Alterslash

the unofficial Slashdot digest archive

Street Fighter V Update Installed Hidden Rootkits on PCs

Posted by EditorDavidView on SlashDotShareable Link
Capcom's latest update for Street Fighter V was installing a secret rootkit on PCs. An anonymous Slashdot reader quotes The Register: This means malicious software on the system can poke a dodgy driver installed by Street Fighter V to completely take over the Windows machine. Capcom claims it uses the driver to stop players from hacking...to cheat. Unfortunately, the code is so badly designed, it opens up a full-blown local backdoor... it switches off a crucial security defense in the operating system, then runs whatever instructions are given to it by the application, and then switches the protection back on
Friday Capcom tweeted "We are in the process of rolling back the security measures added to the PC version of Street Fighter V." This prompted one user to reply, "literal rootkits are the opposite of security measures."

Re:This should be the death of Capcom

By El Lobo • Score: 4, Insightful • Thread

You mean, nobody is installing Sony software these days after the rootkit incident 2012? Right.

Re:STOP!!

By epyT-R • Score: 5, Informative • Thread

Because people want to play video games..

Rootkit x antivirus, same concerns

By hcs_$reboot • Score: 3 • Thread

the code is so badly designed, it opens up a full-blown local backdoor

Sounds like antiviruses: they're supposed to fix problems and filter out malware, but such complex software requires excellent optimized algorithms and code, which unfortunately is still due.

Tuesday Was Microsoft's Last Non-Cumulative Patch

Posted by EditorDavidView on SlashDotShareable Link
There was something unique about this week's Patch Tuesday. An anonymous Slashdot reader quotes HelpNetSecurity: It was the last traditional Windows Patch Tuesday as Microsoft is moving to a new patching release model. In the future, patches will be bundled together and users will no longer be able to pick and choose which updates to install. Furthermore, these new 'monthly update packs' will be combined, so for instance, the November update will include all the patches from October as well.
Last month a Slashdot reader asked for suggestions on how to handle the new 'cumulative' updates -- although the most common response was "I run Linux."

Re:'Batch Tuesday'?

By Anonymous Coward • Score: 4, Funny • Thread

How aobut 'botch Tuesdays'?

response

By markdavis • Score: 5, Insightful • Thread

>"Last month a Slashdot reader asked for suggestions on how to handle the new 'cumulative' updates -- although the most common response was "I run Linux.""

Yep, still run Linux...
I install whatever I want, whenever I want, however I want, on what I want. My machine belongs to me.

Re:In other words..

By Z00L00K • Score: 4, Insightful • Thread

And this is what's most worrying, we don't really know what's in "Telemetry", and I have a feeling that it's going to be a problem.

And we can't figure out which part of a future monolithic patch that actually causes the system to behave bad, some patches aren't even possible to uninstall without a lot of hard work.

Re:Can we get something like windows 10.01 10.02

By sexconker • Score: 5, Informative • Thread

MS won't release SPs anymore because all of their shit in place says SPs add to the support length of the OS.
That's why Windows 8.1 happened instead of Windows 8 SP 1.
That's why 7 had only 1 SP despite desperately needing another. It's so bad Windows Update doesn't work on a fresh Windows 7 install until it crashes twice over 36 hours. The third time usually works after another 8-12 hours.

Microsoft Update Catalog is my new hero

By Anonymous Brave Guy • Score: 5, Informative • Thread

For general information, if you're installing a fresh Windows 7 now (starting from SP1, presumably) then it seems by far the fastest way to get a system reasonably well patched is to install the Convenience Rollup (KB3125574) and if necessary its prerequisite (KB3020369) from the Microsoft Update Catalog. That immediately brings you up to somewhere around April 2016 in terms of patch level, and you can download the required files quickly from the Catalog site and then install them locally using WUSA without waiting around for hours while Windows Update does whatever its current broken mess needs to do now. The most recent time I did this was just a few days ago, and after doing that it was then another couple of hours for Windows Update to find the rest and install the remaining security updates, but at least it could be done in an afternoon instead of leaving the new PC overnight and hoping it might have found something by the morning. Spybot Anti-Beacon or some similar tool can still turn off the various telemetry junk that you can't now individually because it's all bundled into the CR update.

Incidentally, for those who would prefer to keep security patching their existing Windows 7 systems but not get anything else, there are reportedly (direct from a Microsoft source) going to be monthly security-only bundles as well, but you'll have to get those from Microsoft Update Catalog manually as well, they won't be advertised or pushed out through Windows Update. So it looks like the new SOP is to turn off Windows Update entirely (as a bonus, you get back that CPU core that's been sitting at 100% running the svchost.exe process containing the Windows Update service for the last few months) and instead just go along and manually download the security bundle each month to install locally.

Of course, Microsoft Update Catalog requires Internet Explorer 6.0 or later and won't run with any of the other modern browsers, but I'll live with using IE to access it if it means I get security-patched but otherwise minimally screwed up Windows 7 machines for another 3 years.

Also, it's been confirmed that this policy will apply to all editions of Windows 7. It's not an Enterprise-only feature and doesn't require the use of WSUS etc. Let's hope they stick to their word on this one.

97% of the Top Companies Have Leaked Credentials Online

Posted by EditorDavidView on SlashDotShareable Link
Apparently lots of people have been use both their work email address and work password on third-party sites -- suggesting a huge vulnerability. Trailrunner7 quotes On The Wire: The last few years have seen a number of large-scale breaches at popular sites and companies, including LinkedIn, Adobe, MySpace, and Ashley Madison, and many of the credentials stolen during those incidents have ended up online in various places... [R]esearch from Digital Shadows found that the most significant breach for the global 1,000 companies it looked at was the LinkedIn incident... Digital Shadows found more than 1.6 million credentials online for the 1,000 companies it studied. Adobe's breach was next on the list, with more than 1.3 million credentials.
"For Ashley Madison alone, there were more than 200,000 leaked credentials from the top 1,000 global companies," the researchers report, noting they also found many leaked credentials from breaches at other dating and gaming sites, as well as Myspace. Their conclusion? "The vast majority of organizations have credentials exposed online..."

Misleading article

By Alan Shutko • Score: 5, Informative • Thread

This study looked at the email addresses in the data breaches, and looked for email addresses associated with large companies. They then assumed that the passwords used would match the passwords used for corporate resources. The real nature of the study is that "People signed up for services with their work email addresses" which isn't nearly as interesting or clickbaity.

