Slashdot Mirror


User: tlambert

tlambert's activity in the archive.

Stories
0
Comments
5,097
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,097

  1. Re:google rejected Con kolivas on Google's Idea of Productivity Is a Bad Fit For Many Other Workplaces · · Score: 2

    Google rejected Con Kolivas because of his "Lack of breadth" .

    Google doesn't reject candidates immediately, and they certainly do not communicate particular reasons for rejection. Generally you find out when the recruiter working on putting the candidate through the system calls back to either give you an offer, or thank you for applying, but that they won't be extending an offer at this time.

    He may indeed have been rejected for the reasons he claims, but any specific claims are likely derived from where he himself believes he blew things during the interview process. Note that it's really important to Google that their candidates know enough CS terminology that they are able to communicate with each other effectively at a high information density. It's likely that an anaesthetist might not be able to cope with that effectively, given his primary training is as a physician.

    This is more or less the same problem that a lot of self-taught or non-formally educated programmers have when applying to places like Google. They can be brilliant programmers, but they will have difficulty working in a team if they can't communicate about the work effectively.

  2. Re:Flash Access requires libhal, hald on Ask Slashdot: Linux Friendly Video Streaming? · · Score: 1

    Amazingly enough, Windows seems to be the prime hackery for video of all sorts, despite have these signed system components. Probably something to do with security....

    My understanding is that if you want to rip digital content as digital without encryption, then you buy a Unigraf UFG-04 LVDS, LVDS Frame Grabber or a Gopel Electronic 4120 - Frame Grabber, or Teledyne Dalsa X64-LVDS. Then you take the connector which would normally go to a physical flat panel, and plug it into the card instead. Then you just grab each frame as it's "displayed" by the virtual LVDS device. After that, you have a perfect digital copy at the resolution of the emulated flat panel. Since you emulate the entire EDID handshake, even secured hardware has no idea that it's not talking to a real flat panel, and since you are already outside the encryption path, there's nothing that can prevent it.

    So it really doesn't matter what they do to try and stop you, as long as you are willing to spend money on hardware and write the software to do the work. These are the guys getting the Ad revenue from Ad interposition over the torrented/streamed content, which is why they spent on the hardware in the first place.

    I'm not claiming that DRM is effective on platforms other than Linux, or per the above, that it can actually truly be effective at all, I'm just saying they don't want it to be easy for absolutely everyone to do. The number of people with hardware workarounds is always necessarily going to be rather small, which leads to a smaller number of choke-points.

    If you support a platform that doesn't even make a half-assed tip of the hat to some type of DRM throughout the entire software stack, you've already given up on the idea that most people will be incapable of the necessary software hackery, since there will be "apt get" packages, and probably bootable DVD images with the necessary software already installed.

    This translates to having given up completely on rights enforcement at all, since everyone with a computer capable of /installing the packages/booting the media/loading s VM/ is a potential transfer point from a legitimate consumer and a torrent of the content in question.

    That's not going to happen.

  3. Flash Access requires libhal, hald on Ask Slashdot: Linux Friendly Video Streaming? · · Score: 5, Informative

    Flash Access requires libhal, hald

    This has been known since Feb 2011, which Amazon started encoding new content for TV shows using the newer version of Flash Access.

    The Flash Access Component requires that the local machine support Libhal and hald, even though they are deprecated by over 7 years now by the OpenDesktop project.

    It uses the information gathered from this interface to create a machine unique identifier, which it then uses as a content crypto key on the stream, and then you can play Amazon, Youtube, and Google Play content just fine.

    Otherwise it bitches that your Flash is "out of date", when what it really means is that it can't install the Flash Access component because the libraries and supporting components used in the installation success test aren't there.

    Most streaming applications won't support Linux because it doesn't require signed system components, and without that, the can't protect their content from piracy, commercial skipping, and so on when they stream to Linux systems; it's too easy to interpose libraries, system calls, and so on and take unencrypted digital content and rip it to some mp4 or other container file format.

    This is also why the components from Provo, Utak for abc.com, nbc.com, and cbs.com have never been ported to Linux, and probably never will be.

  4. Class action is the ONLY remedy on Judge Denies Class Action Status In Tech Workers' Lawsuit · · Score: 4, Insightful

    Can Everyone just take them to small clams court? All IT workers from the companies in Small clames court = lots of money to be paid out and lot of lawyers if they want to defend all the law sues.

