I am suprised with the high mod points *here*. This guy is as naive as hell. In order to get a rock to drop you've got to do something to it. Like drop it. Rocks don't drop themselves you know. An object at rest will tend to stay at rest. This may be flame bait but it goes to show the level of basic phsyics knowledge on Slashdot is dropping like a rock taken up to the top of the Empire state building and tossed over the side.
Interesting that they sought these powers all through the clinton administration, yet didn't receive them until the bush administration.
Touche.
However, had 9/11 happened during the Clinton admin they still would have gotten it. Remember, not a single person who initially voted for the USAPATRIOT Act actually read it. And they had been trying to get these powers for well over a decade. Somehow, the first Bush presidency held them off, as did the Reagan presidency.
Well given that the reasonable expectation is that we'll be using nuclear power on Mars, there will be plenty of very hot water. Combine this with agri-domes which have a natural "greenhouse" effect, it is not unreasonable to see heat being an issue.
Since they are working on greenhouse oriented crops, it makes sense to target the likely temperatures there, as opposed to the martian atmopshere and "native unprotected" conditions.
Naturally, reading the article would have led you to that knowledge.;)
That's a swing that could match what plants experience in a greenhouse on Mars.
I'm not criticising.. but surely research into plants that can take extremes is of more short-term utility in creating species which can suck up and withhold pollutants as part of a clean-up operation for Earth than in sustaining the "great-post-armageddon-earth-bug-out" destination?
I'm not criticising... but that isn't the job of NASA.
As far as what you are talking about, it is called phyto-remediation and is done by *gasp* companies/agencies that specialize in cleanup activities. Do some searches on phytoremediation for more information.
In fact, I'd be worried if a for-profit company operating in a quasi-capitalist society didn't attempt to promote its products.
Agreed. However, when they want the government to start down the path of establishing mandatory markets or getting the government to pay for their R&D and/or marketing, there is a problem.
(And no, having national standards for state driver licenses and identification cards was/is not a bad idea.
Yes, actually, it is. It is a bad idea because nowhere in the constitution is this a valid and authorized power fo the fedgov. To do it anyway is a further offense to the constitution and violation of the very foundation of the government. Continuing to undermine the constitution in this way only leads to further undermining of it.
Further, the establishment of federally determined minimums produces what is called an "unfunded mandate" to the state governments. It forces States to do additional tasks while the money to do it still gets bled of the fedgov.
Not too dissimilar from the state requiring you to have insurance on your car. Now imagine them adding more such mandates. Meanwhile they continue to take the fruit of YOUR labor. They effectively tax you w/o it being obvious. That is what so-called "national standards" do.
Bottom line: Sure, absolutely: be vigilant. But there will never be compulsory "implants" that will be required for all.
And years ago it was said the same regarding other things required today. Such as the SSN, various insurances, and so on.
See, technically, you are not legally required to have a SSN to work in this country. Yet it has become "required".
It is not illegal to have a child w/o a SSN. But if you go that route be prepared for it to cost you a lot more money. For example, w/o a SSN you are not allowed to claim your child as an exemption and/or credit on your income tax return.
See how it works? They take stuff away from you (that they have no consitutional, moral, or legal right to), then tell you that if you want it back you have to submit to things they know they can't require you to do otherwise.
And then they call it "voluntary".
Poor? Need food stamps or other welfare benefits? How long till you are required to have one of these (under various guises/justifications as cost savings, fraud prevention, etc.)?
How about to travel on airlines and/or trains?
How about from international travel such as passports currently do? They'll claim it is better because it is implanted, etc. and that it'll "save us" so much money and lives ("...if it saves one life...").
How about the disarm-you nuts? How long before it starts making it's way into gun control laws? Especially when they start mandating guns be tied to the owner's RFID signature. That way they can "prevent" accidental shootings.
How long before it is used on people who the public doesn't care about, such as criminals?
Now we've got it "required" for "optional" activities such as travel, criminals, poor people, and people otherwise exercising their legal rights. Toss in mandating it for soldiers, who won't be given a choice and most non-soldiers won't care.
Now who is left? Police organizations as well as emergency rescue people. They can be mandated into it based on the alleged benefits it would provide. Especailly if they require it to qualify for their health benefits plans. Still "optional" in that "you don't have to" travel via plane, be a criminal, be a soldier, be an emergency worker, or apply for/accept government welfare.
Next up, all federal workers. Again, since it can be used for financial purposes, it will be used as a cost savings justification. Not to mention it would become required for "security scanner" use.
Following the successsful federal deployment ("hey, it's still not required since you don't HAVE to work for the fedgov you know), soon will come mandates to the states. Let us revisit your "national standards" comment.
The only places that are dark are berthing, and Control, if we are doing night ops.
Why would Control need to be darkened for "night ops" in a submarine w/o windows? Why would a submarine w/o windows need any part if it's interior dark for "night ops"?
From the link: In the simulation, team members had to protect an airbase and supply route which were under attack by enemy aircraft. The scenarios were configured with different patterns of attack and at different tempos. The situation was complicated because team members had to determine at first if the aircraft were neutral or hostile. Furthermore, two team members were dependent on the third whose role was to gather information and communicate it to them.
So a three person team set up to be fully dependant on a single person. Hello? Any CS major with half a brain can tell you what will happen there. So could any decent sysadmin. Resource contention caused by a bottleneck. So their second "team" of agent assisted humans... take a look at the illustration. It is one person and two (three actually) "agents".
They basically made a very simple RTS. The they "discovered" that it is faster when your information distribution is faster. This is NOT "agent assist". And who didn't think that a computer program with direct data input, that doe snot need to move input devices, scan a screen and process would NOT be faster in disseminating simple information like that?
This scenario is so far from reality in any situation that you cannot call it a simulation of reality. The conditions are far, far too simple and remove *any* intelligence from the "s3" and "s4" roles. If you are told to kill it, you do - and you get penalized heavily if you were told wrong information. This is important. It basically means that the role of "s3" is best suited for a computer. Combined with the inherent speed boost for information distribution and simple tests for the role of S2 this along will produce "better" results. Their S4 role is essentially less intelligent than "s3". "Move from A to B unless told to run away".
On top of that, they set it up such that one unit was defending two different areas; one in motion.
Ironically, the one area agents could in theory help out here is the one they specifically stated the human brain is better at; spatial reasoning. Go figure.
What some of the other posters need to be aware of is that this scenario is not the same as in self defense or life-death sequences. So rants about that are basically off topic.
One final interesting observation. They stated that at maximum speed no human team could destroy any target, but the computer.. oops I mean the HA teams could still destroy 36% of their targets. Seems to me that the limitations of the human body in move-click-process-move-click for the S2 role are a serious limiting factor they did not account for. Any RTS/FPS gamer will tell you these factors are not small. A better interface would have been a three key layout. Press I to identify, N for neutral, A for attack. Perhaps using the tab key to select from available targets. This would have improved the human performance merely by decluttering and improving their effective reaction times.
Then to further eliminate inherent diferences that have nothing to do with agent and decision making, there should have been a delay incorporated into the agents to account for the remaining difference in UI effects. At least then it would have been interesting.
Software agents may yet have a purpose in such condtions, but it won't be at this level, and this "study" doesn't demonstrate they would have any real value; it only demonstrates that you need battlefield intel to be disseminated quickly. Agents may have a use at a much higher level than was used in this experiment.
I've done battlefield intelligence. We don't need agents to identify friend or foe. We need a fast, easy to grok at a glance view of assets, terrain, and intel.
This is one reason that on the battlefield, attack units are assigned *directly* to intel units - so they can react and respond without waiting on information to filter up and down the chain.
Military victories are nearly always based on who has the better intelligence and data. When you've got a superior method of information distribution, I'll be interested. When you just want to tell me that computers can do some things that are irrelvant to the application domain, it is a waste of time and resources.
Japan had a population roughly equal to half that of the US. In order for Japan to surpass the US, the average Japanese citizen would have to be twice as efficient as the average US citizen.
Incorrect. To base efficiency of a collection upon individual efficicency is an improper and illogical action. There are many cultural and societal differences that change the equation. For example, assume for the moment the Japanese had no worries about being "over mechanized" -- they would/could freely use robots for many tasks that unions would lobby against here.
That one assumption entirely destroys your per-capita efficiency model. Unlikely? Hardly, as this is indeed what happeneed in the automotive world. Your argument entirely avoids the non-person multipliers technology *can* provide.
