Slashdot Mirror


User: bill_mcgonigle

bill_mcgonigle's activity in the archive.

Stories
0
Comments
18,097
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 18,097

  1. Re:who cares? on A Tale of Two MySQL Bugs · · Score: 2

    I never knew about Berkeley DB though, lol. It has been seized by Oracle in 2006.

    If you work on a FLOSS project that uses BDB, seriously consider if LMDB can work for you as well (or often better).

  2. Re:... on the other hand, where is Microsoft ? on Yahoo and Facebook Join Google In FISC Petition After Government Talks Fail · · Score: 1

    NSA_KEY

    hey, man, they're keeping up with the times too:

    "When we upgrade or update products we aren't absolved from the need to comply with existing or future lawful demands."

  3. Re:The same fate as ships on Aeroscraft Begins Flight Testing Following FAA Certification · · Score: 1

    yeah, they call that "freestyle cruising". Oh, wait, that might be the other thing that ruined the cruise experience. Or was it the TSA at the docks...

  4. Yeah, the Tor Project knows on Most Tor Keys May Be Vulnerable To NSA Cracking · · Score: 1

    If you want to see their status report and plans to address it, see this post from April, 2012 and follow the links:

    http://archives.seul.org/or/talk/Apr-2012/msg00068.html

    Here's the page to configure a yum repo for the 0.2.4 branch:

    https://www.torproject.org/docs/rpms.html.en

    They ask that relay nodes run this.

  5. If the intent of the patent system was to 'foster innovation', we're not seeing that actually happen.

    Yeah, that's what the Constitution says. But if you bring that sort of argument before the Supreme Court, they'll laugh you right out of town. Because, in the end, they merely use the Constitution to find contrived reasons to implement whatever policy they damn well feel like.

    The country was lost to the corporations under FDR's watch, and he was quite pleased about it. The little people can't be trusted.

  6. Re:Looks familiar on Ars Test Drives the "Netflix For Books" · · Score: 3, Insightful

    The one here is excellent, no way will I ever rent books. You're paying for that library anyway, use it.

    I don't think I've ever borrowed a book from the local libraries as an adult. They have pretty much nothing I'm interested in (too esoteric) or anything that would be useful for work (they have six books on beginning photoshop, but there are two guys in town who use git, so nothing on that). Plenty of pulp fiction and childrens' books, but even their interlibrary loan is really weak (I used to ask things like, "can you get me a book on sword metallurgy?" / "no", and eventually gave up). By time I drive there and back, many of the books on Amazon used are within a dollar of being cheaper too.

    And, yes, I do have to pay for the 'privilege' of having these libraries. Score one for the pop-culture junkies.

  7. Re:Looks familiar on Ars Test Drives the "Netflix For Books" · · Score: 3, Informative

    It's like a library, but we charge money for it.

    There aren't any free libraries - even if you're not paying for them in any way, somebody is.

    If Oyster gets a good selection of tech books, keeps them updated, and has a linux viewer, then I'd sign up for $10/mo, sure, especially if I can get some childrens' books too. I own several hundred pounds of 10+-year-old tech books and nobody "can ever take them away from me". Great ... somebody please come take them away from me.

  8. "pretty safe?" on Ask Slashdot: Linux Security, In Light of NSA Crypto-Subverting Attacks? · · Score: 4, Insightful

    Yes, it's "pretty safe". It's not absolutely safe or guaranteed to be safe. But if your other alternative is a hidden-source OS, especially one in US jurisdiction, then OSS is "pretty safe."

  9. Re:Why Analogue? Stranded investment. on Why Steve Albini Still Prefers Analog Tape · · Score: 2

    Good point - you have to work in a much bigger space than the final output. But even at that, 58Khz seems too small; it's been a while since I was doing psychoacoustics, but one of the confounding factors was that certain instruments (cymbals, etc.) have very high harmonics, and those can directly vibrate the ear bones in a way that has a different "sound" than the action directly on the eardrum. It's true that an adult eardrum can't really hear over 20Khz, but that doesn't mean that the ear can't sense over 20Khz. 58Hkz would only get you up to about 29KHz - as I recall there is sensitivity up to about 40KHz. It's subtle but measurable. The ear itself is also non-linear and creates higher harmonics, though that effect should be able to be reproduced with loudspeakers (though that gets into the whole problem of how to reproduce the directional aspects of sound with a given set of speakers, of which some high-frequency tricks can be helpful).

