Plus, a black hole doesn't have a greater mass than the sun it spawned from (quite the contrary, as it would appear some mass is lost during the "conversion"). It's just a whole lot denser (same mass but lesser size == greater density).
European here. After a few years in London and then some time in Australia where things didn't pan out so great, I decided to head back to the old country, south of France.
Turns out I only lost about 10% on the salary, when really, I expected the cut to be more something like 30-40%. Turns out that if you find the right employer, they will go the extra mile if they've estimated your worth correctly.
Disclaimer: I used to work for one of the companies cited in this post.
I highly doubt that cars have such a sophisticated method of authentication. Simply considering the fact that the Vasco/ActivIdentity/RSA OTP dongles (the small dongles with a 10-digit screen, and sometimes a keypad for PIN code) require pretty nifty algorithms around desynchronisation (32-bit clock counter with only 22 or 24 MSBs used or so) due to clock drift, and that resynchronisation is an absolute pain in the bum to handle.
Sure, the reason why those dongles are so prone to clock drift is because there is a relatively massive delay between the generation and the user keying it into the computer keyboard, but the problem is the same for a car: if the car uses the time stamp to validate a key's authentication request, then both needs to be synchronised. How is this done? Every time the key is connected to the ignition? Could be. Otherwise, if there is _no_ validation of the time stamp, then there is no use for a clock in either devices.
The other mechanism that could be used is an event counter. Every time the button is pressed, the event counter gets incremented. Part of the event counter is transmitted in clear text (for example, the last digit), so that there aren't too many calculations that need to be done.
Example: Last used internal event counter value is 1224 (last used value to interact with the car), this number is known to both the car and fob. The fob is activated a few times out of range of the car, so the counter for the fob is now 1241, but the car still expects 1225, in a best case scenario. The fob transmits in clear text last digit value "1". Now, the car only has to test 1231, 1241, 1251, 1261. Admitting a range of +50, for people with too much caffeine, or whatever range can be calculated in a time sufficiently short that it seems "instant". The rest of the request is encrypted using a symmetric key (_not_ PKI), probably something like 3DES, the strength of the key doesn't really matter, as long as it can't be decrypted fast enough to enable brute force.
3DES still requires a good 10 hours or so to be broken, IIRC (feel free to correct me), so it really does the job. As soon as the code is transmitted, a new 3DES key is generated using the event counter and the old key as salt. This new key will be used to encrypt future transmissions. The fob simply needs a bit of memory to store the event counter in a way that is not dependent on the battery, so that even if the battery is depleted or removed, it can resume operation (also, a lot cheaper in terms of battery usage than using a clock counter).
I have no degree to speak of, however decent people skills (meaning I can wear a suit and talk my way through a decent presentation in front of a decision-making audience) and loads of free time spent learning development (the language doesn't really matter) gave me the opportunity to fly around the world with a 140k+ euro a year job at age 24.
In my first year of employment, I negotiated two pay raises, and in the second, negotiated a tech lead position for APAC at the company. I left, and now went from C++ dev to product manager in 5 months time. And yes, wearing a suit without being asked, and inviting people for golf is part of it.
The Portuguese keyboard uses a qwerty layout, which means that the row of keys above qwerty... provide 123456 without the use of shift. An azerty layout, however, requires the use of shift to get the numeric value of the keys. For instance, on the French keyboard layout, as stated in my initial post, you need to use caps lock to get a capital É (same key as 2), or shift plus the key to get 2, or the key alone to get é.
Under Linux, the only way to get a capital E with an accent on it (É or È, and loads of others) is by going to caps lock, and then hitting the correct key on the keyboard (on a French keyboard, where the 2, above a and z). Using shift results in "2", rather than a capital version of the special letter.
When looking carefully at the photo I seemed to see the lovechild of Jamie Oliver and Ricky Gervais on the left, and a small version of Richard Hammond on the right.
