the unofficial Slashdot digest

A Look At the Firepick Delta Circuit Board Assembler (Video)

Posted by Roblimo in Hardware • View
From the Firepick website: 'We are developing a really cool robotic machine that is capable of assembling electronic circuit boards (it also 3D prints, and does some other stuff!). It uses a vacuum nozzle to pick really tiny resistors and computer chips up, and place them down very carefully on a printed circuit board.' There are lots of companies here and in China that will happily place and solder components on your printed circuit board, but hardly any that will do a one-off prototype or a small quantity. And the components have gotten small enough that this is really a job for a robot (or at least a Waldo), not human fingers. || There are obviously other devices on the market that do this, but Firepick Delta creator Neil Jansen says they are far too expensive for small companies, let alone individual makers.

The Firepick Delta Hackaday page talks about a $300 price for this machine. That may be too optimistic, but even if it ends up costing two or three times that amount, that's still a huge step forward for small-time inventors and custom manufacturers who need to populate just a few circuit boards, not thousands. They have a Haxlr8r pitch video, and have been noticed by TechCrunch,, and Adafruit, just to name a few. Kickstarter? Not yet. Maybe next year. Open source? Totally, complete with GitHub repository. And they were at OSCON 2014, which is where Timothy found them. ( Alternate Video Link)

seL4 Verified Microkernel Now Open Source

Posted by Unknown Lamer in Developers • View
Back in 2009, OKLabs/NICTA announced the first formally verified microkernel, seL4 (a member of the L4 family). Alas, it was proprietary software. Today, that's no longer the case: seL4 has been released under the GPLv2 (only, no "or later versions clause" unfortunately). An anonymous reader writes OSnews is reporting that the formally verified sel4 microkernel is now open source: "General Dynamics C4 Systems and NICTA are pleased to announce the open sourcing of seL4, the world's first operating-system kernel with an end-to-end proof of implementation correctness and security enforcement. It is still the world's most highly assured OS." Source is over at Github. It supports ARM and x86 (including the popular Beaglebone ARM board). If you have an x86 with the VT-x and Extended Page Table extensions you can even run Linux atop seL4 (and the seL4 website is served by Linux on seL4).

More info

By Enry • Score: 3 • Thread

Is it really that hard to give more background information?

Enceladus's 101 Geysers Blast From Hidden Ocean

Posted by Soulskill in Science • View
astroengine writes: New observations from NASA's Saturn-orbiting Cassini spacecraft have revealed at least 101 individual geysers erupting from Enceladus' crust and, through careful analysis, planetary scientists have uncovered their origin. From the cracked ice in this region, fissures blast out water vapor mixed with organic compounds as huge geysers. Associated with these geysers are surface "hotspots" but until now there has been some ambiguity as to whether the hotspots are creating the geysers or whether the geysers are creating the hotspots. "Once we had these results in hand, we knew right away heat was not causing the geysers, but vice versa," said Carolyn Porco, leader of the Cassini imaging team from the Space Science Institute in Boulder, Colo., and lead author of one of the research papers. "It also told us the geysers are not a near-surface phenomenon, but have much deeper roots." And those roots point to a large subsurface source of liquid water — adding Enceladus as one of the few tantalizing destinations for future astrobiology missions.


By i kan reed • Score: 5, Insightful • Thread

Alien bacteria would be an amazing reinforcement of cell theory. All life on earth is made of cells, but it's easy to dismiss that as saying that any other suddenly emergent kinds of life couldn't compete against the already evolving cells that happened to come first.

Finding truly alien bacteria would basically cement the idea that cells and life are synonymous.

What I'm trying to say, haphazardly, is that any kind of alien life would have tremendously informative side effects for biology in general.

2010: Odyssey Two (4th Edition)

By CanEHdian • Score: 5, Funny • Thread


Well, let's hope if I add some lowercase that the filter will allow me to post. HAL 9000 communicated in capitals."

Programming Languages You'll Need Next Year (and Beyond)

Posted by Soulskill in Developers • View
Nerval's Lobster writes: Over at Dice, there's a breakdown of the programming languages that could prove most popular over the next year or two, including Apple's Swift, JavaScript, CSS3, and PHP. But perhaps the most interesting entry on the list is Erlang, an older language invented in 1986 by engineers at Ericsson. It was originally intended to be used specifically for telecommunications needs, but has since evolved into a general-purpose language, and found a home in cloud-based, high-performance computing when concurrency is needed. "There aren't a lot of Erlang jobs out there," writes developer Jeff Cogswell. "However, if you do master it (and I mean master it, not just learn a bit about it), then you'll probably land a really good job. That's the trade-off: You'll have to devote a lot of energy into it. But if you do, the payoffs could be high." And while the rest of the featured languages are no-brainers with regard to popularity, it's an open question how long it might take Swift to become popular, given how hard Apple will push it as the language for developing on iOS.

Re:If you want to earn big bucks...

By angel'o'sphere • Score: 4, Informative • Thread

Developers in start ups usually are bad paid and baited with stock options.

The programming language for the next 20 years...

By Damouze • Score: 4, Insightful • Thread

C. Plain old C.

Entire Operating Systems are written in it. Userland tools for those operating systems are usually written in it. Any self-respecting developer knows at least C. The rest is just like fashion tips: next year they're outdated.

Although, as much as I hate to admit it, the same could be said for Java...

Re:If you want to earn big bucks...

