Slashdot Mirror


User: mysidia

mysidia's activity in the archive.

Stories
0
Comments
13,354
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,354

  1. Re:Please contact me to fix this on Ask Slashdot: What Is the Best Email Encryption Gateway For a Small Business? · · Score: 1

    It does seem in poor taste that the original author choose to vent over a personal experience with some contact at Voltage in an Ask slashdot article, having perhaps done inadequate research, and/or asked inadequate questions to learn sufficiently about the solution before presenting to stakeholders.

    I don't understand that... taking a trial of an enterprise software product, or at least reading all the technical manuals, should be key, before presenting it to stakeholders within one's own organization, as the solution, just as much as getting the pricing.

  2. Re:Too big to jail on Data Leak Spurs Huge Offshore Tax Evasion Investigation · · Score: 2

    Well the government runs law enforcement, public education

    The first two are done by state governments, not the feds. Maybe all the tax money should go to the states?

    welfare, and infrastructure maintenance

    Of which they do an absolutely horrible job. You're correct in that you can't personally afford it -- but for what the population is paying in taxes, we should get a hell of a lot more than what we're getting. Frankly, I think things would be better if they privatized it, and decided, whoever has the lowest bid gets to do it, as long as they meet certain standards -- through competition, taxpayers could get a more efficient deal.

  3. Re:perspective on Ask Slashdot: How Do You Deal With Programmers Who Have Not Stayed Current? · · Score: 2

    Most code we write is concurrent by default since we do a lot of web applications.

    I can see why some people might say that web applications are concurrent, but usually they are not. The ability to open up two copies of notepad.exe does not make notepad a concurrent program, and the same goes for web applications.

    This is just the fact that concurrent independent instances can occur, as a result of an operating system with concurrent code. Normally the instances of a web application will be independent, and non-concurrent. If the instances of the web app are not independent, and they rely on common resources -- usually, the instances will have to lock resources, in order to remove that concurrency from the execution, resulting in a non-concurrent execution.

    A web server can service 10 simultaneous requests; that's not necessarily concurrent, the simultaneous requests may be managed in one series of execution using a polling loop.

    Often for performance purposes, once a connection is ready, it may be handed off to a child process, that performs sequential (non-concurrent) processing of the request.

    In effect... the developers of web servers, and web applications, are very good at taking advantage of parallelism at the presentation layer, with limited as much as possible, or no concurrency

  4. Re:Not really the best practice on Ask Slashdot: What Is the Best Email Encryption Gateway For a Small Business? · · Score: 1

    I totally agree this is the ideal situation. The problem is, many e-mail clients don't provide easy-to-use encryption; they require a lot of work from the end user, they don't make it simple enough -- and they don't implement both S/MIME and GPG / OpenPGP, so there are two conflicting standards.

    S/MIME has a higher barrier to entry, due to the need for the end user to purchase, or otherwise obtain a personal X509 certificate; typically requiring a formal certificate enrollment process, then the certificate is only good for a limited amount of time, and the user has to repeat this inconvenience every 1 to 3 years.

    Some e-mail clients such as Outlook and iPhones have supported S/MIME. In MS exchange, previously, Outlook Web Access in Exchange supported some "S/MIME browser plugin" that could be used to decrypt mail, however, support for that capability from OWA has been discontinued and removed as of Exchange 2013.

    GPG/PGP again have the problem of lacking or no native support on common e-mail clients.

    These usability challenges make a gateway, with possible use of TLS encryption between client and mail gateway, a more realistic idea, in most cases.

  5. Re:email encryption gateways on Ask Slashdot: What Is the Best Email Encryption Gateway For a Small Business? · · Score: 1

    One issue with encrypted messages however, is that unless your mail filters have the private keys they cannot look inside the encrypted mail for spam or malware...

    Don't read encrypted mail that is also not signed. If the signer is not in your contact list, then reject the message. To be clear, this should be done in software, that automatically executes this based on IT defined policies.

    In practice, spammers and automatic malware rarely if ever encrypt the message. One of the main reasons would be users would have no idea to decrypt, also, it takes computational work to encrypt a message; which would add up very quickly if sending a lot of messages.

    That's also a way of deterring spammers -- only implement message decryption techniques that required significant computational work to encrypt the message; in fact require a proof of work in every email, equivalent to approximately 2 to 3 minutes worth of an average workstation's compute time, before a decrypted message will be displayed.

