Consider -- if the military used data from the 'normal' weather satellites and supplied over, the internet, say, then potentially you could hack that, tell them the wrong weather - resulting in stranded helicopters, or catching them off balance or who knows what else. TO be safe they have to (presumably) have a totally seperate downlink to get weather data directly into the military network - that has to be expensive!!
I worked at a place that supposedly had two totally separate networks - one connected to the internet, one corporate wide, for news/data/intranet stuff.
So, sure, everybody has two desktops.. one for internal one for everything else. It was great in theory - really stupid in practice. Just doesn't work.
Reality is - there is an expectation that data from outside is available inside. In the power company case it might be everything from the latest gas pricing information to weather reports to who knows what else - and so in 'getting things done' this will inevitably require connections between the outside and the inside.
So, as a result of this 'blanket policy' contrasting with the 'real world' people would circumvent the rule - but do it in stupid, sneaky ways -- for example in one data center there was, literally, an infrared tunnel between two computers -- "see, they are not 'physically connected' !!".. And try to keep it secret from the network ops guys, of course.
It would've made a lot more sense to supply a safe, heavily controlled/monitored firewall that connects outside to inside and let the network security people manage it. Otherwise your choices are (1.) actually enforece the rule and totally cripple the effectiveness of the internal system (with the result that nothing of any importance gets put there) or (2.) really lame hacks pretending to be secure and working around the blanket rule, when in actual fact they are invisible bridges that the network ops guys don't know about.
I saw the alternative 2. in real world practice. Lets consider option 1. - if they really did manage to make the SCADA network totally seperate **and enforce that**. In that case you'd probably just end up with the forecasting/power-station-scheduling app running on the 'outside' network - and just the final 'implement it' step on the internal SCADA. Since the scheduling app is the one where the real decisions are made - hacking into that would let you send signals and information that would look relatively harmless but would still, in effect shut down the power grid. You are still sending information - in this case mediated by human brains, but not in a way that the human brain can easily understand because its low level commands (turn this up, turn that down) - that could very effectively mess up the voltage balance or frequency timing or whatever, and causing rolling blackouts and thus achieving the same aim of shutting down the power grid. There is information flowing from outside to inside - whether it is via human or machine.
Security through dis-connectivity is a dangerous myth in most cases. In some cases, say military situations where you are willing to absorb the huge cost to re-implementing a complete replacement for just about every dang thing you might need on the inside (e.g. weather data, or radar data, say) then it may make sense. In just about every realistic corporate case - even power companies - its likely to only cause people to take their eye off the ball of implementing real security and proper firewalls etc.
Err if they burned through x gallons of fuel to go y miles, doesn't that mean that x gallons of damage was done to the environment via CO2 emitting, resource depleting transportation over the y miles between point A and B.
The fact that some of the chemical energy in the gas got turned into electrical energy before its kinetic use doesn't make a flying bit of difference to the environment.. does it?
To all those people who said he should be working.
on
Cube House
·
· Score: 1
What are you doing reading slashdot, then ? And replying, no less...
One to add to the mix. How about the new "SERV" system being setup by the Pentagon to allow voting from overseas?
I have absolutely no evidence of any foul doings here, but I am extremely suspicious of a system that once compromised in just one place, allows those that compromise it to direct a few 'extra', relatively undetectable, votes to any crucial/balance districts in the republic. And is the Pentagon more secretive, and liable to cover up its 'blunders' than Diebold - you bet !
Absolutely. If it wasn't for these so called 'Right Wing Conspiracy' theories that first exposed the scary facts regarding Diebolds voting machines we wouldn't even be talking about this.
Does the original poster think that Los Alamos county would be even talking about refusing the machines if this stink hadn't been set off in the first place ? I don't think so. Grief. Bit of appreciation, please !
-- "Where are we going and why am I in a handbasket?"
Hate to say this... But.. uh. "Me too." I agree with the original poster.
Dude the problem is not Java.. but your application. Yes, dynamic generation of pages can suck under heavy load, there are too many bad applications out there that were not profiled properly, and yes static page generation (ie caching to disk) can be a good way around that.
However, none of this is going to go away just by shifting to PHP. Address the problem, not the politics.
Man the fact that people keep repeating this mantra is really starting to bug me.
Sure.. According to common wisdom "The purpose of a business is increase shareholder value".
However, given that I don't happen to be a major shareholders, why should that 'definition' mean anything to me? I mean, stopping and thinking about this for a second, I would say "I support and value people, organisations and systems that Improve the well being for all - especially me". (Hey at least I'm honest)
Some, some would argue that in a well functioning capitalist systems, profit making businesses do (and must) contribute to the improved well being for all. Well and good. Let them do that, then, and I shall be happy !