Cisco Blamed A Router Bug On 'Cosmic Radiation'

Posted by EditorDavidView on SlashDotShareable Link
Network World's news editor contacted Slashdot with this report: A Cisco bug report addressing "partial data traffic loss" on the company's ASR 9000 Series routers contended that a "possible trigger is cosmic radiation causing SEU [single-event upset] soft errors." Not everyone is buying: "It IS possible for bits to be flipped in memory by stray background radiation. However it's mostly impossible to detect the reason as to WHERE or WHEN this happens," writes a Redditor identifying himself as a former [technical assistance center] engineer...
"While we can't speak to this particular case," Cisco wrote in a follow-up, "Cisco has conducted extensive research, dating back to 2001, on the effects cosmic radiation can have on our service provider networking hardware, system architectures and software designs. Despite being rare, as electronics operate at faster speeds and the density of silicon chips increases, it becomes more likely that a stray bit of energy could cause problems that affect the performance of a router or switch."

Friday a commenter claiming to be Xander Thuijs, Cisco's principal engineer on the ASR 9000 router, posted below the article, "apologies for the detail provided and the 'concept' of cosmic radiation. This is not the type of explanation I would like to see presented to the respected users of our products. We have made some updates to the DDTS [defect-tracking report] in question with a more substantial data and explanation. The issue is something that we can likely address with an FPD update on the 2x100 or 1x100G Typhoon-based linecard."

Solar Flares?

By oneiros27 • Score: 3 • Thread

I'm guessing that they've read the BOFH, but realized that there's much more reporting on solar-induced radiation ... so just decided to go with 'galactic' instead. .... completely forgetting that if this were the case, it would happen more frequently at high latitudes, due to the magnetosphere. And we'd also see a higher incidence rate after solar x-ray flares and solar particle events.

(and the disclaimer: I work for the Solar Data Analysis Center, but I'm not a scientist, and don't speak for my place of work, etc, blah blah blah)

Re:Van Allen radiation belts

By ArtemaOne • Score: 5, Interesting • Thread
Because working with geosynchronous satellites I learned that it mostly affects them, and satellites in LEO aren't affected very much, and the ground has quite a bit of atmosphere for additional shielding. I don't work with stuff on the ground anymore. Do you not see that I said things like "I wonder" and such? Just provide an answer and don't be a douche.

Re:Cisco is getting worse...

By seoras • Score: 5, Interesting • Thread

One of the VP level Engineers (title is "distinguished" or something exalted like that) told me over lunch a couple of years ago that Chambers had said to him he wasn't interested in R&D. If there was a technology he needed, he'd buy it.
The problem is that Cisco climbed to the top using IBM strategies and thinking which were focus on delivering "end to end" solutions to customers.
They had no interest in box shipping. Those were just lego bricks and logistics. You can imagine how soul destroying that was to be a Cisco engineer.
Bugs were a bonus to them as they sold annual maintenance contracts for roughly the same cost as the gear they sold.
Now that the router/switch market has matured and commoditised they care even less about the quality of those boxes they have to ship.
Their focus is entirely on the "service" level.
They will eventually become another IBM. I was trying to think of a real tangible product that IBM made and sold just the other day. Do they?

Not bloody likely

By techno-vampire • Score: 4, Informative • Thread
As FOLDOC explains, Intel tested this idea decades ago by putting one board in a 25 ton lead safe and another outside to see if there was a measurable difference in bit rot. There wasn't. " Further investigation demonstrated conclusively that the bit drops were due to alpha particle emissions from thorium (and to a much lesser degree uranium) in the encapsulation material." They ended up redesigning the memory to be more resistant to the effect.

Re:Not buying it

By slowdeath • Score: 4, Interesting • Thread

Sorry, but cases such as this exist.

Back around 1999/2000 I was with Cisco engineering on the GSR 12000 (the first Cisco service provider class router).

We did send a system to a POP in Denver (altitude 5000+ ft) and saw on this system a statistically significant increase in recoverable memory ECC errors.

When the affected board was returned to San Jose and retested (basically sea level) the errors could not be reproduced.

So we returned the hardware back to the Denver POP, and the recoverable ECC errors returned. No amount of swapping memory DIMMs (various vendors) made a difference.

Any satellite hardware designer will tell you that cosmic radiation is a big deal for satellite design. And lead shielding is not a cost effective option in space.

US Panel Extends Nuclear Power Tax Credit

Posted by EditorDavidView on SlashDotShareable Link
Slashdot reader mdsolar quotes The Hill: The House Ways and Means Committee voted Wednesday to remove a key deadline for a nuclear power plant tax credit... The credit was first enacted in 2005 to spur construction of new nuclear plants, but it has gone completely unused because no new plants have come online since then...

It would likely benefit two reactors under construction at Southern Co.'s Vogtle Electric Generating Plant in Georgia and another two at Virgil C. Summer Nuclear Generating Station in South Carolina. Both projects are at risk of missing the 2020 deadline... "When Congress passed the 2005 act, it could not have contemplated the effort it would take to get a nuclear plant designed and licensed," said representative Tom Rice (R-S.C.).

Although one Democrat criticized the extension by arguing that nuclear power "does better in a socialist economy than in a capitalist one, because nuclear energy prefers to have the public do the cleanup, do the insurance, cover all of the losses and it only wants the profits."

Re:Wouldn't need subsidies

By mspohr • Score: 5, Interesting • Thread

It's failing on its own merits. Even with subsidies, it's too expensive and can't compete.
The UK just approved a new nuclear plant (Hinckley Point 3) which requires consumers to buy power at a price much higher than wind, solar, coal, or anything else.
It was approved in the best traditions of corrupt government... advisers to government had a financial stake in it's approval.
Also, the plant gives the Chinese access to French and UK nuclear technology and control over the plant... a win for everyone except the UK.

The cleanup

By Tough Love • Score: 3 • Thread

nuclear power "does better in a socialist economy than in a capitalist one, because nuclear energy prefers to have the public do the cleanup, do the insurance, cover all of the losses and it only wants the profits."

As opposed to coal fired power where you just shit raw sewage continuously into the air and expect your great grandchildren to clean it up?

Re:Wouldn't need subsidies

By Shane_Optima • Score: 4, Insightful • Thread
The "nuclear is expensive" claim is only true because the anti-nuclear lobby has made it that way. If breeder reactors were used, modern fail-safe designs used (unlike Fukushima's reactors) and a "opportunity cost of human life" approach used to dictate safety regulations, then it would be much cheaper than coal and most renewables. The problem is that everyone views damage from radiation as being much more dangerous than global warming, acid rain, oil spills, toxic heavy metal poisoning, etc. so we overspend and obsess over it ways that we never do over coal.

