Slashdot Mirror


User: Ungrounded+Lightning

Ungrounded+Lightning's activity in the archive.

Stories
0
Comments
8,936
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,936

  1. Still practical... on Patch To Allow Linux To Use Defective DIMMs · · Score: 2
    Now we have a way to deliberately make Linux instable.... if you subscribe to the theory that if a DIMM has bad areas then that increases the probability that more of its areas will fail in the future.

    Good point! DRAMs are made with extra rows ... during manufacture the memory is checked and the chips are modified to allow the spare rows to replace the faulty rows. That's how they get the yield up so high. You can get faulty DRAM, but it is used mostly in voice-recording applications where the human brain can tolerate a few crackles.


    But what happens when there are more faulty rows than spares? Answer: They sell it to the crackling-audio people, for cheap. Such chips might not have a higer tendency toward progressive RAM-cancer than those with fewer faults (though I will be happy to stand corrected if someone has contrary data.)

    By marking the bad rows bad, Linux never allocates them. With virtual memory in fixed-size pages and memory-mapped I/O there's no penalty for scattering your data all over the place and hopping over the occasional chuckhole.

    Downside would be if there's a flakey cell and the memory test misses it. So a persistent bad-page map might be useful, as would beefing up the startup test if the feature is enabled, and adding a background memory test on the currently unallocated pages, to pick up any really-low-density faults.

    If an intermittent cell gives you a hit on a read-only or unmodified page, a hack in the parity-error recovery code could move and refresh it. A read hit on a modified page not yet written back to disk is bad news. (Another background hack could be writing modified pages back part of the time the disk is otherwise idle, to reduce that window.)
  2. Re:But clients can - when MS builds a backdoor... on Handling Spam from Large Commercial Entities? · · Score: 2

    All this does is select some action based on what operating system you're using. It's probably the same thing they use in Windows Update. There isn't anything particularly sinister about this.

    Then why do they care about "isRegistered()" and "MSID"?

  3. My favorite "plowshare" projects on Civil Engineering with Atomic Detonations · · Score: 2

    Nuclear excavation (at least on a planet with a biosphere) is in my "probably a bad idea" category. But there are two others I categorize as smart and dumb, respectively.

    I give the "Homer Simpson award for dumb nuclear projects" to the one that would have disposed of nuclear waste by mixing it with paving material in concentrations capable of producing significant heat, and using it to pave roads in the northern tier of states. The object being to create superhighways that didn't need plowing in the winter.

    On the other side: suitably encapsulating a low-level alpha or beta emitter with a flourescent material. Imagine a fluorescent light tube that didn't need electricity and lasted decades or longer. (Now imagine one that doesn't break. B-) )

    The latter was apparently researched. It would have been as safe as smoke detectors - individually. (That still might not have been good enough: The "benefit" side of the cost/benefit ratio is higher for smoke detectors than for lamps.) Unfortunately, working in a warehouse full of them - at least with the original design - would have been quite another matter.

  4. Re:Information must be left out on Quake As An Architectural Design Tool · · Score: 2

    ... in the high-end software you can click on the wall and get a parts list, something that isn't practical in any game engine to date ... games don't think of a 2x4 as a 2x4; It's just another brush

    Granted, if you group the wall together you could write a script or app which would parse the groups out of the pre-compiled map file ...


    So use hyperlinking. Touch the wall and you teleport to another level, identical except that the details are rendered, or there's a sign with a parts list.

    That makes for a LOT of model-building. But you can automate it in a CAD-to-game model-conversion tool.

  5. Smartcards are made very hard to copy. on Hong Kong Smart Identity Cards In 2003 · · Score: 3

    ... is it possible for someone to just make an identical copy of my smart ID card, and 'become me'?

    Smart cards are designed to be difficult to read, even distructively or by "sneak paths" (such as variations in power usage or radio emissions). The engineers working on them, even in private enterprise, are investigated and security-cleared, and work in relatively isolated areas. (I recall when some people working with me at a large chip company were transferred to that project - in a separate building. I'd done classified work before and had no interest in doing it again. B-) )

    So copying your smartcard to 'become you' is unlikely - unless that particular smartcard's technology is broken.

    If it IS broken, it will likely be by some VERY well-financed sorts - either organized crime or governmental.

