Slashdot Mirror


User: Ungrounded+Lightning

Ungrounded+Lightning's activity in the archive.

Stories
0
Comments
8,936
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,936

  1. Re:If he was paid $50, he wasn't a "slave" on Scientology Charged With Slavery, Human Trafficking · · Score: 1

    Oh that's okay then.

    He wasn't claiming it was "okay". He was just correcting a factual error. Big difference.

    It's a lot easier to understand history - and avoid being led around by current and future crops of highly-placed liars and ignoramuses - if you know what really happened instead of believing whatever propaganda of the winning side used (even if they were "the good side".)

  2. Re: Sat Phones on India Hanging Up On 25 Million Cell Phones · · Score: 5, Insightful

    Basically they are just forcing all their cellular networks to refuse connection to phones lacking IMEI numbers. ... It just means that people are going to have to pay for their phone calls or pay to call in their bomb threats. No more free rides.

    It's not a free ride now. It just means that the subscriber (or his phone company) bought a cheap phone that didn't have a registered IMEI. (Think "phone universal serial number, sniffable from the phone network.)

    Now maybe it was a stolen phone with the IMEI overwritten by a dummy. Or maybe it was a legit recycled phone with reflashed firmware that killed the IMEI ditto. Or maybe it was a new phone from a cheapscate company that didn't register/buy a block of IMEIs and install them in its products. But the customer is still buying the service and still identified by his "smart chip".

    The IMEI is mainly about tracking the phone and has nothing to do with billing. (For instance: During Iraq War II the NSA mapped out the "terrorist networks" - pun intended - easily, from satellite surveillance, by traffic analysis - when somebody serving as a communications hub switched smartcards for each of his links but didn't realize that the IMEI, which stays with the phone, was also being recorded. Call goes in one smartcard ID and immediately a series to other phone numbers go out on other smartcards from the same phone: it's a gotcha. This hit the media after the opposition figured out that cellphones were a trap and switched to non-cellphone communication.)

    Given that killing service to IMEI-less phones is part of a reaction to "terrorist attacks" it looks like India is willing to kill phone service to 25 million legit cellphone users in order to force its own opposition to chose between lower-tech communication and getting caught.

  3. It's actually drastically DOWN. More than a third on Record-Breaking Black Friday For eBay's PayPal · · Score: 0

    GLD closed at $80.31 last Black Friday and $155.06 this one. (GLD is an exchange traded fund that tracks the price of gold. One share is the price of 1/10th ounce. I use it as a proxy for the price of gold because it was quick to look up.

    That says the price of gold went up by over 43%. Since gold is essentially stable in value, it says the Dollar inflated by about 43%. So if the sales, denominated in dollars, only went up by 20%, they dropped drastically (in terms of gold or a gold-backed currency).

    (1.2 * 80.31 / 155.06) -1 = -37.85% Down by more than a third.

  4. Re:Right, humans are uniquely bad on Modeling the Economy As a Physics Problem · · Score: 1

    And another thing:

    It turns out the American Indians, far from being "primitive hunter gatherers", actually did a lot of deliberate land use planning and low-effort agriculture.

    One particularly cute stunt pulled by a tribe in the West: Climax forests have little biodiversity and deer (as with spotted owls) don't do as well in forests or open fields as along the boundary between them. So the tribe, about once per century, would deliberately set a fire to burn off the forest in one particular valley. This created a LOT of forest/field boundary and the hunting would be great until the forest in the valley finallly got to thick and needed burning again.

    This is one example but there are many. The western states were actually a low-maintenance garden. (Other regions had various other sorts of advanced agriculture, land managemet, and/or game management.)

    And property rights were well understood and finely divided: One oak tree, for example, might have a number of owners of particular rights: One family might have the right to harvest acorns, another to hunt squirrels, another to gather eggs, another to use some of the bark (not enough to damage the tree) to obtain ingredients for tanning, and several other rights might have separate owners.

  5. Re:Right, humans are uniquely bad on Modeling the Economy As a Physics Problem · · Score: 1

    Hear hear!

    Let me add one more thing: Humans may be the first animal to actually have the potential to "live in harmony" with the rest of their enviornment - by planning how to do so.

    (I note that this doesn't have to be a conscious plan by authorities forced on the rest of the population, either. By placing value on things and on the distruction of them by non-owners (i.e. "You dumped your garbage on my yard, your sweage polluted my well, and the smoke from your fireplace with the hole in the side of the chimbney is drifting into my ventilator! Pay up and clean up!") much of the signaling can be handed by the market and tort law. Markets are very good at apportioning scarce resources and encouraging people to conserve and make the best use of them. This is because "value" is subjective, thus mapping things that enhance or degrade quality of life into price signals.)

