Nevermind that hashing will take a hell of a lot longer than check the entire plaintext password. Nevermind that checking the entire plaintext password is valuable if security matters
Yes, but there is an acceptable alternative to checking the entire plaintext password while there is no acceptable alternative to hashing the password. If there's an equally secure alternative that requires less computation, why not use it?
This is all about hooking up to your TV without requiring a bunch of setup from your laptop or a dedicated computer. Instead of fucking around with cables every time you want to hook your laptop up, you just have to plug a box in permanently and enable it on your laptop when you want to. I don't know if it'll catch on, but it's definitely aiming for a different niche.
Police spends more money protecting your home than the value of merchandise in it
No they don't. The police spend a lot less protecting homes than the value of those homes. Comparing the costs of cops for an entire city to a single home would be ignorant at best.
the "we can get away with it since it's too expensive to stop us" does not help the argument that copying music without restrictions should be legal.
Nobody's making that argument, and the only time I hear that is when people like you get on to troll the site. The indignation exists for a few reasons:
For years the RIAA opposed legitimate means of digital distribute, even going so far as to say that ripping your music collection for personal use was illegal.
The gross injustice of the situation. If their defendants spent over $10 million on their defense, then they wouldn't have gotten such a huge settlement. It's ridiculous that such an imbalance can so blatantly be exploited.
Copyright law as interpreted by these companies doesn't allow creative uses of music, like remixes and clips of music used in another work (documentaries, etc). These legitimate uses of a copyrighted work contribute to society overall and to the artists' coffers since they tend to make the artists' music more popular.
The judgement handed down is not anywhere near the actual damages, much less the provable damage.
The tactics they use to catch and prevent file sharing are blatantly immoral and illegal.
If the RIAA didn't shoot themselves in the foot over and over again while also stifling creativity, then I suspect the majority of people on this site wouldn't mind them suing legitimate file sharers.
Features blue characters much like his last film Avatar, however in this case it's due to a lack of oxygen
Which they overcome by embracing the wisdom of the natives. In the end, the protagonist (a white man) will become better at caving than even the natives, thus showing us again that Cameron thinks white men are the best at everything they do.
Every single business I know, including my own, will be picking up the.xxx domain. Do you really think Google is going to allow *anyone* else to own www.google.xxx? Of course not. I am not as big as Google, but I can't let my business name be trashed like that. No business would.
Agreed. My hope would be that the people who pick up vanity domains, hobby domains, squatters, etc would be less apt to pick up the.xxx unless it's applicable. Especially if they make the price higher or don't allow squatters to grab domains for nearly free.
For a while new porn sites will be registered at both.com and.xxx, and the existing sites will still probably be primarily.com (although they'll register.xxx for brand purity). As a filter it will be meaningless, and as a tool for censorship it won't work. Legitimate porn sites tend to not try to get around filtering right now anyway, so the free speech concerns seem overblown.
However, it does offer value to both porn sites and internet users. First, it's a namespace that you always know is porn, so if you're looking for porn this can be a useful tool. Filtering these sites is as easy as it can get, and as mentioned before most porn sites don't try to get around filters anyway. Porn sites now have a way of identifying themselves more fully for customers and they don't have to compete for.com names.
Most importantly in my mind, this could be the easiest way to get people weaned off of.com as the only tld..gov is useful for a small subset of sites,.org can be useful for some sites (although they almost all try to get the.com as well), and.co.uk is the.com of Britain. If they introduce.xxx and it takes off, it'll be a big step forward in making more domain names viable, and I consider that to absolutely be a good thing.
The problem with making statements about where and what kind of life can exist in the universe is that we have only one data point. That's ignoring the question of what conditions on earth led to life.
Dammit, I'm torn between taking the comment as a joke and taking it seriously. Do slaughterhouses even use the spare lungs, and why wouldn't that be the perfect filtering method for things that go through lungs? Damn your humorous yet plausible post!
Computer security is roughly equivalent to real-world security, only the malicious agents are extremely fast, can copy themselves at will, and can hit as many targets as they want simultaneously. When considered from the point of view of real-life security, our software security problems seem almost inevitable.
