Slashdot Mirror


User: swillden

swillden's activity in the archive.

Stories
0
Comments
18,006
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 18,006

  1. Re:Good grief. on Microsoft Patents Looks-Are-Everything Dating · · Score: 1

    What's gong on at the Patent Office? I'm starting to think they all need to be drug tested.

    They can't do it because a method for selecting patent office workers based on analysis of drug use has already been patented.

    That reminds me of a really good quote: No drug, not even alcohol, causes the fundamental ills of society. If we're looking for the sources of our troubles, we shouldn't test people for drugs, we should test them for stupidity, ignorance, greed and love of power. -- P. J. O'Rourke

    I can implement that test in software:

    bool o_rourke_test(const Person& person)
    {
    return true;
    }

    Accurate, but hardly useful.

  2. Re:First things first on How Do You Prove Software Testing Saves Money? · · Score: 1

    Write a test case for just that and include it as part of the build process.

    This.

    Setting up a comprehensive test suite for the whole application would be a huge, and hugely expensive, undertaking. The odds are basically zero that it will pay for itself in much less than a decade. However, writing a test case for each bug you fix will only increase the cost of the fixes somewhat, and will ensure that regressions are noticed quickly.

    To make this work you will have to invest some time in creating the test infrastructure and wiring it into the build process, but there are plenty of tools that provide the foundation for whatever language you're using, so this shouldn't take more than a day or two. You may have to go to your management and get permission to take the time to do that, or else you can do it bit by bit over time in spare hours, or even just stay late a few nights and do it on your own time.

    But before you do any of that, the first thing is to get buy-in from the other developers. Well, you may want to put the test framework together and write a test or two so you can show them what you're talking about. Management buy-in is good, but buy-in from your peers is essential unless you can get VERY strong management support. If other developers won't write test cases or, even worse, remove or disable your test cases, then this test suite idea is going nowhere.

  3. Re:yeah, "right" on The Right's War On Net Neutrality · · Score: 1

    The "right" is against NN because they are paranoid of increased government powers.

    Wow you have been brainwashed.

    Ok, if that were even close to the case where was 'the right' during the 8 years of HUGE power grabs during W's years? Oh they were busy telling anyone that if they disagreed with such measures that they were un-American and whatnot.

    The right is very happy to increase government power when it's to implement their agenda. That agenda, however, isn't as simple as "make the rich richer", in fact that's not really part of it at all, except insofar as both major parties are entirely too motivated by corporate donations. No, the Republican "ideology", if you want to call it that, is a set of disconnected notions around moral values (abortion bad, homosexuality bad, Islam bad, Christianity good), fear-driven protectionism (fear of terrorists, fear of immigrants, fear of drug addicts, fear of criminals), economic freedom (my stuff is mine, fear of taxes) and patriotic emotion. The main reason these ideas are very disconnected and occasionally self-inconsistent is because they come from different people. Sub-groups within the Republican party champion various of these issues.

    I know you're going to say I've been duped by the cover issues used to hide the real agenda, but I haven't. You're making invalid assumptions of unified purpose -- and a large body like the Republican party simply cannot have a unified purpose. There are definitely some people who use the party to push their personal wealth-making agenda, but they're exploiting an opportunity, not setting party goals. The same thing happens in the Democrats, actually, though the exploiters tend to come from somewhat different segments of industry (sometimes).

    Getting back to your "question", one thing the vast majority of Republicans actually do agree on is that big government is bad -- in theory. In practice, they're willing to accept it as long as it appears to helping whatever is personally important to them. During most of Dubya's years, "fighting terrorism" was an agenda item that united nearly all Republicans and a huge portion of Democrats as well, so massively expanding the federal government in the name of that goal was okay. The Medicare expansion was more controversial, but Bush did it during the time when Republicans were rallying behind him, and complaints were silenced with "Well, we need to give the Democrats something so that they won't oppose The War", not to mention the fact that a huge part of the active party membership is graying, and poor enough that they'll benefit.

    So, no it's not all about "riches for the rich". It's not really about that at all. Democrats are the people who think in terms of class warfare. When they're not busy giving big corporations what they want in exchange for campaign contributions, that is.