By mark-t • Score: 4, Insightful • Thread
Not that I'm knocking "earning big bucks", but it always kinda pisses me off that people talk about compuer programming or a certain type of programming as being especially lucrative, as if that should be some sort of aspiration in life. It certainly pays better than a lot of other jobs that I've had, but how much money you can earn is a pretty shallow metric for success, if you ask me.

IT security wanna-bees, take note

By 93 Escort Wagon • Score: 3 • Thread

PHP is forecast to be very popular going forward. That means your employment prospects are good!

Functional Programming?

By cforciea • Score: 3 • Thread

A functional language is one whereby the functions themselves can be stored in variables and passed around as parameters to other languages.

What in the actual fuck. That may be the worst definition of a functional language I've ever heard. Even if I try to interpret it as something that could make any sort of sense, I just get that storing functions in variables makes a language functional, which the author goes on to debunk by pointing out that C++ isn't a functional language. Why bother even trying to describe them if you have no idea what the hell they are?

Senate Bill Would Ban Most Bulk Surveillance

Posted by Soulskill in YRO • View
An anonymous reader writes: Today Senator Patrick Leahy (D-VT) introduced a bill that would ban bulk collection of telephone records and internet data for U.S. citizens. This is a stronger version of the legislation that passed the U.S. House in May, and it has support from the executive branch as well. "The bill, called the USA Freedom Act, would prohibit the government from collecting all information from a particular service provider or a broad geographic area, such as a city or area code, according to a release from Leahy's office. It would expand government and company reporting to the public and reform the Foreign Intelligence Surveillance Court, which reviews NSA intelligence activities. Both House and Senate measures would keep information out of NSA computers, but the Senate bill would impose stricter limits on how much data the spy agency could seek."


By Charliemopps • Score: 4, Insightful • Thread

How about instead, we just pass a law clarifying that the constitution does indeed apply to algorithms?

Just because a robot searched your car does not mean your car was not searched.

i.e. A police officers doing:
C:\directory search batch file.bat
is no different than:

and really... that's what this all comes down to.

Re:For domestic use only

By xfizik • Score: 4, Interesting • Thread
No, I'm not nutz and I understand the realities of all this, but the fact is that while you at least get the talk about how "bulk surveillance on U.S. citizens" is bad and a chance that it may one day be stopped or limited, spying on the rest of the world is not being discussed at all. It's not as you say:
1. make them stop spying on US citizens
2. make them stop spying on everyone else
2 will never happen from within the U.S. Our own governments are the ones who have to protect our communications and, as I said, they have not expressed any willingness to do anything in that direction, which is sad.

Smells like BS

By tomkost • Score: 4, Insightful • Thread
I'd like to see an analysis by EFF or ACLU. Laws these days are named so that people will think they do when thing when the often do something else or even the opposite of what they do. There's no details given. I'm betting there are no criminal penalties for breaking this new either. Without that, it's useless.

Re:Alright! Go Senate bill

By CrimsonAvenger • Score: 5, Interesting • Thread

TFS notes that Obama is behind this bill.

I find this interesting, since as head of the Executive Branch, he can order the NSA to do what this bill requires without bothering with a law, since no law exists requiring the NSA to collect telephone records on everyone.

And if such a law existed, it would be pretty clearly unconstitutional, and thus null and void....

Re:Alright! Go Senate bill

By Just Some Guy • Score: 5, Insightful • Thread

I find this interesting, since as head of the Executive Branch, he can order the NSA to do what this bill requires without bothering with a law, since no law exists requiring the NSA to collect telephone records on everyone.

However, he can't order the next President to continue his policies. There's a lot to be said for pinning these things down so that they can't be changed on a whim.

Tesla and Panasonic Have Reached an Agreement On the Gigafactory

Posted by Soulskill in Technology • View
cartechboy writes: Tesla's been pretty quiet regarding its upcoming gigafactory lately, but that's about to change. It seems the Silicon Valley startup has reached an agreement with Panasonic in regards to the gigafactory, and Panasonic's going to end up having skin in the game. While the electronics giant was originally skeptical of Tesla's battery factory, it now isn't just on board, it's actually going to participate in the construction of this new facility. It's reported that Panasonic will invest 20 billion to 30 billion yen (194 million to $291 million at current exchange rates), and supply fabrication machinery necessary for cell production. That means Pansonic could end up footing the bill for $1 billion of the total $5 billion anticipated investment required for the gigafactory to get off the ground. If things continue to move forward, the Gigafactory should be online by the end of 2017.

Re:What makes this a gigafactory?

By erice • Score: 5, Funny • Thread

Its much bigger than a megafactory, that's all I can tell you.

Yes, but is it 1000 times bigger or 1024 times bigger? That's the important part!

Re:What makes this a gigafactory?

By timeOday • Score: 4, Interesting • Thread
Which part do you find suspect? Tesla wants to make a major launch of a $35K all-electric car, which will require a huge number of batteries, above and beyond the current supply. The word "allegation" sounds as if you think the new Telsa model won't use batteries? Or that there's already enough production to support the new Tesla model, presumably going straight into a huge hole in the ground? Or what?

Re:What makes this a gigafactory?

By AikonMGB • Score: 4, Funny • Thread

Actually, a gibifactory would be ~1073.74 megafactories; you are mixing scales :) </pendantry>

Re:What makes this a gigafactory?

