Slashdot Mirror


User: Rich0

Rich0's activity in the archive.

Stories
0
Comments
11,574
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,574

  1. Re:They should be thankful on Soviet Shuttle Buran Found In a Junk Heap · · Score: 1

    I don't think you need to throttle engines due to capacity/etc. As long as you can control the burn duration and start/stop the engines (or have an extra stage) to circularize the orbit you shouldn't need throttle control as long as G-forces aren't a factor.

    Throttle control is needed to minimize G-forces. As fuel is depleted the rocket gets lighter, which means that a given amount of force gives greater and greater acceleration. For a manned ship that is a big problem, both for the crew and all the fragile stuff needed to support them. For an unmanned ship you can better support everything and let it tolerate the force (they can put GPS guidance and proximity fuses on artillery shells, after all).

    Conventional rockets are used to put all kinds of payloads into all kinds of orbits all the time. Throttle isn't a big issue.

  2. Re:Seeding problem on Wikimedia Trying P2P Video Distribution · · Score: 1

    They really need to build P2P into the HTTP protocol. It is the best of both worlds. When nobody is accessing a site, then a single webserver can easily cope with the load, and it serves the purpose of being the "seeder" of last resort, and also providing hashes/etc to authenticate the content. When a lot of people are hitting a site the webserver just becomes one seed of many and the swarm takes over.

    Amazon S3 has an offering like this, but it is either http or torrent, not a seamless switch from one to the other based on load, since http doesn't support this. So, if you put something up on S3 and a million people download it via http, you pay for a ton of bandwidth when they could have used a torrent swarm.

    It would be really nice that if a server gets slashdotted or whatever it just switches to super-seeder mode and does nothing but publish torrents/etc. The trick is keeping the whole thing low-latency for the typical case of going to the google home page - it can't take 60 seconds anytime you click on a link for the browser to figure out how to download it.

  3. Re:Hehe, what goes around comes around on Malware Running On Graphics Cards · · Score: 2, Interesting

    I agree that somehow the code has to get into the GPU, which means a bootstrap of some kind from the main CPU. I'm not sure it has to remain in the main memory for any period of time, however, as long as the graphics card has DMA access back into main memory.

    I'm not sure how memory protection works on the most modern systems, but at least in the past DMA had wide-open access to everything. So, if the graphics card needed to get back into the CPU for a short time, it could just modify the interrupt descriptor table, trigger an IRQ, and so on. Or, it could patch any code in RAM to run, and then replace it back when it was done. Then again, I'm not sure if it is strictly necessary to ever get back into RAM - perhaps the virus could just directly talk to the NIC/HD/etc and get whatever it needs done. Who needs the main CPU?

    Again, I'm not familiar enough with PCI/etc to know if this is practical. But I bet you could exploit a lot of code that is already in the system.

  4. Re:Actually, this is a good idea... on Selling Incandescent Light Bulbs As Heating Devices · · Score: 1

    Ok, longer-lasting I'll buy. More efficient - how do you define that?

    A 50W bulb consumes 50W of grid power, and generates 50W of energy that is ultimately radiated as EM energy. Unless you have an open window that allows visible light to escape, 100% of that energy is available to heat the area.

    A heat pump can do better than black-body efficiency as it works under a different principle. However, all resistance heaters produce the same amount of heating as they consume in energy, whether they use infrared or visible or cosmic rays (assuming you have enough shielding to capture it all).

    So, then the only question is whether that ceramic heater saves more in operational costs (bulb replacement) than it costs in purchase cost. That is probably very-much up for debate, especially if you already have a fixture in place and just want to plug a bulb into it.

    Personally I'm not a fan of bulb technology mandates. If electricity is damaging the environment then tax coal or whatever and use that to remediate the problem. Make all electricity use environmentally neutral. Maybe that triples the cost of electricity, and that is fine. Now, if people want to waste money generating IR when they want visible light, more power to them - they're not harming anything but their pocketbooks.

  5. Re:stop doing post paid then on Verizon Confirms Plan To Switch Away From Unlimited Data Plans · · Score: 1

    Ok, so 1200 minutes per month on four phones with a data plan on one is going to cost me $120 for airtime, and $23 for data. That is more than a monthly plan with most providers with comparable minutes and they provide phone subsidies (for four phones that is a lot of cash).