China has a population roughly equal to four times that of the US. In order for China to surpass the US, the average Chinese citizen would have to be one quarter as efficient as the average US citizen.
again: Incorrect Individual efficiency can, and often is, nullified through organizational inefficiencies. The ability to organize a population the size of China and harness the individual inefficiencies is not currently permitted to exist on this planet. The mentality and goverment of the Chinese will not permit it there either.
And finally, sciences are not like cars or televisions, they are like software. As Joel Says, no number of mediocre/average designers will produce the big things/hits. Works the same in science. A dozen B and C students won't produce the level of new science and innovation that the cream of the crop will. Thus, it doesn't matter how many Chinese citizens are as "efficient" as Americans. In science, what will matter is who is better at making large leaps forward.
This is precisely why the attempt over the years of the NEA to abolish accellerated ("gifted") student learning and produce mere cogs is the single greatest threat to American intellectual and scientific advancement.
No, it is not the "dumbing down" of the general populace, that is a minor item by comparison. It is the dumbing down of the extremely bright and gifted people at all ages.
The notion that we need "liberal arts" where people "become better through studying the arts" is one that needs banished to the annals of unfortunate history. We need people who are extremely good at what they do. We need programmers who are truly amazing to drive things forward. We need scientists who have a genuine love and in depth almost intuitive grasp of the world around them.
This is a critical failing in the Chinese system. It is exceptionally good at producing mediocrity. It was actually designed to do so (so too was the US system when it was imported). We need to realize there is no shame in not being the brightest. We need to stop clinging to a mistaken notion that if Johnny does better than Joey, Joey is somehow less than he was.
When we do that, we will be able to stop shackling our geniuses and truly gifted with the chains of forced mediocrity. Just as Google is doign in regards to Microsoft. Sure, MS has many more programmers, some quite bright. But they are shackled in the bounds of One Microsoft Way.
At Google, they instead focussed on getting *the best* they could. Those who have an ability to go beyond. And they are producing better software, faster. Go figure.
If the US can shed the bonds of fear, it doesn't matter if China outnumbers us 100 to one if it can't produce the level of genius we can.
Looking at history, nearly all major advancements in science and technology are the work of one or a handful of disparate people, not the work of comittees of medicority. There is no reason to expect any different today.
And no, the numbers game is irrelevant. We've shown you can stifle genius. The countries in which genious is not only allowed to flourish but is incourage
But then it's not really SPF. The SPF standard defines both a way of publicizing a list of hosts that may send on behalf of a domain, and a method of assigning a pass/notpass value to an email message based on the published SPF record (or lack of such record). SPF defines its tests with the envelope-from address....
Actually, it is. SPF's (submitted) RFC allows for tests against other entities including the From: header. It reccomends testing the HELO/EHLO statement as well. It does recommend you not check specific entities against SPF v12 records. The SPF site even talks about checking from From: header. It largely talks about attempting to verify authorship, which is not to be done with SPF. It even lists the comment that there are places checking on the From: header.
I suspect that they are already starting to crop addresses by scanning the HD of compromised machines.
Yup, they already are.
Actually not. The user only says that email address A is to recieve email only from domain Bm, and that's it. The owner of domain B set up their own SPF record. When email arrives for address A, the MTA quries the DNS for the SPF record of domain B, and accepts email only if it passes the test. A
Incorrect. Indeed according to the FAQ VARA does not require an SPF record. In VARA the end-user puts an address like bob_bm.com_@smartisp.com for bm.com. When email comes in, the inbound server would then run a frward and reverse DNS check on bm.com to verify the client has bm.com at the end f their name, and that the Ip they ar eusing maps to said name. No SPF record. Thus, VARA is client side SPF.
Only this would almost alway lead to a dead end. Spammers are already using throaway domains and compromised machines. Almost all the spam I report using SpamCop comes from IP addresses of PCs on broadband. So this path leads to a compromised machine. SPF would be able to verify the compromised machine. DNS would lead to the spammer's website on another compromised machine, and financial info would lead to someone whose credit card number was stolen...
But you don't stop there.
What's really needed here is for service providers to identify the compromised machines on their networks and help users clean them, or at least block their outgoing traffic as long as they are compromised, and do it fast. If this goal can be achieved and spammers are forced to use their own machine,
No the goal for Zombie machines should be to prevent them from happening through better security in the first place.
That said, one method of cutting down the effect of zombies at large companies is for the internal mail server to not allow sending of mail from a non-company domain name. This can be checked in the From: header as well as the envelope sender. ISPs should probably not do this, but the big companies could do it for their own employees.
BLocking outgoing broadband zombies requires several other steps. You are effectively limiting a customer's email sending rate. This can and will lead to other problems unless you set the numbers really high. This would negate any beneficial attempt. Spammers using zombie-pcs are already starting to use a slow transmission rate to avoid detection. Personally if I were doing it I'd choose to send maybe one or two every hour or half hour and be able to have that machine more likely to escape detection for much longer than to send a blast that gets me noticed and purged.
This is especially true if the trojan has a way of receiving updates and sending out new messages. Perhaps you use DNS TXT records to store and distribute short spam messages.
The trojan gets in using an unpublished exploit. It retreives all email addresses it can get from the compromised machine (CM). It retreives the spam of the day by doing a DNS query. It then sends out the spam. Say one message every random inteval between 10 and 40 minutes.
Method 1: You need a bunch of stolen credit card info with enough personal info to use for small payments online. You buy domains werothjwer.com werwervser634.com etc. (not paypa1.com) You send your spam with Paypal.com/ebay.com in the "From" header and with werothjwer.com in the "Sender" header and the SMTP envelope-from. Your email passes SPF/SenderID tests perfectly, and the recipient email client (Outlook Express?) proudly peresents email "From: paypal.com" (not paypa1.com!). By the time someone complains about you using their credit card your phishing emails are history, and you have a pile of now CC+personal info to use for your next venture. Paypal/ebay can seize all your registered doamains because you don't need them anymore. You get new ones every day using presh stolen identities.
How does this bypass header checks using SPF? YOur "From" is a header that gets checked. When your mailserver verifies the From address, your "easy bypass" is an absolute failure. SPF CAN check the From addess, it's merely a matter of choice. Note that checking the From line also handles option 2.
In postfix, at least, you could set up triggers to check the From field only for specific domains. For example, I can have in my header checks triggers for paypal.com, ebay, *bank*, etc. to run an SPF check. This keeps resource usage down.
Thinking in layers is the most effective approach to fighting spam, just like it is in security. Defense in depth. Use your early checks to weed out the common easy stuff (such as envelope sender SPF), then do additional checks that may require more resources only on certain triggers. Sure, header and content inspection generally take place after mail acceptance... though this is not always required, but eliminating it is eliminating it. Naturally I'd prefer to reject during the SMTP transaction (and you can), but as a second layer, I'll take discarding the spam/phish attempt before it reaches my eyes too.
Also MUAs should compare the From field with the envelope sender address and so on. If the From and the envelope sender are different domains, it can trigger additional MUA checks and eventually display a warning about a possible phishing attempt. This is an additional layer of protection -- one that does not require end user intervention.
If you don't want to be fooled with an email "from paypal" that is not from paypal, all you have to do is to give paypal a unique address to send mail to you. Mail sent from paypal to that address is from paypal. Mail sent "from paypal" to any other address you use is not from paypal.
That's easy to bypass.;) Just need a trojan/worm that checks your inboc for addresses. Sender, recipient, it doesn't matter. If you still have an email from them in your mailbox when the tojan hits, your "paypal only" address just got sent out and is now on the lists making the rounds. Note this is similar to your method 2.
On method 2, I think you are referring to defeating sender ID, which I am not talking about. The compromised machine you are referring to is a client machine, not a server. Thus there are no "client machine credentials" to bother with.
That said I use a variety of custom addresses for various places. It's good for tracking what companies *really* do with your aemail address. They claim they do't give or sell it but when you start getting email from somewhere else to that IP, you know they were less than honest.
One concern that I have with those "authentication" schemes like SPF is that they would make it harder to use bulletproof anti-phishing protection like unique addresses for an "authentication" scheme that any half educated spammer would be able to bypass
Care to explain that? Just how does sender verification such as SPF eliminate unique addresses? I use both in combination without problem. SPF merely attempts to determine if the sender address is one that the domain owner uses. It does not care wh
If Rove is protecting the US national security, his job
Actually, it isn't his job. For good reason, too.
Regardless of his political gain, Rove cannot, as a White House employee, even confirm that someone is CIA, especially during the run up to a war over WMD.
Bullshit. Go read the law, the whole law. Read it again. Do it until you finally understand it. It's quite simple. For that to be illegal certain conditions have to be met. IF those conditions are not met then no law is broken by disclosing someone to be a CIA employee of any kind. Period.
