This is why I oppose QoS in all its forms. The network is supposed to be stupid for a reason, and one of those reasons is to prevent shenanigans like this.
Edison's "theories" on how to get light out of an electric current weren't violating basic physical principles. He was just dicking around with different materials until he found one that worked acceptably well. There's a bit of a difference.
Many of the buildings at Hickam AFB in Honolulu still have the spalling from the attack on Pearl Harbor in 1941. The PACAF NOSC is (was) in one of these buildings. I was told while I was there that in the room the NOSC occupied 6 men lost their lives during the attack. Allegedly there were sightings after hours of these men.
Even if it isn't spooky it's certainly both sobering and historic.
The rule has always been, and likely always will be, that no-one gets rich--truly rich, the kind of rich that you pass on generation to generation--from wages. The only way to get that kind of rich is from rents--land, minerals, spectrum--anything someone else will pay to use, preferably in perpetuity.
In one view, its getting taxed twice (once when comming into the corporation, and again when it flows to the individual).
Yeah, in the incredibly wrong-headed view.
We don't tax *money*, we tax *people*. If we taxed money, the Treasury Department could hold back a percentage coming off the presses and that would be the end of it.
Why that won't work is left as an exercise for the reader.
More relevant is this. Corps pay about 1/5th less taxes as a percentage of income. If they want to be treated like people, shouldn't they be taxed like people?
I bet if you asked most of Europe if defence spending should be valued around say, 1940, you might get a different answer than you do today.
Yeah, they'd say "Damn, I wish we hadn't spent all that money on the Maginot Line and instead focused on a more effective doctrine of mechanized combined arms warfare, which, by the way, probably would have been cheaper than digging lots of holes in the ground and putting lots of men in them, anyway."
Probably not the answer you're looking for, though.
Of course, Rambam explicitly rejects the literal reading of Bereshith 1 & 2, instead he understood Creation as an allegorical story of much deeper meaning. The literal meaning was unimportant.
Even the Gemara gives a nod to the deeper nature of the Creation story; it limits the number of students to whom a rabbi may teach Bereshith to 2. This isn't something you do for a subject that's to be understood at face value.
But since Jews don't have any pressing need for salvation, none of this matters to you, does it?
If your building & company are already certified for classified processing, then your company already has a security officer who knows what you need. This is the person you should be talking to, not/.
1988, babysitting a computer lab of XTs and brand-spanking-new IBM PS/2 Model 25s. User comes in and finds all the XTs are occupied but all the 25s are not. User sits down at a 25, and fishes out his 5.25" disk. User looks at the 3.25" slot, looks at the 5.25" disk, and folds the floppy in half and inserts it into the drive.
Speechless, I was. This is, of course, why only the XTs were occupied. External 5.25" drives were installed the following month.
First programming job right out of college and I'm suddenly the sysadmin responsible for 6 SPARC II workstations because I'm the only person in the office with any UNIX experience at all. One of the workstations is complaining about a full disk, so I start poking around the filesystem looking for ways to make room. But since it's not my box and I don't know what to junk, I decide to compress stuff until I can find the user and ask.
Compressing/vmunix wouldn't have been such a bad move, had I not also decided that a reboot was in order.
I learned how to install SunOS 4.1.2 from 1/4" tape that afternoon.
Cultured pork (and shellfish and other treif) would likely be prohibited in a gezeirah (a rabbinical law intended to prevent people from violating a biblical law).
Pirkei Avoth, Mishna 1; "Moses received the Torah at Sinai, and passed it on to Joshua, Joshua to the Elders, the Elders to the Prophets, the Prophets passed it on to the Men of the Great Assembly, who said three things: Be patient in the administration of justice; raise up many disciples; and make a fence around the Torah."
I'm mildly surprised that there's not a gezeirah prohibiting turkey bacon, but since turkey bacon and turkey ham are generally distinguishable (texture) from the real thing, perhaps that makes sense. However, cultured pork is (potentially) indistinguishable from raised pork, so if you were in a restaurant, how would you tell the difference? How would the restaurant's *buyer* tell the difference?
The problems page is incorrect on one point: firing an Orion engine in orbit actually *does* contaminate the ground. Fission products will re-enter the atmosphere. This is documented in George Dyson's "Project Orion: The True Story of the Atomic Spaceship," which I found to be a fascinating read to be recommended to anyone even remotely interested in the idea.
'm waiting for the mythical "someone else" to set up a nice, straight-forward site that says "here are the cards you can buy at store X which support Linux and don't require binary drivers, patched kernels, and other crap" Sure, there are lists of chipsets, but the actual stores don't list the chipset in particular products often, and the vendors often have multiple versions of the same card with different chipsets.
You need to insist on more than this. There are plenty of attacks against the authentication methods that are independent of wlan key management.
If you need a secure wireless network, you should settle for nothing less than WPA2 with AES-CCMP, 802.1x/EAP-TLS authentication, and smartcards for PKI key security.
Good luck with that last part on Linux. I can get WPA2 and 802.1x/EAP-TLS using wpa_supplicant, but there's no hooks to MUSCLE or OpenSC from there. Works fine on OS X, though.;)
Interestingly, doing what MS did in the way they did introduces a weakness in Kerberos.