    If it's governmental they'll want to use the break for covert activity, and will keep as low a profile as possible. So they'll play dirty tricks on their enemies - starting with the "short list".

    If it's organized crime, they'll want to make a profit on their investment quickly, before the break is discovered. So there will probably be a sudden large crime wave, looting some very big targets or a great host of smaller ones, and then the smartcards will be replaced with a different technology.

    Either could be a problem for some of us here. But I wouldn't worry too much about script kiddies. If they get in on it at all it will likely be on the tail end of the "organized crime" scenario.

  6. But clients can - when MS builds a backdoor... on Handling Spam from Large Commercial Entities? · · Score: 3

    Web servers can't read your registry, plain and simple.

    But web clients, running on your machine, sure can.

    The only possible way is if you ran an ActiveX control or an executable(scripting languages can't do this) that accessed the registry, but if you did that, it would be your own fault.

    How about running a VBScript fragment that uses a Microsoft backdoor object to read the registry?

    I've dug out and reviewed the code. I know zilch about VBScript except that it's object oriented. But by analogy with other OOP languages this VBScript checkFlags() routine sure looks to me like it uses a class called "RegWizCtl" to:

    - Extract your MSID (your product key?)
    - Start a string with:
    "/REGWIZ/wiz40.asp?CRF=Y&RegMSID={your MSID}&"
    - Iterate through the registry entries for the Windows and Windows NT version numbers:
    - Check if they're registered and
    - If they are, add "&D={n}" to the end of the string (where {n} is 1 for Windows, 2 for Windows NT).
    - Return the string to the Javascript routine.

    The Javascript routine looks like it checks whether your browser is internet explorer and your OS is Windows 98 or Windows NT 5, making a reference to the return from the VBScript routine if so, else making a reference to "http://register.microsoft.com/REGWIZ/wiz40.asp?CR F=Y&".

    The HTTP looks like it puts up a web bug to get an object named "RegWizCtrl" with class ID "CLSID:50E5E3D1-C07E-11D0-B9FD-00A0249F6B00" loaded, the zero-delay refreshes to "/REGWIZ/wiz40.asp?CRF=Y&" (if the Javascript hasn't done it already).

    Tell you what: Here's the web page in question (minus a BUNCH of leading blanks on each line apparently designed to throw the code off the right of the window if it happened to be viewed). Maybe some of the HTML, Java, and VBScript experts on this board can tell us all what it really does.

    (Of course this means that the whole slashdot community can see it and make their own versions. What a pity.)

    Remember: Though this part might seem benign, it tells the server at "/REGWIZ/wiz40.asp":
    - That you're running Windows 98 or Windows NT 5.
    - That you're running Internet Explorer.
    - That your system is subvertable using this mechanism.
    So if your system IS subvertable there's nothing to keep /REGWIZ/win40.asp from immediately downloading a more extensive subversion that might be visible on a non-subvertable software configuration.

    ==============================================
    To restore the original:
    - Change leading blanks to tabs, 8 blanks to one tab.
    - Add three leading tabs to every line starting with the "!--" line.
    - Add seven more tabs to the start of the line containing "\Windows NT\"
    - Change all occurrences of "[" to left-angle-bracket. (Someday I'll figure out how to put that character in a slashdot posting.)
    - Join the lines beginning with "[OBJECT" and "CLASSID" (a long line that got wrapped by slashdot).
    ================================================
    [HTML>
    [OBJECT ID="RegWizCtrl" STYLE="display: none" CLASSID="CLSID:50E5E3D1-C07E-11D0-B9FD-00A0249F6B0 0" WIDTH=0 HEIGHT=0>
    [/OBJECT>
    [SCRIPT LANGUAGE="VBScript">
    [!--
    Function CheckFlags()
    on error resume next
    Dim sBuffer, sRegMSID
    sRegMSID = RegWizCtrl.MSID
    aProdKeys = Array("SOFTWARE\Microsoft\Windows\CurrentVersion", _
    "SOFTWARE\Microsoft\Windows NT\CurrentVersion")
    sBuffer = "/REGWIZ/wiz40.asp?CRF=Y&RegMSID=" & sRegMSID & "&"
    for iCounter = LBound( aProdKeys ) to UBound( aProdKeys )
    RegWizCtrl.IsRegistered = aProdKeys( iCounter )
    if RegWizCtrl.IsRegistered then
    if err.number = 0 then
    sBuffer = sBuffer & "&D=" & CStr( iCounter )
    end if
    end if
    if err.number then err.clear
    next
    CheckFlags = sBuffer
    End Function
    ' -->
    [/SCRIPT>
    [SCRIPT LANGUAGE=JavaScript>
    [!--
    if ((navigator.userAgent.indexOf("MSIE") >= 0 && navigator.userAgent.indexOf("Windows 98") >= 0) ||
    (navigator.userAgent.indexOf("MSIE") >= 0 && navigator.userAgent.indexOf("Windows NT 5") >= 0))
    {
    location.href = CheckFlags();
    }
    else
    {
    location.href = "http://register.microsoft.com/REGWIZ/wiz40.asp?CR F=Y&"
    }
    //-->
    [/SCRIPT>
    [META HTTP-EQUIV="REFRESH" CONTENT="0; URL=/REGWIZ/wiz40.asp?CRF=Y&">
    [/HEAD>

