Slashdot Mirror


User: raymorris

raymorris's activity in the archive.

Stories
0
Comments
10,114
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,114

  1. Department of Education: Discrimination isn't on Former Yahoo Employee Challenges the Legality of Yahoo's Ranking System (nytimes.com) · · Score: 5, Insightful

    When I worked for a state university system I had occasion to read the DOE regulations about discrimination. Colleges are required to file various paperwork about racial and gender statistic of students who apply, students admitted, and students who graduate, to prove that they aren't discriminating. I was a bit surprised to find out that the DOE regulations explicitly state that discrimination against males and caucasians is not discrimination. I wonder of the Department of Labor has a similar rule.

  2. aren't foam RC planes easier than bald eagles? on Dutch Police Train Bald Eagles To Take Out Drones · · Score: 1

    Are these eagles to be permanently "deployed" , living in the wild in border areas, or cared for and transported by staff?

    If humans need to be involved each time , it seems like a "foamie" RC plane (with automatic stabilization) would be easier to handle than an eagle. Crashing into the drone would sometimes wreck the $25 foam body.

  3. doesn't fit the criteria on Microsoft Edge's Private Browsing Mode Isn't Actually Private (betanews.com) · · Score: 4, Interesting

    You're thinking of "implied warranty of fitness for a particular purpose ", as it's called in the Uniform Commercial Code. There's also warranty of merchantability. Let's look at each in turn.

    The terms and conditions can explicitly and clearly disclaim the warranty of fitness for a particular purpose, and I'm sure Microsoft's terms do so. They can't disclaim warranty of merchantability so easily. If they do disclaim fitness for a particular purpose, that's the end of that. If they didn't disclaim the warranty, UCC has two conditions. First, the seller must have reason to know what purpose the buyer intends to use it for - browsing porn without having the address bar later autocomplete xvideos.com? National security level espionage? Secondly, the seller must habe reason to know that the buyer is relying on the seller's expertise to recommend an appropriate product.

    Microsoft doesn't know whether you intend to use it to avoid having autocomplete accidentally embarrass you or if you're trying to foil expert forensic investigators. Since they don't know which purpose(s) you might use it for, there is no warranty of fitness for a particular purpose.

    On to warranty of merchantability. This applies even when the seller does NOT know what purpose you plan to use it for. Because the seller doesn't know, he warrants only that it's useable for SOME purpose. If the mode successfully avoids accidental embarrassment from autocomplete, accidentally hitting the back button down-arrow, etc, then it is useful for SOME purpose and therefore the warranty of merchantability is met.

    Suppose some warranty was NOT met (and not successfully disclaimed). Then you could sue Microsoft for actual damages. If you prove that an accidental autocomplete during a business presentation got you fired, they would need to compensate you for the lost pay.

    Lastly, you mentioned false advertising. What exactly do Microsoft's ads say about the feature? I suspect they do not say "prevents forensic examiners from determining anything about your browsing history".

  4. In Texas we have that magic on Newegg Sues Patent Troll After Troll Dropped Its Own Lawsuit (arstechnica.com) · · Score: 1

    > you'd never even dream of packing and moving yourself. Nope. Unless you can magically get all that stuff from one place to another? Yeah.... There's probably a law of physics to describe it.

    In Texas, we call that mqgic force that moves thousands of pounds of stuff "Mexicans". You can find it at Home Depot.

  5. ps: Not literally the same file for BSD, of course on FTDI Driver Breaks Hardware Again (eevblog.com) · · Score: 1

    Before some silly person jumps in, obviously that exact file is for Linux. The BSD versions are similar and also safe from the manufacturer's bullshit.

  6. here's the safe driver for these chips on FTDI Driver Breaks Hardware Again (eevblog.com) · · Score: 4, Informative

    Here's the safe driver, in the form of source code so you could check it yourself if you want to.

    http://lxr.free-electrons.com/...

