Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Re:Microsoft should know... (Score 1) 503

One of the main differences in my experience between ActiveX and other plugin systems that made it so hazardous is that ActiveX’s system for plugin discovery actually worked. The plugin lookups for NPAPI-based browsers required asking a service run by the browser manufacturer what plugins could handle a certain mime-type (or, earlier, they just directed to a generic web page that listed some common plugins), whereas ActiveX allowed the <object> tag to explicitly declare a URL where a plugin could be found. Allowing the page itself to provide an arbitrary URL to a plugin package may have seemed like a great idea from an ease-of-use perspective, but it also meant that there was no gatekeeper to prevent unscrupulous authors from creating plugins and dumping them in the hands of unwitting users. It’s kind of like the Apple iOS model vs the Android model of software distribution. Even changing it to ask whether or not to run/install a control wasn’t a great change because it would still interrogate the package for the plugin name, which often ended up being something like “CLICK YES TO VIEW THIS PAGE”.

Submission + - Distinguishing encrypted data from random data 5

gust5av writes: I'm working on a little script to provide _very_ simple and easy to use steganography. I'm using bash together with cryptsetup (without LUKS) and the plausable deniability lies in writing to different parts of a container file. On decryption you specify the offset of the hidden data. Together with a dynamically expanding filesystem this makes it possible to have an arbitrary number of hidden volumes in a file. It is implausible to reveal the encrypted data without the password, but is it possible to prove there is encrypted data where you claim there's not?

If I give someone one file containing random data and another containing data encrypted with AES, will he be able to tell which is which?

Submission + - Is SSD density about to hit a wall? (enterprisestorageforum.com)

Zombie Puggle writes: Enterprise Storage Forum has an article by Jeffrey Layton in which he contends that solid state disks will stay stuck at 20-25nm unless the materials and techniques used to design Flash drives changes and soon. “Anything smaller and the data protection and data corruption issues become so great that either the performance is abysmal, the data retention period doesn't meet JEDEC standards, or the cost increases.”

(“Why Flash Drive Density Will Stop Growing Next Year” http://www.enterprisestorageforum.com/technology/article.php/3904146/Why-Flash-Drive-Density-Will-Stop-Growing-Next-Year.htm)

Though engineers are working on performance and density improvements via new technologies (they’re also trying to drive costs down), these are fairly new techniques and are not likely to make it into devices for a while. All of which supports Henry Newman’s belief that SSDs won’t replace spinning disk drives.

("Why Solid State Drives Won't Replace Spinning Disk" http://www.enterprisestorageforum.com/technology/features/article.php/3894671/Why-Solid-State-Drives-Wont-Replace-Spinning-Disk.htm)

Science

Submission + - Peer Review Highly Sensitive To Poor Refereeing (physicsworld.com)

$RANDOMLUSER writes: A new study described at physicsworld.com claims that a small percentage of shoddy or self-interested referees can have a drastic effect on published article quality. The research shows that article quality can drop as much as one standard deviation when just 10% of referees do not behave "correctly". At high levels of rational or random behavior, "the peer-review system will not perform much better than by accepting papers by throwing (an unbiased) coin". The model also includes calculations for "friendship networks" (nepotism) between authors and reviewers.
The original paper, by a pair of complex systems researchers, is at arXiv.org. No word on when we can expect it to be peer reviewed.

Linux

Submission + - Adobe releases new 64-bit Flash plugin for Linux (adobe.com) 1

TheDarkener writes: Adobe seems to have made an about face regarding their support for native 64-bit Linux support for Flash today, and released a new preview Flash plugin named "Square". This includes a native 64-bit version for Linux, which I have verified works on my Debian Lenny LTSP server by simply copying libflashplayer.so to /usr/lib/iceweasel/plugins — with sound (which I was never able to figure out with running the 32-bit version with nspluginwrapper and pulseaudio).
Censorship

Submission + - 72% of adults support violent-game ban for minors (gamespot.com) 1

SpuriousLogic writes: The US Supreme Court won't start hearing arguments over California's law banning game sales to minors until November 2. However, the ruling in the court of popular opinion is already in, according to a new poll.

