Slashdot Mirror


User: julesh

julesh's activity in the archive.

Stories
0
Comments
8,446
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,446

  1. Re:Sounds more like FPGAs on World's First Polymorphic Computer · · Score: 2, Interesting

    Reconfigurable computing using a bunch of FPGAs.

    All FPGA vendors now offer CPU cores (or you can get others from opencores.org). These cores can do a slew of different functions from DSP to straight CPU functions... and yes they do run Linux!


    '"In laboratory testing MONARCH outperformed the Intel quad-core Xeon chip by a factor of 10," said Michael Vahey, the principal investigator for the company's MONARCH technology.'

    I don't think you can achieve that with current generation FPGAs. At least not for the "back-end control and data processing" they claim to be one of their applications -- it should be achievable for "front-end signal processing", though.

  2. Re:No OS X Port? on TrueCrypt 4.3 Released · · Score: 1

    TrueCrypt provides device-level encryption, so it doesn't need to be aware of HFS+ or any other filesystem you use with an encrypted volume.

    TrueCrypt has to understand your volume format if you want to use the hidden volume feature, because it needs to be able to find unused space in order to initialize the hidden volume.

  3. Re:No OS X Port? on TrueCrypt 4.3 Released · · Score: 1

    Actually, that suggests a way to defend against such an attack: every so often, write new random data to randomly selected parts of each mounted volume's free space. This is close to what you mentioned, but you'd only do it when there isn't a hidden volume. That way, an attacker will always see these suspicious changes, whether there's a hidden volume or not, and #1 above becomes a believable excuse as long as everyone knows about this feature.

    You'd also have to do it when there *is* a hidden volume, but it isn't currently being used, otherwise the lack of changes in empty space would suggest there was data in that space. I think the only plausible way of doing this would be to have multiple keys and randomly switch between them.

    Of course, TrueCrypt would have to be aware of the filesystem you're using in order to know which parts are free space.

    TrueCrypt (at least as of the last version, I haven't looked at the new one yet) requires a FS to be FAT in order to be able to make a hidden volume in it.

    And you'd have to be able to turn this feature off temporarily if you ever needed to mount the main volume without possibly overwriting a hidden volume

    If you're going to be making changes to the main volume, you practically need to also provide the password for the hidden volume anyway, so that it can protect its contents from unwanted changes.

  4. Re:No OS X Port? on TrueCrypt 4.3 Released · · Score: 1

    They only have to force the user password, not the actual monster key.

    My truecrypt password is a sentence containing over 10 words, one of which doesn't appear in any dictionary, using unusual capitalisation and punctuation. Admittedly, most of the rest of the words are fairly common, but still: brute forcing this key is going to take a *lot* of attempts. I'd say I easily have at least 2^100 bits of randomness in there. There's about 2^20 in just how you choose to capitalise the sentence.

    Good luck brute-forcing that.

  5. Re:No OS X Port? on TrueCrypt 4.3 Released · · Score: 1

    Brute forcing true crypt takes a LONG TIME. Just using the standard truecrypt executable, it takes about 2.26 seconds per guess on my Athlon 2500+.

    I think there's an intentional timed delay going on in here. It doesn't take significantly longer than that to attempt to mount a truecrypt drive on my PII-400. A version without the delay should be easy to produce.

  6. Re:Doubt microsoft would care on ReactOS Revealed · · Score: 1

    ReactOS would still require you to be running a full separate operating system. If you wanted to do that, you could run your current Windows XP licenses in virtual machines, and just run Linux on the host, or what have you.

    One key advantage to ReactOS in this scenario is that with a little hacking it could be made to run under Xen's paravirtualization system, which is apparently rather more efficient than full virtualization (as is currently required in order to run Windows).

  7. Re:ironic on ReactOS Revealed · · Score: 5, Informative

    Application Compatibility - Wine can never offer as much compatibility as ReactOS. Since ReactOS actually shares Wine's code base, it is highly unlikely that ReactOS will have significantly better compatibility than Wine.

