These people are asking authors to pay $1500 per paper to cover the editorial costs. This is a Bad Idea.
First, this will inevitably have a negative effect on the submission of papers; I certainly wouldn't have submitted my first paper (now published) while I was still an undergraduate student if I had to pay for it.
Second, this raises a conflict of interest. If a journal's costs are being met by its authors, there will be a pressure to keep those authors happy -- which means publishing their papers. The current situation, where a journal's costs are met by its subscribers is the opposite -- the journals are under pressure to keep the quality as high as possible.
Finally, remember that quite a few papers are available online already. This varies from field to field, of course, but most mathematicians I know have all of their papers from the past decade online.
I routinely google people. Not just dates or potential dates; but nearly everyone I come across. People (especially in.ox.ac.uk) tend to have a variety of interests and expertise, and by googling someone I can find out about those much more quickly than by spending hours talking to them.
And it goes both ways: If I've met someone new and they want me to briefly describe myself, I'm quite likely to tell them to google me instead. I've done lots of stuff over the years, and I'm likely to forget to mention whatever any particular person is most interested in.
It has nothing to do with potential amorous interests; googling people just makes sense. (Assuming, of course, that you can identify which person you're looking for out of those sharing the same name; but in my experience that isn't too hard.)
Copying a reference string doesn't mean that you haven't read the paper in question. To take a personal example of what I've done:
1. Find a reference to a paper which looks interesting. 2. Walk down to the library, remembering that you're looking for Bob's paper about bars in the Journal of Foo. 3. Arrive in the library, find the paper, read it, decide it is important. 4. Walk back to computer, copy out reference string.
It's quite easy to look up a paper from a slightly-wrong reference, and as long as the reference is close to correct, it's fairly easy to not realize that the reference was wrong in the first place.
Another example of this: IBM's low-end laptops were (and probably still are) made by Acer. Curiously, laptops sold under the "Acer" brand tended to have exactly the same specs as the low-end IBM laptops, and cost about $500 less.
There is one problem with this: Some files are going to be different every time they are compiled. In particular, quite a few files include time stamps.
A few months ago I put together a list of the "polymorphic" files in FreeBSD 4.6:
/kernel,/boot/loader, and/boot/pxeboot all contain user, host, time, and date stamps, as expected.
All.a files (126 in/usr/lib, one in/usr/libdata/perl/5.00503/mach/auto/DynaLoader) contain indices of.o files, including seconds-since-epoch stamps
User, host, time, and date stamps are found in/etc/mail/freebsd.cf/usr/sbin/named/usr/libexec/named-xfer
Time and date stamps are found in:/usr/bin/suidperl/usr/bin/ntpq/usr/sbin/ntp(d|date|dc|timeset|trace)/usr/sbin/isdn(d|debug|monitor|phone|telctl)/usr/libdata/perl/5.00503/mach/perllocal.pod
Date stamps are found in:/usr/sbin/ppp/var/db/port.mkversion/usr/share/doc/usd/(07.mail|13.viref|18.msdiffs|19.memacros|20.meref)/paper.ascii.gz (once you ungzip them)/usr/share/perl/man/man3/(Config|DynaLoader).3.gz (once you ungzip them)
Files which are always the same size, but have randomized contents:/usr/share/games/fortune/*.dat/var/games/phantasia/void
These files are always going to set off alarms if you've upgraded-by-source. (On the other hand, if a file *not* on this list has a different checksum, it probably just means that you've applied a security patch.)
If find it odd that Slashdot posts several anti-MS stories every day and yet then proceeds to post a story linked to MSNBC... Who's side are we on here? Maybe if slashdot was truly anti-microsoft they would refrain from linking to their news network.
Stanley Feinbaum, professional journalist. I have no tolerance for bad journalism!
Isn't there a principle in good journalism which states that you should report a story without regard for your personal biasses?
I won't try to claim that slashdot is good journalism, but it seems rather peculiar that someone who claims in his.sig to be a professional journalist is bashing slashdot for one of the few things that they do right.
