Slashdot Mirror


User: mpe

mpe's activity in the archive.

Stories
0
Comments
14,499
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 14,499

  1. Re:Before everyone starts jumping the gun on Airport To Tag Passengers With RFID · · Score: 1

    Until I read your post, I envisioned someone watching a computer screen with thousands of little dots overlaid on a floorplan of the airport, and saying something like: "Congestion at security line 6, open 2 more lines", or something like that.

    If such a system was viable you'd expect major supermarkets to to looking at it. If their checkouts are too busy customers can just leave, with goods having to be either reshelved or disposed of...

  2. Re:How does this improve security? on Airport To Tag Passengers With RFID · · Score: 1

    Worse, this system is actually going to make matters worse: it costs money, people need to be watching the system, and people need to investigate whateven "suspicious behavior" occurs. All this takes resources away from more effective measures.
    At least, that's how I see it. Maybe I'm missing something. Maybe this system is dumb. Or maybe it actually rather cleverly serves a purpose _other_ than security (e.g. putting money in the pockets of the designers).


    If the latter, were it to provably fail they can always claim they were provided with "insufficent resources" (i.e. they want more money...)

  3. Re:The 'hurdle' of people's rights? on Airport To Tag Passengers With RFID · · Score: 1

    I honestly don't think that it is oppression. It is ignorance and incompetence. People demand things that make them *feel* safer

    Typically from a small list of options presented by the untrustworthy.

    and forget to worry about whether they *make* them safer

    Or at least make them no less safe.

  4. Re:Dog collars. on Airport To Tag Passengers With RFID · · Score: 1

    If a guy wants to go to some restricted area to do any mischief, he would not be wearing his dog collar. He would conveniently slip it onto someone else or make an accomplice carry two tags (one inside and one his own) while he slips into the secure area. I am not really sure what they are planning to accomplish by watching the dots.

    The only way in which such a system could work would be if it is possible to accuratly track people as well as tags. Thus could identify an untagged person in the secure area, even if they are in close proximity to tagged people.

  5. Re:Security? on Airport To Tag Passengers With RFID · · Score: 1

    Of course any real terrorist will make sure that he (or she) acts as normal as possible.

    Even if such a system could flag "too normal" as well as "too abnormal" the number of false positives would render it worst than useless for actual security.

  6. Re:Terrorists rare, tourists common. on Airport To Tag Passengers With RFID · · Score: 1

    Well, when the next guy blows a plane up with the explosives he put up his ass, they can show every move he made on the airport _before_ he boarded.
    Not like the shady photos last time,


    Without a datestamp and of such poor quality they could have been shot anywhere at any time.

    this makes much better TV afterwards. People will feel so relieved.

    Assuming that this system dosn't suffer a malfunction co-incident with a terrorist attack

  7. Re:Big worry on Real-Time Computer-Based Translation in Iraq · · Score: 1

    I think the IraqComm system is restricted to the "force protection" domain, so it probably keeps it pretty simple. You can talk about stuff like "where is the bad guy?",

    How well will it handle a response along the lines of "look in the mirror" though?

  8. Re:Big worry on Real-Time Computer-Based Translation in Iraq · · Score: 1

    I don't see this being any real use except for the most basic translations, like which way to the mosque, or do you need a doctor.

    In which case a phrase book(let) is just as good, as well as lighter and cheaper.

  9. Re:Big worry on Real-Time Computer-Based Translation in Iraq · · Score: 1

    Not to mention a panicked, confused english speaker who just had his leg blown off by an IED.

    In which case such a translation device is hardly needed. The locals are likely to make the descision to provide medical aid or kill him (something they may well be attempting to do to all enemy soldiers) regardless of if they understand him or not. Being able to speak the appropriate language might possibly help, but a "translation machine" is unlikely to.

  10. Re:Computer: AL YOUR QAEDA ARE BELONG TO US on Real-Time Computer-Based Translation in Iraq · · Score: 2, Interesting

    On a more serious sidenote, it is indeed interesting to know that the "Arabic numerals" are actually called "Indian numerals" in Arab countries.

    Arabic text usually uses Hindi numerals. Regardless of the numerals used, numbers in Arabic read from left to right.

  11. Re:Radio-Cochlear Overlords on Radioactive Snails Crawl Up From Beneath · · Score: 1

    Bottom line is that DU is DEPLETED, and is about as radioactive as common dirt

    It's "depleted" in the sense that the proportion of U235 is less than in naturally occuring Uranium. U238 is still radioactive, as are it's "daughters".

