Slashdot Mirror


User: vlm

vlm's activity in the archive.

Stories
0
Comments
8,750
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,750

  1. Re:Deadlier than the terrorists on Making Airport Scanners Less Objectionable · · Score: 4, Interesting

    You get about one mrem per kilomile when flying. Emphasis on the word "about".

    The problem with using "a dental xray" as a measuring stick, is depending on the technology level used, it varies by about one order of magnitude. Then there's another order of magnitude of B.S applied depending on which side you're propagandizing for, such as "do you mean per full dental set (and what is a full dental set anyway, it depends on insurance company, country of residence, and dentist preference) or do you mean per individual snapshot?). But as a total BS estimate over a large 1st world population you'll get about ten mrem per dental xray (although individual experience will vary by a factor of about 5)

    The mystifying part is my teeth are thinner than, say, my wallet or my belt buckle. Yet the nudie body scanner claims to use a hundredth the dose to hit an entire body. On the other hand a diagnostic dental xray is probably higher res needing higher intensity. On the other hand the efficiency of the flux (forget the name) is probably way the heck higher for a dental xray than a nudie scanner.

    I'm thinking just from a purely engineering standpoint, aside from all political statistical BS where both sides are lying to control peoples opinons, that they're about the same dose within an order of magnitude.

  2. Re:Oh sure.... on Making Airport Scanners Less Objectionable · · Score: 1, Troll

    In unrelated news, the Catholic Church reports a sudden lack of priestly applicants.

  3. Re:Great...now just one more issue.... on Making Airport Scanners Less Objectionable · · Score: 1

    If you're going to blur the heck out of the image anyway, why not replace those $170,000 machines with $4,000 infrared-based thermal imaging cameras and be done with it? They're 1/42nd the cost, and they do the blurring in hardware due to the nature of the energy emissions being detected.

    Yeah, I wonder. Hmm. 1/42 the profit, 1/42 the campaign contributions... I wonder why...

  4. Re:Great...now just one more issue.... on Making Airport Scanners Less Objectionable · · Score: 5, Insightful

    if it is true, and flying is already safer than road travel, then why do we need all the security?

    1) The elite prefer, at this time, to control the masses by fear. Americans are carefully social engineered to be cowards, and the elite like it that way. Otherwise, all the lives ruined by the elites might want to take a few with em on the way out. So, keep them scared.

    2) Do you have any idea how much freaking money that "security theater" costs? Lots of campaign contributions later, it turns out we have a need.

  5. Re:Message passing between cores? Hmm... on Intel Talks 1000-Core Processors · · Score: 1

    What use are 48 cores, let alone 1000 if they're all being slowed down to 50% or whatever by heat and power juggling?

    No problemo, they'll be limited by external bandwidth and bulk storage bandwidth.

    No matter if you use 1 core to decode all the frames or 600 cores each decoding one frame of video for the next ten seconds, you'll still only output one frame every 1/60 of a second, so heat load should remain constant.

    In a similar way, you can only push so many requests thru an ethernet port, or so many HD drive accesses, etc.

    The idea of being able to run a processor at 100% capacity forever might simply die. Each core will be thermally designed to sleep 99% of the time, although I guarantee marketing will focus on what all 1000 cores could theoretically do at magical 100% utilization for a couple milliseconds.

  6. Re:Old technique on New Microscope Reveals Ultrastructure of Cells · · Score: 1

    Interesting. The fourth estate is helping to create a second class of citizens.

    Not so much second class. The market has been engineered to be too small for multiple classes. Instead, its a well known narrowcasting thing. Peaking out a non-global local max on a graph.

    So, two newspapers, both appealing to B.S. degree holders. Lightbulb on MBAs head appears, I can increase circulation by appealing to B.S. degree minus one year folks. Repeat on both sides a couple dozen times, you end up with modern american corporate media, which no one beyond the (mental or physical) grade school level finds informative. The market is too small to support multiple corporate news suppliers so don't count on the dead hand of the market competition to "fix things". Its quasi-stable.

  7. Re:I've got a BETTER emergency rule for you... on How the 'Tech Worker Visa' Is Remaking IT In America · · Score: 1

    a company (and an employee) has to go through a year-long charade to demonstrate that "this furriner candidate isn't merely the best candidate for the job, we even tried to hire a lesser-qualified American but failed" (they call it a "Labor Certification"),

    Some people claim not to understand why job announcements are filled with total BS insanely detailed requirements. Perhaps they understand a little better now.

  8. Re:A contrary view on How the 'Tech Worker Visa' Is Remaking IT In America · · Score: 1

    expansion of overall economy -> jobs

    in China

    What it is going to take is capital to seed R&D

    Spent it all on executive bonuses for failed banks, sorry none left.