  10. Re:Why Analogue? Stranded investment. on Why Steve Albini Still Prefers Analog Tape · · Score: 1

    I think current generation 192/24 bit digital equipment is more than good enough to replace analog tape though; we passed that point a few years ago.

    I don't have access to this kind of gear these days, but I can tell you that it shouldn't be surprising. Back, gosh, almost 25 years ago in school, I was doing some audio stuff, both from the CS and the music sides of the house, and it was pretty clear from what we knew about both the anatomy of human ears and the physics of musical instruments that CD and 48K (96K was just starting to show up) was a start limiter and that we'd wind up at 192/24 some day.

    IIRC, 192/24 is slightly above the requirements, but it was the next-highest increment that was reasonable to implement.

    I'm sure your ears are right - just adding that your experience matches prediction based on physical properties. The thing that surprises me the most is that the same audio format is still considered premium 25 years later.

  11. Re:No Analog is not better... on Why Steve Albini Still Prefers Analog Tape · · Score: 1

    And 5 GB per song is nothing for master files. Hell, that's a few minutes of video. You think you have problems.

    Hrm; when we have the bandwidth for 5GB songs, sending all the channels and the mix data separately would actually be really helpful for optimizing the playback to the environment. 'One mix to rule them all' is always going to be a compromise.

  12. Re:What of our trust in SeLinux? on John Gilmore Analyzes NSA Obstruction of Crypto In IPSEC · · Score: 1

    At this point, Redhat pretty much needs to fork SELinux, call it Enterprise Linux Security, or some such (permission granted) and let the NSA go their own way. I think we trust Dan more than we trust the NSA guys on the list. If they want to quit the NSA then maybe we'd trust their commits again, after Dan reviews them.

    Actually, I'd trust a guy who does *not* have clearance more than somebody who does at this point.

  13. Re:NSA has been obstructing security... on John Gilmore Analyzes NSA Obstruction of Crypto In IPSEC · · Score: 1

    AES is not secure because of NSA (Rijndael supports up to 2048 bit keys but in AES it is limited to 256 bit)

    eh? Rijndael supports block and key sizes of any multiple of 32 bits between 128 and 256. AES selected three cycle counts for standardization (10,12,14) to meet the arbitrary military concept of three levels of security.

    There's even some cryptanalytical evidence that the extra rounds weaken the security and the 128-bit 10-round variant might be the best option at this point.

    Back in '98 was the first time I went to a conference panel on elliptic curve crypto, and even then there was concern about which group to use. The current problem seems to be that everybody has settled on groups that the NSA helped to select because they thought that the NSA had some insights into which would be the best groups to use.

    <cartman>goddammit</cartman>

  14. Re:Can't security be implemented in an application on John Gilmore Analyzes NSA Obstruction of Crypto In IPSEC · · Score: 2

    Yep, there is an XMPP spec for using PGP with it. It works quite well if the client does it right too. A friend and I used it very frequently.

    You might prefer to use OTR instead. OTR offers perfect forward secrecy, and it's constantly re-keying. It's also widely available.

  15. Re:I don't feel insane anymore on John Gilmore Analyzes NSA Obstruction of Crypto In IPSEC · · Score: 1

    It's a little paranoid, I have to admit, but when that slight paranoia

    You know what's paranoid? When you build a roof, first you put down sheathing, then you put down water shield, then you put down tar paper, then you put down shingles. I mean, any of those, working properly, will keep the water from coming through, so why go to all the extra effort to use all of them?

    Oh, right, because nothing ever works right and getting a leak into the house is worse than putting on those extra layers.

    In construction, recognizing Murphy's Law is just called 'good practices'. In IT, for some reason, people think they're due magic bullets.