  12. Re:DISASTROUS NEWS ! on Microsoft Plugs a Record 26 Security Holes · · Score: 1

    Microsoft may know of 100 more that they simply haven't disclosed. We'll never know. But anyone can inspect Firefox.

    Also anyone can add to the official bug list for Firefox.

    Don't think that simply because IE has less publicly documented exploits that it's more secure. Unless you work for the software vendor, you will never really know how secure any proprietary software is.

    It's perfectly possible for the software company not to know about bugs in its own software. Especially if they are a large corporate entity.

  13. Re:Callbacks Are Evil on GMail and Sourceforge E-mail Bouncing Saga · · Score: 1

    The end result, however, is that it pushes your spam problem back on to the domain forged into the spam. It causes an extra load on that server as it has to accept all these bogus connections. For another it will just encourage spammers to forge other people's actual addresses as the sender of their garbage.

    Or to create a DDOS, with an additional level of "protection".
    There dosn't appear to have been that much discussion of the idea of "call-backs" prior to implimentation.

  14. Re:Callbacks Are Evil on GMail and Sourceforge E-mail Bouncing Saga · · Score: 1

    Spammers tend to forge the "from" address. So the message is actually sent from billys-compromised-computer.dsl.att.net with the form field is "george@example.com". In this case GMail attemps to send a message to "george@example.com". If the message doesn't bounce, hooray, maybe this isn't spam. So this actually takes the resources of example.com not billys-compromised-computer.dsl.att.net. Now, if everyone is doing this, everyone is using up additional resources for verification to solve a spam problem we all have, so it kind of evens out.

    About the only useful bit is that billys-compromised-computer.dsl.att.net. might be kept waiting whilst gmail.com is querying the MX's for example.com to find out if any of them have heard of george.
    There are easier ways for gmail.com to make it harder for billys-compromised-computer.dsl.att.net. including methods which are less resource intensive for both gmail.com and example.com.

  15. Re:Callbacks Are Evil on GMail and Sourceforge E-mail Bouncing Saga · · Score: 1

    Out of curiosity, how does this interact with greylisting? (Or indeed, what happens when the receiving SMTP server is down or overloaded?)
    The correct behaviour would be for the "callback MTA" to return a 4xx code if it cannot establish an SMTP connection to any of the MX hosts or if it receives a 4xx code. Though this dosn't mean that the system in question will do that. Especially if what has been produced is in effect a private hack without careful checking having been made against any possible way another MTA can react within the scope of RFC 2881. (It's also possible that a bug in an MTA's handling of SMTP may only show up when it attempts to perform such a "verification".)

  16. Re:SPF records.... on GMail and Sourceforge E-mail Bouncing Saga · · Score: 1

    Sourceforge is employing callback verification, which is not only abuse itself (it's basically a dictionary attack that we're just supposed to trust is for good and not evil), it's also incredibly broken.

    Conceptually it isn't "broken". Though a specific implimentation may well be broken. Handling MX lookups appears to be something a common problem with MTA implimentations, e.g. aplication caching of DNS.
    Even if the implimentation is absolutly spot on there is the issue of interaction with "anti-spam" systems, especially those which use black or white lists.

  17. Re:It is definitely Sourceforge's problem on GMail and Sourceforge E-mail Bouncing Saga · · Score: 1

    The mailserver I manage at work uses callbacks. It almost never causes problems. In cases where the sending server refuses MAIL FROM:<> it tries to use MAIL FROM:<mailer-daemon@domain>.

    What do you mean by "the sending server"? Just because a machine is making an SMTP connection does not mean that it is under any obligation to accept SMTP connections itself. Even if it does it could quite legitimatly return "relaying denied".
    The only sensible way of doing such "call backs" is by first doing an MX lookup on the domain part of the RCPT TO: to work out which machines you should even be trying to contact. You also need to be very careful if you use anything other than MAIL FROM:<>. Using MAIL FROM:<mailer-daemon@Yourdomain> raises issues of avoiding mutual recursion. Using MAIL FROM:<mailer-daemon@anythingotherthanyourdomain> means that it is possible to get a "Who do you think you are trying to fool?"/"I don't like open relays" type response.

    The only known problem occurs when the called server first accepts MAIL FROM:<> and then rejects the RCPT TO: with an error referring back to the <> source.

