Slashdot Mirror


User: SanityInAnarchy

SanityInAnarchy's activity in the archive.

Stories
0
Comments
12,413
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,413

  1. Re:Fine-Grain Parallelism Is the Future, Not Threa on Wintel, Universities Team On Parallel Programming · · Score: 1

    I don't think anyone except you said anything about threads. You may have just described exactly what the GP was describing -- point is, why should you have to break them down into individual programs yourself?

    Personally, I like Erlang, but the point is the same -- come up with a toolset and/or programming paradigm which makes scaling to thousands of cores easy and natural.

    The only problem I have yet to see addressed is how to properly test a threaded app, as it's non-deterministic.

  2. Re:Another misuse of biometrics on Fingerprint-Protected USB Sticks Cracked · · Score: 1

    There ain't no resetting fingerprints!

    Couldn't help but think of Men in Black here.

    Bruce Schneier does make one good point, though: Biometrics can also work when you can verify the source. That is, fingerprint scanners work fine when you can verify that it is actually the person's finger -- as in, you have a guard standing there while people scan their fingers.

    However, when the purpose is to secure something which might be stolen (like a USB key or a laptop), they make no sense at all.

  3. Re:Watch a Sci-fi movie! on Fingerprint-Protected USB Sticks Cracked · · Score: 1

    Depends if stealth is required. By the time you've already shown your gun to someone, they know you were here, and possibly know what you look like.

    Under some situations, sure, it'd be problematic. But by the time you're doing that, you've already screwed up past your original silent-like-the-wind attack, where they'd never know you were there.

    Of course, this being a scifi flick, something will go wrong anyway...

  4. True of biometrics, maybe. on Fingerprint-Protected USB Sticks Cracked · · Score: 1

    It may still be possible to create something relatively tamper-proof, by destroying the physical layer if an attempt is made.

    However, it is possible to do strong encryption such that you should assume it will be secure, and there is a number of years for which you can assume that to be true. Most schemes we employ today are assumed secure for at least ten years. Without some trick (or fully-functional quantum computers), there are some schemes which will outlast the heat-death of the Universe, but 10 years is usually enough for you to change all the keys, and for any business information to be irrelevant.

    Here's what I currently do -- not out of need, but because I want to:

    I have a USB stick which has everything needed to boot. That's a bootloader, a Linux kernel, an initrd with the encryption keys, and occasionally some other things which need to be kept similarly secure. I boot off of this device -- no password needed at any stage, mostly, as I am most often resuming from hibernation -- and the swap partition is encrypted, too, so hibernation is secure. And this USB stick is almost never plugged in or mounted anywhere, other than for boot.

    If I lose the laptop, I can destroy the USB stick and be reasonably confident that no information has been stolen from the laptop. If I lose the USB stick, I can grab one of my backups of it (not saying where those are), and use this information to change the key associated with the disk -- as this is actually a key used to decode one of the encrypted copies of the real key, stored on the disk -- in other words, I don't even have to reformat, and I can be reasonably confident that the machine is secure again.

    Of course, if someone mugs me and takes both, then I have to assume the worst. It doesn't phone home yet, or have a dead man's switch of any kind. But the above scheme was really a hobby project, that took maybe twenty minutes to learn and implement (not including the time it took to format). However, that seems the least likely of any of the above scenarios.

  5. Re:Fingerprint scanners suck. on Fingerprint-Protected USB Sticks Cracked · · Score: 1

    Or you could store the fingerprint on the key, but actually have the key refuse to spill its guts without the finger. I think that's what this key was claiming to do.

    Encryption would be nice, too, but if it's going to be entirely based on biometrics, it's not going to be secure to hardware hacks. It should at least be possible to stop this fully automatic, software-based attack that it suffers from right now, though.

  6. Re:Happy Pi day... on Happy Pi Day · · Score: 1

    That would be 10.

  7. Re:And I would pay for that. on $5 Per Month Fee Proposed For Legal Music P2P · · Score: 1

    The only problem I see is the content producers will throw a fit about the flat rate

    Like they do with iTunes, I know.

    I don't see it working any other way, though. Just about anything beyond a subscription is going to be that much more of an incentive for people to find technical ways around it. Remember, they are competing with Netflix and The Pirate Bay, not with the iTunes store.

    they still might try to get a tax on storage devices setup.

    They'll try it no matter what -- I do believe most of them will jump at any chance for profit.

    After all, we may not all have gigantic hard drives, but anyone can go out and buy a DVD burner now a days and archive all their shit.

    And except for a few treasures you might want to keep forever, I don't see anyone doing that when you're getting new content as fast as you can watch it.

