Alterslash

the unofficial Slashdot digest archive

Ask Slashdot: Have You Read 'The Art of Computer Programming'?

Posted by EditorDavidView on SlashDotShareable Link
In 1962, 24-year-old Donald Knuth began writing The Art of Computer Programming, publishing three volumes by 1973, with volume 4 arriving in 2005. (Volume 4A appeared in 2011, with new paperback fascicles planned for every two years, and fascicle 6, "Satisfiability," arriving last December). "You should definitely send me a resume if you can read the whole thing," Bill Gates once said, in a column where he described working through the book. "If somebody is so brash that they think they know everything, Knuth will help them understand that the world is deep and complicated."

But now long-time Slashdot reader Qbertino has a question: I've had The Art of Computer Programming on my book-buying list for just about two decades now and I'm still torn...about actually getting it. I sometimes believe I would mutate into some programming demi-god if I actually worked through this beast, but maybe I'm just fooling myself...

Have any of you worked through or with TAOCP or are you perhaps working through it? And is it worthwhile? I mean not just for bragging rights. And how long can it reasonably take? A few years?

Share your answers and experiences in the comments. Have you read The Art of Computer Programming?

Re:Hell no

By Tablizer • Score: 4, Insightful • Thread

Programming isn't terribly complex. If you want to program, just do it.

It's not complex if you merely want it to run, but if you want flexible, maintainable, and readable code, then it is complex.

Re:Hell no

By Tough Love • Score: 4, Insightful • Thread

Nah, I've been programming longer than Knuth has, starting with machine language. You just need to think procedurally.

In your case, it sounds more like "sporadically".

I have, not worth it

By AuMatar • Score: 5, Informative • Thread

Don't get me wrong, Knuth is a genius. If you need to do deep research on sorting algorithms, definitely read it. If you want to do CS research and need to learn how to read research papers, its a good start. But you aren't going to get any deep insights on how to write a good program from it. Its too academic and far too focused on deep research. And even for the topics it does cover, unless you want to do research on how to really optimize the hell out of them you're better off using tutorials written for a more practical level.

Maybe

By kwerle • Score: 4, Interesting • Thread

I wasn't sure if I'd read 'em. I know a friend/colleague (who I regard highly) who has - and I think he thinks highly of them. But he also has terrible taste in movies.

A quick google search landed me at http://broiler.astrometry.net/...

I have not read it.

I've been coding professionally for 25-30 years, depending on how you count. I studied CS in college. I've read a few outstanding books on the subject since then.

I don't have the patience for these, and I suspect I'm not going to miss out on much.

On the other hand, I long ago came to the conclusion that I'm really not interested in low level code. Give me a nice high level language with nice high level functions and features and I'm a happy coder. That's not to say that I don't understand O notation or the costs behind the complexity - but it is to say that I know when to use a drill and when to use a power saw - but I don't want to build either of 'em.

Maybe you're into the nitty gritty. Or maybe you like bad movies.

Check your local tech library and see if you can check out a copy. Or ebay 'em for $20-40/volume. Or if the pdf strikes your fancy, maybe take the plunge.

I have read much of it, as I would an encyclopedia

By Ungrounded Lightning • Score: 3 • Thread

My wife and I each had a copy of the first three volumes when we married. Yes, there are female computer nerds. B-)

I first encountered it when assigned one of the volumes as a text back in 1971. Of course the class didn't consist of learning EVERYTHING in the volume. B-)

I use it from time to time - mainly as a reference book. Most recently this spring, when I needed a reference on a data structure (circular linked lists) for a paper. I've found it useful often when doing professional computer programming and hardware design (for instance, where the hardware has to support some software algorithm efficiently, or efficient algorithms in driver software allow hardware simplification).

I don't try to read it straight through. But when I need a algorithm for some job and it's not immediately obvious which is best, the first place I check is Knuth. He usually has a clear description of some darned good wheel that was already invented decades ago, analyzed to a fare-thee-well.

I only see him about once a year. He's still a sharp cookie.

Does Windows 10's Data Collection Trade Privacy For Microsoft's Security?

Posted by EditorDavidView on SlashDotShareable Link
jader3rd shares an article from PC World arguing that Windows 10's data collection "trades your privacy for Microsoft's security." [Anonymized] usage data lets Microsoft beef up threat protection, says Rob Lefferts, Microsoft's director of program management for Windows Enterprise and Security. The information collected is used to improve various components in Windows Defender... For example, Windows Defender Application Guard for Microsoft Edge will put the Edge browser into a lightweight virtual machine to make it harder to break out of the browser and attack the operating system. With telemetry, Microsoft can see when infections get past Application Guard defenses and improve the security controls to reduce recurrences.

Microsoft also pulls signals from other areas of the Windows ecosystem, such as Active Directory, with information from the Windows 10 device to look for patterns that can indicate a problem like ransomware infections and other attacks. To detect those patterns, Microsoft needs access to technical data, such as what processes are consuming system resources, hardware diagnostics, and file-level information like which applications had which files open, Lefferts says. Taken together, the hardware information, application details, and device driver data can be used to identify parts of the operating system are exposed and should be isolated into virtual containers.

The article points out that unlike home users, enterprise users of Windows 10 can select a lower level of data-sharing, but argues that enterprises "need to think twice before turning off Windows telemetry to increase corporate privacy" because Windows Update won't work without information about whether previous updates succeeded or failed.

Crowdsourced Security

By Anonymous Coward • Score: 3, Insightful • Thread

So we are all essentially honeypots for Microsoft Security. Good to know.

No

By smooth wombat • Score: 3, Interesting • Thread

Next question. Do I get to see the telemetry of Microsoft employees since I or my employer is the one paying their salaries?

After all, seeing how they use Windows 10 might help my organization improve its service to its customers.

MS is completely wrong

By melting_clock • Score: 5, Insightful • Thread

Telemetry should be able to be switched off entirely, on all Windows installs, so that our right to privacy in respected. Many of the apps that I use include telemetry but I only use those that provide an option to disable their telemetry, even though I will allow telemetry from some trusted apps. MS have repeated demonstrated that they cannot be trusted and it is scary that the released an entire OS that is actually spyware. In any case, it means that Windows 7 will be the last version I allow to be installed on any computer I own.

If Windows update doesn't work without telemetry, that is a demonstration of MS incompetence and a very bad design decision. Linux is my main OS and it sends no telemetry for updates, while still managing to install updates. Those Linux updates also cover every piece of software I have installed in that OS, not just OS updates.

Sounds like a pretext to me...

By gweihir • Score: 4, Insightful • Thread

Because that could be done with a fairly small number of users, no need to spy on all of them. Anyways, while I would pay money for Win10, it would have to be the LTSB-version, because spying can be fully turned off and no new "features" all the time. As at the moment there seems to be no way to get LTSB as private user or small business, I will stay on Win7 for anything that needs Windows (Office, gaming) and try to move everything else to Linux, where I at least have control over what gets sent to the distro (nothing). In the worst case I will get a gaming-only PC with Win10 (no email, no browsing, no work) in a few years, jail Office in a no-network Win7 VM and do everything else on Linux.

The same PR talk crap that everyone else does.

By XSportSeeker • Score: 4, Insightful • Thread

Stop skirting around the theme and get to the point: the fact that data collection is obligatory and there is no option to completely disable it is the problem itself. Data collection in Windows systems have always been there more or less, the problem is how it became something that cannot be disabled, which is bad specially for companies with sensitive data.

I don't care if Microsoft can post updates faster and enhance security with it, the way they figure that out is the company's own responsibility. Stuff like that cannot be pinned down as something users should be responsible for, specially for OSs that are still essencially commercial in nature.

