Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment Re:Devices should be de-brickable (Score 1) 170

Yes, yes, that's all very clever of you, except for the fact that iPhones do have that. You can reset the firmware, or all the internal storage, from a plugged-in computer. Almost every single byte of internal flash can be rewritten by Apple, or, hell, by an end user with iTunes. (I think the only parts that can't be overwritten are the parts that allow the phone to enter recovery.)

These 'bricked' phones? They enter recovery mode just fine, and all their internal memory can be rewritten just fine. Everything works fine there.

The problem here is that the current time, of course, is not part of a system recovery, because the damn current time is not saved to the phone's flash memory. How would that even work?

The clock in an iPhone operates the same way the clock in a PC operates, in a separate very low-power clock-tracking chip that runs off a battery. (Which in this case is the device battery.) There is absolutely no way to alter this from outside the device, and, really, no device has even needed such an ability before. iOS just has a really stupid bug.

And the way the iPhone is designed does not allow easy removal of the battery, which, really, is the problem here. If Android had this problem, it would be laughed off, 'Just unplug the battery, that will fix it'. But you can't do that with an iPhone.

I suspect that, within days, Apple will have produced a iOS update that can be put on the device (Even after it has been 'bricked'.) that either checks the time and fixes it, or just doesn't have whatever bug is causing this in the first place. (In fact, it should be possible to put a tiny image on there whose sole purpose is to change the clock, and then put the *original* image back.)

Comment Really "C++ Plays Tetris", not Clang... (Score 2) 68

The title of this article is a little misleading, as this program works fine with the latest release of gcc (5.1) as well...

[No changes, either to the program or the command-line are required, just use "g++" instead of "clang++".]

Presumably it will also work with any compiler that supports a recent-enough version of the C++ standard and its proposed updates (with the command-line options updated accordingly).

Comment Re:Ed man! !man ed (Score 1) 402

I occassionally use ed even on normal machines while I'm running X... it does a fine job on simple little edits, and just feels so nice and lightweight, it doesn't even clear the terminal.... (which can be handy, e.g. when you want to preserve your terminal context)

Comment Re:depends on what you're doing (Score 0) 402

However, as an admin, I have long ago standardized on VI for the simple reason that it's included by default on every single *nix variant out there.

It's not installed by default on Debian.

You can easily install it, of course, but you can easily install a bazillion text editors....

Comment Re:I know someone who works on this kind of stuff (Score 1) 265

The other problem is that all this development seems like an insane urban-planning clusterf*ck... the rulers who are bankrolling it all want a glitzy showpiece to puff up their egos, and basically spend their lives traveling between high-end luxury malls, 60th floor corporate boardrooms, and enormous homes, in fleets of air-conditioned Mercedes SUVs. So they're designing a city optimized for those things. The result seems to be someplace that looks impressive in very long shots of the night-time skyline featured in inflight magazines, but which doesn't really work very well as an actual city (with, you know, people, not all of whom are necessarily ultra-wealthy)...

Comment Re:Lego Mindstorms (Score 1) 876

Ummm ... Egyptian hieroglyphics were actually phonetic symbols. And Chinese (still i use) is pictographic and not phonetic.

Chinese is (basically) ideographic ("symbols representing ideas"), but not generally pictographic ("symbols representing ideas/objects directly by resembling them"). Some Chinese characters are arguably pictographic, and in many cases there was probably a pictographic stage in the historical evolution of other characters, but the bulk really aren't.

In response to the grandparent: it doesn't appear that alphabetic/phonetic languages are faster to write/read than ideographic languages like Chinese. Chinese seems to be generally faster to read, and roughly equivalent to write in many cases. It's obviously a pretty hard comparison to make, since there are so many variables, but while ideographs are generally more complicated, they're also more information dense (so you need fewer of them to communicate a given idea) and can take better advantage of the human visual system to allow recognition of more text in parallel .

Comment Re:Common sense? In MY judiciary? (Score 1) 457

No shit.

I'm all for warning drivers to be legal (Which, it must be pointed out, is applicable to situations besides the police, and can be for all sorts of warnings of road conditions.), but flashing brights at people is *itself* dangerous.

What we need a precedent that turning your lights off for a split second is free speech, not 'driving with your lights off'. (Probably need some sort of threshold of about a quarter second.)

Comment Re:And so, it begins (Score 1) 383

Yeah. I always found it funny that the conspiracy theory brought in the British news media. I mean, it's absurd to give anyone a script, but the British news media?