    As for those treasures, people who have Netflix accounts and DVRs still buy DVDs, so I don't think it would be that much different here. Frankly, we could do the same with traditional rentals -- but we end up renting more anyway, whether or not we ripped (or bought) the last one. Porn has figured this out -- do you see any porn sites offering DRM'd video downloads?

  8. Sounds like what I was describing. on $5 Per Month Fee Proposed For Legal Music P2P · · Score: 1

    Note my sig. 2/3rds of your post is redundant.

    A) The majority of the "fee" goes to the performers/writers (at present the majority goes to the labels/RIAA and the people that actually MAKE the music get tossed a few pennies if anything).

    I was covering movies, also... and it looks like I screwed that up. When I said "Creators actually published", I meant "Creators actually compensated."

    B) No DRM, or cross-platform DRM.

    No such thing as cross-platform DRM, or at least, nothing remotely effective. Never will be, either -- it must, by design, be closed source, and will thus never be able to support the sheer range of hardware and software platforms that an open source system would be ported to.

    Will your "cross-platform" DRM system support Android? What about a MythTV box? What if that MythTV box is actually a repurposed Powerbook (and thus PowerPC)?

    Watermarks are OK, provided they don't degrade the rest. Anything more, and I'm not interested.

    C) Host rate able to keep up with my connection. Constantly buffering while streaming is not cool. I don't care if it pushes 600k/sec, but if the stream wants 100k/sec at least be able to push that.

    And that's why I mentioned S3 -- you can basically pay for Amazon to seed for you, at very reasonable rates.

    Now, it's still not going to be "streaming", and no torrent will be -- it's the nature of a torrent to download in a fairly random order. What you can do is the same thing you probably already do with Pirate Bay -- download Season 2 while you watch Season 1. I guarantee you won't be able to watch it as fast as S3 can stream it -- in fact, I'll bet S3 could stream it to you over HTTP, so the BitTorrent would actually just be a cost-saving measure.

  9. Re:And I would pay for that. on $5 Per Month Fee Proposed For Legal Music P2P · · Score: 1

    From what I can tell, MKV is better and cleaner than Ogg. But either one would be preferable to AVI, MOV, or WMV.

    Theora simply isn't as good as h.264, and h.264 has hardware decoders and good open source decoders -- and is even supported in Flash, now. The only possible reason you could have for preferring Theora is freedom from patent issues.

  10. Re:Assembly language and VB? on A Congressman Who Can Code Assembly · · Score: 1

    See, I see assembly as a necessary evil. And currently, C is the best for a low-level app which would otherwise have to be written in assembly, and will call assembly at some point.

    The C++ might make sense if Windows drivers are written that way. But I don't really see the VB being a good idea. I'm not going to say it was a bad choice, just that at that level, just about any language would be better, given a decent platform (including things to make UI easy).

    But I know what you mean about the paging delay. Currently, I do web development in Rails, which means just the slightest bit of SQL (and some admin work, as it's a small company), Ruby for the main app, Haml and Sass to generate HTML and CSS for the frontend, and Javascript so they can talk to each other more effectively.

    And then there are the Ruby DSLs, like rspec -- suffice to say, my brain's been building up a better scheduler to deal with all the context switching.

  11. Re:Thanks, Captain Obvious. on Late Adopters Prefer the Tried and True · · Score: 1

    I find it amusing that said illustration was presented as an absurd, technically impossible situation.

    Also, I can think of pros and cons to any current OS. What I can't think of is a single pro to AOL dialup, or to Netscape.

  12. Is this obvious to anyone else? on High Expectations For Google Android · · Score: 1

    It may take awhile, and it will take a Jailbreak of some sort...

    But someone will port Android to the iPhone.

    That's my prediction, anyway. I also predict that when it happens, hardware will become irrelevant -- although Apple may well win on hardware, I'm not sure they'll be able to compete as effectively on software.

  13. Re:Apps for android are probably going to be terri on High Expectations For Google Android · · Score: 1

    Apps will be slow. It's like compact .NET...

    First, are .NET apps slow?

    And second, does the typical Android app have to be fast?

    original apps for Android will be crappy in quality. (very few consumer level application written in Java has done well

    I hate Java as much as the next guy, but come on -- do you really expect the bytecode engine itself to make them "crappy" in some way? Yes, the bytecode engine -- there are several scripting languages for the Java engine, and while this one is different, I'm sure we'll see languages other than Java supported.

    Social apps for Android will fail because of the lack of users.

    Yeah, like how Myspace has failed -- oh wait.