The MSKDC populates the authorization-data in the ticket-granting ticket (TGT). This is copied into the TGS-REQ when a service ticket is requested, and then is copied from the request into the service ticket. Services make authorization decisions based on the group data in the service ticket.
According to Microsoft, this is an optimization issue. Enumerating group membership is relatively expensive, especially with nested groups, so MS chose to do it only once per login session, i.e. when the TGT is requested.
But what this means is if a user's group membership is changed while during the lifetime of a TGT (10 hours by default), the changes don't take effect until the user gets a new TGT.
Now, in an MS-only environment, you can mitigate this by using forced logoff. Basically, the administrator tells the workstation to discard the user's TGT, and the user is forced to get a new one, with new his new group enumeration.
But you can't do this to any other Kerberos implementation--like MIT Kerberos on Linux or Mac OS X. So if a mole logs in to his Linux box and gets a TGT from your domain at 0800 and starts using his privileges to wreak havoc, there's nothing you can do (other than physically disconnect him) until his TGT lifetime runs out 10 hours later.
Sucks to be you that day, doesn't it?
Admittedly this isn't a very likely scenario, but it does illustrate the point that mucking with security protocols at random like this can have non-intuitive effects.
I have begged critics of the system, such as The Register's Andrew Orlowski, to explain to me how Creative Commons works or what it's supposed to do that current copyright law doesn't do.
Nice to know he seeks independent, unbiased views. Next up, Dvorak interviews Steve Ballmer on the benefits of Linux...
Really? My machine running DisplayPDF is pretty darn snappy.
Just 'cause your application's implementation of it sucks is no reason to blame the technology, especially when you don't understand the difference between display compositing and viewing a freaking document.
Slashdot Mirror
Flip4Mac + iSquint = transcoding delight.
It's potentially a private channel, but it's not an encrypted channel, because there's no key. Anyone with a valid receiver gets the same message.
This is why I oppose QoS in all its forms. The network is supposed to be stupid for a reason, and one of those reasons is to prevent shenanigans like this.
Edison's "theories" on how to get light out of an electric current weren't violating basic physical principles. He was just dicking around with different materials until he found one that worked acceptably well. There's a bit of a difference.
pretty soon you'll be licencing your house and car from the developers and dealers.
It's called a lease agreement. HTH, HAND.
Many of the buildings at Hickam AFB in Honolulu still have the spalling from the attack on Pearl Harbor in 1941. The PACAF NOSC is (was) in one of these buildings. I was told while I was there that in the room the NOSC occupied 6 men lost their lives during the attack. Allegedly there were sightings after hours of these men.
Even if it isn't spooky it's certainly both sobering and historic.
The rule has always been, and likely always will be, that no-one gets rich--truly rich, the kind of rich that you pass on generation to generation--from wages. The only way to get that kind of rich is from rents--land, minerals, spectrum--anything someone else will pay to use, preferably in perpetuity.
In one view, its getting taxed twice (once when comming into the corporation, and again when it flows to the individual).
Yeah, in the incredibly wrong-headed view.
We don't tax *money*, we tax *people*. If we taxed money, the Treasury Department could hold back a percentage coming off the presses and that would be the end of it.
Why that won't work is left as an exercise for the reader.
More relevant is this. Corps pay about 1/5th less taxes as a percentage of income. If they want to be treated like people, shouldn't they be taxed like people?
It's simple, publishing houses don't print garbage,
It's obvious you can't read, because the shelves of Barnes & Noble are chock full of obvious counterexamples.
I bet if you asked most of Europe if defence spending should be valued around say, 1940, you might get a different answer than you do today.
Yeah, they'd say "Damn, I wish we hadn't spent all that money on the Maginot Line and instead focused on a more effective doctrine of mechanized combined arms warfare, which, by the way, probably would have been cheaper than digging lots of holes in the ground and putting lots of men in them, anyway."
Probably not the answer you're looking for, though.
Hard to understand, eh? Is an evening an eon to? How about morning?
It's only simple if you don't know what you're talking about. (Read Rashi on Bereshith 1:1 for context on time.)
Of course, Rambam explicitly rejects the literal reading of Bereshith 1 & 2, instead he understood Creation as an allegorical story of much deeper meaning. The literal meaning was unimportant.
Even the Gemara gives a nod to the deeper nature of the Creation story; it limits the number of students to whom a rabbi may teach Bereshith to 2. This isn't something you do for a subject that's to be understood at face value.
But since Jews don't have any pressing need for salvation, none of this matters to you, does it?
used to? they still are. mac mini isn't good bang.
Yes, but owning a Mac mini is more likely to *get* you banged.
Methanol isn't too common a substance, partially because it is some nasty stuff.
Methyl Alcohol (Methanol) Oral rat LD50: 5628 mg/kg; inhalation rat LC50: 64000 ppm/4H; skin rabbit LD50: 15800 mg/kg; Irritation data-standard Draize test: skin, rabbit: 20mg/24 hr. Moderate; eye, rabbit: 100 mg/24 hr. Moderate. Investigated as a mutagen, reproductive effector.
