PS: Wasn't Mexico going to pay for this? Simple fix. Turn the border access points into Tolls per person. You simply pay an entry / exit tax every time you cross it. Mexican citizens pay a higher toll than American citizens do. Thus, does Mexico pay for said wall.
You expect a politician to keep a campaign promise? In order to have some sort of toll, you'd need a barrier in the first place to force people to use it. Or if you're only applying the toll to vehicles on roads, legit trade, etc., then it's no different from Trump's claim that Mexico is already paying for it indirectly via the new trade agreements. But if that were ever the plan, why didn't those trade agreements just earmark money for the wall? (Because there was no plan at all.)
Who renews certs? I've only ever generated new ones. People don't pin certs, they just blindly trust the CA that signs them, so what does it matter if it changes?
We have checks and balances. It's supposed to work as follows:
Congress can pass a bill the President agrees with, or pass a bill the President doesn't agree with. If the President doesn't agree with it, it'll get vetoed. If Congress doesn't like that, they can pass a bill that won't get vetoed or pass a bill with enough support to override the President's veto.
Trump won't sign a spending bill without explicit funding for a physical barrier ("THE WALL") at the southern border. Congress won't work together to override his veto.
Up until today, the "shutdown" was largely meaningless. Today, people missed paychecks.
You can blame Trump for taking a hard stance for the wall. You can blame Democrats in the house for taking a hard stance against the wall. You can blame Republicans in the house and senate for aligning strongly with their party, and thus matching Trump's hard stance for the wall. You can blame all of Congress for not working on a spending bill they all like enough to override Trump's veto. You can blame all Americans for perpetuating the 2 party system.
If this goes on long term, it'll likely be Republicans in Congress who crack and either:
- Persuade Trump to back down on the wall issue.
- Get enough support together in Congress to pass a spending bill that doesn't include funding for a wall, or that bypasses Trump's veto.
Use a browser that lets you accept expired, self-signed, or otherwise "bad" certs, at your discretion.
caused by US President Donald Trump's refusal to sign any 2019 government budget bill that doesn't contain funding for a Mexico border wall he promised during his election campaign.
Congress can override his veto. We have checks and balances. Use them. Congress would have to work together and do their job?? THE HORROR!! Instead, a bunch of people didn't get paid today.
Meanwhile almost no one is talking about the much bigger issue - Trump may soon get to appoint a third supreme court justice.
The only ones awaiting this are those who have been saying it was "coming soon" for the last decade. Like a stopped clock, it looks like they may finally be right.
But who actually cares? The best deal in for-pay TV was the $30 deal on PlayStation Vue a year or two ago. DirecTV tried something similar, but it was trash in execution and lineup and features. Maybe it got better, but when they refused to honor their 7 day free trial, I put them on the shit list and will never so much as look at them again. (Yes, I got my money back. The FTC helped when Chase wouldn't. Chase and its outsourced 3rd world "support" staff who refuse to even read a damned ticket can eat my ass.)
Google is never going to accomplish anything meaningful in this arena, and Hulu is crap with ads, or crap without ads for even more money. (Do they still have this option?) It's too late for new services to get in on the action, as everyone but broadcast is splintering off into their own services. Fucking DC has its own streaming service for fuck's sake! And let's be real - if you're the kind of fool who like their live action shit you're the kind of fool who's paying for cable/satellite to watch The CW (which you could get for free via your local affiliate). The only reason anyone should look at DC's streaming platform is Young Justice season 3, and DC knows it. That's why they're drip feeding season 3 AND splitting it into 2 parts. But hey - TPB is still cheaper, as are all the "apps" that reach out to sites to ind streaming sources for that shit.
The attacker presents a login dialog to the user, and forwards that info to a genuine session. The attacker presents a 2 factor dialog to the user, and forwards that info to a genuine session. The attacker wins. For bonus points, the attacker presents a second 2 factor dialog to the user, the user complies thinking they typed the code in wrong or the code timed out. The attacker uses that 2nd code to disable the 2 factor requirement on the account.
The attacker only needs to get a bit of malware on your box to install bogus certs / fuck your DNS.
"If they get malware onto your box, they've already won!" Until you clean the malware, use a different box, change a password, or they need another code from your dongle / phone / etc.
The main defense against this type of attack was that most people wouldn't be high value targets, so the phishing pages were merely storing credentials for later use (or sale). With expired codes from a dongle, app, or phone, those credentials are somewhat useless. (You can use them to scare the victim later in a ransom scheme, try to socially engineer an attack saying you lost the phone / dongle / whatever, try those same credentials elsewhere hoping they were reused, etc.)
Automating the full attack means that the code a user types in is used while it's still valid, and the attackers win. Without automation through to the end, only a high value target (or someone incredibly unlucky) would have an attacker actively watching and waiting to use one of those codes before it expired.
