I buy hotwheels cars practically every other day
on
Re-Inventing Hotwheels
·
· Score: 5, Interesting
They don't need to reinvent themselves because they are perfect as they are.
My youngest is a clutcher and takes a car with him to school every day. Most days he doesn't come back with one, or if he does still have one, you can bet it wasn't the one he took.
Hang on a minute, in this case the tag is not the problem. It is the software running on the host machine which does not validate the data coming from the tag that has major issues.
If I can corrupt a database by entering an invalid lookup code then theres something severely fucked up. My bet is its something like the sql injection attacks we see on the web, and you don't see people blaming the input box in those cases.
quote from the article:
In some cases, said the researchers, viruses could be spread by household pets such as cats and dogs that are injected with the tags to help identify their owner.
The pets aren't going to be spreading this "virus" themselves its not sexually transmitted, it cannot be passed by rubbing up against your leg. It will be the vets computer which gets infected because of crappy validation.
MEOOOOOOOOEEEEEEEEOOOOOOOOOOOWWWWWWWWWWWWW!
Charlie says: always validate your external inputs before doing any data processing.
Smart tags, dumb research.
(and thats coming from someone who doesn't like RFID)
I've got an idea, why don't we build millions of these little devices for looking at those strange black and white stripey things on products?
We can call it the cuecat, everyone will want one.
Failing that, for a modern day version, use the camera on your phone to scan the barcode and do a weblookup. The technology is already there, its just putting the pieces together into a coherant database.
For the price I usually pay for components, all this dick waving from Intel/AMD is useless. I want a CPU which does the job I need it for. I didn't wave my hands when AMD took the lead, I don't cheer when Intel get it back. I just look at my requirements and budget and get what fits. There have only been a couple of CPUs I have actively wanted or kept away from (the celeron 300a and the Thunderbird 1.4 after the THG report)
And yes, it looks like Intel have got their act together, its like theres a big lead time for them, but when they get moving it really does move which is good since in the workplace we are standardised on Intel gear.
Tom, this problem is not about outsourcing, remember there were firms caught up in the 9/11 attacks whos disaster recovery plan was to store important documents in the other tower. You are right that companies should spread and test their disaster recovery and ensure that whatever one branch or department has, the others have access to in a disaster (even if its locked up in the company vaults around the world).
We have had terrorist bombings (and other more mundane disasters) come along and wipe out entire populations and companies and I am sure that there will be more, whether its India or the North pole we need to be vigilant.
Actually, up until recently the register was planned for introduction in 2008 (they haven't built it yet so they can't store the required things in it). Read this from the BBC in March of this year.
Then more recently (within the last week) the whole thing has been crumbling, read here for a short piece about it.
This year, we plan to urge our partners to redouble efforts to ensure global energy security. We believe that today, it is crucial to find a solution to a problem which directly influences the social and economic development of all countries, without exception.
I am convinced that our efforts towards attaining this goal should be comprehensive and must stimulate stabilization of the global energy markets, development of innovation technologies, use of renewable energy sources and protection of the environment. We believe that today, we must think very seriously about ways to bridge the gap between energy-sufficient and energy-lacking countries.
The spread of all kinds of epidemics in the world emphasizes the need to step up the fight against infectious diseases. We are convinced that the creation of a global system to monitor dangerous diseases, the development of regular interaction between experts from different states, and broader exchange of research information about dangerous viruses will have a major positive influence on the solution of these serious problems.
In addition to the current agenda, we also plan to raise the issue of education in the G8. In our opinion, the time has come to focus on ways to improve the quality and effectiveness of national education systems and professional training. We must find tools for encouraging the international business community to increase investment into this sector.
Other major international issues we will concentrate on during Russia's Presidency are counterterrorism and proliferation of weapons of mass destruction, the settlement of regional conflicts, the development of the global economy, finance and trade, as well as protection of the environment.
This is about saving lives and fixing major things wrong with the world and should not be bothering about some fucking music website.
Its easy to copy the barcode identifier from my own passport, however its VERY tricky to modify its value so it displays your information and not mine when swiped.
Barring the bloody obvious target painted on you, they say in the article:
They'll have radio frequency identification (RFID) tags and are meant to cut down on human error of immigration officials, speed the processing of visitors and safeguard against counterfeit passports.
Human error will still occur in whichever system a human is involved in.
Couldn't they get all the same benefits with a simple barcode? Does the RFID hold just your ID number for lookup on the database or is the RFID part now full identification?
I hope this doesn't go ahead (like the UK now isn't going ahead with its ID scheme) because whilst RFID might make tracking warehouse stock easy, its not great for humans. Just because the technology exists doesn't mean we should use it for everything.
History The concept of SSTV was introduced by Copthorn Macdonald in 1957-1958[1]. He developed the first SSTV system using an electrostatic monitor and a vidicon tube. Commercial systems started appearing in 1970. SSTV was used extensively during the early years of the NASA Apollo program to transmit images to Earth, and the first images from Apollo 11 on the Moon were SSTV.