This has always been the problem with data collection schemes, and it'll continue being regardless if Microsoft PR talks it'll improve the experience or not. It's the same crappy excuse that all companies that profit on data collection use. All of them say the exact same thing. So I couldn't care less on what Microsoft PR declares they'll do with it, it doesn't diminish the disgust in any way. Privacy has always been a matter of principle, not on what some company says it'll do after the fact.

If they want to go that route, fine, keep sending data back and making it harder and harder for clients to dial back on that shit. But don't expect users to change their views if they are not willing to back down. Windows 10 will keep having and deserving the image of being an OS that spy on it's users. And that's exactly what it does. It's extracting data from people's desktop, doing it's best to make that invisible, and taking away options to disable it.

Much like they forced the Windows 10 update down lots of people's throats using some very dirty tactics, there's no excuse for what they are doing with ads and with stealing user data. I don't care if they say it's anonymized or whatever, I don't want my desktop sending anything back, period. People who are against this trend don't want to hear your promises on what you'll do with the data, we don't care. We're going for alternative routes that are not opting for data collection. That's it.

Linux Mint 18.1 'Serena' BETA Ubuntu-based Operating System Now Available For Download

Posted by EditorDavidView on SlashDotShareable Link
BrianFagioli shares his story on Beta News: Feeling fatigued by Windows 10 and its constant updates and privacy concerns? Can't afford one of those beautiful new MacBook Pro laptops? Don't forget, Linux-based desktop operating systems are just a free download away, folks!

If you do decide to jump on the open source bandwagon, a good place to start is Linux Mint. Both the Mate and Cinnamon desktop environments should prove familiar to Windows converts, and since it is based on Ubuntu, there is a ton of compatible packages. Today, the first beta of Linux Mint 18.1 'Serena' becomes available for download.

Here's the release notes for both Cinammon and MATE.

Re:Visual Studio C++ equivalent?

By lgw • Score: 5, Informative • Thread

I develop C++ applications mainly for Linux. I use Visual C++ and Xcode (I got accustomed to it after some time) to develop, then I log on Linux to "port" the code with vi, GCC, etc, and add Linux specific features.

Is there a decent GUI for developing on Linux now?

You can use VS on a Windows machine to build/debug on Linux now. You can also run a light version, "VS Code," natively on Linux - it's free and open source, but I don't know how full-featured it is.

Think of the target audience

By OrangeTide • Score: 3 • Thread

If you are on Slashdot and haven't switched to Linux by now, then it seems extremely unlikely that you ever will.

I hope you all enjoy whatever OS you happen to be using today.

Ubuntu makes to much decisions for me...

By xonen • Score: 3 • Thread

After many years of Ubuntu use as primary desktop, the thing that drove me away was ending the support for the closed source AMD video drivers.

Someone decided that the open source drivers were 'good enough'. Well, they are not, at least for what i was doing. And the choice to use the drivers as released by AMD was removed, and doing so manually anything but trivial, as in, you'd have more luck on an arch based distro.

Imho, Ubuntu, and all derivatives like Mint, suddenly alienate half their user base with that decision. And if this wasn't an online forum i'd use stronger wordings for that.

Also, i just need to get work done. And most of the stuff i do is reasonable platform-agnostic but expects reasonable 3D performance. So, i'm back to windows 10 which serves my need, ironically has Ubuntu user land built in these days, and Linux will have to wait until i upgrade my graphics to nVidia, or when i can be bothered to try another distro, or when open source graphics drivers are really of comparable quality, whichever come first.

* Just 2 cents from a frustrated ex-Ubuntu&Mint user on the desktop. *

Re:Think of the target audience

By h33t l4x0r • Score: 4, Funny • Thread
My mouse doesn't feel right on Linux, I would switch if it weren't for that.

Re:Ubuntu makes to much decisions for me...

By AthanasiusKircher • Score: 5, Insightful • Thread

After many years of Ubuntu use as primary desktop, the thing that drove me away was ending the support for the closed source AMD video drivers.

What does this have to do with Ubuntu? AMD ended their support.

Someone decided that the open source drivers were 'good enough'. Well, they are not, at least for what i was doing.

Yep, that "someone" was AMD. They apparently decided to focus more on a new Linux driver project, as noted in the posts from AMD folks quoted in the above link. Ubuntu isn't able to offer "support" for a closed-source driver that apparently breaks with the newer versions of Xorg. (I'd note that AMD had months to prepare before the new version of Ubuntu upgraded to the newer version of Xorg, and it's been a year or more and AMD hasn't updated their driver.)

And the choice to use the drivers as released by AMD was removed

Because it might break your system.

Imho, Ubuntu, and all derivatives like Mint, suddenly alienate half their user base with that decision.

How was it Ubuntu's fault (let alone Mint's, who didn't do anything here) that AMD stopped updating their drivers for Linux? Ubuntu and its derivatives aren't the only distros that this created problems with -- anyone who is using a version of Xorg released in the past year will have the same problem. And since Xorg is standard across most Linux distros, this truly has nothing to do with Ubuntu (or Mint) per se.

So, i'm back to windows 10 which serves my need

Yep -- AMD decided to update their drivers for the latest Windows version. Ubuntu can't do so, because they don't have the source code.

Why are you angry at Ubuntu when the people who stopped the support are AMD?

I don't mean to sound insulting, but you do understand what the implications of "closed-source driver" are, right? Ubuntu would likely be happy to provide support and updates if they had the source code... but they don't, and AMD won't release it.

Canonical Sues Cloud Provider Over 'Unofficial' Ubuntu Images

Posted by EditorDavidView on SlashDotShareable Link
An anonymous reader quotes OStatic's update on Canonical's lawsuit against a cloud provider: Canonical posted Thursday that they've been in a dispute with "a European cloud provider" over the use of their own homespun version of Ubuntu on their cloud servers. Their implementation disables even the most basic of security features and Canonical is worried something bad could happen and it'd reflect badly back on them... They said they've spent months trying to get the unnamed provider to use the standard Ubuntu as delivered to other commercial operations to no avail. Canonical feels they have no choice but to "take legal steps to remove these images." They're sure Red Hat and Microsoft wouldn't be treated like this.
Mark Shuttleworth, the founder of Ubuntu, wrote in his blog post that Ubuntu is "the leading cloud OS, running most workloads in public clouds today," whereas these homegrown images "are likely to behave unpredictably on update in weirdly creative and mysterious ways... We hear about these issues all the time, because users assume there is a problem with Ubuntu on that cloud; users expect that 'all things that claim to be Ubuntu are genuine', and they have a right to expect that...

"To count some of the ways we have seen home-grown images create operational and security nightmares for users: clouds have baked private keys into their public images, so that any user could SSH into any machine; clouds have made changes that then blocked security updates for over a week... When things like this happen, users are left feeling let down. As the company behind Ubuntu, it falls to Canonical to take action."

Dupe

By buchner.johannes • Score: 4, Informative • Thread

https://tech.slashdot.org/stor...

Re: GPL?

By slazzy • Score: 5, Insightful • Thread
They can do whatever they want, but it's no longer "Ubuntu"

But they followed naming standards!