    Prepaid plans almost never are better. Maybe if you only need one phone they might be close, or marginally better. If you have a family then it just doesn't make sense.

    Otherwise, I'd be more than happy to prepay. I have no problem with buying an unsubsidized phone - in fact I'll probably do that with T-mobile when I'm off-contract. In fact, I'd prefer that phone companies be forced to separate phone subsidies from monthly service and decouple them. (No paying for subsidies if you don't get a subsidized phone, and if the company pulls tricks like offering a $1 phone subsidy and sticking the rest in the bill then anybody can just buy 1000 $1 phones and sell them on ebay without having to get a plan.)

  6. Re:Come on... on Verizon Confirms Plan To Switch Away From Unlimited Data Plans · · Score: 1

    How on earth would you remove spectrum regulation but prevent interference?

    Suppose I open a telco and offer unlimited 5G service at 1GB/sec to anybody who pays me $30/month. I could VERY efficiently use almost any amount of spectrum. If my sole intent wasn't to jam your local TV stations, then it isn't offensive interference - it would just be a byproduct of my using every band from 0-25GHz.

    Sure, we could require every device that uses a radio to operate in a spread-spectrum mode, but you'd quickly find the spectrum overloaded even so. If supply is unlimited then cost is nominal and demand is infinite.

    Now, I'd be the first to argue that perhaps spectrum allocation could be smarter, but I don't think you can have complete disorder. At the very least you'd have to have some kind of auction system so that there is some mechanism for determining where the need is greatest other than who has the most powerful transmitters.

  7. Re:Come on... on Verizon Confirms Plan To Switch Away From Unlimited Data Plans · · Score: 1

    Well, I'm actually a believer in free-market capitalism, with regulation to control monopolies and externalities.

    This would fall under the former - anytime you have a network effect you end up with a natural monopoly.

    Libertarians shouldn't have problems with regulating telecoms - at least not at this level.

    There are other approaches you could also take that are more hands-off with regard to pricing but which would help to limit the network effect. You could forbid phone network operators from owning cell towers, and cell tower owners would have to set a single price and sell service to any phone operator at that price, with a list of required technologies that must be supported at every tower. You could also forbid phone operators from charging different rates in-network and out-of-network (including free vs airtime). Now all cell providers are on equal footing with regard to core costs. Tower ownership would also have to be controlled to some extent to avoid consolidated ownership.

    Honestly, I suspect the phone companies would prefer more regulation than losing their strange-hold on monopoly.

  8. Re:Come on... on Verizon Confirms Plan To Switch Away From Unlimited Data Plans · · Score: 4, Insightful

    I don't have a problem with Time of Use - it makes sense since it allows the consumer to structure their demand in a way that helps the actual infrastructure and save money while doing it (or pay more). It actually reflects the REAL cost of providing the service.

    Likewise, I have no problems with peak vs off-peak pricing on trains or whatever. The system has to be built to handle peak loads, and so usage that increases peak usage should be more expensive than off-peak usage.

    So, if the cell plan charges more between 9AM and 5PM M-F or whatever, I'm fine with that. It is only fair.

    What I don't like is pricing schemes where light users have to pay big prices, or medium users have to pay for heavy use or risk getting socked with massive fees, etc.

    I once got stuck with a text message bill from my kids use of their phones that would have paid for unlimited texting for a year. The issue was confusion on their part over what was in-network vs out-of-network. The problem was that it is often impossible to spot these kinds of problems before getting stuck with a bill, and if it is possible it usually involves paying even more money (paying money NOT to get a service you don't want - sounds like of like a "service" sold by the mafia), or watching my account daily online or something.

    Or how about getting charged when other people send you text messages? If you have teenagers you are almost compelled to buy a texting plan if you don't want to pay a fortune for texts sent by somebody else...

    Bottom line is the whole system is one big scam. The occasional reform is really just instituting something that should have been there in the first place. We don't need minor reforms - we need an overhaul...

  9. Re:Come on... on Verizon Confirms Plan To Switch Away From Unlimited Data Plans · · Score: 5, Insightful

    What's wrong with something simple like bill=roundup(GBUsedInMonth)*$5 or something like that?

    The thing I don't like about cell plans is that they're designed to make you pay for average use based entirely on peak use, by putting absolutely hideous fees on going even the slightest bit over what you paid for.