A defense against this, which never gained much traction unfortunately, is certificate pinning.
Yup, everything done online or passed through a single wire is essentially 1 factor. Something you know.
Oh, you used a fingerprint scanner or smartcard reader? It just passed a signal to the verifying device/service. The verifying device/service didn't check to see you had a smartcard or that you used a valid fingerprint. It trusted the signal it got and believed the device that sent it.
Something you have and something you are require physical, interactive inspection. In a real security scenario, this is typically done with an actual guard checking an ID, badge, etc. and checking you to make sure you're X pounds, Y height, Z sex, W race, etc.
AMD still doesnt release drivers as frequently as nvidia
That should be a positive. Frequent driver updates are indicative of shitty quality and a broken system where hardware manufacturers bend over backwards to add in game-specific hacks to deal with shitty code put out by developers / engines. Yes, occasionally the games are running into flaws in the driver (or hardware) and the updated drivers fix / work around that. For those instances, see the prior point regarding shitty quality.
The graphics card is NOT the device that controls when the new frame starts. Not if you want anything to work, that is. If you use a format or timing the display doesn't support, you'll get nothing or you'll get a blinking (and possibly scrolling), unusable mess. If you just vblank/vsync/rsync/whatever willy nilly on an LCD, it will laugh at you.
Variable refresh rates have been in the standards for ages, sure. But they were not implemented in any way that someone could drive a continuous, uninterrupted video stream with. Not until AMD came along and pushed for it.
The advantage over VSYNC is clear. With FreeSync / VRR, you eliminate tearing and minimize delay as long as you stay within the VRR range of the display. With VSYNC, if you're at 60 Hz you're adding an unnecessary delay whenever you could render faster than that, and you're dropping down to 30 Hz whenever you dip just under 60 FPS. Or 15 Hz if you drop under 30 FPS.
And the 2080 is basically the same as the 1080 Ti.
And that's if you believe AMD's benchmarks. Sure, it'll win in some Vulkan games if you compare stock clocks to stock clocks, but it'll lose or barely keep up in everything else. And if you ever overclock, the Nvidia option will pull miles ahead while still using less power. This is with AMD having a node shrink advantage! Vega is trash.
This is one of the worst Slashvertisements I've ever seen. I've been following CES 2019 and I've not seen anyone give half a shit about virtual assistants, and I've not seen anyone even care that Amazon, Apple, and Google showed up.
They just said it enough that people either believed it or tuned it out. They were running non stop ads for their service, and glomming on to other ads for devices, with an obnoxious narration of "VERIZON 4G LTE". A single 30 second ad spot would have that phrase in it 4 or 5 times.
The BTC network is about 6 or 7 million times as powerful. And if you try such an attack, people will notice the increased hash rate, anticipate rising prices, and will end up turning their dormant miners back on (or more likely, switching from some altcoin back to BTC). Your own success of such an attack would increase the cost of performing the attack. Further, how many BTC can you transfer in your single double spend attack, or in the amount of time your attack is viable? How much did that attack cost? Hint: You can't just transfer all of the BTC you want in a single transaction. And who are you going to attack, exactly? Who'd be taking your BTC and what are they giving you for it? Are they going to do the same transaction twice? Or do you have multiple targets lined up? Or are you going to live off of the mining rewards and transaction fees you collect during the attack? How profitable is that going to be?
Oh, and the blockchain is public, people can see that the total hashrate of the network doubled instantly one day, and they'll look over transactions from around that time with a fine toothed comb, find out who's submitting that shit, and just fork the whole blockchain, kicking your ass out and making your efforts worthless.
Maybe you can temporarily disrupt some shitcoin no one cares about (like ETC), but even ETH and fucking BCH (which is so much of a joke TPB won't accept it for donations) are unassailable merely due to the fact that there's not enough hardware readily available for you to rent to do it, let alone power. BTC is untouchable unless some government has broken SHA-256 or starts physically seizing existing mining operations to take their power or shut them down and reduce the total power of the network. Your own link shows NiceHash as having less than one thousandth the hashing power of the current BTC network.
Sure. Take all those phones, make them hash BTC, try to attack the network. It won't amount to squat. Thermodynamics alone mean its fundamentally impossible.
Apple doesn't have the fastest hardware. They leapfrog each other regularly. Their OS and the thermal design of the devices lets them use the hardware much more efficiently than the competitors, however.
Slashdot Mirror
PS: Wasn't Mexico going to pay for this?
Simple fix. Turn the border access points into Tolls per person. You simply pay an entry / exit tax every time you cross it.
Mexican citizens pay a higher toll than American citizens do. Thus, does Mexico pay for said wall.
You expect a politician to keep a campaign promise?
In order to have some sort of toll, you'd need a barrier in the first place to force people to use it.