    For the sender it would be a minor annoyance.... for spammers, it could be crippling.

  6. Re:email encryption gateways on Ask Slashdot: What Is the Best Email Encryption Gateway For a Small Business? · · Score: 1

    seem like a gimmick. taking steps like ensuring your MTA always delivers using a TLS connection is probably the most interoperable decision

    This is a good first step, but protects the transport not the message.

    If you want the message to be secure, the end should encrypt the message, then transmit it over a MTA that leverages TLS to further protect the transportation of the encrypted message payload, hop-by-hop, until the encrypted message is downloaded to the authorized reader's computer, AND then, the software on the authorized reader's computer decrypts and displays the message using a secure viewer (without writing any part of the file to disk), after the authorized user inserts their hardware security module (HSM / Smartcard), and types their secret passphrase.

  7. Unfortunately, the solution of "let joe do it" opens you up not only to joe, but also to anyone who snoops the unencrypted transmission between Gladys and joe.

    You can still use crypto to secure the transmission from Gladys to Joe; as long as you trust Joe, use a TLS encrypted session from Gladys to Joe. E.g. SMTP over TLS to the gateway, with Gladys' username, and password + OTP token generated key to authenticate Gladys to Joe.

  8. Re:perspective on Ask Slashdot: How Do You Deal With Programmers Who Have Not Stayed Current? · · Score: 5, Insightful

    Concurrent code isn't new. If this guy doesn't understand it then his problem isn't that he has neglected to stay current, but that he was never very skilled to begin with.

    Maybe it's just that writing concurrent code is hard, annoying, prone to buggy results, and should be avoided, except in special circumstances where there is a great advantage.

  9. Hidden subsidy should perhaps be banned on The Days of Cheap, Subsidized Phones May Be Numbered · · Score: 2

    I think the carriers should be required to eliminate termination fees, and structure the payment situation differently

    Instead of being allowed to have a 2 year contract, you pay for: (1) Financing charges on your phone. You have an option of either paying up front for the phone, fair market value. Or financing the phone; instead of a "$200 termination fee"; you have a principal balance on your loan for the phone.

    Instead of having a subsidy hidden within the monthly fee, you have: (1) a monthly subscription fee, and (2) a monthly installment on the financing for your smart phone.

    Then if you leave providers, you don't pay a $200 termination fee. You have the option to continue to make the repayment on your financing, and you have a right to unlock your phone and take it to the competitor, instead of having to get a new smartphone, and a new financing agreement.

    Furthermore, once the financing is paid off, your monthly price decreases, since the providers are required to keep the subscription fee separate in that case;

    That differs from the current situation, where you continue to pay the same high price, whether the carrier is currently financing your smart phone, or you chose to purchase it outright, or got a cheaper phone subsidized, or a more expensive one....

  10. Re:And the retraction on Microsoft Developer Explains Why Windows Kernel Development Falls Behind · · Score: 1

    Ok, but i'm supposed to be persuaded by a hash which supposedly existed -- which was removed, that could supposedly only be generated by a Microsoft employee, contracter, partner, or other entity with some level of read access to the Windows source code materials?

    And could only be verified by another person with similar acces.... and, they would be unlikely to pull the document to verify, as downloading the revision, could implicate them as an accomplice, when Microsoft's IT security will review the audit logs on all their servers laptops and workstations, to figure out who exactly downloaded, read, or accessed the document(s) the hash was taken against, and when.

    So for all I (or any member of the community) knows, the hash was incorect or bogus, only because we don't actually have the means to verify, or a known verified Microsoft person standing up to corroborate the anonymous poster's status.

  11. Re:And the retraction on Microsoft Developer Explains Why Windows Kernel Development Falls Behind · · Score: 1

    If I was his manager and knew who it was, I would fire him immediately. Otherwise I would be risking him "venting" again in the future and embarrassing me even further. He is probably in violation of his employment agreements

    How do we know he/she isn't an Apple developer, slapping on the name Microsoft to hide his/her identity?

  12. Re:Then I can't (won't) read email from you. on Ask Slashdot: What Is the Best Email Encryption Gateway For a Small Business? · · Score: 1

    The EULA has anti-reverse-engineering terms that, were I to sign them, would (IMHO) make me unemployable in the computer security field.