By Provocateur • Score: 5, Funny • Thread

Vivid Vervet
Wily Werewolf
Xenial Xerus
Yakkety Yak
Zesty Zapus

And from the summary, "Unofficial Ubuntu"

70 Laptops Got Left Behind At An Airport Security Checkpoint In One Month

Posted by EditorDavidView on SlashDotShareable Link
America's Transportation Security Administration has been making some surprising announcements on social media. An anonymous reader writes: A TSA spokesperson says 70 laptops were left behind in just one month at an airport security checkpoint in Newark. "And yes, there are plenty of shiny MacBooks in that pile," reported BravoTV, "which can cost in the $2,000 range new." The TSA shared an image of the 70 laptops on their Instagram page and on Twitter, prompting at least one mobile project designer to reclaim his laptop. "The most common way laptops are forgotten is when traveler's stack a bin on top of the bin their laptop is in," the TSA warns. "Out of sight out of mind."
The TSA is also sharing pictures on social media of the 70 guns they confiscated at security checkpoints in one week in November, reporting they've also confiscated a blowtorch, batarangs, and a replica of that baseball bat from "The Walking Dead". They're reporting they found 33 loaded firearms in carry-on luggage in one week, and remind readers that gun-carrying passengers "can face a penalty as high as $11,000. This is a friendly reminder to please leave these items at home."

All the passengers fault..

By thesupraman • Score: 3 • Thread

I am sure it's all the passengers fault. Not people desperately trying to get to their flight after a long delay waiting for their turn at a bit of ineffective security theatre..

Of course this would be solved by not requiring them to remove their laptops.. Something which would have next to no effect on the uselessness of their scanning anyway..

But no.. It's all the travelers fault. Silly travelers.. They deserve to have their items removed.

Of course it should be quite trivial door then to track down the owners right? TSA is so proud of how well informed they are about the travelers.. Surely they can localise the owners of one of a handful of people? No?

We used to call it "security theater"

By Applehu Akbar • Score: 3 • Thread

Now it's turned into more of a security Ring Cycle.

So how many terrorists?

By houghi • Score: 3 • Thread

So how many terrorists have they caught? Also: do they know where the idiots in Brussels exploded? It was before any check in the check-in area.

So no, we are not safer with them. If idiots want to blow themselves up, they will. Standard scan is already good enough. And obviously I could just go into the tax-free store and buy what I need there.

Re:Maybe I'm more anal-retentive than most

By AthanasiusKircher • Score: 5, Informative • Thread

But I have a hard time understanding how anybody could forget their laptop at a TSA checkpoint.

A lot of people experience anxiety and distraction when they're going through the security line. You're being led around like cattle and are subject to a bunch of random rules that could result in a pain and a bunch of delays (maybe worse) if you aren't careful to pay attention. Doing an extra check to make sure you have everything may not always be at the top of your list.

Just a few ways that immediately come to mind:

(1) You're getting on a 6am flight, so you're going through security at 5am and haven't had a cup of coffee yet because the TSA won't allow you to carry one. So you're just in a "haze."

(2) You have small children or are accompanying a person who can't take care of their own stuff for some reason, so you're juggling a huge number of bins and bags and trying not to forget anything, while also trying not to hold up the line.

(3) The TSA personnel distract you with some bogus extra search procedure that makes you feel uncomfortable... or they are overly brusque with you, which makes you a little paranoid (because they have the power to detain you). So you're distracted by this other stuff -- in ADDITION to having to deal with the indignities of putting back on your belt, shoes, packing up you little "baggie of liquids," etc. while people are crowding around trying to do the same.

Lots of other scenarios. I had a good friend (not at all an idiot or scatter-brained) who forgot his once, but luckily realized it when he got to his gate and went to do some work. He came back and retrieved it in time. I had another acquaintance who lost his and did NOT recover it.

I actually ended up adopting my own crude "reminder procedure" after hearing about these -- I commonly carry my laptop in some sort of sleeve in my bag anyway. I used to just reach in my bag and grab the laptop to put in the separate bin. Now I take the sleeve out of the bag and put it in the bin with my laptop bag (but outside of it), and my laptop obviously in a separate bin. I obviously will need to deal with the sleeve before I depart the TSA area. Just in case I'm distracted, I think there's a much lower chance that I'll just unthinkingly place my empty laptop sleeve back into my bag without realizing my laptop's missing. I doubt I'd forget my laptop, but I know how often it happens, so a little extra precaution doesn't hurt.

How Microsoft Lost In Court Over Windows 10 Upgrades

Posted by EditorDavidView on SlashDotShareable Link
In June a California woman successfully sued Microsoft for $10,000 over forced Windows 10 upgrades, and she's now written a 58-page ebook about her battle (which she's selling for $9.99). But an anonymous Slashdot reader shares another inspiring story about a Texas IT worker and Linux geek who got Microsoft to pay him $650 for all the time that he lost. "Worley built a Windows 7 machine for his grandfather, who has Alzheimer's Disease, [customized] to look like Windows XP, an operating system his grandfather still remembered well..." writes Digital Trends. "But thanks to Microsoft's persistent Windows 10 upgrade program, Worley's grandfather unknowingly initiated the Win 10 upgrade by clicking the 'X' to close an upgrade window." After Worley filed a legal "Notice of Dispute," Microsoft quickly agreed to his demand for $650, which he donated to a non-profit focusing on Alzheimer's patients.

But according to the article, that's just the beginning, since Worley now "hopes people impacted by the forced Windows 10 upgrade will write a complaint to Microsoft demanding a settlement for their wasted time and money in repairing the device," and on his web page suggests that if people don't need the money, they should give it to charities fighting Alzheimer's. "If Microsoft isn't going to wake up and realize that lobbing intentionally-tricky updates at people who don't need and can't use them actively damages not only the lives of the Alzheimer's sufferer, but those of their whole family, then let's cure the disease on Microsoft's dime so their tactics and those of companies that will follow their reckless example aren't as damaging."

Worley suggests each Notice of Dispute should demand at least $50 per hour from Microsoft, adding "If recent history holds steady they might just write you a check!"

Not a unique situation

By Anonymous Coward • Score: 5, Interesting • Thread

I just found out my sister-in-law bought a new laptop because the old one was "broken". Why? Because the formerly functional old laptop ran Windows 7 and whatever Windows 10 did to it broke the drivers and it won't boot, despite her trying to prevent Windows from doing the update for months. She took it to a local computer store and they said they would fix it for $100. At that point she decided to buy a new one. Months later I found out what happened :-(

It's easy to blame the user, but there must be thousands of people out there who have machines that were effectively turned into non-functional doorstops from their perspective because of Microsoft's forced upgrade policy. Granted, these machines are fixable, but that's still a repair beyond many user's ability, and it would cost them money to have someone else do it for them. They're in this spot because of the underhanded tricks that Microsoft used (like the "install anyway" close button on the upgrade window).

I'll reinstall the OS for her and maybe she can recover some money by reselling the old laptop, but really there should be a class action lawsuit against Microsoft for what they've done. Instead they've probably reaped many unnecessary sales of new machines. It's appalling.

Re:Maybe, I should sue KDE?

By LesFerg • Score: 5, Funny • Thread

A FreeBSD-user since early 90-ies, I can only chuckle at the problems in the Microsoft world...

Heeey I was tricked into typing

freebsd-update upgrade -r 11.0-RELEASE

And guess what? instead of updating my X-windows it changed my FreeBSD version!!!

Now all my drivers, erm, just work and my UI looks just the same!

Re:Maybe, I should sue KDE?

By Darinbob • Score: 5, Interesting • Thread

Tricking old people is a very popular business model these days. Amazon for instance has "click here for FREE shipping!" and then if you click you get a trial Amazon Prime account, and if you don't notice you get charged at the end of the month. Cancelling this trial can be tricky, I tried to cancel my mother's prime account but it had not verified the credit card on file yet (which was also outdated) so there was no option to cancel. Instead I removed all cards from the account (almost mandatory because a cat walking across the keyboard could cost you a lot of one-click purchases). The next day the trial account was bitching and whining that there was no valid card on file and to PLEASE add a new one. It still has not given up and is whining about an invalid card a week later. Unsurprisingly you can find a lot of people online also complaining that their elderly parents were paying for Prime who don't remember signing up for it.

