So why, in an unlocked european iPhone, going with flash size from 16 to 32 GB and from 32 to 64 GB costs 110 euro and to Apple this costs, respectively, 19$ and 39$? Not much development involved, and manufacturing is already factored in.
This is simply the maximum price the market will bear, and the product is developed up until the cost leaves enough profit (for an arbitrary definition of "enough").
Are you suggesting that since in the Middle ages Christians killed in the name of God, it's ok now for Muslims to kill in the name of God? Is this your idea of religion? Is it ok for these to be the Midlle ages of Islam?
Let's just try to do what's best for humanity already. Let's try to evolve from the dark past. Let's stop preaching ourselves ideas meant to bring order into chaos and let's try to move forward, not to grow roots in a place someone said it's good enough.
Let's suppose that the bill with the forged code randomly ends up in some kind of photo taken with a smartphone, and let's suppose that the smartphone recognizes the QR code and sends the photographer to some kind of phishing website...
I know, totally unlikely as an attack vector, there's far more probability of someone being phished through ordinary spam. But even if the author of TFA didn't had a clue of what he was talking about, the bill with the malicious QR code could indeed be used as an attack vector of sorts...
Given the traffic volume experienced by Wikipedia every day, switching the entire UK (or worldwide) traffic to HTTPS would represent a significant hit on the servers CPU load if they're not using cryptographically capable hardware (and maybe even if they do, however IANANE and I'm not sure how this could work with load balancing).
Radiation damage builds up with time, see Total Ionizing Dose (TID) effects. Not so easy to "tweak" silicon devices to counteract lattice displacement effects (the only real solution being not relying on the silicon lattice, i.e., working with vacuum tubes).
I ordered one in mid July and got the following email some days ago.
We have been advised that our next batch of approximately 40,000 Raspberry Pi’s will now be arriving during September, with further deliveries expected in October. This delay is due to the very high level of demand on the core Raspberry Pi processor chip. Unfortunately, this means that some orders will be delayed, although we are trying to reduce this as much as possible.
Based on my order number, they should ship it at the beginning of October and, based on their schedule, they probably have, today, a backlog of 35000 orders (40k RP units?).
Seemed strange to me that they were able to grow such a huge amount of unfullfilled orders, especially since people on blogs are starting to treat the RP like a grocery store commodity. But now that I read the parent comments, I'll make sure to complain (and most likely cancel) my order if it doesn't ship by the first week of October (I'd do that right away, but now I wouldn't find the time to use the RP anyway even if I got one).
Does this really have to be marked +5 Funny? How far away into the future will we mark it Informative? (Not that I expect for/. to survive that long...)
Seriously? Is this the kind of deeply technical questions that the diversified and experienced/. community is supposed to answer? Is this becoming Yahoo Answers?
And to the poster (because the first paragraph was to the editors), just take some time to type something into google and head over to:
Do date, there really isn't any IDE/Language that has targeted this audience of people who wanted to do RAD in this visual manner.
Wrong. There's Delphi. Say what you want about Pascal or OOP, but it is just as easy to program with as VB, it has an extensive third party component selection being actively developed (to do whatever you want, from serial communication to image processing and GUI components) and it is, somehow, still being sold and supported.
When.NET came around, its users were praising the ease of GUI development, something that Borland users already became accustomed to during the previous 10 years or more (with both Delphi and C++ Builder). With no dynamic libraries or virtual machines to depend on, every executable runs natively with the visual component library -- VCL -- that can be statically compiled in it.
Unfortunately tho, Borland changed its business focus and sold the whole thing (except the VCL) to CodeGear. The new VCL developed by CodeGear is meant to be compatible with the old Borland one, but it still has compatibility problems and, in general, is bigger. The last Borland-produced version of Delphi is the 2006 one and that's what I'm still using today for quick drag and drop GUI projects (when there's no need to spend more than 5 minutes drawing a GUI). And I know several people making tons of money selling and developing DB based programs with versions even older (Delphi was originally developed to provide an easy to use interface to DBs, that's why it is named after an "oracle").
That's because the passwords are usually shorter than the hash itself. I haven't looked into the details, but I assume they sorted the hashes this way to group similar length passwords together.
FWIW, my password hash (more than 1yo account) is not on the list. My girlfriend's one is (zeroed, 3 months old account), but her password is a quite easy/common one.
When checking for your password, check both for its SHA-1 hash and for the SHA-1 hash with the first five chars zeroed. Quoting:
Some observations on this file:
0. This is a file of SHA1 hashes of short strings (i.e. passwords).
1. There are 3,521,180 hashes that begin with 00000. I believe that these represent hashes that the hackers have already broken and they have marked them with 00000 to indicate that fact.
