Slashdot Mirror


User: Rich0

Rich0's activity in the archive.

Stories
0
Comments
11,574
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,574

  1. Re:Stupid article overall on The Worst Products of CES 2010 · · Score: 1

    Hate to reply twice, but I noticed they also picked on the "unbreakable" phone - because it could be broken.

    Did anybody really think that if you dropped the thing into the sun it would remain intact?

    It looked like a fairly functional device that could be useful in a number of very practical jobs. It would be far more survivable on a construction site than a regular phone, even if you couldn't whack it with a wedge and a 10 pound sledge.

    I do agree that a few items were dubious, but technology doesn't need to be fashionable to be practical for many customers.

  2. Re:Stupid article overall on The Worst Products of CES 2010 · · Score: 1

    Heard somewhere that the e-cigarette is probably intended to be drug paraphernalia, but obviously they can't market it as such.

  3. Re:Free trade of ideas, anyone? on Google Hacked, May Pull Out of China · · Score: 3, Insightful

    But "totalitarian" means that the government tries to run everything.

    I don't think that is really the definition of totalitarian.

    From WP:
    Totalitarianism (or totalitarian rule) is a political system where the state, usually under the control of a single political organization, faction, or class domination, recognizes no limits to its authority and strives to regulate every aspect of public and private life wherever feasible.

    That is in line with most definitions I've seen for the term. It doesn't mean that the government does run everything, but only that the government has the power to run anything that it cares to.

    In China there are no effective constraints on government power, except to the degree that they're limited by the laws of physics and resources (the rulers of China aren't actually gods). If the ruling class feels that a particular policy is beneficial to them, they have the power to enforce it. It is a crime to merely criticize the Chinese government, even if enforcement of this is imperfect.

    The Chinese government realizes the economic benefits of a market economy, and so they ALLOW the market to function with a fair amount of freedom. However, this is an arrangement of convenience and when the rulers feel the need they can step in and do whatever needs to be done - with no due process of law.

    This is in contrast to most democratic nations. If you live in France and the government doesn't like what you are saying, they pretty-much just have to live with it. If they think that you've committed a crime they have to follow due process and charge you in a reasonable time frame and give you a trial. In most democratic nations you are tried by a jury of your peers.

    There are certainly exceptions - such as the recent anti-terrorism actions by the US Government. The fact that many people consider these actions outrageous and protest them is telling. In China such actions would be routine, and they do not suffer public criticism. Hopefully the US will move away from these kinds of policies, and I think that most politicians realize that they have overstepped their bounds. This sort of behavior is a step in the direction of totalitarianism.

    I'd argue that China is as totalitarian a state as any has ever been. There can never be perfect totalitarianism as long as people's thoughts are secret. That doesn't change the fact that at a practical level many nations do have this style of government.

  4. Re:Free trade of ideas, anyone? on Google Hacked, May Pull Out of China · · Score: 1

    I agree that in common usage people usually don't mean Russia when they say Eastern Europe.

    However. the continent of Europe extends to the Ural mountains, and that includes Russia. Russia is technically a European nation.

  5. Re:Too soon. on Spider-Man 4 Scrapped, Franchise Reboot Planned · · Score: 1

    Don't forget - every character needs a car too!

  6. Re:My brain/eyes are incompatible with 3D TV/movie on Hot Or Not — 3D TV · · Score: 1

    I can certainly understand the constraint in print. However, I couldn't imagine having to stare at a computer monitor for hours tracing electron density or whatever with either parallel or cross-eyed vision!

  7. Re:meh. on Hot Or Not — 3D TV · · Score: 1

    Ah, my favorite line from the MuppetVision 3D show:

    Fozzie Bear: Did you say "cheap 3D tricks"?

  8. Re:Active glasses? on Hot Or Not — 3D TV · · Score: 1

    Yup - these are just different optimizations of the solution.

    The movie theater uses a technique that results in a super-expensive projector, and dirt-cheap glasses.

    The TV design uses a technique that results in a slightly more expensive TV, and moderately expensive glasses.

    If the number of viewers is small it is cheaper to put the technology in the glasses. If you have 100 people in the room and stepping on the glasses between shows and you need to have 1000 spare glasses to clean them, then a $10k projector makes more sense than $100 glasses.

  9. Re:Active glasses? on Hot Or Not — 3D TV · · Score: 1

    I don't know much about the technology, but does the alternating eye thing have a distorted picture on the TV?

    Yes - just like the polarized images. The solution is the same either way - wear the glasses even though you have only one eye. Then that one eye will get only one consistent image and will be fine.

    You could probably have a 2D mode on the screen as well - it isn't like the screen HAS to show both images.