Hint: one of those conditions is that you had to gain the knowledge from government/classified sources. If reporter a tells you it, you are under no *legal* obligation to maintain it a supposed "secret".
So you go ahead apologizing for Rove's selfserving attack on a CIA agent.
I'm not apologizing for anyone or anything. How about you stick to only putting words I your own mouth as opposed to other people's, hmm?
You go ahead patronizing a guy
Obviously you don't know what that word means. If I'm patronizing anybody here, it's you. Maybe I am patronizing you by responding to your sad little troll. Lucky for you there isn't a "knee-jerk" moderation tag.;)
You go ahead running cover
Again, more slander instead of thought, logic, and reason. When you have no argument, attack your interlocutor, eh? I'm not running for cover for anything. I'm not exactly hiding behind a slashdot id, either. Oh, but you do.
Go ahead, because you're a traitor too.
And again with the ad hominems (that means "personal attack"). Fine, here, in language you apparently need to understand: Go ahead and run to made up laws so you can attack someone when you don't know the details, only know what other people tell you on TV or radio or read in someone's blog. Go ahead, parrot what his opponents and detractors say, instead of researching and thinking for yourself. Go ahead, because you're a moron too.
Get that?
By the way, in your zeal to fry someone on incomplete and inaccurate information, you are causing a bigger problem. Novak's story and Rove's story are in agreement. That means that a different senior administration official actually is responsible for getting the information to Novak. Therefore by focussing (apparently incorrectly) on Rove, you increase the likelyhood the real "perp" remains secret.
Ask yourself this. Given this information, why are the Democrats so adamant about frying Rove instead of going after the one who gave the information to Novak in the first place? Why are the focussing on someone whe merely agreed with what he heard and ignoring the person who "leaked" the data in the first place?
IF there was a crime committed by this information being released, the the crime lies in who originally did it. All evidence so far points to it not being Rove.
Like him or not, hate him or not, he should not be fried for a crime he did not commit while the actual perp gets off scott free. Or are you one of those fascists that believe in examples being made even if the real perp gets off the hook?
What happened to "innocent until proven guilty"? Oh, that doesn't go for people you don't like, eh?
Traitor to the founding principle of our justice system.;) Obviously, I find your "traitor" remark funny and sad. I highly doubt you've ever put your life on the line for this country. I highly doubt you've ever conducted intelligence operations for this country. I have, and I'd do it again.
So go ahead, play keyboard cowboy. Keep pretending to live the life some of us have lived. Just don't be suprised when we don't take you seriously.
It's highly unlikely someone has both stolen your mobile phone AND phished your details.
GIven how people tend to use their cell phone as a mini-pda (or it is a pda) and store pins, etc. in the phone, it is more likely that if they have the phone, they have all manner of personal details (SO names, kids names, parents names, funny looking phone numbers that turn out to be weakly encoded PIN numbers) with which to social-engineer their way into your details.
With the phone they get phone number and other numbers. With that and a name it isn't too difficult to get a lot of info on you (and your friends/family in your addybook) without ever phishing you. Even if you don't store PINs in it.
The entire point here is that someone *cough*Karl Rove*cough* released the secret association between Valerie Plame's identity, and her job as CIA operative.
Clearly Doc Ruby did not readeth the Article. In the article, the only way the author connected the name Valeri Plame with the story is becuase he already knew it. If as we are told KR said thet Wilson's wife arranged for the trip go from there. The article did.
Now let us think about something here. You get to be a female "secret agent". You need a fake name. DO you a) pick your MAIDEN NAME b) pick a name not previously related to you in any way
Uh gee Wally, you pick option b.
According to the stories (so far), KR did not ID her as an operative, just someone working for the CIA.
Accordign to Novak, KR's story rings true:
"During a long conversation with a senior administration official, I asked why Wilson was assigned the mission to Niger. He said Wilson had been sent by the CIA's counterproliferation section at the suggestion of one of its employees, his wife. It was an offhand revelation from this official, who is no partisan gunslinger. When I called another official for confirmation, he said: "Oh, you know about it." The published report that somebody in the White House failed to plant this story with six reporters and finally found me as a willing pawn is simply untrue.
At the CIA, the official designated to talk to me denied that Wilson's wife had inspired his selection but said she was delegated to request his help. He asked me not to use her name, saying she probably never again will be given a foreign assignment but that exposure of her name might cause "difficulties" if she travels abroad. He never suggested to me that Wilson's wife or anybody else would be endangered. If he had, I would not have used her name. I used it in the sixth paragraph of my column because it looked like the missing explanation of an otherwise incredible choice by the CIA for its mission."
Here he says he heard from a non-"gunslinger" the scoop and another confirmed he heard the same thing. Would you describe KR as not a "partisan gunslinger"? I doubt many would. Combine this with KR's recent statements that say Novack told him and it rings true.
Further, there *appears* to be no dispute that she fall sunder the protection of the aforementioned Act of 1982. She apparently had a desk job and had not been a NOC for over 5 years, removing her from that category.
Again though, to me using your previous/maiden name as your "undercover name" is not an affirmative action to keep your identity secret. If she used a different name, not one publicly tied to her, the trail would have gone cold quite quickly.
Think about it. Assume she did go overseas undercover, and used that name. Any foreign government worth it's salt could track her down quite easily even in the 1990s. All they'd have had to do would have been to search on her name and follow the trail the other way. When it didn't match the story they got they'd assume her an agent. Any connections to her they found would be assumed agency covers or other agents.
The point? Your alleged "Secret CIA identity" was not a secret. Even if "apparently works for" was left out, the mere mention of Wilson's wife being involved would have sent any reporter looking to see who she was. Following that trail as it is woudl have raised *many* questions all of it's own accord.
If ebay/paypal published SPF records indicating what servers send valid email for ebay/paypal, and your server checks those, how can a spammer set up a ligitiamte system to bypass that system? They can't.
The only way is to:
* alter ebay/paypal DNS records by some means
* spoof the IP address.
Gmail may well have a very large database of valid email from ebay/paypl and perhaps others, or may be implementing their own version of SPF that doesn't rely on the domains to publish SPF records. They may, for example, have done research to see what IP ranges are used by ebay/paypal or other banks and if it doesn't come from those ranges they consider it likely a phishing attempt. Essentially a form of SPF. We do this on some of our (Fortune 50) email servers; it isn;t hard to conceive of Google doing it.
Mail::SPF::Query essentially does something similar.
but it won't do a thing about, say, email that comes from, say, "support@paypa1.com" or so.
It doesn't have to. Such a domain gets reported as phsihing attempt, ebay/payal goes after the domain to get it shut down, end of that problem. Indeed, they already have. Do a whois on it and you'll fid it owned by eBay. So yes, SPF would work here. eBay can put out an SPF record saying all email from this domain is invalid. Servers using SPF checks can then toss it or mark it as invalid.
Indeed, this use would be an excellent use. If SPF had a field to indicate a domain sends zero mail we can safely discard/block all email claiming to be from there.
If you think google doesn't use a form of SPF or sender verification you are sadly mistaken. Besides, SPF is not intended to be THE solution, just a (good) tool in the toolbox of the solution.
I doubt the US will ever cede control over the internet,
Why should they? They created it. It's theirs. I built a really cool playground in my backyard for my kids. The neighborhood kids like to use it too. Should I give up control over it? Hell no.
The US creates something and the rest of the world thinks it has a God given right to it. Then they say the US screams they should be in charge of what they created and built and that this is pushing their view onto the world. Words of "black", "kettle", and "pot" seem to be waiting in the wings for some combination. Wait, the word hypocrisy is tugging at our shirtsleeves.
Nobody is forcing the rest of the world to be a part of the Internet. You choose to be.
And Bush is not in charge of it, whether he wants to be or not.
GO read The Law by Bastiat. Maybe you'll learn something about quests for power.
Personally, I think the UN should set up it's own DNS servers which every other country in the world can use, and if the US wants to sit in the corner and scream about how it should be in charge because God has given the US the right to impose it's view on the rest of the world, then let's just ignore them, and get on with it.
I mainly agree here. Let the UN set up it's own DNS servers. Let them try to convince the existing infrastructure to prefer theirs to the existing infrastructure. Let the Europeans, or the Chinese, or the Russians set up their own. Let them ignore the American infrastructure.
And let the American infrastructure ignore them.
Ah yes, there is the other shoe. Good for the goose is good for the gander. What do you think happens to the value of the Euronet or the UNNet when the US is not a part of it? Last I knew the penetration of net access was higher in the US. That is a significant loss of network value.
