Slashdot Mirror

The most common source of that claim is the book Three Felonies a Day: How the Feds Target the Innocent, which skeptics StackExchange isn't buying. Here's some examples from the author.

Here's an example ("writeOutput") from the official Sun Java Tutorial on how you're supposed to write out a UTF-8 file. And it's broken. It works when your text never takes up more than two bytes per character but when it does it translates the multichar UTF-16 representation incorrectly and produces a non-standards-compliant UTF-8 that some readers will read but others won't. here's someone posting a workaround and several dozen people talking about having that problem and thanking them for the solution.

That's just one problem among many - Java's unicode support is a bit clunky. Don't get me wrong, it's leaps and bounds better than what C/C++ have, but that doesn't make it great. I tend to concur with the argument that UTF-16 is in general harmful. You tend to get these sort of problems on pretty much every platform that uses it. People know that it can take up more than two words yet there's always someone who makes the mistaken assumption that all characters are one word, and because longer sequences aren't used that commonly, the code often ships broken rather than being caught in development.

This question (as yet unanswered) raises pretty much the same concern about economic inequality:
http://skeptics.stackexchange....

"Is racial income inequality currently in US worse than it was in Apartheid South Africa?"

Jon Stewart started this, of course, but he's better at raising interesting questions than he is at applying hard journalism to them.

Q&A site about game development: http://gamedev.stackexchange.c...
Open source game: http://www.wesnoth.org/

It may still be too advanced for 11, but Wesnoth allows people to build custom campaigns.

This may be advanced, but worth a shot: Game Theory

Game Theory doesn't have anything to do with games that we play. This is going to be things like the prisoners' dilemma and decision theory. I.e. a lot about mathematics-based economics and very little about actual games. You might as well suggest that the kid bone up on history. It's more accessible and study can inform how games should work.

You might look for books that link existing games to history or science. They might help awaken interest in those subjects in him. This can help with game development, as it can make the games more realistic. Also, if game development is more like the desire to be a cowboy or a firefighter than a genuine career choice (always possible at 11), history and science have more general benefits.

There are plenty of sourcesw around which talk about productivity when compared against work day length and even break/work intervals within the day if you do a quick Google search.

Not a SINGLE ONE of this sources says that more work is accomplished in an eight hour work day, than in a twelve hour work day. Of course shorter hours are more productive per hour, which is all these studies show. That is not the same as showing there is no incremental gain.

There are plenty of sourcesw around which talk about productivity when compared against work day length and even break/work intervals within the day if you do a quick Google search.

Your fertilizer page is 14674 bytes in length.

Plus 1-500 bytes of randomized padding added to the HTTP headers and the HTML comments that the server inserts to foil BREACH attacks.

Bing and Yahoo's web crawlers do not support SNI

When was that? Apparently Bingbot supports SNI as of three months ago.

Perhaps that explains the Crusades and the Spanish Inquisition.

There is nothing in attributed to the Christian god himself — nor any of his prophets — that required Crusades or the Inquisition.

On contrast, Koran — which purports to be the word of god verbatim — mandates that the faithful convert or kill the pagans and (tax the Christians and Jews). The prophet himself — whom Muslims world-wide adore — was an illiterate warlord, who used genocide centuries before it became cool.

Bible has plenty of warlords too, but none of them are His prophets. King David is described as a hero, but he killed too many people to found the Temple — the task was left to his son. Not the sort of quibbles, Muslims would consider...

The Crusades ended in the 14th century. Spanish Inquisition (a secular institution, BTW — ran by Spanish Crown) is also many centuries in the past. Since then the Western world has created the First Amendment, among other things. If you have nothing contemporary to contrast the ongoing craziness of the "religion of peace", you've lost your argument...

Android is open source. Google Play Store is not. If you implement certain features into your device's version of Android, Google will refuse to license Google Play Store to you. This means people who buy your device will end up without apps that are exclusive to Google Play Store, such as Ingress.

It's wonderful that your delusions include FTL being possible, but maybe you can refrain from commenting on physics articles until you actually have something passable as a physics education?

You have a moon full of photoreceptors tuned to the color of your laser. Over a short period some number of these are struck by photons from your laser. Nothing moved faster than the speed of light in order to make this happen, no matter how fast the "dot" appeared to move, and nothing can turn those individual photon strikes into a comprehensible signal faster than the speed of light.