Why should I care that a shareholder's value is increased? Thats like saying (self important voice ) "The purpose of our kingdom and everyone in is to support and aid our King".
The AC was complaining that " I have to hunt all over the place to find the meat ". And you've responded by putting even more links at the top.
My opinion is that whats needed is to move the goddamn 'meat' (or at least some sort of Protein, whether it be Animal or Vegetable) towards the of the page so people can start reading.
They didn't come to the page with the intention to immediately jump off to somewhere else - they came to the site with the hope that *here* is the stuff they were looking for on all those other pages, i.e. that somewhere *on that page* is the info they are after. Sometimes people like to feel they have actually arrived, and they can stop hunting.
Of course, some pages are just jump offs to other pages, and maybe the page you just referrred to is one of those, but still I feel like you wanna tease people with a little text and intro and guff before sending them hunting through a long list of text.
Hope you don't mind having this little tet-a-tet in public, but I figure, hey maybe some other AC will jump in and make the conversation interesting.
Not even a classified report on this to my knowleged. Apparently there was some sort of investigation, but to my knowledge the results of same (if any) have never seen the light of day.
I've been looking at this stuff for a while and to my knowledge it never has cropped up. Strange...
Whilst, we are on the subject, DARPA/CIA/Whoever have had a system called "PROMIS" for a while the purpose of which is to (amongst other things) monitor the stock market for hints of information of exactly this kind. Given that such information did in fact crop up in heavy opions trading on certain key airlines, pity it didn't work on the day huh ?
Apparently, a last minute flood of absentee military votes was enough to flip the Florida result in Bushs favor (I mean, all other fraud known and not know notwithstanding).
Seems to me if they do implement this 'vote electronically and transmit over the internet' system the it might be the vote riggers idea of an ideal voting system. Note espeically that unlike other attempts to compromise voting this system is not limited to one-state-at-at-a-time type attacks, just compromise it once (OK so you have to be an insider, say at the Pentagon) then inject votes, almost impercitbly to tip the scales of the election in only the key states.
I'm not saying this happened last time in Florida, but we better watch out in case it happens next time, because if that happens, bye bye Constitional Democracy.
Not sure if military types (being mostly poor and black, but carrying guns) tend to vote mostly republicrat or demicon.
With suggestions, post Florida 2000, to further expand the roll of electronic voting in the next presidential election, this could be an issue of some concern. You can download the source code ('borrowed' from an ftp server left accidentally open by Diebold) and decide for yourself.
Yes, Geneva Convention bans blinding weapons (what party poopers), but accepts that combatants may be blinded as a side-effect of the use of a normal weapon.
So let me get this straight. The Geneva convention makes it illegal to blind someone, but its perfectly legal to shoot them outright, blow them up, or simply maim them horribly for life ?
i dunno if this is completely on topic but i would like to see *all* tv, movie, video content made completely copyright free after some *reasonable* period, like 6 years..
people would then pay for the distribution/storage costs but pay nothing for the content..
that way you could end up with a kind of library universalis of any show older than x years... just name the show, or find by actor/director etc.. and bang there it is.. Prisoner, in color.
He's no fool... you are. He quite correctly, and usefully pointed out that the lossy process of dithering an image 'has nothing to do with the PNG format..'.
Think of it this way: - (a) start with -> High Res/Bit Depth in memory - (b) convert to -> Low Res/Bit Depth in memory - (c) encode into image format -> saved file
A format is 'lossy' if there is data lost at step(c), but it is **not** a lossy format if you by , manipulation of the image via your image program choose to decrease color depth (or, for that matter use the erasor to delete a couple of pixels).
By your defition, an image dithered and then saves as a GIF would also be regarded as 'lossy' which is just plain the wrong way to use the word.
> Netscape 4 users can go fuck themselves, though. Seriously.
I agree. Netscape users should be forced to upgrade to Mozilla 1.0 immediately.
As a web developer I *hate* Netscape 4 and the sooner it dies the better.
Mozilla and IE support *standards*. Netscrape doesn't.
Ideally I would like to design to support all *standards compliant* browsers. OK, I'll throw in a low-end failover for the rest of you.
That means:
Mozilla 1.0 - OK IE 4,5,6 - OK Netscape 3 - OK Netscrape 4,5 - please, please, please upgrade Anything else - Realistically, you better support the standard because I haven't got time to code special cases for you.
The *client* tells the web designer(s) what to do.