    This driver does require a non-crap operating system, of course. Linux, FreeBSD, OpenBSD, etc probably OSX will work too.

  7. grain of salt, but sound advice on NSA Hacker Chief Explains How To Keep Him Out of Your System (wired.com) · · Score: 5, Insightful

    Indeed, I'm skeptical of anything from the NSA, but his advice matches with my experience (I've been doing network security professionally for a long time).

    He made one point that definitely rings true. People get excited about "advanced" stuff like zero-days and jumping air gaps with ultrasound, while their IIS hasn't been updated in three years, their users are opening funnycat.exe, and they've never tested their backups. It's not the NCIS stuff that'll get you, 95% of the time, it's the boring best-practice stuff that's missed; security updates, tested offsite backups, etc.

  8. If you take 3 different steps to conf it public on Sensitive Information Can Be Revealed From Tor Hidden Services On Apache (dailydot.com) · · Score: 1, Informative

    First, the server admin would have to enable mod_status.
    Then, by default it's visible only from the server itself - the physical console or an ssh connection.
    Than to see the request urls, you have to turn ExtendedStatus on as well.

    It's easy to miss one of these steps when you're TRYING to turn it on. If you're offering a hidden service, it seeme rather unlikely you'd work so hard to gather and publish extended status.

  9. yeah we'd hang out. Super Walmart organization on Newegg Sues Patent Troll After Troll Dropped Its Own Lawsuit (arstechnica.com) · · Score: 1

    If you were in Texas, we'd probably enjoy hanging out. I haven't yet collected THAT much stuff, but I'm not retired yet. :) I HATE to buy something to replace I've bought before and lost or gotten rid of, or rent something multiple times, so I buy stuff and keep it.

    As to organization, I looked to Super Walmart for inspiration. I try to more or less organize things the same way Walmart would. When a tub or shelf gets full, it's divided into two more specific tubs. Ie if I'm putting away dry-cell batteries and the tub is full, it gets divided into two tubs for two different types of batteries. You might have to treat your stuff more like a strip mall - the auto parts store area, the hobby shop area, etc.

  10. 8 channel audio + gbps on aux lane. Short cable th on In Memoriam: VGA (hackaday.com) · · Score: 2

    The Displayport specification optional audio up to 8 channels, plus gigabits available on the auxiliary for whatever else a manufacturer wants to support.

    The main advantage of HDMI is longer cables. Displayport is currently speced at three meters, while HDMI is longer (10 meters?). Of course with either standard you can use a longer cable and it may work with your specific devices and that specific cable, but it's not guaranteed beyond the specified lengths.

  11. SSL hides malware added by WordPress etc hack on Google Will Soon Let You Know By Default When Websites Are Unencrypted (softpedia.com) · · Score: 1

    While it's true that https makes it harder to MITM the guy's blog or whatever, in my 15 years of full-time web security work, I haven't seen too many problems with MITM.

    What I've seen a LOT more of is hacked sites. Some Wordpress vulnerability or whatever and the bad guys add malware to the public pages, while hosting phishing related pages in hidden directories. 99.9% of malware on sites is actually added to the site, not MITM by a rogue ISP or whatever. (And if you're buying internet service from a rogue ISP that alters web pages, you need a new ISP, not a red X).

    A security-conscious company, head of household, or even ISP can largely protect users against malware that's been added to sites by detecting it at the firewall, as it enters the network. Unless of course it's https, in which case you can't detect the content at all. (Unless you do your own MITM, which often turns out badly).

    So while https on a content site, a site that doesn't handle secure transactions, can theoretically reduce the risk of something that rarely happens anyway, it makes it much harder to protect against the FAR more common threat.

    That's just my experience, my fifteen years with the 70,000 or so client web sites I have data for.

  12. It makes hacked sites more dangerous, are common on Google Will Soon Let You Know By Default When Websites Are Unencrypted (softpedia.com) · · Score: 1

    While it's true that https makes it harder to MITM the guy's blog or whatever, in my 15 years of full-time web security work, I haven't seen too many problems with MITM.