By compro01 • Score: 4, Informative • Thread

According to Tesla, it will have as much production capacity as all current li-ion battery factories combined.

The giga does have some meaning, as the factory has a planned production of 35 gigawatt-hours of batteries per year.

Cell and battery production in same plant

By Animats • Score: 5, Informative • Thread

The Tesla/Panasonic plan gets cell and battery production back into the same plant. The battery industry has, for a while, had a model where cells were made in one country (usually Japan, Taiwan or S. Korea, or at least with machinery from there) and assembled into device-specific battery packs near where the end device was produced (usually China or the US.) For the Chevy Volt, the cells come frm LG Chem in Korea, and the battery packs are assembled at the Brownstown, MI Battery Assembly plant.

There's no good reason to do it that way now that the era of cheap labor in China is over. As a rule of thumb, labor has to be 4x cheaper to justify offshoring. The coastal provinces in China have reached that level with respect to US/Japan wages.

Done right, this isn't labor-intensive. Brownstown has only 100 workers in a 400,000 square foot plant, and they're doing battery assembly, which is the more labor-intensive part of the operation. Tesla claims to need 6,500 employees for their 10 million square foot plant, but they're probably counting construction-phase employees.

3-D Printing Comes To Amazon

Posted by Soulskill in Build new • View
An anonymous reader writes Promising "an appstore for the physical world," Amazon has just unveiled their new online market for products created using a 3-D printer. "Customization gives customers the power to remix their world," explains the co-founder of Mixee Labs (an Amazon partner), "and we want to change the way people shop online." Amazon's ability to sell you things before they've even been built is currently limited mostly to novelties like iPhone cases, jewelry, and bobbleheads that look like you. But this could be the beginning of mainstream 3D printing.

3D Printing Issue.

By jellomizer • Score: 3 • Thread

The real issue right now with 3D Printing, most of the stuff you can print is stuff most people really don't need.

The last time I wished I could have a 3D printer was to replace a Worm Gear for my Garage Door Opener. That was about 6 Months ago.

For decoration, I really don't want Cheap Plastic decorations, and a new phone case isn't that interesting either.

Right now 3D Printing is really still for industry.

"Beginning of mainstream 3D printing"

By Animats • Score: 5, Informative • Thread

But this could be the beginning of mainstream 3D printing.

We heard that when Staples did it.

Amazon's 3D printed product offerings are rather lame. They're not offering any of the more advanced 3D printing processes; for that you have to go to Shapeways. All you can get from Amazon is plastic junk.


By Russ1642 • Score: 5, Funny • Thread

The strength and martial properties of medals comes from the arrangement of the crystal lattices. These are things that 3D printing cannot do.

And there's all that tireless training and stressful competition. Who wants to do that?


By fuzzyfuzzyfungus • Score: 5, Insightful • Thread
Depends on what you pay.

A poorly calibrated fused filament unit will produce stringy junk that delaminates if you look at it funny. A well calibrated one will achieve something reasonably close to what the plastic it is using is actually capable of. Outside the cheap seats, you can print all kinds of things(especially if you count parts that require one or more additional processing steps as '3d printed'. Printing wax, for example, is pretty undemanding, and allows you to do lost-wax casts of more or less any shape that will cast properly, without needing a printer that can sinter or melt metals. Some of the techniques for producing ceramics are in the same vein, the printer just needs to tack the ceramic material together long enough for firing, which takes care of the mechanical properties.)

The one thing that is (relatively) easy with injection molding that 3d printing (to my knowledge) isn't so hot for is overmolds. When injection molding you can use insert molding or multi-shot systems to achieve the (enormously common and fairly popular) combination of a rigid plastic structure with an elastomeric surface treatment for grip or aesthetic reasons. For prototyping purposes you can get paint-like coatings that emulate elastomeric overmolds that you can brush on to 3d printed parts; but the quality isn't as good and production takes longer.

Staples' My Easy 3d is MUCH better! Print ANYTHING

By mrnick • Score: 3 • Thread

With Staples' My Easy 3d you can print ANYTHING! It looks like Amazon's solution is to let you personalize objects, not create your own.

Amazon's 3D Print... uhmm well all I can say is LAME!

Ask Slashdot: Open Hard- & Software Based Security Token?

Posted by timothy in Ask Slashdot • View
Qbertino (265505) writes I've been musing about a security setup to allow my coworkers/users access to files from the outside. I want security to be a little safer than pure key- or password-based SSH access, and some super-expensive RSA Token setup is out of question. I've been wondering whether there are any feasible and working FOSS and open hardware-based security token generator projects out there. It'd be best with ready-made server-side scripts/daemons. Perhaps something Arduino or Raspberry Pi based? Has anybody tried something like this? What are your experiences? What do you use? How would you attempt an open hardware FOSS solution to this problem?

use SMS

By rMortyH • Score: 3 • Thread

You can set up 2nd factor using SMS pretty easily, and have it text you a second password that's good for five minutes.
Definitely the cheapest option.

If you make your own token with an arduino and an LCD and a real time clock and a battery you've already paid for the RSA tokens.


Yubikey is the way to go...

By bubulubugoth • Score: 5, Informative • Thread

Yubikey is a USB OTP generator, it can be integrated quite easily and it has ssh and a little fast dig up I found this link about yubikey and openvpn..