See here. See also a fucking relativity textbook, your ignorance is really fucking annoying.

I imagine it will be approximately the same, or less, as the uptake for Obj-C when iPhones became a thing, which is "not terribly impressive".

Suddenly becoming one of the fastest growing programming languages in use and making several top ten lists isn't terribly impressive? Ok...

And now you're telling me that Swift -- which is essentially a tweaked Obj-C -- is "the biggest new language in a long time"? You can't even USE the language to program on anything other than OS X and iOS!

So, one of the most popular platforms on the planet (Apple is going to sell 71 million iPhones this quarter alone) isn't significant? Also when you say that it's a "tweaked Obj-C" that shows you have no idea what you're talking about.

I'm not seeing it, man. If a single popular smartphone and 10% desktop OS market share were enough for a language to piggyback off of to mainstream adoption, Objective C would be mainstream for cross-platform development. And it's not.

I like how you cite a number for OS X but not for iOS.

One last thing? Apple's only the "world's biggest company" because it overcharges for all its shit products, and stupid people don't see what a bad deal they're getting. In importance to the programming community, they're well below Google and Microsoft. Don't believe me? Take a look at C#'s popularity versus Obj-C.

Wow, where to begin. First you try and poison the well by saying that yes, Apple is the world's biggest company but only because they charge money. For their "shit products" no less. However, iOS is sitting at 44% market share which is #2 only to Android at 47%. But Android is only at 47% because it's on everything from high end Samsung devices to the crappy devices you can get at the checkout line at your local grocery store. Your disdain is for a company whose OS is only #2 to an OS that literally built its empire on "shit products".

But that's not the best part. The best part is that your example of a well done programming language is C#. I love C#. I've made my living in C# for close to a decade. It's a fantastic language. It is also, like Swift, a proprietary language designed by one company for their own proprietary OS. That's your yardstick. Yes, there is an always-behind implementation by the open source community but it's also a language that's over ten years old, as opposed to Swift which is literally six months old come Monday.

Again, this is a new, modern programming language introduced by the biggest company on earth for one of the biggest platforms on the planet and the uptake on it is unprecedented. C# didn't experience uptake this quickly because Microsoft had to explain what .NET was. Java didn't grow this fast because people thought it was used to make flashing thingies on websites. Swift has the advantage of a mature Internet age (the official guide is an eBook, not even a printed book, which Apple can patch as need be) and it's being unleashed onto a developer community starving for a better language.

Running Bittorent over Tor is a bad idea. As the linked article says, look at I2P instead.

But it would be fine to run your browser over Tor in order to get the torrent magnet link, and then use the "normal" network with your favorite torrent application to get the actual file ?

Read Google service configuration.
Modify system settings.
Full network access.

I've bolded the last three because there's no reason for them.

Sure there is. If Uber is doing anything that can't (or for some reason they they don't want to) be handled over HTTP, the app will need full network access. (I don't know what the Uber app uses it for, but apparently WhatsApp uses it for IM communications with other app users.) "Modify system settings" is apparently (per the linked explanation from WhatsApp) the only way to get permission to read system settings. "Read Google service configuration" (again, per previous link) is used for interacting with Google services like Maps, which you can easily imagine why Uber's app would want to do.

If they start blocking by DNS, go via IP directly. If they are blocking IP directly, either go VPN or Tor.

Running Bittorent over Tor is a bad idea. As the linked article says, look at I2P instead.

Chess is "easy" compared to Go. While Chess requires more bits to store the board the search space for Go is **exponentially* larger. i.e. A a single state of the go board is 2^(19*19) = 2^361 positions = 46 bytes.

Links of interest:

* http://codegolf.stackexchange....
* http://en.wikipedia.org/wiki/B...

No, you don't understand how real research and statistics work, try reading these: https://explorable.com/statist... http://en.wikipedia.org/wiki/S... http://stats.stackexchange.com... http://www.sciencebuddies.org/... It's obvious Bennett has no academic credentials beyond a bachelor's degree or maybe even High School Diploma given his drivel above.

See this one.

I actually addressed this just yesterday on Stack Exchange:
http://astronomy.stackexchange...

Thanks!

This is the sort of thing that leads to further understanding and optimizations of underlying technologies.

