When SSO started appearing more and more browsers starting having the feature of saving the passwords into the browser, or some external program to manage it.
I don't trust most SSO, esp facebook as I don't want to end up with a bunch of crap on my wall that website decide to post...
I currently work at Manwin and we are looking for mathematicians to help optimise ad revenue. http://manwinjobs.com/ for more, it would probably be in the Montreal office.
Recently a consumer interest show in Quebec did a report on private cord banks. One of the big sticking point is that the window of actual usefulness is relatively short as there is only a small quantity of stem cells available, and usually once someone is over 50kg there is not enough stem cells for treatment.
Well let's do more math. I'm driving an Altima, that costed about 29k new.
40k - 29k = 11k for gasoline. I'm spending about 60$ per week on gasoline, so that comes out to 3120$ per year. I always lease for 4 years ( I just don't have the time to always fix the car ) so that comes to 12480$ overall. The average price I pay for gas is probably around 1.28$/liter. The prices in QC tend to follow a sin wave of +/- 10c on a graph, trending up or down. Not only that, but the supply for Montreal comes from the Brent barrel, which tends to be more expensive then regular oil.
Most of my commute is (return) well within the 35 miles EV range, and from what I understand the heating is electric.
This is before the subsidy in QC for the Volt (not sure how much, but afaik it's in the 5 to 7k range).
So in my case it would make sense to switch to a Volt or even a LEAF once the lease on my current car finishes.
One of the problem with the Prius in Montreal is that you need heating 6 months in a year. Last I heard, the heater was still powered through the gas engine which means that I'm using fuel most of time. Also having to use gas to go about 30kph is retarded.
I also saw people complaining how Megaupload didn't take down some files, even if someone reported them as pirated content. However, only copyright owner is able to fill a proper DMCA notice. You can not, as a random citizen, submit a DMCA notice and expect the file to be taken down. Let alone just reporting a 'pirated file' via email.
There is a lot of copyright management companies out there that do the work for the *AA. There is no provided way to validate a specific takedown. Say you run a site like MegaUpload and you receive a takedown notice from a gmail account. Could you really beleive in the email as being done in good faith? What about all those companies that don't even take the time to publish SPF records.
As reported by MegaUpload, 70% of fortune 500 companies had accounts linked to them. How would you sort out what is infringing from what isn't? It could happen that works in progress and final works get distributed internally that way.
There is also the the matter of volume. In the indictment, it says that Carpathia (a hosting provided) provided 25PB to megaupload. This would be a lot of files to verify. And even then you could make a lot of false positive and a lot of false negative. It is not specified how much data capacity was at Leaseweb, however the amount of servers was similar.
As for deleting the files, the DMCA doesn't require that. It says:
"(iii) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material;"
Removing the link in question would disable access to the material, which is what MegaUpload did.
I usually open up the cover, power it the drive up so it spins (so a platter is exposed), use a dremel with a grinder attachment to damage the first layer. This will already make it unrecoverable.
After that I take the bunch of platters and bring it to a scrap metal dealer so it can be recycled / smelted.
Instead of spending so much money on the hopeless white elephant of online voting, they should just give out 50 to 100$ cash at the polling station to everyone who actually votes.
Even an online voting system where the whole software stack is open source, hardware is standard commodity hardware, with feeds of the votes cast provided live to all political parties, and with the software stack and hardware specs provided to the parties and independent observers, it would still be impossible to protect against the gazillions of issues on the voter's computers that could still affect the results.
Even though it looks like one issue, these issues reach deep into the other more mainstream issues. Just in Quebec, faster generics can save at least 3 billion$ (that's a pessimistic estimate) on the cost of providing the publicly funded drug plan. That's all money that can be reused elsewhere.
It will be our own SSL CA, initially the launch will only support OpenVPN, but other technologies might be added later if we're confident that they are secure.
It's even worse then you think. The CRTC, as part of the way it is organized, is actually headed by ex-directors of the telecommunications companies.
When a company wants to add more charges to fleece customers it usually follow this flow: 1. Apply to CRTC 2. CRTC posts public comments 3. CRTC ignores 99% of the against comments and grants between 30 and 50% of the request 4. Provider appeals 5. CRTC restarts the process, media by then has started ignoring the issue at point 1 6. CRTC grants the appeal, keeping some elements "for further review" 7. CRTC accepts the last elements after the "further review", thus the telcos get their pie and CRTC saves face.