By Roadmaster • Score: 5, Informative • Thread

My organization uses 2FA with a standard that's compatible with Google Authenticator and a Yubikey (OATH: and People with smartphones could use Google Authenticator to obtain auth tokens; an inexpensive ($25 per person) yubikey provides a very easy way to enter tokens without much hassle; and the open-source oathtool can generate tokens for other uses (i.e. add a "paper" authentication device with a long list of sequential tokens).

Google Authenticator for software tokens

By heypete • Score: 5, Informative • Thread

For software tokens, Google Authenticator has apps for Android, iOS, and BlackBerry. They implement the TOTP standard, so any compatible code-generating software (such as the J2ME app I have on my non-smartphone) will work with it.

They also have a PAM module that works with SSH (or anything else that uses PAM). I've used it before, and it works great.

For reference, neither the apps nor the PAM module depend in any way on Google services, they don't send any data to Google, and will work perfectly happily in a totally offline environment (assuming all the servers and client apps have synchronized clocks).

Smart cards work

By dremspider • Score: 3 • Thread
I have had a smart card setup for a little while. I use it for both OpenVPN and SSH access. I created the card by making my own CA and then using OpenSC to write to the card itself. There are some other cool things you can do like us it for PGP signing. I got a whole kit for about $100 bucks that came with a reader/writer, 2 cards and one USB thing.

Better Living Through Data

Posted by timothy in Technology • View
jradavenport (3020071) writes "Using two years of continuous monitoring of my MacBook Air battery usage (once every minute), I have been able to study my own computer use patterns in amazing detail. This dataset includes 293k measurements, or more than 204 days of use over two years. I use the laptop over 50 hours per week on average, and my most productive day is Tuesday. Changes in my work/life balance have begun to appear over the two-year span, and I am curious whether such data can help inform how much computer use is healthy/productive."

you have data

By gl4ss • Score: 4, Informative • Thread

but the data serves you no purpose, besides that it probably shows your battery isn't as good as it used to be.

need more data i think

By shadowrat • Score: 5, Funny • Thread

I am curious whether such data can help inform how much computer use is healthy/productive

You could keep stockpiling this data for your whole life, die, and draw the conclusion that all that computer usage must have killed you.


By Anonymous Coward • Score: 4, Insightful • Thread

"and my most productive day is Tuesday"

Are you seriously attempting to correlate battery use and productivity? Using MS office should have very little battery drain as compared to CPU/GPU intensive applications but it doesn't mean one is more productive than the other. I can open a browser and play a flash game and use more battery than I would if I were writing code. Simply using the laptop also doesn't mean productivity, as browsing the internet isn't productive but uses battery life.


By CanHasDIY • Score: 4, Insightful • Thread

I can open a browser and play a flash game and use more battery than I would if I were writing code. Simply using the laptop also doesn't mean productivity, as browsing the internet isn't productive but uses battery life.

Conversely, a graphics designer creating and rendering complex 3D models all day would use far more battery life than someone using Excel to create a catalog of their Magic cards.

Good grief ...

By CaptainDork • Score: 4, Insightful • Thread

Got any thorough analysis, with Power Point slides, on the frequency at which you clip your toe nails?

Waste byproduct in SI units would be helpful, as well.

$299 Android Gaming Tablet Reviewed

Posted by timothy in Games • View
Vigile (99919) writes "Last week NVIDIA announced the SHIELD Tablet and SHIELD Controller, and reviews are finally appearing this morning. Based on the high performance Tegra K1 SoC that integrates 192 Kepler architecture CUDA cores, benchmarks reveal that that the SHIELD Tablet is basically unmatched by any other mobile device on the market when it comes to graphics performance — it is more than 2.5x the performance of the Apple A7 in some instances. With that power NVIDIA is able to showcase full OpenGL versions of games like Portal and Half-Life 2 running at 1080p locally on the 19:12 display or output to a TV in a "console mode." PC Perspective has impressions of that experience as well as using the NVIDIA Game Stream technology to play your PC games on the SHIELD Tablet and controller. To go even further down the rabbit hole, you can stream your PC games from your desktop to your tablet, output them to the TV in console mode, stream your game play to Twitch from the tablet while overlaying your image through the front facing camera AND record your sessions locally via ShadowPlay and using the Wi-Fi Direct powered controller to send and receive audio. It is incredibly impressive hardware but the question remains as to whether or not there is, or will be, a market for Android-based gaming devices, even those with the power and performance that NVIDIA has built."

Re:What's the market for this?

By netsavior • Score: 5, Interesting • Thread
I play lots of casual games in addition to less casual ones. I would love to have a tablet that can run my steam games while I sit on the couch "watching" tv dramas with my wife. I already have a gaming rig... I should not have to buy a $1200 MS Surface to accomplish this.

The Future Past

By CanHasDIY • Score: 3 • Thread

The SHIELD Tablet... is able to showcase full OpenGL versions of games like Portal and Half-Life 2 running at 1080p

So, the future of gaming is... the past of gaming, but at higher resolution!

Seriously, you want to impress me, do it with a game that's not older than the current 2nd-term Presidency.

running at 1080p

By stewsters • Score: 4, Funny • Thread
"running at 1080p"
Take that, Xbone.

Re:How's the Android emulation scene?

By Psykechan • Score: 4, Interesting • Thread

Dolphin has made some significant progress. See this for yourself.

Mind you, the real consoles cost a lot less than this tablet so it's still novelty.

