another route and style.

    This is like putting barely enough gasoline in your car for the planned journey and then taking a longer trip and wondering why you ran out of gas. The problem is between the seat and the steering wheel.

  12. Re:Revoke the keys, issue new ones on Bit9 Hacked, Stolen Certs Used To Sign Malware · · Score: 2

    Slightly off-topic, but is there something as a "Software-HSM" that can be loaded into ie an ESX server-host, that's presented as a HSM to the VM?

    Probably, but if so it would be vulnerable to hypervisor exploits, which do exist.

    If you have important keys put them in a hardware security module. Ideally, a FIPS 140-2 Level 4 certified device (level 3 is good enough, but level 4 devices don't cost any more), in a physically-secured location, with tightly-configured logical access control. If you must use VMs, get network-enabled HSMs and have your VMs talk to them.

    Had Bit9 done something like that, a network intrusion could still potentially have enabled the attackers to sign some things, but they couldn't have gotten hold of the actual key material. Plus, with appropriate auditing on the HSMs, Bit9 would have known exactly how their keys were used which may have enabled damage control less extreme than generating new keys and distributing them to every client.

  13. Re:Explains a lot on European Court Finds Copyright Doesn't Automatically Trump Freedom Of Expression · · Score: 1

    And the libertarian will also point out that the leftist's notion of societal duty is code for a collective right to confiscate the individual's goods and restrict the individual's freedom by force of arms, in whatever way the collective decides is appropriate.

  14. Re:Explains a lot on European Court Finds Copyright Doesn't Automatically Trump Freedom Of Expression · · Score: 1

    It should be noted too that, from the perspective of many rightwingers, it's the left that doesn't respect many human rights, such as the right to fully express one's own personal beliefs wherever one is just because of one's profession by, for example, forcing one to remove religious symbols from one's work desk or wall.

    The problem here is (often) that these people are all for expressing their own beliefs, but don't spent a thought on how that affects other peoples freedoms.

    Nonsense. Any time you find yourself believing that your political opponents (who comprise tens or hundreds of millions of people from all walks of life) have simply failed to consider some huge aspect of the debate, you're wrong. When you dig into it you'll find that your opponents' positions are rational and reasonable, but based on different axioms than your own. Exploring the underlying differences rarely changes anyones' positions, but is often enlightening.

  15. Re:Two factor authentication on Deloitte: Use a Longer Password In 2013. Seriously. · · Score: 1

    The phone is a second authentication factor. An attacker who knows your password does not have sufficient information to compromise your account. An attacker who has your phone (or has cloned it) does not have sufficient information to compromise your account. Only an attacker who has both can do it. That's the very definition of two-factor authentication. It makes no difference whether the authentication code is generated on the phone or only delivered via the phone.

    In fact, under some threat models there is a security advantage to not computing the authentication code on the device; it's an approach that is more resistant to attacks that use phone malware as a vector.

    Ask any real computer security expert (without the scare quotes) that you like, and they will agree. For that matter, my credentials classify me as a real computer security expert in most circles, though I'm a security engineer, not a security researcher. But I work with security researchers on a regular basis.

  16. Re:I love old news. on Deloitte: Use a Longer Password In 2013. Seriously. · · Score: 1

    Shoemaker's children...

  17. Re:But what if Java is the next WAIS? on LibreOffice 4 Released · · Score: 1

    Actually, I looked and it's a little script that generates various sizes of icons.

  18. Re:Two factor authentication on Deloitte: Use a Longer Password In 2013. Seriously. · · Score: 2

    You could easily say which bank with no risk to yourself or the bank, simultaneously allowing us to confirm what you say and avoid said bank ourselves. But no, you deliberately keep it vague and avoid mentioning the name.

    I didn't do it deliberately, just didn't do it.

    First Bank of Colorado. http://www.efirstbank.com./ Though if you really want to check my anecdote you'll have to go to a branch and open an account.

  19. Re:Two factor authentication on Deloitte: Use a Longer Password In 2013. Seriously. · · Score: 2

    That's actually a reasonable two-factor approach, IMO. The second factor is something you have: the phone. It's on you to give them a number for a phone you have fairly exclusive access to, but that's not too hard.