    What do you mean? (See section 4.3.2 of RFC2821.) The only part of a response which any program should be looking at is the 3 digit number. Any text following that is a comment to try and help humans, an MTA may log it but trying to interpret it would be violation of the SMTP protocol.

  18. Re:You think it's bad now?! JUST WAIT. on Traveler Detained for Anti-TSA Message · · Score: 1

    I so hope the next president declares Bush an enemy combatant and sends him to gitmo. If for no other reason, the irony would be so delicious!

    Unless something very drastic happens "Camp Neo-Con" is unlikely to come to pass though.

  19. Re:The Spin of the Dot on WGA — Too Many False Positives · · Score: 1

    I think the point is that there are a significant number of apparently legitimate Windows users who are having problems with their computers because of WGA. Since WGA offers no benefit to users, this is an instance of Microsoft taking actions which harm their own legitimate customers because of a policy which doesn't help any customers.

    Effectivly WGA is a kind of DRM... With all the associated baggage.

  20. Re:huh? on Microreactors Change Propane into Hydrogen · · Score: 1

    Right now, today, we only have one, maybe two, wide-scale energy distribution systems. Its gasoline. If we can easily and cheaply make a gas station do double-duty as a hydrogran station that solves the short term problem of how to fill-up hydrogren powered cars. The expectation is that over time, as hydrogren powered cards theoretically become widespread, we can slowly build up alternate distribution system(s) to support them as we wean off of gasoline.

    Probably more economically viable to come up with a non petroleum source of gasoline. At least some sort of fuel which is liquid between -50 to +60 Celsius and 1 bar pressure.

    PS - the other "maybe" distribution system is electricity.

    You missed out piped methane...

  21. Re:Nostalgia... on EU Software Patent War Ignites Again · · Score: 1

    How does the patent system protect creative work? By disallowing anyone else from using the same idea after you've patented it? Is that what you call protectiong--by preventing others from benefiting from an idea that others could have just as easily arrived at on their own?

    In which case the "obvious test" might apply. This cannot happen where the people examining patent applications are not experts in the subject(s) concerned. Especially since "obvious things" may not be well documented because anyone writing technical documentation will tend to assume the reader knows the "obvious".

    Just look at all of the recent patent-related lawsuits. They only protect the right of individuals to monopolize an idea and prevent society from benfiting from the idea or taking the idea further (and in some situations, from even realizing an idea that hasn't been put to work)

    Which is counterproductive, especially in places such as the USA where "intellectual property" only exists to further the publication, distribution and development of useful ideas in the first place.

  22. Re:the best solution, obviously on EU Software Patent War Ignites Again · · Score: 1

    Yes, because clearly the best solution isn't to simply fix the law,

    The law isn't actually broken here, the issue is more one of lack of enforcement.

    but to create an entirely new governmental bureacracy.

    However not one which would actually do something useful. e.g. compile a list of bogus patents to prevent any possible attempt to enforce them.

  23. Re:Privacy for the Incidental on Gonzales Wants ISP Data Retention To Curb Child Porn · · Score: 1

    For a fun exercise, try sending an HTML e-mail to the US Congress with an image of child pornography embedded. Bonus points if you're not a US citizen.

    More bonus points if the imaghe in question is not "child porn" according to your laws, but is according to US law.

    By simply having checked their mail that day, every member of congress will have violated the law about recieving and posessing. Under the Child Pornography Prevention Act of 1996 that subjects all of congress to a MANDATORY minimum sentence of 15 years.

    Do these "people" actually check their own email though?

    That, at least, would do a great deal of good for the country.

    IIRC There is a fair about to truth in Mark Twain's comment about native Amercian criminal classes.

  24. Re:Privacy for the Incidental on Gonzales Wants ISP Data Retention To Curb Child Porn · · Score: 1

    However, I know that they never stop there. If they have the information they won't use it for just investigating cases of child pornography.

    Will it even get used primarily for the stated purpose? Consider how "anti-terrorism" laws actually get applied. Both the herassment of people who almost certainly arn't terrorists and ignoring of people who actually pass the "duck test".

  25. Re:Phew... on What Is Real On YouTube? · · Score: 1

    The freedom is exactly why you need to treat it with skepticism. The lies on the Internet don't have to filter through the editors at the paper or the censors on TV.

    Which may make them easier to spot. Since one of the things "editors" and "censors" can do is help ensure that lies are consistent.