As for choice, I'm living in suburbia of Montreal. 2nd biggest city of Canada. We have 2 providers for the infrastructure: Bell and Videotron. Videotron started usage based billing years ago, they also monitor connections and send you bitchy emails if you dare use P2P or BitTorrent. They are also owned by Quebecor, a major media conglomerate.
The only 2 "competitors" I know of are SkyNetCanada (800$ setup fee + 100$/month for 3mbps) and FibreNoire, which would be happy to get service to my house if I pay the build fee (10000$+).
In Quebec while the contract is with the retailer, you can sue the both the retailer and the manufacturer for problems and liabilities.
In fact, stopping games from working with an older version of the firmware could also be used in court, as these are all conditions that are added after the initial contract (the sale). Furthermore, the consumer rights law in Quebec are very clear on the point that no contract can revoke any rights granted by the law.
The name "Pirate" is a great attention grabber, and by utilising it, we hope to change the connotations of the name, and help show that people considered "pirates", roughly 85% of the Canadian population, are not criminals, and are as legitimate as we are.
There was a judgment that basically said that since we pay the cd-tax, we can't be sued civilly for using CDs to pirate music. That was appealed and set aside, meaning that legally the issue is undecided. The RCMP (our FBI) also said that they have much more important things to do then to investigate personal use pirates.
Keep in mind that there is also much more to the Pirate Party then file sharing. Patents and Privacy are also very important aspects we fight on, and we've recently added Digital Sovereignty to counteract the Cybersecurity bill in the USA.
I manage a bunch of physical and VPS servers, all colocated at various facilities. Using gvpe and dedicated switches, I've built a VPN between the locations and my house that allows ssh access between the machines. The vast majority of SSH servers only listen on the private IP address. There is no special access for traffic inside the VPN, and ssh keys are mandatory to login to these servers.
In case something happens to the VPN gateways, there is an alternate host that accepts connections using port knocking (which is about 100% effective against automated attacks) and contains a whitelist of known good IP addresses.
Fail2Ban still runs on it and it can ban IP addresses on the VPN is something untowards happen.
Sometimes my customers require SSH access to the server. I apply the following order of preference:
OpenVPN/PPTP to the client machines
Port knocking
Different SSH Port
The problem is that all solutions need more work from the customer and that's sometimes something they just don't want to deal with. If I'm really really stuck, what I do is set fail2ban to block on the first failed attempt. That server also gets removed from the VPN network and thus do not get any backup or MySQL replication.
No matter what, there is no root password login enabled.
Not knowing the load required on the UPS makes it very hard to tell what kind of UPS you need. You need to know how many watts are used in the rack to be able to plan some proper UPS capacity.
apcupsd can be networked between machines and can trigger auto shutdowns of all of them, including VM guests.
Some virtual machine system can also suspend all VMs on shutdown which could be a better alternative then shutting them down. Again, without knowing which VM system you use it's hard to get into details.
As a Canadian, I have decided to actively help the Pirate Party set up shop in Canada. I am happy to say that we are on track to apply for registration in the next few weeks. We are just waiting on 2 pieces of paperwork (one from Industry Canada, one from an accounting firm) to complete the huge stack of paperwork we've already accumulated.
A few people are inconvenienced because they have to connect to a different port then the default due to ISP firewalling.
I would really really like it if more ISPs were checking them and silently discard anything that is flagged as spam _AND_ fails SPF instead of bouncing it back.
We get thousands of bounces addressed to non-existant users, which in turn makes into a double bounce. Of course now I've set our system to silently delete them instead. Else it's just a colossal waste of resources.
You can check out ours, Maximum CRM, http://www.maximumcrm.com/ We can do special pricing for non-profit organizations. It is a hosted platform that would replace the contacts in Outlook.
Slashdot Mirror
When SSO started appearing more and more browsers starting having the feature of saving the passwords into the browser, or some external program to manage it.
I don't trust most SSO, esp facebook as I don't want to end up with a bunch of crap on my wall that website decide to post...
I currently work at Manwin and we are looking for mathematicians to help optimise ad revenue. http://manwinjobs.com/ for more, it would probably be in the Montreal office.
Recently a consumer interest show in Quebec did a report on private cord banks.
One of the big sticking point is that the window of actual usefulness is relatively short as there is only a small quantity of stem cells available, and usually once someone is over 50kg there is not enough stem cells for treatment.