    In the case of NN, I think the bottom line is that there's very little true ideology around it outside of geek circles, which are too small to matter. This dearth of real opinion has left the topic ripe for subversion by small special interests -- in this case, big ISPs. By itself, that probably wouldn't work, but the fact that some prominent Democrats have gotten on board with NN has lead prominent Republicans to jump on the other side purely to make political hay. Being that said Republicans don't understand the actual issues, and have zero motivation to (since they don't really care about NN, but about beating up Democrats), all sorts of wild things have been spouted.

  4. Re:What if they just don't? on NASA To Continue Funding Canceled Ares Project Until March · · Score: 1

    How bad would the penalties be?

    ATK would sue, and a federal judge would direct the government to pay up, plus whatever penalties the judge felt were appropriate.

  5. Re:It will prety much suck for quite some time. on After IPv4, How Will the Internet Function? · · Score: 1

    you could actually have written that as 2001:0db8:85a3::8a2e:0370:7334

    Or as 2001:db8:85a3::8a2e:370:7334 (leading zeros in 16-bit chunks can be omitted).

    Or even better, if you're going to have to remember the IP address of this machine, choose something more memorable for the bottom 48 bits. Like 1, which makes the address:

    2001:db8:85a3::1

  6. Re:It will prety much suck for quite some time. on After IPv4, How Will the Internet Function? · · Score: 1

    2600000.35.1254.1785

    Is one hell of a lot easier to remember then

    2001:0db8:85a3:0000:0000:8a2e:0370:7334.

    Nonsense. For that address, all you have to remember is db8:85a3, which is LOT easier than 26000000.35.1254.1785.

    How is it that you only need to remember 8 hexadecimal digits to know the whole thing? First, the 2001 prefix is assumed. Second, the bottom 48 bits (8a2e:0370:7334) is probably your MAC address, or maybe it's randomly-generated, but whatever the case, it's completely arbitrary. Replace that with anything else and it's the same host, so pick something much nicer like, say, 1. Now your full address is:

    2001:db8:85a3::1

    The IPv6 address of the machine I'm typing this on is (from memory) 2001:470:d:36b::1. The only part of that I actually remember is "470:d:36b".

    All of which just raises the question of whether or not it really matters that you be able to remember IP addresses anyway. Quick, without looking, what's the publicly-routable IPv4 address of the machine you're using?

  7. Re:Don't compromise ... on TSA Investigates Pilot Who Exposed Security Flaws · · Score: 1

    Your lack of reading comprehension skills is showing.

  8. Re:Simplified on Recording the Police · · Score: 1

    You must live in California, because that looks to be exactly the case as it stands here

    Actually, I live in Utah. I'm pretty sure that what I described is the law nationwide.

  9. Re:Simplified on Recording the Police · · Score: 1

    a police officer holds the special right to employ coercion (meaning physical force) against you (not in defense, but in offense).

    Maybe the law is different where you live, but that is not the case where I live. In my state, there is very little difference between the legal right of an average citizen to forcibly detain suspects and the the similar right of a police officer. The only differences are:

    • Citizens may only arrest for misdemeanor crimes if the crime was committed in their presence. Police don't have to have been there, they just have to have probable cause.
    • Police are allowed to use deadly force to prevent the escape of a fleeing felon, if they reasonably believe it's necessary to prevent danger to others. Citizens may not use deadly force to arrest or detain.

    That's it. Other than those two items, I can use force against others in exactly the same ways that police officers can.

    That said, although your claim is spurious in my jurisdiction (and in most, if not all, in the US, I expect), there is still an difference in perceived power, and that power difference is plenty to justify scrutiny, IMO.

  10. I agree on Should Wikipedia Just Accept Ads Already? · · Score: 1

    Google has shown us all how advertising can be done so that it's not intrusive and even occasionally useful. Wikipedia could provide article-relevant text-only ads that would really be a lot less bothersome than the huge beg-banners and would give them all the money they need. They could also use the slashdot model and suppress the ads for users who make a small annual donation.

  11. Re:Surprise move? on Judge Declares Federal Healthcare Plan (Partly) Unconstitutional · · Score: 1

    OTOH, you can Never. Ever. Change. Jobs.

    Well, you can, if you can find one with insurance that actually covers you fast enough. But even if you find one with good insurance, that waiting period will kill you.

    The key is just to make sure you never have a lapse in coverage. This means that if you're laid off you have to pay the crazy COBRA premiums while you're looking for a new job.