Let the European nations think they can add yet another socialist scheme that they can not afford. Push or pull the US out of your Internet and you lose the major funding of it. The European economy is faltering and unable to pay for it, and the governments can't either. Despite having their national defense paid for by the past few generations of Americans.
Think the UN servers will be preferred by AOL, the Cable companies, the Bells, and all the US based ISPs? Nope. They'll stick to the existing servers.
I'm all for the Internet being what it IMO should be: a collection of Intranets. This is much better than a single net. We've all but lost the beauty of hierarchical domain names -- remember when.org meant something different than.net or.com?
Hell maybe a "fork" of the Internet will push out IPV6 on one side or the other.
So quit bitching about the Americans controlling (to the extent possible) what they built and paid for. Quit trying to take what isn't yours. Go build your own, and pay for it yourself. Try *competing* on your own merits. I'd welcome it, I encrouage it, I'd pray for it if I were of that type. *BUILD* something, Or has the European community truly sunk that low on the capability scale? Man I hope not. For all of our sakes.
Maybe when you've built your own system you'll quit trying to take ours and we can stop hearing/reading you bitching about not having what isn't yours. Or maybe when you've tried and failed you'll at least have some respect for those that have gone before.
But I'm often described as an optimistic idealist, so I won't hold my breath. (Though I hear if the UN doesn't get their way holding their breath is their next option).;)
So please, do quit "bothering with the US". Maybe you'll quit bothering the US. Right now you're like the kid who thinks he is *entitled* to play on *my* playground. You're both wrong.
You know, it'd be funny if it weren't so sad. We cling to this naive assumption there is no difference between men and women. We know for fact that our brains are "wired" differently, that men and women brain patterns are different as a result of different wiring and usage patterns.
Yet we acknowledge certain difference such as emotional response (from the brain) and social interaction (again, from the brain). Women do indeed have a tendency to "think with the other half of the brain" in comparison to men. Women do seem to have a better go at intuitive logic or intuitive understanding, whereas we men have to sort it out the hard way with logic.
Why is it a leap to consider the possibility tha tin addition to physical differences, there are mental differences? Especially when we openly admit some of them? Difference is not the same as better/worse, it's just different. There are always exceptions but the general case is there. There are certain physical things women excel at compared to men and vica versa. Mental capabilities are no different.
We only damage ourselves as a society when we refuse to acknowledge the differences and rpetend they do not exist. It takes both sides, both points of view, both tendencies, to reach higher and further than before.
Men aren't generally interested in breast feeding? What exactly is keeping a field where women have no inherent advantage primarily a female dominated industry? Men can certainly lactate and breast feed. Could it be we just aren't interested in it? Could it be that there *is* an underlying inherent advantage for female breast feeding? Either or both of those can be it. Nursing likewise is still a female dominated industry. Popular wisdom claims no inherent advantage there either. Reality, however, demonstrates the opposite.
SO what if men aren't very interested in lactating, being cheerleaders, nurses, stay at home parents, or any variety of fields women are the dominant presence. So what if women aren't generally inclined to go into math, computers, or whatever they don't feel like going into. We are all different and trying to make us all the same is a grave injustice to who and what we are.
There aren't a lot of nine year olds who can write C#.
My six year old girl can program in Python, and is learning how to work the Linux command line (she is already fluent in X-Windows/Fluxbox/Gnome). So can several young children I am aware of. At her current rate she'll be ready for RHCT/RHCE in a couple years if she still wants to.;)
Remember, Farragut was commanding a naval vessel at the age of 12, and had a solid understanding of caclulus and advanced geometry, not to mention navigation on the open seas by that age. The only reason children of today don't do such things is because society/government won't let them.
Around here, we don't restrict their learning resulting in children single-digit-age who do/know/understand more than most graduates.
What we need is more of these stories in order to have a chance at breaking the molds we've been shackled with.
..someone doing an invoice for the carbon, water, and other compounds our bodies contain if we were to buy them at a chemistry supply house...
I hope they factored in the cost of assembly. People are always forgetting little additional expenses like that.
Sometimes the cost of assembly may be as little as dinner and a movie. Sure, some people need or desire the proprietary test tube style assembly methods, but open source assembly is generally preferred drivign the costs of assembly down dramatically.
The cost of assembly isn't the issue, it's the TCO that gets you. Sure your little tryst was cheap, perhaps even free. Your "dipping your toe in the water" excursion usually leads to more. And then you're locked in. It's the next 18 years of maintenance, accessories, and so on that do you in.
(Want the cost a of human life? Ask it's parent.:D )
Did Jobs say the Mac was switching to intel Processors? Yes. Did he say Macintoshes would now boot on ye olde' compaq in the basement? Nope.
Is the article talking about ye old compaq in the basement? No. It is talkng about ye new Intel powered Mac.
Where is that "field of strawmen" mod tag when you need it?;)
A common thread I see running through all these conversations about the upcoming switch to Intel processors is an assumption that having an Intel automatically equates to PC Compatibility.
What's left, really? USB devices? Guess who has been doing USB longer, Intel or Mac? Hard drives? Well you don't go buy a "mac only" HD now do you? How about video cards? Maybe, but doubtful. Sound cards? Same. Parallel port, serial port? (who cares;) ) Yah that's the same too.
The only major difference is motherboard and processor. That's one down.
BTW, the bios is only used for bootup. Once the OS is bootstrapped, it's pretty well ignored/bypassed.
There is no magic needed. Input devices, multimedia devices, storage devices, networking. It isn't that difficult. Could Dell realistically offer Mactel machines w/differing ram/hd/mediadrive/input device/accessories/cpu speed options if given the opportunity? Absolutely.
Re:Which is the bigger irony:
on
Ajax On Rails
·
· Score: 1
XMLHttpRequest does more or less the same thing as an IFrame (via an ActiveX contarol), except that it adds the overhead of an XML parse.
No it doesn't. There is no requirement to actually request XML. Indeed many uses of it do not use XML at all. So far, none of mine use XML.
Heh, many thanks. I just don't see the point in sticking to your position if you think about it and decide there's a better one. In a choice between Consistent and Right I'd rather be Right...;-)
Here we agree again.:)
This is a bit more serious in the UK, IIRC - cracks/breaks can block the driver's view of the road and massively reduce the structural integrity of the windscreen (and hence, surprisingly, the entire car), and since it's so hard to draw the line at which "a few cracks" becomes "a serious hazard", you aren't (again, IIRC) supposed to have even a single chip. True, the video wasn't shot in the UK, but I just assumed that it was the same in the US - no?
Depending on the area, nope. Does a chip in the lower left corner where a driver doesn't even look let alone use for viewing traffic and potential hazards count as a danger? Nope. A law that had it as you describe is too open to abuse. I've had many a car with a chipped or cracked windshield that didn't pose any significant danger to my ability to see what was going on.
Yes I did - did the other videos below have additional footage? Fair play then - that changes a lot...
Oh absolutely. They completely changed my opinion when I saw them. More in favor of the cop actually. The first video shows her passing the cop. That's the place to start. The next video is him pulling her over and making the initial contact. They all have the timestamp in the upper right.
When I saw the "first" video (the one linked to) I was a bit stunned. It appeared as if he walked up, asked her to get out of the car, then proceeded to taser her. Yet this was 4-5 minutes into the stop in reality. I was more than taken aback at this. It is not usual for a speeding stop to involve asking someone to get out of the car. I had to edit my initial response quite a bit as I reviewed the videos more.
Wow, really? If you were driving without a licence in the UK you'd likely be taken down the station, charged and at least fined or given community service.
Is it really no big deal in the US that people could be driving over a ton of metal, at high speeds, with no proven ability to control it, around pedestrians?
Clearly you haven't seen our driving tests.;^) More important than the two or three tonnes of metal is the 2 sticks of dynamite worth of explosives in the fuel tank.;)
This is a cultural thing, and one of the few reasonable ones left. We assume people are responsible. Only nanny states assume people are not... unkess they are voting for you of course.
Personally, I don't see any problems with the lack of training etc. in driving a car/truck. The votign booth is many orders of magnitude more powerful than a car and we don't require training in voting. Besides, the numbers bear out that people are generally, even mostly, responsible and capable of handling cars w/o government approval. My children will have had several years handling automotive devices at speed and in situations 99% of people will never find themselves in by the time they are going for their license. Horses "back in the day" also were dangerous to pedestrians yet I don't recall there being a license for those.