Authentication isn't difficult. One your file server, install Windows 2003 or 2008. Set it up as an LDAP server and plonk a DC on it (all done in one step). Name it something like dc-1.yourngo.org. It doesn't really matter, it's an internal name. If the AD isn't available (people away, network down), the local Windows cache will still allow them to log in for a week or two, depending on your AD configuration. The DC and AD thingies are provided for free with the server edition.
After that, it's easy to plug in SSO systems such as ActivIdentity's Single Sign-On (Disclaimer: I used to work for them, but don't have stock) which really takes away a lot of password management troubles.
Heck, even the CA is provided free with the OS and has good integration with AD, and is less of a pain to setup than say the FOSS one, EJBCA, or any commercial ones (Entrust, Verizon, etc).
Now, as to why. Well, easy. You can centrally manage what people have access to. You can centrally manage the groups, and have decent rights management when it comes to file sharing. Just set-up a sales shared directory, an IT one (for all the porn), and whatever sections you one, plus 2 or 3 directories for intra-section file sharing. Parent said that it's not worth the price, but I'm convinced this isn't the right idea. Nearly every product that will be used by more than one person has LDAP/AD integration. Granted, I have no idea what your business case is, but if you have any CRM, any customer management, you'll want to be able to track user ids and authentication logs.
To be honest, it sounds like you don't have a clue what your business case is either. I suggest you write up a nice proposal for a few ideas you have, and get the ball rolling around those discussions. Nothing major, don't go into meeting frenzy, but send it to some of your collaborators, and ask them for their opinion as you grab coffee or lunch together. Don't forget that you're the tool provider here, you can issue an opinion, but you should try to accommodate their needs, not your desires.
Basically, go back to the drawing board: gather requirements, push a solution definition, build the technical specification and then just try it out.
To help you out on the first bit:
- Is central authentication required?
- List number of advantages/inconveniences here.
Note that in most European countries, as the mobile phone billing system is reversed (caller pays, not callee, unless roaming in another country) it is quite popular to have mobile phone numbers in the yellow/white pages.
Just looking at the pizza section of my local area, about half the numbers are mobile numbers. Looking at the doctor section, all the doctors that do house calls have a mobile listed. Some people have the same mobile number for longer than their landline. During my teens, I had one mobile phone number, and about 8 different landlines.
This being said, you have to draw a line at some point. Would I look up my neighbour's number at 2AM? No, I'd just pull the curtains after giving him the finger. If I need to urgently call a teacher, why don't I already have the number? When I was a kid, the head teacher would ask for our phone number, at the beginning of every year. I did exactly the same, and wrote it down somewhere.
Plus, the shoot-first argument is only valid in the US. To be fair, I've never had a neighbour who'd stop something I found annoying even if I asked. Having a phone number wouldn't really matter anyway.
I had to read TFS a few times, because I kept reading: "On October 26 2000, Norwegians watched the sun set." I'm a big sleeper, but even so, 10 years of darkness seemed really hardcore to me.
In France for example, you can take the picture of someone on the street, but you're not allowed to publish it. You need to have a signed waiver from the person, or the legal guardian. Even furniture and houses benefit from this.
What it basically means, is that I can't use the picture of a specific house to try and sell the house I'm currently building. It also means that I could get in trouble for putting a picture of myself on Flickr if there happens to be an identifiable stranger in the background. I also can't publish a picture of a (for the sake of example) chest-drawer in the middle of a public street, or sell it, or show it during an art expo and gain material benefits from it, unless the owner of the chest drawer signed a waiver.
However, I can take a picture of a bunch of people who are demonstrating (quite common for the past weeks in France), provided that I'm photographing "a group of people demonstrating", not "a person". Though, when you think about the 18+ megapixel cameras any sufficiently committed amateur photographer can get their hands on, I wonder where the line is drawn. Can I crop?
I'm quite an avid photographer; the UK/Australia/US rules on this were an absolute godsend (rough lines: don't breach the "expectation of privacy" and you're good to go). Well, that was in the days before Stonehenge was built.