We already have the understanding. We know how to make proper orbital rockets, so why not optimize those (like Space-X is doing), rather than going back 60 years in time with a design that is only leading to a dead end.

Because rockets launches as we've done them before (including the shuttle) are extremely expensive and wasteful. Using a Single Stage To Orbit (SSTO) spacecraft is likely the only way we will be able to reduce the cost (currently estimated at between USD$15,000 and USD$50,000 per kg depending on the payload and orbital destination) and waste down to something that is commercially viable (USD$500/kg? USD$100/kg?).

I can certainly see how the VG SS2 might help refine some of the technologies necessary for this. Is it the final answer? No. Is it worthwhile? Richard Branson certainly thinks so, and so do those who work for him on this project. It's their money and lives they are gambling with, and I'm quite appreciative that they are doing so.

If you don't think it's worthwhile and/or are too chickenshit to put your blood and treasure on the line, no one is asking you to do so.

If so, get out of the way and let those with the vision and the intestinal fortitude go about it their own way. They may fail. At least one has died. No one said this was a safe endeavour. It's not.

I, for one, admire these people. Not just the Virgin Galactic folks, but everyone who is putting their asses (literally and economically) on the line to make commercial space travel a reality for all of us.

Facebook wanted to work out facebook*.onion, so they only had to sha-1 'facebook' and then store that state. After that, feed 40 sha-1 bits to the sha-1 function to generate a bunch of different hashes, keeping the ones that match.

That doesn't make any sense at all, if they can choose "facebook" I can choose "facebookcorewwwi" and feed it 0 bits to get my hash. It is the other way around, you must generate a public key and SHA-1 hash that, cut to 80 bits and convert to base32 and that'll be your service descriptor. Since each letter = 5 bits they basically brute force created 2^40 = public keys to find one that hashed to facebook*. There are tools for this, the estimate for a single 1.5 GHz processor choosing 8 letters is about ~25 days. Note that spoofing a full address would take millions of years the same way.

If you're going to copy an answer from a post on another website, at least give the link:

http://astronomy.stackexchange...

And that answer obviously is wrong. If matter has clumped together into planets, it obviously hasn't clumped together into stars or black holes, and instead has clumped together into objects that are very hard to detect.

Arguments against dark matter being rogue planets are generally based on lack of enough microlensing observations and expected size distributions. But those are far from definitive.

So, the answer is: it is possible that dark matter is all rogue planets, although most physicists believe that it is not.

I know plenty. The whole point is that a hashed password is simply one that takes a little time to decrypt. For example, it was reported a year or so ago that someone had built a machine from commodity hardware that could crack a NTLM password in about 5 minutes. Now a better encryption algorithm is good, but it just kicks the can further down the road. Its not a solution, just more of a sticking plaster solution.

The best security is not to allow the attacker to get the passwords at all. How many sites have you heard of that have announced security breaches that inform all their users to immediately change all their passwords? 1? 2? Oh yeah, loads. Do you think these very large sites had security experts too?

The point of saying "keep passwords in plaintext" is not a truly valid suggestion - everyone should encrypt them, but they should not imagine for a second that it will keep the passwords secure from attackers, that job is down to architectural decisions, the idea that you store them plaintext is to make people really think about their architecture. If your passwords are plain text, you think "how else can we secure these". Leave them encrypted you think "job done, that's secure!", and then sometime later you find your password DB downloaded and is being decrypted by some arsehole off 4chan and you have to tell the media that all your users should change their passwords.

Once I worked at a financial services company and the security guy gave us a little presentation. He opened up IE (for we worked with Windows at that place, like many financial services companies) and entered the URL for the web server, then types in a string of characters into the browser address bar. And we saw it open a command prompt that had full administrative access to the webserver box. That was an exploit that Microsoft fixed... but I always wonder when another one just like that will be discovered.. for all you know, it already has been and is being used right now.

That's why you do not rely on bcrypt as the only answer to the security of your passwords (I hope you use bcrypt, last time I saw PHP it still used MD5..... crackable in minutes)

Of course, you didn't mention salting, so I hope they told you about that too. Unsalted password hashes... about as useless as chocolate teapots.

So I hope I don't use sites you coded. Its not as if 3-tier architectures are a bad thing anyway, but if your webserver has direct access to the DB, its only a matter of time before someone has all your passwords and will happily cracking them open.