Sorry, I don't know what a nip-slip is.;)
How do you know? This is outside the context of the video - IIRC all we see is the cop approach the car. We have no idea how she'd been driving before she was stopped, how long it had taken to get her to pull over, or anything else about the greater context. I'm not arguing we should forgive the cop everything because we don't know, but it's easy to play armchair quarterback when you're not the one on the spot...
I have been in similar situations -- with more leeway than the cop had regarding escalation. Again, however, the other videos on the linked page have what you are missing. As I mentioned above it has th
Slashdot Mirror
what was there when it all started: galaxy or a black hole?
Duh, a galaxy's black hole. Where do you think the term "big bang" came from?
I am suprised with the high mod points *here*. This guy is as naive as hell. In order to get a rock to drop you've got to do something to it. Like drop it. Rocks don't drop themselves you know. An object at rest will tend to stay at rest. This may be flame bait but it goes to show the level of basic phsyics knowledge on Slashdot is dropping like a rock taken up to the top of the Empire state building and tossed over the side.
Interesting that they sought these powers all through the clinton administration, yet didn't receive them until the bush administration.
Touche.
However, had 9/11 happened during the Clinton admin they still would have gotten it. Remember, not a single person who initially voted for the USAPATRIOT Act actually read it. And they had been trying to get these powers for well over a decade. Somehow, the first Bush presidency held them off, as did the Reagan presidency.
Why? They didn't have an excuse.
That is all that changed on 9/11.
Since they are working on greenhouse oriented crops, it makes sense to target the likely temperatures there, as opposed to the martian atmopshere and "native unprotected" conditions.
Naturally, reading the article would have led you to that knowledge.
-- TFA
I'm not criticising.. but surely research into plants that can take extremes is of more short-term utility in creating species which can suck up and withhold pollutants as part of a clean-up operation for Earth than in sustaining the "great-post-armageddon-earth-bug-out" destination?
... but that isn't the job of NASA.
I'm not criticising
As far as what you are talking about, it is called phyto-remediation and is done by *gasp* companies/agencies that specialize in cleanup activities. Do some searches on phytoremediation for more information.
In fact, I'd be worried if a for-profit company operating in a quasi-capitalist society didn't attempt to promote its products.
Agreed. However, when they want the government to start down the path of establishing mandatory markets or getting the government to pay for their R&D and/or marketing, there is a problem.
(And no, having national standards for state driver licenses and identification cards was/is not a bad idea.
Yes, actually, it is. It is a bad idea because nowhere in the constitution is this a valid and authorized power fo the fedgov. To do it anyway is a further offense to the constitution and violation of the very foundation of the government. Continuing to undermine the constitution in this way only leads to further undermining of it.
Further, the establishment of federally determined minimums produces what is called an "unfunded mandate" to the state governments. It forces States to do additional tasks while the money to do it still gets bled of the fedgov.
Not too dissimilar from the state requiring you to have insurance on your car. Now imagine them adding more such mandates. Meanwhile they continue to take the fruit of YOUR labor. They effectively tax you w/o it being obvious. That is what so-called "national standards" do.
Bottom line: Sure, absolutely: be vigilant. But there will never be compulsory "implants" that will be required for all.
And years ago it was said the same regarding other things required today. Such as the SSN, various insurances, and so on.
See, technically, you are not legally required to have a SSN to work in this country. Yet it has become "required".
It is not illegal to have a child w/o a SSN. But if you go that route be prepared for it to cost you a lot more money. For example, w/o a SSN you are not allowed to claim your child as an exemption and/or credit on your income tax return.
See how it works? They take stuff away from you (that they have no consitutional, moral, or legal right to), then tell you that if you want it back you have to submit to things they know they can't require you to do otherwise.
And then they call it "voluntary".
Poor? Need food stamps or other welfare benefits? How long till you are required to have one of these (under various guises/justifications as cost savings, fraud prevention, etc.)?
How about to travel on airlines and/or trains?
How about from international travel such as passports currently do? They'll claim it is better because it is implanted, etc. and that it'll "save us" so much money and lives ("...if it saves one life...").
How about the disarm-you nuts? How long before it starts making it's way into gun control laws? Especially when they start mandating guns be tied to the owner's RFID signature. That way they can "prevent" accidental shootings.
How long before it is used on people who the public doesn't care about, such as criminals?
Now we've got it "required" for "optional" activities such as travel, criminals, poor people, and people otherwise exercising their legal rights. Toss in mandating it for soldiers, who won't be given a choice and most non-soldiers won't care.
Now who is left? Police organizations as well as emergency rescue people. They can be mandated into it based on the alleged benefits it would provide. Especailly if they require it to qualify for their health benefits plans. Still "optional" in that "you don't have to" travel via plane, be a criminal, be a soldier, be an emergency worker, or apply for/accept government welfare.
Next up, all federal workers. Again, since it can be used for financial purposes, it will be used as a cost savings justification. Not to mention it would become required for "security scanner" use.
Following the successsful federal deployment ("hey, it's still not required since you don't HAVE to work for the fedgov you know), soon will come mandates to the states. Let us revisit your "national standards" comment.
The only places that are dark are berthing, and Control, if we are doing night ops.
Why would Control need to be darkened for "night ops" in a submarine w/o windows? Why would a submarine w/o windows need any part if it's interior dark for "night ops"?
for the diesel modem
A diesel modem? Crap dude, that can't be very quiet nor "fresh smelling".
From the link:
... take a look at the illustration. It is one person and two (three actually) "agents".
.. oops I mean the HA teams could still destroy 36% of their targets. Seems to me that the limitations of the human body in move-click-process-move-click for the S2 role are a serious limiting factor they did not account for. Any RTS/FPS gamer will tell you these factors are not small. A better interface would have been a three key layout. Press I to identify, N for neutral, A for attack. Perhaps using the tab key to select from available targets. This would have improved the human performance merely by decluttering and improving their effective reaction times.
In the simulation, team members had to protect an airbase and supply route which were under attack by enemy aircraft. The scenarios were configured with different patterns of attack and at different tempos. The situation was complicated because team members had to determine at first if the aircraft were neutral or hostile. Furthermore, two team members were dependent on the third whose role was to gather information and communicate it to them.
So a three person team set up to be fully dependant on a single person. Hello? Any CS major with half a brain can tell you what will happen there. So could any decent sysadmin. Resource contention caused by a bottleneck. So their second "team" of agent assisted humans
They basically made a very simple RTS. The they "discovered" that it is faster when your information distribution is faster. This is NOT "agent assist". And who didn't think that a computer program with direct data input, that doe snot need to move input devices, scan a screen and process would NOT be faster in disseminating simple information like that?
This scenario is so far from reality in any situation that you cannot call it a simulation of reality. The conditions are far, far too simple and remove *any* intelligence from the "s3" and "s4" roles. If you are told to kill it, you do - and you get penalized heavily if you were told wrong information. This is important. It basically means that the role of "s3" is best suited for a computer. Combined with the inherent speed boost for information distribution and simple tests for the role of S2 this along will produce "better" results. Their S4 role is essentially less intelligent than "s3". "Move from A to B unless told to run away".
On top of that, they set it up such that one unit was defending two different areas; one in motion.
Ironically, the one area agents could in theory help out here is the one they specifically stated the human brain is better at; spatial reasoning. Go figure.
What some of the other posters need to be aware of is that this scenario is not the same as in self defense or life-death sequences. So rants about that are basically off topic.
One final interesting observation. They stated that at maximum speed no human team could destroy any target, but the computer
Then to further eliminate inherent diferences that have nothing to do with agent and decision making, there should have been a delay incorporated into the agents to account for the remaining difference in UI effects. At least then it would have been interesting.
Software agents may yet have a purpose in such condtions, but it won't be at this level, and this "study" doesn't demonstrate they would have any real value; it only demonstrates that you need battlefield intel to be disseminated quickly. Agents may have a use at a much higher level than was used in this experiment.
I've done battlefield intelligence. We don't need agents to identify friend or foe. We need a fast, easy to grok at a glance view of assets, terrain, and intel.
This is one reason that on the battlefield, attack units are assigned *directly* to intel units - so they can react and respond without waiting on information to filter up and down the chain.
Military victories are nearly always based on who has the better intelligence and data. When you've got a superior method of information distribution, I'll be interested. When you just want to tell me that computers can do some things that are irrelvant to the application domain, it is a waste of time and resources.
Japan had a population roughly equal to half that of the US. In order for Japan to surpass the US, the average Japanese citizen would have to be twice as efficient as the average US citizen.
Incorrect.