This week, parent watchdog group Common Sense Media released the results of a survey it commissioned on children's access to violent games. Conducted by polling firm Zogby International, the survey asked 2,100 adults whether they would support a law that "prohibits minors from purchasing ultraviolent or sexually violent video games without parental consent." Of those surveyed, some 72 percent said they would approve such a law.

Common Sense Media CEO and founder James Steyer, whose nonprofit organization is lobbying for game-restriction legislation in many states, hailed the poll's findings. "We hope the [state] attorneys general will take a look at these poll results and that they'll side with families over protecting the profits of the video game industry."

Zogby also asked those parents that were polled some more general questions about violent video games and their children. Some 65 percent said they were "concerned about the impact of ultraviolent video games on their kids." A full 75 percent of parents would give the game industry as a whole a "negative rating when it comes to how they protect kids from violent video games." Over half of both adults and parents would rate the industry's efforts as "poorly" in the latter matter.

Businesses

Submission + - PayPal withholding indie dev's 600k Euro account (tumblr.com) 1

epee1221 writes: Markus Persson, a.k.a. Notch, the developer of Minecraft posted in the development blog today that PayPal limited his account with unspecified cause on August 25th. Since then, payments for the alpha version of Minecraft have continued accumulating while Notch has been unable to withdraw them, and the account now contains over €600,000. PayPal recently told him it may take up to two more weeks for things to get sorted out and that if they conclude that there is funny business involved, they will keep the money.
Classic Games (Games)

Submission + - Breathing new life to old DirectDraw games (gfxile.net)

An anonymous reader writes: I bought a bunch of old Wing Commander games for windows, and these use DirectDraw, which Microsoft has deprecated. They don't work too well under Windows 7, so I ended up reimplementing ddraw.dll, using OpenGL to output the games' graphics. I wrote an article describing the process and all the fun workarounds I had to come up with, and released all related source code for others to hack on.
Politics

Submission + - Senate Candidate Sued by Copyright Troll (yahoo.com) 2

The Iso writes: Las Vegas based company Righthaven found two articles from the Las Vegas Review-Journal about Republican Senate candidate Sharron Angle reprinted on her web site without permission, so it did what it always does: bought the rights to the articles from the Review-Journal and sued the alleged infringer, seeking unspecified damages.
The Internet

Submission + - 4chan Does Something Nice (nytimes.com)

Hugh Pickens writes: "Members of 4chan aren't known for doing things that are cute and heart-warming and when they decide to go after someone, it's typically to subject them to ridicule. But not this time. Someone at 4chan decided that the Internet should get together and wish 90-year-old WWII veteran William J. Lashua a happy birthday, and soon Lashua's local branch of the American Legion was deluged by birthday calls from people as far away as Sweden. The account someone set up for Mr. Lashua's birthday on facebook had 3,956 "likes" and over 500 comments, most of which wished him a happy birthday and thanked him for his military service. It's not clear how 4chan originally came across a photo of Lashua, but a member of the site posted a snapshot of a flyer that was on the bulletin board at a store in Ashburnham, Massachusetts asking for guests to attend the nonagenarian's birthday on at the American Legion hall and the post took off. In contrast to their usual behavior, 4chan members "were giving him nice phone calls and sending him nice notes" and discouraging those who wanted to do something stupid or mean. "They were all being.. well, shucks, awful nice.""

Submission + - Flash on Android Is 'Shockingly Bad' (newteevee.com)

Hugh Pickens writes: "Ryan Lawler writes on GigaOm that although many have touted the availability of Flash on Android devices as a competitive advantage over Apple's mobile devices, while trying to watch videos from ABC.com, Fox.com and Metacafe using Flash 10.1 on a Nexus One over a local Wi-Fi network connected to a 25-Mbps Verizon FiOS broadband connection, mobile expert Kevin Tofel found that videos were slow to load, if they loaded at all, leading to an overall very inconsistent experience while using his Android device for video. "While in theory Flash video might be a competitive advantage for Android users, in practice it’s difficult to imagine anyone actually trying to watch non-optimized web video on an Android handset," writes Lawler. "All of which makes one believe that maybe Steve Jobs was right to eschew Flash in lieu of HTML5 on the iPhone and iPad.""