    Imagine if your electricity bill was $100/month for 0-1000kWh, plus $5/kWh over. The next plan would be $200 for 0-2000kWh. If you own an air conditioner you'll be paying $200/month in the winter if you don't want a $5000 bill for three months in the summer.

    There simply isn't enough competition in cell phone providers, so more regulation is necessary to make things fair for consumers. There should be a monthly billing fee to cover the fixed costs, and then everything else should be pay-as-you-use, with customer-specified maximums (no surprise $5k bills).

    There is NO other industry that is as customer-unfriendly as the cell phone industry. You get better customer service at the local loan shark.

  10. Re:Flash drives, tarballs, &c. on Are Desktop Firewalls Overkill? · · Score: 1

    I think it depends on the environment. In any case, my point was only that this doesn't need to be embedded in every cable, which was the assertion that was made.

  11. Re:Flash drives, tarballs, &c. on Are Desktop Firewalls Overkill? · · Score: 1

    Sure, but for every switch there are probably 8 computers. The average IT shop has a lot less diversity in switches than in PCs. If somebody plugs a non-standard PC or device onto the network you get automatic protection without any need to touch the local PC.

    Clearly it is cleaner than touching all the PCs, unless you already have to touch all of them and just use cheap switches.

  12. Re:Flash drives, tarballs, &c. on Are Desktop Firewalls Overkill? · · Score: 1

    No, but you could put one in every switch. I suspect that this is the kind of solution being advocated. If every packet is virus-scanned/filtered/etc by the switch, then the risk of an outbreak is much lower.

    The problem comes with wireless users who roam - I think that PC-based solutions make sense there.

  13. Re:Guns and chains... on Hunters Shot Down Google Fiber · · Score: 1

    Unfortunately these kinds of power lines are very sensitive to damage, very expensive to replace, and very difficult to protect. Our society is very dependent on them, and vandals like this are a huge expense to deal with.

    Just Google for copper thieves.

    These kinds of offenses need to be treated seriously so that there is deterrence. Society can't function when anybody can throw a 50 cent brick into a substation, causing a large area blackout and $2M in direct damages.

  14. Re:lolomg rly? on Texting On the Rise In the US · · Score: 1

    I do have to agree with some of this sentiment. There has always been a tendency to look at how kids communicate and assume that this is how the next generation will conduct business. I'm not sold on this - kids and adults have very different needs.

    Kids have always had the need to reinforce social networks. In the 80s that meant spending hours on the phone. In 2010 it means spending hours on facebook. Neither will end up reflecting how business will operate.

    Technology does change things - email has replaced the interoffice memo, and so on. However, that isn't really changing fundamentally how the work gets done - just how efficiently it gets done.

    Maybe if you look at how kids GET THINGS DONE today that might be more useful. When my daughter who loves to spend all day on skype and facebook needs to work on a group project, she is usually off to a friend's house to spend time working on it - aka having a meeting. When I look at her wall on facebook I don't see chats about homework assignments, I see gossip.

    No doubt the office of the future will be different. However, just because prefer goofing off to doing work doesn't mean that the office of the future will be optimized for the former...

  15. Re:Before jumping to conclusions.... on Helicopter Crashes While Filming Autonomous Audi · · Score: 2, Interesting

    I'm not big on the whole "pilot error" thing. Too often it just amounts to blaming somebody for the inevitable.

    Take 200 of the best truck drivers on the planet. Keep them awake for 48 hours straight. Then set them behind the wheels of big trucks at 2AM and tell them to cover a distance of 800 miles at an average speed of 50MPH or greater.

    I can pretty-much guarantee that there will be an accident. Will it be the result of human error - well, sure. However, humans are just another kind of machine. If you took 200 trucks and drove them for 5 years without inspecting their brakes you'd have accidents too - for basically the same kind of reason.

    In this case a helicopter at 14k feet is likely at the edge of its performance envelope. That means that any mistake can get out of hand very quickly. Aircraft aren't safe because pilots don't make mistakes - they're safe because they are engineered and operated in a manner that allows recovery if there is a mistake (while preventing the kinds of mistakes that would be unrecoverable). If you operate an aircraft in a way that is at the boundaries of its operational limits, then sooner or later there will be a crash. Sure, most of the time there won't be one, so it is easy to blame the pilot when the inevitable happens.