  7. Microsoft has a system prober disguised as spam. on Handling Spam from Large Commercial Entities? · · Score: 3

    Microsoft were similarly bad. Even after following their unsubscribe instructions, I was still getting mail.

    Did the mail look like an advertisement for a developer's conference? Did it have remove instructions asking you to send a reply or visit a web site to be removed? Did sending a reply bounce, so you had to use the web page?

    If so, it wasn't just spam. It was an attempt to mine your machine for information.

    I started getting those spams from microsoft - and I didn't even have a windows-capable machine anywhere in my domain. So after the unsubscribe email bounced I probed the web site (with an ancient version of Mosaic that didn't know how to do most of the dirty tricks B-) ).

    The main page gave a link to a mailing-list manipulation page. The button on the page where you delete yourself from the mailing list downloads a very interesting page.

    The page is a mix of HTML, Javascript, and VBScript.

    - The HTML uses the instant-refresh trick to forward you to a page at register.microsoft.com if you're not java-enabled, else it runs the javascript.

    - The javascript forwards you to the same page if you're not on a VBScript-enabled browser, else it runs the VBScript.

    - The VBScript (judging by the names of the classes it uses) sniffs your registry and then forwards you to the same page, but with the registry information added to the URL.

    I didn't follow it to the next page to see what other dirty tricks might have been embedded. (I presume the automatic forwarding eventually terminates on an 'unsubscribe me' page, so everything looks dandy.) But by this point register.microsoft.com already has the sniffed registry info (at least your Windows and browser versions), tied to your IP address and whatever other stuff the browser includes in the HTML request. And their server can feed you other pages, tuned to your configuration, to mine more info or maybe do some damage, before they finally give you the page you wanted.

    So Microsoft found a new use for spam: Populating a database by sucking registry info out of the machines of any Windows user they could sucker into trying to use the web to get off their spam list.

    The registry has all sorts of information in it. Here's some that I know exists there, for starters:

    - The MAC address of any ethernet cards. (These are a unique identifier that can be used to recognize your individual machine, just like the Pentium CPU serial number that caused such a flap for Intel.)

    - The names, version numbers, serial/program key numbers, etc. of any installed software, both from Microsoft and from most other vendors.

    I leave it to you to imagine the intended uses of this information.

  8. That's what I do on Handling Spam from Large Commercial Entities? · · Score: 3

    Get your own domain, and create a new address for every company that requests one (e.g. amazon@mydomain.net). Then use mail aliases to decide if the company gets to send mail to your ccount or to /dev/null.

    That's exactly what I do. It also helps to find out what sites are being mined by the mailing-list sellers. (I've only gotten about three spams to "rod" so far. B-) )

    Unfortunately, the WHOIS database of domain contact information is open and has been mined by the mailing list sellesrs. So having a domain gets you spam - to an address that you CAN'T ignore if you want to keep the domain.

    The "cybersquatting" procedure starts by sending notices to the posted contact information (which is also where billing info is sent). Don't answer and you might find your domain reassigned to someone else. So if your domain name is at all desirable, you have to deal with spam.

  9. A whole new meaning. on Open Source Nanotechnology · · Score: 1

    Imagine biological warfare, etc. Engineering viruses using tiny particles.