Here is the link in french
http://www.radio-canada.ca/emissions/la_facture/2011-2012/Reportage.asp?idDoc=208988
There is an 8 year warranty on the pack.
As for the cost of electricity, too much data is missing, but it would be less then 350$ in any case
$20,000 buys a HELL of a lot of gasoline.
Well let's do more math. I'm driving an Altima, that costed about 29k new.
40k - 29k = 11k for gasoline.
I'm spending about 60$ per week on gasoline, so that comes out to 3120$ per year.
I always lease for 4 years ( I just don't have the time to always fix the car ) so that comes to 12480$ overall.
The average price I pay for gas is probably around 1.28$/liter. The prices in QC tend to follow a sin wave of +/- 10c on a graph, trending up or down. Not only that, but the supply for Montreal comes from the Brent barrel, which tends to be more expensive then regular oil.
Most of my commute is (return) well within the 35 miles EV range, and from what I understand the heating is electric.
This is before the subsidy in QC for the Volt (not sure how much, but afaik it's in the 5 to 7k range).
So in my case it would make sense to switch to a Volt or even a LEAF once the lease on my current car finishes.
One of the problem with the Prius in Montreal is that you need heating 6 months in a year. Last I heard, the heater was still powered through the gas engine which means that I'm using fuel most of time. Also having to use gas to go about 30kph is retarded.
I also saw people complaining how Megaupload didn't take down some files, even if someone reported them as pirated content. However, only copyright owner is able to fill a proper DMCA notice. You can not, as a random citizen, submit a DMCA notice and expect the file to be taken down. Let alone just reporting a 'pirated file' via email.
There is a lot of copyright management companies out there that do the work for the *AA. There is no provided way to validate a specific takedown. Say you run a site like MegaUpload and you receive a takedown notice from a gmail account. Could you really beleive in the email as being done in good faith? What about all those companies that don't even take the time to publish SPF records.
As reported by MegaUpload, 70% of fortune 500 companies had accounts linked to them. How would you sort out what is infringing from what isn't? It could happen that works in progress and final works get distributed internally that way.
What about remixes?
As for just having a bunch of regexes, Hotfile lawsuits against Warner show how it can fail (see: http://arstechnica.com/tech-policy/news/2011/09/hotfile-turns-tables-accusing-warner-brothers-of-dmca-abuse.ars )
There is also the the matter of volume. In the indictment, it says that Carpathia (a hosting provided) provided 25PB to megaupload. This would be a lot of files to verify. And even then you could make a lot of false positive and a lot of false negative. It is not specified how much data capacity was at Leaseweb, however the amount of servers was similar.
As for deleting the files, the DMCA doesn't require that. It says:
"(iii) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material;"
Removing the link in question would disable access to the material, which is what MegaUpload did.
I usually open up the cover, power it the drive up so it spins (so a platter is exposed), use a dremel with a grinder attachment to damage the first layer. This will already make it unrecoverable.
After that I take the bunch of platters and bring it to a scrap metal dealer so it can be recycled / smelted.
Instead of spending so much money on the hopeless white elephant of online voting, they should just give out 50 to 100$ cash at the polling station to everyone who actually votes.
Even an online voting system where the whole software stack is open source, hardware is standard commodity hardware, with feeds of the votes cast provided live to all political parties, and with the software stack and hardware specs provided to the parties and independent observers, it would still be impossible to protect against the gazillions of issues on the voter's computers that could still affect the results.
Even though it looks like one issue, these issues reach deep into the other more mainstream issues.
Just in Quebec, faster generics can save at least 3 billion$ (that's a pessimistic estimate) on the cost of providing the publicly funded drug plan. That's all money that can be reused elsewhere.
It will be our own SSL CA, initially the launch will only support OpenVPN, but other technologies might be added later if we're confident that they are secure.
I've started the canvassing to be the candidate in Laval - Les Îles
I figured that I can't just wait for someone else to do it for me.
I've just opened a twitter account if anyone cares to follow me.
http://twitter.com/stephanebakhos
It's even worse then you think. The CRTC, as part of the way it is organized, is actually headed by ex-directors of the telecommunications companies.