Apple Appsore needs more Apps

By tuppe666 • Score: 4, Informative • Thread

Nobody wants to develop on Android

iOS Active / 1.2 million+ apps (As of June 2014) vs Google Play Active / 1.3+ million apps (as of July 2014)

You could not be more wrong

A 24-Year-Old Scammed Apple 42 Times In 16 Different States

Posted by timothy in YRO • View
redletterdave (2493036) writes "Sharron Laverne Parrish Jr., 24, allegedly scammed Apple not once, but 42 times, cheating the company out of more than $300,000 — and his scam was breathtakingly simple. According to a Secret Service criminal complaint, Parrish allegedly visited Apple Stores and tried to buy products with four different debit cards, which were all closed by his respective financial institutions. When his debit card was inevitably declined by the Apple Store, he would protest and offer to call his bank — except, he wasn't really calling his bank. So he would allegedly offer the Apple Store employees a fake authorization code with a certain number of digits, which is normally provided by credit card issuers to create a record of the credit or debit override. But that's the problem with this system: as long as the number of digits is correct, the override code itself doesn't matter."

Re:Wow ...

By lgw • Score: 4, Insightful • Thread

The customer didn't print special cards here - they're just normal, expired cards.

The store doesn't call the number on the back of the card - the store calls their own merchant bank.

This was just straightforward grift (a con game), not some glaring flaw in the banking system. The sales clerks got suckered, perhaps due to lack of training by Apple, or perhaps the con-man was just that good.

Re:Wow ...

By Serenissima • Score: 5, Informative • Thread
I used to work at The Apple Store. And that's really the way it should work. However, from my time there, we had credit cards declined all of the time. The Apple Store is a huge place for fraudulent purchases and credit cards routinely auto-blocked access when purchases were for Apple and outside of typical purchases. We actually had the VP of BOEING's Business credit card declined. The standard procedure was to have the customer call the bank, validate that they were them, and that they indeed DID want to make the purchase. After about a minute, we could re-run the card and it'd work.

Now, when the payment device asked for an Override code, it was the job of the EMPLOYEE to got to the back and call up the bank. We're provided special numbers to call and special codes we have to type in. It's a horribly clunky and long process which everyone hated to do, but that was it. So, this is completely the employee's fault - albeit it's really a training issue and the blame rests with Apple. I can totally see why an employee would

#1) Not want to go through that process when they need to get to the next sale

#2) Possibly be new and not completely understand the process

#3) Be susceptible to some clever social engineering - ie: There are some cases where the customer must call the bank. I need an override code from the bank to process this. The customer is calling the bank, so that means I don't have to!

So it's a big f-up, but I can totally understand how and why it happened.

Re: Wow ...

By madhatter256 • Score: 4, Insightful • Thread

Not really, I know people who write POS code for a company that competes with NCR. They have no ties to banks. it's all about talking to processors, like VISA, Mastercard, etc.

I guess people are trying to pin this on the bank because banks are evil. #wallstreet #99% #ideserverwhatyouworkedfor #givemestuff

Re:Wow ...

By Concerned Onlooker • Score: 5, Funny • Thread

"Visa wakes up, takes a dump, then wipes its ass with $300,000 dollars."

This must be the reason that all those money laundering schemes exist.

Re:Wow ...

By thinuspollard • Score: 5, Informative • Thread

Ok, they way it is supposed to work

  • 1. The POS is offline, or the card cannot be "read" by the POS device
  • 2. The MERCHANT is supposed to call the bank to obtain manual authorisation
  • 3. The bank actually performs the transaction against the backend, reserves the funds and issues an auth code to the merchant. This auth code is a reference number. A pretty large financial switch supplier I used to work with would use the local time (HHMMSS) as an auth number. Nothing wrong with that, transaction has already been authed online via the call centre.
  • 4. The merchant enters a manual transaction on the POS device, entering the auth number on the POS device to form part of the transaction.
  • 5. The POS does not send anything at this point in time to the bank. Remember, in obtaining the auth number, the transaction was already submitted and approved. The POS keeps this transaction in storage with the auth number
  • 6. End of day, the POS submits all transactions to the bank. This is called Banking the POS or settlement.
  • 7. Since all online transactions has been performed, these settlement records acts as a reconciliation. At this point the customer's bank account gets debited and the merchant only gets settled for the settlement transactions that were submitted to the bank, not for the online autos. If this settlement transaction does not match exactly with the original auth, the merchant does not get settled for this transaction. (It is slightly more complicated than this, since floor limits allows for the case where there was no original auth and the settlement tran is the only message seen, but for the amount of an Apple Store purchase, this would not come into play)

So the system is relatively secure, but the MERCHANT should have called the bank, not the customer, that is where it broke down. This system also allows for floor limits, where the merchant is willing to accept a certain level of risk and the POS device approves transactions for an amount less than a set limit. At the end of the day the POS device submits these transactions to the bank and if the cardholder does not have sufficient funds, the merchant loses out.

All these protocols have been in place for many years and dates from a time where communication between the POS and the bank was relatively expensive and slow. Dialling up for every transactions was not an option, so you would try to batch them together to achieve a lower cost per transaction.

This is a very high level explanation of the issues involved here, but should convey the general ideas.