Indeed. And it appears that women are more affected by radiation than men, and that fact can affect how far we travel in space. Depending on the mission profile it may not be a big deal, but on the order of a decade and there could be some significant difference.

Indeed. And it appears that women are more affected by radiation than men, and that fact can affect how far we travel in space. Depending on the mission profile it may not be a big deal, but on the order of a decade and there could be some significant difference.

There's a difference: HFCs means "hydrofluorocarbons", while "HFCS" means "high-fructose corn syrup".

Perhaps it might have something to do with the fact that juice from concentrate counts as 100% juice. Might they have been reconstituting it with HFCS water instead of plain water? I looked on Skeptics Stack Exchange but they couldn't turn up the lawsuit either.

"We do, it's called Open ID, which is what Google leverages for their single-signon (not sure if FB is their own solution or not). It was a really popular thing about 5-10 years ago and got a ton of attention. I think even MS enabled it."

OpenID 2.0 accomplished something very cool: allowing a user to use any ID provider for authentication on any compatible web site, even if the two sites had never heard of one another. Unfortunately, it has two major problems:

• It's too complex to easily implement. This became less of a problem once OpenID libraries like Janrain's emerged, but there are still subtle details left up to website developers to get right, and since many of them don't bother, a lot of sites that supposedly accept OpenID actually fail with some providers.
• Perhaps more importantly, the URL-based IDs are not user-friendly enough for non-geeks. Several high-profile sites tried to solve this problem by replacing* the OpenID URL input box with a simple button for each well-known provider, but that meant limiting the user's choices of provider. At that point, the distinguishing feature of OpenID was lost, so lots of sites chose the simpler-to-implement OAuth 2 instead. The Login with Facebook service is one of them. Even Google eventually deprecated their OpenID service.

In my opinion, the issue of relying parties not trusting someone else as an identity provider was not such a big deal; certainly not enough to have killed OpenID. For every such distrustful site, there are dozens more simple web forums and the like that would be happy to get rid of their password database.

*stackexchange is a notable exception; they still offer the input box if you click a link.

ya, we had the same problem. Bookmarked this page, http://raspberrypi.stackexchan...

Oh, but it was! In fact, Darwin 7.0 (OSX 10.3) brought Darwin's BSD layer back in sync with FreeBSD 5. There was, indeed, a lot of reimplementation at the kernel level, and most of the userland tools had many parts rewritten as well, but your own source confirms what I have said. It confirmed it before I posted it originally, as well. In case that's not enough, here's another, and another, and, for good measure, one more, though that last one only mentions the use of BSD's userland components.

None of those sources say that Darwin was forked off of FreeBSD kernel. You must realize that a fork implies a shared root source tree, copying subsystems does not qualify as a fork. They do qualify as forks of the specific subsystems, but not the kernel.

That said, I've never been bothered to look at either FreeBSD or Darwin kernel sources, so for all I know FreeBSD might be based on AmigaOS.

Yahoo's systems were _not_ compromised via the bash bug

This is what was being reported before I entered into two weeks of product launches that have kept me from following up. I'd thank you for the correction but you're a bit late with it, another poster already corrected me, and with much less snark.

FreeBSD does not use bash for /bin/sh

But that doesn't stop a sysadmin from changing that behavior, just as Unbuntu defaulting to Bash didn't stop me from swapping it our in favor of Dash. Just a matter of deleting the old binary and symlinking to the new one.

Apple's Darwin kernel was not forked from FreeBSD.

Oh, but it was! In fact, Darwin 7.0 (OSX 10.3) brought Darwin's BSD layer back in sync with FreeBSD 5. There was, indeed, a lot of reimplementation at the kernel level, and most of the userland tools had many parts rewritten as well, but your own source confirms what I have said. It confirmed it before I posted it originally, as well. In case that's not enough, here's another, and another, and, for good measure, one more, though that last one only mentions the use of BSD's userland components.

Sorry about following up to myself, but I just thought of another resource. The Information Security stackexchange site has several postings you might find of value. Search for CTF: http://security.stackexchange.... and you'll find really helpful sites like http://capture.thefl.ag/

Nitrogen might be the deal killer:
http://space.stackexchange.com...