Evidence for this is that the SHA1 hash of 'password' does not appear in the list, but the same hash with the first five characters set to 0 is.
5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 is not present
000001e4c9b93f3f0682250b6cf8331b7ee68fd8 is present
Same story for 'secret':
e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4 is not present
00000a1ba31ecd1ae84f75caaa474f3a663f05f4 is present
And for 'linkedin':
7728240c80b6bfd450849405e8500d6d207783b6 is not present
0000040c80b6bfd450849405e8500d6d207783b6 is present
2. There are 2,936,840 hashes that do not start with 00000 that can be attacked with JtR.
3. The implication of #1 is that if checking for your password and you have a simple password then you need to check for the truncated hash.
4. This may well actually be from LinkedIn. Using the partial hashes (above) I find the hashes for passwords linkedin, LinkedIn, L1nked1n, l1nked1n, L1nk3d1n, l1nk3d1n, linkedinsecret, linkedinpassword,...
5. The file does not contain duplicates. LinkedIn claims a user base of 161m. This file contains 6.4m unique password hashes. That's 25 users per hash. Given the large amount of password reuse and poor password choices it is not improbable that this is the complete password file. Evidence against that thesis is that password of one person that I've asked is not in the list.
I know the parent is funny, but a long (since about FF 3.6) awaited regression fix included in 13 that nobody will mention is that I can now finally scroll webpages again with my Synaptics touchpad while a PDF is in the background. No matter if you were using the Adobe or any other PDF-viewing plugin, but any FF version in what felt like an eternity would scroll the PDF (no matter if in bg of fg) instead of the tab you actually wanted to scroll. And IE has the same bug, which may actually be considered a Synaptics bug, but good luck receiving a fix from them (Chrome doesn't, but anyway I'm plugin-locked into FF).
When she's done, she tells git-annex which to keep and which to remove. They're all removed from her netbook to save space, and Alice knows that next time she syncs up to the net, her changes will be synced back to her server.
Isn't this exactly what the OP didn't want to happen?
scenarios where files gets deleted locally — that should not result in files getting automatically deleted on the server as well
I'm sure there will be a flag to disable server-side deletion, but is this a "supported" use case or a dirty hack? What happens if the OP deletes all the old photos from the synchronized folder on his/her laptop, fills the folder with new photos and tries to sync again? Will git require for the old photos to be downloaded before the new ones can be sync'ed?
Except that your smartphone with an always-on GPS-tracking app, recording a data point every 5 feet, will last at most 2 hours on a full battery.
My Garmin handheld doing just that, with a better precision, will last 15 hours on a couple of AA batteries. And when they're over, I can just swap another pair in. And I can use it under the rain. With the gloves on.
Webapps or just web pages, as we used to call them, are the future of software. You just enter an address or click a link and you get to the most up to date "app". No installation, no updates, no permissions, no specific OS or hardware or platform necessary. It works everywhere by everyone and all the time with no hassles.
The more I think about it, the more I feel this all is just a World Wide Web Consortium fault. And it looks like nobody is giving them any blame for the lack of an "App standard". The fact that they were able to manage standardization on the Web for the past 30 years doesn't mean they will be able to do the same in the future or even now. The Web is already changing faster than any progress HTML5 is making.
I know this is not as simple as it sounds, since all of the major players want to drive this change. But I feel someone should just step up, develop a resonable architecture, provide a reference framework, and release it in the public domain. Yes, public domain, not GPL.
But since this is quite unlikely to happen since there's no money to make in doing it, I see no way out of this.
Slashdot Mirror
Plenty of slashdot posters keep copy/pasting talks like this... and get +5 Funny for it.
http://www.google.com/search?q="I+don't+know+about+you+but+that+sounds+damn+secure+to+me"+site%3Aslashdot.org
So why, in an unlocked european iPhone, going with flash size from 16 to 32 GB and from 32 to 64 GB costs 110 euro and to Apple this costs, respectively, 19$ and 39$? Not much development involved, and manufacturing is already factored in.
This is simply the maximum price the market will bear, and the product is developed up until the cost leaves enough profit (for an arbitrary definition of "enough").
Are you suggesting that since in the Middle ages Christians killed in the name of God, it's ok now for Muslims to kill in the name of God? Is this your idea of religion? Is it ok for these to be the Midlle ages of Islam?
Let's just try to do what's best for humanity already. Let's try to evolve from the dark past. Let's stop preaching ourselves ideas meant to bring order into chaos and let's try to move forward, not to grow roots in a place someone said it's good enough.