I easily run up to 3 gigs of email per month. I use auto-archiving, but there's just a lot of stuff I need to keep in my inbox for searching and reference. Most of these are pdf files going back and forth: 10, 20 revisions of the same 6MB PDF file isn't unheard of, so that's between 60 and 120MB just on one email thread, per day.
Now take into account I get between 150 and 250 emails per day, and archiving becomes a very nasty thing. I usually chalk it off as admin work, and it takes me about an hour or two to weed through it every month. I have a hard drive that is dedicated to email backup.
It might be easy to hand write the details off the screen for circumvention, but that is only going to net you a small data set. These systems are designend to stop people walking off with entire client databases and that type of thing. In the governemnt, it's more about keyword 'flagging' that sends the MIB to your desk on very short notice.
I guess that instead of writing it down, or copying 500 pages worth of documents that might get me noticed as I walk out of the door on my last, I'll just have to... Hmm, I dunno, encrypt it and email it? Drop it on an FTP? Drop it on an SSH box on port 443? Heck, USB-dongle it? Burn it on a CD?
Funny part is, FTP, USB dongle or CD burning will probably be blocked, and email might be monitored; however SSL webmail or random SSL website won't (FWIW: I spent some time at the Australian Department of Transport, and webmail was freely accessible, as soon as someone signed off about you getting internet access).
Slashdot Mirror
Plus, a black hole doesn't have a greater mass than the sun it spawned from (quite the contrary, as it would appear some mass is lost during the "conversion"). It's just a whole lot denser (same mass but lesser size == greater density).
European here. After a few years in London and then some time in Australia where things didn't pan out so great, I decided to head back to the old country, south of France.
Turns out I only lost about 10% on the salary, when really, I expected the cut to be more something like 30-40%. Turns out that if you find the right employer, they will go the extra mile if they've estimated your worth correctly.
Disclaimer: I used to work for one of the companies cited in this post.
I highly doubt that cars have such a sophisticated method of authentication. Simply considering the fact that the Vasco/ActivIdentity/RSA OTP dongles (the small dongles with a 10-digit screen, and sometimes a keypad for PIN code) require pretty nifty algorithms around desynchronisation (32-bit clock counter with only 22 or 24 MSBs used or so) due to clock drift, and that resynchronisation is an absolute pain in the bum to handle.
Sure, the reason why those dongles are so prone to clock drift is because there is a relatively massive delay between the generation and the user keying it into the computer keyboard, but the problem is the same for a car: if the car uses the time stamp to validate a key's authentication request, then both needs to be synchronised. How is this done? Every time the key is connected to the ignition? Could be. Otherwise, if there is _no_ validation of the time stamp, then there is no use for a clock in either devices.
The other mechanism that could be used is an event counter. Every time the button is pressed, the event counter gets incremented. Part of the event counter is transmitted in clear text (for example, the last digit), so that there aren't too many calculations that need to be done.
Example: Last used internal event counter value is 1224 (last used value to interact with the car), this number is known to both the car and fob. The fob is activated a few times out of range of the car, so the counter for the fob is now 1241, but the car still expects 1225, in a best case scenario. The fob transmits in clear text last digit value "1". Now, the car only has to test 1231, 1241, 1251, 1261. Admitting a range of +50, for people with too much caffeine, or whatever range can be calculated in a time sufficiently short that it seems "instant". The rest of the request is encrypted using a symmetric key (_not_ PKI), probably something like 3DES, the strength of the key doesn't really matter, as long as it can't be decrypted fast enough to enable brute force.
3DES still requires a good 10 hours or so to be broken, IIRC (feel free to correct me), so it really does the job. As soon as the code is transmitted, a new 3DES key is generated using the event counter and the old key as salt. This new key will be used to encrypt future transmissions. The fob simply needs a bit of memory to store the event counter in a way that is not dependent on the battery, so that even if the battery is depleted or removed, it can resume operation (also, a lot cheaper in terms of battery usage than using a clock counter).
My 2c,
He was simply inspired by The Day After Tomorrow.