    Class action is the ONLY remedy; permit me to illustrate my point.

    Judge: So what are the damages you are asking for, sir?
    Nerd: I want the difference between what I was making over the years I was employed at A and not B.
    Judge: Based on the money B would have offer you, had they actually offered you a job?
    Nerd: Yes.
    Judge: Based on them wanting to hire you in the first place?
    Nerd: Yes.
    Judge: anything else I should know?
    Nerd: I also want damages for emotional distress.
    Judge: For all that time you spent at A instead of B?
    Nerd: Yes.
    Judge: Due to a practice which you were unaware of until just recently?
    Nerd: I have retroactive emotional distress.
    Judge: Dismissed. Next!

  5. Question: Does this count as an in-app payment? on Mozilla Introduces Experimental Open Payment System For Firefox OS · · Score: 1

    Question: Does this count as an in-app payment?

    Because you could consider a browser an app, would this fall under the purview of the in-app purchase patent that's being enforced out of East Texas?

  6. You have missed the point, I think on Aaron Swartz Prosecution Team Claims Online Harassment · · Score: 1

    The petition reached it's goal nearly 2 months ago and not a peep has been heard. Perhaps if there had been a meaningful response to that petition, these other measures wouldn't be in play now.

    You have missed the point, I think.

    That IS, in fact, a meaningful response, you just don't like what it means.

  7. Re:Maybe they should have signed this petition ins on Aaron Swartz Prosecution Team Claims Online Harassment · · Score: 1

    Activism is useless when it is aimed at unproductive channels. Instead, they should have signed the petition to remove the DA in question. Or written a letter to the state.
    Petition to remove DA Carmen Ortiz

    Like most of the ill-worded and jurisdictionally misdirected petitions on that site, that one exists to make the public feel as if they've done something about a problem and therefore can dismiss it from the collective consciousness and go back to business as usual.

    The request in that petition is not actionable by the executive branch of the Federal government.

  8. Re:Good on Aaron Swartz Prosecution Team Claims Online Harassment · · Score: 1

    The only reason Swartz was charged with crimes amounting to years in prison was to discourage him from exercising his rights. That's unjust any way you want to portray it.

    No, the reason Swartz was charged with crimes amounting to years in prison is because the evidence indicated that he committed crimes whose maximum penalty was 35 years in prison.

    The reason people keep shouting "35 years" is because they're engaging in a political game, trying to conflate "maximum sentence" with "likely penalty Mr. Swartz would have received."

    Actually, Ortiz explicitly threatened him with 35 years here:

    http://www.justice.gov/usao/ma/news/2011/July/SwartzAaronPR.html

    Nice try, though.

  9. Re:Couldn't they... on Want to Keep Messages From the Feds? Use iMessage · · Score: 1

    ...just ask Apple?

    Yes, they could. If you read the reverse engineered protocol on the wikipedia link up top, then you will see that the end points are an Apple server, just like iChat uses. The virtual circuit makes a stop at the Apple server, which is the endpoint, and the Apple server decrypts the message and then reencrypts it for the recipient, or if the recipient isn't an iDevice user, sends it cleartext via the normal proxy channels through the carriers of both parties.

    So it's rather trivial to interpose an MITM on the Apple server.

    Google chat does the same thing, except with Google servers in the middle, which is why there is such latency in the audio between when it's sent and when it's output at the other end. Other services either side-band end-to-end to avoid the latency (but there's still an interposition capability on the main band) - for example, Skype - but very few offer true end-to-end, unless you consider one of the ends to be the providers server, rather than the person you are talking to.

  10. Not very accurate. on Blink! Google Is Forking WebKit · · Score: 5, Insightful

    It's not just that; the other reason is because you're too lazy to cooperate with the original project, such as by ... dividing your patches up into chunks the original project prefers so they can review them effectively, ...

    This is frequently not a matter of "lazy". Often it's a matter of having a team paid programmers working 16 hours a day adding code to something, and if they are not already insiders, there's not a chance in hell a group of volunteers is going to be able to keep up with the review load unless they are independently wealthy or work for the company that already employs the team.