<sarcasm>Because if there's any group that would just fall in line with the Bush administration murdering thousands of people, it's the British news media.</sarcasm>

I remember when the assertion that one of the terrorists was actually still alive showed up...and my response was 'So you assert the US government, instead of just making up Iraqi terrorists to pin this on to invent a war, used pre-existing Saudi terrorists that they could not confirm were already dead?'

And the less said about the 'using missiles instead of planes' theory the better. Man, was that one silly or what?

There are two kinds of conspiracy theories out there. One that postulates plausible causes for actual events. I mean, Jack Ruby _did_ have mob ties, and the Kennedy administration was cracking down on the mob, so if you want to assert that Oswald did a mob hit of JFK, and then was taken out, hey, I don't quite believe you, but you're not _insane_. That is indeed plausible.

The other kind of conspiracy theory is where you take some event and randomly find 'inconsistencies', which are usually just things said in confusion that are untrue, or misunderstandings of what is going on, or things that are completely normal but don't look normal to people who don't understand disaster, and try to build a massive conspiracy using every single one of them. None of which will hold up to the single question of 'Why the hell would anyone running that conspiracy actually do that?'

Which, in the context of the Kennedy assassination, is basically trying to make there be more other active shooters beside Oswald, elaborate conspiracy theories about misunderstanding of physics and bullets instead of just saying 'Yes, Oswald shot him...but _why_?', which is a much better question.

Comment Re:They have *worse* to hide? (Score 1) 383

I'm suspecting it's doublespeak. He used other people's credentials...in the sense that they didn't even bother giving each individual person their own login. I'm sure he wasn't technically 'supposed' to have access to some of that information, but that probably means he just copied it directly from some accessible file share instead of using their crappy web UI.

The intelligence infrastructure is a joke. It is a giant uncontrolled operation flailing around randomly sucking up all the data it can, with no controls on anything internally.

And Snowden did a huge service for this country. Not in the information he stole, not in the operations he revealed. That as nice to know, and to all those asshats who assert that intelligence operations need to be kept secret...sure, individual operations should be secret, yes. Not what type of operations and spying exist.

But, anyway, the truely great service is that Snowden demonstrated that literally every intelligence agency in the world already has that information. Trust me, they are, at least, communally, as smart as Snowden, and as it is apparently fucking easy to just be invited to b given access to everything, everyone else already has it.

In fact, considering how shitty the controls apparently are, it makes much more sense for other intelligence agencies to spend their time and effort subverting subdivisions of contractors of our intelligence services than trying to run their own network, letting them use our intelligence resources in real time. Without Snowden, the public at large would have no idea this was happening.

The question is not 'Do you trust our government with all your private information', or even 'Morally, think about how would you feel if you knew the Chinese were doing the esame thing to you, and you'll understand how this makes other countries feel.'...it's 'How do you like the fact that the Chinese are spying on you, right now, using your own tax money and your own government agencies.'

Because they are. Or, at least, could be if they thought you were the least bit interesting. (Incidentally, 'interesting' to intelligence services is not as high a threshold as people think. Do you, for example, work in the technology field and could conceivably be a useful asset to get malware somewhere they want it? Or have access to proprietary business secrets? Or medical information?)

Comment Re:Air Gaps are Evil (Score 1) 107

Erm, okay, you're talking about something completely different...

...but still not making much sense to me.

The problem is that 'If you instead had a wire to the machine in the room, you could monitor the transactions over the wire. You could ensure a non turing complete language is used in the wire protocol. You can deny humans access. You can apply defense in depth to a wire. No so much to a room full of humans.' you can do _on an air-gapped machine_.

What you have just proposed doing is to put the UI of the secure machine outside the secure machine, and locking down interactions between it and the secure machine...which is fine, but there's no reason you can't put that UI _inside the air gap_. And in fact that makes much more sense.

You, uh, just need two of them in the room. One that people can physically access, and one, locked behind bars, that they cannot, connected via a wire, with an air-gap between that system and the outside world.

This is a bit of an overkill, though. If you are worried about the people who access the air-gapped computer being a weak link, in actuality you _build the UI with security_ (Just like your hypothetical wire protocol, but much easier.) and then don't let them physically access the CPU or disks. (I recommend a external CD-RW drive.)

And you 'analyze' what they do by simply recording the screen and keyboard. Which you can do by either unidirectional wiring or by literally recording it with a camera. Or having watchers.