    What I've seen a LOT more of, at least 200 times more, is hacked sites. Some Wordpress vulnerability or whatever and the bad guys ad malware to the public pages, while hosting phishing related pages in hidden directories.

    A security- conscious company, head of household, or even ISP can largely protect users against malware that's been added to sites by detecting it at the firewall, as it enters the network. Unless of course it's https, in which case you can't detect the content at all. (Unless you do your own MITM, which often turns out badly).

    So while https on a content site, a site that doesn't handle secure transactions, can theoretically reduce the risk of something that rarely happens anyway, it makes it much harder to protect against the far more common threat.

    Overall, turning on the light and seeing what's flowing through your network is often safer than operating in the dark. In the dark you may -feel- like noone can see you, but in fact you can't see what's going on either. Often, what's hiding in the dark is more dangerous than being visible in the light.

    That's just may experience, my fifteen years with the 70,000 or so client web sites I have data for.

  13. $120 billion / yr is tiny? 170 year old startup? on Microsoft's Windows Phone Platform Is Dead (windows10update.com) · · Score: 1

    > Tiny hipster infested start-ups

    $120 billion / year (twice the size of Google) is tiny? An organization that's 170 years old is a startup?

    That's who I worked for at my last job, where I was issued a Mac desktop, A Mac laptop, and an iPad.

  14. readers don't pay attention on Ask Slashdot: Economical Lego-Compatible 3-D Printer? · · Score: 2

    Although it's funny, I have found it is often best to say the same thing in two or three different ways because people are terrible about paying attention to what they read. Had the submitter not said "economical", "inexpensive" three or four times, people would be posting suggestions for $23,000 printers. Followed by linking to printers with 10X too much tolerance for the job.

    In college, my speech teacher said "tell them what you're going to tell them, tell them, then tell them what you told them".

  15. width causing side scroll IS an annoyance on Slashdot and SourceForge Sold, Now Under New Management (bizx.info) · · Score: 1

    In the Android browser, I don't get the same issue of the blank grey area, but I do have to scroll sideways. Whichever element has it's width set to pixels or inches, they should remove that width declaration or set it to a percentage. Then the browser can flow the page to the appropriate width.

  16. Lost mobile, but Windows still owns the data cente on Microsoft's Windows Phone Platform Is Dead (windows10update.com) · · Score: 1

    Although Microsoft basically lost the client side when everything went to mobile, at least the servers those mobile clients connect to still run Windows. Oh my bad, even Microsoft's own servers are likely to run BSD these days.

    At the office, I did see one guy with a Windows desktop instead of a MacBook Pro, so there's that.

  17. cheap activated carbon filter? anyone KNOW? on Desktop 3D Printers Shown To Emit Hazardous Gases and Particles (acs.org) · · Score: 1

    It seems like a cheap little activated carbon mesh filter in front of a small fan would take care of most of the particulates. Does anyone know of something like that, or something else cheap and easy, would significantly reduce the VOCs?

    This being Slashdot, I'm sure some readers have a strong opinion and no clue, but I wonder if someone here actually knows about filtering o absorbing VOCs.

  18. I may be about to buy 24 TB on Newegg Sues Patent Troll After Troll Dropped Its Own Lawsuit (arstechnica.com) · · Score: 1

    Funny, when you said "fortunately, I'm not a hoarder and I'm not a huge fan of clutter. I'm always able to find some kind soul who's willing (often eager) to take my tech hand-me-downs", I was mentally raising my hand. Have you seen on Mythbusters the big shelves of tubs in Jaime's shop, all neatly labeled with labels like "rubber body parts" and "linear motors"? That's me.