Or if you're only applying the toll to vehicles on roads, legit trade, etc., then it's no different from Trump's claim that Mexico is already paying for it indirectly via the new trade agreements. But if that were ever the plan, why didn't those trade agreements just earmark money for the wall? (Because there was no plan at all.)
Who renews certs? I've only ever generated new ones. People don't pin certs, they just blindly trust the CA that signs them, so what does it matter if it changes?
We have checks and balances. It's supposed to work as follows:
Congress can pass a bill the President agrees with, or pass a bill the President doesn't agree with. If the President doesn't agree with it, it'll get vetoed.
If Congress doesn't like that, they can pass a bill that won't get vetoed or pass a bill with enough support to override the President's veto.
Trump won't sign a spending bill without explicit funding for a physical barrier ("THE WALL") at the southern border.
Congress won't work together to override his veto.
Up until today, the "shutdown" was largely meaningless. Today, people missed paychecks.
You can blame Trump for taking a hard stance for the wall.
You can blame Democrats in the house for taking a hard stance against the wall.
You can blame Republicans in the house and senate for aligning strongly with their party, and thus matching Trump's hard stance for the wall.
You can blame all of Congress for not working on a spending bill they all like enough to override Trump's veto.
You can blame all Americans for perpetuating the 2 party system.
If this goes on long term, it'll likely be Republicans in Congress who crack and either:
- Persuade Trump to back down on the wall issue.
- Get enough support together in Congress to pass a spending bill that doesn't include funding for a wall, or that bypasses Trump's veto.
Use a browser that lets you accept expired, self-signed, or otherwise "bad" certs, at your discretion.
caused by US President Donald Trump's refusal to sign any 2019 government budget bill that doesn't contain funding for a Mexico border wall he promised during his election campaign.
Congress can override his veto. We have checks and balances. Use them. Congress would have to work together and do their job?? THE HORROR!! Instead, a bunch of people didn't get paid today.
Meanwhile almost no one is talking about the much bigger issue - Trump may soon get to appoint a third supreme court justice.
Hello PopeRatzo!!
Listen up, retard. He referenced c because c and the distance between you and the game streaming server dictate the absolute minimum latency involved.
The world is not one people with one policy.
Don't worry - they're working on that too.
What did you think would happen?
The only ones awaiting this are those who have been saying it was "coming soon" for the last decade.
Like a stopped clock, it looks like they may finally be right.
But who actually cares? The best deal in for-pay TV was the $30 deal on PlayStation Vue a year or two ago. DirecTV tried something similar, but it was trash in execution and lineup and features. Maybe it got better, but when they refused to honor their 7 day free trial, I put them on the shit list and will never so much as look at them again. (Yes, I got my money back. The FTC helped when Chase wouldn't. Chase and its outsourced 3rd world "support" staff who refuse to even read a damned ticket can eat my ass.)
Google is never going to accomplish anything meaningful in this arena, and Hulu is crap with ads, or crap without ads for even more money. (Do they still have this option?) It's too late for new services to get in on the action, as everyone but broadcast is splintering off into their own services. Fucking DC has its own streaming service for fuck's sake! And let's be real - if you're the kind of fool who like their live action shit you're the kind of fool who's paying for cable/satellite to watch The CW (which you could get for free via your local affiliate). The only reason anyone should look at DC's streaming platform is Young Justice season 3, and DC knows it. That's why they're drip feeding season 3 AND splitting it into 2 parts. But hey - TPB is still cheaper, as are all the "apps" that reach out to sites to ind streaming sources for that shit.
The attacker presents a login dialog to the user, and forwards that info to a genuine session.
The attacker presents a 2 factor dialog to the user, and forwards that info to a genuine session.
The attacker wins.
For bonus points, the attacker presents a second 2 factor dialog to the user, the user complies thinking they typed the code in wrong or the code timed out. The attacker uses that 2nd code to disable the 2 factor requirement on the account.
The attacker only needs to get a bit of malware on your box to install bogus certs / fuck your DNS.
"If they get malware onto your box, they've already won!" Until you clean the malware, use a different box, change a password, or they need another code from your dongle / phone / etc.
The main defense against this type of attack was that most people wouldn't be high value targets, so the phishing pages were merely storing credentials for later use (or sale). With expired codes from a dongle, app, or phone, those credentials are somewhat useless. (You can use them to scare the victim later in a ransom scheme, try to socially engineer an attack saying you lost the phone / dongle / whatever, try those same credentials elsewhere hoping they were reused, etc.)
Automating the full attack means that the code a user types in is used while it's still valid, and the attackers win. Without automation through to the end, only a high value target (or someone incredibly unlucky) would have an attacker actively watching and waiting to use one of those codes before it expired.
A defense against this, which never gained much traction unfortunately, is certificate pinning.