    No, the ROI on this wouldn't be in a quarter or two, but in several years, the payback will be far greater.

    In China. Here we'll just be deeper in debt.

  9. Re:Don't buy any servers. Use the cloud. on Best IT-infrastructure For a Small Company? · · Score: 1

    I find it humorous that you assume people still work a world where you can operate when disconnected from the Internet. Even if everything's hosted locally you can't use the web or send e-mail. So yeah, you just go home for the day, I don't care if your servers are down the hall or the other side of the country.

    The other 90s era idea is that you can only have internet access from work.... What would you do if the building lost power or burned down? Well, work at home / coffee house / somebodies house, of course. Been there done that...

  10. Re:A Prime Example of Externalized Costs. on US Embassy Categorizes Beijing Air Quality As 'Crazy Bad' · · Score: 2, Insightful

    Much of the savings comes from the ability to operate a factory in China under less stringent rules - less labor protections, less safety, less pollution controls, etc.

    Yet some still ignorantly call it "free trade" as if the differences are as small as North vs South Carolina.

  11. Re:When will China have their 60's? on US Embassy Categorizes Beijing Air Quality As 'Crazy Bad' · · Score: 1

    When will the youth of China decide they've had enough of conformity and respect for authority? China has raised it standard of living in recent decades but they still suffer from a severe lack of basic freedoms, corruption, and choking pollution. The civil rights movement and Vietnam triggered the events of the 60's in the USA. When will the same happen in China?

    USA had the Kent State Massacre, 4 dead. We've got "a couple hundred" political prisoners in that concentration camp in Cuba. Nothing to be proud of, but not that bad either.

    China at the same time roughly had Mao killing about 50 million, admittedly mostly indirectly thru starvation. And their entire population is basically political prisoners / slaves of their government.

    The odds of a successful counter cultural movement are a little bit higher in the US, for some odd reason.

  12. Re:This is why the USA can not compete. on US Embassy Categorizes Beijing Air Quality As 'Crazy Bad' · · Score: 1

    I think he's saying we need to have our military take over China, so we can fight the smog on its home turf instead of having the smog come to the usa and knock over our skyscrapers. It'll only cost a couple billion, which can pay for from Chinese food export revenues, it'll practically pay for itself, and I'm sure the populace will love the freedom we bring them so we'll get plenty of support.

  13. Re:Yet if the lasse fair economics crowd would say on US Embassy Categorizes Beijing Air Quality As 'Crazy Bad' · · Score: 4, Insightful

    .. this would be an idea state: no EPA at all, and nothing to work against any company in order to make a profit.

    Way more accurate to say its the ideal fascist state (what the USA is rapidly moving toward) where all the costs (pollution) are socialized and all the benefits (profits) are privatized. They're just a little further along than we are.

    Remember when the govt and corps merge, suing a corp for pollution is a great way to get executed as an enemy of the state.

  14. Re:natural environment? on New Microscope Reveals Ultrastructure of Cells · · Score: 1

    I also laughed at "The new X-ray microscope instead exploits the natural contrast between organic material and water to form an image of all cell structures."

    As if not using a stain/dye is a new concept in the microscopy arena.

    Standard slashdot car analogy would be pimping my new car engine for using the new "naturally aspirated" technology instead of one of those old fashioned turbocharger gimmicks.

  15. Re:Picture is worth 1000 words on New Microscope Reveals Ultrastructure of Cells · · Score: 1

    Maybe they're just respecting the copyright of the cells.

    As far as I can tell its a tomographic tech, so the output is a 3D model. I would guess it is in fact copyrighted.

    The killer is you can get better res from other techs if you're willing to wait. The story is you can get useful data quicker than say, electron microscope slices.

    It would be like posting a pic from my backyard telescope with the announcement that it is 10 times better than the average cheap backyard scope, to a generation that is used to billion dollar Voyager probe probe photos. No one outside of a lab is going to be impressed.

  16. Old technique on New Microscope Reveals Ultrastructure of Cells · · Score: 4, Informative

    Terrible misleading article. Maybe its the first time the journalist heard about it, but its hardly the first time this has ever been done.

    Despite a desperate attempt by the journalist filter to avoid "science-y words" I've figured out the technique they're talking about is xray microtomography. Basically yet another tomography tech (make a 3 d model in a computer out of a crapload of 2 d pix and lots of processing and memory) but applied to little things.

    "The first X-ray microtomography system was conceived and built by Jim Elliott in the early 1980s" Back then 50 nm was considered pretty good resolution, and thirty years later these dudes are down to 30 nm. A slight improvement on the past, and it is cool, but its not like they are "the first", like being the first men to step onto the moons surface or something.

    http://en.wikipedia.org/wiki/X-ray_microtomography

    Saying these guys are the first, is kind of like saying I'm the first human being to see the moons of jupiter thru a telescope, with the footnote that I'm defining telescope today as being home made using these exact lenses from Edmund Optics and these specific (empty) toilet paper tubes with these somewhat unique specific optical parameters, and no one has ever used that exact tech. Or I'm the first to have ever driven my car to work, while burning these specific individual hydrocarbon molecules.