The central insecurity of software stems from the fact that security requires time and effort, which makes it hard to get management to fully commit to it, and there's nothing in the world that can make a bad or ignorant programmer churn out secure code. There have been solid steps taken that have helped a lot, and programmers are getting more educated, but at the end of the day security requires a lot of effort.
It's also possible that we're not reciprocating any more so they charge us the full price instead of giving us a discount. Put another way, when we had a shuttle, the price of sending astronauts up in Russian craft was partially paid by letting them use our shuttles.
Why is the domain-to-hypervisor path considered any more secure than the userspace-to-kernel path? If it's not, you're just adding more complexity, which could mean more potential for vulnerabilities!
It's considered more secure in the same way that it's more secure to have a firewall instead of just trying to secure the applications. As long as they can secure the interfaces between the host OS and the VMs, they have security. If they don't secure that interface, then they're left with no more vulnerabilities than they had before.
This adds another layer of security on top of Linux which makes it more secure than it would otherwise be.
If history shows anything, giving an attacker any access to run code locally gives them all they need to leverage it into root eventually.
Perhaps, but this is another layer they'll have to get through before they can root the machine. So now they have to exploit the program, gain access to the VM that it's running on, and then jump from that VM to the host OS. It's not a perfect solution and it's almost certainly not impenetrable, but that doesn't keep it from being a useful tool.
The Blackberry is still not as good for average users. It has a nub as opposed to the entire phone being a large touchscreen, making it so that there's less presentation area and flexibility. It has a different class of applications, making it very well suited to business use but not as broadly appealing. The iPhone integrates with computers in a way that's familiar to people who already own iPods. The app store makes it ludicrously easy to install applications.
Most importantly for the applications, the development environment doesn't have legacy cruft like Blackberry's traditionally had, and, because it was able to grab large chunks of the market quickly, it was able to get a robust development ecosystem. The iPhone isn't superior in every way to the Blackberry, but to say that it doesn't win at anything other than "Shiny Shiny" is just plain wrong.
It's all nice and all, but if open video technology really wants to win, they have to be technically better. There is no other way.
Why? Closed formats don't seem to operate under that constraint.
Because closed formats have a company or companies willing to push it for reasons other than technical superiority. Open source relies on a lot of people getting excited about something and pushing it in a more organic way, and for that to happen in a big way then the thing they're pushing has to be technically superior. Linux has gained momentum in its areas by being superior for developers and sysadmins who know what they're doing. Firefox gained momentum the same way. I can't think of an open source product that gained mainstream popularity without being technically superior.
I didn't look for Vorbis support for my phone, but I did look for openness; if that wasn't a factor in your choice of phone, then my sympathy for you is nil
So, only people who spend their valuable time and money getting an open phone instead of the iPhone are worthy of consideration in this debate? Like it or not, the iPhone's dominance isn't because of any media blitz or cult of Apple, it's because it came out in a market where it was by far the best choice and is still superior to any other smartphone I've seen.
So, if you want to prioritize openness in your purchasing, that's fine. But this is about Wikipedia trying to influence the culture as a whole and the emerging standard, and to suggest that this process ignore the vast majority of people is at best naive and at worst extremely damaging to your own position.
While I think them running Windows helped, can you honestly tell me that the attackers couldn't have gotten in through a hole in Linux, Firefox, Flash, or any of the other openings that every usable computer has? With highly targeted attacks like this there's almost nothing that can fully secure the computer, and those things which could fully secure Linux would fully secure Windows as well.
For instance, sandboxing the entire OS. Make them use a separate computer when interacting with the internet as a whole and when interacting with the internal network and not allowing direct connections between the two. But what company's going to be willing to put their employees through that level of hassle, much less the expense of the hardware?
My understanding was that Drizzle was created partly to get it out from under Sun and other corporations. Seems like saying it doesn't have a future with Oracle is like saying that postgres doesn't have a future with Oracle.
It will be too bad if Drizzle's the only place where exciting development takes place on the MySQL base. Say what you will about MySQL, there are a lot of shops that rely on it and would love to see it come closer to parity with other database programs.
Slashdot Mirror
I'd like to point out that the image your eyes send you "is NOT 3d, you CANNOT get 3d from a 2d" retina.