My mother was getting the Windows 10 update, but we cancelled it before it was done. She had very very slow internet so it was taking several days for it to download.

I have noticed that Adobe Flash is no longer doing the "install MacAffee" checkbox that's pre-checked, maybe they got enough complaints that someone with a conscience finally removed it. Meanwhile Avast still tries to trick people into installing Chrome when they upgrade their antivirus.

Re:$50 - an hour?

By Opportunist • Score: 5, Insightful • Thread

My personal time is sold at market rates. For the simple reason that I could sell it at market rates at any time. IT security people are sought after and, let's be honest here, we can pretty much demand what we want and it's being paid.

The point is, why should my personal time be any cheaper than my "professional" time? It's not like I'm doing what I really enjoy doing when upgrading an OS, we're not talking about playing my favorite game.

Any engineers at Microsoft reading this?

By Anonymous Coward • Score: 5, Insightful • Thread

Are you proud of the work you've done here, making life suck for Alzheimers' patients and countless other customers who lack the capacity, the autonomy, or the technical background needed to circumvent your bosses' intentions?

If you work for Microsoft, then the world is a worse place because you went to work today. Re-evaluate your career options.

Remember, you're engineers. As a group you are capable, experienced professionals in a strong labor market. You have those options, unlike a lot of other people.

And as engineers, you also have ethical obligations, even if they're unwritten ones. Honor those obligations by working somewhere else besides Microsoft.

Sysadmin Gets Two Years In Prison For Sabotaging ISP

Posted by EditorDavidView on SlashDotShareable Link
After being let go over a series of "personal issues" with his employer, things got worse for 26-year-old network administrator Dariusz J. Prugar, who will now have to spend two years in prison for hacking the ISP where he'd worked. An anonymous reader writes: Prugar had used his old credentials to log into the ISP's network and "take back" some of the scripts and software he wrote... "Seeking to hide his tracks, Prugar used an automated script that deleted various logs," reports Bleeping Computer. "As a side effect of removing some of these files, the ISP's systems crashed, affecting over 500 businesses and over 5,000 residential customers."

When the former ISP couldn't fix the issue, they asked Prugar to help. "During negotiations, instead of requesting money as payment, Prugar insisted that he'd be paid using the rights to the software and scripts he wrote while at the company, software which was now malfunctioning, a week after he left." This tipped off the company, who detected foul play, contacted the FBI and rebuilt its entire network.

Six years later, Prugar was found guilty after a one-week jury trial, and was ordered by the judge to pay $26,000 in restitution to the ISP (which went out of business in October of 2015). Prugar's two-year prison sentence begins December 27.

Smart but foolish

By freeze128 • Score: 3, Funny • Thread
You gotta hand it to the guy for negotiating for the rights to the software. He kinda was *TRYING* to do the right thing by making sure he had the proper rights to the software (presumably before he sold it himself). A more unscrupulous man might just have stolen the software and used it to start his own business without any notification at all.

Lucky he got off so light

By Anonymous Coward • Score: 3, Funny • Thread

"Judge Rambo ordered Prugar to pay $26,000 in restitution."

I guess its better than getting sentenced by Judge Dredd.

Amateur Sys-admin deserves the time

By adosch • Score: 5, Insightful • Thread

As making a living out of being all things 'admin' (sys/network/engineering, ect.), he totally deserves this. This guy is total amateur-hour and quite simply deserves what he got. If it was really about your scripts, then they were probably garbage anyway. Any admin with have a brain keeps copies of their stuff; I actually use version control systems right long with software developers and engineers, so an even bigger reason to manage your domain better.

I'm sure he had a fair bit of perceived egotism and elitism in his attitude and work ethic, which made the situation what it was and resulted into today for him.

Even that, if he was able to log on to absolutely anything after his contract was terminated, then shame on the ISP, too. That's probably why they don't exist anymore. In any fairy constructed IT shop of sys-admins, regardless of how the rest of his co-workers felt about the situation of all of it, his access to everything would have been gone the second he was being walked out the door by security, HR, ect.

Re:Smart but foolish

By ClickOnThis • Score: 4, Informative • Thread

You gotta hand it to the guy for negotiating for the rights to the software. He kinda was *TRYING* to do the right thing by making sure he had the proper rights to the software (presumably before he sold it himself). A more unscrupulous man might just have stolen the software and used it to start his own business without any notification at all.

There is no way to parse what he did as the "right thing." He stole from his former employer and sabotaged their system. And then tried to extort them for the rights to his software.

He should have been a professional and just walked away. Or at least he should have talked to a lawyer about his claim to the software he wrote. Although most likely his employment agreement considered it a "work for hire" so he had no claim.

Re:He would have been better off ...

By Kjella • Score: 5, Insightful • Thread

And keep a copy of your stuff on hand before you get fired.

If you were doing it at work on company systems it's probably not "your stuff" anyway, it's probably small utilities he used to make his job easier. If you want to do something for yourself do it on your own time on your own machine, don't use any company resources and try not to do anything that would make them question your loyalty to your day job. Being a consultant or contractor is fine because everyone knows that. Being an employee with a secret double agenda is not.

Virginia Police Spent $500K For An Ineffective Cellphone Surveillance System

Posted by EditorDavidView on SlashDotShareable Link
Cell-site simulators can intercept phone calls and even provide locations (using GPS data). But Virginia's state police force just revealed details about their actual use of the device -- and it's not pretty. Long-time Slashdot reader v3rgEz writes: In 2014, the Virginia State Police spent $585,265 on a specially modified Suburban outfitted with the latest and greatest in cell phone surveillance: the DRT 1183C, affectionately known as the DRTbox. But according to logs uncovered by public records website MuckRock, the pricey ride was only used 12 times — and only worked seven of those times.
According to Virginia's ACLU director, "each of the 12 uses cost almost $50,000, and only 4 of them resulted in an arrest [raising] a significant question whether the more than half million dollars spent on the device and the vehicle...was a wise investment of public funds."

I'm not sure what the problem is...

By The Grim Reefer • Score: 4, Insightful • Thread
FTA:

Virginia being one of the few states to have passed legislation curtailing the use of these exceptionally powerful devices, and mandating warrants and probable cause be obtained prior to their use.

So they don't just use this thing to go after people with an unpaid parking ticket at the discretion of the local meter maid. They actually have to get a warrant. I think this is a good thing personally. I'd rather they have this thing for when it's truly needed, but have it's use limited.

A glance at the log seems to show that in at least 5 out of the 12 instances it was used, the device turned out to be ineffectual in locating the suspect.

So it may not be 100% effective. Are we supposed to be shocked by this? Obviously it would be great if it was. But then, what is in life? Of course there are some qualifiers in the quote above. "A glance" and "seems to show". So we don't really know the full story. Just what the logs appear to indicate. It's kind of like looking at the output from your OBDII logs in your car and trying to judge how much fun you had on your vacation.

If the log fully documents all usage of the device since it was acquired, each of the 12 uses cost almost $50,000, and only 4 of them resulted in an arrest, she noted.

Do all investigations result in arrests? I'm pretty sure the answer is no. So why should this be any different. How much does a typical investigation that this thing be used in cost? I would guess it would cost a lot. I'd like to think they're not going after jay walkers with this thing. Did it also turn into a pumpkin? Can it not be used any longer? If not, then the cost per use to date is meaningless.

I live and pay taxes in Virginia and I suppose I'm looking at this a little differently. I'm happy they aren't running this thing 24/7. It almost seems the author feels they should be using stingrays every functional hour that it can be to get the most hours usage per dollar spent. I'm looking at this like my tap and die set. It cost me a bunch of money, but the few times I needed it at odd hours has made it well worth the cost to me. I'm also happy when it's not needed.