    That's why you frequently see the team for an Open Source project that's trying to make a go of it as a business by selling support or contracting themselves out to implement features for interested parties getting their company bought out. It's why MySQL was bought out, and it's why Oracle was bought out.

    I've personally been "on a roll" and generated > 20,000 lines of code in a two week period (I ended up in wrist braces for another two weeks after that). There's no way that an Open Source project is going to be able to review at that rate unless they have a huge volunteer base, and that's practically all they do. Which generally ends badly, since it's no damn fun to get involved in a project to code, and find out you're spending all your time reviewing instead.

    The truly sad part is that when you are working with volunteers, you can rarely find someone willing to do the scut-work. The volunteers are there to have fun, and scut work is generally not fun for anyone. But it's necessary for productization, and as a result, productization doesn't happen. It's rare that you see commercial quality Open Source products... it's even rarer that you see actual documentation apart from "read the source".

    Finally, there's the "you can't get there from here" factor. You can rarely do something truly revolutionary in small increments, and insisting that all code do a drunkards walk from where it's at to someplace truly cool is a fool's errand. You will face objections from all sorts of people; not just the people who don't want to get from "here" to "there" because they don't want to go to "there" with the rest of you. You also get objections from people who don't want things that aren't currently being used checked in. So you are caught between committing foundation work which isn't used yet, or upper level work that can't be enabled because the foundation isn't there yet.

    So you fork. It's not you being lazy, it's you being pragmatic about the inertia of projects which are incapable of accepting large chunks of change that get you where you want/need to go.

    It's why Apple (rightly) forked KHTML to create WebKit in the first place, and it's why Blink is forking now -- read their web site; they have a significantly different process and sandbox architecture that part of their per-DOM rendering engine model, and staying part of WebKit means carrying around 7,000 files which are totally useless to them.

  11. Work-Place misconduct defined: on WA State Bill Would Allow Bosses To Seek Facebook Passwords · · Score: 4, Insightful

    Work-Place misconduct defined:

    If you are Representative Mike Sells, and you introduce a critically stupid amendment like this, you have engaged in workplace misconduct, and you are required to give the people of the State of Washington, who are your employers, all your social media passwords.

    PS: The linked story from the OP has a comment which states that it was withdrawn. I imagine he pulled on his left ear with his right hand, and his right ear with his left hand, and the loud popping noise was his head coming out of his rear.

  12. Re:minority report on Google Glass and Surveillance Culture · · Score: 1

    If I had a dollar for every time I heard some piece of electronics can't be hacks or bypassed, I'd have... about a thousand bucks.

    "If you don't think that a software update would issue as soon as the there was a working jailbreak, you're sadly mistaken."
        based on..what?

    get some fresh air and stay off the internet for a week or two.. You are coming across as crazy guy in an echo chamber.

    Google largely does not control what goes onto the Android cell phones, the partners control the cell phone OS. All productization takes place at Samsung, HTC, and other phone vendors.

    In order to have a carrier willing to let a partners cell phone onto their network, there are certain contractual obligations that the partner has to meet in order for the carrier to contract with them.

    I worked at Apple on the Mac OS X kernel, which is the iOS kernel, and I left Apple and went to work for Google, where, among other things, I did the cellular modem bring-up on the most recent ARM-based Samsung ChromeBook.

    Carriers are OK with tethered jailbreaks, as they are more or less inevitable, but anything untethered like the jailbreakme.com site or similar drive-by jailbreaks gets a security fix so that you can't screw with the baseband without a lot of effort.

    If you dick with the baseband, you are looking at some hard time in a Federal prison. I'm not saying that it's impossible to do; I know someone in Korea who used to do it for iphones because he had access to a lab with the equipment to reflow BGA chips after wiring up the JTAG line on iPhone 4GS'. It's not impossible: it's just prohibitively expensive and unwise if you get caught with the modified device.

    PS: The regulation you're looking for is Code of Federal Regulations, Title 47, Section 2.1043 - Changes in certified equipment, dated 2008-10-01, Class I and Class II permissive changes.

  13. Re:Not a problem on Google Glass and Surveillance Culture · · Score: 1

    Not really, the CDC keeps specimens on hand for that very reason. Yes, a bunch of people would probably die, but between quarantine technology and the fact that we have an effective vaccination that just needs to be produced would render it a terrible tragedy, but one that the species will survive.