    And who says social apps need to be only single-platform?

    Android is unable to attract ISV's because a 10Mil prize pool is 10x smaller than a 100Mil prize pool.

    While true, there isn't a 100Mil prize pool.

    Let me repeat that: there is no 100 mil prize pool for the iPhone. What they are after are investments, which are different than prizes. I'd much rather have a prize than an investment.

    Android apps will be hard to install.

    And just where did you pull that out of?

    But you know what? It doesn't matter, because you see, unlike the iPhone, Android won't try to tell you what kind of apps you may write, and what kind you may not. Maybe I'll write a package manager. Maybe I'll skin it to look like the iPhone App Store.

    Compare that to the iPhone -- if it's hard to install iPhone apps, that's too bad, and there's nothing you can do about it other than whine to Apple.

  14. Re:They're really stretching on High Expectations For Google Android · · Score: 4, Informative

    When you accuse others of not having their facts straight, it helps to, well, have your facts straight:

    The quote above is pulled from the iPhone Human Interface Guidelines document available on the SDK site. Translation: no true multitasking.... Apparently however, third-party app developers will not be granted the necessary rights for their apps to make use of background processes.... Symbian for example, grants developers rights to restricted attributes for additional fees.

    I apologize for not linking directly to those guidelines mentioned, as it appears you have to be registered in some way...

  15. Re:They're really stretching on High Expectations For Google Android · · Score: 2, Insightful

    The iPhone absolutely does allow interpreted code -- it's called JavaScript.

    Which makes it all the more bizarre that they won't allow a native app to do what Safari does... but then, didn't they also dictate that you may not write a browser?

    Oh, and one advantage to Android: If you really want to write native code, I don't think anything stops you getting a phone which lets you do that, and also supports the Android API.

    But it seems to me, with Android, you can build any app you want, as long as it'll run in Java. With the iPhone, you can build your app in native code, but you have to write it within a bunch of arbitrary restrictions (like "no background tasks"), and Apple has the final say of what will run on your phone.

    I know which one I'll be buying.

  16. And I would pay for that. on $5 Per Month Fee Proposed For Legal Music P2P · · Score: 5, Interesting

    Just some clarification: I can and do pay for content, and I am far more likely to when I can get it on my terms.

    Just tell me where to sign up to the MPAA-sponsored BitTorrent tracker, and I'll pay for it. Here's my wishlist:

    • No client-side DRM.
    • Video in h.264
    • Audio is AAC, Vorbis, or Flac. (I'd accept any of these.)
    • Container format is mkv for video, ogg for vorbis, flac for flac. (Don't care what the AAC is in.)
    • Torrents are well-seeded -- something like S3 should be fast enough and cheap enough. I don't mind contributing bandwidth (since it's so cheap), but you WILL saturate my pipe.
    • No seeding requirement. Some people might be downloading this on a metered connection.
    • Similarly -- watermarks are fine, so long as you still saturate my pipe. It's probably more cost-effective simply to create a torrent.
    • Creators actually published.
    • All media available this way. Not really practical, but do NOT throw up ten movies I don't want to watch and call it a day.
    • Opt-in. If my ISP suddenly tacks $5 onto my bill because I might be torrenting, I will fight it -- I will cancel Internet service at home if I have to. If you make this a reasonable option, I will pay for it.

    I'm not sure how much I would be willing to pay for that service, but it's at least $5/month.

    As it is, there's really no service which can quite replace The Pirate Bay.

  17. Re:Assembly language and VB? on A Congressman Who Can Code Assembly · · Score: 1

    I very much chased what languages were "cooler", so I do know some assembly. Hardly any Visual Basic, but a few I'd consider worse, like Java or C++.

    It's more important, I think, that he have a fair understanding of the industry, and of tech in general -- and that's orthogonal to being a programmer, though it's probably more common among programmers.

  18. Re:Thanks for your own FUD on Net Neutrality Blasted by MPAA Bosses · · Score: 2, Insightful

    Monopolies are created by regulation.

    How can you not see the exceptions to this? Are you seriously claiming Microsoft was created by regulation?

    Cell phone monopolies were created by a 2 provider per area limit back in the day which was facilitated by the government regulating all EM spectrum.

    If you think we would even have functional cell service without that regulation, you're deluded. What's to stop one cell company from "accidentally" causing massive interference for a competitor's network? Do you really want five times more cell towers than are needed (and radiation to match), just because of competing providers? What happens when they start boosting their signal to guarantee they have clearer calls than their competitors (and, coincidentally, interfering with their competitors' systems)?