To base efficiency of a collection upon individual efficicency is an improper and illogical action. There are many cultural and societal differences that change the equation. For example, assume for the moment the Japanese had no worries about being "over mechanized" -- they would/could freely use robots for many tasks that unions would lobby against here.
That one assumption entirely destroys your per-capita efficiency model. Unlikely? Hardly, as this is indeed what happeneed in the automotive world. Your argument entirely avoids the non-person multipliers technology *can* provide.
China has a population roughly equal to four times that of the US. In order for China to surpass the US, the average Chinese citizen would have to be one quarter as efficient as the average US citizen.
again: Incorrect
Individual efficiency can, and often is, nullified through organizational inefficiencies. The ability to organize a population the size of China and harness the individual inefficiencies is not currently permitted to exist on this planet. The mentality and goverment of the Chinese will not permit it there either.
And finally, sciences are not like cars or televisions, they are like software. As Joel Says, no number of mediocre/average designers will produce the big things/hits. Works the same in science. A dozen B and C students won't produce the level of new science and innovation that the cream of the crop will. Thus, it doesn't matter how many Chinese citizens are as "efficient" as Americans. In science, what will matter is who is better at making large leaps forward.
This is precisely why the attempt over the years of the NEA to abolish accellerated ("gifted") student learning and produce mere cogs is the single greatest threat to American intellectual and scientific advancement.
No, it is not the "dumbing down" of the general populace, that is a minor item by comparison. It is the dumbing down of the extremely bright and gifted people at all ages.
The notion that we need "liberal arts" where people "become better through studying the arts" is one that needs banished to the annals of unfortunate history. We need people who are extremely good at what they do. We need programmers who are truly amazing to drive things forward. We need scientists who have a genuine love and in depth almost intuitive grasp of the world around them.
This is a critical failing in the Chinese system. It is exceptionally good at producing mediocrity. It was actually designed to do so (so too was the US system when it was imported). We need to realize there is no shame in not being the brightest. We need to stop clinging to a mistaken notion that if Johnny does better than Joey, Joey is somehow less than he was.
When we do that, we will be able to stop shackling our geniuses and truly gifted with the chains of forced mediocrity. Just as Google is doign in regards to Microsoft. Sure, MS has many more programmers, some quite bright. But they are shackled in the bounds of One Microsoft Way.
At Google, they instead focussed on getting *the best* they could. Those who have an ability to go beyond. And they are producing better software, faster. Go figure.
If the US can shed the bonds of fear, it doesn't matter if China outnumbers us 100 to one if it can't produce the level of genius we can.
Looking at history, nearly all major advancements in science and technology are the work of one or a handful of disparate people, not the work of comittees of medicority. There is no reason to expect any different today.
And no, the numbers game is irrelevant. We've shown you can stifle genius. The countries in which genious is not only allowed to flourish but is incourage
But then it's not really SPF. The SPF standard defines both a way of publicizing a list of hosts that may send on behalf of a domain, and a method of assigning a pass/notpass value to an email message based on the published SPF record (or lack of such record). SPF defines its tests with the envelope-from address.
Actually, it is. SPF's (submitted) RFC allows for tests against other entities including the From: header. It reccomends testing the HELO/EHLO statement as well. It does recommend you not check specific entities against SPF v12 records. The SPF site even talks about checking from From: header. It largely talks about attempting to verify authorship, which is not to be done with SPF. It even lists the comment that there are places checking on the From: header.
I suspect that they are already starting to crop addresses by scanning the HD of compromised machines.
Yup, they already are.
Actually not. The user only says that email address A is to recieve email only from domain Bm, and that's it. The owner of domain B set up their own SPF record. When email arrives for address A, the MTA quries the DNS for the SPF record of domain B, and accepts email only if it passes the test. A
Incorrect. Indeed according to the FAQ VARA does not require an SPF record. In VARA the end-user puts an address like bob_bm.com_@smartisp.com for bm.com. When email comes in, the inbound server would then run a frward and reverse DNS check on bm.com to verify the client has bm.com at the end f their name, and that the Ip they ar eusing maps to said name. No SPF record. Thus, VARA is client side SPF.
Only this would almost alway lead to a dead end. Spammers are already using throaway domains and compromised machines. Almost all the spam I report using SpamCop comes from IP addresses of PCs on broadband. So this path leads to a compromised machine. SPF would be able to verify the compromised machine. DNS would lead to the spammer's website on another compromised machine, and financial info would lead to someone whose credit card number was stolen...
But you don't stop there.
What's really needed here is for service providers to identify the compromised machines on their networks and help users clean them, or at least block their outgoing traffic as long as they are compromised, and do it fast. If this goal can be achieved and spammers are forced to use their own machine,
No the goal for Zombie machines should be to prevent them from happening through better security in the first place.
That said, one method of cutting down the effect of zombies at large companies is for the internal mail server to not allow sending of mail from a non-company domain name. This can be checked in the From: header as well as the envelope sender. ISPs should probably not do this, but the big companies could do it for their own employees.
BLocking outgoing broadband zombies requires several other steps. You are effectively limiting a customer's email sending rate. This can and will lead to other problems unless you set the numbers really high. This would negate any beneficial attempt. Spammers using zombie-pcs are already starting to use a slow transmission rate to avoid detection. Personally if I were doing it I'd choose to send maybe one or two every hour or half hour and be able to have that machine more likely to escape detection for much longer than to send a blast that gets me noticed and purged.
This is especially true if the trojan has a way of receiving updates and sending out new messages. Perhaps you use DNS TXT records to store and distribute short spam messages.
The trojan gets in using an unpublished exploit. It retreives all email addresses it can get from the compromised machine (CM). It retreives the spam of the day by doing a DNS query. It then sends out the spam. Say one message every random inteval between 10 and 40 minutes.
Further, the trojan looks in your br
Method 1:
... though this is not always required, but eliminating it is eliminating it. Naturally I'd prefer to reject during the SMTP transaction (and you can), but as a second layer, I'll take discarding the spam/phish attempt before it reaches my eyes too.
;) Just need a trojan/worm that checks your inboc for addresses. Sender, recipient, it doesn't matter. If you still have an email from them in your mailbox when the tojan hits, your "paypal only" address just got sent out and is now on the lists making the rounds. Note this is similar to your method 2.
You need a bunch of stolen credit card info with enough personal info to use for small payments online.
You buy domains werothjwer.com werwervser634.com etc. (not paypa1.com)
You send your spam with Paypal.com/ebay.com in the "From" header and with werothjwer.com in the "Sender" header and the SMTP envelope-from.
Your email passes SPF/SenderID tests perfectly, and the recipient email client (Outlook Express?) proudly peresents email "From: paypal.com" (not paypa1.com!).
By the time someone complains about you using their credit card your phishing emails are history, and you have a pile of now CC+personal info to use for your next venture. Paypal/ebay can seize all your registered doamains because you don't need them anymore. You get new ones every day using presh stolen identities.
How does this bypass header checks using SPF? YOur "From" is a header that gets checked. When your mailserver verifies the From address, your "easy bypass" is an absolute failure. SPF CAN check the From addess, it's merely a matter of choice. Note that checking the From line also handles option 2.
In postfix, at least, you could set up triggers to check the From field only for specific domains. For example, I can have in my header checks triggers for paypal.com, ebay, *bank*, etc. to run an SPF check. This keeps resource usage down.
Thinking in layers is the most effective approach to fighting spam, just like it is in security. Defense in depth. Use your early checks to weed out the common easy stuff (such as envelope sender SPF), then do additional checks that may require more resources only on certain triggers. Sure, header and content inspection generally take place after mail acceptance
Also MUAs should compare the From field with the envelope sender address and so on. If the From and the envelope sender are different domains, it can trigger additional MUA checks and eventually display a warning about a possible phishing attempt. This is an additional layer of protection -- one that does not require end user intervention.
If you don't want to be fooled with an email "from paypal" that is not from paypal, all you have to do is to give paypal a unique address to send mail to you. Mail sent from paypal to that address is from paypal. Mail sent "from paypal" to any other address you use is not from paypal.
That's easy to bypass.
On method 2, I think you are referring to defeating sender ID, which I am not talking about. The compromised machine you are referring to is a client machine, not a server. Thus there are no "client machine credentials" to bother with.
That said I use a variety of custom addresses for various places. It's good for tracking what companies *really* do with your aemail address. They claim they do't give or sell it but when you start getting email from somewhere else to that IP, you know they were less than honest.