    Not true. ReactOS uses some of Wine's codebase, but many key areas (window management, memory management, thread support, etc.) are rewritten from scratch to be more compatible with Windows own implementations of these. I've seen Wine fail to run applications before because of some subtle difference in how Linux handles these tasks to Windows. ReactOS can eliminate these issues.

    Driver Compatibility - ReactOS can use native Windows drivers. Projects like NdisWrapper have shown that it is possible to use Windows drivers on Linux too, if enough people are interested.

    Yes. Unfortunately NdisWrapper doesn't really work very well (my limited experiments suggest only about half of the cards out there work with it), CaptiveFS is slow, and no other projects have produced useful results in this field. This is because running a Windows device driver without a Windows kernel is quite tricky. NDIS drivers are a simpler problem: NDIS was originally developed to be an open, cross-platform specification by 3Com. MS have embraced & extended it since then, but at its heart it is still much more portable than many other driver types used by Windows.

    There is also the huge issue of using binary drivers in an open source kernel. It still hasn't been settled whether or not this is ultimately a good or bad thing. However, it is generally accepted that open source drivers are much better than binary, and ReactOS would provide absolutely no motivation for hardware vendors to ever open their drivers, or even to target ReactOS as a platform.

    Frankly, there are a lot of us who have become fed up waiting for working open source drivers for our hardware and would rather just plug a black box in and be done with it.

    Also, if one desired you could rework something like KDE to be VERY similar to Windows, I believe that there are already distro's who try to do this (such as Linspire). There are still differences, but not really significantly more than between Win 98 & XP.

    Actually, there are very substantial differences that can be deeply annoying because they're about the way the basic system works. Details like which control panel applet you use to start or stop services (e.g.) aren't as annoying (to me) as the lack of feedback when a program is starting (KDE does have some feedback, but it doesn't show if the program wasn't started from the window manager, whereas Windows will show it however you start your program). This can't be fixed easily in Linux: it needs the kernel to provide feedback to the window manager to inform it when a graphical subsystem program is in the process of starting up. Linux doesn't have such a thing as a graphical subsystem program, and the window manager is not a special process that could easily receive such feedback from the kernel.

    I think a lot of people have missed the real point of ReactOS. Including the developers, by all appearances. Windows won't run under Xen paravirtualization. There's no reason ReactOS couldn't be ported to it, however.

  8. Re:memory footprint on ReactOS Revealed · · Score: 1

    I want to know how much memory ReactOS takes up versus WindowsXP. Has someone run it who can trivially answer? Did these guys make a smaller, lighter windows?

    Almost certainly. But given that major features are missing, that's hardly surprising.

  9. Re:FUD - ReactOs is legal on ReactOS Revealed · · Score: 3, Insightful

    They can sue all they want, they can't win this.

    Except via patent claims, for which independent development is not an adequate defense.

  10. Re:Inaccurate on The Air Car Nears Completion · · Score: 1

    Electric cars can currently do 300 miles per charge.

    And if you do 300 miles on that charge, you'll deep discharge your batteries, reducing their lifespan. Battery replacement is required every 20,000 miles (up to 30,000 if you don't take long trips) or thereabouts, and typically costs around $2,000, adding a cost of 10c per mile to your running costs.

    Discharging and recharging your compressed air tank doesn't significantly damage it. Is this starting to look more attractive now?

  11. Re:That far on 3 dolalrs? on The Air Car Nears Completion · · Score: 1

    3 dollars to move a _car_ and _passengers_ that distance?

    It's not that insane. Moving a lightweight car at 100km/h can be plausibly achieved with about 10kW of power. The car's probably underpowered at that, but it's doable. A full charge for this car probably only contains a little over 30kWh, and therefore $3 represents a cost per kWh of slightly under 10 cents (although inefficiencies in the filling cycle will drop that price a little). I believe this cost is achievable on an industrial scale.