Yes, the Apple Store managers and employees were idiots in this case

Ridley Scott to Produce Philip K Dick's The Man In the High Castle

Posted by timothy in Entertainment • View
hawkinspeter (831501) writes Amazon has given the green light to produce the Hugo award-winning "The Man in the High Castle". This is after the four-hour mini-series was rejected by Syfy and afterwards by the BBC. Philip K Dick's novel takes place in an alternate universe where the Axis Powers won the Second World War. It's one of his most successful works, probably due to him actually spending the time to do some editing on it (most of his fiction was produced rapidly in order to get some money). Ridley Scott has previously adapted PKD's "Do Androids Dream of Electric Sheep" as the film Blade Runner, so it will be interesting to see how close he keeps to the source material this time. This news has been picked up by a few sites: International Business Times; The Register and Deadline.

Blade Runner's script had little to do with Ridley

By tekrat • Score: 5, Interesting • Thread

What Ridley Scott brought to the table was an art-director's viewpoint. I believe it was his call that the world be dystopian rather than utopian. Syd Mead was brought in to realize that vision from Ridley's sketches.

Blade Runner was a magical coming-together of quite a few artists while they were at the height of their careers, Scott, Mead, Ford, Hauer hell, even Vangellis never was better. Blade Runner was Scott's attempt to bring back Film Noir in a sci-fi setting -- something that seems common now, but was a radical breakthrough then.

It's a tough act to follow. And as much as I like Ridley's visual style, his latest films have suffered badly from too much money lavished on sets and effects, and not enough on script and acting.

I can also say that, having read "Man in High Castle", that's not an easy book to put to film. It's a huge, complicated story that's not easy to follow. I just hope that they put the work into making the story work, and not gloss over it just to work in explosions and effects.

I had heard that Ridley was interested in Joe Haldeman's "The Forever War" -- not *that's* a movie I want to see. That book blew my mind, and I really, really, really want a good movie of that.

Syfylys passes on an actual classic

By BenJeremy • Score: 5, Insightful • Thread

This is why you put an executive in charge of a channel that actually likes the genre. Bonnie Hammer only saw SciFi Channel as a stepping stone to a more mainstream network (USA), and installed another idiot who didn't really care for the shows they were peddling when she left.

They should be funding movies based on classics, whenever possible, instead of the crappy creature-of-the-week and pseudo-reality crap they shovel out every week. These days, its possible to deliver quality science fiction programming without busting your budget, too - but somebody at the top has to be motivated to deliver this to the fans (the network's viewer base), rather than dump garbage none of the fan base wants to see in order to draw more "mainstream" viewers.

Producing, not Directing

By Sockatume • Score: 4, Interesting • Thread

Scott's producing the series, not directing. David Semel's actually in the chair. He's directing experience across a lot of serial shows, which bodes well for his ability to respect established characters and storylines. So between the two of them, if nothing else it should be a smooth production.

Re:Considering his history...

By uCallHimDrJ0NES • Score: 4, Insightful • Thread

People who reject content based off of arbitrary genre preferences are a burden to themselves and others. I don't believe that prior to Firefly, you would have said, "I'm really wanting another Western." You don't like superheroes you say, and I call bullshit. You just don't want to be lumped in with liking something that's become mainstream. Get over it.

Re:Syfylys passes on an actual classic

By MrTester • Score: 4, Informative • Thread
Hell yes.
They have a couple of good properties now, but for the most part its crap.
And where is the classic SciFi appreciation? Forbidden Planet, Them, The Day the Earth Stood Still (without Neo). When is the last time they showed a black and white program other than Twilight Zone?

If I was in charge of SyFy:
1) Classic movie of the week with a Turner Classic Movies style intro talking about the movie, its impact, roots and the making of the movie.
2) Guest hosts introducing their favorite SciFi
3) Put together a stable of actors, authors and directors and host a weekly 90 minute-3 sketch late night program modeled on Saturday Night Live, but focusing on scifi story telling instead of comedy. Some of the sketches could be one offs, others a mini-series. Probably not live, although that might be fun too...
4) Get some real scifi lovers to look for classic works that they could get the rights to produce as movies. They dont have to be high budget. Take the same budget they spend now on their monster of the week movies, spend less on special effects and throw it at the scripts. I know thats not a lot, but give me a day and $500 and I can improve the hell out of their scripts.
5) No wrestling
6) Change the name back to SciFi

Put Your Code in the SWAMP: DHS Sponsors Online Open Source Code Testing

Posted by timothy in Developers • View
cold fjord (826450) writes with an excerpt from ZDNet At OSCon, The Department of Homeland Security (DHS) ... quietly announced that they're now offering a service for checking out your open-source code for security holes and bugs: the Software Assurance Marketplace (SWAMP). ... Patrick Beyer, SWAMP's Project Manager at Morgridge Institute for Research, the project's prime contractor, explained, "With open source's popularity, more and more government branches are using open-source code. Some are grabbing code from here, there, and everywhere." Understandably, "there's more and more concern about the safety and quality of this code. We're the one place you can go to check into the code" ... funded by a $23.4 million grant from the Department of Homeland Security Science & Technology Directorate (DHS S&T), SWAMP is designed by researchers from the Morgridge Institute, the University of Illinois-Champaign/Urbana, Indiana University, and the University of Wisconsin-Madison. Each brings broad experience in software assurance, security, open source software development, national distributed facilities and identity management to the project. ... SWAMP opened its services to the community in February of 2014 offering five open-source static analysis tools that analyze source code for possible security defects without having to execute the program. ... In addition, SWAMP hosts almost 400 open source software packages to enable tool developers to add enhancements in both the precision and scope of their tools. On top of that the SWAMP provides developers with software packages from the National Institute for Standards and Technology's (NIST) Juliet Test Suite. I got a chance to talk with Beyer at OSCON, and he emphasized that anyone's code is eligible — and that there's no cost to participants, while the center is covered by a grant.