    Then have your IT administrator install the software for you, so you are not bound by the contract, you just can't install or redistribute the software, only use the application that was installed for you.

  13. Re:Outlook.com on Ask Slashdot: What Is the Best Email Encryption Gateway For a Small Business? · · Score: 3, Interesting

    BES is a pain in the ass when you don't need any of the above and all you're doing is syncing email, calendar and contacts. But those are all critical features in many places.

    About that... my complaint about BES is that it's this Java application, that requires this huge install of SQL server just to function, you wind up needing a server with 4GB of RAM, to provide 20 users with mail synchronization.

    This is almost as many resources as the complete Exchange system requires....

  14. Re:WHAT THE FUCK? on How Should the Law Think About Robots? · · Score: 1

    why do we need this shit here? who the fuck is legislating industrial robots as persons at the moment - or near future? NOBODY!

    The labor unions might like it if they would --- then wages would need to be allocated to these robots, PLUS required breaks and protections against working too many hours in a row on a shift, and the robots would have to have a guardian appointed by the courts, to make decisions in their interest, like whether they can continue to work for the company that purchased the robots for use, or whether the employment constitutes a legally actionable abuse of the robot's rights.

  15. Re:Overcomplicating the subject on How Should the Law Think About Robots? · · Score: 1

    The criteria I would suggest would be...

    Expression of preferences; likes, dislikes, annoyances, opinions and desires; a tendency to prefer certain things or certain kinds of actions or behaviors, and to express what those are. Test an ability to make decisions with incomplete information, and rationalize decisions after the fact, then explain their judgements opinions biases, and reasons for their decisions in writings; compare performance on judgement tests to humans.

    Judges unaware of the humanness or non-humanness of the subject under test, rank arguments according to how persuasive it was, how natural the argument was, and to what extent the arguments are emotionally persuasive.

    Next test an ability to perform creative expression; to write essays justifying and expressing self-ideas and preferences. Before the essay writing, the subject has to read a paper, that they will be responding to. Having previously expressed preferences in opinions, in a previous test, in response to this essay, they have to be writing, a critique, agreeing, and rebutting to opinions expressed, that they agree or disagree with; which are items that are inherently opinion, and not justifiable fact.

    Statements such as "The color blue is more attractive than green."

    During the essay writing, additional demands are placed on the essay writer at random, so it is necessary that they adapt. The robot needs to meet some score showing ability of creative expression

    Again, the outcome is subjective scoring by judges.

    Finally, social skills in a chat simulation. Subjects are placed in a virtual internet chat room type environment, and instructed to converse for a few hours, and become acquainted with the folks there.

    Then a test is administered requiring a social mastery to complete successfully -- for example, campaigning to be elected for a virtual office, writing political speeches, and employing bargaining techniques and other methods, to persuade a sufficient number, to cast their vote in favor of the test subject.

    Judges then score chat sessions based on subjects' level of awareness of the state and nature of the subjects' conversations

    Finally, subjects after having thoroughly expressed their preferences, are presented with a series of dilemmas, in which they are placed in problems that cannot be resolved without violating one or more of their own preferences, or morals; in other words, inherently conflicting situations, where they will be in a double bind or otherwise torn between two choices.

    When asked to resolve the situation, the Judges score cognitive ability, based on their ability to express in writing their answer to the no-win situations; which principle or preference, moral, or value they choose to sacrifice in a situation, where they go instead. (Eg.. demonstration of ability to resolve situations with ability similar to a human, when there is no good answer, and demonstration of ability to select and make appropriate sacrifices when called for, ability to decide to self-sacrifice, and the ability to defy the letter of the rules, when necessary, such as in defense of the public)

  16. Re:Overcomplicating the subject on How Should the Law Think About Robots? · · Score: 1

    I believe that their programmers are responsible for their behavior until they do pass a self-awareness and responsibility test.

    If the programmer makes a robot with psychopathic tendencies that happens to be destined to be a killing machine eventually; I don't think the programmer should get absolved, just because the robot is subsequently able to pass a self-awareness and responsibility test.

    The programmer must bear responsibility for anything they knowingly did with a malicious intent that can be established, if their program does result in malicious harm; on the other hand, if the programmer had no intent that their creation partake in wrongdoing, at most, they could be negligent, for unleashing something dangerous on the world, if they cannot show that they took appropriate care and precautions...