One concern that I have with those "authentication" schemes like SPF is that they would make it harder to use bulletproof anti-phishing protection like unique addresses for an "authentication" scheme that any half educated spammer would be able to bypass
Care to explain that? Just how does sender verification such as SPF eliminate unique addresses? I use both in combination without problem. SPF merely attempts to determine if the sender address is one that the domain owner uses. It does not care wh
That's a crock.
;)
;) Obviously, I find your "traitor" remark funny and sad. I highly doubt you've ever put your life on the line for this country. I highly doubt you've ever conducted intelligence operations for this country. I have, and I'd do it again.
If you refer to your post, you are correct.
If Rove is protecting the US national security, his job
Actually, it isn't his job. For good reason, too.
Regardless of his political gain, Rove cannot, as a White House employee, even confirm that someone is CIA, especially during the run up to a war over WMD.
Bullshit. Go read the law, the whole law. Read it again. Do it until you finally understand it. It's quite simple. For that to be illegal certain conditions have to be met. IF those conditions are not met then no law is broken by disclosing someone to be a CIA employee of any kind. Period.
Hint: one of those conditions is that you had to gain the knowledge from government/classified sources. If reporter a tells you it, you are under no *legal* obligation to maintain it a supposed "secret".
So you go ahead apologizing for Rove's selfserving attack on a CIA agent.
I'm not apologizing for anyone or anything. How about you stick to only putting words I your own mouth as opposed to other people's, hmm?
You go ahead patronizing a guy
Obviously you don't know what that word means. If I'm patronizing anybody here, it's you. Maybe I am patronizing you by responding to your sad little troll. Lucky for you there isn't a "knee-jerk" moderation tag.
You go ahead running cover
Again, more slander instead of thought, logic, and reason. When you have no argument, attack your interlocutor, eh? I'm not running for cover for anything. I'm not exactly hiding behind a slashdot id, either. Oh, but you do.
Go ahead, because you're a traitor too.
And again with the ad hominems (that means "personal attack"). Fine, here, in language you apparently need to understand:
Go ahead and run to made up laws so you can attack someone when you don't know the details, only know what other people tell you on TV or radio or read in someone's blog. Go ahead, parrot what his opponents and detractors say, instead of researching and thinking for yourself. Go ahead, because you're a moron too.
Get that?
By the way, in your zeal to fry someone on incomplete and inaccurate information, you are causing a bigger problem. Novak's story and Rove's story are in agreement. That means that a different senior administration official actually is responsible for getting the information to Novak. Therefore by focussing (apparently incorrectly) on Rove, you increase the likelyhood the real "perp" remains secret.
Ask yourself this. Given this information, why are the Democrats so adamant about frying Rove instead of going after the one who gave the information to Novak in the first place? Why are the focussing on someone whe merely agreed with what he heard and ignoring the person who "leaked" the data in the first place?
IF there was a crime committed by this information being released, the the crime lies in who originally did it. All evidence so far points to it not being Rove.
Like him or not, hate him or not, he should not be fried for a crime he did not commit while the actual perp gets off scott free. Or are you one of those fascists that believe in examples being made even if the real perp gets off the hook?
What happened to "innocent until proven guilty"? Oh, that doesn't go for people you don't like, eh?
Traitor to the founding principle of our justice system.
So go ahead, play keyboard cowboy. Keep pretending to live the life some of us have lived. Just don't be suprised when we don't take you seriously.
It's highly unlikely someone has both stolen your mobile phone AND phished your details.
GIven how people tend to use their cell phone as a mini-pda (or it is a pda) and store pins, etc. in the phone, it is more likely that if they have the phone, they have all manner of personal details (SO names, kids names, parents names, funny looking phone numbers that turn out to be weakly encoded PIN numbers) with which to social-engineer their way into your details.
With the phone they get phone number and other numbers. With that and a name it isn't too difficult to get a lot of info on you (and your friends/family in your addybook) without ever phishing you. Even if you don't store PINs in it.
Clearly Doc Ruby did not readeth the Article. In the article, the only way the author connected the name Valeri Plame with the story is becuase he already knew it. If as we are told KR said thet Wilson's wife arranged for the trip go from there. The article did.
Now let us think about something here. You get to be a female "secret agent". You need a fake name. DO you
a) pick your MAIDEN NAME
b) pick a name not previously related to you in any way
Uh gee Wally, you pick option b.
According to the stories (so far), KR did not ID her as an operative, just someone working for the CIA.
Accordign to Novak, KR's story rings true:
Here he says he heard from a non-"gunslinger" the scoop and another confirmed he heard the same thing. Would you describe KR as not a "partisan gunslinger"? I doubt many would. Combine this with KR's recent statements that say Novack told him and it rings true.
Further, there *appears* to be no dispute that she fall sunder the protection of the aforementioned Act of 1982. She apparently had a desk job and had not been a NOC for over 5 years, removing her from that category.
Again though, to me using your previous/maiden name as your "undercover name" is not an affirmative action to keep your identity secret. If she used a different name, not one publicly tied to her, the trail would have gone cold quite quickly.
Think about it. Assume she did go overseas undercover, and used that name. Any foreign government worth it's salt could track her down quite easily even in the 1990s. All they'd have had to do would have been to search on her name and follow the trail the other way. When it didn't match the story they got they'd assume her an agent. Any connections to her they found would be assumed agency covers or other agents.
The point? Your alleged "Secret CIA identity" was not a secret. Even if "apparently works for" was left out, the mere mention of Wilson's wife being involved would have sent any reporter looking to see who she was. Following that trail as it is woudl have raised *many* questions all of it's own accord.
I kinda worry I just completely stated the obvious.
Dont worry, if you did you'll get modded Insightful in short order.
If ebay/paypal published SPF records indicating what servers send valid email for ebay/paypal, and your server checks those, how can a spammer set up a ligitiamte system to bypass that system? They can't.
The only way is to:
* alter ebay/paypal DNS records by some means
* spoof the IP address.
Gmail may well have a very large database of valid email from ebay/paypl and perhaps others, or may be implementing their own version of SPF that doesn't rely on the domains to publish SPF records. They may, for example, have done research to see what IP ranges are used by ebay/paypal or other banks and if it doesn't come from those ranges they consider it likely a phishing attempt. Essentially a form of SPF. We do this on some of our (Fortune 50) email servers; it isn;t hard to conceive of Google doing it.
Mail::SPF::Query essentially does something similar.
but it won't do a thing about, say, email that comes from, say, "support@paypa1.com" or so.
It doesn't have to. Such a domain gets reported as phsihing attempt, ebay/payal goes after the domain to get it shut down, end of that problem. Indeed, they already have. Do a whois on it and you'll fid it owned by eBay. So yes, SPF would work here. eBay can put out an SPF record saying all email from this domain is invalid. Servers using SPF checks can then toss it or mark it as invalid.
Indeed, this use would be an excellent use. If SPF had a field to indicate a domain sends zero mail we can safely discard/block all email claiming to be from there.
If you think google doesn't use a form of SPF or sender verification you are sadly mistaken. Besides, SPF is not intended to be THE solution, just a (good) tool in the toolbox of the solution.
This just makes them look more guilty of sock manipulation,
Damned sock manipulators. Now I know why half my sock pairs become sock singles.
I doubt the US will ever cede control over the internet,
.org meant something different than .net or .com?
;)
Why should they? They created it. It's theirs. I built a really cool playground in my backyard for my kids. The neighborhood kids like to use it too. Should I give up control over it? Hell no.
The US creates something and the rest of the world thinks it has a God given right to it. Then they say the US screams they should be in charge of what they created and built and that this is pushing their view onto the world. Words of "black", "kettle", and "pot" seem to be waiting in the wings for some combination. Wait, the word hypocrisy is tugging at our shirtsleeves.
Nobody is forcing the rest of the world to be a part of the Internet. You choose to be.
And Bush is not in charge of it, whether he wants to be or not.
GO read The Law by Bastiat. Maybe you'll learn something about quests for power.
Personally, I think the UN should set up it's own DNS servers which every other country in the world can use, and if the US wants to sit in the corner and scream about how it should be in charge because God has given the US the right to impose it's view on the rest of the world, then let's just ignore them, and get on with it.
I mainly agree here. Let the UN set up it's own DNS servers. Let them try to convince the existing infrastructure to prefer theirs to the existing infrastructure. Let the Europeans, or the Chinese, or the Russians set up their own. Let them ignore the American infrastructure.
And let the American infrastructure ignore them.
Ah yes, there is the other shoe. Good for the goose is good for the gander. What do you think happens to the value of the Euronet or the UNNet when the US is not a part of it? Last I knew the penetration of net access was higher in the US. That is a significant loss of network value.