    The Andrew Speaker case in 2007 was fairly high profile, and was technically a voluntary isolation, rather than an actual quarantine. It was the first isolation order from the CDC in over 40 years, and we typically don't quarantine even nominally fatal infectious diseases like HIV, as long as they aren't virulent.

    There are 20 national quarantine centers in the US, generally associated with ports of entry and international airports, Currently, the only things we quarantine people at those centers for, as of 2012, are active cases of Cholera, Diptheria, Infectious tuberculosis, Bubonic plague, Smallpox, Yellow fever, viral hemorrhagic fevers, SARS, and pandemic flu. This was by presidential order in 2012, and took an executive order from the president, and even so, they typically end up in the hospital rather than at a quarantine facility, if the disease is treatable, which most of those are. The last big quarantine order was for the Spanish Flu Pandemic in 1918-1919. The last small quarantine order were for the postal Anthrax scares, and involve voluntary isolation, rather than enforced isolation (unsurprisingly, the people exposed wanted treatment). Prior to that, it was the Reston Virginia primate research facility in 1996, when there was an outbreak of Ebola-Reston among the primates there, and while some humans tested positive, they were asymptomatic.

    See also: http://www.cdc.gov/quarantine/aboutlawsregulationsquarantineisolation.html

  14. Re:minority report on Google Glass and Surveillance Culture · · Score: 1

    it's all minority report. every place you look, google glass will pop up a virtual billboard for you to see.

    I don't get this kind of reaction. So what if the one out of the box does this? We'll just learn to jailbreak it (if needed) and install an adblocker, or how to install Linux on it or whatever.

    This is somewhat unlikely, given that the Broadcom chips require a signed bootloader, and most implementations go out of their way to verify boot signatures all the way ufp the stack due to FCC regulations dealing with SDRs (Software defined radios). This either includes kernel modules, or everything gets statically linked and kernel module loading is disabled. If you aren't in the US, you'll have your own SDR regulations courtesy of your local ITU or FCC-alike in your country, since they don't want you to hack the baseband firmware, because as soon as you do, you'll be able to clone IMEI's and skim other people's phone calls, as well as being able to modify the radio tables to create a jammer for military and emergency services radio communications.

    That's pretty much a short trip to being labelled a terrorist, or at least getting accused of aiding and abetting them, should your code get used for nefarious purposes. The baseband is firmware is run on the same CPU as the rest of the OS. This is why in the Qualcomm Snapddragon's there's a Hypervisor to keep the baseband isolated in the single CPU phones, and why The single CPU Sony phones aren't unlockable, but the multi-CPU Sony phones are.

    If you don't think that a software update would issue as soon as the there was a working jailbreak, you're sadly mistaken. The primary reason for doing a baseband hack has been to do a carrier unlock on most phones, particularly those with Samsung chips in them (like the early iPhone models), since the carrier lock down was stupidly placed in the baseband firmware instead of in user space in the commcenter program. As soon as the unlock was released by the Russians, and then later by the iPhone dev team, it was possible to rewrite the sec zone to do the unlock, at which point it was possible to rewrite the IMEI and radio tables. This is why most iPhones sold in Europe these days are not carrier locked: to disincentivize baseband hacks, which were mostly motivated by it being the only way to get a grey market iPhone in countries where the carrier lock would have prevented them working.

  15. This whole thing is disingenuous on Google Blogger: Vietnamese HS Students Excelling At CS · · Score: 4, Insightful

    This whole thing is disingenuous.

    That might have been acceptable to present as an interview question (before it was disclosed), but those kids would not have passed the interview process on a single question, nor would they have even passed the single session interview which used that question, if they took 45+ minutes to arrive at it.

    An interview session typically lasts 45 minutes in total, and the point of presenting the problem is to gauge the persons problem solving ability, and their ability to think in terms of their ability to apply CS tools to solve the problem optimally. Taking the full 45 minutes for a single solution would not cut it, even if they ended up with the optimal solution. If they knew the question because someone had leaked it to a jobs board, then immediately solved it optimally, then the immediate response of the interviewer should be to vary the premise to make it a related but slightly different problem. If they didn't solve it optimally, and the interviewer had them iterate on their solution to optimize it, that's the best possible outcome, as far as an interviewer is concerned, as it speaks to the persons thought processes and problem solving capability.