(On the international stage, there are also entirely legitimate concerns over weaponization and nuclear proliferation.)

Black swan events

By Solandri • Score: 5, Insightful • Thread
Three Mile Island was the only major commercial nuclear accident in U.S. history. Nuclear power in the U.S. has generated 24,196,167 GWh between 1971-2015. At an average price of 12 cents/kWh, that's $2.90354 trillion. So the approx $3.4 billion in cleanup and lossses from TMI is 0.117% of that. Or in other words, at a retail price of 12 cents/kWh, the historical cost of cleaning up nuclear accidents in the U.S. is 0.014 cents per kWh.

In contrast, subsidies for different energy sources are 23.1 cents/kWh for solar, 3.5 cents/kWh for wind, and 0.2 cents/kWh for nuclear. (Tables ES4 and ES4. Solar received $4.393 billion in subsidies while generating 19,000 GWh. Wind received $5.936 billion while generating 5,936 GWh, and nuclear received $1.66 billion while generating 789,000 GWh.) That's right. The subsidy for solar is 1650x more expensive than cleaning up nuclear accidents. The subsidy for wind is 250x more expensive.

Nuclear decommissioning costs are already paid for by the NRC's Financial Assurance fund. A portion of the revenue from electricity sales are placed into this fund.

The problem with insuring nuclear plants is just a quirk of statistics. The more times you roll the dice, the narrower the bell curve becomes and the more predictable the average outcome. e.g. A 1d100 has an equal chance to produce any result between 1 and 100 - the probability distribution function is a straight line. 2d50 produces a triangular PDF, with the values in the middle tending to be more likely. 10d10 produces an even more compact PDF - a narrow normal curve with results in the middle much more likely than the extremes. And 100d0.5 will always produce 50 - its PDF is just a single peak in the middle.

This is a problem for insuring nuclear plants - because they produce so much energy you don't need very many of them. Whereas there are thousands of coal plants, and (potentially) millions of solar installations, there are only operating 100 nuclear plants in the U.S. So insuring a nuclear plant represents a greater risk for the insurer. Even though the mean outcome will be that there is 1 accident every 30 years, the chance of a 2nd or 3rd accident is still significant and the amount the insurer has to pay out may easily surpass how much they've collected in premiums if they assume the statistically most likely outcome of a single accident.

The insurance company's response is to increase the premium to also cover that 2nd or 3rd event even though they're unlikely. In contrast, with thousands of coal plants they can be much more confident that there will be (say) only 10 accidents every 30 years, and 20 or 30 accidents is extraordinarily unlikely. So the premiums can be lower, even if the average risk (mean) is exactly the same. If there were some way to build thousands of small-scale nuclear plants instead of 100 large ones, private insurance wouldn't be a problem. You get around this problem by creating the largest insurance pool possible, which in this case would be nationalized insurance covering all 100 nuclear power plants.

Statistically, per unit of energy generated, nuclear power is the safest power source man has invented.

Re:Wouldn't need subsidies

By Mr D from 63 • Score: 4, Informative • Thread
The nuclear industry has never asked for not having a regulator. But nice way to quote something that was never said. That's the kind of stuff we have come to expect from the anti-nuke lobby.

Malware Evades Detection By Counting Word Documents

Posted by EditorDavidView on SlashDotShareable Link
"Researchers have found a new strain of document-based macro malware that evades discovery by lying dormant when it detects a security researcher's test environment," reports Threatpost, The Kaspersky Lab security news service. Slashdot reader writes: Once a computer is compromised, the malware will count the number of Word documents stored on the local drive; if it's more than two, the malware executes. Otherwise, it figures it's landed in a virtual environment or is executing in a sandbox and stays dormant.

A typical test environment consists of a fresh Windows computer image loaded into a VM. The OS image usually lacks documents and other telltale signs of real world use [according to SentinelOne researcher Caleb Fenton]. If no Microsoft Word documents are found, the VBA macro's code execution terminates, shielding the malware from automated analysis and detection. Alternately, if more than two Word documents are found on the targeted system, the macro will download and install the malware payload.

Next gen

By hcs_$reboot • Score: 5, Funny • Thread
Next generation malware will switch on the camera, observe the room for a few days, and if no woman at all enters the room it stays dormant.

Re:I have a out of this world solution

By sound+vision • Score: 5, Insightful • Thread
This piece of malware looked for Word documents, but the next one won't. Maybe it looks for image files, or it looks to see if the web browser has a significant cache built up. Or something more subtle than that. A better idea would be to create system images of used systems, periodically swapping them out, to make it a moving target.

Re: Easy solution to avoid this malware...

By DMFNR • Score: 5, Insightful • Thread
How did you read that much in to just one sentence? I think what he meant is that the Office formats are so commonplace that even if you use different tools it's pretty likely that you're going to encounter .docx or xslx files. You can't control what software other people use and if you're in an office or educational environment it's almost a guarantee you will receive files in the Microsoft formats, in fact, isn't that one of the big selling points for LibreOffice? Its compatibility with those tools? I've even seen free software with .docx files available in the doc/ folder of their source packages! It has nothing to do with whether or not your choice of software is capable of "real work" or whatever the hell you're talking about, it's just that it's really hard to avoid Microsoft format stuff when you work with other people.

Your point still stands that there are plenty of ways to deal with these files without having Office installed. That's the key here, it's not that the files are particularly dangerous, it's the interpreter that runs the macros you have to worry about! Plenty of solutions to deal with these formats available without having Office installed, Office 365 as you mentioned, Libre Office, Google Docs. MS software is like heroin, it feels pretty good when it's doing what its supposed to, but when everything goes wrong you're going to get hurt bad.

Re:I have a out of this world solution

By flowsnake • Score: 5, Interesting • Thread
It's an arms race. As the malware gets more sophisticated at evasion, the sandbox will be made smarter to counter this. Complexity and sophistication will increase. Eventually, they will get smart enough to pass the Turing Test in order to stay in the game.

Re: Easy solution to avoid this malware...

By Dragonslicer • Score: 5, Funny • Thread

If you do real work or a college student you are going to be emailed office documents.

I'm not sure I see the connection between doing a college student and being emailed office documents.

