True. I have a similar application that does something like this, using the pseudo-RNG in Python. It's still seeded with a very complicated and salted seed value, but one that's reproducible as long as you know the seed generator algorithm, salt value and date.
So basically any two computers with a copy of this script will know what this secret value is on any given day, without being connected to each other in any way.
Off topic and barely relevant to the improvement of driving safety.
If you want better driving safety, you want better driver training, no matter what those self-interested greedsters at the IIHS (basically an auto insurance industry group) say. Speed limits actually hinder driving safety more often than they help.
The way speed limits are used now, their primary purpose is to generate revenue, their secondary purpose is to reduce pollution. To be very generous you could call safety as a side-effect a distant third, but that's not even true in most cases.
Also ask yourself this, with all the modern safety improvements to cars, why don't they have racing-style fuel cells to prevent fires, a technology that was nearly incorporated into the Pinto in the '70s? When mass produced it would only add $20-40 to the final price of a car and would practically eliminate fires resulting from accidents.
The TSA should engage in profiling, as the Israelis do. Although it's controversial [breitbart.com], the Israelis have managed to prevent any hijacking incidents since 1969 so they must be doing something right. Even the Israelis aren't perfect and sooner or later it's possible someone will slip through and cause a calamity, but so far they have demonstrated a more intelligent approach to airport security that does not require body scanner imaging technology such as the TSA has enthusiastically promoted.
Oh jeez not this shit again. Is it going to take a string of Anders Behring Breivik-looking dudes to blow up American buildings before you idiots get the point? Profiling does not improve security. It lays down a temporary speedbump and introduces many vulnerabilities. An attacker only has to match the low-security racial profile to get through with reduced scrutiny. From a security standpoint alone it is a bad idea, the same reason AV apps don't only scan files handled by IE, Adobe Reader, JRE and Flash, the same reason there isn't an Express Lane for rich white folks to return to the US from Mexico, the same reason that we don't just block all traffic from outside the Western world as our only network security solution.
An Internet speedup would involve adding the ability to carry more bytes per second, analogous to changing your delivery vehicles from donkey carts to vans. This is just improving the logistics of the donkey cart-based delivery service.
They do have a choice, whether it's the right choice is irrelevant, the vast majority will not vote the way you do so your "fix" is quite impossible to pull off in the US.
Perspectives and I would assume Convergence, but Perspectives at least is broken in FF5+ (even if you override compatibility). The onyl bug is it doesn't override unsigned certs automatically (tjhe exact function you want:-( )
Good point, I say the same thing all the time. A self-signed cert is, at worst, no worse than an unsecured connection. So why raise an alarm? Treat it the same as unsecured, so that anyone who doesn't see the blue browser bar or whatever knows they can't trust the security of this connection.
And yes I realize it's really a *pure HTML* (at least as far as the client is concerned) tracking system. Have a million things going on at work right now.
Did you notice that you're getting a lot of HTTPS certificate changes from Facebook when browsing sites with Like buttons over the last week or so? I'm running a fully locked down Firefox (NoScript, Flashblock, CookieMonster 1.5, BetterPrivacy, CertPatrol, Perspectives, HTTPS-Everywhere) and I'm getting these warnings even though I haven't whitelisted Facebook anywhere.
I was curious so just as I was writing this I inspected the source of a Wired page I had open. Look at this gem:
So even if you were browsing with Lynx they would still track you using this iframe. But this isn't an HTTPS link. So I checked my HTTPS-Everywhere list and sure enough, it will force any connections to Facebook over to HTTPS connections, triggering a bajillion cert change warnings from CertPatrol.
Fun fact: I got these warnings on my home laptop which I'm pretty sure has Do Not Track enabled, will have to double check that though. What's the status of the "Do Not Track" legislation?
So now if you want to block Facebook tracking you may have to resort to a HOSTS file (please don't chime in APK). Anyone know of a Firefox plugin that works like a browser-specific HOSTS file? Because HOSTS files are a last-resort hack IMO.
This is pretty new, I knew it was technically possible but I thought all Facebook's tracking systems relied on JS, maybe I'll write a journal entry about this and submit it.