Now they'll use it more...

By Macdude • Score: 4, Interesting • Thread

Oh great! With the release of this news story the Virginia State Police will feel they need to justify the purchase (rather than admit buying it was a mistake) and will use it whenever they can. It was only used in 12 cases? Wait 6 months and it will be 1,200.

Why worry about citizen's rights to privacy when you have to justify buying toys!

What if

By whoever57 • Score: 4, Insightful • Thread

What if the device has been used a lot, but the majority of uses are clearly illegal? For example, snooping on political enemies.

The logs would have been purged of the illegal uses, leaving only a small number of occasions that the device would have been used legally.

Are We Seeing Propaganda About Russian Propaganda?

Posted by EditorDavidView on SlashDotShareable Link
MyFirstNameIsPaul was one of several readers who spotted this disturbing instance of fake news about fake news. An anonymous reader writes: Last week the Washington Post described "independent researchers" who'd identified "more than 200 websites as routine peddlers of Russian propaganda" that they estimated were viewed more than 200 million times on Facebook. But the researchers insisted on remaining anonymous "to avoid being targeted by Russia's legions of skilled hackers," and when criticized on Twitter, responded "Awww, wook at all the angwy Putinists, trying to change the subject -- they're so vewwy angwy!!"

The group "seems to have been in existence for just a few months," writes Rolling Stone's Matt Taibbi, calling the Post's article an "astonishingly lazy report". (Chris Hedges, who once worked on a Pulitzer Prize-winning team at the New York Times, even found his site Truthdig on the group's dubious list of over 200 "sites that reliably echo Russian propaganda," along with other long-standing sites like Zero Hedge, Naked Capitalism, and the Ron Paul Institute for Peace and Prosperity.) "By overplaying the influence of Russia's disinformation campaign, the report also plays directly into the hands of the Russian propagandists that it hopes to combat," complains Adrian Chen, who in 2015 documented real Russian propaganda efforts which he traced to "a building in St. Petersburg where hundreds of young Russians worked to churn out propaganda."

The Post's article was picked up by other major news outlets ( including USA Today), and included an ominous warning that "The sophistication of the Russian tactics may complicate efforts by Facebook and Google to crack down on 'fake news'."

They let the ban on propagandizing citizens expire

By Ungrounded Lightning • Score: 5, Informative • Thread

Three and a half years ago the US government, under the Obama administration, let the ban on propagandizing US citizens expire - and immediately began writing and spreading "fake news".

From an FP article dated July 14, 2013:

U.S. Repeals Propaganda Ban, Spreads Government-Made News to Americans

For decades, a so-called anti-propaganda law prevented the U.S. governmentâ(TM)s mammoth broadcasting arm from delivering programming to American audiences. But on July 2, that came silently to an end with the implementation of a new reform passed in January. The result: an unleashing of thousands of hours per week of government-funded radio and TV programs for domestic U.S. consumption in a reform initially criticized as a green light for U.S. domestic propaganda efforts.

So the only thing new here is US citizens noticed one of the government's renewed, official, domestic propaganda operations.

Re:Yes

By zapadnik • Score: 4, Interesting • Thread

The attack by the globalist order was to advance the agenda of the Muslim Brotherhood, as well as give Hillary Clinton a foreign policy "success" for her planned presidential run. The Muslim Brotherhood is allied with the transnational Left because the Brotherhood wear ties and suits and call themselves "moderates", and the transnational believe them and are too lazy to look up the Brotherhood's true beliefs in Arabic. We truly have incompetent people running politics (they spend 4 or 5 years in college, never had a real job, and think they are smarter than the other 7 billion people so should dictate what you can and cant do - such arrogance !).

Once Libya fell the massive arms stores there were transferred via Turkey to Syria - again to advance the Muslim Brotherhood agenda, and also to counter the expansion of Iranian influence. Of course, the exact opposite has happened and Iranian influence has increased massively.

The arms coming via Benghazi, as well as the $11 Billion of arms the Obama Administration sold to Qatar went to groups like Al Nura (AL Qaeda in Syria), Muslim Brotherhood groups, and eventually to the Islamic State. Arms also sent to Lebanon are used to equip Hezbollah.

A proper investigation of the activities in Benghazi, which was highlighted by the disgraceful lack of leadership and outright lying about the cause of the attack, would have exposed the Obama/Clinton policy of arming violent jihadis with Billions of dollars of arms.

The Benghazi scandal is not propaganda - the suppression of the facts around it are the propaganda. Besides the obvious propaganda of repeated memes the most invisible propaganda are the facts that the propagandists work to distort or outright hide from you. You are being lied to about Benghazi and its massive significance as the Obama/Clinton Administration tried to hide its involvement in the moving of weapons to arm Al Qaeda in Syria and eventually the Islamic State as they battle Iranian influence at the behest of the Saudis.

If these facts are new to you then your news sources have been feeding you propaganda and pretending Benghazi was less significant than it really was. Don't stand for this ! get news sources that will tell you the whole story - or else you will continue to be propagandized.

Extremeism lost

By SuperKendall • Score: 4, Informative • Thread

Unfortunately, it looks like extremism has become more popular.

Not from where I'm sitting. From everything Trump has said and done after the election, he's actually been quite reasonable - it's Clinton supporters that have gone insane, and during the election were pulling every dirty trick possible to win. Reasonableness triumphed over extremism for once, I'm hoping it's the start of a trend.

Re:Yes

By Kohath • Score: 4, Insightful • Thread

Ahh yes. "My side is sensible. The other side is extreme/insane/[insert slur here]." That's some well-reasoned analysis there.

Does your side actually do things to help the people whose votes you want? Maybe telling them to vote for you because you helped them might work better than telling them to vote for you because otherwise you'll call them names.

The sink not the source is the problem

By lfp98 • Score: 3 • Thread
The key to the success and of fake news and the main determinant of its content is not its sources but its consumers. What social media companies have discovered is that giving people whatever news they personally want to hear, regardless of its accuracy, can be a highly lucrative business. Just set up the algorithms, watch the news sources arise like magic, see the subscribers rack up clicks, and let the ad revenue roll in.

For The UK's 'Snoopers' Charter', Politicians Voted Themselves An Exemption

Posted by EditorDavidView on SlashDotShareable Link
The "Snoopers' Charter" passed in the U.K. greatly expands the government's surveillance power. But before they'd enact the new Investigatory Powers Act, Britain's elected officials first voted to make themselves exempt from it. Sort of. An anonymous reader writes: While their internet browsing history will still be swept up, just like everyone else's, no one will ever be able to access it without specific approval from the Prime Minister. And according to The Independent, "That rule applies not only to members of the Westminster parliament but also politicians in the devolved assembly and members of the European Parliament."
The article adds that the exemption was the very first amendment they approved for the legislation. And for a very long time, the only amendment.

don't worry

By ooloorie • Score: 3 • Thread

Wikileaks will leak their browsing history once it will be captured as mandated by law.

I'm looking forward to perusing it.

Re:A tree in the forest

By ooloorie • Score: 4, Insightful • Thread

I can see the reason. After all, there are a number of very good reasons why you don't want to hand out possibly blackmail-enabling information about your politicians.

Yeah, it's so much better when only the prime minister can obtain "blackmail-enabling information", because he, of course, would never abuse such information to pressure members of the opposition party! Oh, no, not the prime minister!

Re:Surprising? Not so much. - they're stupid

By currently_awake • Score: 4, Informative • Thread
It perfectly achieves the goal of those who want the spying. Telling the ministers they are "exempt" from the spying is cheaper than bribing them to pass this law.

What a horrible future...