No, not all security is obscurity. If your list of things that need to be kept secret includes your security implementation, and especially your algorithm, then you have flawed security. Multi-level security increases the number of things you need to have and/or know in order to compromise the system. With e.g. ROT-13 or another shift cipher, once you know that they are using that cipher, there is no other knowledge that you need in order to break it. On the other hand, if you have an arbitrary number of keys and the knowledge that your opponent is using e.g. SSL, you don't have any greater ability to compromise other users.

Security through obscurity may be an overused phrase, but it does have a specific meaning; it only really makes sense in the context of security systems. You may use words however you wish, but to me that's not glory.

Stackexchange has a link for anyone who wants to patch their own servers... I've been following it here: http://apple.stackexchange.com...

Does this work fine with Snow Leopard does anyone know?

Stackexchange has a link for anyone who wants to patch their own servers... I've been following it here: http://apple.stackexchange.com... I doubt we'll see a patch from apple until the community agrees that they have a working patch... sounds like they keep going down the rabbit hole right now; keep finding more issues. I upgraded my Lion Server with the current "official" patches, and also the "no function import" change. Better safe...

sha265(md5("hunter2" + "slashdot.org"))

I don't think it is necessary to double encrypt your password or increase security; especially the way you do (using SHA256 and MD5). A good explanation about why double/triple/etc encryption may not be necessary can be found at http://security.stackexchange.... (look at the answer to the question).

If I wrote a C program using one line and lots of ;s, it would be the most concise program possible.

Rosetta Code solutions were chosen precisely because they're idiomatic, and hence not tuned to these benchmarks.

Poor python, where newlines have syntactic effect!

There are loads of Python solutions posted on http://codegolf.stackexchange.... which *are* tuned to similar benchmarks.

It's remarkable how much can be achieved with a single list comprehension.

If I bring it up around the dinner table before she (or anyone) asks, it may also save her some embarrassment.

Ah, what would you say had you not seen this? "Hey, never heard of that, sounds legit, let me get back to you."

Why yes, that's how I always bring things up at the dinner table. "Hey, I never heard of that". "What didn't you hear about?" "I dunno, what haven't you asked about yet?"

I think the OP was talking about making a pre-emptive comment, as in "bringing it up around the dinner table before she asks", as in "hey, did you hear the latest hoax about...". Not responding to someone else bringing it up as something they'd already done, also known as "AFTER she asks".

Apparently, fiction does count as prior art in some cases. I guess the requirement that a patent must be 'non-obvious according to the state of the art" is greatly undermined if some artists already had the same idea before. This might depend on if the patent just describes the crazy idea (in which case the artist could have filed the same patent), or if the patent describes a new technical solution to an otherwise old idea. The famous example is that a crazy idea to raise a sunken boat with pingpong balls was rejected because the exact same idea was featured in a Donald Duck story 15 years earlier.

I 100% agree. It should take all of five minutes to find a new job, and jumping jobs is a great way to get more money.

Podcasts: pick up a used ipod and subscribe to the astronomy related podcasts.

Kindle: get a used kindle that has the bubble-type keyboard, and let it read books and papers to you. The keyboard lets you start/stop the reader without looking, for in the car use. Download Calibre application and convert online/document resources and copy them to the kindle. You are not stuck with just Amazon eBooks, but many of them are good.

When online use an RSS reader and connecty to the publications feeds: e.g. http://iopscience.iop.org/ http://arxiv.org/ http://www.physicsforums.com/ http://prl.aps.org/ http://phys.org/ http://physics.stackexchange.c... http://prd.aps.org/ and many blogs!

>As far as I know many top scientists proclaim to believe in go

Many more thinks otherwise

>Any references why/where/when Atheists flock to science and religious peolple not?

I think you got it both wrong way. Scientist flocks to Atheism.

I'm not sure that's true. In my experience, an unterminated quotation is meant to span paragraphs until its termination (although, confusingly, subsequent paragraphs must begin with the quote to remind you that it is still open. Like this:

http://english.stackexchange.c...

“That seems like an odd way to use punctuation,” Tom said. “What harm would there be in using quotation marks at the end of every paragraph?”

“Oh, that’s not all that complicated,” J.R. answered. “If you closed quotes at the end of every paragraph, then you would need to reidentify the speaker with every subsequent paragraph.