  16. Re:the final solution on Facing Oblivion, Island Nation Makes Big Sacrifice · · Score: 1

    There was a really good Frontline (or maybe it was Nova) episode on demographics in Japan. It is REALLY interesting stuff.

    It actually turns out that in the US we'd be paying people to have babies if it weren't for our high (legal) immigration rates.

    Japan has virtually zero immigration, which means that unlike the US and Europe its population is in rapid decline. If you visit Japan and leave the major cities you can go days without seeing somebody who is not ethnically Japanese. Even in Tokyo they are fairly few in number (relative to the population).

  17. Re:Accordians:hunting::the french:war on Facing Oblivion, Island Nation Makes Big Sacrifice · · Score: 1

    Yes, look up the wikipedia articles on those airports.

    The one looks like it has service to Honolulu, and just about nowhere else. The other has service to a whole bunch of places I haven't heard of but which are apparently international.

    No doubt you can get there by plane, but the convenience level isn't going to be high.

    In any case, one would have to be a VERY dedicated eco-tourist to visit someplace like this. It would be like going to the jungles in Brazil to go spelunking. Chances are that won't attract the same crowd as the typical US cave which has a billboard up on the local interstate.

    As the parent suggested - if people want to surf and look at fish they already have Hawaii, which they'd probably have to fly through anyway to get there. Hawaii is already considered a fairly extravagant vacation in the US anyway, since even California is a pretty long flight away.

    Most tourists want to go someplace to have fun and relax. Sure, if they could also do a day-trip from their resort to a natural reef I'm sure many would find that interesting. However, I doubt more than a few are going to travel to someplace like this for vacation.

  18. Re:Wow on Stuxnet Worm Infected Industrial Control Systems · · Score: 1

    Risk from an unsecured (and thus sniffable) badge reader line is much higher.

    I'll have to beg indulgence since I'm not familiar with the design of commonly used RFID badges.

    Are you saying that the connection between the badge and the radio is encrypted and protected against replay attacks, but the connection between the reader and the central server is not? It seems odd that one would build encryption logic into the reader, and then not use it to communicate over the wire.

    Indeed, the most secure design would seem to be to not give the reader the ability to decrypt the credentials at all, but rather to just relay them over the line.

    However, I suspect that in reality that the badge communication is not encrypted at all. It would be far easier to just have the badge transmit the same serial number any time it is interrogated, which of course makes it trivial to clone. If so, that would be a far more likely attack vector than tapping cables. I've had my RFID badge from work for a decade now, and back then I doubt that the technology for a secure in-badge challenge/ response system was cheap.

    Perhaps I'm wrong though.

    As far as changing locks go - I have no doubt that your security department is diligent about tracking keys and changing locks. However, you pointed out that keys were cheaper, and my point was that keys were cheaper until you have to change locks. Now, one change of locks probably is still cheaper than setting up a badge reader (without security conduit). However, I imagine by the second time you're visiting that lock the reader would look a lot more attractive. You also are probably making the assumption that the "do not duplicate" notice on the keys means something.

  19. Re:Wow on Stuxnet Worm Infected Industrial Control Systems · · Score: 1

    Keys aren't necessarily easier to use - if only one person needs to regularly use them they can be easier.

    They aren't always cheaper either - if that key gets lost you're now paying to have the lock picked.

    In any case, I'm a big fan of the RIGHT level of security for each situation. That can be a lot, or a little, depending on the circumstances.

  20. Re:Wow on Stuxnet Worm Infected Industrial Control Systems · · Score: 1

    Ah, yes - the ultimate reason for perverse levels of risk aversion is perverse levels of accountability for taking reasonable risks and getting it wrong.

    I can't blame people for having this attitude when those managing them punish risk-taking.

    However, this kind of attitude can really kill a company. Sometimes you just have to take risks. Unfortunately, the attitude has to start at the top...

  21. Re:Not common carrier on T-Mobile Facing Lawsuit Over Text Message Censorship · · Score: 3, Interesting

    That's wonderful news to me.

    That means that when my girlfriend calls me on my mobile phone to break up with me, I can sue the mobile phone company for emotional distress! After all, they didn't have to deliver the call and they didn't check to see that the girl was emotionally stable before whitelisting her phone number.