If you want to travel from the center of London to the center of Paris, you have two options:
1. You can fly. It takes 15 minutes to get to Heathrow; theoretically you're supposed to arrive 2 hours before your flight, but you could get away with arriving 30 minutes before departure. The flight takes an hour; then if you're very lucky, you might be able to get out of the airport in 30 minutes. Catch a train into central Paris, and you arrive 45 minutes later. Total time: An absolute minimum of 3 hours.
2. Take the Eurostar. From the center of London to the center of Paris, 3 hours.
If you don't want to arrive half an hour before your flight leaves, the train is going to be faster than the plane. Speed up the train a bit -- the Eurostar isn't the fastest of trains -- and it will always be faster than the plane.
There are a few problems with that argument: 1. LSB steganography is detectable (and zeroable) at wire speed. 2. Planting steganographic images everywhere wastes bandwidth -- you can get equal quality images into less space if you omit the steganography. 3. Placing fake steganography everywhere is really equivalent to sending "files of random bits" everywhere; if you want to do that, there's no advantage to sticking the random bits into an image.
And note that in the United States, those on Death Row aren't there for things like Blasphemy or Protesting against the state or having a peaceful assembly in a Square.
Quite true... for the official Death Row.
Unfortunately, there is now a parallel quasi-judicial system where people are detained without charge for months, held entirely incommunicado -- not allowed to contact either a lawyer or consular officials -- and then tried in secret.
What do you think would happen if someone arrived in New York wearing a T-shirt with the text "I support Al Quaeda"? I'm guessing that they would "disappear" rather quickly; whatever happened to freedom of speach?
Camera/Shy does one thing right: It encrypts the data. Well, almost right -- their keying is a bit broken, but it's still strong enough
The steganography, however, is entirely broken. The method they use -- fiddling with the least significant bits -- is trivial to identify, even when implemented correctly; but they bungled the implementation (doing wierd things like base64 encoding, which leaves an extremely obvious signature) as well.
Err, guys, if you want to promote ideologies by including them in your software licenses, you'd better have some useful software to start with.
The only thing which "Hacktivismo" has produced is Camera/Shy... which is an absolutely laughable implementation of an absolutely laughable method of steganogaphy. Anyone who uses Camera/Shy is practically waving a red flag while jumping up and down screaming "I'm trying to hide something!"
As much as we all laugh at the Windows "close all your applications and reboot" way of "solving" problems, there is something to be said for rebooting systems: If all else fails, you can quickly restore the system to a known working state.
Ideally, rebooting a system should be unnecessary. But practically speaking, people make dumb mistakes -- like the bug which caused the telephone crash of 1990 -- and Bad Things can happen. Rebooting a system should be a last resort; but it should be a last resort which always works.
If it reaches a point where the possibility that an enemy might act becomes sufficiently real, and the danger posed by that enemy's capabilities become sufficiently great, then the only reasonable course of action is to respond with military force.
In that case, it's time for the rest of the world to declare war on the United States of America.
Very hard to do as a car is flying down the high way, from far away, and having to pickup a small amount of signal in a VERY noisy environment because of all the other cars
Not really; these people aren't trying to pick up the signal from any single car, but rather pick up the total signal from all the cars combined. All they have to do is listen on all the frequencies and pick out the strongest one.
In addition, these people are in the fortunate position of caring very little about errors. In normal circumstances, an error rate of 25% would be terrible; here, they probably wouldn't care, and quite likely wouldn't even be aware of the errors.
I was including the large integer arithmetic and proven strong prime generation. If you don't need to generate keys, and you already have a large integer arithmetic package, then yes, RSA can be implemented in a few minutes.
I'm sure the parent post is intended in jest, since 16Kbit RSA keys are not subject to any known attack; but if you have enough cpu power to perform rsa operations on longer keys (remember, decryption and signing are O(n^2 log n) operations), there's no reason to accept gpg's limits.
Writing a fully functioning RSA implementation from scratch is the work of a couple months; if you're really paranoid (which you must be if you want keys longer than 16Kbits) then you should be able to spare a couple months.