Not much to worry about, really.
If your building & company are already certified for classified processing, then your company already has a security officer who knows what you need. This is the person you should be talking to, not /.
Duh.
1988, babysitting a computer lab of XTs and brand-spanking-new IBM PS/2 Model 25s. User comes in and finds all the XTs are occupied but all the 25s are not. User sits down at a 25, and fishes out his 5.25" disk. User looks at the 3.25" slot, looks at the 5.25" disk, and folds the floppy in half and inserts it into the drive.
Speechless, I was. This is, of course, why only the XTs were occupied. External 5.25" drives were installed the following month.
First programming job right out of college and I'm suddenly the sysadmin responsible for 6 SPARC II workstations because I'm the only person in the office with any UNIX experience at all. One of the workstations is complaining about a full disk, so I start poking around the filesystem looking for ways to make room. But since it's not my box and I don't know what to junk, I decide to compress stuff until I can find the user and ask.
/vmunix wouldn't have been such a bad move, had I not also decided that a reboot was in order.
Compressing
I learned how to install SunOS 4.1.2 from 1/4" tape that afternoon.
Cultured pork (and shellfish and other treif) would likely be prohibited in a gezeirah (a rabbinical law intended to prevent people from violating a biblical law).
Pirkei Avoth, Mishna 1; "Moses received the Torah at Sinai, and passed it on to Joshua, Joshua to the Elders, the Elders to the Prophets, the Prophets passed it on to the Men of the Great Assembly, who said three things: Be patient in the administration of justice; raise up many disciples; and make a fence around the Torah."
I'm mildly surprised that there's not a gezeirah prohibiting turkey bacon, but since turkey bacon and turkey ham are generally distinguishable (texture) from the real thing, perhaps that makes sense. However, cultured pork is (potentially) indistinguishable from raised pork, so if you were in a restaurant, how would you tell the difference? How would the restaurant's *buyer* tell the difference?
The problems page is incorrect on one point: firing an Orion engine in orbit actually *does* contaminate the ground. Fission products will re-enter the atmosphere. This is documented in George Dyson's "Project Orion: The True Story of the Atomic Spaceship," which I found to be a fascinating read to be recommended to anyone even remotely interested in the idea.
'm waiting for the mythical "someone else" to set up a nice, straight-forward site that says "here are the cards you can buy at store X which support Linux and don't require binary drivers, patched kernels, and other crap" Sure, there are lists of chipsets, but the actual stores don't list the chipset in particular products often, and the vendors often have multiple versions of the same card with different chipsets.
Cisco Aironet 802.11a/b/g (uses Atheros chipset)
wpa_supplicant (-Dmadwifi -i ath0)
No further fu needed on Ubuntu Linux; wpa_supplicant is in the Ubuntu universe repository as "wpasupplicant".
You need to insist on more than this. There are plenty of attacks against the authentication methods that are independent of wlan key management.
;)
If you need a secure wireless network, you should settle for nothing less than WPA2 with AES-CCMP, 802.1x/EAP-TLS authentication, and smartcards for PKI key security.
Good luck with that last part on Linux. I can get WPA2 and 802.1x/EAP-TLS using wpa_supplicant, but there's no hooks to MUSCLE or OpenSC from there. Works fine on OS X, though.
Interestingly, doing what MS did in the way they did introduces a weakness in Kerberos.
The MSKDC populates the authorization-data in the ticket-granting ticket (TGT). This is copied into the TGS-REQ when a service ticket is requested, and then is copied from the request into the service ticket. Services make authorization decisions based on the group data in the service ticket.
According to Microsoft, this is an optimization issue. Enumerating group membership is relatively expensive, especially with nested groups, so MS chose to do it only once per login session, i.e. when the TGT is requested.
But what this means is if a user's group membership is changed while during the lifetime of a TGT (10 hours by default), the changes don't take effect until the user gets a new TGT.
Now, in an MS-only environment, you can mitigate this by using forced logoff. Basically, the administrator tells the workstation to discard the user's TGT, and the user is forced to get a new one, with new his new group enumeration.
But you can't do this to any other Kerberos implementation--like MIT Kerberos on Linux or Mac OS X. So if a mole logs in to his Linux box and gets a TGT from your domain at 0800 and starts using his privileges to wreak havoc, there's nothing you can do (other than physically disconnect him) until his TGT lifetime runs out 10 hours later.
Sucks to be you that day, doesn't it?
Admittedly this isn't a very likely scenario, but it does illustrate the point that mucking with security protocols at random like this can have non-intuitive effects.
I have begged critics of the system, such as The Register's Andrew Orlowski, to explain to me how Creative Commons works or what it's supposed to do that current copyright law doesn't do.
Nice to know he seeks independent, unbiased views. Next up, Dvorak interviews Steve Ballmer on the benefits of Linux...
Really? My machine running DisplayPDF is pretty darn snappy.
Just 'cause your application's implementation of it sucks is no reason to blame the technology, especially when you don't understand the difference between display compositing and viewing a freaking document.