It was how the signals from the spacecraft to earth were transmitted.
The tapes themselves probably hold the recordings of this data stream rather than the cine type images.
At least people in the future will have a source of random numbers. Just shine a laser tracker at one of these "compact disc" things and the odd random bits will jump back out completely meaninglessly.
The gender of chosen interest in less clothing than would be accepted in public Some kind of crazy technological advancement An explosion of sorts and yes, in that order
Then I wonder what happens when they are shown an image of a scantily clad female whos backside is exploding with some new technologically advanced orange juice delivery system?
I had my car broken into twice in 6 months, losing tons of CDs. I should be able, as a licensee, to receive a replacement copy of all those CDs.
Try it. Dig out your receipts, get the police crime reference and contact the publishers/RIAA. It might cost you a small amount, but technically you should be able to do it.
In the world of software, usually you can get replacement media for a restocking and admin fee. Even in the world of games, you can do this.
If they won't do it with all this clear evidence then you will come away with proof that you own the data and it was not a license in the first place.
Like I said, however for a large percentage of things tested the differences are so small they are negligible If the test is "find the average path over 1000 attempts" then yes, you can get a rough average and give an intelligent prediction, but you still cannot say with certainty the path of the bobs at the next attempt.
The lorenz attractor is a mathematical example of how sensitivity to initial conditions can affect the results of any test. There is no way that ANY test can be reproduced perfectly multiple times, however for a large percentage of things tested the differences are so small they are negligable. If you take a double pendulum and try (to scientific precision) to orient the beams to the exact location the results will be different every single time you do it (fluctuations in the universes' gravitational field caused by me farting or a butterfly flapping its wings for instance).
Actually graphite sheets (graphene) a single atom thick have been created. When you rub out your pencil lines, you create small amounts of these sheets which are typically multi layered but can be seperated.
Slashdot Mirror
They don't need to reinvent themselves because they are perfect as they are.
My youngest is a clutcher and takes a car with him to school every day.
Most days he doesn't come back with one, or if he does still have one, you can bet it wasn't the one he took.
If the tag data is expected to be an alphanumeric code to represent the customer: Slashdot_LiquidCoooled_634315
this can be used (incorrectly) to produce a raw piece of SQL:
select * from Customers where Code='Slashdot_LiquidCoooled_634315'
if that code contains quotes and they are not being handled correctly then it is certainly possible to corrupt the database.
Suppose my RFID was programmed with something like this and it was not being validated correctly:
'; Drop table [customers];
The resulting SQL could end up something like:
select * from Customers where Code=''; Drop table [customers];'
bye bye customers table (if permissions set at defaults and the wind is blowing your way)
Hang on a minute, in this case the tag is not the problem.
It is the software running on the host machine which does not validate the data coming from the tag that has major issues.
If I can corrupt a database by entering an invalid lookup code then theres something severely fucked up.
My bet is its something like the sql injection attacks we see on the web, and you don't see people blaming the input box in those cases.
quote from the article:
In some cases, said the researchers, viruses could be spread by household pets such as cats and dogs that are injected with the tags to help identify their owner.
The pets aren't going to be spreading this "virus" themselves its not sexually transmitted, it cannot be passed by rubbing up against your leg. It will be the vets computer which gets infected because of crappy validation.
MEOOOOOOOOEEEEEEEEOOOOOOOOOOOWWWWWWWWWWWWW!
Charlie says: always validate your external inputs before doing any data processing.
Smart tags, dumb research.
(and thats coming from someone who doesn't like RFID)
I've got an idea, why don't we build millions of these little devices for looking at those strange black and white stripey things on products?
We can call it the cuecat, everyone will want one.
Failing that, for a modern day version, use the camera on your phone to scan the barcode and do a weblookup.
The technology is already there, its just putting the pieces together into a coherant database.
All you need to increase the range is to come up with some sort of pringles can for your memory reader.
For the price I usually pay for components, all this dick waving from Intel/AMD is useless.
I want a CPU which does the job I need it for.
I didn't wave my hands when AMD took the lead, I don't cheer when Intel get it back.
I just look at my requirements and budget and get what fits.
There have only been a couple of CPUs I have actively wanted or kept away from (the celeron 300a and the Thunderbird 1.4 after the THG report)
And yes, it looks like Intel have got their act together, its like theres a big lead time for them, but when they get moving it really does move which is good since in the workplace we are standardised on Intel gear.
Tom, this problem is not about outsourcing, remember there were firms caught up in the 9/11 attacks whos disaster recovery plan was to store important documents in the other tower.
You are right that companies should spread and test their disaster recovery and ensure that whatever one branch or department has, the others have access to in a disaster (even if its locked up in the company vaults around the world).
We have had terrorist bombings (and other more mundane disasters) come along and wipe out entire populations and companies and I am sure that there will be more, whether its India or the North pole we need to be vigilant.
We should have a class of vulns for the slashdot crowd, third day flaws ;)
Actually, up until recently the register was planned for introduction in 2008 (they haven't built it yet so they can't store the required things in it).