What they're not telling you

By Joe Gillian • Score: 3 • Thread

What DHS isn't telling you is that they're secretly submitting anything given to them via SWAMP to a secret NSA partner program known as SHREK (Security Holes for Recapturing Encryption Keys) and the FBI's version of the same program, known as DONKEY (Domestic Onion-Router Key Capture) which will attempt to overthrow the TOR project.

The real question is, what is anyone doing putting their code in the SWAMP?


By jones_supa • Score: 4 • Thread
Quality assurance is the #1 thing that open source software needs in spades. There's a lots of buggy stuff out in the OSS world. Sure, it is mildly nauseating that DHS is the one doing this, but still I am all for it.


By cxbrx • Score: 4, Interesting • Thread
I trust Coverity's Scan program far more than I'll trust the organization that continues to promote security theater. DHS has no business in this area. This is typical over expansion of a bloated bureaucracy.

Re:Made by humans for humans.

By Actually, I do RTFA • Score: 4, Insightful • Thread

Why are the tools being run remotely, as opposed to, for instance, being all nicely packaged into an image I can download and boot from locally. I understand the benefits of keeping statistics as code improves, etc. but it seems that a "paranoid developer" mode would fit nicely with the mission of improving code security. Esp. since those developers tend to do a lot more NIH of basic parts.

Additionally, and more relevantly, some of my work is done on a laptop as I move around, and being able to do some Q/A work when away from the Internet would be useful.

No new tools. Low-budget operation

By Animats • Score: 3 • Thread

All they're offering are some existing tools, ones you can get for free. The main ones are the Clang static analyzer and Cppcheck. They're not offering free access to some of the better, and expensive, commercial tools.

Cppcheck is basically a list of common errors, expressed as rules with regular expressions. Clang is a little more advanced, but it's still looking for a short list of local bugs. Neither will detect all, or even most, buffer overflows. They'll detect the use of "strcpy", but not a wrong size to "strncpy".

Gaza's Only Power Plant Knocked Offline

Posted by timothy in Hardware • View
necro81 (917438) writes "Gaza's only power plant (see this profile at IEEE Spectrum — duct tape and bailing wire not included) has been knocked offline following an Israeli strike. Reports vary, but it appears that Israeli tank shells caused a fuel bunker at the plant to explode. Gaza, already short on electricity despite imports from Israel and Egpyt, now faces widening blackouts."


By weilawei • Score: 5, Interesting • Thread

You are full of shit. What the fuck has gotten into Slashdot? The numbers show the Israelis to be the aggressors. You'd think that, having lived through a genocide, they wouldn't attempt to do the same to another people.

2008 cease-fire. Look at the number of rocket and mortar *launches*. The cease-fire was honored by the Palestinians. Israel went over the border and killed 6 Hamas members, violating the cease-fire.

On 4 November 2008, the IDF made an incursion at least 250 meters into the Gaza Strip searching for a tunnel, claiming it was intended for the capture of Israeli soldiers and that it intended to continue with the truce, calling the raid a "pinpoint operation".[33] Hamas and, according to an allegation by Dr. Robert Pastor, one IDF source maintained that it was for defensive purposes.[34] As six Hamas fighters were killed,[4][35] Hamas stated that the attack was a "massive breach of the truce".[36]

This year, the Israeli president announces that they can never relinquish control of the West Bank. Meaning they will not accept a sovereign Palestinian state.

"I think the Israeli people understand now what I always say: that there cannot be a situation, under any agreement, in which we relinquish security control of the territory west of the River Jordan."

Just a week ago, the UN called out Israel for using Palestinian children as a human shield, torturing them, putting them in solitary confinement, and threatening sexual abuse. Their foreign minister said, "Israel must go all the way."

What the fuck are you people smoking? This is a genocide in motion. The US government wholeheartedly, 100%, with NO dissent supports it, when only 87% of the Israelis themselves support it. The House of Reps even called the attacks "unprovoked". I mean, seriously, WHAT THE FUCK?

For the record, I don't support either side shooting at each other, but it's not hard to see that this is some seriously fucked up shit on Israel's part. No person or group should engage in genocide and war crimes. Right now, Israel is doing 99% of the committing war crimes. That may have been different in the past, and it may change in the future, but it is NO EXCUSE.


By interkin3tic • Score: 5, Informative • Thread
I did some quick googling, I'm sure there is controversy over some of these numbers:

Number of Knesset members: 120
Number of current Arab Knesset members: 12 or 10%
Number of Israelis: 8 million
Number of Palestinians: 4.4 million

Given that Israel rules Palestine, that really doesn't meet my definition of democracy. As an American I'm sure I'd have problems with an Islamic Israel, but we tell ourselves we value democracy and freedom above all else. Furthermore, I can't imagine the current course will end up better.

I find it interesting

By msobkow • Score: 4, Interesting • Thread

I find it interesting that pretty much all posts in support of the Gazans have been moderated down, yet there seem to be an awful lot of such posts. There's nothing like censorship by the mods to ensure that all viewpoints aren't heard equally. So with the expectation of being moderated down...