    Yes, if you're out of work for a long time, this will be really hard, and may be impossible. I know a couple of people who had to take low-paying jobs just for the insurance so they could avoid having a break in coverage.

  12. Re:Here is the stat that really matters on Statistical Analysis of Terrorism · · Score: 1

    Although I don't agree with the GP's post, I don't agree with your arguments. You still have some control over your safety.

    I was stopped at a red light and the one-ton pickup truck coming down the road behind me at 60 mph somehow didn't see either me or the light and slammed into me

    Were you looking in your rear view mirror? Did you not see a 60mph pick up truck heading towards you? You can definitely see if it was slowing down or not.

    Yep, I saw it in my rearview mirror as it came into view topping a rise behind me. I saw it two seconds before it slammed into me and had just enough time to slam the clutch to the floor and get the gearshift into first.

    There is absolutely no way I could have prevented that. Actually what I was able to do almost worked against me in the police report, because they were somewhat skeptical that I was really stopped based on the lack of skidmarks from my car -- which was because I had gotten off the brake and had gotten my driven wheels disconnected from the engine.

    Of course, my actions did nothing of substance to mitigate the effects of the collision.

    My aunt and uncle were in a quad-cab pickup truck with their friends, who drove through a country intersection in which the cross traffic had a stop sign. The driver of the semi truck coming down the road failed to notice the stop sign (or the large "STOP" painted on the road a couple hundred yards before the stop sign) and t-boned them at probably 65 mph

    Sorry to hear they were killed, but once again, did you aunt look? Was there not enough visibility that she could not see the 65 mph semi-truck?

    Nope, the roads were lined with trees. There was no way to see the oncoming truck.

    And those are just incidents at intersections. I can give you a dozen other scenarios I've witnessed or know people who were involved in that were also completely unpreventable because they were entirely caused by errors by another driver.

    Of course, there are also MANY situations in which you can avoid or mitigate the results of another driver's actions -- but there are some in which there is absolutely nothing you can do. That's a very unpleasant fact, and I can see why people don't really want to believe it, but it's the truth.

  13. Re:Surprise move? on Judge Declares Federal Healthcare Plan (Partly) Unconstitutional · · Score: 1

    Actually, the bulk of the costs were to a mental health facility with whom my insurance company doesn't have an agreement and actually has to pay the full bill. I know this for sure because the facility didn't even bill my insurance directly -- I paid them and the insurance company reimbursed me.

    As for the insurance company canceling my policy, it's not going to happen. My employer wouldn't stand for it.

  14. Re:Surprise move? on Judge Declares Federal Healthcare Plan (Partly) Unconstitutional · · Score: 1

    100% agreement.

    I've thought for some time that it would be better if the federal government taxed the states rather than the people, but you propose a different approach than what I thought of. My idea was for the federal government to pass its budget and then allocate the cost to the states proportionally based on state GDP. I would also want the 17th amendment to be repealed so that the US senators who have to approve the budget are beholden to the state legislatures who must fund it.

    Your approach is interesting to me, though. Basing the federal income on a portion of state revenue may be cleaner.

  15. Re:Surprise move? on Judge Declares Federal Healthcare Plan (Partly) Unconstitutional · · Score: 1

    Umm actually, the Dwight D. Eisenhower National System of Interstate and Defense Highways disagrees with you, as it was built for military purposes and thus is well within the constitutional bounds of government. Also, it does facilitate and aid interstate commerce, while still being managed by the states.

    It's used by the postal service as well. Post roads are among the federal enumerated powers/responsibilities.

  16. Re:Surprise move? on Judge Declares Federal Healthcare Plan (Partly) Unconstitutional · · Score: 1

    There are two kinds of people in this country: Those who are happy with their insurance, and those who have had a major sickness.

    My wife has chronic kidney disease and my daughter suffers from severe mental illness that has required her to be in residential treatment for most of the last 18 months, at costs often exceeding $15K per month for treatment, plus another $1-2K for medication. She also has a cyst in the frontal cortex of her brain (which, the doctors say, is actually unrelated to her mental illness). My total medical and mental health expenditures for 2010 have exceeded $100,000 -- or would have if I were paying the bills myself. For 2011, my daughter is probably going to have brain surgery to remove the cyst, and of course many of her other bills continue (though she's no longer in residential treatment and is doing much better, in large part due to the very expensive medication).

    I'm happy with my insurance.

    I guess I'm in some sort of elusive third category?