  6. How does this differ from the history of life? on Modeling the Economy As a Physics Problem · · Score: 1

    Consider the food supply. The population has now reached a size at which the current amount of food is not sufficient for everyone to eat well. So, scientists at ADM and other companies are trying to invent new ways to increase food production.

    Suppose that the scientists succeed and that we increase food production by 20%. The population, enjoying this additional food, now grows by an additonal 20%: we return to the original problem.

    And how is this different from the situation that has faced all life since life began?

    Humanity has had centuries of "vacation" from the "living condition". And still has it, because food production increases are still outpacing population growth.

    Inevitably, some Slashdotter will claim that yet-to-be discovered technology will always provide a fix for the problem.

    Given that technology is on a faster exponential than population growth, that's a reasonable expectation. Will it go on "forever"? Seems unlikely - unless something changes in cosmology.

    But at this point we're approaching the "event horizon" of "the singulaity" - which I define as "The time when technology is advancing so fast that, by the time ANY science fiction writer has fleshed his new-and-plausible technological idea out in to a manuscript, it has already been implemented, productized, and deployed."

    At that time even plausible speculation on the future becomes something beyond merely human capacity. (Fortunately, what's driving the accelleartion is non-human computation capability augmenting human tasks. Given that plausible speculation about the future is such a task it may yet continue. B-) )

    Believing that yet-to-be discovered technology will be discovered (and will be the salvation) is exactly equivalent to believing the numerous claims of religion.

    The same claim can (and repeatedly has) been made about believing in the products of the scientific method. Again, how is yours different?

  7. Not the first time. on Man Pleads Guilty To Selling Fake Chips To US Navy · · Score: 1

    A company back in the mid-20th century always seemed to be able to find the mil-spec chips needed for military contracts.

    Turns out they were pulling the same scam: Buying consumer- or seconds-grade chips (from Radio Shack even), grinding off the markings, and rebranding them to look like the mil-spec ones.

    The first space shuttle prototype was named the Enterprise, due to public pressure. It was used for things like testing the piggyback transport plane and what-have-you, and the results of such testing used in final design changes for the flying fleet. It is rumored that NASA DID examine whether they could upgrade it to flight status and end up with one more shuttle, rejected the option due to the cost (higher than building another one), and that a major factor in the decision was the need to replace all the electronics due to concern that those counterfeit chips had ended up in the assemblies.

  8. Re:Isn't bread and circuses on Telcos Want Big Subsidies, Not Line-Sharing · · Score: 1

    Oh just go buy your own island you fuckwit, you're too antisocial to have most of us even want your redneck mountain man ass around.

    Actually, I, and a lot of others with roots here that predate the Revolution (or with similar mindsets), would prefer that you and your authoritarian cronies do that instead.

    You can implement your socialist utopia with people who (initially) volunteered and steal from each other to your hearts' content. Meanwhile the rest of us can get back to stuffing the government's worms into the Constitutional can they've been escaping from over the last couple centuries.

  9. Re:Confused on English Shell Code Could Make Security Harder · · Score: 4, Informative

    TFA uses the security community's special term "(a) shellcode", which means something other than what it sounds like to ordinary programmers.

    "A shellcode" is the infection head of an exploit - the thing you try to get to run on the target to make the rest of the exploit work. It's in the machine language of the target, not a shell language.

    It's called "a shellcode" because it typically (but not necessarily) tries to sucker the system into launching a shell to run the rest of the exploit. The rest of the exploit may be in a shell language (depending on the shell to interpret it), a machine language executable, etc. Or "the shellcode" may do something else than launch a shell.

    This is one of the latter cases. It's a chunk of self-modifying code (due to the limits of what instructions you can get out of English-looking text) that bootstraps its own internals into something that can act as an interpreter (or other executor) for the rest of the English-looking exploit code, then runs though that code and "makes it happen".

    You can think of it as a binary executable program that depends on self-modification to get away with consisting only of combinations of bytes that look enough like English to fool spam filters which are trying to recognize executable code.

    So it's a very goofy binary and there are no shells or shell languages involved. Instead (if I read this right) the researchers built a very screwy assembler that takes as input an assembler source program and produces as output some VERY screwy machine code that looks like English and ends up doing the same job in a roundabout way, rather than being the direct translation of the assembler code input.