I'd have to agree with what you're saying.
I have no degree to speak of, however decent people skills (meaning I can wear a suit and talk my way through a decent presentation in front of a decision-making audience) and loads of free time spent learning development (the language doesn't really matter) gave me the opportunity to fly around the world with a 140k+ euro a year job at age 24.
In my first year of employment, I negotiated two pay raises, and in the second, negotiated a tech lead position for APAC at the company. I left, and now went from C++ dev to product manager in 5 months time. And yes, wearing a suit without being asked, and inviting people for golf is part of it.
It's not a bug, it's a different keyboard layout.
The Portuguese keyboard uses a qwerty layout, which means that the row of keys above qwerty... provide 123456 without the use of shift. An azerty layout, however, requires the use of shift to get the numeric value of the keys. For instance, on the French keyboard layout, as stated in my initial post, you need to use caps lock to get a capital É (same key as 2), or shift plus the key to get 2, or the key alone to get é.
Under Linux, the only way to get a capital E with an accent on it (É or È, and loads of others) is by going to caps lock, and then hitting the correct key on the keyboard (on a French keyboard, where the 2, above a and z). Using shift results in "2", rather than a capital version of the special letter.
Why was this modded insightful? The World Health Organisation's only war is on diabetes, and that's clearly not a lie.
When looking carefully at the photo I seemed to see the lovechild of Jamie Oliver and Ricky Gervais on the left, and a small version of Richard Hammond on the right.
Well... I say "small", but...
+1 on nearly everything, except authentication.
Authentication isn't difficult. One your file server, install Windows 2003 or 2008. Set it up as an LDAP server and plonk a DC on it (all done in one step). Name it something like dc-1.yourngo.org. It doesn't really matter, it's an internal name. If the AD isn't available (people away, network down), the local Windows cache will still allow them to log in for a week or two, depending on your AD configuration. The DC and AD thingies are provided for free with the server edition.
After that, it's easy to plug in SSO systems such as ActivIdentity's Single Sign-On (Disclaimer: I used to work for them, but don't have stock) which really takes away a lot of password management troubles.
Heck, even the CA is provided free with the OS and has good integration with AD, and is less of a pain to setup than say the FOSS one, EJBCA, or any commercial ones (Entrust, Verizon, etc).
Now, as to why. Well, easy. You can centrally manage what people have access to. You can centrally manage the groups, and have decent rights management when it comes to file sharing. Just set-up a sales shared directory, an IT one (for all the porn), and whatever sections you one, plus 2 or 3 directories for intra-section file sharing. Parent said that it's not worth the price, but I'm convinced this isn't the right idea. Nearly every product that will be used by more than one person has LDAP/AD integration. Granted, I have no idea what your business case is, but if you have any CRM, any customer management, you'll want to be able to track user ids and authentication logs.
To be honest, it sounds like you don't have a clue what your business case is either. I suggest you write up a nice proposal for a few ideas you have, and get the ball rolling around those discussions. Nothing major, don't go into meeting frenzy, but send it to some of your collaborators, and ask them for their opinion as you grab coffee or lunch together. Don't forget that you're the tool provider here, you can issue an opinion, but you should try to accommodate their needs, not your desires.
Basically, go back to the drawing board: gather requirements, push a solution definition, build the technical specification and then just try it out.
To help you out on the first bit:
- Is central authentication required?
- List number of advantages/inconveniences here.
Note that in most European countries, as the mobile phone billing system is reversed (caller pays, not callee, unless roaming in another country) it is quite popular to have mobile phone numbers in the yellow/white pages.
Just looking at the pizza section of my local area, about half the numbers are mobile numbers. Looking at the doctor section, all the doctors that do house calls have a mobile listed. Some people have the same mobile number for longer than their landline. During my teens, I had one mobile phone number, and about 8 different landlines.
This being said, you have to draw a line at some point. Would I look up my neighbour's number at 2AM? No, I'd just pull the curtains after giving him the finger. If I need to urgently call a teacher, why don't I already have the number? When I was a kid, the head teacher would ask for our phone number, at the beginning of every year. I did exactly the same, and wrote it down somewhere.