Let's suppose that the bill with the forged code randomly ends up in some kind of photo taken with a smartphone, and let's suppose that the smartphone recognizes the QR code and sends the photographer to some kind of phishing website...
I know, totally unlikely as an attack vector, there's far more probability of someone being phished through ordinary spam. But even if the author of TFA didn't had a clue of what he was talking about, the bill with the malicious QR code could indeed be used as an attack vector of sorts...
Given the traffic volume experienced by Wikipedia every day, switching the entire UK (or worldwide) traffic to HTTPS would represent a significant hit on the servers CPU load if they're not using cryptographically capable hardware (and maybe even if they do, however IANANE and I'm not sure how this could work with load balancing).
Radiation damage builds up with time, see Total Ionizing Dose (TID) effects. Not so easy to "tweak" silicon devices to counteract lattice displacement effects (the only real solution being not relying on the silicon lattice, i.e., working with vacuum tubes).
I ordered one in mid July and got the following email some days ago.
We have been advised that our next batch of approximately 40,000 Raspberry Pi’s will now be arriving during September, with further deliveries expected in October. This delay is due to the very high level of demand on the core Raspberry Pi processor chip. Unfortunately, this means that some orders will be delayed, although we are trying to reduce this as much as possible.
Based on my order number, they should ship it at the beginning of October and, based on their schedule, they probably have, today, a backlog of 35000 orders (40k RP units?).
Seemed strange to me that they were able to grow such a huge amount of unfullfilled orders, especially since people on blogs are starting to treat the RP like a grocery store commodity. But now that I read the parent comments, I'll make sure to complain (and most likely cancel) my order if it doesn't ship by the first week of October (I'd do that right away, but now I wouldn't find the time to use the RP anyway even if I got one).
Does this really have to be marked +5 Funny? How far away into the future will we mark it Informative? (Not that I expect for /. to survive that long...)
What if we keep them in the Firehose?...
Page 2.
Page 3.
(Sorry, Google didn't cache the one-page version.)
Here.
Seriously? Is this the kind of deeply technical questions that the diversified and experienced /. community is supposed to answer? Is this becoming Yahoo Answers?
And to the poster (because the first paragraph was to the editors), just take some time to type something into google and head over to:
http://www.engadget.com/2011/11/26/ask-engadget-best-over-the-ear-headphones/
http://www.engadget.com/2010/11/04/ask-engadget-best-passive-noise-cancelling-headphones/
http://www.engadget.com/2011/03/31/ask-engadget-best-usb-headset-for-skype-calls-and-podcasting/
http://www.engadget.com/2011/06/11/ask-engadget-best-non-gaming-wireless-headphones/
http://www.engadget.com/2011/02/24/ask-engadget-best-non-ugly-noise-cancelling-bluetooth-headset/
http://www.engadget.com/2011/10/01/ask-engadget-best-earbuds-for-outdoor-fitness-use/
At least you will get more detailed answers and consistent comparisons. And I won't have to do the google typing for you.
Do date, there really isn't any IDE/Language that has targeted this audience of people who wanted to do RAD in this visual manner.
Wrong. There's Delphi. Say what you want about Pascal or OOP, but it is just as easy to program with as VB, it has an extensive third party component selection being actively developed (to do whatever you want, from serial communication to image processing and GUI components) and it is, somehow, still being sold and supported.
When .NET came around, its users were praising the ease of GUI development, something that Borland users already became accustomed to during the previous 10 years or more (with both Delphi and C++ Builder). With no dynamic libraries or virtual machines to depend on, every executable runs natively with the visual component library -- VCL -- that can be statically compiled in it.
Unfortunately tho, Borland changed its business focus and sold the whole thing (except the VCL) to CodeGear. The new VCL developed by CodeGear is meant to be compatible with the old Borland one, but it still has compatibility problems and, in general, is bigger. The last Borland-produced version of Delphi is the 2006 one and that's what I'm still using today for quick drag and drop GUI projects (when there's no need to spend more than 5 minutes drawing a GUI). And I know several people making tons of money selling and developing DB based programs with versions even older (Delphi was originally developed to provide an easy to use interface to DBs, that's why it is named after an "oracle").
But, IMHO, not too much, statistically.
I expect most of the people putting the mandatory uppercase letter at the beginning of the pass and the mandatory number (usually a '1') at the end.
I wonder if people were saying the same thing 21 years ago when Linus Torvalds released his OS.
(I'm not implying that I think OpenStack will be successful, just that your point doesn't sound so strong to me.)