And in my experience it is that it is the (under experienced) developers that want to do neato animated everything, not the client.
---
Also. Its true... Non technically savvy clients are usually *very* susceptible to complaints of 'this doesn't work in my browser!'.. and will pass this along to the developers (if they havent cut and run).
So complaining to the client is definitely the way to go. Developers (like me) would often rather drop support for all browsers out of simple laziness, or, if you like, desire to cut costs.
Complaining to the client will help the developers stay honest (and professional).
Not true. I once attended a talk by "David Fogel" (appropriately) the son of the "father of genetic algorithms").
He stated that genetic crossover is vastly overrated, and in his experience, straight out random mutation is just as, or more effective (and easier to code). -- why bother thinkin when you've got google?
How do you know how long someone has been online? What stops the client from simply reporting they've been online since January 1st, 1970?
Simple. (Of course you need new capabilities in the network). Here's what you do.
Each client generates a private key at signup which they use automatically to sign every file they upload.
If a client chooses not to sign, or to change their key with each post, then they stay at zero points. And people can't pretend to be someone else, because they don't have the private key.
How do you stop Overpeer and like-minded companies from lying about the moderation points? Why can't they give it +100, CD Quality?
Well, now this is a little more difficult. What you need to do, is have a network of 'trust' that states that you will accept what another peer says regarding the moderation points for another peer, based on how many points they have.
Because, most of the time, all peers will agree on appropriate moderation rating, it will be easy to spot the cheats and not trust them.
Slashdot Mirror
Consider -- if the military used data from the 'normal' weather satellites and supplied over, the internet, say, then potentially you could hack that, tell them the wrong weather - resulting in stranded helicopters, or catching them off balance or who knows what else. TO be safe they have to (presumably) have a totally seperate downlink to get weather data directly into the military network - that has to be expensive!!
I worked at a place that supposedly had two totally separate networks - one connected to the internet, one corporate wide, for news/data/intranet stuff.
.. And try to keep it secret from the network ops guys, of course.
So, sure, everybody has two desktops.. one for internal one for everything else. It was great in theory - really stupid in practice. Just doesn't work.
Reality is - there is an expectation that data from outside is available inside. In the power company case it might be everything from the latest gas pricing information to weather reports to who knows what else - and so in 'getting things done' this will inevitably require connections between the outside and the inside.
So, as a result of this 'blanket policy' contrasting with the 'real world' people would circumvent the rule - but do it in stupid, sneaky ways -- for example in one data center there was, literally, an infrared tunnel between two computers -- "see, they are not 'physically connected' !!"
It would've made a lot more sense to supply a safe, heavily controlled/monitored firewall that connects outside to inside and let the network security people manage it. Otherwise your choices are (1.) actually enforece the rule and totally cripple the effectiveness of the internal system (with the result that nothing of any importance gets put there) or (2.) really lame hacks pretending to be secure and working around the blanket rule, when in actual fact they are invisible bridges that the network ops guys don't know about.
I saw the alternative 2. in real world practice. Lets consider option 1. - if they really did manage to make the SCADA network totally seperate **and enforce that**. In that case you'd probably just end up with the forecasting/power-station-scheduling app running on the 'outside' network - and just the final 'implement it' step on the internal SCADA. Since the scheduling app is the one where the real decisions are made - hacking into that would let you send signals and information that would look relatively harmless but would still, in effect shut down the power grid. You are still sending information - in this case mediated by human brains, but not in a way that the human brain can easily understand because its low level commands (turn this up, turn that down) - that could very effectively mess up the voltage balance or frequency timing or whatever, and causing rolling blackouts and thus achieving the same aim of shutting down the power grid. There is information flowing from outside to inside - whether it is via human or machine.
Security through dis-connectivity is a dangerous myth in most cases. In some cases, say military situations where you are willing to absorb the huge cost to re-implementing a complete replacement for just about every dang thing you might need on the inside (e.g. weather data, or radar data, say) then it may make sense. In just about every realistic corporate case - even power companies - its likely to only cause people to take their eye off the ball of implementing real security and proper firewalls etc.
Err if they burned through x gallons of fuel to go y miles, doesn't that mean that x gallons of damage was done to the environment via CO2 emitting, resource depleting transportation over the y miles between point A and B.
The fact that some of the chemical energy in the gas got turned into electrical energy before its kinetic use doesn't make a flying bit of difference to the environment.. does it?
What are you doing reading slashdot, then ? And replying, no less...
--
One to add to the mix. How about the new "SERV" system being setup by the Pentagon to allow voting from overseas?
