Hacker News: ballard

New comment by ballard in "Tech is moving too fast for me: I'm out."

ballard — Thu, 26 Jun 2014 18:46:40 +0000

It's easy to be an armchair critic dispensing unasked-for advice but harder still to just listen.

New comment by ballard in "An Important Tech Job That Doesn't Exist"

ballard — Fri, 06 Jun 2014 21:01:56 +0000

In formal, established companies this does exist: it's called "decision support analysis (or researcher)." Whether a particular staff person is steeped in academic research, which they should, and whether a particular staff person provides actionable insight and intelligence that big companies often lack is another matter. The problem is discoverability of results (because there is a vast universe of unstructured data and research out there) and applying it to specific needs: academic journal search (LexisNexis) and regular search engines combined with talented staff might work.

Sounds like there's a startup or two in decision support anyhow.

New comment by ballard in "How Many People Are Wrongly Convicted? Researchers Do the Math"

ballard — Tue, 29 Apr 2014 05:59:42 +0000

Impossible to calculate considering "truth" is not fact.

Also war on drugs: http://boingboing.net/2014/02/27/us-prison-population-up-800...

New comment by ballard in "Go is boring"

ballard — Mon, 28 Apr 2014 21:29:36 +0000

Contrarian clickbait for sure.

Also couldn't load the page.

New comment by ballard in "Muen Kernel: Trustworthy by Design – Correct By Construction"

ballard — Mon, 28 Apr 2014 12:28:49 +0000

For embedded/industrial applications the future is in domain-specific operating systems that are JEOS by virtue of not compling unneeded syscalls. OSes like Linux have way too many ABIs and internal machinery that just aren't necessary for headless systems and merely opens a huge attack surface by default... Even with make menuconfig stripped .config, there's still a ton of extra bells and whistles.

In a positive direction, it would be nice to be able to be able to strip out more functionality and still produce a functional kernel. Unfortunately, I don't think this is scalable with autotools or any configuration management setups without having more #ifdefs than code. Haskell could be a good candidate for such a kernel framework, but I'm sure there are other functional and imperative languages that have better complex configuration mgmt support with formal verification.

New comment by ballard in "The Internet Is Being Protected By Two Guys Named Steve"

ballard — Mon, 28 Apr 2014 02:29:28 +0000

Does "ultimatum" and "raft of complicated last-minute changes" not raise anyone else's tinfoil paranoia alarms?

Those commits should get significant scrutiny, because it sounds like US/CA govt were given an indirect opportunity to push whatever changes it wanted AND rushed code isn't necessarily the best either.

(Also I'm glad FIPS mode is dead in LibreSSL.)

New comment by ballard in "Ask HN: What is the most difficult tech/dev challenge you ever solved?"

ballard — Sun, 27 Apr 2014 09:44:01 +0000

Choose one of my adventures:

- Deploying a financial app through 4 bastion hosts by keeping Russian doll ssh tunnels up (clients outsource IT bouncing across the world to get to the right boxes)

- porting a 8 MLoC fortran nuclear reactor simulator from UNIX to windows

- generating PowerShell on Linux to be run on a windows box by reverse engineering the MS Api.

- silencing dialog boxes by DLLs which patch and proxy system DLLs

- making Java JRE run from a CD-ROM with the right JNI dll/so and a custom installer I wrote, before the advent of installanywhere (talking Java 1.1 days)

New comment by ballard in "What every founder fears"

ballard — Thu, 24 Apr 2014 01:36:15 +0000

Ah yes exactly. The "prove them wrong" part, it's important not to attack the accuser but demonstrate that their claims don't hold up. Also if there is something to claims, admit it quickly (kills the story) and show enacting preventative measures.

New comment by ballard in "Why you should build your product in public"

ballard — Thu, 24 Apr 2014 01:33:39 +0000

Seems the same as google hangouts more/less.

Looking for something that's 1:N anonymously without a viewer plugin... has a page somewhere that shows a live feed: vimeo, ustream or YT but free to stream.