OK, I modded it up but everything's still the same. What do I do now?
Nevermind that hashing will take a hell of a lot longer than check the entire plaintext password. Nevermind that checking the entire plaintext password is valuable if security matters
Yes, but there is an acceptable alternative to checking the entire plaintext password while there is no acceptable alternative to hashing the password. If there's an equally secure alternative that requires less computation, why not use it?
This is all about hooking up to your TV without requiring a bunch of setup from your laptop or a dedicated computer. Instead of fucking around with cables every time you want to hook your laptop up, you just have to plug a box in permanently and enable it on your laptop when you want to. I don't know if it'll catch on, but it's definitely aiming for a different niche.
Police spends more money protecting your home than the value of merchandise in it
No they don't. The police spend a lot less protecting homes than the value of those homes. Comparing the costs of cops for an entire city to a single home would be ignorant at best.
the "we can get away with it since it's too expensive to stop us" does not help the argument that copying music without restrictions should be legal.
Nobody's making that argument, and the only time I hear that is when people like you get on to troll the site. The indignation exists for a few reasons:
If the RIAA didn't shoot themselves in the foot over and over again while also stifling creativity, then I suspect the majority of people on this site wouldn't mind them suing legitimate file sharers.
seeing the extreme conditions man will venture into to quench an unstoppable curiosity.
Or to get chicks. Some people will do anything to impress chicks.
Features blue characters much like his last film Avatar, however in this case it's due to a lack of oxygen
Which they overcome by embracing the wisdom of the natives. In the end, the protagonist (a white man) will become better at caving than even the natives, thus showing us again that Cameron thinks white men are the best at everything they do.
nobody likes CRTs because you can't place several monitors one behind the other without taking a huge amount of space
The rise of LCD monitors in a nutshell right there.
They can install sensors that can collect samples from the bathrooms at airports (or onboard airplanes themselves) as everyone needs to go.
And this high tech, extremely expensive system can be overcome by...holding it. You should work for the TSA.
Every single business I know, including my own, will be picking up the .xxx domain. Do you really think Google is going to allow *anyone* else to own www.google.xxx? Of course not. I am not as big as Google, but I can't let my business name be trashed like that. No business would.
Agreed. My hope would be that the people who pick up vanity domains, hobby domains, squatters, etc would be less apt to pick up the .xxx unless it's applicable. Especially if they make the price higher or don't allow squatters to grab domains for nearly free.
For a while new porn sites will be registered at both .com and .xxx, and the existing sites will still probably be primarily .com (although they'll register .xxx for brand purity). As a filter it will be meaningless, and as a tool for censorship it won't work. Legitimate porn sites tend to not try to get around filtering right now anyway, so the free speech concerns seem overblown.
.com names.
.com as the only tld. .gov is useful for a small subset of sites, .org can be useful for some sites (although they almost all try to get the .com as well), and .co.uk is the .com of Britain. If they introduce .xxx and it takes off, it'll be a big step forward in making more domain names viable, and I consider that to absolutely be a good thing.
However, it does offer value to both porn sites and internet users. First, it's a namespace that you always know is porn, so if you're looking for porn this can be a useful tool. Filtering these sites is as easy as it can get, and as mentioned before most porn sites don't try to get around filters anyway. Porn sites now have a way of identifying themselves more fully for customers and they don't have to compete for
Most importantly in my mind, this could be the easiest way to get people weaned off of
Coed: Why are you doing these things to me and taping it again, professor?
Professor: For science!
The problem with making statements about where and what kind of life can exist in the universe is that we have only one data point. That's ignoring the question of what conditions on earth led to life.
Dammit, I'm torn between taking the comment as a joke and taking it seriously. Do slaughterhouses even use the spare lungs, and why wouldn't that be the perfect filtering method for things that go through lungs? Damn your humorous yet plausible post!
Agreed. If we ever have a major data spill, we can just shoot junk at it like old golf balls. Problem solved.
Computer security is roughly equivalent to real-world security, only the malicious agents are extremely fast, can copy themselves at will, and can hit as many targets as they want simultaneously. When considered from the point of view of real-life security, our software security problems seem almost inevitable.