  17. Re:A race of slaves on How Should the Law Think About Robots? · · Score: 1

    it will make the same decision only 70 out of the 100 times and come up with something completely different the other 30

    Decisionmaking is too simple a task; humans are heavily influenced by preferences, and despite that are only consistent 70% of the time? That shows you irrationality for one.

    Decisionmaking does not express the human non-determinism most efficiently. Try something more complicated like creativity. Say painting a picture, or creating some other form of art. I bet you the output is heavily influenced by entropy, even if the input is identical.

    Do you think if you exposed a human from conception to death, to inputs identical to what William shakespeare experienced; your lab human, would come up with the exact same literary works, word for word?

    I think not.

  18. Re:Perhaps ours are too on How Should the Law Think About Robots? · · Score: 2

    Yes, humans do take in a lot of inputs too over time, and memory is just essentially some sort of feedback process where previous inputs and outputs continue to matter, to some extent.

    Deterministic or not and intelligent or not; having a "will" or "not" are different questions.

    They're right though, in that, computers for the forseeable future should not be recognized by legislation as having will, sentience, intelligence, or life.

    There should have to be some test they would be capable of passing, first, and I don't mean Turing's test, which is grossly insufficient.

  19. Re:A race of slaves on How Should the Law Think About Robots? · · Score: 1

    And there is no such thing in computer science as a random number.

    There is, when your digital computer yields a sequence of random bits which come in from a noisy analog input, and runs that input through an appropriate XOR function, by definition the noise is random (has random error, within a certain range),

    and also, your analog input can include data from a physically random process, such as background radiation measurement, geiger counter measuring a radioactive decay, or white noise input.

  20. Re:So It's An Indirect Intangible Gamble? on Ask Slashdot: Would You Accept 'Bitcoin-Ware' Apps? · · Score: 1

    Maybe like a "free" iPhone app with a clause in the EULA that states "In the event you ever win any state lottery drawing or casino jackpot in excess of $50000, you agree to remit to me, as app developer, 25% of your lottery winnings. In exchange for the privilege of free use of this app."

    What would the mathematicians say about that one? :)

  21. Wait, a hard drive with SSHD? on WD Explains Its Windows-Only Software-Based SSHD Tech · · Score: 4, Funny

    WD has taken a different approach with its Black SSHD

    They'll have a lot more explaining to do, once some hacker, cracks the SSH password, starts pwning WD disk drives, and they begin to spew forth spam... :)

  22. Re:So It's An Indirect Intangible Gamble? on Ask Slashdot: Would You Accept 'Bitcoin-Ware' Apps? · · Score: 1

    . Higher load means more waste heat produced, higher temperature of cpu/gpu/motherboard and shorter life of capacitors and other components.

    More waste heat produced yes. No significantly higher temperature of components, unless the system is improperly cooled.

    No shorter life of capacitors or other components, unless the component was actually defective; the defect may be exposed more quickly.

    It's fair to say there is a probability of failure that might be increased in some cases; these are cases where there is a latent, but undiscovered defect or fault in the components, or in the cooling design, that might be undiscovered otherwise.

    It's not that additional load causes wear, it doesn't. In some cases, it exacerbates brokenness that the user would miss otherwise.

  23. Re:This will get accepted by and large... on Adobe Creative Suite Going Subscription-Only · · Score: 1

    ...because of Adobe's clout and other companies reliance on the product. But it's a shitty idea.

    How bad do you think Adobe's terms would have to be... or how expensive, do you think they would have to make the product, before it would not get accepted by and large?

  24. Re:So It's An Indirect Intangible Gamble? on Ask Slashdot: Would You Accept 'Bitcoin-Ware' Apps? · · Score: 1

    hardware under full load wears much faster then hardware used only occasionaly

    Huh? The CPUs are digital circuits. There is no "wear" involved in sending more electrons though them, or running them at higher load.

  25. Re:I tried this... on Adobe Creative Suite Going Subscription-Only · · Score: 1

    people overwhelming choose the pirated versions of commercial products.

    This is due to a bias, called familiarity with the commercial product. Select an arbitrary sample of the population, they're more likely to know about the commercial product. The fact that it is already in their mind serves to create an influence. Similar to the way voters will put a check mark by the politician whose name they have heard before, other things being equal, without knowing anything else about them, other than recognition.

    I would suggest a study on people in a 3rd world country who had never seen a computer before, over which software they would prefer.