    Then as I began to think of a funny reply, you ended with "I, umm... I don't suppose you need some extra hard drives?" As a matter of fact, I'm about to buy 24TB of drives if a certain customer finalizes their order with me. I run a hot spare / backup service called Clonebox, so I buy several drives at a time, and put them in rack enclosures which hold 12-16 drives each.

  19. Classic works great for mobile on Slashdot and SourceForge Sold, Now Under New Management (bizx.info) · · Score: 4, Insightful

    I don't like the "mobile" site introduced by Dice either.

    As you may know, down at the bottom of the page is a link to use the "classic" interface. That's always worked great on all my mobile devices, even old tiny ones, and it works great on a desktop too.

    I check Slashdot a couple times per day, mostly on my phone. The good old-fashioned simple html of Classic works fine imho.

  20. Yeah MARKETPLACE is any random seller on Newegg Sues Patent Troll After Troll Dropped Its Own Lawsuit (arstechnica.com) · · Score: 1

    Yeah, the Newegg Marketplace means you're not buying from Newgg, but from some random person who signed up to sell on their site - much like Amazon or eBay.

  21. This isn't a first for Newegg. Also, great fakes on Newegg Sues Patent Troll After Troll Dropped Its Own Lawsuit (arstechnica.com) · · Score: 4, Insightful

    >These days I almost always find better prices on Amazon for the same stuff.

    Amazon has probably the largest proportion of counterfeit products of any retailer, due to the way their business works. Some of them are very good counterfeits; the fake Otter Box from Amazon I looked at the other day had a perfect look-alike box, with the hologram sticker, very hard to tell the difference between the fake and the real thing except the fake was a bit lower quality. The rubberized button covers weren't really rubberized, so it was very hard to press the button, etc.

    On the other wide, Newegg has been a leader in fighting patent trolls for years. Is it worth an extra dollar or two to be confident of getting legitimate products, while supporting a company that's fighting patent trolls?

  22. Document the costs and benefits, management decide on Ask Slashdot: How To Work On Source Code Without Having the Source Code? · · Score: 4, Insightful

    Maybe the cost to have people work on-site is worth it, maybe not. Management said they wanted to keep the code on-site, and management wants to manage costs. Management can decide whether working on-site is important enough to them that they want to spend the additional money, after you tell them how much it will cost them.

    So estimate the costs for each option, then let management decide - do they want to spend three times as much to have people on-site, given that there is little to no benefit? Are they happy with remote desktop, given the costs? Let management decide their own priorities.

  23. the multiplixer makes the difference on Why 6 Republican Senators Think You Don't Need Faster Broadband (cio.com) · · Score: 1

    Baseband:
    A type of data transmission in which digital or analog data is sent over a single unmultiplexed channel, such as an Ethernet LAN.

    After it is de-multiplexed, it can be sent over a baseband medium (or a broadband medium). The T1 itself is defined as 24 channels, and is therefore broadband.

  24. secret, yes. Somewhere is on NSA Wants To Dump the Phone Records It Gathered Over 14 Years (thenextweb.com) · · Score: 1

    > There will absolutely be copies of it on a unpatched Windows server somewhere in Hilary's basement.

    FTFY
     

  25. 2 phone numbers + two times = 13 bytes. 200TB tota on NSA Wants To Dump the Phone Records It Gathered Over 14 Years (thenextweb.com) · · Score: 1

    > Metadata consists of at least originating number, called number, time, and duration. Call it 64 bytes per call.

    Each phone number needs 34 bits (call it 5 bytes, 40 bits), start time 32 bits, and duration 16 bits. So 17 bytes with dumb storage, no compression, etc.

    The sorted field (start time) trivially goes to nearly nothing. Which field depends on how you store it. (If it's a simple log in chronological order, there would one timestamp (with 1-second resolution), followed by a few thousand calls made at that time.

    Assuming it is a simple log of start time followed by all of the calls at that time, that's 13 bytes per call, 200 TB total.

    It could be stored on a pocket full of micro SD cards.