    They also would not have passed the educational bar. There are a lot of self-taught programmers who are brilliant at it, but who can not work on teams because they lack the common terminology for algorithms and so on. So they are able to solve a problem in isolation, but they are unable to communicate this information to their peers, and neither can they document it in such a way that a future engineer can pick up where they left off when changing requirements force an incremental update to the design. Without that critical communication, it's impossible to make minimum necessary changes to accomplish a goal, while remaining cognizant of the side effects. So there is typically a degree requirement, and from the fact that you have a degree, you are expected to know things like "big O" notation, and a set of 20-30 algorithms by name so that you recognize them when they are used in code you are later asked to maintain.

    It's great that he bought them a teacher for a year by pulling $1,200 out of his personal bank account, but this emphasis recently on Slashdot of trying to get everyone to be a programmer in elementary school is misguided and misses the fundamental point that you can not narrowly focus an early education and expect to have people come out of it with the ability to retrain in other careers should their career become obsolete.

  16. I have to disagree with your conclusion, as well. on Man Accused of Selling Golf Ball Finders As Bomb Detectors · · Score: 1

    I have to disagree with your conclusion, as well.

    So yes, this was the agencies who purchased the detectors believing in "magick" [SIC].

    It is also a fabulous example of how the misguided tools who think that they are libertarians should wake the hell up and realize that the mythical free market does not "magically" take care of shit like this. It was, literally, "snake oil" and the unfounded claims about it that brought "teh gubamint" into the business of regulating food and drugs. The consumers in a mass market can not be expected to be fully informed about everything in that market that they might want to purchase. And the "free market" assumes that such a state (fully informed consumer) exists.

    Now, in this case, I'll stipulate that it would not have take much effort to become informed enough to know that this $41,000 do-hickey was snake oil. Then again, the government keeps buying the equivalent of the fabled "$400 toilet seat" from vendors like Haliburton, so we're probably buggered either way.

    Your conclusion is flawed here.

    The "consumers" in this case were government agencies, and a free market would have required them to obtain competing bids for the equipment from two different vendors. Since the equipment doesn't exist, they would be forced to do what's called a "sole source justification", which has a higher bar in terms of due diligence to allow the justification as valid.

    If they had followed the legally required process, they would not have been bamboozled, so they are still at fault for falling for the con.

  17. Re:A first step on Should Congress Telecommute? · · Score: 1

    To start with take one step: Allow votes to be entered without having to visit the floor. If you watch house hearings you see them take breaks for votes on the floor. Why not a special device that allows a vote based upon reading a fingerprint. Have it at least work anywhere on the capitol grounds.

    Then take the next step and let the American public do the voting instead of the Senators or representatives.

  18. Re:I've been yelling about this for a few years no on Should Congress Telecommute? · · Score: 1

    5. You could MITM the votes, rather than relying on Deibold to do it.

  19. Re:Title not entirely accurate on Man Accused of Selling Golf Ball Finders As Bomb Detectors · · Score: 4, Insightful

    This was not a case of people believing in magick. This was a case of someone taking a fake product, slapping fake certification labels on the outside, fake circuit boards on the inside, adding bogus 'smart cards', and selling it as a high-tech piece of hardware. It was a scam, but in this case there was active deceit that didn't need to rely on people's belief in 'dousing'; he relied on people's faith in technology and their unwillingness to crack open the case. This would have never fooled a person with the Maker Mentality. :)

    I would agree with you in principle, were in not for the fact that the only bomb-detection equipment I could find on the web which did not require some form of direct contact with the bomb was a dog.

    So yes, this was the agencies who purchased the detectors believing in "magick" [SIC].

  20. Re:ENVIRONMENTALLY viable on Bosch Finds Solar Business Unprofitable, Exits · · Score: 1

    But at least health care costs tend to go down when you have no local manufacturing going on, due to a reduction in pollutants.

    Then why has the US costs gone up in the last several years? Our manufacturing left decades ago so by your theory we should have the cheapest.

    Dumb-Ass liberals and their short-sighted only looking at one measurement view.

    In case you don't know China has stricter environmental laws then we do, but it only takes a $100 bill to have the inspectors look the other way.