  10. Re:Isn't bread and circuses on Telcos Want Big Subsidies, Not Line-Sharing · · Score: 2, Informative

    Oh, what, you want your trash picked up?

    I pay for that separately.
      CA: "Waste Management" inc.
      NV: I take it down to the transfer station myself and pay by the pound.

    You want sewers built to your property? ... You want clean water running out of the tap?

      CA: I pay for water and sewer: Alameda County Water District.
      NV: I paid to put in a well and septic system and will pay again to have the latter cleaned out if/when whatever doesn't get biodegraded has to be pumped out and hauled away. Only have "homestead" water rights but that's all I need.

    You want roads to drive on?

      License fees, gas taxes. Additionally:
      CA: Special assessment items on property tax bills.
      NV: Ditto. Also: What roads? B-)

    You want fire protection?

      Property taxes again, both states.

    You want the police to arrest those naughty black people who keep making you scared and nervous?

    Nope. But I'd be happy to be able to carry my own gun to protect myself against anybody, any color, who tried to commit a crime against me that endangered my person (which most crimes do). The cops can come and sort it out later if they believe it necessary, when they get around to it.

      NV: Can carry open most places and have my CCW so can carry concealed ditto. This is pretty important, since there is lots of the state where it might take all day for a deputy to get there even IF the passes are clear. Also there are lots of things besides people that might need attention: Starting with feral dog packs and I could go on for pages.

      CA: I'd be happy to work it the same way. But in the bay area the government won't allow it - unless you're one of a very select few (mainly politicians and their contributors).

    You want an army to protect your property claims against foreign and domestic threats?

    The way the constitution SAYS it should work is for the states and/or the Fed to call up the militias in those situations - and for the state militias to consist of the general population ARMED WITH THEIR OWN WEAPONS and lead by officers chosen by the procedures each state designates (which was typically election from their number by the rank-and-file). Between callups there would be minimal, if any, government employees involved. Border and coast guard, navy, and other ongoing stuff (to the extent still required) can be funded out of tariffs. No reason the merchant marine shouldn't be armed for self-defense (and also subject to callup in time of war).

    Care to come up with any OTHER excuses for the various layers of government to confiscate a third or more of my income and a chunk of each transaction and seize much of the rest, plus my existing assets, by devaluing the currency while forcing me to accept their printing-press (or electronic-bits) money as payment in private transactions?

  11. Re:My CA townhouse got "smartmetered" last week. on Smart Grid Could Pose Threat To Privacy · · Score: 1

    There are smarter ones that can handle backfeeding properly. If you've got solar panels or other power generation methods, check with PG&E and see if they have a smarter meter they can install instead.

    PG&E will put the meters in if you go to a net billing rate (and for the E1(?) rate, at least, they'll do it free). Their front-line office people keep saying "solar" (as if windmills didn't exist B-) ) but other than that seem to be on the ball.

    It's just that by changing the meter they probably bought themselves an extra truck-roll when I add some RE generation.

  12. Re:Really people on Microsoft Denies It Built Backdoor Into Windows 7 · · Score: 1

    You forget. Microsoft doesn't deal with doors, they deal with Windows.

    Windows: Transparent holes in a wall.

  13. Strong asymmetric crypto. on Microsoft Denies It Built Backdoor Into Windows 7 · · Score: 1

    If Windows has a back door that the NSA can use, how would they prevent foreign intelligence agencies from using it?

    Lock the back door using strong asymmetric cryptography.

    Then even if the other intelligence agencies get hold of the source code (or tear the code apart and grok every bit) it does them no good. They have to steal the private key or crack the cypher to open the door.

  14. My CA townhouse got "smartmetered" last week. on Smart Grid Could Pose Threat To Privacy · · Score: 5, Informative

    PG&E is using (for electricity) a GE I-120 smartmeter with a Silver Spring Networks interface. (Installer said they plan to install the associated network on the poles shortly, after which no more meter readers wandering the neighborhood.)

    According to the meter's description on GE's site it uses IP and "industry standard crypto" over a two way radio link to a network running their software. It can be remotely tweaked and have software upgrades remotely loaded. (I can hear the cypherpunks booting up already.)

    It records and reports high-time-resolution information about the utility use. It can be used to shut the power off in case of "billing trouble". It doesn't do net metering. Instead it treats backfeeding the net as a sign of cheating - an old mechanical-meter hack consisting of unplugging and inverting the meter to "run it backward" a few days per month. (It records the events around the reversal - unplug, replug-inverted, unplug, replug-normal - with high time resolution, to be used as evidence if it goes to court.)