  17. Re:Surprise move? on Judge Declares Federal Healthcare Plan (Partly) Unconstitutional · · Score: 1

    California. A State, not the Federal Government.

    Exactly. Many people don't seem to understand that our constitution was designed to make the scope of state powers vastly larger than the scope of federal powers. The federal government was intended to be restricted to a specifically enumerated set of powers, with everything else left to the states.

  18. Re:Here is the stat that really matters on Statistical Analysis of Terrorism · · Score: 4, Insightful

    you can have an arbitrarily high level of control over your vehicle safety and over how severe crash would be

    Bullshit.

    I had an accident a few years ago. I was stopped at a red light and the one-ton pickup truck coming down the road behind me at 60 mph somehow didn't see either me or the light and slammed into me. It was miraculous that I survived and didn't have any crippling injuries. What, exactly, could I have done to "have an arbitrarily high level of control" over my safety in that situation, other than stay off the road?

    Another example: My aunt and uncle were in a quad-cab pickup truck with their friends, who drove through a country intersection in which the cross traffic had a stop sign. The driver of the semi truck coming down the road failed to notice the stop sign (or the large "STOP" painted on the road a couple hundred yards before the stop sign) and t-boned them at probably 65 mph. All four people in the pickup were killed. What, exactly, could they have done to "have an arbitrarily high level of control" over their safety in that situation, other than stay off the road?

    The truth is that no matter how careful and skilled a driver you are, when you're on the road your life is in the hands of whatever other drivers happen to be nearby. Generally, they're at least careful enough and skilled enough not to hit you. But sometimes they're not, and there's nothing you can do about that.

    And you're vastly, vastly more likely to be killed by one of those people than you are by a terrorist.

  19. Re:"Too fast to be true" on SHA-3 Finalist Candidates Known · · Score: 2

    Actually, to defeat a hash, you need only defeat the last repetition, so, no, iteration doesn't help.

    Cite?

    The sort of attack you're talking about, where speed is a factor, is a dictionary attack. The attacker has reason to suspect that the input is from a relatively small set (e.g. it's a human-selected password) and it's therefore feasible to hash every element in the set and compare each output with the known hash value. If the hash is fast enough and the set is small enough, this may be feasible.

    One way to defeat that attack is to increase the set size, but in many cases (like passwords) that's not feasible. So another way to defeat the attack is to use a slow hash, because then testing each dictionary entry will take long enough that searching the dictionary isn't practical. On the other hand, the computation required to compute one hash during a login is fast enough to be acceptable.

    So, under that scenario, look at iterating your fast hash to create a slow one. How do you "defeat the last repetition"? What does that even mean? Are you assuming that you can actually reverse the hash, a pre-image attack? If that's the case, then brute force is the least of your worries. And without that, what does it even mean?

    Suppose you could somehow find out what the output of the n-1 iteration on the actual input was. What have you achieved? Well, to find out which input to iteration 1 maps to that n-1 iteration output you need to... search your dictionary applying n-1 iterations to each entry.

    Either you're talking about something completely different, or you're up in the night.

  20. Re:"Too fast to be true" on SHA-3 Finalist Candidates Known · · Score: 1

    Technically, if your hash algorithm is too fast, it gets easier to brute force. So it isn't completely unscientific.

    Only if the input is small, which translates to "only if the protocol designer is clueless". Also, you can always make a fast algorithm slower by iterating it, so your point is irrelevant.

  21. Re:Not valid on A Nude Awakening — the TSA and Privacy · · Score: 1

    If you look at the security checks at some UK airports, you will see that there are several ways that you can completely bypass the security checks, with just a little bit of timing. If you look very carefully, you will spot the concealed cameras pointing at these areas. Part of the point of the ludicrous security procedures is to make potential terrorists try to bypass them, and conveniently separate them into an area where they can be apprehended.

    How many have been apprehended?

  22. Re:Some publishers do without DRM on Google eBookstore Launched · · Score: 1

    - such as No Starch press (http://nostarch.com), and quite possibly others.

    Don't forget the biggest of the DRM-free ebook publishing houses: Baen.