    US health care costs are largely insurance costs. Insurance has a huge force multiplier. For example, let's say you go into the hospital and end up with a routine blood test; insurance takes a bite in these places:

    (1) Your medical insurance
    (2) The deductible for the cost of the test
    (3) The liability insurance for the hospital
    (4) Malpractice insurance for the doctor who ordered the test
    (5) Malpractice insurance for the nurse who did the blood draw
    (6) The liability insurance for the manufacturer of the machine used in the test
    (7) The liability insurance for the performed the testing

    The reason it has gone up is because insurance rates have gone up in order to show increasing profitability for the insurance companies. And yes, forcing everyone into participating in this broken system is only going to exacerbate the problem. Single payer would have devastated the insurance companies profit margins, and liberal or conservative, both side dance to the tune of the same masters.

    So wise up, this is not a partisan issue any more than whether or not you can get around environmental regulations in China with a bribe (which wouldn't work in my suggested scenario, BTW, since it would require external compliance audits by the countries receiving the goods, rather than internal ones).

  21. He's not being a "smart aleck" ... on Google Keep End-of-Life Date Forecasted · · Score: 1

    He's not being a "smart aleck" ... ... he's doing analytics.

  22. You know it occurs to me... on US Gov't To Scan More Civilian Infrastructure Traffic · · Score: 1

    You know it occurs to me...

    All the major telecommunications carriers are defense contractors, as are the people running MAE East and MAE West.

    So what exactly isn't going to be scanned under this proposal?

  23. ENVIRONMENTALLY viable on Bosch Finds Solar Business Unprofitable, Exits · · Score: 5, Insightful

    No, it's called productivity.

    The manufacturing costs for manufacturing a generally similar in both Europe and China, balancing German automation + power costs vs. Chinese labor costs.

    What isn't the same is the after-cost of adhering to German vs. Chinese environmental regulations.

    Most industrialized nations could easily save their local manufacturing bases by imposing requirements on products being manufactured in accordance to local environmental standards in the locations they are sold. It's optional whether they would want to impose environmental tarrifs and take the product anyway, despite "dirty" manufacturing, or simply block entry of the product into the country.

    For China, depending on how far up the supply chain you wanted to push the requirement, you could take it to the point of requireing scrubbers on the stacks of the coal-fired power plants that powered the manufacturing facilities.

    It's ironic that environmentalism has succeeded only in moving the mess out of view (to China), rather than keeping the mess from being injected into the global ecosystem anyway. But at least health care costs tend to go down when you have no local manufacturing going on, due to a reduction in pollutants.

  24. Re:Yes it affects what you say on SendGrid Fires Employee After Firestorm Over Inappropriate Jokes · · Score: 1

    You are aware of the fact that an organization and/or script kiddie using a botnet to DDOS someone they have a vendetta against is not going to, nor should it, change their behaviour

    Actually - yes, yes it does. If you are the very public representative of a company you do in fact moderate more of what you say on the internet, or in public, because it reflects on the company you work for.

    Or at least you do if you are a professional.

    It's called "self-restraint". And "being responsible".

    You can be reasonably assured that anyone with a botnet will have a hot button that can be pushed by anything you say, or by the fact that you have said nothing, or by the fact that it's Tuesday. Every human being has some irrational position on something, and you can't take them all into account in the name of political correctness.

    If you let them dictate your actions on the basis of that irrationality, then you might as well put them on your board of directors. The firing in this case was them caving in to the DDOS out of embarrassment for being technically incompetent enough that the DDOS was successful. This company is not governed by their CEO, their board of directors, or their board chairman, they are governed by whoever ran the botnet that DDOS'ed them.

    I have zero respect for their position when it comes to the firing.

  25. Re:Really? on SendGrid Fires Employee After Firestorm Over Inappropriate Jokes · · Score: 1

    I'm not sure firing her was an over-reaction. Her employer is trying to be a five-nines service provider. Her poor judgement got their services DDoS'd off the net for 5 hours today. Sounds like a pretty good case for firing to me.

    You are aware of the fact that an organization and/or script kiddie using a botnet to DDOS someone they have a vendetta against is not going to, nor should it, change their behaviour.

    Or are you saying that when China DDOS'ed Google for refusing the censor search results, Google should have caved, because clear, anyone with the power to DDOS someone should be permitted to dictate a companies public policy?

    We do not live in a DDOS-ocracy.