  17. Re:Password length of 1-6 on Cracking Passwords With Amazon EC2 GPU Instances · · Score: 1

    AFAIK, the NT password hash is up to 255 UTF-16 characters hashed using MD4.

    Hmm. So 16 bits/UTF-16 char times 255 chars is 4080 bits. But that is not "4000 byte encryption!" or whatever. MD4 only squirts out 128 bits. So a strange design decision indeed to let the user think a long password is more secure. Anything more than 8 UTF-16 chars is wasted effort, or is purely a convenience factor for 9 character long names of dog, or first street address or whatever.

  18. Re:SHA-1 for signing software packages. on Cracking Passwords With Amazon EC2 GPU Instances · · Score: 1

    "This means that SHA-1 and MD5 are not suitable for "signing" usage where you have a plaintext where you want to prove that the original has not been changed. It's too easy for an attacker to alter the plaintext in a easily hidden manner so that the hash stays the same."

    But is it possible to alter the plaintext in a way that creates, say, a security backdoor and have the hash predictably remain the same? ... But maybe there is something I don't understand - maybe an attacker could add a "comment" that returns the hash to the same value after coding in an exploit.

    If read literally, the first statement about "SHA-1 and MD5 are not suitable" is in fact completely wrong, which might be causing some confusion. If you use both, the comment that you add to the security damaged source to "patch up" the SHA-1 to the same hash, will almost certainly throw off the MD5 hash. Breaking both MD5 and SHA-1 simultaneously to the same extraordinary level such that you can change plaintext without altering BOTH a md5 and a sha1 is likely impossible and way off the radar. MD5 and SHA-1 seem weaker than originally claimed, but they aren't that weak especially not in a team.

  19. Re:This points to obvious fact on For 18 Minutes, 15% of the Internet Routed Through China · · Score: 1

    It's also possible that someone in China also doesn't understand Internet basics, and figured if he/she said "route everything here" it would stop propagating that at the border, because

    The end of that line is almost certainly "because all his other peers have always been smart enough to filter incoming routes like 0/0 and now he's met his match, a guy that doesn't filter his incoming routes" Then Kaboom.

    Speaking as a guy whom did customer facing BGP in the USA for a couple years, a couple years ago, and yes we did have incoming filters, and yes I saw some pretty sad stuff sent to us and filtered out. I always wondered what would happen to those guys when I left, or when they got accounts at a place that didn't know any better. And now I guess we ALL know.

    Almost, but not quite, as funny, as the guys whom would redistribute their IGP into BGP, have themselves a little momentary couple second internal routing storm, get themselves route dampened, and then wonder why rebooting the router over and over didn't help.

    Three topics most new BGP admins simply do not understand, even if they memorized the cisco commands for the test : route filtering, redistribution, and dampening. At least one of them gets 'em every time.

  20. Re:APB had its day on Failed MMO APB To Be Resurrected As Free-To-Play Game · · Score: 4, Insightful

    Honestly, I think an MMORPG remake of an 80's arcade game was doomed from the start! Although, now that I think of it Frogger MMORPG would be pretty cool.

    I played EVE Online for about a month back in '05. I believe that was a remake of Asteroids. Here I am, grinding big asteroids into little asteroids as quickly as possible, again...

  21. MMO bubble officially popped? on Failed MMO APB To Be Resurrected As Free-To-Play Game · · Score: 3, Insightful

    So, the MMORPG bubble has officially popped?
    This is sounding very march of 2000ish.
    Business plans with lots of "..."
    "Don't worry we'll make it up on volume".
    "I know, we'll do the exact same thing everyone else is doing, what could go wrong!"
    Spending massive amounts on "development" of the same cookie cutter as everyone else.

  22. Re:Let's Just Hope... on Canada To Mandate ISP Deep Packet Inspection · · Score: 2, Interesting

    An ISP isn't going to want to pay any more money than they have to. They won't be getting any kind of a kickback from the government - law enforcement isn't exactly a money making industry.

    1) Out of touch with the prison industrial complex. Huge money maker.

    2) When I worked at a US telco we did in fact issue a bill along with the data. Its kind of like assuming a private 3rd party chemistry forensics lab could never do business with law enforcement. Their cell phone provider does not provide service free/gratis. Their mobile radios were not donated by Motorola for free. They do not get free weapons (well, civil forfeiture) Why people continually assume the telcos do not / will not / can not bill law enforcement has always mystified me. Maybe in the pre-84 ma bell days they had a gentleman's agreement not to bother with paperwork and its all the old timers talking? Don't know.