    Brings a whole new meaning to "writing a virus", doesn't it?

  10. You've GOT to be kidding. on Open Source Nanotechnology · · Score: 2

    The baddies ... would have to [acquire] nano tech through complex intelligence networks if the technology is held by companies and governments. Any entity large enough to posess such resources would unavoidably have more responsibility and caution with application of such technology.

    You're KIDDING, right?

    Bill Clinton.
    Mummar Kqudhafi.
    Joe Stalin.
    Adolph Hitler.

    I could go on, and on, and on...

  11. Looks like a relay. You can make computers of 'em on Berkeley Lab Fashions First Buckyball Transistor · · Score: 3
    "McEuen says this quantized nano-mechanical movement of the carbon-60 might serve as a logic gate, a means of storing information in the position of the molecule that would be more stable and much faster than the current technology."

    I realized they hadn't made a transistor yet. All they have done is connected two electrodes with carbon-60, and since they might be able to isolate carbon-60 between two electrodes, they might be able to make something useful with it.


    They've used buckyballs to bridge a gap, allowing conduction. They've used electric fields to bounce the buckyballs up and down, switching the conduction.

    That sounds to me like a nanometer-scale relay - or getting very close to one.

    Relays are amplifying switches. You can make computers out of them, just as you can make computers out of transistors or tubes. In fact, that's EXACTLY what was used in tabulators for decades, before (and even while) tubes moved in to do the faster stuff, creating the "elecTRONic computer".

    Cray was still using relays to decode the panel display and as an IPL ROM in the Control Data 1604 in the 1960s. Most of the switches in the 1604 were germanium transistors - upgraded to silicon transistors later in its life cycle.

    Indeed, transistors in modern CMOS circuitry are just serving as an approximation of relays. A CMOS logic gate's schematic looks much like the "ladder diagrams" used to this day to design relay-based logic circuits.

    While moving small molecules is slower than moving electrons, it's comparable in speed to moving holes. So at nanometer scales an electromechanical relay, with a bucky ball or a molecular side-chain for the armature, can be an adequately (blazingly!) fast switching element.

    Electrons are light and thus spread out. So they are very sensitive to temperature and have a long cross-talk range. Molecules are more compact and tend to focus electrons as well. So circuitry that uses a molecule, rather than a cloud of electrons, as the moving part in a switch might lead to higher component densities and a broader environmental operating range.
  12. So THAT's why they sued Microsoft! on Candidates' Positions On Internet Filtering · · Score: 2

    And as for contributions, Microsoft has contributed dramatically more to the republicans than the democrats. ... Bill himself has done little to no contributing.

    So THAT's why they went after Microsoft!

    I thought Janet Reno's Justice Department might ACTUALLY have gone after someone because they broke the law. And here it turns out it's just another dose of revenge for not contributing to their machine's campaign and vacation fund.

    Well at least it's nice to know that they're consistent. B-)

    (And thanks for the link to Open Secrets.)

  13. Using the market to open the debates. on Ask the Presidential Candidates · · Score: 2

    Two simple rules:

    1.Are you on the ballot in enough states to make it possible to win the election (270 electoral votes)?


    Check.

    2.Are you one of the top 6 candidates in at least 3 of 5 independent polls? This one I am flexible with.

    "Major Polls" are often biased and/or creatures of the Major Party / Media Complex (TM). Let's skip that.

    Here's a potential way for one open network (Fox News comes to mind) to break the Biopoly:

    While (nearly) every other network is broadcasting the debate, Our Hero Network runs it - but with a difference:

    Rather than broadcasting it live:

    - It captures it for "Instant Replay".

    - It has, in its studio, any minor party candidates that met the network's cutoff and agreed to attend.

    - It "Instant Replay"s the question.

    - It lets all the candidates answer in random order - with two slots randomly picked for the majors (consumed in the order they answer in the original debate), giving the minors the average of the time actually given to the majors and STRICTLY enforcing (like by cutting off the sound).

    - For rebuttal it again lets the candidates have one slot in random order (again replaying the majors in order, in two random slots) to rebut anyone or any set they chose.

    - Segments where one major candidate gets to ask the other a question are handled by each of the candidates getting to ask all the others a question. The minors get to answer them all, while the majors get no slot to answer the minors.