That's because the passwords are usually shorter than the hash itself. I haven't looked into the details, but I assume they sorted the hashes this way to group similar length passwords together.
FWIW, my password hash (more than 1yo account) is not on the list. My girlfriend's one is (zeroed, 3 months old account), but her password is a quite easy/common one.
http://www.mediafire.com/?n307hutksjstow3
When checking for your password, check both for its SHA-1 hash and for the SHA-1 hash with the first five chars zeroed. Quoting:
Some observations on this file:
...
0. This is a file of SHA1 hashes of short strings (i.e. passwords).
1. There are 3,521,180 hashes that begin with 00000. I believe that these represent hashes that the hackers have already broken and they have marked them with 00000 to indicate that fact.
Evidence for this is that the SHA1 hash of 'password' does not appear in the list, but the same hash with the first five characters set to 0 is.
5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 is not present
000001e4c9b93f3f0682250b6cf8331b7ee68fd8 is present
Same story for 'secret':
e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4 is not present
00000a1ba31ecd1ae84f75caaa474f3a663f05f4 is present
And for 'linkedin':
7728240c80b6bfd450849405e8500d6d207783b6 is not present
0000040c80b6bfd450849405e8500d6d207783b6 is present
2. There are 2,936,840 hashes that do not start with 00000 that can be attacked with JtR.
3. The implication of #1 is that if checking for your password and you have a simple password then you need to check for the truncated hash.
4. This may well actually be from LinkedIn. Using the partial hashes (above) I find the hashes for passwords linkedin, LinkedIn, L1nked1n, l1nked1n, L1nk3d1n, l1nk3d1n, linkedinsecret, linkedinpassword,
5. The file does not contain duplicates. LinkedIn claims a user base of 161m. This file contains 6.4m unique password hashes. That's 25 users per hash. Given the large amount of password reuse and poor password choices it is not improbable that this is the complete password file. Evidence against that thesis is that password of one person that I've asked is not in the list.
I know the parent is funny, but a long (since about FF 3.6) awaited regression fix included in 13 that nobody will mention is that I can now finally scroll webpages again with my Synaptics touchpad while a PDF is in the background. No matter if you were using the Adobe or any other PDF-viewing plugin, but any FF version in what felt like an eternity would scroll the PDF (no matter if in bg of fg) instead of the tab you actually wanted to scroll. And IE has the same bug, which may actually be considered a Synaptics bug, but good luck receiving a fix from them (Chrome doesn't, but anyway I'm plugin-locked into FF).
http://downloads.element14.com/raspberryPi2.html
When she's done, she tells git-annex which to keep and which to remove. They're all removed from her netbook to save space, and Alice knows that next time she syncs up to the net, her changes will be synced back to her server.
Isn't this exactly what the OP didn't want to happen?
scenarios where files gets deleted locally — that should not result in files getting automatically deleted on the server as well
I'm sure there will be a flag to disable server-side deletion, but is this a "supported" use case or a dirty hack? What happens if the OP deletes all the old photos from the synchronized folder on his/her laptop, fills the folder with new photos and tries to sync again? Will git require for the old photos to be downloaded before the new ones can be sync'ed?
Except that your smartphone with an always-on GPS-tracking app, recording a data point every 5 feet, will last at most 2 hours on a full battery.
My Garmin handheld doing just that, with a better precision, will last 15 hours on a couple of AA batteries. And when they're over, I can just swap another pair in. And I can use it under the rain. With the gloves on.
Or songs not in your native language. Even if I understand English pretty well, my brain (usually) doesn't automatically tune in on English lyrics.
You forgot the @ sign, today probably even more widespread than the ampersand.
We're not even sure where does it come from, but it doesn't look to me that we stopped using it.
Webapps or just web pages, as we used to call them, are the future of software. You just enter an address or click a link and you get to the most up to date "app". No installation, no updates, no permissions, no specific OS or hardware or platform necessary. It works everywhere by everyone and all the time with no hassles.
The more I think about it, the more I feel this all is just a World Wide Web Consortium fault. And it looks like nobody is giving them any blame for the lack of an "App standard". The fact that they were able to manage standardization on the Web for the past 30 years doesn't mean they will be able to do the same in the future or even now. The Web is already changing faster than any progress HTML5 is making.
I know this is not as simple as it sounds, since all of the major players want to drive this change. But I feel someone should just step up, develop a resonable architecture, provide a reference framework, and release it in the public domain. Yes, public domain, not GPL.
But since this is quite unlikely to happen since there's no money to make in doing it, I see no way out of this.