The central insecurity of software stems from the fact that security requires time and effort, which makes it hard to get management to fully commit to it, and there's nothing in the world that can make a bad or ignorant programmer churn out secure code. There have been solid steps taken that have helped a lot, and programmers are getting more educated, but at the end of the day security requires a lot of effort.
What you're asking for is the Fischer Chess of RTS games. I think there's a market for it, but, like Fischer Chess, it won't be as popular.
It's also possible that we're not reciprocating any more so they charge us the full price instead of giving us a discount. Put another way, when we had a shuttle, the price of sending astronauts up in Russian craft was partially paid by letting them use our shuttles.
Find $60G and prove that to us
I believe you're a few orders of magnitude off.
please...correct me
You're welcome.
Why is the domain-to-hypervisor path considered any more secure than the userspace-to-kernel path? If it's not, you're just adding more complexity, which could mean more potential for vulnerabilities!
It's considered more secure in the same way that it's more secure to have a firewall instead of just trying to secure the applications. As long as they can secure the interfaces between the host OS and the VMs, they have security. If they don't secure that interface, then they're left with no more vulnerabilities than they had before.
If history shows anything, giving an attacker any access to run code locally gives them all they need to leverage it into root eventually.
Perhaps, but this is another layer they'll have to get through before they can root the machine. So now they have to exploit the program, gain access to the VM that it's running on, and then jump from that VM to the host OS. It's not a perfect solution and it's almost certainly not impenetrable, but that doesn't keep it from being a useful tool.
The Blackberry is still not as good for average users. It has a nub as opposed to the entire phone being a large touchscreen, making it so that there's less presentation area and flexibility. It has a different class of applications, making it very well suited to business use but not as broadly appealing. The iPhone integrates with computers in a way that's familiar to people who already own iPods. The app store makes it ludicrously easy to install applications.
Most importantly for the applications, the development environment doesn't have legacy cruft like Blackberry's traditionally had, and, because it was able to grab large chunks of the market quickly, it was able to get a robust development ecosystem. The iPhone isn't superior in every way to the Blackberry, but to say that it doesn't win at anything other than "Shiny Shiny" is just plain wrong.
It's all nice and all, but if open video technology really wants to win, they have to be technically better. There is no other way.
Why? Closed formats don't seem to operate under that constraint.
Because closed formats have a company or companies willing to push it for reasons other than technical superiority. Open source relies on a lot of people getting excited about something and pushing it in a more organic way, and for that to happen in a big way then the thing they're pushing has to be technically superior. Linux has gained momentum in its areas by being superior for developers and sysadmins who know what they're doing. Firefox gained momentum the same way. I can't think of an open source product that gained mainstream popularity without being technically superior.
I didn't look for Vorbis support for my phone, but I did look for openness; if that wasn't a factor in your choice of phone, then my sympathy for you is nil
So, only people who spend their valuable time and money getting an open phone instead of the iPhone are worthy of consideration in this debate? Like it or not, the iPhone's dominance isn't because of any media blitz or cult of Apple, it's because it came out in a market where it was by far the best choice and is still superior to any other smartphone I've seen.
So, if you want to prioritize openness in your purchasing, that's fine. But this is about Wikipedia trying to influence the culture as a whole and the emerging standard, and to suggest that this process ignore the vast majority of people is at best naive and at worst extremely damaging to your own position.
While I think them running Windows helped, can you honestly tell me that the attackers couldn't have gotten in through a hole in Linux, Firefox, Flash, or any of the other openings that every usable computer has? With highly targeted attacks like this there's almost nothing that can fully secure the computer, and those things which could fully secure Linux would fully secure Windows as well.
For instance, sandboxing the entire OS. Make them use a separate computer when interacting with the internet as a whole and when interacting with the internal network and not allowing direct connections between the two. But what company's going to be willing to put their employees through that level of hassle, much less the expense of the hardware?
My understanding was that Drizzle was created partly to get it out from under Sun and other corporations. Seems like saying it doesn't have a future with Oracle is like saying that postgres doesn't have a future with Oracle.
It will be too bad if Drizzle's the only place where exciting development takes place on the MySQL base. Say what you will about MySQL, there are a lot of shops that rely on it and would love to see it come closer to parity with other database programs.