    The state of law for phone companies is that they just provide service, they aren't responsible for what goes over their lines as long as the bill is paid on time and they comply with court orders. Bridge operators aren't liable if somebody drives guns over the bridge contrary to state law, and phone companies aren't liable if somebody phones in a bomb threat.

    However, once a carrier starts picking and choosing who they let use their service, they are no longer a common carrier. FedEx isn't liable when a misc package blows up. Sears is liable if a Sears truck delivers a package that blows up - since Sears doesn't deliver for the public.

  22. Re:Wow on Stuxnet Worm Infected Industrial Control Systems · · Score: 1

    I'm not sure that windows is itself the problem. This was a targeted attack - if they could zero-day windows then no-doubt they could zero-day some other OS/browser/etc, or maybe smuggle code in via some other attack vector (somebody gets a job as a janitor and plugs something into a LAN or USB port).

    Sure, having your general office network on the same LAN as your PLCs is definitely a way to be exposed.

    I think the bigger problem is that in general industry-specific software tends to not be written with security as a consideration at all. Even if they had changed the passwords, what are the chances that it doesn't go plaintext over the LAN? I know of lots of client-server software where the server is just a database, and therefore the database credentials are stored on the local hard drive (obfuscated). The application prompts for a password and checks it against some table in the database, but anybody who knew what they were doing could just retrieve the database password from the hard disk and bypass the software entirely.

    Most expensive industry-specific software is almost completely insecure. Oh, they have tons of certifications, and test scripts showing compliance with various standards/regulations/etc. They spend LOTS of money on security but mostly that amounts to paperwork that documents that the systems are secure. The problem is that while they'll spend $10k to have people run test scripts to try to type bad passwords, they don't spend a dime on looking for buffer overflows or other backdoor methods to break the security. The assumption is always that hackers don't do anything but click on buttons in the GUI, or type human-readable text into prompts.

    The only thing protecting most companies from major catastrophe is that most hackers can't be bothered to get their hands on this kind of software and understand where and how it is used.

    I can't wait until the Russian Mafia figures out what SAP is. Then again, they'd probably bankrupt themselves just trying to get a working installation like all the rest of us...

  23. Re:Wow on Stuxnet Worm Infected Industrial Control Systems · · Score: 2, Interesting

    Now, is the door more secure or less secure than it would have been if you had run a card lock without the special conduit?

    Regular wire for the card lock would have been more vulnerable to sniffing or replay attacks, but that is a vulnerability the RFID cards probably have as well. On the other hand, an old fashioned key lock is vulnerable to extra keys floating around that aren't tied to a specific person so they can't be disabled as people change jobs/etc.

    I've seen this problem at work - anybody can point out a problem, and when something goes wrong claim "see, I told you so." The problem with this logic is that if EVERY problem like this were completely risk-mitigated we couldn't do anything without spending a million dollars. That usually means that we end up using archaic processes (since this logic seems to only be employed when changes are made - you can keep running an old insecure or problematic process for as long as you want without complaint), and usually that means even more problems and certainly less efficiency.

    Security in most corporate settings will always be a compromise. Sure, we have to do due diligence. Yes, we ought to secure things as best we can when it is practical to do so. Yes, sometimes we need to spend more and REALLY secure things. However, if you want to turn your factory into a hardened military facility be prepared to spend money more on the lines of the US defense budget. Indeed, I doubt that most munitions facilities incorporate all the security features the latest security consultant to come by would advocate.

  24. Re:Why on Meet the Virginia-Built 110MPG X-Prize Car · · Score: 1

    How about "all the comforts of a standard 4-passenger vehicle" as promised in the summary?

    I guess they didn't mention the age or species of the 4 passengers... Mice would find it quite roomy.

  25. Re:Impossible? on Left-Handed Gamers Getting Left Behind? · · Score: 2, Insightful

    Well, if it is anything like baseball it can catch the opponent off-guard. I imagine that most tennis players don't practice as much returning left-handed serves/etc. In baseball the right-fielder usually is stronger than the left-fielder, so a left-handed batter can hit the ball towards a less proficient opponent. Switch hitters are particularly prized since they make it even more difficult for the defense to react. Left-handed pitchers have similar advantages.

    Basically, your opponent has spent thousands of hours practicing one particular scenario. If you can force them to react to a scenario that perhaps they've only spent hundreds of hours reacting to, that can give you an advantage - in any sport.