I wonder what the differences are between Perspectives and Convergence. I've been using Perspectives for a long time. As far as I can tell the only difference is that Convergence has some anonymization features built in.
It's hard to estimate battery development too far into the future unless you're an expert in the field, but I think 400-mile batteries will be doable within the next 5-10 years based on what advancements I do know about. That's the equivalent of a 40MPG car with a full 10 gallon tank.
A plug-in series hybrid with a battery like that would suit your (highly unusual) needs though.
You could have a hybrid quadcopter / body wing type plane, there are a couple of different ways to pull it off (either a tailsitter or basically a flying wing with 4 holes in it), the only trouble is that vertical takeoffs will reduce the payload capacity.
I'm pretty sure Eric Holder watches SWAT raids live and jacks off to them.
"Mmmm yeah fuck that guy's rights...yeah bust that door down good...that's right handcuff that motherfucker...aw yeah now take his property...yes, yes, YES! HHHNNNNGGGG!"
Warning flag that article is inflammatory: use of "artsy do-gooders only too eager to tell others what kind of light bulbs they have to buy"
Whoa, that was in there? I didn't RTFA, but I'm gonna guess it's either from Little Green Footballs or Newsbusters. Even Fox doesn't use that kind of language in their articles.
That's a form of steganography, which of course, is horribly inefficient.
Also it would be pretty obvious and not plausibly deniable. It's like this:
Normal conversation:
Bob: The quick brown fox jumps over the lazy dog.
Dave: the lazy what?
Bob: Dog.
Dave: Oh, I understand.
Using your technique.
Bob: The quick brown fox jumps over the lazy dog.
Dave: the lazy what?
Bob: #@23dfx!;
Dave: Oh, I understand.
A better way to do it would be like this (maybe this is what you meant but you misspoke):
Bob: The quick brown fox jumps over the lazy #@23dfx!;.
Dave: the lazy what?
Bob: Dog.
Dave: Oh, I understand.
That could actually work.
True. I have a similar application that does something like this, using the pseudo-RNG in Python. It's still seeded with a very complicated and salted seed value, but one that's reproducible as long as you know the seed generator algorithm, salt value and date.
So basically any two computers with a copy of this script will know what this secret value is on any given day, without being connected to each other in any way.
Off topic and barely relevant to the improvement of driving safety.
If you want better driving safety, you want better driver training, no matter what those self-interested greedsters at the IIHS (basically an auto insurance industry group) say. Speed limits actually hinder driving safety more often than they help.
The way speed limits are used now, their primary purpose is to generate revenue, their secondary purpose is to reduce pollution. To be very generous you could call safety as a side-effect a distant third, but that's not even true in most cases.
Also ask yourself this, with all the modern safety improvements to cars, why don't they have racing-style fuel cells to prevent fires, a technology that was nearly incorporated into the Pinto in the '70s? When mass produced it would only add $20-40 to the final price of a car and would practically eliminate fires resulting from accidents.
Darwin's coming to collect, they had their chance.
That's what they claim, but the history of racial profiling accusations is too long to ignore, and was the subject of the article in vog's post.
The TSA should engage in profiling, as the Israelis do. Although it's controversial [breitbart.com], the Israelis have managed to prevent any hijacking incidents since 1969 so they must be doing something right. Even the Israelis aren't perfect and sooner or later it's possible someone will slip through and cause a calamity, but so far they have demonstrated a more intelligent approach to airport security that does not require body scanner imaging technology such as the TSA has enthusiastically promoted.
Oh jeez not this shit again. Is it going to take a string of Anders Behring Breivik-looking dudes to blow up American buildings before you idiots get the point? Profiling does not improve security. It lays down a temporary speedbump and introduces many vulnerabilities. An attacker only has to match the low-security racial profile to get through with reduced scrutiny. From a security standpoint alone it is a bad idea, the same reason AV apps don't only scan files handled by IE, Adobe Reader, JRE and Flash, the same reason there isn't an Express Lane for rich white folks to return to the US from Mexico, the same reason that we don't just block all traffic from outside the Western world as our only network security solution.