New comment by ballard in "What every founder fears"

ballard — Thu, 24 Apr 2014 01:27:42 +0000

Denying something doesn't carry the same weight and it seems like a PR move, whereas "actions speak louder than words."

New comment by ballard in "Vegetative patient says 'I'm not in pain'"

ballard — Thu, 24 Apr 2014 01:21:30 +0000

Right now, researchers are putting together functional brain structure maps combining fMRI, SPECT and PET scans for Alzheimer's research. Apart from the inconvenience of wearing a giant magnet, pulling together one or more brain scan techs with compute resources might be a way to pull it off. Heck, if the compute power needed were too bulky to be practical, it might be possible to offload it to a hosted service. (Talking a solution 15-18 yrs out anyhow.). It's entirely reasonable that keyboards would be slower than thought input in 50 years.

New comment by ballard in "IBM Opens Power Microprocessor Architecture"

ballard — Thu, 24 Apr 2014 01:14:37 +0000

They're not, never will be. Especially if there were a concerted effort to put together a GNU/Linux like open source hardware stack to get rid of the fear, uncertainty and doubt of what's inside commercial processors and chipsets. Also there needs to be more decapping of commercial chips to see what's actually in them.

New comment by ballard in "The Hackers Who Recovered NASA’s Lost Lunar Photos"

ballard — Thu, 24 Apr 2014 00:49:53 +0000

BusinessWeek (2013) also has a video interview at McMoon:

http://businessweek.com/videos/2013-08-15/abandoned-mcdonald...

Also yelp reviews of the former McD's (map position is wrong)

http://yelp.com/biz/mcdonalds-mountain-view-4

Correct map locating McMoon (green arrow):

http://goo.gl/maps/LhQGw

New comment by ballard in "LibreSSL: FIPS mode is not coming back"

ballard — Thu, 24 Apr 2014 00:35:31 +0000

This is a dupe because it's already synced to git mirrors of openbsd sources.

http://anoncvs.estpak.ee/cgi-bin/cgit/openbsd-src/tree/lib/l...

"When I grow up..." Tandem multiplication commit is hilarious.

New comment by ballard in "LibreSSL: FIPS mode is not coming back"

ballard — Thu, 24 Apr 2014 00:32:29 +0000

Sounds good because it suggests sec industry disengagement. Probably simpler to do that and maintain it as a set of minimal patches to LibreSSL, because not many people need it. Either way, it should be secure by default.

New comment by ballard in "LibreSSL: FIPS mode is not coming back"

ballard — Thu, 24 Apr 2014 00:27:31 +0000

I guess it begs the question (FIPS mode seems to fail the "talk to a cryptographer rule"): why don't/aren't sec folks more involved to assure standards are meaningful? Was this a NIST-driven process or was it open to public comments?

New comment by ballard in "LibreSSL: FIPS mode is not coming back"

ballard — Thu, 24 Apr 2014 00:17:21 +0000

Definitely. It'll be expensive commercial open source w/ a subscription and delayed to pass FIPS. And LibreSSL will still be more secure.

New comment by ballard in "LibreSSL: FIPS mode is not coming back"

ballard — Thu, 24 Apr 2014 00:13:21 +0000

Yup. And it's simpler and therefore more secure to support a smaller codebase without magical modes.

New comment by ballard in "LibreSSL: FIPS mode is not coming back"

ballard — Thu, 24 Apr 2014 00:07:02 +0000

FIPS mode is like a clipboard audit. It appears to fulfill a requirement like A+ certifications do for hiring qualified candidates, but instead puts blind faith in process ahead of content.

New comment by ballard in "LibreSSL: FIPS mode is not coming back"

ballard — Wed, 23 Apr 2014 23:58:36 +0000

The problem is that being abrasive without displaying a clear, correct opinion won't lead to greater influence. The latter stance is the important bit.

Security projects need adversarial discussions to keep them honest, but that's a special case.