Poor Scientific Research Is Disproportionately Rewarded

Posted by EditorDavidView on SlashDotShareable Link
A new study calculates a low probability that real effects are actually being detected in psychology, neuroscience and medicine research paper -- and then explains why. Slashdot reader ananyo writes: The average statistical power of papers culled from 44 reviews published between 1960 and 2011 was about 24%. The authors built an evolutionary computer model to suggest why and show that poor methods that get "results" will inevitably prosper. They also show that replication efforts cannot stop the degradation of the scientific record as long as science continues to reward the volume of a researcher's publications -- rather than their quality.
The article notes that in a 2015 sample of 100 psychological studies, only 36% of the results could actually be reproduced. Yet the researchers conclude that in the Darwin-esque hunt for funding, "top-performing laboratories will always be those who are able to cut corners." And the article's larger argument is until universities stop rewarding bad science, even subsequent attempts to invalidate those bogus results will be "incapable of correcting the situation no matter how rigorously it is pursued."

Re:Change the funding cycles

By NotAPK • Score: 5, Insightful • Thread

Are you serious?

"Then you fund graduate students, who in my experience tend to rush their work at the end and don't produce research anywhere close to the value of what they are paid."

Grad students are paid barely above minimum wage, if that. They actually aren't expected to produce *any* research output, and anything they get out of their project is regarded as a bonus. Remember, a PhD is a *training* exercise and students are *learning* how to become scientists, no matter how "good" they may seem. This doesn't stop many grad students being exploited. You'd be hard pressed to find a smarter more "capable" (I put that in scare quotes since some grads can't even tie their shoes) group of people being treated like dirt and generally undervalued. They only tolerate it because they're clueless or they just want to tough it out and get their qualification and move on. For yourself, if you are running your research group on the output of grad students (and yes, I know many are) then you're bound to be sunk sooner or later. Remember: pay peanuts, get monkeys!!

It's a strange claim to make, since hardly anyone in science is overpaid. The discrepancies become apparent once you scale income against level of responsibility, perhaps crudely converted to dollar terms based on the equipment they are using/responsible for. It's not uncommon to find a post-doc managing $2-5 million worth of equipment while being paid $40-60 per year. In the private sector such a management policy would be viewed as fascicle at best and negligent at worst.

I do agree with you entirely on one point: the administrative overheads charged against grants are disgustingly inflated by parasitic policies.

Re: But not climate change research

By ClickOnThis • Score: 5, Informative • Thread

The "massive consensus" has been going down every year, more and more scientists are pulling out of the consensus. You will rarly hear about that because politicians and news organizations make a lot of money in making people think it is real.

Citation please?

All of the climate change data sets are made by computer models which always get out the results desired, and the desired result is confirming climate change, because if it does not, their funding is cut. So politicians, news organizations AND scientists benefit from lying, the ones that disprove it are shouted down. And the results? Billions of tax payer money (all of it that our children will have to pay) get sent over to other countries.

You have it backwards. Models are constructed from data, not the other way around. To paraphrase plasma physicist Kenneth Birdsall, the purpose of models is to generate insight, not data.

36%? Yea, there is a reason why I don't believe in any science study unless it makes sense.

Strawman, and a sloppy one at that. The 36% in TFS refers to reproducibility of psychological studies, not climate studies.

Also happens in CS research

By gweihir • Score: 4, Insightful • Thread

I have seen quite a bit of it and know of several CS PhDs that are based on bogus results. The tragedy is that people doing their research properly will take significantly longer and have much diminished chances at an academic career. And this effect propagates: First PhD students advance on bogus results, then they become professors on fraud and finally the whole research field is broken.

A New Programming Language Expands on Google's Go

Posted by EditorDavidView on SlashDotShareable Link
"One sure sign your language is successful: When people build other languages that transpile into it." An anonymous Slashdot reader quotes a report from InfoWorld: The Have project uses Go's toolchain, but sports a different syntax and makes key additions to the language... Previously, a language named Oden worked with Go's toolchain to add features that Go didn't support. Now Polish developer Marcin Wrochniak has introduced Have, a language that transpiles to and expands on Go.

In the blog post that introduces the project to Go developers, Wrochniak describes Have as a hobby project, with the goal of becoming a "companion" to Go that addresses some of its common "landmines"... Go uses curly braces in the manner of C/C++, while Have uses block indents, like Python... The way that variable declaration, structs, and interfaces work have all been modified in Have to be more consistent with each other and to avoid internal inconsistencies that Wrochniak feels are a common source of bugs.

Re:Curly braces = good. Indents = bad.

By dbrueck • Score: 5, Informative • Thread

I think I get the point you're trying to make, but I'm a bit dubious - it's a syntactically valid change, so there's no reason for the tool to complain. That's in the same class of errors as deleting a digit from a constant, accidentally pressing '+' instead of '-', removing the '=' from a '=' expression, and so on.

I personally don't care if certain people like Python or not - language preference is often fairly subjective. I'm doubtful, however, about claims that the indenting is bad in any objective way - I've seen too many people use it for too many years on too many projects without it being a problem. I mean, don't you think this would be tripping people up constantly if it were a real issue in practice?

I've watched veteran devs pick up Python as well as recent college grads pick it up, and this just isn't an issue. I can maybe/kinda/sorta almost convince myself that I've just been extraordinarily lucky to have never had this be a problem, but for it to not be a common problem for all of those other people, on all of those other projects? Nah, it just doesn't add up. Everything I've seen suggests that this is a problem that could occur in theory, but rarely if ever does in practice.

Re:Curly braces = good. Indents = bad.

By dgatwood • Score: 4, Insightful • Thread

Agreed. And more importantly, if you have braces, it is possible for the IDE to programmatically fix the indentation so that it is easy to read. There's absolutely no sane reason to require a programmer to use whitespace for any reason other than between tokens that would otherwise be a single token if shoved together. All other use should be superfluous, and the IDE should make it readable for you without the need for a person to do it.

And the reason braces should be in every programming language, IMO, is that it makes it easier to jump to the end of a block. When I have nested blocks in a properly braced language, I can hit percent in vi, and I'm at the end of that block. I don't have to move the cursor to the beginning of the line and laboriously hit the down arrow key a line at a time until I find a line that isn't indented as far. Therein lies the path to madness.

Want to dramatically improve the programming world in a single project? Design a meta-language for code formatting so that a set of text-based rules can enforce everybody's own quirky code formatting standards. Make it handle at least the twenty or so most popular programming languages. Then open source it under a BSD license so that the interpreter can be readily built into every IDE on the planet. Then, we can finally dispense with all of these silly programming languages that use whitespace syntactically once and for all.

Re:Curly braces = good. Indents = bad.