    Back to the issue at hand: ISPs have a physical monopoly. Laying ever-more cable and fiber everywhere is going to cost a lot, is wasteful, and isn't always an option.

    There are some things the free market can't solve.

  19. Re:BSG anyone on NBC Still Down On P2P But Plans To Use It Themselves · · Score: 3, Interesting

    I remember hearing that the new Battlestar Galactica would've never happened, had the pilot not been leaked onto P2P.

  20. Re:Thanks, Captain Obvious. on Late Adopters Prefer the Tried and True · · Score: 2, Insightful

    While I agree with everything you just said here, I find that too often, people say "If it ain't broke, don't fix it," and then refuse to see anything "broke" about it. The same can be said for preferring the "Tried and true," except without the "true" part.

    It becomes less about pragmatism and more about fear of change. And in some cases, the longer you wait to make that change, the more difficult it's going to be.

    Using AOL dialup, when there is any other option, is a bad idea.

    I would say I'm neither an early adopter nor a late adopter, and I think that's a smart place to be. Early adopters get burned with stuff that's not ready for production yet, late adopters miss out on any genuine improvements.

  21. Microsoft == Combine? on Microsoft Submits Windows 7 for Antitrust Review · · Score: 1

    Welcome to Windows 17. We hope your stay is a pleasant one.

    It's safer here.

  22. Re:Leak? on Microsoft Submits Windows 7 for Antitrust Review · · Score: 2, Informative

    I really feel that Microsoft recognizes Vista's faults, listened to the real critics of it and this will show as such in the new version.

    You mean, the way they did with XP? And 2000?

    I haven't installed Vista, but XP did still have tons of Microsoft propaganda -- I mean, informative tips -- while you waited, telling you all the great things about the OS you're installing. So let me guess: You feel that Windows 7 will be "faster, more secure, more fun," etc? You know, the way XP was?

    And this is a sarcastic statement!

  23. Re:Tivo's Series3 is a ripoff on Tivo On Board With YouTube's New API · · Score: 1

    Unless you're forced to do it all during your work hours, OR you work every waking hour of every day, you will have some "free time" (in every sense of the word).

    Then maybe another question is: Do you see this as a chore, or as a hobby?

    My suggestion here was simply that for at least some people, it makes a lot of sense to simply shell out for a TiVo, because now you get to spend your time actually watching that TV, or whatever else you wanted to do.

    The fact that I'm off the clock doesn't mean my time is worthless -- I have a limited amount of it, so sometimes, I do simply throw money at the problem. Recent example where this actually made sense (MUCH moreso than the TiVo debate) -- I had a laptop with onboard sound which wouldn't work on Linux. After struggling with it for awhile, I bought a good USB soundcard. Problem solved.

    What's more, it's amazing how people focus on initial time, and ignore the rest... How much money does it cost you due to the user interface (on every electronic device you own) isn't exactly perfect, and therefore wastes untold amounts of your time, in a few seconds increments?

    Depends. Are those few seconds uncomfortable? Do I even notice them?

    Count subscription fees, the ability to retain the same box across different TV service providers with minimal time invested, and all the other benefits it offeres, I'm going to say anyone who doesn't put together a DVR is wasting several thousands of dollars worth of their time...

    Erm... no, it costs no time to lose your shows when you switch providers, and it costs you no time to pay your subscription fee. You mean "several thousand dollars", period, based on those examples. A valid point, sure, but again, how much is that initial (and ongoing) investment for the Myth box, especially for Joe Public, who barely knows Windows, let alone Linux or hardware?

    Again: I'd certainly build one for myself (except I don't really watch TV now) sooner than I'd buy one. But it's not for everyone, and I'm not even convinced it's cost-effective for me. I'm a geek, I like to tinker.

  24. Very cool. on The National Cryptologic Museum · · Score: 1

    Definitely worth the trip, as others are saying.

    One thing I wondered about when I was there: SIGABA/ECM was touted by our tour guide as something which still hasn't been broken, even with modern computers. This seemed unlikely to me, especially after realizing how easily Enigma can be bruteforced (given any known plaintext) -- but then I read about Solitaire/Pontifex in Cryptonomicon, and it makes me wonder...

  25. Re:DirectX is the smallest part... on Why Aren't More Linux Users Gamers? · · Score: 1

    I have yet to find a hardware accelerated physics engine using the BSD license.

    I have yet to see hardware-accelerated physics become relevant enough to matter much. I'm not sure if it'll happen until indie developers get to tinker with it.

    I know several developers that dislike OpenAL.

    I think Jack might've been ported to other systems, although that's not really targeted towards 3D games.