I have absolutely no evidence of any foul doings here, but I am extremely suspicious of a system that once compromised in just one place, allows those that compromise it to direct a few 'extra', relatively undetectable, votes to any crucial/balance districts in the republic. And is the Pentagon more secretive, and liable to cover up its 'blunders' than Diebold - you bet !
Also, please remember this stuff - election rigging - happens all the time, this is not *theoretical* this is real. Just the other week there was accusations of Election rigging for Shevardnadze in Georgia.
And the US is far from immune to election rigging scandals.
Absolutely. If it wasn't for these so called 'Right Wing Conspiracy' theories that first exposed the scary facts regarding Diebolds voting machines we wouldn't even be talking about this.
Does the original poster think that Los Alamos county would be even talking about refusing the machines if this stink hadn't been set off in the first place ? I don't think so. Grief. Bit of appreciation, please !
--
"Where are we going and why am I in a handbasket?"
Hate to say this... But.. uh. "Me too." I agree with the original poster.
Dude the problem is not Java.. but your application. Yes, dynamic generation of pages can suck under heavy load, there are too many bad applications out there that were not profiled properly, and yes static page generation (ie caching to disk) can be a good way around that.
However, none of this is going to go away just by shifting to PHP. Address the problem, not the politics.
Will Amazon give priority to Amazon pages/products when consumers search A9 for items?
Yes.
Man the fact that people keep repeating this mantra is really starting to bug me.
Sure.. According to common wisdom "The purpose of a business is increase shareholder value".
However, given that I don't happen to be a major shareholders, why should that 'definition' mean anything to me? I mean, stopping and thinking about this for a second, I would say "I support and value people, organisations and systems that Improve the well being for all - especially me". (Hey at least I'm honest)
Some, some would argue that in a well functioning capitalist systems, profit making businesses do (and must) contribute to the improved well being for all. Well and good. Let them do that, then, and I shall be happy !
Why should I care that a shareholder's value is increased? Thats like saying (self important voice ) "The purpose of our kingdom and everyone in is to support and aid our King".
Sure! For the King it is.
No, no, no
The AC was complaining that " I have to hunt all over the place to find the meat ". And you've responded by putting even more links at the top.
My opinion is that whats needed is to move the goddamn 'meat' (or at least some sort of Protein, whether it be Animal or Vegetable) towards the of the page so people can start reading.
They didn't come to the page with the intention to immediately jump off to somewhere else - they came to the site with the hope that *here* is the stuff they were looking for on all those other pages, i.e. that somewhere *on that page* is the info they are after. Sometimes people like to feel they have actually arrived, and they can stop hunting.
Of course, some pages are just jump offs to other pages, and maybe the page you just referrred to is one of those, but still I feel like you wanna tease people with a little text and intro and guff before sending them hunting through a long list of text.
Hope you don't mind having this little tet-a-tet in public, but I figure, hey maybe some other AC will jump in and make the conversation interesting.
OK. You're right. I concede that you are in fact, right.
Sorry.
It is ridiculous.
Not even a classified report on this to my knowleged. Apparently there was some sort of investigation, but to my knowledge the results of same (if any) have never seen the light of day.
I've been looking at this stuff for a while and to my knowledge it never has cropped up. Strange...
Whilst, we are on the subject, DARPA/CIA/Whoever have had a system called "PROMIS" for a while the purpose of which is to (amongst other things) monitor the stock market for hints of information of exactly this kind. Given that such information did in fact crop up in heavy opions trading on certain key airlines, pity it didn't work on the day huh ?
Check out: http://www.unansweredquestions.org/timeline/
OK lame to reply to my own post.. but...
Apparently, a last minute flood of absentee military votes was enough to flip the Florida result in Bushs favor (I mean, all other fraud known and not know notwithstanding).
Seems to me if they do implement this 'vote electronically and transmit over the internet' system the it might be the vote riggers idea of an ideal voting system. Note espeically that unlike other attempts to compromise voting this system is not limited to one-state-at-at-a-time type attacks, just compromise it once (OK so you have to be an insider, say at the Pentagon) then inject votes, almost impercitbly to tip the scales of the election in only the key states.
I'm not saying this happened last time in Florida, but we better watch out in case it happens next time, because if that happens, bye bye Constitional Democracy.
Not sure if military types (being mostly poor and black, but carrying guns) tend to vote mostly republicrat or demicon.
This is the same software that was actually used in the 2002 Georgia elections.
With suggestions, post Florida 2000, to further expand the roll of electronic voting in the next presidential election, this could be an issue of some concern. You can download the source code ('borrowed' from an ftp server left accidentally open by Diebold) and decide for yourself.