    If you want to do net metering once this is installed you have to get the power company to come out again and install another meter, set up for "two-way metering".

  15. HCN will do it. on Former Microsoft CTO Builds Kitchen Laboratory · · Score: 1

    Sprinkle a bit of a cyanide compound on it - and avoid acidic ingredients so it doesn't convert to Hydrogen Cyanide until it hits the stomach.

    Death and turning a nice solid blue is two out of three. I suppose you could use a "screen" (the draining and sprinkling tool) to evenly distribute the "seasoning" in powdered form.

    Gives the dish a nice Almond smell. It's tempting to use it on an almond pie for desert but that's not authentic: It should be something that's eaten at some point mid-meal so the timing is unexpected.

    Call it "almond blue surprise".

  16. Re:Very timely article on Leonid Meteor Shower Peaks Early Tuesday Morning · · Score: 1

    The Slashdot editors (and/or submitters) - and the news media, who do the same thing - apparently also assume we have no advance plans and can just drop everything and go watch the sky on a couple hour's notice.

    I do wish BOTH would mention the meteor showers a week or so in advance.

  17. Re:Waytago, Dell! on Time To Ditch Cable For Internet TV? · · Score: 1

    A couple more points:

    there are a lot of other ways they could do this if they wanted. They could insert their own back door in the system's chipset, something that snoops on the bus for a certain network packet being received and then takes over the system, for example. I fail to see, however, why any of them would bother.

    That's exactly what AMT *IS* - except that for this part of the functionality, instead of "snooping on the bus", is actually in the path between the IO and the CPU, examining and forwarding the packets (except those it grabs for itself or modifies before forwarding). This is precisely so that, when it sees a "certain network packet" it can take over the system. And because it eats the packets rather than just snooping them the system can't even see the magic packet and raise an alarm before it is enslaved.

    Obviously they "bothered". They're proud of it. They market it to corporations as a feature.

    In order to [utilize a firmware bug to inject an AMT order], the firmware would need to contain a bug that allows an attacker to pretend to be interacting with the machine via some local method (usb port, keyboard, etc.).

    Not at all: The AMT "man in the middle" is its own little router. It has its own network stack, separate from the one in the OS, and forwards the packets between the OS and the network interfaces. When it's "disabled" does it hook the interface directly to the CPU bus? Or does it just forward unconditionally? I'd bet on the latter. It's simpler.

    Which means a bug in the network stack of the AMT processor can let the network interface inject orders from a malformed packet directly into its little "brain". No need to masquerade as being on some local interface.

  18. Re:Waytago, Dell! on Time To Ditch Cable For Internet TV? · · Score: 1

    You can't _entirely_ trust a machine that you haven't built yourself from individual transistors.

    And not even then - because you'll probably introduce vulnerabilities yourself. B-b

    However this "feature" is deliberately designed to make the machine untrustworthy - giving several pieces of control and observability to someone elsewhere on the network, overriding the intentions of the operator of the machine and the functionality of any software on it, while hiding this from them and making it inaccessable to them.

    [a BIOS] bug [allowing activation of part of the AMT functionality] would be a serious problem, and would almost certainly allow the attacker the ability to execute arbitrary code, and therefore give them the ability to (e.g.) reflash your bios, install a rootkit in your OS, or any other such insidious method of taking over your system. I fail to see why the presence of AMT would make this any worse than it already is.

    It makes it worse by having the components for the attack already installed. Without them they must be constructed externally and "squeezed through the crack". With them, the malware is already present - and "properly" so. Thus the vulnerability only needs to be "big enough" to get them activated. The attack doesn't need to bootstrap itself up - just get a state changed, a key inserterd, and/or an already present function activated. The code itself doesn't need to be injected.

    The only difference between a compromised machine and an uncompromised one is that there is an authentication method for the attacker and perhaps that the AMT is activated when it should not have been. AMT is designed so the software and user of the machine can't detect that it is operating or what it is doing (except by noticing the effects if they are disruptive). So if you're hosed you don't know it and can't find out.

    Sorry: Shipping machines that have "big brother's minion" deliberately built in, no matter for what noble purpose, is too Orwellian for me. It's an extra door from the alley into the vault, with its "security" handled (as far as I can see so far) by obscurity, bypassing all my own layers of protection. Such misfeatures mean the product is off my purchase list.