Slashdot Mirror
To publish in any reputable journal, the authors have to pay a fee.
You have an interesting definition of "reputable".
These people are asking authors to pay $1500 per paper to cover the editorial costs. This is a Bad Idea.
First, this will inevitably have a negative effect on the submission of papers; I certainly wouldn't have submitted my first paper (now published) while I was still an undergraduate student if I had to pay for it.
Second, this raises a conflict of interest. If a journal's costs are being met by its authors, there will be a pressure to keep those authors happy -- which means publishing their papers. The current situation, where a journal's costs are met by its subscribers is the opposite -- the journals are under pressure to keep the quality as high as possible.
Finally, remember that quite a few papers are available online already. This varies from field to field, of course, but most mathematicians I know have all of their papers from the past decade online.
My personal litmus test: When you start to spend money.
How about this: When you're looking at more than newspaper articles and press releases.
I routinely google people. Not just dates or potential dates; but nearly everyone I come across. People (especially in .ox.ac.uk) tend to have a variety of interests and expertise, and by googling someone I can find out about those much more quickly than by spending hours talking to them.
And it goes both ways: If I've met someone new and they want me to briefly describe myself, I'm quite likely to tell them to google me instead. I've done lots of stuff over the years, and I'm likely to forget to mention whatever any particular person is most interested in.
It has nothing to do with potential amorous interests; googling people just makes sense. (Assuming, of course, that you can identify which person you're looking for out of those sharing the same name; but in my experience that isn't too hard.)
Copying a reference string doesn't mean that you haven't read the paper in question. To take a personal example of what I've done:
1. Find a reference to a paper which looks interesting.
2. Walk down to the library, remembering that you're looking for Bob's paper about bars in the Journal of Foo.
3. Arrive in the library, find the paper, read it, decide it is important.
4. Walk back to computer, copy out reference string.
It's quite easy to look up a paper from a slightly-wrong reference, and as long as the reference is close to correct, it's fairly easy to not realize that the reference was wrong in the first place.
Sometimes all you're paying for is a name.
Another example of this: IBM's low-end laptops were (and probably still are) made by Acer. Curiously, laptops sold under the "Acer" brand tended to have exactly the same specs as the low-end IBM laptops, and cost about $500 less.
This joke doesn't work with YOU!
It's a rare event when someone who visits Slashdot gets married
Yes, but the editors don't actually visit Slashdot. That's why there are so many duplicate stories.
A few months ago I put together a list of the "polymorphic" files in FreeBSD 4.6:
These files are always going to set off alarms if you've upgraded-by-source. (On the other hand, if a file *not* on this list has a different checksum, it probably just means that you've applied a security patch.)
If find it odd that Slashdot posts several anti-MS stories every day and yet then proceeds to post a story linked to MSNBC... Who's side are we on here? Maybe if slashdot was truly anti-microsoft they would refrain from linking to their news network.
.sig to be a professional journalist is bashing slashdot for one of the few things that they do right.
Stanley Feinbaum, professional journalist. I have no tolerance for bad journalism!
Isn't there a principle in good journalism which states that you should report a story without regard for your personal biasses?
I won't try to claim that slashdot is good journalism, but it seems rather peculiar that someone who claims in his
Can anyone give me guidance on which factories I should blow up in south-east Asia in order to have the maximum impact upon the American economy?
How do the editors pick which Ask Slashdot questions they post?
If you want to travel from the center of London to the center of Paris, you have two options:
1. You can fly. It takes 15 minutes to get to Heathrow; theoretically you're supposed to arrive 2 hours before your flight, but you could get away with arriving 30 minutes before departure. The flight takes an hour; then if you're very lucky, you might be able to get out of the airport in 30 minutes. Catch a train into central Paris, and you arrive 45 minutes later. Total time: An absolute minimum of 3 hours.
2. Take the Eurostar. From the center of London to the center of Paris, 3 hours.
If you don't want to arrive half an hour before your flight leaves, the train is going to be faster than the plane. Speed up the train a bit -- the Eurostar isn't the fastest of trains -- and it will always be faster than the plane.