“Say a narrative was describing two or three people engaged in a lengthy conversation. If you closed the quotation marks in the previous paragraph, then a reader wouldn’t be able to easily tell if the previous speaker was extending his point, or if someone else in the room had picked up the conversation. By leaving the previous paragraph’s quote unclosed, the reader knows that the previous speaker is still the one talking.”

“Oh, that makes sense. Thanks!”

Cyborgs are just kinds of humans, so yes.

The situation is really not that simple, even if you consider non-cyborg humans. See this Stack Exchange thread on the topic:
http://philosophy.stackexchang...

The degree in a scientific field from a respected school says that I am scientifically literate and know how to learn.

As if there aren't a dozen or more other ways to display these skills to an employer? That you don't realize this displays to me that your college education left you closed minded and not open to new ideas. Your second comment about naive enthusiasm and hipster-tier webcrap (whatever that even means, I hear, "it's not C++ it's crap!") simply reinforces that notion.

What if you were to find that many of these folks didn't have a degree? Based on their real-world reputation (not some imaginary reputation you get for going to a school), would you say they are scientifically literate and they know how to learn (I'd bet they know how to teach also)?

A little internet research proves you are in error viperiodaenz. I had read about it in SF novels (means nothing, but sometimes the ideas are partially true). I also had read about it in scientific research, as rocket travel is expensive, dangerous and non-reusable. Same tech for 50 years. Cannot change chemical reactions. So I found a couple of links that may help. The first explores the real possibility of a electromagnetic railgun shooting small loads several times a day. If the loads were of a standard size, it would greatly speed up space exploration. One could even build a more modern space station. Here is that link: http://physics.stackexchange.c.... The other is about NASA engineers combining a railgun with a scramjet to make it sazfe for human flight. Completely re-usable. Here that link: http://www.popsci.com/technolo.... So, my idea is not as far-fetched as you thought. As to whether the load can be radioactive waste, those hazards would have to be calculated.

You have to distinguish between what people more-or-less believe and how much they believe it

Thats a pretty good point, and Id note that theres a difference between the sort of christian that would die by lions in the colosseum and those who would offer incense to the emperor. Lots of people are "christian", but the question is how many are Christian; Im operating on enemy turf here so to speak when I link to that poll, because I would somewhat dispute the fact that people accurately report things in such a poll-- there are a great number of people that I know personally who claim a religion despite it having no practical impact on their life or beliefs, which is pretty relevant to GP's claims about religions being passed on to children.

I would agree that tradition passes on to children easily, and in fact when a large number of people say "I am christian / catholic / jewish" what theyre really saying is "these are my traditions"-- not "these are my beliefs". Sadly, polls on THAT are going to be awfully hard to find; but its sort of hard to argue that people are reliable in reporting what they believe when asked about their religion, because theyre not (which we CAN prove with polls-- see gallup polls where "christians" doubted the accuracy of the bible, the divinity of Christ, and the existence of a personal God).

Did Stephen Hawkings say the Universe created itself? It would seem very odd that a physicist would say something about the creation of the Universe.

He did, and it was. I remember doing a report on the man when I was much younger, and recall both how smart he seemed and how he remarked on the necessity of a deity. Fast forward ~20 years, and he made the remark,
Because there is a law such as gravity, the universe can and will create itself from nothing.
And, as has been noted, its not only an odd remark, its a circular and nonsensical one. Hawking is a smart man in his domain, but he either misspoke, or was misquoted, or created a massive logic problem.

It's logical that a major rewrite is needed once in a pair of decades. But it's surprising to me that after that, the game still changes so much from edition to edition, even with the goals you stated.

The problem is, if the game feels so different on each edition, many people won't change to the new one. I follow RPG.SE, and on that site, there are questions on all D&D editions (AD&D, 3, 3.5, pathfinder, 4, 5) which seems as a huge fanbase, but too fragmented.

Time will say if 5th edition is going to bring them all together.

The advantage/disadvantage system in 5th edition simplifies certain aspects of the game. The following article provides math to calculate the probability of a second dice roll being less (or greater) than the first.

For a d20 there is a 0.475 chance that the second dice roll with be greater (or less) than the first.

One would need to calculate the numbers for stacking bonuses to determine which system provides greater odds of success.

Regarding the concept of advantage/disadvantage in 5th Edition. Here is an interesting article that discusses probability of a second dice roll being less than the first.
The example uses a 6th sided dice but a formula is provided that can be used for a d20.