    This gives the minors equal opportunity (at least on THIS network) to show how they think on their feet, get exposure for themselves and their positions, and raise issues they consider significant.

    With ALL BUT ONE network playing the stock debate and ONE playing the "enhanced version", guess what the ratings look like? B-)

    Of course the majors don't get to rebut the minors' points. But that's what they get for going along with the exclusion of the minors from the debate. B-) They could easily stop the charade by insisting that the minors be allowed on stage with them, refusing to debate (or moving to the "enhanced" version B-) unless that was done.

  14. But did he invent "The Information Superhighway"? on Ask the Presidential Candidates · · Score: 2

    Al Gore never claimed to have "invented the internet."

    But how about "The Information Superhighway" - meaning the phrase itself? Did he (or his speechwriters) invent this? Or was he just the loudest of the early mouths to use it?

    That metaphor has always struck me as a gem of the propagandist's art.

    It equates the Internet with the National Defense Highway system (now known as the "interstate" system). This sets in the listeners mind the idea that the Internet - rather than an industry / university / some-government colaboration grown around a seed from a plowshared military project - is a pure creation of the US federal government. From there it's an easy step to making it fair game for total government regulation. Think "Information 55 MPH Speed Limit".

    Gore used the phrase when he was the point man for the Clinton administration's efforst to wire the nation's K-through-12 schools and libraries. This, of course, set the stage for the Communications Decency act (supported primarily by Democrats), censoring the Internet to "make the Internet safe for The Children".

  15. Real degree, but not first. on Univ. of Washington Announces First Nanotech Ph.D. · · Score: 2

    This may be the first degree >program, but te first nanotech PhD was awarded to Eric Drexler, some years ago.

    MIT, I think it was.

  16. Big deal. on Organic LEDs To Replace LCDs? · · Score: 2

    Slashdot requires you to wait 1 minute between each submission of /comments.pl in order to allow veryone to have a fair chance to post.

    It's been 60 seconds since your last submission!


    So he's got an off-by-one bug. Big deal.

    Submit it again in another second. Hurry, you might take too long. B-)

  17. Definition of "organic" on Organic LEDs To Replace LCDs? · · Score: 2

    I may be wrong, but when I hear 'Organic', I think organism. When I think organism, I think of life. Here's a free clue for all the media types out there: "Carbon != Organic".

    Sorry, but you're wrong. (No doubt because you were misinformed by junk schools and media.)

    "Organic", when applied to molecules, means "containing carbon". Period. It has been that way for well over a century - roughly since the fall of the theory of vitalism (i.e. that there was something fundamentally different about the chemistry of living and nonliving matter). It will no doubt continue to be that way for as long as there are English-speaking chemists.

    Yes, it DID come from the fact that most of the chemistry of life is carbon based. And there are some much more recent definitions of "organic" - such as food products grown without the use of synthetic pesticides and fertilizers. But when we're talking chemistry it's a technical term, and "containing carbon" is the entirety of its meaning.

  18. Nope. on Aussies Put Old Pay-TV Dishes To Use -- As A LAN · · Score: 2

    If you can make a wireless LAN out of old satellite dishes, then you can surely transmit satellite TV from them also, can't you?

    You can beam it into another user's satellite receiver, if he happens to be pointing at you (unlikely) or you're right off the edge of his dish (where most parabolic reflector antennas have a minor lobe.)

    You'd have a tough time uplinking to the satellite. I understand the receivers are at a very different frequency from what the little piepans handle.

  19. Beware of _Anarchist's Cookbook_ on What Happened to Phrack? · · Score: 2

    And of course, the classic: "The Acarchists Cookbook". Check it out at your local library or get it from Amazon.com.

    I strongly recommend against trying any of the recipies in the _Anarchist's Cookbook_. They tend to have dangerous errors or omissions.

    Example: The nitroglycerine recipie neglects aparatus and processing steps necessary to keep the reaction running cool enough that it doesn't blow up during manufacture. (I understand that the original inventor of nitro blew himself up, and the compound he was working on was reconstructed - much more carefully - from the surviving fragments of his lab notes.)

    Considerably less likely to kill you are the recipies in the reprints of the US military manuals on improvised munitions (available at most gun shows).