As a second gauge of spending, ComScore also looks for trends in the credit card statements that about 30,000 of its panelists view online.
That's right: If you have their spyware installed on your computer, they are going to be looking through your credit card statements.
Why isn't this illegal yet?
but will it corrupt my filesystem?
Performance is important, certainly, but I think some people (*cough* overclockers *cough*) assign it a bit too much importance.
There are a few problems with that argument:
1. LSB steganography is detectable (and zeroable) at wire speed.
2. Planting steganographic images everywhere wastes bandwidth -- you can get equal quality images into less space if you omit the steganography.
3. Placing fake steganography everywhere is really equivalent to sending "files of random bits" everywhere; if you want to do that, there's no advantage to sticking the random bits into an image.
I think the answer here is simply to avoid any Linux kernels released close to Thanksgiving.
And note that in the United States, those on Death Row aren't there for things like Blasphemy or Protesting against the state or having a peaceful assembly in a Square.
Quite true... for the official Death Row.
Unfortunately, there is now a parallel quasi-judicial system where people are detained without charge for months, held entirely incommunicado -- not allowed to contact either a lawyer or consular officials -- and then tried in secret.
What do you think would happen if someone arrived in New York wearing a T-shirt with the text "I support Al Quaeda"? I'm guessing that they would "disappear" rather quickly; whatever happened to freedom of speach?
Camera/Shy does one thing right: It encrypts the data. Well, almost right -- their keying is a bit broken, but it's still strong enough
The steganography, however, is entirely broken. The method they use -- fiddling with the least significant bits -- is trivial to identify, even when implemented correctly; but they bungled the implementation (doing wierd things like base64 encoding, which leaves an extremely obvious signature) as well.
Err, guys, if you want to promote ideologies by including them in your software licenses, you'd better have some useful software to start with.
The only thing which "Hacktivismo" has produced is Camera/Shy... which is an absolutely laughable implementation of an absolutely laughable method of steganogaphy. Anyone who uses Camera/Shy is practically waving a red flag while jumping up and down screaming "I'm trying to hide something!"
As much as we all laugh at the Windows "close all your applications and reboot" way of "solving" problems, there is something to be said for rebooting systems: If all else fails, you can quickly restore the system to a known working state.
Ideally, rebooting a system should be unnecessary. But practically speaking, people make dumb mistakes -- like the bug which caused the telephone crash of 1990 -- and Bad Things can happen. Rebooting a system should be a last resort; but it should be a last resort which always works.
If it reaches a point where the possibility that an enemy might act becomes sufficiently real, and the danger posed by that enemy's capabilities become sufficiently great, then the only reasonable course of action is to respond with military force.
In that case, it's time for the rest of the world to declare war on the United States of America.
Very hard to do as a car is flying down the high way, from far away, and having to pickup a small amount of signal in a VERY noisy environment because of all the other cars
Not really; these people aren't trying to pick up the signal from any single car, but rather pick up the total signal from all the cars combined. All they have to do is listen on all the frequencies and pick out the strongest one.
In addition, these people are in the fortunate position of caring very little about errors. In normal circumstances, an error rate of 25% would be terrible; here, they probably wouldn't care, and quite likely wouldn't even be aware of the errors.
a 90-0 vote?!
The vote was 90-9, not 90-0.
I was including the large integer arithmetic and proven strong prime generation. If you don't need to generate keys, and you already have a large integer arithmetic package, then yes, RSA can be implemented in a few minutes.
I'm sure the parent post is intended in jest, since 16Kbit RSA keys are not subject to any known attack; but if you have enough cpu power to perform rsa operations on longer keys (remember, decryption and signing are O(n^2 log n) operations), there's no reason to accept gpg's limits.
Writing a fully functioning RSA implementation from scratch is the work of a couple months; if you're really paranoid (which you must be if you want keys longer than 16Kbits) then you should be able to spare a couple months.