    What you certainly couldn't do is make a generator from this and get anything useful out of it. You'd probably get less than 20 kW/h and get back less than $2 for your $3 fuel investment.

  12. Re:I'm impressed on The Air Car Nears Completion · · Score: 1

    No. Even top bicyclists have difficulty maintaining 100w for more than half an hour

    Which, if correct, gives the car an even greater differential over and above the cyclist to play with.

  13. Re:How do they come up with the numbers on The Air Car Nears Completion · · Score: 2, Informative

    Run the numbers again. First, it's kilometers, not miles (1km ~= .62 miles). Second, heat engines, like your gas car, are far and away from efficient. We're talking on the order of 30% if you're lucky. Third, pressures of 200 bar isn't as high as modern tanks can go. Modern mass-produced tanks can easily reach, and break in a safe way when damaged, 700 bar. Finally there's the whole weight deal. I'm willing to bet that these cars are much lighter than your typical gas-fed car.

    300 kilometers might be pushing it (not that I'm an expert here)


    OK, some numbers:

    based on the GP's 35MJ figure, a 700 bar tank would contain 122.5MJ.
    For a range of 300km, that's 408 joules per metre.
    Travelling at 100km/hr = 27m/s, 408 joules per metre = 11kW.

    This does sound plausible for a lightweight vehicle, on a long distance journey with little stop/starting.

  14. Re:India on The Air Car Nears Completion · · Score: 1

    And at any rate with the advent of airbags and crumple zones are big steel cars really that much safer?

    Yes. Largely because there are big steel cars on the road that have reinforcements to ensure they don't crumple in the wrong way when driven into a wall, and those reinforcements can just push right through the crumple zone on a smaller car without losing a lot of energy. Not to mention cars with enough ground clearance that their body will hit a small car above the level of the crumple zones, and penetrate straight into the passenger cabin.

  15. Re:graphing calculators on More Videogames, Fewer Books at Some Schools? · · Score: 1

    The ability to go back and see (and modify without completely redoing) ones chain of calculations is rather useful in physics and chemistry.

    In an educational scenario, you should be recording your chain of calculations on paper. No exceptions. If you aren't recording the calculations, how's anybody (including yourself, during revision) going to see how you came to the answer?

    I'm not sure why you'd want one in middle school (is that years 8-10 in the US?), but towards the end it would probably be useful to have.

    I don't think so. When I was at school a few of us had them, and I don't think they had any special benefit from them. Other than being able to put funky programs onto them.

  16. Re:Why are we doing this? on More Videogames, Fewer Books at Some Schools? · · Score: 1

    This seems like a never ending cycle of catering to attention deficient children.

    I couldn't agree more. Kids don't need distracting with games, they need engaging with lively education that teaches them interesting stuff that they actually want to learn about.

    One thing from the summary particularly annoyed me: "educators who feel that current learning plans don't fully engage today's classes." Today's classes are no different, in any meaningful way, from what they have been any time in the last 20 years. Kids are kids, and they behave like kids always have done. If "current learning plans" aren't engaging the classes, it's the educators' faults, not the kids.

  17. Re:New rating for new system? on MS Security Guy Wants Vista Bugs Rated Down · · Score: 1


    Well, I think the point would be something more like this:

    A buffer overflow is found in lsasrv.exe. It's remotely exploitable on Win2k3 server and Windows XP and can run arbitrary code and doesn't require an account on the system (remote wormable). It's only locally exploitable on Vista, requires a local (even if low privileged) account to be logged on an run the code (possibly via social engineering - click here for SomeStarNaked.exe).


    To be fair, that's not the point. That would currently be rated Critical on 2k3 and XP and Moderate on Vista. According to the current rules, to be "critical" something must be remotely exploitable.