    They focus on a fairly narrow niche (Sci-fi, especially military sci-fi, with some fantasy), but within their niche they're a dominant dead-tree publisher and in general I think they were the first e-book publisher to really "get it". Everything they sell is available in multiple non-DRM'd formats, their prices are reasonable ($4-$6 for individual books, or they sell $15 bundles containing 5-6 books) and they even offer a Free Library containing complete titles from all of their top authors. They've also pioneered an interesting practice of including a CD with dozens of full novels (mostly NOT from the Free Library) in the back of their hardback editions, and they actually encourage sharing of those CDs and fully support the efforts of someone who has put these CD images online for free download.

    Baen has been selling e-books this way for over a decade now (since 1999), and what started has something of an experiment has continued as a very profitable business plan.

  23. Re:Not valid on A Nude Awakening — the TSA and Privacy · · Score: 1
    You need to re-read my post, and understand it this time.

    Your rabbits foot does not come into contact with a terrorist trying to sneak something onto a plane. The current security system does in that they have to go through it to get a person on a plane.

    But they don't have to do anything that will get that person caught. It's a very simple problem from their perspective: Understand the system, then pick a plan that the system cannot stop.

    Also, what makes you think they have to go through the security system at all? The passenger entrance is far from the only way into an airport.

    Finally, why should they bother with trying to kill people on airplanes? Why not in concerts, malls, sports arenas -- or, heck, in airport security lines? Or if you want to use a plane as a missile, go to the GA side of the airport and get on a UPS 747, take it over and crash it into something. Much easier than dealing with a couple of hundred angry passengers.

    Your argument is like a guy wearing a colander on his head saying that he doesn't dare take it off because his hair will get wet. How does he know his hair will get wet? Because he's been wearing the colander and his hair has stayed dry!

  24. Re:They didn’t sue them... on Single Software Licence Shared 774,651 Times · · Score: 1

    The story is either here or here. I don't remember which, but they're both well worth reading.

  25. Re:Stop using risk as basis of argument on A Nude Awakening — the TSA and Privacy · · Score: 5, Insightful

    But to me it's absurd to claim that we should drop security measures that may be preventing terrorist attacks because of the rate of said attacks being so low. As in, we have no idea how likley they are wihtout these measures.

    Well, since 9/11 I've been taking care to always carry my lucky rabbit's foot when I travel. We have no way of knowing how likely terrorist attacks would be if I didn't have my rabbit's foot.

    Seriously, though, there IS a way to determine the effectiveness of security protocols. We can enumerate potential attack vectors, examine each one's potential cost and likelihood of success, examine the various threat mitigation options available, evaluate their expected effectiveness and then test them to determine their actual effectiveness against the postulated attack vectors. We can also look at the potential damage of various attacks and factor that into the overall risk management strategy.

    Doing that sort of analysis on my rabbit's foot would quickly show that it doesn't mitigate any real risks. I may find it comforting, but that's all.

    Doing that sort of analysis on the TSA's security procedures shows roughly the same, for exactly the reason the author of the article mentions: TSA security is reactive, while terrorism is innovative. There's a wide, wide world of possible attacks... far more than we could possibly defend against with any specific set of countermeasures. For every threat vector successfully mitigated by the TSA's procedures, there are dozens more that are ignored. The article mentioned one very simple, obvious and already-proven method of completely bypassing the pat-downs and backscatter scanners -- body cavities. Unpleasant, yes, but very workable.

    And that doesn't even get into the question of whether or not the TSA countermeasures successfully prevents the specific attacks they're supposed to guard against. Witness Adam Savage's experience of passing through the backscatter x-ray machine with a pair of 12-inch razor blades. Even more to the point, the TSA has more or less admitted that it doesn't run penetration tests against its procedures because when it does the penetration is usually successful.

    So we have security measures that don't stop what they're supposed to stop, and don't even attempt to stop a whole bunch of other stuff that's just as bad. How is that any different from my rabbit's foot? Well, other than being a lot more expensive, intrusive and obnoxious.

    If anything we've been doing since 9/11 is responsible for the singular lack of successful terrorist attacks, it's our investment in intelligence and police work. Especially tracking down and stomping on the money supply. In actuality, I'm not sure that the real risk even justifies THAT investment, but at least that is an approach that has some possibility of working, by getting ahead of the terrorists. Instituting additional rounds of "security" countermeasures that might, maybe, thwart the last bozo's failed attack -- which, we should note, was thwarted without the new security countermeasure, is just doing something for the sake of doing it. Like my rabbit's foot, it might make people feel better, but it won't actually make them any safer.