By santiago • Score: 4, Insightful • Thread

The biggest problem with indentation-as-structure is that tools in general support it poorly. When cutting-and-pasting or moving code around, it's easy to mess up the indentation of the code being transformed. By contrast, I can move around brace-delimited code sloppily, then tell my IDE to auto-indent, and it looks nice and legible. (It also acts as a form of error-checking; if the resulting indentation looks weird, it's a strong signal that I've screwed my blocks somewhere.)

bad substrate, adds nothing

By ooloorie • Score: 3 • Thread

I can't figure out why you would want to build anything on top of Go; the language has several intrinsic design shortcomings and limitations that are reflected in its runtime.

Between C++, C#, and Swift, I see little reason for another compiled language (add Python and JavaScript for interpreted languges). If you really want something more obscure and less associated with big companies, add D and Ruby to the list.

Re: Curly braces = good. Indents = bad.

By Dutch Gun • Score: 4, Informative • Thread

I'd bet it's about as much an exaggeration as people claiming that C++'s operator overloading hides all sorts of crazy logic and performance pitfalls. I've been programming in C++ for decades on million-line projects, and not once have I seen anything like that.

I've actually been programming in Python the past few months. Because the indentation require aligns with what you naturally do as a programmer, it hasn't seemed all that problematic to me.

C++ has a ton of really nasty, subtle pitfalls that you just have to learn to avoid through rigorous self-discipline: Don't forget to initialize your variables. Don't forget your virtual destructor. Don't return and use the address of a temporary variable. Don't screw up your copy and move constructors. Etc, etc. Seen all of these cause issues that were tricky to track down in real life.

I dunno, in practice C++ still seems a hell of a lot trickier to use than Python, so I have a hard time getting worked up about indentation when I'm using to working in a language with beartraps and landmines liberally sprinkled throughout it. Maybe I'll have a different opinion if I work on it longer.

Spam Hits Its Highest Level Since 2010

Posted by EditorDavidView on SlashDotShareable Link
Long-time Slashdot reader coondoggie quotes Network World: Spam is back in a big way -- levels that have not been seen since 2010 in fact. That's according to a blog post from Cisco Talos that stated the main culprit of the increase is largely the handiwork of the Necurs botnet... "Many of the host IPs sending Necurs' spam have been infected for more than two years.

"To help keep the full scope of the botnet hidden, Necurs will only send spam from a subset of its minions... This greatly complicates the job of security personnel who respond to spam attacks, because while they may believe the offending host was subsequently found and cleaned up, the reality is that the miscreants behind Necurs are just biding their time, and suddenly the spam starts all over again."

Before this year, the SpamCop Block List was under 200,000 IP addresses, but surged to over 450,000 addresses by the end of August. Interestingly, Proofpoint reported that between June and July, Donald Trump's name appeared in 169 times more spam emails than Hillary Clinton's.

Trump & spam

By Zocalo • Score: 3 • Thread

Donald Trump's name appeared in 169 times more spam emails than Hillary Clinton's.

Can't say I'm at all surprised by that. I've been getting a steady stream of what appear to be genuine emails from the Trump campaign (all the links are to legit Trump and GOP domains, plus a few MSM ones) asking for donations for a few weeks now. There's a whole bunch of problems with that, other than it being UBE - I'm a British citizen so I don't think Trump can legally accept my donation anyway; several of the domains involved are within the .uk ccTLD; and the addresses concerned are all (and always have been) spam traps. And yes, I have been forwarding them all to the FEC.

Seriously, Donald, if you're going to let your campaign team buy email lists from who-knows-where and spam the shit out of them, they could at least do some basic list washing first - it's starting to look like Hillary isn't the only one with an incompetent email admin team...

Senators Accuse Russia Of Disrupting US Election

Posted by EditorDavidView on SlashDotShareable Link
An anonymous Slashdot reader quotes The Washington Post: Two senior Democratic lawmakers with access to classified intelligence on Thursday accused Russia of "making a serious and concerted effort to influence the U.S. election," a charge that appeared aimed at putting pressure on the Obama administration to confront Moscow... "At the least, this effort is intended to sow doubt about the security of our election and may well be intended to influence the outcomes," the statement said. "We believe that orders for the Russian intelligence agencies to conduct such actions could come only from very senior levels of the Russian government..."

White House officials have repeatedly insisted that they are awaiting the outcome of a formal FBI investigation, even though U.S. intelligence are said to have concluded with "high confidence" that Russia was responsible for the DNC breach and other attacks. The White House hesitation has become a source of frustration to critics, including senior members of Congress.

Meanwhile, U.S. intelligence officials are reportedly investigating whether Donald Trump's foreign policy adviser " opened up private communications with senior Russian officials -- including talks about the possible lifting of economic sanctions if the Republican nominee becomes president."

Re:oh, yes

By Anonymous Coward • Score: 4, Informative • Thread

Why does everyone keep saying Russia works with Trump? I have yet to see anything along those lines other than a couple of comments from Trump about Putin.

However...
Russia bribed Clinton while she was Secretary of State. I think there is more evidence of Russia supporting Clinton than Trump, in ways that should have her in jail.

Is this worse...

By argStyopa • Score: 3 • Thread

...than the ACTUAL sitting US president bargaining away missile defense?

https://www.washingtonpost.com...

Re:What's wrong with this?

By Archtech • Score: 4, Informative • Thread

It's been said over and over, but apparently some people still don't understand.

Crimea has been an integral part of Russia since before the USA existed as a nation. On at least two occasions, Russians and Soviets sacrificed literally hundreds of thousands of lives to protect Crimea and to win it back after it was conquered by an enemy. More Russian blood has been spilled for Crimea than American blood in the Civil War - and by that, I mean more than 700,000 dead plus many more injured.

Crimea was generously "given" to the Ukrainian SSR by Khrushchev - who, oddly enough, was himself from Ukraine - in an impulsive act which was probably illegal under Soviet law. Then, when the USSR dissolved itself, Ukraine proclaimed itself an independent nation in 1991. Please understand clearly that this was the very first time in the whole of history that a Ukrainian nation had existed. The name "Ukraine", itself, means "borderland" - that is, the borderland of Russia. For many centuries, long before the USA existed, Russians spoke about "Great Russia" (which became modern Russia, based on Moscow), "White Russia" (which is still known as Belarus today), and "Little Russia" (the Eastern part of Ukraine). When Khrushchev transferred Crimea to the Ukrainian SSR he cannot have had the slightest inkling that one day this would involve Russia losing Crimea, which after all was mainly populated by ethnic Russians and Russian speakers.

After the violent, illegal coup d'etat which overthrew the legally elected Ukrainian government in 2014 - of which George Friedman, founder and CEO of Stratfor (https://www.stratfor.com/), said: “It really was the most blatant coup in history" - the Kiev regime instigated extreme violence against Russian-speaking Ukrainians. The population of Crimea voted overwhelmingly to become part of Russia again, and the Russian government agreed.