Plus, the shoot-first argument is only valid in the US. To be fair, I've never had a neighbour who'd stop something I found annoying even if I asked. Having a phone number wouldn't really matter anyway.
"Territorial integrity"? Does that mean it's illegal for people to protest about getting Scotland's independence while they're in London?
Nope, it means that if you shout too strongly near the white cliffs and a pebble falls off, you get beheaded.
140 characters ought to be enough for anybody.
As far as I know, Twitter doesn't behave this way. If you log out on machine_x, only machine_x is logged out. Not the attacker.
GMail's "Destroy all other sessions" would be closer to the behaviour you're talking about.
So you think Oracle bought Sun because it was a company that was losing money?
Or because it provided Oracle with opportunities to make money?
I had to read TFS a few times, because I kept reading: "On October 26 2000, Norwegians watched the sun set." I'm a big sleeper, but even so, 10 years of darkness seemed really hardcore to me.
Jesus was the snake all along?
CmdrTaco, is that you?
You duped yourself!
Do you really believe untagging a picture results in a DELETE FROM... rather than a UPDATE TABLE ... SET public='false'?
Well, it's already a big mess.
In France for example, you can take the picture of someone on the street, but you're not allowed to publish it. You need to have a signed waiver from the person, or the legal guardian. Even furniture and houses benefit from this.
What it basically means, is that I can't use the picture of a specific house to try and sell the house I'm currently building. It also means that I could get in trouble for putting a picture of myself on Flickr if there happens to be an identifiable stranger in the background. I also can't publish a picture of a (for the sake of example) chest-drawer in the middle of a public street, or sell it, or show it during an art expo and gain material benefits from it, unless the owner of the chest drawer signed a waiver.
However, I can take a picture of a bunch of people who are demonstrating (quite common for the past weeks in France), provided that I'm photographing "a group of people demonstrating", not "a person". Though, when you think about the 18+ megapixel cameras any sufficiently committed amateur photographer can get their hands on, I wonder where the line is drawn. Can I crop?
I'm quite an avid photographer; the UK/Australia/US rules on this were an absolute godsend (rough lines: don't breach the "expectation of privacy" and you're good to go). Well, that was in the days before Stonehenge was built.
The discipline that applies into everything, but in itself is about nothing (real).
I think you'll find that math is in fact a lot about reals.
Don't worry, eating a kebab won't make you go jihad on your family.
I easily run up to 3 gigs of email per month. I use auto-archiving, but there's just a lot of stuff I need to keep in my inbox for searching and reference. Most of these are pdf files going back and forth: 10, 20 revisions of the same 6MB PDF file isn't unheard of, so that's between 60 and 120MB just on one email thread, per day.
Now take into account I get between 150 and 250 emails per day, and archiving becomes a very nasty thing. I usually chalk it off as admin work, and it takes me about an hour or two to weed through it every month. I have a hard drive that is dedicated to email backup.
It might be easy to hand write the details off the screen for circumvention, but that is only going to net you a small data set. These systems are designend to stop people walking off with entire client databases and that type of thing. In the governemnt, it's more about keyword 'flagging' that sends the MIB to your desk on very short notice.
I guess that instead of writing it down, or copying 500 pages worth of documents that might get me noticed as I walk out of the door on my last, I'll just have to... Hmm, I dunno, encrypt it and email it? Drop it on an FTP? Drop it on an SSH box on port 443? Heck, USB-dongle it? Burn it on a CD?
Funny part is, FTP, USB dongle or CD burning will probably be blocked, and email might be monitored; however SSL webmail or random SSL website won't (FWIW: I spent some time at the Australian Department of Transport, and webmail was freely accessible, as soon as someone signed off about you getting internet access).
I think "Science Education" is a #politicsissue (http://bit.ly/dbtbg8)
At least it got that one right.
http://twitter.com/cmunell/status/27011868576