  10. Re:My brain/eyes are incompatible with 3D TV/movie on Hot Or Not — 3D TV · · Score: 1

    Actually, some of the 3D technologies coming out are very similar to what you likely use for 3D rendering of proteins/etc. The typical technology there is to have LCDs that alternate opaque/clear in sync with the monitor refresh so that each eye gets a separate image.

    The 3D used in most movie projectors essentially does the same thing. You have two circularly-polarized lenses in opposite directions on your glasses, and a fancy filter on the projector lens that can alternate its polarization at a high frequency. So they're just using polarization instead of liquid crystals to separate the images. The LCDs are probably a bit cleaner as the screen will not preserve the polarization perfectly (and the filters aren't perfect either), but the LCDs probably go completely opaque.

  11. Re:My brain/eyes are incompatible with 3D TV/movie on Hot Or Not — 3D TV · · Score: 1

    Yup. Avatar was actually one of the best 3D movies in this regard.

    However, there were a lot of scenes with stuff like boxes sticking out into the foreground. Their contrast in distance alone made them stand out, and as an added bonus they had out-of-focus writing on them.

    If I stared at the center of the screen and the main subjects, it tended to be fine.

    I almost wonder if a pinhole camera perspective wouldn't help with this. I find it ironic that just about the time that 3D video games are finally getting away from pinhole cameras that movies might have a little more need for them. The only problem there is that now you want to look at everything and it will probably look a bit strange.

    What we need is an actual 3D image dataset (ie the projector actually has a cube of x,y,z,r,g,b values) and glasses that track eye movement and instantly update projections accordingly. Either that or some way of actually projecting in 3D. Granted, right now I'm not sure that even serious hardware could render two 2D perspectives with fast update times in line with eye movements of a big 3D scene.

  12. Re:Would you like to be awake for this procedure? on Surgeon Makes Tutorial DVD For Conscious Open-Heart Surgery · · Score: 2, Interesting

    Yup, my friend had a stent placed in a carotid artery while awake for precisely this reason. They apparently like to assess your mental state while it is going on to detect strokes immediately.

    They do tend to dope you up quite a bit though, mainly to avoid anxiety and they don't want you squirming while they put a 2mm piece of tubing in a largely-clogged artery servicing your brain via a catheter that extends from your leg to your neck...

  13. Re:I'm Confused on USA Has More Open Wi-Fi Hotspots Than EU · · Score: 1

    Free the APs, secure the machines and processes

    Why not do both? I think the problem is a pervasive attitude among computer security professionals of all or nothing.

    Which is worse - submitting form data over http, or over https with a self-signed certificate? I'd argue the former is worse, although some elements of risk are the same between them. If we just had three modes - unsecure, encrypted, and encrypted+ authenticated then we'd be much better off.

    Ditto for WPA. There is NO reason why something like WPA2 needs to have a shared secret. Just use D-H to secure the session. By all means ALLOW for authentication, but there is no reason to prevent encryption when you don't have authentication.

    Sure, there are MITM attacks if you have no authentication, but that's OK - it is no worse than if you have no encryption at all, and you greatly reduce the number of possible attack vendors and increase the detectability of an attacker. Which is higher-risk for an attacker - sitting a mile away with a passive parabolic antenna sniffing traffic, or actively performing a MITM (which can be detected and even triangulated with the appropriate gear)?

    There is no reason we can't have security at multiple layers of the process. Why should weatherbug or whatever need to implement SSL just because I don't want anybody with a sniffer to know what my future travel plans are based on my queries?

    If you absolutely MUST have only two levels of protection (padlock and no padlock in the browser lingo), then define no-padlock as encrypted but unauthenticated, padlock as authenticated, and then either share the no-padlock for unencrypted traffic or just block it altogether. There is almost no reason why IP packets shouldn't be encrypted.

  14. Re:Meanwhile in Canada... on Factorization of a 768-Bit RSA Modulus · · Score: 1

    True - wasn't thinking of this offhand. I wouldn't really classify this as an algorithmic key-exchange technique since it depends on physics more than math.

    It also has some significant limitations - being able to get photons from one point to the other without any routing (or you have to trust the routers). It isn't easy to send single photons over any kind of distance. It isn't impossible, but it isn't like it can be used to get a key from one arbitrary location to another one 100 miles away. Just getting it to an arbitrary location 10 miles away would probably be a big challenge. Fiber optics work over moderate distances, but that doesn't get you to arbitrary locations.

    I think that in practice one-time-pads used to secure session keys would actually be more practical. You just generate a tape with 1TB of random data on it and fly it to your remote office, and now you can change 128-bit keys every 10 mins for a VERY long time. With only moderate conservation of session keys two friends could exchange 1GB flash drives and be set for life. If this sort of thing were standardized in software your bank could give you a flash drive when you get an account and you'd have a secure channel for a long time as well.

    Actually, this sort of system could be far more secure than SSL/RSA (no need to trust a CA when the bank hands you the key at the same time you hand them your cash). The only trick is keeping people from copying your key data without your notice.