    I think his point is more like, "well, this might *theoretically* be remotely exploitable, but address-space layout randomization makes it rather difficult, so can't we downgrade it?" -- to which I think MSRC's answer ("No.") is totally correct.

  18. Conservative? on MS Security Guy Wants Vista Bugs Rated Down · · Score: 2, Insightful

    "The MSRC folks are, understandably, very conservative and would rather err on the side of people deploying updates rather than trying to downgrade bug severity"

    Err, right. So if they're so conservative, how come they'll rate a remote code execution bug as "moderate" if the code is run in a restricted context (see, e.g. http://www.microsoft.com/technet/security/Bulletin /MS06-013.mspx - particularly the DHTML bug)?

  19. Re:Grokster is in favor of YouTube on A Law Professor's Opinion of Viacom vs YouTube · · Score: 2, Interesting

    I believe that if you read Grokster, you will find that the court's rationale is favorable to YouTube.

    That's not Lessig's point: his point is that in making the Grokster decision, the court effectively created new liability for an action that wasn't covered by legislation. This is something they've previously shown themselves unwilling to do. If they do the same thing in this case (i.e., create new liability that doesn't originate in legislation but which protects copyright holders more than the legislation does), they could find against YouTube.

    Bizarrely, I think he's wrong. Yes, I know he knows more about law than I could ever hope to, but I think his bias is blinding him to a simple fact: the liability in the Grokster case was not new. It was simply combining existing theories of liability in an obvious but previously unused way (kind of like most software patents...). But any finding against YouTube would have to be completely new: it would need to find a way to limit the safe harbor provisions of the DMCA in a way that has never been done before. Going up against a lack of legislation is easy, you can find ways around the edges. A lot of law is like that. Going up against solid legislation that says your case should be thrown out is rather trickier. You have to confront it directly.

  20. Re:Allow me to preempt the next 500 posts on Archive.org Sued By Colorado Woman · · Score: 1

    In general, it does not cover 100% reproduction of an original work in the same form and for the same purpose, which is what we're talking about here.

    I disagree that the purpose is the same. The use is transformative in that it turns live web pages into historical records that can be searched by date and time to show how sites have evolved over the course of their history. The use is also non-commercial and is unlikely to significantly impact the commercial viability of operating a web site for profit. Because of these three factors, I believe the use of 100% of the material is appropriate.

    Of course, that kind of decision is for the trial judge to make, not me, but I'm pretty confident he'll come down on the side of IA's use being fair use.

  21. Re:Posted notice? on Archive.org Sued By Colorado Woman · · Score: 1

    IANAL but there are legal doctrines (laches? estoppel?) that limit damages you may claim after you choose not to take actions which would reduce those damages. She wasn't required to invent robots.txt, but to disregard it once it's in universal use is damning.

    I'm not either, but I know estoppel isn't what you're talking about. I don't know what laches are, though. The problem is, though, that robots.txt cannot achieve what she wants: you can use it to specify "you can spider this content" or "you can't spider this content." What she wanted to say is "you can spider this content all you like, but if you want to make a permanent copy of it you need to pay me $5000 in advance." robots.txt couldn't solve her problem, so I don't see any reason she should have had to use it.

    If that doesn't cost her a case, she has to either pursue statutory damages (no more than three months before registering her copyright, or anytime after)

    Good point. Unfortunately, the copyright registration database at copyright.gov is currently offline for maintenance, so I can't search it to find out if she has registered the copyright on her site.

    or show actual damages to the true market value of her work. I can't believe anyone has ever willingly agreed to her contract (obviously general web mirrors could never afford to), so whatever number she puts there is nothing more than wishful thinking.

    As I understand it, actual damages would probably be decided by a jury (at least if she wants one) and juries routinely overestimate the value of works, particularly if they have numbers like $150,000 (~30 pages x $5,000) put into their heads during the trial.

    I'm lucky enough to live in a jurisdiction (the UK) where (a) actual damages is all that's usually available in such claims and (b) are decided by a judge, not a jury. Which seems to me to be a much more sensible system.