Submission + - Flight Data Recorders, decades out of date (ieee.org)

Tisha_AH writes: "For the past fifty years the technology behind aircraft flight data recorders has remained stagnant. Some of the advances of cloud computing, mesh radio networks, real-time position reporting and satellite communications are held back by a combination of aircraft manufacturers, pilots unions and the slow gears of government bureaucracy. Many recent aircraft loss incidents remain unexplained with black boxes lost on the bottom of the Atlantic Ocean, buried under the wreckage of the World Trade Centers or with critical information suppressed by government secrecy or aircraft manufacturers.

http://spectrum.ieee.org/aerospace/aviation/beyond-the-black-box/0

Many recorders still rely upon tape recorders for voice and data that only record a very small sampling of aircraft dynamics, flight and engine systems or crew behaviors. For many aircraft the recorders can only log a hour or two of data before overwriting the tape. All recording stops if the main electrical system fails and there is the ever present circuit breaker in the cockpit that can shut the system down.

Technologically simple solutions like battery backup, continual telemetry feeds by satellite and hundreds of I/O points, monitoring many systems should be within easy reach. An example of an extensive (but still primitive) recording system was during the loss of the NASA Columbia space shuttle. This vessel was equipped with a much larger assortment of monitoring points as it was used as a test-bed during shuttle development. Without the extensive forensic analysis of the telemetry data it would have been nearly impossible to reconstruct the accident in such detail. http://spaceflightnow.com/columbia/report/030826crew/

Pilots unions have objected to the collection and sharing of detailed accident data, citing privacy concerns of the flight crew. Accidents may be due to human errror, process problems or design flaws. Unless we can fully evaluate all factors involved in transportation accidents (aircraft, maritime, rail, transit) it will be difficult to improve the safety record. Recommendations by the NTSB to the FAA have gone unheeded for many years. http://www.policyarchive.org/handle/10207/bitstreams/3687.pdf

With all of the technological advancements that we work with in the IT field what sort of best practices could be brought forward in transit safety?"

Submission + - h264 permanent royalty moratorium announced. (arstechnica.com) 1

vistapwns writes: MPEG LA has announced that free h264 content (vs. paid h264 content which will still have royalties) will be royalty free forever. With ubiquitous h264 support on mobile devices, personal computers and all other types of media devices, this assures that h264 will remain the de facto standard for video playback for the foreseeable future.
Biotech

Submission + - Court rules against stem cell policy (msn.com)

An anonymous reader writes: WASHINGTON — A U.S. district court issued a preliminary injunction Monday stopping federal funding of human embryonic stem cell research in a slap to the Obama administration's new guidelines on the sensitive issue. The court ruled in favor of a suit filed in June by researchers who said human embryonic stem cell research involves the destruction of human embryos. Judge Royce Lamberth granted the injunction after finding that the lawsuit would likely succeed because the guidelines violated law banning the use of federal funds to destroy human embryos.

"(Embryonic stem cell) research is clearly research in which an embryo is destroyed," Lamberth wrote in a 15-page ruling. The Obama administration could appeal his decision or try to rewrite the guidelines to comply with U.S. law.

The unusual suit against the National Institutes of Health, backed by some Christian groups opposed to embryo research, argued that the NIH policy violates U.S. law and takes funds from researchers seeking to work with adult stem cells.

The U.S. Department of Justice and NIH had no immediate comment.

Open Source

Submission + - Nmap Developers release a picture of the Web (nmap.org)

iago-vL writes: The Nmap Project recently posted an awesome visualization of the top million site icons (favicons) on the Web, sized by relative popularity of sites. Once again proving that they're the kings of scanning, this project used the Nmap Scripting Engine, which is capable of performing discovery, vulnerability detection, and anything else you can imagine with lightning speed. We saw last month how an Nmap developer downloaded 170 million Facebook names, and this month it's a million favicons. I wonder what they're going to do next?

Slashdot Top Deals

"Well, social relevance is a schtick, like mysteries, social relevance, science fiction..." -- Art Spiegelman

Working...