By XSportSeeker • Score: 3 • Thread

US, Canada, India, UK... I guess this golden era of democracy is over. Here comes another round of dictatorships, population control and whatnot. Quite the dark heritage we're leaving for future generations.

Data awaiting a leak

By manu0601 • Score: 3 • Thread

Data is stil collected. This means at some time, an insider or a hacker will leak it.

And since it is tagged "for use after prime minister approval only", it will be easy to leak only that data

CO2 Researchers Are Now Hacking Photosynthesis

Posted by EditorDavidView on SlashDotShareable Link
Remember that story about the "artificial leaf" solar cells? Long-time Slashdot reader managerialslime quotes the Chicago Tribune: University of Illinois at Chicago researchers have developed a way to mimic plants' ability to convert carbon dioxide into fuel, a way to decrease the amounts of harmful gas in the atmosphere and produce clean energy. The artificial leaf essentially recycles carbon dioxide. And it's powered entirely by the sun, mimicking the real photosynthesis process.
But meanwhile, in Germany: Biochemists led by Tobias Erb at the Max Planck Institute for Terrestrial Microbiology...have developed a new, super-efficient method for living organisms to suck CO2 out of the atmosphere. Plants, algae, and other organisms turn CO2 into fuel. Erb and his colleagues reengineered this process, making it about 25 percent more energy efficient and potentially up to two or three times faster... Erb hopes that one day the CETCH cycle could be genetically engineered into living organisms, helping them more rapidly reduce atmospheric CO2 while producing useful materials.
The researchers created their new CO2-transforming cycle using 11 carefully chosen enzymes.

Re:What is the carbon footprint?

By jiriw • Score: 4, Informative • Thread

Guess what. Enzymes are usually called enzymes because they make possible a biochemical reaction, or enhance the natural reaction in such a way that they are not used up. Like a catalyst, but catalysts can be inorganic. Enzymes are definitely protein based, and as such, organic molecules.
As other proteins, they can denature or even disintegrate due to external circumstances (too much heat, acidity level) but in the right circumstances they keep existing and can process virtually indefinitely.

Re:"Super-Efficient"?

By jiriw • Score: 5, Insightful • Thread

Well, 'we' are already working on a not-happy outcome for 'us' due to 'our' own shortsightedness and hubris. Be glad there are still people willing to look into (even if they are radical) solutions to reverse this shit, instead of moaning about some imaginary economic doom scenario if they were ordered to actually move their asses for once.
There are already a lot of things making perfect sense (also economically) to do to reduce more damage. But often they aren't done because of established order and general inactivity and who-gives-a-shitness. Well, I do.

Question

By Solandri • Score: 4, Insightful • Thread
Instead of bio-engineering an organism which collects sunlight and uses it to extract CO2 from the atmosphere, why don't we just plant more trees?

I understand that you're upset that we're not doing more about CO2 emissions. But you have to understand that we're directly in control of those CO2 emissions. If we wanted to, we could stop all our CO2 emissions tomorrow. The problem isn't the capability, it's the desire. We already have the capability, we just lack the desire.

Releasing a self-replicating bio-engineered organism which extracts CO2 from the atmosphere is an order of magnitude more reckless than wantonly emitting CO2 to generate energy. Because once you release a self-replicating organism, you no longer have any control over it. If it turns out our calculations and predictions are wrong about the effects of reducing our CO2 emissions, we can modify our behavior in response because we control our CO2 emissions. But once you release that organism, that's it. It's out of our control. If our calculations were wrong about what the steady state response of the ecosystem will be to the introduction of that organism, we won't be able to stop it even if we desire to do so.

At least with trees, you have an organism which has been around for millions of years so its steady state effect on the ecosystem is pretty well understood.

Re:Beginning of the end

By ShanghaiBill • Score: 4, Informative • Thread

This has happened before, when plants first evolved the C4 cycle about 35 million years ago. It wasn't until about 6 million years ago that C4 became ecologically significant, when grasslands became widespread. The resultant fall in atmospheric CO2 caused global cooling and may have been a reason for the ice ages.

Re: "Super-Efficient"?

By jxander • Score: 4, Interesting • Thread

Of course nature has a feedback method to automatically correct the damage we do: extinction (or a major culling at least)

UK Health Secretary Urges Social Media Companies To Block Cyberbullying And Underaged Sexting

Posted by EditorDavidView on SlashDotShareable Link
Mark Wilson shares his article on Beta News: Health secretary Jeremy Hunt has made calls for technology companies and social media to do more to tackle the problems of cyberbullying, online intimidation and -- rather specifically -- under-18-year-olds texting sexually explicit images. Of course, he doesn't have the slightest idea about how to go about tackling these problems, but he has expressed his concern so that, in conjunction with passing this buck to tech companies, should be enough, right?
Hunt apparently believes there's already a technology which can identify sexually explicit photos, and that social media networks should now also develop algorithms to identify and block cyberbullying, an idea the Guardian called " sadly laughable."

"Is the blanket censorship of non-approved communications for all under 18s -- something that goes far further than even the Great Firewall of China -- really the kind of thing a government minister should be able to idly suggest in 2016?"

Dear politicians

By Opportunist • Score: 5, Insightful • Thread

If you plan to propose a law concerning the internet and telecommunication:

1) Find out how the internet and telecommunication infrastructure works.
2) Ponder how to enforce the law.
3) Ponder who gets to set the required rules and regulations to enforce the law.
4) Propose it.

Jumping straight to 4, as you usually do, leads to ridicule and only accomplishes that you're showing off your ignorance to a more and more computer- and internet-savvy population. In other words: Don't do it if you value your career.

The minister for magic strikes again

By vittal • Score: 3, Informative • Thread

Unfortunately (especially for those of us in the UK), Mr.Hunt has a number of views that appear to be at odds with reality. e.g. https://www.newscientist.com/a...

In the UK, if you speak to many doctors about the minister, prepare yourself for a very, *very* long stream of invective.

Time for surveilance again

By allo • Score: 3 • Thread

Last time we had it because of terrorism, this time it's because of the children. Next time terrorism again, but then censorship instead of surveilance.

Re:the trouble with trolls.

By allo • Score: 4, Interesting • Thread

Technology never solved social problems.

And here the workaround to your idea: Troll with two accounts. Do you still see the second one? Oh, it must be "versebanned".
Ideas like shadow banning seem clever to their inventors, but actually they are a silly game. Just convery your message and say "You're banned. That's it". Controlling if somebody returns needs to be done anyway, and hoping nobody notices your fancy new type of ban is just hopeless. Like the forums with the "crash browser of banned users" option in the good ol' times.

Down the slippery slope we go!

By Vermonter • Score: 3, Insightful • Thread
First the UK essentially banned pornography. Now it wants to ban being "mean" (which, being a subjective term, I'm sure will never ever be used to nefarious purposes). I can't wait to see what gets banned next in the name of protecting the children... maybe the political opposition will be labeled as "hate speech" and also be banned. Or maybe any religion that purports any morality that the government doesn't like will be labeled as "hate speech". I'm sure all this will lead to a British utopia in 10 years. I mean, sure, this path has always led to fascism in the past, but this time I'm sure it will somehow end up differently.

Crooks Need Just Six Seconds To Guess A Credit Card Number

Posted by EditorDavidView on SlashDotShareable Link
schwit1 quotes The Independent: Criminals can work out the card number, expiration date, and security code for a Visa debit or credit card in as little as six seconds using guesswork, researchers have found... Fraudsters use a so-called Distributed Guessing Attack to get around security features put in place to stop online fraud, and this may have been the method used in the recent Tesco Bank hack...

According to a study published in the academic journal IEEE Security & Privacy, fraudsters could use computers to systematically fire different variations of security data at hundreds of websites simultaneously. Within seconds, by a process of elimination, the criminals could verify the correct card number, expiration date and the three-digit security number on the back of the card.