  15. Re:Meanwhile in Canada... on Factorization of a 768-Bit RSA Modulus · · Score: 1

    The problem is that this is an oversimplification. See the WP entry on Diffie-Hellman.

    The values sent between Alice and Bob are inter-related via the discrete log problem - so if you can (relatively) quickly calculate discrete logs you can obtain the session key.

    This particular article is about factoring and not discrete logs. A magic way to quickly factor numbers wouldn't necessarily break D-H. However, this article wasn't about a magic way of breaking RSA, but brute-force factorization. If you can brute-force 1kbit of RSA, you can brute-force the equivalent strength in D-H or DSA. The bitwise strength of the two probably isn't identical, but the principle is the same.

    The real threat is if somebody comes up with some kind of quantum technique to factor or discrete-log big numbers. If that happens all kinds of NP problems get solved in realtime and that messes up everything. The slow growth in brute-force speed is fully anticipated, but there are practical upper-limits on computing power (if every quark in the universe is a logic gate and is compressed into a near-singularity, the system only goes so fast).

  16. Re:Meanwhile in Canada... on Factorization of a 768-Bit RSA Modulus · · Score: 4, Informative

    Yes, but he's likely referring to the strength of the SSL connection to his bank. While authentication is done with public key crypto (probably 1024 or 2048 bit key), the actual data stream is encrypted with some symmetric cyrpto algo such as AES or RC4 at 128 or 256 bits.

    That is only helpful if the person sniffing the SSL connection doesn't capture the initial handshake.

    The problem with symmetric crypto is key exchange. With SSL the client generates a premaster key, encrypts it with the server's public key, and sends it to the server. Then the client and server use this to derive a session key (at least, that is my reading of the relevant docs - I think the specifics depend on the exact cipher used). So, if you can crack the RSA key, then you can obtain the session key, which makes the entire session obtainable.

    To use symmetric crypto you either need a shared secret, or you need to use a key-exchange technique. I believe all the key-exchange techniques are vulnerable to factoring (or P=NP issues in general), although their details vary. If factoring becomes easy we'll never be able to encrypt communications between parties unless they have a secure channel to exchange keys (typically involving plane tickets).

    Disclaimer, I'm not a cryptographer and if somebody has more to add I'm all ears.

  17. Re:Poor Summary on 8% of Your DNA Comes From a Virus · · Score: 1

    Thanks for the info!

    The entire bornavirus genome happens to be about 9 kilobases, about 0.0003% the size of the human genome, and smaller than many individual human genes

    Considering the size of human exons that isn't saying much. Don't some human genes have sizes on the scale of bacterial genomes? I remember reading up on the sequencing of the gene associated with Huntington's Disease back when I was sequencing bacterial genes and was wondering how this was such a big deal until I saw how big the thing actually was.

    The thing that really amazes me are plant genomes. Some of those make humans look like amoebas (actually, as I recall the amoeba has a relatively big genome also for its size).

  18. Re:I wonder how that is compared to the loss from on 2010 Bug Plagues Germany · · Score: 2, Insightful

    You know, companies make the conscious decision to not have permanent staff to oversee contractors. They get what they pay for. That doesn't excuse contractors, but there is this thing called due diligence.

    Also, I'd say there is a 90% chance that the contractor spelled out exactly what they were doing and its implications, and somebody in the company signed off. Maybe they didn't read it all, but it is just as likely that they were given the choice of $600k to do it right, and $500k to do it cheap, and they picked the latter. Saving $100k probably got the decision-makers bigger bonuses, and by now they're all in different jobs or retired anyway.

    The problem is that companies are WAY too short-sighted. As a result stuff like this never shocks me.

  19. Re:Corporate Darwinism on Nexus One Name Irks Philip K. Dick's Estate · · Score: 1

    How Darwinian! In that sense,they are taking the role of parasite

    Excellent analogy. This one in particular comes to mind. There are several parasites which are known to induce behavior designed to get it eaten. Toxoplasma is another one that comes to mind - it tends to make mice try to stand up for their rights against the mean cats.

  20. Re:I Actually Side with Dick's Estate on Nexus One Name Irks Philip K. Dick's Estate · · Score: 1

    Yup. Trademarks based on common words that describe somethings function tend to be weak anyway. Just look at what happened to "windows" - it is almost a worthless trademark.

    Nexus One at least is a lot stronger than that since nobody is throwing around that expression in common use.

    Droid would be far shakier - especially in light of the derivation from android which clearly refers to something else in the same field. If Verizon sued somebody for using the term "droid-based phone" they'd have a weak case since the guy speaking could just say "oh, I mean android, but it was a slip of the tongue."

    Windows turned out to be almost worthless as the exact same term was used for the same purpose by a number of companies/people before the brand came along. It would be like trying to trademark "Nike Shoe" - the Nike would be very strong, and the Shoe would be almost worthless.