When a company wants to add more charges to fleece customers it usually follow this flow:
1. Apply to CRTC
2. CRTC posts public comments
3. CRTC ignores 99% of the against comments and grants between 30 and 50% of the request
4. Provider appeals
5. CRTC restarts the process, media by then has started ignoring the issue at point 1
6. CRTC grants the appeal, keeping some elements "for further review"
7. CRTC accepts the last elements after the "further review", thus the telcos get their pie and CRTC saves face.
As for choice, I'm living in suburbia of Montreal. 2nd biggest city of Canada.
We have 2 providers for the infrastructure: Bell and Videotron.
Videotron started usage based billing years ago, they also monitor connections and send you bitchy emails if you dare use P2P or BitTorrent. They are also owned by Quebecor, a major media conglomerate.
The only 2 "competitors" I know of are SkyNetCanada (800$ setup fee + 100$/month for 3mbps) and FibreNoire, which would be happy to get service to my house if I pay the build fee (10000$+).
The market is producing an absolute pants load of entertainment every week.
This is what is coming for the rest of this month (20 days)
24 movies (only cinema, not DVD releases)
33 CD
8 X360 games
How are we supposed to sort through all of this with the very limited demos available?
Should we just remain apathetic to it all?
Many of us also took a lot of guesses at various products and got burnt big time.
If you want to get politically active, a political party is needed.
Pirate Party of Canada
www.pirateparty.ca
In Quebec while the contract is with the retailer, you can sue the both the retailer and the manufacturer for problems and liabilities.
In fact, stopping games from working with an older version of the firmware could also be used in court, as these are all conditions that are added after the initial contract (the sale). Furthermore, the consumer rights law in Quebec are very clear on the point that no contract can revoke any rights granted by the law.
The name "Pirate" is a great attention grabber, and by utilising it, we hope
to change the connotations of the name, and help show that people considered
"pirates", roughly 85% of the Canadian population, are not criminals, and
are as legitimate as we are.
Pretty much this is a major legal limbo.
There was a judgment that basically said that since we pay the cd-tax, we can't be sued civilly for using CDs to pirate music. That was appealed and set aside, meaning that legally the issue is undecided. The RCMP (our FBI) also said that they have much more important things to do then to investigate personal use pirates.
http://en.wikipedia.org/wiki/File_sharing_in_Canada has a decent writeup of the situation.
Keep in mind that there is also much more to the Pirate Party then file sharing. Patents and Privacy are also very important aspects we fight on, and we've recently added Digital Sovereignty to counteract the Cybersecurity bill in the USA.
guest@xkcd:/$ who
Doctor Who?
(on the last comic)
guest@xkcd:/$ next
Time travel mode not enabled.
guest@xkcd:/$ enable time travel
TARDIS error: Time Lord missing.
guest@xkcd:/$ cat xkcd.com
You're a kitty!
The problem is that all solutions need more work from the customer and that's sometimes something they just don't want to deal with. If I'm really really stuck, what I do is set fail2ban to block on the first failed attempt. That server also gets removed from the VPN network and thus do not get any backup or MySQL replication. No matter what, there is no root password login enabled.
I look for colocation with a my own access card.
I also quiz the support staff I come into contact with basic network questions.
Not knowing the load required on the UPS makes it very hard to tell what kind of UPS you need. You need to know how many watts are used in the rack to be able to plan some proper UPS capacity.
apcupsd can be networked between machines and can trigger auto shutdowns of all of them, including VM guests.
Some virtual machine system can also suspend all VMs on shutdown which could be a better alternative then shutting them down. Again, without knowing which VM system you use it's hard to get into details.
As a Canadian, I have decided to actively help the Pirate Party set up shop in Canada. I am happy to say that we are on track to apply for registration in the next few weeks. We are just waiting on 2 pieces of paperwork (one from Industry Canada, one from an accounting firm) to complete the huge stack of paperwork we've already accumulated.
You can find more at http://www.pirateparty.ca/
A few people are inconvenienced because they have to connect to a different port then the default due to ISP firewalling.
I would really really like it if more ISPs were checking them and silently discard anything that is flagged as spam _AND_ fails SPF instead of bouncing it back.
We get thousands of bounces addressed to non-existant users, which in turn makes into a double bounce. Of course now I've set our system to silently delete them instead. Else it's just a colossal waste of resources.
http://www.pirateparty.ca/ , and we now have a new website
You can check out ours, Maximum CRM, http://www.maximumcrm.com/
We can do special pricing for non-profit organizations.
It is a hosted platform that would replace the contacts in Outlook.