    Reminder: The BATF is in charge of seeing that anybody who actually TRIES the recipies in these books (without filling out forms, acquiring government approvals, and paying applicable taxes) is treated harshly. And "The Revenooers" are somewhat gung-ho about their job (as they demonstrated at Waco TX.)

  20. A simpler and more automated solution. on X-Box Limitations (Hemos Is Dumb) (Yes, I am) · · Score: 2

    Might I sugest that some kind of story warning system be implemented wherein the story would be showen to say 100 randomly selected readers, who loaded the main slashdot page at the right time, before it is actually posted.

    Unfortunately that would delay the stories significantly. (This IS a NEWS medium, after all.)

    A simpler, faster, and more automated method would be to have the posting software check any hyperlinks in the story against those in the other stories posted in the last week or so, and bring them to the editor's attention.

  21. Here's a possible solution... on Extending UCITA To Printed Books? · · Score: 3
    ... I am in a similar boat - two large appendices ("Introduction to Programming" and "Introduction to Electronics" - totalling about 300 pages) are being pdf'd and put on the CD-ROM. These appendices were submitted with the rest of the manuscript and do have the same copyright warnings as the software that comes on the CD-ROM.

    You might want to have your publisher include something like this in the shrink-wrap license for the CD-ROM:

    This CD-ROM contains both files in PDF format which represent printable pages and files in other formats. The files representing printable pages are intended as a cost-saving measure.

    Other provisions of this contract nonwithstanding, the user is explicitly granted rights to the information in the PDF formatted files equivalent to the rights he would have had if they had appeared as printed pages in the book. The user is also granted the right to make hardcopy of the pages in the PDF files, provided he does not allow more than one such hardcopy to be in existance at a time, and to dispose of the hardcopy pages as if they had been printed and included in the book.


    I'm sure your publisher's lawyers can come up with something similar that will make both your publisher and your readers happy.
  22. Stealth release of the RSA algorithm. on FreeBSD 4.1.1 Includes RSA · · Score: 2

    Not only that, but Rivest did a "stealth release" of the paper - handing them out unannounced at the start of the meeting where he presented it.

    One of the people in the audience then made a few hundred copies of his copy and anonymously snail-mailed them to potentially interested open-cryptography researchers all over the place.

    The idea was to keep the US security agencies from putting this genie back in the bottle.

    (Of course the US-only patent effectively kept open-source software authors in the US from using it, while the export rules kept the US commercial software authors in check. Smart move on the gov's part...)

  23. "Hacking" is not in the proposed treaty. on U.S. And EU Ready International Cybercrime Treaty · · Score: 4

    The text of the treaty does not use the term "hacking". That occurs twice in the editor's comments, and nowhere else.

    The treaty explicitly defines the classes of crimes in question.

    There's some bad stuff in there. But it's not QUITE as bad as the article makes it sound.

    (One example is the section on seizure, which includes deliberatly denying access to the siezed data.

    In the US, seizure as part of a search is supposed to be only to preserve evidence. Denial or disruption of access to the seized material is only authorized when it's an unavoidable consequence of preserving the evidence, and copies of the data siezed must usually be made available to the data's owner at some point in the proceedings.)

  24. Re:Reminder: treaties supercede constitution on U.S. And EU Ready International Cybercrime Treaty · · Score: 2

    A Senate ratified (which this one isn't yet - write those letters) treaty is equal in auhotirity to the Constitution, but cannot supersede it.

    Actually, it is not equal to the constition. It's just that it's a member of the set of federal things (constitution, laws, treaties) that override state things (constitutions, laws).

  25. Almost... on U.S. And EU Ready International Cybercrime Treaty · · Score: 2
    A friendly reminder that ratified treaties supercede the constitution.


    I don't believe it for a minute. The Constitution holds that treaty law should be held as equal to itself.

    Close, but no seegar. The section you're referring to actually says that any of (the federal constitution, the federal laws, treaties) trumps any of (state constitutions, state laws) in any court case.

    THAT section doesn't say anything about the relative strength of the federal constitution, the federal laws, and treaties.

    However: laws, treaties, and constitutional amendments are authorized, and their manner prescribed, by the constitution. And the bar is much higher for amending the constitution than it is for either making a treaty or making a law. So it should be pretty clear that treaties, like laws, haven't qualified as constitutional amendments and thus neither treaties nor (federal) law trumps the (federal) constitution.