Putin did NOT "annexe" Crimea. He allowed the people of Crimea to become part of Russia again, after a relatively brief period in which they were subjected to a freshly-created foreign power by a series of administrative freak events.

Re:Looking bad for Hillary now.

By Archtech • Score: 4, Interesting • Thread

Er, "Americans turning inward..."? According to The Washington Post two weeks ago, “While Americans savored the last moments of summer this Labor Day weekend, the U.S. military was busy overseas as warplanes conducted strikes in six countries in a flurry of attacks". https://www.washingtonpost.com...

Many people around the world devoutly wish that Americans would "turn inward" and occupy themselves with their own business, instead of killing foreigners for their own good.

Re:oh, yes

By KeensMustard • Score: 4, Insightful • Thread

Why does everyone keep saying Russia works with Trump? I have yet to see anything along those lines other than a couple of comments from Trump about Putin.

I suspect the payment of 12.7M by Russia to Trumps Campaign Manager Paul Manaforte and the subsequent removal of the arming of the Ukraine from the RNC platform might have something to do with it.

Accenture Patents a Blockchain-Editing Tool

Posted by EditorDavidView on SlashDotShareable Link
A blockchain "produces a permanent ledger of transactions with which no one can tamper," reports TechWeekEurope. "Until now." Slashdot reader Mickeycaskill quotes their report: One of the core principles of Blockchain technology has potentially been undermined by the creation of an editing tool. The company responsible however, Accenture, says edits would only be carried out "under extraordinary circumstances to resolve human errors, accommodate legal and regulatory requirements, and address mischief and other issues, while preserving key cryptographic features..."

Accenture's move to create an editing system will no doubt be viewed by some technology observers as a betrayal of what blockchain technology is all about. But the company insisted it is needed, especially in the financial services industry... "The prototype represents a significant breakthrough for enterprise uses of blockchain technology particularly in banking, insurance and capital markets," said Accenture.

They're envisioning "permissioned" blockchain systems, "managed by designated administrators under agreed governance rules," while acknowledging that cyptocurrency remains a different environment where "immutable" record-keeping would still be essential.

Re:E.g. We can't use it if we can't cheat

By ShanghaiBill • Score: 4, Interesting • Thread

Come on, ledgers are never edited, correction transactions are written when a mistake happens.

Ledgers are "corrected" all the time. In theory, that should never happen, but there are plenty of ways to fudge. Some accounting systems, including Quickbooks, have an "owner" mode that allows anyone with a special password to modify and backdate transactions. This is one reason Quickbooks is so popular.

Another possibility is to restore from backup, and re-enter the transactions, leaving out or modifying the troublesome entry. If the software doesn't allow you to enter an arbitrary date, then just set the system date & time between transactions as you enter them. You can download scripts to automate this.

And, of course, there is the classic solution of keeping two sets of books: one ledger for internal accounting, and a separate ledger for the tax man.

Huh

By Hognoxious • Score: 3 • Thread

"managed by designated administrators under agreed governance rules"

Sounds like a bank. Or maybe a payment processor.

Re:E.g. We can't use it if we can't cheat

By SvnLyrBrto • Score: 4, Informative • Thread

Remember who "Accenture" really is: the post-scandal-renamed Andersen Consulting, aka: Arthur Andersen. Accounting fraud is their very purpose for existing. And corrupting blockchains to destroy accountability is exactly the sort of thing you expect out of those people.

Re:E.g. We can't use it if we can't cheat

By mspohr • Score: 4, Insightful • Thread

It defeats the purpose of having a blockchain if you can change it retrospectively.
It's not a blockchain if you can "edit" it.

Re:I can see the use of this

By Rakshasa Taisab • Score: 4, Insightful • Thread

Then you don't really understand what makes blockchains useful as compared to any other kind of system.

For the cases you pointed out, e.g. when changes need to be made to things already in the blockchain, those should be done as new blocks that revert or modify previous blocks. That preserves both the history and trust of the block chain.

Snapchat's 10-Second-Video Glasses Are Real And Cost $130 Bucks

Posted by EditorDavidView on SlashDotShareable Link
Long-time Slashdot reader bheerssen writes that Snapchat "announced a new product yesterday, Spectacles, which are sunglasses with a camera built into the frame." TechCrunch reports: Snapchat's long-rumored camera glasses are actually real. The startup's first foray into hardware will be a pair of glasses called "Spectacles" and will go on sale this fall for $129.99, according to the WSJ... To start recording you tap a button on the side of the glasses. Video capture will mimic Snapchat's app, meaning you can only capture 10 seconds of video at once. This video will sync wirelessly to your phone, presumably making it available to share as a snap.
The cameras will be using a circular 115-degree lens to mimic the human eye's natural field of vision, and in the Journal's article, Snap CEO Evan Spiegel remembers his first test of the product in 2015. "I could see my own memory, through my own eyes -- it was unbelievable... It was the closest I'd ever come to feeling like I was there again." The camera glasses will enter "limited distribution" sometime within the next three months, which TechCrunch believes "could end up being like Google Glass when it first launched -- officially on sale to the public but pretty hard to come by."

My goodness, those are fugly

By drinkypoo • Score: 5, Informative • Thread

I was picturing something more like Oakley's MP3 glasses, but with a super-flat little camera between your eyes. Instead it's a child's toy. They got the button on the device right (because it makes it obvious when you're recording) but they seem to have everything else wrong, including the price. That's too much for something that goofy.

Why do people care...

By mark-t • Score: 3, Interesting • Thread

... whether or not somebody else records them in a public place? For fuck's sake, if they are within earshot, they are recording your audio and if they are in eyeshot, they are recording your video... the only difference is that the device that is doing the recording is their brain. When wetware becomes a thing, even that distinction to external devices such as cameras or microphones will be irrelevant. The *only* thing that really protects your privacy when you are in a public place is whether or not people are interested enough in paying attention to you.

Obviously,. you could still prosecute people that distribute content that was recorded without permission of the subject, but I see no point to the outcries against people who might record for their own personal use, and in all honesty, are probably not actually *that* interested in you in the first place to notice you, specifically, among everything else they might be recording and actually *are* interested in.

The only caveat to this I would suggest is that without clear signage to the effect that states that an area is being monitored or recorded, a person doing the monitoring or recording must be physically at the location the recording is occurring... I do not think it should necessarily be externally obvious that they are recording anything, however... any more than it should be required that if a person is simply observing people as they go by should be carrying sign saying that they are watching you.