Israel likes to claim they're targetting Hamas installations. Yet if that's the case, each of those installations they've targetted has only launched an average of less than two rockets at Israel, when you consider the number of rockets Israel claims have been launched vs. the number of sites they've targetted.

It seems to me rather highly unlikely that Hamas has actually got *that* many rocket launchers, considering they have to be smuggled in.

Another common thread is the "terror tunnels." Don't forget that Gaza is isolated and has to smuggle in supplies. There is no way to tell whether a tunnel was being used for smuggling goods in or attackers out, but given that there have only been *two* reports of Hamas sending attackers through the tunnels, I think it's safe to say that those tunnels were being used primarily to smuggle in goods.

Well over a 1000 Gazans have been killed, the vast majority civilians. In the meantime, only 3 Israeli civilians have been killed. As to the soldiers on both sides, I *expect* them to die -- they're in battle. I've no sympathy for dead soldiers on either side.

I don't see how anyone can take a "moderate" stance on the issue. Israel invaded Palestine. Israel destroys Gazan homes to make room for settlements in violation of the Geneva conventions. Israel targets civilian infrastructure. Israel has tanks, planes, missiles, and gun emplacements; the Gazans have some pretty-much-useless rocket launchers that don't do any damage to Israeli infrastructure.

The Gazans are walled in, have no where to escape to, and are, for the most part, just civilians trying to survive. Bleat as they will about "self defence", I don't buy the Israeli arguments for this violent and genocidal assault on the civilians of Gaza. Not one bit.

Land grab

By ThatsNotPudding • Score: 3 • Thread
I saw a map yesterday showing Israel's true intent: with the exception along the Egypt border, they've evenly shoved into the Gaza territory by three klicks. They will be adding that territory to Israel proper with a clear message sent: keep attacking us, and we'll slowly drive you into the sea. I'm just surprised it hasn't happened before now.


By ConceptJunkie • Score: 5, Interesting • Thread

Your rhetoric would carry a little more weight if there hadn't been a systematic attempt to destroy Israel since the year it was formed by the UN.

If your neighbor is constantly firing rockets into your country, targeting civilians, you might see things a little differently. If the Palestinians didn't have weapons, there would be peace. If Israel didn't have weapons, there would be no Israel. The "annexed" territory was land captured as the result of war of aggression started against Israel. In any other situation, people would recognize this, but it seems that anti-semitism is still deeply ingrained in the popular consciousness, especially on the Left.

Regardless of whether they sometimes go over the line in defending themselves, there's no denying that this situation was not started by and is not perpetuated by Israel. The "Palestinian" problem would disappear overnight if one of the many Muslim countries in the area would allow them to relocate. Israel didn't create itself. It was created by the UN, one of the very few useful things the UN ever did, and has fought several wars initiated by neighbors to defend its territory. But no one ever seems to care that the country is surrounded by a large number of people who are dedicated to its annihilation and the world seems to put people with this intent on the same moral level as a people who are simply trying to maintain their security. It's kind of hard to negotiate in good faith with people whose charter declares that their goal is to drive you into the sea.

The real "Palestinian" problem is that the Palestinians are pawns in a propaganda war against the Jewish people, and the world has been falling for this transparent trick for 70 years.

London Police Placing Anti-Piracy Warning Ads On Illegal Sites

Posted by timothy in YRO • View
mrspoonsi (2955715) writes "The City of London police has started placing banner advertisements on websites believed to be offering pirated content illegally. The messages, which will appear instead of paid-for ads, will ask users to close their web browsers. The move comes as part of a continuing effort to stop piracy sites from earning money through advertising. Police said the ads would make it harder for piracy site owners to make their pages look authentic. "When adverts from well known brands appear on illegal websites, they lend them a look of legitimacy and inadvertently fool consumers into thinking the site is authentic," said Detective Chief Inspector Andy Fyfe from the City of London Police Intellectual Property Crime Unit (Pipcu). "This new initiative is another step forward for the unit in tackling IP crime and disrupting criminal profits. "Copyright infringing websites are making huge sums of money though advert placement, therefore disrupting advertising on these sites is crucial and this is why it is an integral part of Operation Creative.""

Re:City of London Police =/= British Police

By whoever57 • Score: 4, Informative • Thread

They are a police force specific to a small area, that doesn't mean they are governed by corporations.

Apparently you failed to read the section on elections in the City of London:

The City has a unique electoral system. Most of its voters are representatives of businesses and other bodies that occupy premises in the City.

So, yes, they are governed by corporations.


By SuricouRaven • Score: 4, Insightful • Thread

No, they are doing it with the cooperation of the ad-providers.

It's more the 'put these ads up for us or we'll charge you for aiding criminal activity' type of cooperation.


By ObsessiveMathsFreak • Score: 4, Insightful • Thread

Property Rights? Trespass to Chattels? No abuse of state powers for private gain? How easily the mask slips when a few cold pounds are involved.

But the people I feel really sorry for are the victims of crime in London, whose cases go unsolved due to precious police resources being wasted on internet nonsense like this.


By mrchaotica • Score: 5, Interesting • Thread

So what they're doing is infringing the copyright of the allegedly-copyright-infringing website by modifying and redistributing it.

The hypocrisy is think with this one!

why do they even care?

By jsepeta • Score: 3 • Thread

it's silly for the state to jump in and spend so much time, effort, and money on what is essentially a failure of business to demonstrate to people that their content is worth purchasing. free market rules, y'all