Perhaps we should start designing a system to get voluntary payments from users to hackers?
Yup ! Great idea - and as usual with great ideas, already been done - check out Affero.
www.affero.net
--
No I am not affiliated with affero in anyway not that it would matter anyway since its all Open/Free Source software anyway.
that's all right some people are trying to have their own 'peoples investigation' see:
http://www.911pi.com
or if you just wanna look into this yourself, check out:
http://www.unansweredquestions.org
http://www.copvcia.com
http://www.thewaronfreedom.com (a great book)
Exactly how does the Australian government intend to accomplish this feat of engineering ?
Or is it going to be a purely legal thing?
Yes, Geneva Convention bans blinding weapons (what party poopers), but accepts that combatants may be blinded as a side-effect of the use of a normal weapon.
So let me get this straight. The Geneva convention makes it illegal to blind someone, but its perfectly legal to shoot them outright, blow them up, or simply maim them horribly for life ?
--i dunno if this is completely on topic but i would like to see *all* tv, movie, video content made completely copyright free after some *reasonable* period, like 6 years..
people would then pay for the distribution/storage costs but pay nothing for the content..
that way you could end up with a kind of library universalis of any show older than x years... just name the show, or find by actor/director etc.. and bang there it is.. Prisoner, in color.
why not? is my question
This has gone on longer than I would have liked. So to make a long st
Read the rest of this comment...
Oh.. the full story is only about one more line..
This has gone on longer than I would have liked. So to make a long story short: SOMEBODY HIRE ME!!
http://resumes.dice.com/thomasmis
....
mate, thats fucking tragic !! :_(
Good luck with your job hunt Thomas, things'll pick up dont you worry
Dude,
He's no fool... you are. He quite correctly, and usefully pointed out that the lossy process of dithering an image 'has nothing to do with the PNG format..'.
Think of it this way:
- (a) start with -> High Res/Bit Depth in memory
- (b) convert to -> Low Res/Bit Depth in memory
- (c) encode into image format -> saved file
A format is 'lossy' if there is data lost at step(c), but it is **not** a lossy format if you by , manipulation of the image via your image program choose to decrease color depth (or, for that matter use the erasor to delete a couple of pixels).
By your defition, an image dithered and then saves as a GIF would also be regarded as 'lossy' which is just plain the wrong way to use the word.
Put a full stop on that and smoke it.
> Netscape 4 users can go fuck themselves, though. Seriously.
:
I agree. Netscape users should be forced to upgrade to Mozilla 1.0 immediately.
As a web developer I *hate* Netscape 4 and the sooner it dies the better.
Mozilla and IE support *standards*. Netscrape doesn't.
Ideally I would like to design to support
all *standards compliant* browsers. OK, I'll
throw in a low-end failover for the rest of you.
That means
Mozilla 1.0 - OK
IE 4,5,6 - OK
Netscape 3 - OK
Netscrape 4,5 - please, please, please upgrade
Anything else - Realistically, you better support the standard because I haven't got time to code special cases for you.
Not true at all.
The *client* tells the web designer(s) what to do.
And in my experience it is that it is the (under experienced) developers that want to do neato animated everything, not the client.
---
Also. Its true... Non technically savvy clients are usually *very* susceptible to complaints of 'this doesn't work in my browser!'.. and will pass this along to the developers (if they havent cut and run).
So complaining to the client is definitely the way to go. Developers (like me) would often rather drop support for all browsers out of simple laziness, or, if you like, desire to cut costs.
Complaining to the client will help the developers stay honest (and professional).
Not true. I once attended a talk by "David Fogel" (appropriately) the son of the "father of genetic algorithms").
He stated that genetic crossover is vastly overrated, and in his experience, straight out random mutation is just as, or more effective (and easier to code).
--
why bother thinkin when you've got google?
How do you know how long someone has been online? What stops the client from simply reporting they've been online since January 1st, 1970?
Simple. (Of course you need new capabilities in the network). Here's what you do.
Each client generates a private key at signup which they use automatically to sign every file they upload.
If a client chooses not to sign, or to change their key with each post, then they stay at zero points. And people can't pretend to be someone else, because they don't have the private key.
How do you stop Overpeer and like-minded companies from lying about the moderation points? Why can't they give it +100, CD Quality?
Well, now this is a little more difficult. What you need to do, is have a network of 'trust' that states that you will accept what another peer says regarding the moderation points for another peer, based on how many points they have.
Because, most of the time, all peers will agree on appropriate moderation rating, it will be easy to spot the cheats and not trust them.