Socialmedia is a third-person camera thing

By Ingo Ruhnke • Score: 3, Insightful • Thread

One thing with social media is that people seem to post a lot more pictures of themselves (third person camera) than they post about experiences they were having (first person camera). Meaning video glasses point essentially in the wrong direction, as they show what the user sees, but not the user itself. Selfiesticks seem to be more in tune to how people actually use social media.

Either way, the 10sec restriction makes those glasses a rather limited gadget without much use outside of Snapchat.

Re:Why do people care...

By SeaFox • Score: 4, Interesting • Thread

... whether or not somebody else records them in a public place? For fuck's sake, if they are within earshot, they are recording your audio and if they are in eyeshot, they are recording your video... the only difference is that the device that is doing the recording is their brain. When wetware becomes a thing, even that distinction to external devices such as cameras or microphones will be irrelevant.

Because currently a memory is only usable to the witness, and is often forgotten. It cannot be saved in perfect detail, duplicated (only described), or packaged and sold for monetary gain. When wetware comes to be, as you point out, these issues will need to be dealt with at an ethical and legal level, but the that's not coming as soon as you believe, I think.

Re:Just like google glass

By mjtaylor24601 • Score: 4, Interesting • Thread

Threatening to punch anyone they see wearing them in the face isn't bullying; is that what you are trying to say?

Your hyperbole is showing.

That's not exactly hyperbole. Consider some of the comments in this thread alone

Can they capture the full wind-up and followthrough of SnapChat glasses being slugged off someone's face?

Does it come with a disclaimer that says.. "When you get punched in the face because of these glasses, and you will get punched in the face because of these glasses, you cannot hold SnapChat legally responsible because you are an asshat."

If a person wants or expects privacy, I believe that the onus is upon them to take measures to sufficient degree

They do. They beat the crap out of glassholes. Sufficient measures thus taken, effective privacy is restored.

Some people seem to have no trouble advocating physical violence against people merely for openly carrying a camera (which seems silly because if you want to surreptitiously record people there are plenty of ways to do it that are much less obvious). I hope this is just a case of people "being tough on the Internet", but even so, the ferocity of the response seems totally out of proportion.

U.S. Funds Challenges To North Korea's 'Information Shield'

Posted by EditorDavidView on SlashDotShareable Link
The U.S. State Department is pursuing "a detailed plan for making unrestricted, unmonitored, and inexpensive electronic mass communications available to the people of North Korea." Slashdot reader Greg Jones reports: Plenty of government-designed "information" flows out of North Korea. At One Free Korea Joshua Stanton reports that the U.S. State Department just announced a new grant program for information technology solutions to punch through the wall that prevents the free flow of information into North Korea.
"Those of us who wrote and negotiated the [North Korea Sanctions and Policy Enhancement Act] were equally concerned with direct engagement of the North Korean people..." Stanton writes on his blog, reporting that there's now grants available to fund multiple projects. "If you have the technical knowledge to make this a reality, or know a place online where people with those talents congregate, please share and repost this solicitation and help spread the word."

dafauq?

By sims 2 • Score: 5, Insightful • Thread

So it's not ok for our own US citizens or our allies to have unmonitored mass communications but we are just going to give them to our enemies?

They should found one for the US too

By Anonymous Coward • Score: 3, Insightful • Thread

It would be nice having an unmonitored device too.
Being able to comunicate without the government snooping... in a free country...

Well, just dreaming.

This is not going to work well.

By SuricouRaven • Score: 3 • Thread

Any sort of software is going to be worthless, because NK doesn't have an internet infrastructure. You can't tunnel if there are no wires. You might be able to get some connectivity at the borders, but that's it, and NK has used jammers in the past.

So the only possible approaches will be hardware based - you'd have to be able to distribute hardware into the country. And you'd have to do so with a lot of it, because you need to get it in faster than their government agents can confiscate it. And that hardware has to be able to operate in the face of truly awful communications conditions - even mesh networks have their limits.

The most you're going to get realistically is one-way: Send them radio receivers capable of picking up South Korean media. Which a lot of people will dismiss as propaganda, of course. The grant proposal implicitly acknowledges this with a focus upon getting media *in* to the country, which is hard but not nearly so hard as communications between people already stuck there.

That's the technical side. There's also the legal issue: You're going to end up air-dropping communications equipment on a foreign country without authorisation of their government and the express intention of subverting their laws. This is almost an act of war. North Korea would declare war on the US over that, if they didn't do so about twice a month already.

I'd go for the low-tech approach first: Radios. NK requires all radios sold be hard-wired to only tune to selected government-approved stations. So put in lots of really small, simple, durable radios that can pick up South Korean radio stations. You need a lot of them.

Now, if you wanted high-tech, you could probably come up with an adapted mobile phone for sneakernet use. Something that would be able to play audio and video, read text. Like one of those super-cheap-and-nasty Android tablets, with two USB ports. No networking - it's too easy to trace, and not much good anyway. But enough that a subversive document or media file could be very easily copied and passed between trusted people, quickly. You might want to include a radio receiver too, just so that it can pick up a daily news update from a transmitter in SK. Old-school VHS radio if need be - you don't need bitrate, you need range.

But that's really over-engineering, you'd get a much better effect for your money if you just airdrop millions of DVDs. Even in North Korea, DVD players are readily available. If nothing else you'd waste their resources as they assign thousands of people to sweeping the country looking for shiny discs to destroy.

As this is a US proposal, and legality be damned, they could just load a stealth bomber. I don't know how many DVDs you could load into one of those, but I think it's a lot. It'd be great fun when Jong-Un wakes up one morning to find eighteen tons of DVDs covering Pyongyang, containing all the best television the world can offer both factual and entertainment.

I expect by lunch he'll have just declared the sale of DVD players a capital offence, though.