    Why do you think that drug companies put out ads for CanHardlyPrononce-istat or whatever? If you just make up a meaningless word and use it consistently in an appropriate manner you have the best trademark there is - one that is almost impossible to copy except in completely unrelated fields.

  21. Re:Poor Summary on 8% of Your DNA Comes From a Virus · · Score: 1

    Not having access to Nature, which of these is true:

    1. Viral insertions make up 8% of our genetic material.
    2. 8% of our genetic material came from A virus. ONE of them.

    #1 doesn't shock me at all based on past whole-genome sequencing efforts - lots of junk DNA is leftovers from some virus that ended up in some ancestor who knows how long ago (or how many species ago even).

    #2 would shock me. That is 320M bp of genomic material from one virus. First, I doubt any virus is even that big, although I could certainly see how a smaller virus might generate a lot of DNA that gets stuck in the genome (maybe 500 copies of itself, repetitive elements, etc). Second, that is on the scale of a chromosome worth of material (although even if it all came from one virus it need not all be in one place now).

    The wording of the article suggests #2, but that could just be poorly-chosen wording. I suspect that they've found that 8% of the DNA came from a class of viruses, but most likely as a result of many different events over time.

    It wouldn't shock me at all to find that an essential gene came from a virus at some point. Viruses and their hosts often have interesting genetic inter-relationships as viruses slice and dice and transfer DNA all the time - often in a haphazard way. A virus might use a host enzyme for one thing, and bring along its own enzyme for something else, or whatever.

  22. Re:Blizzard didn't cooperate on EA Shutting Down Video Game Servers Prematurely · · Score: 1

    If the DLL works by sending the key to some webservice hosted by Blizard, good luck with that. I'm sure after the 1000th consecutive invalid key you'll be blacklisted (or maybe just given bogus authentication output). A real server validating keys would be expected to have at least a decent number of valid keys submitted.

    They can also throttle the rate at which they validate keys - so if their keyspace is large you're not going to be able to brute-force it. They could also authenticate the webservice and require those using it to register with them to keep out the riff-raff.

    These attacks are like getting a credit card merchant account and saying that you can now brute-force credit card numbers to see if you get approved transactions. Good luck finding a single valid number before the FBI shows up.

    They don't necessarily need to publish the algorithm. However, if their algorithm is RSA-based or something like that then if being able to validate keys in any way helps you to generate them then you're going to make a WHOLE lot more money selling that info to the NSA than going into the software piracy business.

  23. Re:RIM's bread and butter on Nexus One vs. Top 10 Phone Security Requirements · · Score: 1

    For corporate-issued phones I have no issues with remote/wiping, security attestation, etc.

    However, in many cases the model is more one of worker-provides-phone and company-allows-access. In that kind of a scenario I'd never use an email program that allowed my employer to have control over my phone. Fortunately, as long as I own the hardware and they don't go TPM, that will never be a problem for me...

  24. Re:Blizzard didn't cooperate on EA Shutting Down Video Game Servers Prematurely · · Score: 3, Insightful

    There is no reason that in order to allow bnet to authenticate keys that Blizzard would need to give them the ability to create keys.

    If bnet just wanted to collect valid keys - they can do that already. After all, they'll have tons of legit clients connecting to them all the time and they could just ask those clients for their keys unless Blizard thought to make the clients authenticate those requests.

    The issue is that Blizard wants to cry "they're allowing piracy" and then when bnet says "ok, show us how not to" their only response amounts to "just shut down." Blizard does not have any legal right to control what 3rd-party servers their customers connect to, and they're using piracy as an excuse to eliminate competition.

  25. Re:Stocks? on How Apple Orchestrates Controlled Leaks, and Why · · Score: 1

    An insider is anybody with material information about a company that isn't public. Sure, the people on those lists are certainly insiders, but they're not ALL insiders.

    If I whisper to a friend that my employer is announcing a new widget next Tuesday, my friend is now an insider. Granted, it is VERY hard to spot this kind of stuff, but that doesn't make it any less illegal.

    The whole concept of a stock market is that everybody has access to the same information. When one group of people has access to information that others do not, it undermines the entire institution, as nobody wants to trust somebody selling them stock, or offering to buy it. Are they doing it because they know something that you don't?

    I wonder if this sort of thing could be fixed by making stock prices less granular. Have everybody publicly post bids/asks all week, and then over the weekend the price is set to maximize volume and everything gets executed. That makes price far less susceptible to the speed at which information is disseminated. You could also avoid last-minute order rushing to keep trades secret by having a rule that the total volume during any hour on Friday will be no more than 1/32nd that of the Mon-Thurs total, and trades on Fri will be first-come-first-serve. So, if you wait you might not get your trade in.