Or, alternately, if you want, you can do it like I said and just put a UI computer in the air-gap room also. You can even render the UI computer fairly difficult to hijack by building it solely out of read-only storage. It would be the perfect place for some sort of dumb terminal that is just running a web browser connected to the actual secure machine, which is locked up inside a box inside the air-gap and none of the users can get to it.

Comment Re: Some Technical Details. (Score 1) 107

Now I'm imagining someone trying transmit a Skype conversation over the air-gap via audio. Or just the audio, at least.

It seems extremely silly, but then I started thinking about a hypothetical audio bug that literally just relayed the audio _as_ encoded audio...but in a way that was easier to hear through walls and windows and stuff. Like pumping it at higher volume, but at frequencies we couldn't hear. Or doing it much slower (Presumably with some sort of voice activation so it would only record 8 hours of audio a day, or whatever, and could take 24 to play it back.) which would allow more error correction.

Everyone always talks about the high-than-human audio frequencies, but I wonder...if you encode it tight enough, and can transmit audio 24/7 and it's not recording that much, could you possibly transmit it on _lower_ frequencies?

Of course, no one actually knows if this is workable but the CIA.

But transmitting data is easy if you can get someone inside where the data is. For example, I once had a weird idea for an bug that pretended to be CFL bulb, but it would slightly modulate the light frequency in response to audio. I think intelligence services have actually done that sort of thing before, but it was amplitude modulation whereas I'm talking about frequency modulation.

Comment Re:Air Gaps are Evil (Score 1) 107

Do you even have the slightest idea how key signing works?

People sign keys on their own computer. Because you signs someone's _public_ key (Which of course you is freely available over the internet, although obviously you should confirm it is their key before signing it.) with your _private_ key.

There's no reason for _anyone_ to access anyone else's computer while signing keys.

But none of that has anything to do with air-gapped computers, which have exactly no role to play in this. Why? Because people do not take air-gapped computers places and leave them unattended. Hell, they probably don't ever take them places, period. That entire concept is perhaps the ultimate in absurdity.

I know it allows you to feel extremely smug imagining some sort of universe where some other smug idiots take air-gapped computers and set them up and _leave them unattended_ while running around handing out keys at a key signing party, and now you're smarter than them.

However, I am sad to say, you have literally just invented those people out of thin air.

There probably are people who have their PGP private keys on some air-gapped computer...and that air-gapped computer is almost certainly stashed in a safe at their house and otherwise never out of their sight. When they sign a key, they get handed it on CD or USB, and it's carried home with them, signed, and carried back out.(1)

Those people are key signing parties? _Those_ people are not air-gapped, and 99% of the time they're downloading everyone's key off the internet and everyone's just wandering by and confirming their hash.

1) Now, they do have to get the key from somewhere, which I guess in theory introduces some sort of security issue in that they are accessing something externally...but if their computer is so insecure as to be exploitable via inserted CD or USB than their computer is probably already hacked, and it's hard to imagine how that is a security issue while transferring things around a random network is not. You actually can confirm a USB device is legit. (Granted, there are firmware hacks and other fake USB things...but that's why you find some old random flash drive somewhere and use _that_ to actually transfer the files in and out. Or just get a DVD-RW.)

Comment Re:End of November (Score 1) 250

Only true of the government offerings. You can sign up for private health insurance anytime you damn well please. And none of them can turn you down.

Firstly, there are no 'government offering'. Everything on the exchange is private insurance.

Secondly, none of them can turn me down because of the ACA's preexisting condition ban. You know, the ACA, the thing you just hoped would fail.

The important part of ACA is the mandate and the ban on preexisting conditions. The only thing that can possibly cause the ACA to collapse is if the mandate doesn't work and health people choose not to sign up for insurance. Which would cause the ban on preexisting conditions to threaten to destroy insurance companies, as people would only sign up when sick.

The idea that you think 'none of them can turn me down' but you 'hope they don't vote for any extensions and let this thing collapse and fail under its own weight.' show you really have very little idea of what's going. The fact that none of them can turn me down is exactly what could cause this thing to collapse under its own weight, as it tries to insure only unhealthy people. So if it does collapse, I sure as fuck won't continue to be allowed to sign up!

The exchanges are basically a non-important part of the ACA. Every single aspect of it could have been the same without them. The exchanges are just to provide an easy place to purchase insurance, because insurance companies never bothered to set up any sort of place for people to shop before. (Because they did not particularly want individual customers.) And it provides an easy way for the government to verify subsidies.

Slashdot Top Deals

We are drowning in information but starved for knowledge. -- John Naisbitt, Megatrends

Working...