An Internet speedup would involve adding the ability to carry more bytes per second, analogous to changing your delivery vehicles from donkey carts to vans. This is just improving the logistics of the donkey cart-based delivery service.
They do have a choice, whether it's the right choice is irrelevant, the vast majority will not vote the way you do so your "fix" is quite impossible to pull off in the US.
Most don't want to "fix" the US the way you do.
http://www.f-secure.com/weblog/archives/00002128.html
And do the same for Comodo while you're at it.
Exactly. Who cares about size, I wanna know the cost! If I was filthy rich I could probably have a 2TB custom thumb drive built right now.
Getting a 404 on that URL.
Hashes at first use? AKA what the guys at the Perspectives project call the "prayer method?" (Pray you're not getting MITM'ed the first time).
Perspectives and I would assume Convergence, but Perspectives at least is broken in FF5+ (even if you override compatibility). The onyl bug is it doesn't override unsigned certs automatically (tjhe exact function you want :-( )
Give Convergence a try.
For once I agree with you completely. I've been saying the same thing for a long time.
Is that supposed to be Steve Ballmer in the background?
Good point, I say the same thing all the time. A self-signed cert is, at worst, no worse than an unsecured connection. So why raise an alarm? Treat it the same as unsecured, so that anyone who doesn't see the blue browser bar or whatever knows they can't trust the security of this connection.
And yes I realize it's really a *pure HTML* (at least as far as the client is concerned) tracking system. Have a million things going on at work right now.
Did you notice that you're getting a lot of HTTPS certificate changes from Facebook when browsing sites with Like buttons over the last week or so? I'm running a fully locked down Firefox (NoScript, Flashblock, CookieMonster 1.5, BetterPrivacy, CertPatrol, Perspectives, HTTPS-Everywhere) and I'm getting these warnings even though I haven't whitelisted Facebook anywhere.
I was curious so just as I was writing this I inspected the source of a Wired page I had open. Look at this gem:
<iframe src="http://www.facebook.com/widgets/like.php?href=http://www.wired.com/autopia/2011/08/no-public-transit-no-job/&layout=button_count&show_faces=false" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:450px; height:25px;" allowTransparency="true"></iframe>
So even if you were browsing with Lynx they would still track you using this iframe. But this isn't an HTTPS link. So I checked my HTTPS-Everywhere list and sure enough, it will force any connections to Facebook over to HTTPS connections, triggering a bajillion cert change warnings from CertPatrol.
Fun fact: I got these warnings on my home laptop which I'm pretty sure has Do Not Track enabled, will have to double check that though. What's the status of the "Do Not Track" legislation?
So now if you want to block Facebook tracking you may have to resort to a HOSTS file (please don't chime in APK). Anyone know of a Firefox plugin that works like a browser-specific HOSTS file? Because HOSTS files are a last-resort hack IMO.
This is pretty new, I knew it was technically possible but I thought all Facebook's tracking systems relied on JS, maybe I'll write a journal entry about this and submit it.
I wonder what the differences are between Perspectives and Convergence. I've been using Perspectives for a long time. As far as I can tell the only difference is that Convergence has some anonymization features built in.
It's hard to estimate battery development too far into the future unless you're an expert in the field, but I think 400-mile batteries will be doable within the next 5-10 years based on what advancements I do know about. That's the equivalent of a 40MPG car with a full 10 gallon tank.
A plug-in series hybrid with a battery like that would suit your (highly unusual) needs though.
You could have a hybrid quadcopter / body wing type plane, there are a couple of different ways to pull it off (either a tailsitter or basically a flying wing with 4 holes in it), the only trouble is that vertical takeoffs will reduce the payload capacity.
I'm pretty sure Eric Holder watches SWAT raids live and jacks off to them.
"Mmmm yeah fuck that guy's rights...yeah bust that door down good...that's right handcuff that motherfucker...aw yeah now take his property...yes, yes, YES! HHHNNNNGGGG!"
Warning flag that article is inflammatory: use of "artsy do-gooders only too eager to tell others what kind of light bulbs they have to buy"
Whoa, that was in there? I didn't RTFA, but I'm gonna guess it's either from Little Green Footballs or Newsbusters. Even Fox doesn't use that kind of language in their articles.