One of the researchers explained this attack combines two weaknesses into one powerful attack. "Firstly, current online payment systems do not detect multiple invalid payment requests from different websites... Secondly, different websites ask for different variations in the card data fields to validate an online purchase. This means it's quite easy to build up the information and piece it together like a jigsaw puzzle."

Billing address?

By Paul Carver • Score: 3 • Thread

The article didn't mention billing address, but I don't think I've ever entered my credit card number into any website that didn't include billing address as a set of required fields. Shipping address is always an additional set of optional fields.

Now, I suppose if the backend doesn't validate billing address then you could use a fake addresses for the brute force part of the job, but when you go to use the card isn't a fake billing address going to be a dead giveaway that the transaction was a fraud and therefore guarantee a successful charge back with zero questions?

But if Visa has any sense they ought to require billing address verification as part of the preauthorization step for all card not present transactions.

It's even easier than that

By onyxruby • Score: 5, Insightful • Thread

This is a good opportunity to talk about why security through obscurity is bad:

Your typical credit card number has a theoretical 16 digits that are available. That's a huge number (9,999,999,999,999,999) that makes it look effectively impossible to guess. Let's pare that number down to size.

First, you aren't guessing anywhere near 16 digits. It turns out there's a lot you already know (1st digit is 4 for visa, 5 for mastercard etc.). That reduces the typical address space from 16 to 15 digits. That first number turns out to actually just be part of the bank identification number which is typically 6 digits long. All of the rest of it except for last digit is the actual account number. The last number itself is used for a checksum (Luhn) that is used to verify the number is good.

In other words to get the account number right you've only got an address space of 999,999,999. That's a significant reduction in magnitude to start with. Now let's go back to that Luhn checksum (it isn't a hash). Due to this detail you can easily validate the number to make sure that you haven't mistyped it (Luhn precedes using magnetic tape for credit cards).

The Luhn check uses a Mod 10 algorithm that excludes 90% of the previous address space. You now have 99,999,999 numbers to guess against. Your malicious actor isn't starting work in a quadrillion space number, they're working in the millions. All of that is just from the industry standards themselves. Now remember that each bank is going to have their own formulas for generating credit card numbers and that card thieves have data sets of the tens of millions - old dumps are good for providing data that can show patterns. This is a good example of how data at the aggregate level carries risk that it doesn't at the micro level.

Chances are the account number for the card itself isn't at all random. Chances are really good that the formulas used to generate these numbers for a number of large popular banks have been reverse engineered by any number of parties. You also have policies at many banks such as never reusing a number that also reduce this address space. All the malcious actor has to do is look for patterns. Patterns have a way of reducing the order of magnitude once you learn them.

The expiration dates themselves are typically within 2 years giving a range of only 24 to pick from for the typical transaction. Guess a valid account number, try it at 24 websites and chances are really good one of them will work. That leaves the CVC2 number itself, which of course isn't random either.

The system is broken, it's just a matter of time before industry must recalibrate how it works.

More below for those who are curious:
http://www.creditcards.com/cre...
http://datagenetics.com/blog/j...
http://www.darkcoding.net/cred...
http://blog.opensecurityresear...
http://www.ibm.com/support/kno...

Re:Why can't this be detected

By ShanghaiBill • Score: 4, Interesting • Thread

But what about the name on the card, then? Doesn't that have to be correct?

Many merchants do not verify the name. I recently made an online purchase and wanted it shipped to a friend, and I inadvertently set both the shipping and billing address to my friend's name and address. The transaction went through.

So some merchants verity the name, but not the CCV.
Some validate the CCV but not the name.
Some check the zipcode, others do not.

Wow, all you need is...

By kenh • Score: 3 • Thread

Mohammed explains: “Most hackers will have got hold of valid card numbers as a starting point but even without that it’s relatively easy to generate variations of card numbers and automatically send them out across numerous websites to validate them.

Uh, sure - if you have a valid card number as a starting point, the other data points are trivial... But if you don't, "guessing" the remaining 10 digits of a valid credit card number quickly becomes a non-trivial task because the only way to separate a "correct" credit card number (which can be proven algorithmically) from a validly-issued credit card is to supply the proposed "correct" credit card number to multiple sites with all 60 possible expiry dates and each of the nearly one thousand CVV numbers from the back... (See below)

“The next step is the expiry date. Banks typically issue cards that are valid for 60 months so guessing the date takes at most 60 attempts.

“The CVV is your last barrier and theoretically only the card holder has that piece of information – it isn’t stored anywhere else.

“But guessing this three-digit number takes fewer than 1,000 attempts. Spread this out over 1,000 websites and one will come back verified within a couple of seconds. And there you have it – all the data you need to hack the account.”

So, when the headline says "Credit Card" they only mean Visa, everyone else blocks cards after as few as a dozen failed attempts, and the key ingredient to "cracking" a credit card is to start with a valid credit card number, all 16 digits, then find a list of e-commerce websites that will let you keep pitching hundreds and hundreds of credit card transactions at them so you can go through all 60,000 combination of expiry date and CVV to find the right one. Oh, then you need to make sure the attempted purchase in under the card's available spending limit.

But hey, yeah, credit cards are easy to brute-force hack, if you start with a valid, active, complete 16 digit credit card number - as long as it is a Visa card and Visa doesn't update their software.

shouldnt fraud detection catch these?

By schweini • Score: 3 • Thread
But wouldn't this 'attack' be really trivial to detect on the credit card processor's side? There isn't a legitimate use case that would explain multiple attempts at the same time?

Why MakerBot Didn't Kickstart A 3D Printing Revolution

Posted by EditorDavidView on SlashDotShareable Link
Bre PettisâS once said MakerBot gave you a superpower -- "You can make anything you need." But four years later, mirandakatz writes that though MakerBot promised to revolutionize society, "That never happened." At Backchannel, Andrew Zaleski has the definitive, investigative account of why the 3D printing revolution hasn't yet come to pass, culled from interviews with industry observers, current MakerBot leadership, and a dozen former MakerBot employees. As he tells it, "In the span of a few years, MakerBot had to pull off two very different coups. It had to introduce millions of people to the wonders of 3D printing, and then convince them to shell out more than $1,000 for a machine. It also had to develop the technology fast enough to keep its customers happy. Those two tasks were too much for the fledgling company."

Re:!Revolution

By Rei • Score: 5, Funny • Thread

The word revolution also contains the word evolution, and you might have noticed that we've evolved past the point of calling a paper printer a necessary component of computing today.

And the word "internet" contains the word "tern", so clearly it is built upon angry arctic birds with sharp beaks that dive bomb anyone who gets too close to their nesting grounds.

We need a parts database for stuff.

By w3woody • Score: 4, Insightful • Thread

One place where I see a 3D printer being of use is when repairing things with hard-to-obtain parts. But of course you can't do this unless you have a database of parts you can print for the thing you are repairing. So like MP3 players (which did not explode until there was a database of downloadable songs that you could buy for 99 cents), we need a database of 3D printable parts for things like dishwashing machines and refrigerators and the like which can be downloaded for relatively cheap and printed on your printer which can be used to fix the broken component.

Of course not all parts can be replaced like this. But certainly there are plenty of components (such as the plastic drive gears in a garage door opener) which can be printed and replaced by consumers.

At the higher end I can see companies like auto repair shops using professional or pro-consumer level printers for printing harder, and more refined components for auto repairs, and even using 3D subtractive technologies (like CAD-driven lathes and CAD-driven milling machines) for making metal components which fail that do not require tight tolerances.