Read this from the BBC in March of this year.
Then more recently (within the last week) the whole thing has been crumbling, read here for a short piece about it.
The G8 summit is gathering of the worlds most powerful leaders to discuss important topics.
From the agenda page:
This year, we plan to urge our partners to redouble efforts to ensure global energy security. We believe that today, it is crucial to find a solution to a problem which directly influences the social and economic development of all countries, without exception.
I am convinced that our efforts towards attaining this goal should be comprehensive and must stimulate stabilization of the global energy markets, development of innovation technologies, use of renewable energy sources and protection of the environment. We believe that today, we must think very seriously about ways to bridge the gap between energy-sufficient and energy-lacking countries.
The spread of all kinds of epidemics in the world emphasizes the need to step up the fight against infectious diseases. We are convinced that the creation of a global system to monitor dangerous diseases, the development of regular interaction between experts from different states, and broader exchange of research information about dangerous viruses will have a major positive influence on the solution of these serious problems.
In addition to the current agenda, we also plan to raise the issue of education in the G8. In our opinion, the time has come to focus on ways to improve the quality and effectiveness of national education systems and professional training. We must find tools for encouraging the international business community to increase investment into this sector.
Other major international issues we will concentrate on during Russia's Presidency are counterterrorism and proliferation of weapons of mass destruction, the settlement of regional conflicts, the development of the global economy, finance and trade, as well as protection of the environment.
This is about saving lives and fixing major things wrong with the world and should not be bothering about some fucking music website.
Its easy to copy the barcode identifier from my own passport, however its VERY tricky to modify its value so it displays your information and not mine when swiped.
Barring the bloody obvious target painted on you, they say in the article:
They'll have radio frequency identification (RFID) tags and are meant to cut down on human error of immigration officials, speed the processing of visitors and safeguard against counterfeit passports.
Human error will still occur in whichever system a human is involved in.
Couldn't they get all the same benefits with a simple barcode?
Does the RFID hold just your ID number for lookup on the database or is the RFID part now full identification?
I hope this doesn't go ahead (like the UK now isn't going ahead with its ID scheme) because whilst RFID might make tracking warehouse stock easy, its not great for humans.
Just because the technology exists doesn't mean we should use it for everything.
Sure you can,
b s.bat.pif !
Look, here is my english assignment http://slashdot.org/EnglishAssignment01.doc.exe.v
from wikipedia
History
The concept of SSTV was introduced by Copthorn Macdonald in 1957-1958[1]. He developed the first SSTV system using an electrostatic monitor and a vidicon tube. Commercial systems started appearing in 1970. SSTV was used extensively during the early years of the NASA Apollo program to transmit images to Earth, and the first images from Apollo 11 on the Moon were SSTV.
It was how the signals from the spacecraft to earth were transmitted.
The tapes themselves probably hold the recordings of this data stream rather than the cine type images.
At least people in the future will have a source of random numbers.
Just shine a laser tracker at one of these "compact disc" things and the odd random bits will jump back out completely meaninglessly.
It would be easier to keep the criminals alive and "harvest" them when somebody needs their parts.
I realised this myself a few weeks ago and bought myself a dvd rewinder.
they claim its the fastest in the world!
from wikipedia ref to tubgirl (2nd google link):
but after revealing that this was one image out of a series, the liquid is simply orange juice.
The gender of chosen interest in less clothing than would be accepted in public Some kind of crazy technological advancement An explosion of sorts and yes, in that order
Then I wonder what happens when they are shown an image of a scantily clad female whos backside is exploding with some new technologically advanced orange juice delivery system?
*shudder*
Gentlemen (and ladies), unpack your Atari 2600's.
Protect those cities!
I had my car broken into twice in 6 months, losing tons of CDs. I should be able, as a licensee, to receive a replacement copy of all those CDs.
Try it.
Dig out your receipts, get the police crime reference and contact the publishers/RIAA.
It might cost you a small amount, but technically you should be able to do it.
In the world of software, usually you can get replacement media for a restocking and admin fee.
Even in the world of games, you can do this.
If they won't do it with all this clear evidence then you will come away with proof that you own the data and it was not a license in the first place.
Like I said, however for a large percentage of things tested the differences are so small they are negligible
If the test is "find the average path over 1000 attempts" then yes, you can get a rough average and give an intelligent prediction, but you still cannot say with certainty the path of the bobs at the next attempt.
The lorenz attractor is a mathematical example of how sensitivity to initial conditions can affect the results of any test.
There is no way that ANY test can be reproduced perfectly multiple times, however for a large percentage of things tested the differences are so small they are negligable.
If you take a double pendulum and try (to scientific precision) to orient the beams to the exact location the results will be different every single time you do it (fluctuations in the universes' gravitational field caused by me farting or a butterfly flapping its wings for instance).
There are no pirates on a quaser.
However there are many here on earth.
Actually graphite sheets (graphene) a single atom thick have been created.
When you rub out your pencil lines, you create small amounts of these sheets which are typically multi layered but can be seperated.