  19. Re:Right after the revolution on Bernie Madoff's Programmers Arrested · · Score: 1

    Grocery stores are highly competitive, because shoppers are very price-sensitive. The prices are driven down to very thin margins. Result is a robust profit - but not a bonanza.

    This is what you expect. If it were a gold mine there'd be a gold rush and the competition would increase, driving the prices down further, until it was "mined out" back to where all but the most competent went bust.

    As it is you end up primarily with a few big chains running their own warehousing operations (to save on a middleman's fee) taking the bulk of the business, plus convenience stores, mom-and-pop outlets and specialty stores, where people are willing to pay more for convenience, special services, special goods unavailable at the big-boxes, better control of the business, etc., plus co-ops, outlet stores, and membership stores, which are other special cases.

  20. Re:Waytago, Dell! on Time To Ditch Cable For Internet TV? · · Score: 1

    I don't know much about it, but shouldn't disabling AMT in the BIOS essentially solve the problem?

    How do you know it's disabled? The BIOS TOLD you it was disabled. If you believe it I've got some land in Nevada to sell you...

    AMT can rewrite the BIOS - as can the machine itself if it gets cracked even with AMT actually off. Once the BIOS is tweaked (assuming it doesn't come from the factory that way - to keep the security agencies happy, because the FACTORY got cracked, or due to a bug) the tweaked BIOS can lie and you can't tell from anything running on the main processor(s).

    (There's already been ONE BIOS exploit I've heard of that flips a couple bits in the OS' IP stack while booting it and then erases itself from the RAM image of the BIOS. The flipped bits reinsert a bug that enables a one-packet root-connection exploit. From the OS' view the only evidence of the BIOS exploit is the flipped bits in the OS RAM image. Look at the BIOS code and you see the RAM image of it with the exploit removed - just what should have been there. And the disk image of the OS is intact, too.)

    Also: If there's a bug in the BIOS / WAN interface firmware, an exploit of THAT might successfully utilize some AMT functionality even if it's "turned off" - potentially leading to turning it all on or otherwise pwning the machine.

  21. Re:Waytago, Dell! on Time To Ditch Cable For Internet TV? · · Score: 1

    The inspiron uses a dual-core AMD chip.

    Make that "Inspiron Zino HD". Other boxes in the Inspiron line DO use Intel chips, some with AMT hooks (though it's not clear to me whether they have enough additional AMT support to make that a risk).

  22. Waytago, Dell! on Time To Ditch Cable For Internet TV? · · Score: 1

    The inspiron uses a dual-core AMD chip.

    Which means no Intel AMT security risks.

    (Somebody wake me if AMD also does something as stupid as building "IT management" hooks into their chips to let your machine be remote-pwned without the OS having a say in it.)

  23. Standard press-release sound at the moment. on Bernie Madoff's Programmers Arrested · · Score: 1

    Granted, they're innocent until proven guilty, etc., but it appears they were in this up to their ears.

    Remember that what we're getting, so far, is the stuff from the investigation / prosecution side. Their job is to make the case that the accused were in it up to their ears.

    No surprise if they were. But it will always sound that way at this stage, if the prosecutors think they have enough of a smoking gun to go ahead.

  24. Re:Right after the revolution on Bernie Madoff's Programmers Arrested · · Score: 2, Insightful

    What you're talking about is margin - the difference between the cost price of something and the sale price. The figure of "30%" is a generally accepted minimum margin for a business.

    It depends - enormously - on turnover.

    If you turn over your inventory (on the average) in a week or less, like a grocery store, a 1% profit comes out to over 50% in a year (and that's not counting compounding). This is why grocery stores are VERY sensitive to shoplifting and spoilage costs.

    If you turn over your inventory in a couple quarters or a year, you'd better be making margins in the 30-50% range if you want to stay viable.

    Fast nickels are a LOT better than slow dimes.

  25. Use a Yagi and it's a square mile. on MPAA Shuts Down Town's Municipal WiFi Over 1 Download · · Score: 1

    Their "Municipal Wifi" covers a one block area around the courthouse, which probably just means the block that the courthouse is on. That's hardly "municipal".

    It's a block around the courthouse for the internal WiFi in a laptop.

    Point a yagi at the courthouse and it's easily a square mile.

    Point a 24 dB dish at the courthouse and it's about three hundred square miles (less building and other obstruction shadows and electrically noisy areas).

    Both are available online for less than a hundred bux last I looked.

    Seems to me that, for a small town, that qualifies as "municipal WiFi".