    As for the fact that they use it to mark your computer as "trusted", that's also quite reasonable. What they're actually doing is converting the phone call/SMS second factor into a cookie second factor. Essentially making your trusted computer's browser's cookie store the second factor. That's not tremendously secure, but it's also not bad unless your computer is compromised. The thing about many two-factor schemes is that they slow down authentication so much that people refuse to use them. So the bank allows you to degrade the security slightly via the authentication cookie (which likely expires after a while) in order to make login more convenient. If you don't want that greater convenience, don't ever check the "remember this computer" checkbox. Most people do.... and yet it really does significantly increase the obstacles for an attacker.

  20. Re:I love old news. on Deloitte: Use a Longer Password In 2013. Seriously. · · Score: 5, Interesting

    12? I know a freaking BANK where the character limit for the password is 8. Yep 8 character password to online banking.

    I was an IBM security consultant for about 10 years. I worked for all sorts of corporations big and small, talking to them about their security practices. Do you know which industry consistently had the worst security practices? Banking. It's amazing. I once talked to a bank that moves very large amounts of money (9+ figures) daily in wire transfers, communicated by kermit transfer of unencrypted files over a dialup modem. This was around 2005, and it actually wouldn't shock me to learn they're still doing it the same way.

    Now I work for Google, and part of my job entails setting up secure communications with banks. Almost without exception every bank tries to argue us into lowering our security requirements. It's not like we're asking for anything crazy, either: strong encryption and mutual authentication using standard algorithms and protocols and adequately-large keys (e.g. 2048-bit RSA, 128-bit AES, etc.), with proper key exchange protocols and periodic key rotations. It's not rocket science, but it's beyond the IT staff of most banks.

    I am frankly amazed that there aren't more major security breaches in our banking infrastructure.

  21. Re:Two factor authentication on Deloitte: Use a Longer Password In 2013. Seriously. · · Score: 4, Insightful

    As long as it's actual two-factor authentication. None of the fake crap that people call two-factor.

    No kidding. My bank (I really need to change) uses two factor authentication. To log in you have to know both the username and the password! In order to make this more secure, they apply password quality requirements to both. Yes, that's right, your username must be mixed case and contain alphabetic and numeric characters, and must be at least 8 characters in length. Symbols are not allowed, however, since that would just be weird.

    For the record, asking me to pick a picture isn't a second form.

    Most places that use a picture aren't using it as a second authentication factor. It's an anti-phishing countermeasure. The idea is that you pick a picture when you set up your account and then every time you log in you should see your picture. If you don't see your picture, then you know you aren't really looking at your bank's (or whatever) web site, but an attack site. Of course it's not an effective countermeasure against attack sites that use your credentials to connect to the real bank site in the background, get the picture from the bank and then show you what you expected to see. But it does prevent some phishing.

  22. Re:Two factor authentication on Deloitte: Use a Longer Password In 2013. Seriously. · · Score: 1

    Use Google Authenticator. The app runs on all Android and iOS devices and you can download an SDK to implement support for it in your system. If you do that, Google is not involved in the login process at all, you're just using their (open source) software, so there's no privacy impact.

    However, it's also worth pointing out that using third-party authentications from Facebook, Google, etc. via OAuth also doesn't really impact privacy as much as you might think. The third-party authenticator only knows that an authentication was done, and nothing more. Further, for web sites that implement OAuth correctly (which really isn't that hard), there's no reason to limit the third-party authenticator to those big-name providers. In fact, you can run your own OAuth server in your basement and use that as your "third-party" authentication provider, implementing whatever form of authentication you like with whatever degree of security (or not) that you want.

  23. Re:Backpackers would know this on Rich Countries Suffer Less Malware, Says Microsoft Study · · Score: 1

    Firefox has Certificate Patrol. Helped me catch multiple MITM at cafes.

    Excellent. I didn't mean to imply that only Chrome does such things. I would hope that all browsers do.

  24. Re:I really keep forgetting about ChromeOS on Why Google Needs To Launch the Chromebook Pixel · · Score: 1

    Because it's thin, silver and small?

  25. Re:But what if Java is the next WAIS? on LibreOffice 4 Released · · Score: 1

    PHP, I don't know. I'd guess the C# has to do with some bit that integrates with .NET environments.