  22. Re:Posted notice? - RTFA on Archive.org Sued By Colorado Woman · · Score: 1

    But if she specifically wanted her content not to be archived, she could have prevented that with robots.txt files and/or meta tags.

    True, but that isn't what she wanted. She wanted to be paid $5,000 per page copied.

  23. Re:Allow me to preempt the next 500 posts on Archive.org Sued By Colorado Woman · · Score: 1

    Nothing in my previous post implies that legitimate search engine activity would be barred, not least because the copies made for that purpose are likely to fall under fair use (or local near-equivalent) exemptions.

    You stated in your previous post that fair use does not allow republication. While you were incorrect in this point (which I have pointed out in a separate post), if it were true, it would prevent google from operating as they currently do, as they excerpt the title and a small amount of text from each page they produce in a search result and republish it on their own site.

  24. Re:Allow me to preempt the next 500 posts on Archive.org Sued By Colorado Woman · · Score: 1

    OK, since we've got here already, let me preempt the next 500 factually incorrect "moral high ground" type posts.

    And let me correct your misconceptions.

    Fallacy: By putting your content on the web, you're giving permission for archive sites to duplicate it.
    Reality: By putting your content on the web, you're giving permission for visitors to read it. Under the law in many jurisdictions, they are also allowed to make personal copies of the work under "fair use" style legislation. However, nothing about this gives any permission to republish it in any jurisdiction I know of, and indeed it's hard to see how it could do for any nation that is a signatory to the major WIPO treaties. Even if this were the case, such permission would be implicit, and there was an explicit notice on the web site in this case making her wishes clear.


    The only jurisdiction that matters is the one Internet Archive is based in. I procede under the assumption that this is a US jurisdiction. The US fair use exemption does allow for republication, specifically. Here, for example, is a case where fair use was deemed to allow republication. No notice, however explicit, can take away fair use rights: in the case I just cited, the owner of the copyright did in fact explicitly deny permission for the publisher to republish their work, but the publisher did so anyway and it was held to still be fair use.

    Fallacy: This isn't fair: software can't read arbitrary contracts!
    Reality: This is not her problem. If someone wants to use software to copy stuff that isn't theirs, it is their responsibility to make sure that doing so is legal.


    Yes, it is. That doesn't mean that they have automatically accepted the terms of her contract: in common law jurisdictions (including the US), to form a contract one must intend to do so. A computer program cannot have such intent, although its programmers may have had intent when they wrote it, and its operators may have had intent when they instructed it to perform a certain task. As Internet Archive clearly did not know about the contract in this case, it is unclear how they could have intended to enter into it.

    It also means that regardless of the legality of copying the material, she has no right to demand the $5,000 per page fee that is specified in her contract (although this published tariff may be taken into account in setting the amount of any damages she is awarded for copyright infringement). Nor does she have any right to demand the $50,000 late payment fee specified in her contract (although she may be entitled to statutory interest, depending on the jurisdiction in which the case is heard).

    (Note: the above is not legal advice, check any information with a lawyer before placing reliance on it, it is provided for informational purposes only, etc.)

  25. Re:Posted notice? on Archive.org Sued By Colorado Woman · · Score: 1

    There are rules and requirements for determining if 'notice' is sufficient. The robots.txt file _is_ the language to use to post such as notice, and not understanding such measures doesn't excuse the woman's actions in suing company's who send spiders. Effectively, not having the robots.txt file conflicts with her statements in the text of the site and they should smack her down.

    I think robots.txt is a red herring in this case. robots.txt is not a legally mandated protocol; it is purely advisory.

    Besides, her contention is that she doesn't really mind Internet Archive having copied her site, she just wants $5,000 per page they copied, plus $50,000 for each page additionally for not paying in advance, as this was the terms of her so-called contract. How should she have specified this via robots.txt?