Yup, everything done online or passed through a single wire is essentially 1 factor. Something you know.
Oh, you used a fingerprint scanner or smartcard reader? It just passed a signal to the verifying device/service. The verifying device/service didn't check to see you had a smartcard or that you used a valid fingerprint. It trusted the signal it got and believed the device that sent it.
Something you have and something you are require physical, interactive inspection. In a real security scenario, this is typically done with an actual guard checking an ID, badge, etc. and checking you to make sure you're X pounds, Y height, Z sex, W race, etc.
AMD still doesnt release drivers as frequently as nvidia
That should be a positive. Frequent driver updates are indicative of shitty quality and a broken system where hardware manufacturers bend over backwards to add in game-specific hacks to deal with shitty code put out by developers / engines. Yes, occasionally the games are running into flaws in the driver (or hardware) and the updated drivers fix / work around that. For those instances, see the prior point regarding shitty quality.
The graphics card is NOT the device that controls when the new frame starts. Not if you want anything to work, that is.
If you use a format or timing the display doesn't support, you'll get nothing or you'll get a blinking (and possibly scrolling), unusable mess.
If you just vblank/vsync/rsync/whatever willy nilly on an LCD, it will laugh at you.
Variable refresh rates have been in the standards for ages, sure. But they were not implemented in any way that someone could drive a continuous, uninterrupted video stream with. Not until AMD came along and pushed for it.
The advantage over VSYNC is clear.
With FreeSync / VRR, you eliminate tearing and minimize delay as long as you stay within the VRR range of the display.
With VSYNC, if you're at 60 Hz you're adding an unnecessary delay whenever you could render faster than that, and you're dropping down to 30 Hz whenever you dip just under 60 FPS. Or 15 Hz if you drop under 30 FPS.
And the 2080 is basically the same as the 1080 Ti.
And that's if you believe AMD's benchmarks. Sure, it'll win in some Vulkan games if you compare stock clocks to stock clocks, but it'll lose or barely keep up in everything else. And if you ever overclock, the Nvidia option will pull miles ahead while still using less power. This is with AMD having a node shrink advantage! Vega is trash.
TAA is only state of the art in blurry mess technology
Yup! It fucking appalls me that this is seen as a good standard to measure up against and, worse, that people prefer it!
Who actually believes the accusations against Kaspersky?
This is one of the worst Slashvertisements I've ever seen. I've been following CES 2019 and I've not seen anyone give half a shit about virtual assistants, and I've not seen anyone even care that Amazon, Apple, and Google showed up.
online learning
start-up
founded in 2017
with the backing of Y Combinator
has captivated venture capitalists
Surely, this will be a great success!
They just said it enough that people either believed it or tuned it out. They were running non stop ads for their service, and glomming on to other ads for devices, with an obnoxious narration of "VERIZON 4G LTE". A single 30 second ad spot would have that phrase in it 4 or 5 times.
I don't want to hear another PEAP out of you.
He doesn't have one.
Ethereum Classic, LOL!
The BTC network is about 6 or 7 million times as powerful. And if you try such an attack, people will notice the increased hash rate, anticipate rising prices, and will end up turning their dormant miners back on (or more likely, switching from some altcoin back to BTC). Your own success of such an attack would increase the cost of performing the attack. Further, how many BTC can you transfer in your single double spend attack, or in the amount of time your attack is viable? How much did that attack cost? Hint: You can't just transfer all of the BTC you want in a single transaction. And who are you going to attack, exactly? Who'd be taking your BTC and what are they giving you for it? Are they going to do the same transaction twice? Or do you have multiple targets lined up? Or are you going to live off of the mining rewards and transaction fees you collect during the attack? How profitable is that going to be?
Oh, and the blockchain is public, people can see that the total hashrate of the network doubled instantly one day, and they'll look over transactions from around that time with a fine toothed comb, find out who's submitting that shit, and just fork the whole blockchain, kicking your ass out and making your efforts worthless.
Maybe you can temporarily disrupt some shitcoin no one cares about (like ETC), but even ETH and fucking BCH (which is so much of a joke TPB won't accept it for donations) are unassailable merely due to the fact that there's not enough hardware readily available for you to rent to do it, let alone power. BTC is untouchable unless some government has broken SHA-256 or starts physically seizing existing mining operations to take their power or shut them down and reduce the total power of the network. Your own link shows NiceHash as having less than one thousandth the hashing power of the current BTC network.
Sure. Take all those phones, make them hash BTC, try to attack the network. It won't amount to squat. Thermodynamics alone mean its fundamentally impossible.
Google maps has done that for years. With voice control, if you want.
Apple doesn't have the fastest hardware. They leapfrog each other regularly. Their OS and the thermal design of the devices lets them use the hardware much more efficiently than the competitors, however.