  23. Re:Password length of 1-6 on Cracking Passwords With Amazon EC2 GPU Instances · · Score: 1

    Indeed. Pretty much everybody that cares about password security is stuck using a password manager anyways. So you may as well use a 20 char password when allowed to. I mean that would only take what like a millennium to break at that rate?

    Well the point is SHA-1 outputs a 160 bit hash, so superficially you can find "A" collision in about ( (2 to the 160) divided by 2 ) guess and checks. But it's been broken so you can find a collision in only about 2 to the 50-something ops.

    So guessing 20 characters times about 7 bits/char (unless you're going all UTF-8 on us) is 140 bits in for a hash that could be "worth" 160 bits, but now is only worth 140 bits. What you don't know is SHA-1 is only "worth" about 50 bits, lets round up to about 7 ASCII characters.

    Extra characters at the input will just get the hashy thing squashed down to about 50 bits worth of security. Which, lets face it, is probably enough. My ATM pin code is a bit less than 10 bits. My analog/mechanical car door lock could only dream of 50 bits of security.

    But don't delude yourself into thinking you're getting "20 characters" of security by feeding a hash that actually tops out around 7.

  24. Re:Yes, SHA1 security is questionable.. on Cracking Passwords With Amazon EC2 GPU Instances · · Score: 1

    Because it has become easy to create 2 plaintexts that both hash out to the same SHA-1 value.

    This means that SHA-1 and MD5 are not suitable for "signing" usage where you have a plaintext where you want to prove that the original has not been changed. It's too easy for an attacker to alter the plaintext in a easily hidden manner so that the hash stays the same.

    Your use of the word "easy" is a little peculiar in that you don't get to chose the matching plaintext, except in the most limited fashion.

    Most of the time you're signing a hash of a document instead of signing the document itself.
    Example "My hundred page mortgage packet", hashed down, sign the hash to prove its mine or basically stick a virtual notary stamp on it.

    It is a math breakthru to be able to generate "a file" that hashes to the same, signed value faster than random guess -n- check. The problem is "a file" instead of being "My hundred page mortgage packet" is going to be superficially similar to the output of /dev/random. Its unlikely a judge could find anything worth enforcing in a big /dev/random file.

    Generating a matching plaintext that is 99.999% provided with just a couple word switched around is still best done totally randomly or in other words its impossible.

    Also "easy" implies an air of "solving ROT-13" which is a slight exaggeration. Breaking a 160 bit hash in less than 2 to the 160th is cool, but its still hovering around 2 to the 50-something ops. So its not as if your key size has dropped to 3 bits or something, its more like its dropped to 50-something bits. Which for many/most apps, is frankly more than necessary, although for a small subset it is not secure enough.

  25. Re:Yes, SHA1 security is questionable.. on Cracking Passwords With Amazon EC2 GPU Instances · · Score: 1

    While this article really has nothing to do with the security of SHA-1, SHA-1 does have weaknesses that should make anybody think twice before using it.

    And I really hate it when people say "Oh, well, it isn't good for this, but how about this?! I mean, we can't toss out a perfectly good algorithm!". What possesses people to hang onto algorithms that are broken for which there are essentially drop in replacements for that aren't.

    Hash algorithms are really tricky to use correctly, and know when you can and can't use them when they have a specific weakness is not a trivial determination to make. And replacing the stupid thing is pretty simple. So just get over it already and drop the bad algorithm. How hard can it be?

    Not to get too specific, but I use SHA-1 to generate a globally sorta-unique ID for a datapoint in multiple locations using multiple implementations by basically concatenating the relevant parts of the datapoint together and then figuring the SHA-1 hash. How is SHA-1 "broken" for this application, other than being faster and available on more systems and languages that my data importers are run on than other hash functions? I really couldn't care less if it can be reversed, but I am very interested in how "smooth" the output is, given, say, 256 million datapoints, can I reliably expect if I bucket them up based on the first byte of the hash, that I'll have 256 one million datapoint files, which can then be further processed? Also, if importer #2 on system #12 finds the same hash as importer #3 on system #7, I have code to handle it (mostly lots making certain the inputs from 2-12 and 3-7 have not been accidentally crossed), but it really slows the overall system down and generates false alarms, so again I'm very interested in "smoothness of output".

    Since its working fine for me, and is not even remotely a security related issue, and is not a CPU hog, and SHA-1 has performed well at ever increasing workloads for years, I'll need another justification to find implementations on all the different systems of a new hash, back convert all the stored data to the new hash, and simultaneously (or something more complicated) modify everything that touches the globally sorta-unique ID hash field. Or, maybe it would be a waste of time...