I think where things like the MakerBot gadget failed was that it seemed to be oriented around the idea that everyone could design their own components. But even in today's environment there are far fewer mechanical engineers and designers than folks like that give credit for.

No...it's fundamentally something else...

By Shoten • Score: 3 • Thread

For Makerbot to assume that they would revolutionize the world by selling a 3D printer at a low cost point is like someone assuming that houses will suddenly become super-cheap because they teach widespread classes on how to nail 2x4s together with a hammer and nails.

Let's start with the first problem...so Suzy Homemaker buys a 3D printer and brings it home to her family. Now what? "oh, it can make stuff." How do you define that 'stuff?' You have to design it, using 3D software...ah, whoops. Hm, bit of a learning curve there...and even if their son Bobby is plenty good with computers, you end up with a child who has the technical knowledge and adults who own the use cases...and let's face it, in almost no family is anyone good at packaging either the knowledge or the use cases so that others could make use of them. So you end up with parents who have a vague idea of what they would like but can't communicate it, and a kid who can probably figure things out but doesn't know how to teach it. (This is the "knowing how to build framing doesn't mean you have a design for a house to work from" part of the analogy.)

Then, let's look at the limitations...the material can only do certain things. You can basically make little plastic widgets. (This is the "houses have a lot more than 2x4s in them" part of the analogy.) You can't replicate a broken part very easily either...you're kind of focused down into a world where you're going to have to invent things for this to be useful. So add another necessary skill set to Suzy Homemaker's family for this whole thing to work.

I think MakerBot was a success...just not the kind of success they thought they would be. They helped put 3D printing on the map for Suzy Homemaker. People have gone into Home Depot and watched 3D printers at work, creating things...that's not a small accomplishment. The price of printing continues to come down, even for technologies that remain out of reach but are far more useful (being able to 3D print with metal is very important if you want to be real about this, because only toys are only made of plastic) and now the public is a bit better-prepared for a near future where they actually *can* print things. And now, there's an awareness that the printers are just the razor blade handles...and the designs are the razor blades. Once truly useful printing becomes accessible, there will be business activity that addresses that problem. I wouldn't be surprised if this becomes the same kind of shift that Eli Whitney created when he began the manufacture of devices that had interchangeable parts.

The moral of the story: massive shifts in society resulting from singular technologies are, in essence, Black Swan events. You cannot reliably predict them, no matter how badly you want VCs to give you money so that you can become the next Apple/Google/Microsoft/Facebook billionaires. Aim for major increments of change, and your business plans will be more viable.

What would you make?

By nine-times • Score: 3 • Thread

I think the single biggest problem with 3D printing is that most people don't have any idea what they would use it for. It's a neat concept, and it does seem useful that you could create a custom-made little plastic doodad of any specifications you want. The idea of being able to share designs seems to also have potential. Still, if someone gave me a 3D printer for free, I can't think of what I would use it for.

Maybe I just don't have enough imagination, but I think most of the population probably has even less than I do. There are only so many little plastic pieces of junk I need in my life. I think I'd get more use out of an automated loom that could make clothes, or an automated printer/binder that could make books. Or a system that made custom Ikea pieces for assembling custom furniture. I suppose you could make plastic furniture with a big enough 3D printer, but I don't want plastic furniture-- or a big enough 3D printer for that.

I've read through articles online about all the useful things you could make with your 3D printer. It's always stuff like book ends or door stops. Basically stuff that I don't really need, but if I did, the same purpose could be served by a small rock.

MakerBot was most hyped, not first, best, cheapest

By hawkeyeMI • Score: 4, Interesting • Thread
I initially preordered a Thing-O-Matic, but was quickly warned off while waiting for it to cancel and get one of the many great RepRap kits available. I'm glad I did. Anyone that spent more than an hour or two a week trying to 3D print stuff quickly came to realize that MakerBot printers were to be avoided. They cost more and were less capable than most of the alternatives. When people can 3D-print their own custom designs and thereby rapidly improve existing 3D printer designs, mass-producing printers on a long product life cycle is a losing proposition. As far as I can tell they only got as far as they did on Bre Pettis' cult of personality and hype. While Thingiverse is handy it is/was also subject to their whims and censorship, and they blocked any weapons or weapon parts from being uploaded there, highlighting the need for other methods of sharing 3D printing designs. All I can say in conclusion is good riddance to MakerBot, long live 3D printing.

Devuan's Systemd-Free Linux Hits Beta 2

Posted by EditorDavidView on SlashDotShareable Link
Long-time Slashdot reader Billly Gates writes, "For all the systemd haters who want a modern distro feel free to rejoice. The Debian fork called Devuan is almost done, completing a daunting task of stripping systemd dependencies from Debian." From The Register: Devuan came about after some users felt [Debian] had become too desktop-friendly. The change the greybeards objected to most was the decision to replace sysvinit init with systemd, a move felt to betray core Unix principles of user choice and keeping bloat to a bare minimum. Supporters of init freedom also dispute assertions that systemd is in all ways superior to sysvinit init, arguing that Debian ignored viable alternatives like sinit, openrc, runit, s6 and shepherd. All are therefore included in Devuan.
Devuan.org now features an "init freedom" logo with the tagline, "watching your first step. Their home page now links to the download site for Devuan Jessie 1.0 Beta2, promising an OS that "avoids entanglement".

Re:Init alternatives

By fnj • Score: 5, Insightful • Thread

[OpenRC] supports parallel startup processes

Except for one little problem. Gentoo Bug 391945: "boot can hang when rc_parallel=yes".

Reported 2009. Current status 5 years later: "CONFIRMED".

Re:Init alternatives

By fnj • Score: 4, Insightful • Thread

In the spirit of "Do one thing and do it well", systemd's goal ...

BWAHAHA!

Re:Init alternatives

By gweihir • Score: 4, Insightful • Thread

Ok, that may waste time. Everybody knows that reinstalling is the way to go on boot-problems, right?

Re:Init alternatives

By pz • Score: 4, Insightful • Thread

The biggest improvement over antique boot systems ...

That there is the heart of the problem, an attitude that anything old is necessarily bad. That your otherwise calm and reasoned presentation allowed this pejorative to slip in belies the psychological bias that underlies the wide arguments on the subject.

Lest we forget, Linux as a whole turned 25 recently. That's antique. Are you giving up the entirety because it's old? Your favorite editor is probably (just based on popularity) is either emacs or vi / vim. They are very, very old (heck, I've been using emacs since the early 1980s!). Are you dumping them because they are old? I hope you see why calling something "antique" is ill-conceived.

Now to make sure that my point is being made clear, allow me to be explicit: old does not necessarily mean bad, but it does not necessarily mean good, either. Things that are old now were once shiny and new, and weren't necessarily an improvement when they were introduced. But change merely for the sake of change -- which seems to be what was behind debacles in KDE, Gnome, systemd, and Wayland to name a handful -- is wasted effort. For systemd in particular, the primary argument for using it seems to be parallel init, something that as many others have pointed out really isn't much of an issue these days since (a) Linux is generally stable enough that reboots are rare (although there are specific use-cases that benefit, like demand-based VM creation), and (b) computers have become generally fast enough that reboots are inherently speedy.

Re:Init alternatives

By Antique Geekmeister • Score: 4, Informative • Thread

> To that end, the only real interaction you normally have with systemd is to start or stop a service, and view the associated logs if some service is misbehaving.

Systemd has also taken over network configuration with an unnecessary DHCP service, which it should _not_ have touched, automounting, and is now attempting to manage user processes with misfeatures that kill user processes silently, such as the default enabled "KillUserProcess" command. Please be clear that systemd is not attempting to _manage_ processes. It is attempting to directly manage almost _all_ system services, many of them by direct replacement with dangerously incompatible and modified systems.