  16. Once they're done cracking my TLS packet? on Time For X-No-Wiretap HTTP Header? · · Score: 1

    If you're concerned about privacy and NSA can see your HTTP headers, then you're holding it wrong.

  17. Re:Pointless posturing on New Jersey Congressman Seeks To Bar NSA Backdoors In Encryption · · Score: 1

    Contempt of Congress is enforcable by the House Seargent-at-Arms. The House could arrest James Clapper, bring him to the House, try him, and imprison him for lying before Congress. That is entirely within their powers.

    They turned the Congressional Prison into conference rooms about 50 years ago. Subsequent to Congress turning in their balls, apparently.

  18. Re:What is Bruce Schneier's game? on Schneier: The US Government Has Betrayed the Internet, We Need To Take It Back · · Score: 1

    If there is one guy that you can trust not to knuckle under to the NSA, it is Phil Zimmermann.

    I think this is right, but does PZ have complete control of Silent Circle? Does he audit every line of code? Is there nobody at SS who would comply with a lead-pipe backed order?

    The one advantage LavaBit had is that it was a one-man show. Anybody who has investor money will most likely not scuttle the ship. Yeah, SS scuttled a product that wasn't their core offering or even very popular.

  19. Re:Why another? on Epic: A Privacy-Focused Web Browser · · Score: 1

    So what am I missing that makes Epic Browser worth a Slashdot post?

    EPIC is well-known in the electronic privacy realm and their actions are frequently a Slashdot topic.

    Wait, this is the Electronic Privacy and Information Chromium, right? Because market-confusion among names would be pretty confusing.

  20. Re:Chrome? on Epic: A Privacy-Focused Web Browser · · Score: 2

    and every line of every library it uses?

    This is pretty important. Use the Fedora build of Chromium if you care about this. Tom "spot" Callaway has been fighting this battle for years - rebuilding Chromium with dependencies on system libraries, rather than private, stashed, local copies of libraries as it's wont to do.

    Since we now know that the spooks pressure companies to put back doors into their products, if that happened with Chrome/Chromium, the smart place to do that would be, not in the main product code, which is the place most people will audit, but in the local modifications to libraries that are bundled, which might well be skipped by an audit.

  21. Re:This Was News Yesterday on Man Killed By His Own Radio-Controlled Helicopter In Brooklyn · · Score: 1

    Do you really refresh Slashdot all day for the latest news, AC? That's not really what it's for. Maybe you live in NYC, but it wasn't on the news aggregators I looked at last night.

    Oh, and, topically: BAN ALL THE THINGS!

  22. Re:I call bullshit on NSA Foils Much Internet Encryption · · Score: 1

    You also don't know if somebody has developed a practical quantum computer - it is already known that one would allow certain encryption systems to be trivially broken.

    If the NSA had a magic encryption breaker, it wouldn't need to bother strong-arming companies into crippling their products for them. The NSA are like roaches - they only come out into the light when desperate.

  23. Re:Absurd premise on GameFly Scores In Longstanding DVD Mailing Complaint · · Score: 1

    I've had my share of cracked Netflix DVD's. Not snapped in half, just internal cracks. Don't know how it happens (thermal stress, maybe?) but it does.

  24. Re:Short memories on Jonathon Fletcher: The Forgotten Father of the Search Engine · · Score: 2

    I just wish it did not strip things inside of quoted strings

    Back when it was at google.stanford.edu, the tokenizer simply threw out certain symbols and stop words. So, you could never search on those, which was immediately frustrating on the 'linux search'! If they've changed things, then they're actually indexing all that stuff now and deliberately throwing parts of your search query out just to return worse results. I guess that's possible, but it seems more likely that they're modifying your string for you to show you what they do have that matches as much of your query as possible.

    It would be useful if they'd start indexing strings including symbols - heck in a Unicode world it seems harder not to; why have an ASCII-hostile tokenizer?

  25. Re:And this was before safety on Ken Wallis Autogyro Pioneer Dies At 97 · · Score: 3, Funny

    No helmet, no goggles - just undiluted awesome. He's like a character out of a Miyazaki film.