Let the European nations think they can add yet another socialist scheme that they can not afford. Push or pull the US out of your Internet and you lose the major funding of it. The European economy is faltering and unable to pay for it, and the governments can't either. Despite having their national defense paid for by the past few generations of Americans.
Think the UN servers will be preferred by AOL, the Cable companies, the Bells, and all the US based ISPs? Nope. They'll stick to the existing servers.
I'm all for the Internet being what it IMO should be: a collection of Intranets. This is much better than a single net. We've all but lost the beauty of hierarchical domain names -- remember when
Hell maybe a "fork" of the Internet will push out IPV6 on one side or the other.
So quit bitching about the Americans controlling (to the extent possible) what they built and paid for. Quit trying to take what isn't yours. Go build your own, and pay for it yourself. Try *competing* on your own merits. I'd welcome it, I encrouage it, I'd pray for it if I were of that type. *BUILD* something, Or has the European community truly sunk that low on the capability scale? Man I hope not. For all of our sakes.
Maybe when you've built your own system you'll quit trying to take ours and we can stop hearing/reading you bitching about not having what isn't yours. Or maybe when you've tried and failed you'll at least have some respect for those that have gone before.
But I'm often described as an optimistic idealist, so I won't hold my breath. (Though I hear if the UN doesn't get their way holding their breath is their next option).
So please, do quit "bothering with the US". Maybe you'll quit bothering the US. Right now you're like the kid who thinks he is *entitled* to play on *my* playground. You're both wrong.
You know, it'd be funny if it weren't so sad. We cling to this naive assumption there is no difference between men and women. We know for fact that our brains are "wired" differently, that men and women brain patterns are different as a result of different wiring and usage patterns.
Yet we acknowledge certain difference such as emotional response (from the brain) and social interaction (again, from the brain). Women do indeed have a tendency to "think with the other half of the brain" in comparison to men. Women do seem to have a better go at intuitive logic or intuitive understanding, whereas we men have to sort it out the hard way with logic.
Why is it a leap to consider the possibility tha tin addition to physical differences, there are mental differences? Especially when we openly admit some of them? Difference is not the same as better/worse, it's just different. There are always exceptions but the general case is there. There are certain physical things women excel at compared to men and vica versa. Mental capabilities are no different.
We only damage ourselves as a society when we refuse to acknowledge the differences and rpetend they do not exist. It takes both sides, both points of view, both tendencies, to reach higher and further than before.
Men aren't generally interested in breast feeding? What exactly is keeping a field where women have no inherent advantage primarily a female dominated industry? Men can certainly lactate and breast feed. Could it be we just aren't interested in it? Could it be that there *is* an underlying inherent advantage for female breast feeding? Either or both of those can be it. Nursing likewise is still a female dominated industry. Popular wisdom claims no inherent advantage there either. Reality, however, demonstrates the opposite.
SO what if men aren't very interested in lactating, being cheerleaders, nurses, stay at home parents, or any variety of fields women are the dominant presence. So what if women aren't generally inclined to go into math, computers, or whatever they don't feel like going into. We are all different and trying to make us all the same is a grave injustice to who and what we are.
We are born equal, not identical.
There aren't a lot of nine year olds who can write C#.
;)
My six year old girl can program in Python, and is learning how to work the Linux command line (she is already fluent in X-Windows/Fluxbox/Gnome). So can several young children I am aware of. At her current rate she'll be ready for RHCT/RHCE in a couple years if she still wants to.
Remember, Farragut was commanding a naval vessel at the age of 12, and had a solid understanding of caclulus and advanced geometry, not to mention navigation on the open seas by that age. The only reason children of today don't do such things is because society/government won't let them.
Around here, we don't restrict their learning resulting in children single-digit-age who do/know/understand more than most graduates.
What we need is more of these stories in order to have a chance at breaking the molds we've been shackled with.
Sometimes the cost of assembly may be as little as dinner and a movie. Sure, some people need or desire the proprietary test tube style assembly methods, but open source assembly is generally preferred drivign the costs of assembly down dramatically.
The cost of assembly isn't the issue, it's the TCO that gets you. Sure your little tryst was cheap, perhaps even free. Your "dipping your toe in the water" excursion usually leads to more. And then you're locked in. It's the next 18 years of maintenance, accessories, and so on that do you in.
(Want the cost a of human life? Ask it's parent.
Did Jobs say the Mac was switching to intel Processors? Yes. Did he say Macintoshes would now boot on ye olde' compaq in the basement? Nope.
Is the article talking about ye old compaq in the basement? No. It is talkng about ye new Intel powered Mac.
Where is that "field of strawmen" mod tag when you need it?
A common thread I see running through all these conversations about the upcoming switch to Intel processors is an assumption that having an Intel automatically equates to PC Compatibility.
What's left, really? USB devices? Guess who has been doing USB longer, Intel or Mac? Hard drives? Well you don't go buy a "mac only" HD now do you? How about video cards? Maybe, but doubtful. Sound cards? Same. Parallel port, serial port? (who cares
The only major difference is motherboard and processor. That's one down.
BTW, the bios is only used for bootup. Once the OS is bootstrapped, it's pretty well ignored/bypassed.
There is no magic needed. Input devices, multimedia devices, storage devices, networking. It isn't that difficult. Could Dell realistically offer Mactel machines w/differing ram/hd/mediadrive/input device/accessories/cpu speed options if given the opportunity? Absolutely.
XMLHttpRequest does more or less the same thing as an IFrame (via an ActiveX contarol), except that it adds the overhead of an XML parse.
No it doesn't. There is no requirement to actually request XML. Indeed many uses of it do not use XML at all. So far, none of mine use XML.
Heh, many thanks. I just don't see the point in sticking to your position if you think about it and decide there's a better one. In a choice between Consistent and Right I'd rather be Right... ;-)
:)
;^) More important than the two or three tonnes of metal is the 2 sticks of dynamite worth of explosives in the fuel tank. ;)
... unkess they are voting for you of course.
;)
Here we agree again.
This is a bit more serious in the UK, IIRC - cracks/breaks can block the driver's view of the road and massively reduce the structural integrity of the windscreen (and hence, surprisingly, the entire car), and since it's so hard to draw the line at which "a few cracks" becomes "a serious hazard", you aren't (again, IIRC) supposed to have even a single chip. True, the video wasn't shot in the UK, but I just assumed that it was the same in the US - no?
Depending on the area, nope. Does a chip in the lower left corner where a driver doesn't even look let alone use for viewing traffic and potential hazards count as a danger? Nope. A law that had it as you describe is too open to abuse. I've had many a car with a chipped or cracked windshield that didn't pose any significant danger to my ability to see what was going on.
Yes I did - did the other videos below have additional footage? Fair play then - that changes a lot...
Oh absolutely. They completely changed my opinion when I saw them. More in favor of the cop actually. The first video shows her passing the cop. That's the place to start. The next video is him pulling her over and making the initial contact. They all have the timestamp in the upper right.
When I saw the "first" video (the one linked to) I was a bit stunned. It appeared as if he walked up, asked her to get out of the car, then proceeded to taser her. Yet this was 4-5 minutes into the stop in reality. I was more than taken aback at this. It is not usual for a speeding stop to involve asking someone to get out of the car. I had to edit my initial response quite a bit as I reviewed the videos more.
Wow, really? If you were driving without a licence in the UK you'd likely be taken down the station, charged and at least fined or given community service.
Is it really no big deal in the US that people could be driving over a ton of metal, at high speeds, with no proven ability to control it, around pedestrians?
Clearly you haven't seen our driving tests.
This is a cultural thing, and one of the few reasonable ones left. We assume people are responsible. Only nanny states assume people are not
Personally, I don't see any problems with the lack of training etc. in driving a car/truck. The votign booth is many orders of magnitude more powerful than a car and we don't require training in voting. Besides, the numbers bear out that people are generally, even mostly, responsible and capable of handling cars w/o government approval. My children will have had several years handling automotive devices at speed and in situations 99% of people will never find themselves in by the time they are going for their license. Horses "back in the day" also were dangerous to pedestrians yet I don't recall there being a license for those.
Sorry, I don't know what a nip-slip is.
How do you know? This is outside the context of the video - IIRC all we see is the cop approach the car. We have no idea how she'd been driving before she was stopped, how long it had taken to get her to pull over, or anything else about the greater context. I'm not arguing we should forgive the cop everything because we don't know, but it's easy to play armchair quarterback when you're not the one on the spot...
I have been in similar situations -- with more leeway than the cop had regarding escalation. Again, however, the other videos on the linked page have what you are missing. As I mentioned above it has th