The Verge's Deputy Editor Chris Ziegler Was Secretly Working For Apple For Two Months

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from Gizmodo: Late this afternoon, Nilay Patel, the editor-in-chief of The Verge, published a post detailing the circumstances around the departure of Chris Ziegler, a founding member of the site. As it turns out, according to Patel, Ziegler had been pulling double duty as an employee of both The Verge and Apple. "The circumstances of Chris' departure from The Verge raised ethical issues which are worth disclosing in the interests of transparency and respect for our audience," Patel wrote. "We're confident that there wasn't any material impact on our journalism from these issues, but they are still serious enough to merit disclosure." According to Patel, Ziegler, whose most recent post was published in July, began working for Apple in July but didn't disclose his new job; The Verge apparently didn't discover he'd been working there until early September. Patel noted that Ziegler continued to work for The Verge in July, but "was not in contact with us through most of August and into September." What's not clear is how The Verge leadership went six weeks without hearing from their deputy editor or taking serious action (like filing a missing person's report) to try to find him. Patel says they "made every effort to contact him and to offer him help if needed." Patel noted the obvious conflict of interest, and added that Ziegler was fired the same day they verified his employment at Apple. "Chris did not attempt to steer any coverage towards or away from Apple, and any particular decisions he helped make had the same outcomes they would have had absent his involvement," Patel wrote. However, it's still unclear how exactly the team at Vox Media, The Verge's parent company, ascertained there was no editorial consequences from the dual-employment. You can read Patel's full statement here. Vox Media's Fay Sliger followed up with a statement to Gizmodo: "Chris is no longer an employee of The Verge or Vox Media. Chris accepted a position with Apple, stopped communicating with The Verge's leadership, and his employment at The Verge was terminated. Vox Media's editorial director Lockhart Steele conducted an internal review of this conflict of interest, and after a thorough investigation, it was determined that there was no impact on editorial decisions or journalism produced at The Verge or elsewhere in Vox Media. We've shared details about this situation with The Verge's audience and will continue to be transparent should any new information come to light."

Just Another Symptom

By alphatel • Score: 3, Funny • Thread
Of the "I'm too cool to respond to you" generation, and the "we're too cool to panic about your status" management style.
Normal employment policy is credentials are immediately revoked when any employee does not respond to login/status requests for over 3 business days. But don't let the cool kids tell you that's reasonable to enforce on important people.

Verge and Vox

By tomhath • Score: 5, Insightful • Thread

"We're confident that there wasn't any material impact on our journalism from these issues

Daily Kos (aka Vox) was always a blog, it has nothing to do with journalism.

I don't get it

By irrational_design • Score: 4, Insightful • Thread

I don't even expect the New York Times or the editors/journalists that work for it to be ethical, why in the world would I be expected to be outraged that a website I've never heard of has unethical editors/journalists working for it? Is anyone seriously surprised by this? What is the news story?

Re:Verge and Vox

By quantaman • Score: 5, Interesting • Thread

"We're confident that there wasn't any material impact on our journalism from these issues

Daily Kos (aka Vox) was always a blog, it has nothing to do with journalism.

I'm not sure why you talked about Daily Kos except for the fact that they're both left online news resources.

They're completely different outfits.

As for Vox, I've been reading it a decent amount and I'd consider them journalism. They're not investigative journalism, they don't send reporters digging through old court records to dig up scandals, but it's still journalism.

They mostly do analysis, interviews, and long-form essays. It definitely comes with a wonkish highly progressive centre-left viewpoint (ie, they're big Clinton fans), but it's a valuable resource for understanding the world.

There are slightly bloggy aspects as well, but I don't think that's a bad thing (as you imply). The weakness in traditional journalism is it gets myopic by focusing on what just happened and losing the larger context. Vox's objective seems to be tracking issues long term while adding context and analysis.

Our Atmosphere Is Leaking Oxygen and Scientists Don't Know Why

Posted by BeauHDView on SlashDotShareable Link
The Earth's atmosphere has been leaking oxygen and scientists don't know why. Researchers discovered that over the past 800,000 years, atmospheric oxygen levels have dropped by 0.7 percent. How exactly did they discover the leak? By observing ice cores from Greenland and Antarctica, which contain trapped air bubbles representing snapshots of our atmosphere over the past million-odd years. Gizmodo reports: By examining the ratio of oxygen to nitrogen isotopes within these cores, the researchers were able to pull out a trend: oxygen levels have fallen by 0.7 percent over the past 800,000 years, meaning sinks are roughly 2 percent larger than sources. Writing today in Science, the researchers offer a few possible explanations. For one, erosion rates appear to have sped up in recent geologic history, causing more fresh sediment to be exposed and oxidized by the atmosphere, causing more oxygen to be consumed. Long-term climate change could also be responsible. Recent human-induced warming aside, our planet's average temperature had been declining a bit over the past few million years. [Princeton University geologist Daniel Stolper] added that there could be other explanations, too, and figuring out which is correct could prove quite challenging. But learning what controls the knobs in our planet's oxygen cycle is worth the effort. It could help us understand what makes a planet habitable at all -- something scientists are rather keen on, given recent exoplanet discoveries. Stolper's analysis excluded one very unusual part of the record: the last 200 years of industrial human society. "We are consuming O2 at a rate a factor of a thousand times faster than before," Stolper said. "Humankind has completely short-circuited the cycle by burning tons of carbon."

Re:that's an understatement

By ooloorie • Score: 4, Insightful • Thread

People always make "doomsday predictions" about any change, whether it's the sexual revolution or climate change.

In reality, the amount of carbon trapped under ice is a small amount compared to other sources, and it would be quickly captured again by the vegetation that would soon grow in those newly temperate areas. So, sorry, no doomsday scenario there, and not even much of a potential for positive feedback.

Sheesh

By Ol Olsoc • Score: 3 • Thread
Well now, there is some fine clickbait! The atmosphere is leaking O2? We better build a Dyson sphere around the planet!

Or we could just figure that more Oxygen is getting bound up in other compounds. Not a leak, possibly of some concern, but probably not.

Re:that's an understatement

By hey! • Score: 4, Interesting • Thread

Which is fine, depending on how fast we get there.

It's like this: you're standing on the balcony of your Miami hotel room. It's on the top floor. It's a warm summer night and you look down at the pool. A dip would be just the thing, so you put on your bathing suit and take the elevator down to the ground level. Refreshment accomplished.

Now imagine the same scenario, only you decide to dive off your balcony into the pool. You've traveled exactly the same vertical distance, but the rate at which you did it (well, technically the rate at which you stopped doing it), made a difference.

Re:Not a bad guess

By K. S. Kyosuke • Score: 4, Informative • Thread
The amount of oxygen is our atmosphere so massive that the contemporary human population of seven billion would have to breathe for twenty thousand years to decrease its share in the atmosphere from 21% to 20%, without replacement. Of course, a mere century ago, the population was just 1.5 billion. Another century back, 0.9 billion. A thousand years back, about 0.25 billion. It's estimated that all the humans who ever lived numbered about 100 billion, that gives you something like a grand total of 0.2 percent of the current oxygen amount in the atmosphere having been consumed by all human beings who ever lived, if each of them lived sixty years on average. Perhaps cattle could multiply it by a factor of several.

"Leaking"??? Is it being lost into space?

By mark-t • Score: 5, Insightful • Thread
Because if not, there is no way I can see that "leaked" is the right word.