I'd agree... there wasn't much on TV worth watching in the beginning. For many years, TV was a rich man's toy. It wasn't until after WWII that it even began to build market share.
PCG is going after several companies, including Timex, Brunswick, and Wright Medical. This type of lawsuit is essentially an extortion scheme, though IANAL.
They don't require kid's fingerprints because they are oily, sticky and highly inaccurate. A child has a much smaller fingerprint than an adult and the DPI of the optical finger scanners are all geared for adults. Oh, and it's just bad publicity.
Others have said this - but just for the to clear this up - it is *not* a hash, digest or any other form of cryptographic data - though the fingerprint template may be encapsulated in such form for storage, e.g. PKI utilized at the DOD.
Short answer: The fingerprint data template is a series of polar graph points which are compared each time for accuracy.
Long answer: Fingerprints are enrolled into the system using an image feature extraction algorithm which extracts the minutiae details into a template set of polar points. Each time a fingerprint is scanned for authentication, the same procedure is reproduced to form a comparison point set, which is then compared against the template for completeness, locality and minutiae point type. A weighted calculation is then determined to produce a percentage match to determine authentication pass or fail.
That's exactly right! We're all arguing whether it has low power usage, memory bus speeds, number of cores, etc... meanwhile, Apple builds an experience not unlike a game or movie which simply does 95% of what people want.
I can appreciate both points of view, but most tech people miss the simplicity of what Apple is selling.
Nearly everybody depends on physical security, network perimeter security, and dumb luck. Encrypted hard drives protect data at rest, VPN's and variants are generally used to protect data in motion.
If you stick to longer phrases, then yes. Password strength is calculated as such, generally:
alphanumeric: charspace ^ length (in this case, 26 for alpha, and 46 for special+alpha+numeric).
So, for a phrase length of 10, an alpha password is 1 in 141167095653376, Compare that to a short 6 length, special char password and that's 1 in 20047612231936
So, it's about 10x better overall. Adding one special char increases the search space significantly, though.
Generally, you've got to be a real, authentic, piss in the wind asshole to get an agent after you. Generally boring people aren't that much fun to tango with.
FBI are generally great people - they get paid crap for the job they do, even if some of they are bullies.
I used to think the same thing! What a co-inkidink! Than someone hacked into a (fortunately, base install, nothin else) machine and I no longer think that.
Well, true, but FIPS 140-2 *does* cover key storage, key load and minimum sizes. Also, their security policy may specify certain physical security requirements which could lead to a certification under these circumstances.
Of course, at level 1, this probably didn't mean much, depending upon where they defined the security boundaries.
NIAP is changing CC evaluation, and FIPS 140-3 is a *long* time coming. Hopefully these minimum standards can also take into account mobile devices at some point, as there is an entirely different set of needs when you compare a secure SCIF to some guy loosing his USB key down at the bar.
The data is encrypted on the drive, however the USB interface is cleartext. Authentication should unlock a (hopefully random, hopefully stored encrypted) drive specific key.
The real failure is certifying labs - NIST contracts third party labs to follow the guidelines and only reviews the final documentation. Source review should have caught this. The operational test should have caught this.
That's fine for web apps, desktop apps, etc - but generally VM's have a big I/O slowdown (db's, server software, high disk usage) and aren't even usable for graphics/game development. Know your target!
That said, I love VM's and use it all the time - especially for kernel development - but it's not a catch-all solution!
People that never learn C or delve into actual hardware & kernel architecture have real troubles with issues such as concurrency, atomicity and threading. High performance code is difficult to master in Java, as you much understand what's happening in the implementation.
You seem to forget that the Java core is written in C/C++? I've worked at top tier industry web sites - java is not immune to stupid code practices. It crashes a bit nicer, but downtime is still measured in lost dollars.
Actually, I think the approval process is decent - at least as a consumer. I get age-appropriate ratings (sort of), cheap apps, and generally don't have many issues with lockup and the like.
I don't think you can qualify it either way, gifted developers make it into their fields because they're passionate about it. However they got there is only a reflection of how good education is doing in terms of school and tracking people into professions they like.
In the past, you saw gifted hackers from everywhere, but lately I have to agree that schools are doing a better job - and so I'm seeing more come with degrees from "good schools.
It's probably far more productive to contact your state's public utility commissioner (name varies by state), the FCC, or your state's attorney general.
Really, you're already taxed out the nose for regulatory agencies & law enforcement, might as well utilize as much free muscle as you can.
The "subtlety" here is that Windows is needlessly complex
I believe the correct description is "a vain attempt to obfuscate the true meaning of certain security details, which were chosen over provable, known-good techniques."
But I'm just a security software developer, what would I know?
Until 10 years ago, Rockets were the domain of NASA, it's billionaire contractors, and freckle-faced kids. Not you've got people from all kinds of backgrounds excited and building new designs, trying new things, and raising a new generation of inventors, engineers, and students.
That's the point of these contests - more rocket scientists, tech, and healthy innovation.
Slashdot Mirror
I'd agree... there wasn't much on TV worth watching in the beginning. For many years, TV was a rich man's toy. It wasn't until after WWII that it even began to build market share.
PCG is going after several companies, including Timex, Brunswick, and Wright Medical. This type of lawsuit is essentially an extortion scheme, though IANAL.
They don't require kid's fingerprints because they are oily, sticky and highly inaccurate. A child has a much smaller fingerprint than an adult and the DPI of the optical finger scanners are all geared for adults. Oh, and it's just bad publicity.
Others have said this - but just for the to clear this up - it is *not* a hash, digest or any other form of cryptographic data - though the fingerprint template may be encapsulated in such form for storage, e.g. PKI utilized at the DOD.
Short answer: The fingerprint data template is a series of polar graph points which are compared each time for accuracy.
Long answer:
Fingerprints are enrolled into the system using an image feature extraction algorithm which extracts the minutiae details into a template set of polar points. Each time a fingerprint is scanned for authentication, the same procedure is reproduced to form a comparison point set, which is then compared against the template for completeness, locality and minutiae point type. A weighted calculation is then determined to produce a percentage match to determine authentication pass or fail.
Hope this explains the process well enough!
That's exactly right! We're all arguing whether it has low power usage, memory bus speeds, number of cores, etc... meanwhile, Apple builds an experience not unlike a game or movie which simply does 95% of what people want.
I can appreciate both points of view, but most tech people miss the simplicity of what Apple is selling.
Nearly everybody depends on physical security, network perimeter security, and dumb luck. Encrypted hard drives protect data at rest, VPN's and variants are generally used to protect data in motion.
And, your point is?
If you stick to longer phrases, then yes. Password strength is calculated as such, generally:
alphanumeric: charspace ^ length (in this case, 26 for alpha, and 46 for special+alpha+numeric).
So, for a phrase length of 10, an alpha password is 1 in 141167095653376,
Compare that to a short 6 length, special char password and that's 1 in 20047612231936
So, it's about 10x better overall. Adding one special char increases the search space significantly, though.
Generally, you've got to be a real, authentic, piss in the wind asshole to get an agent after you. Generally boring people aren't that much fun to tango with.
FBI are generally great people - they get paid crap for the job they do, even if some of they are bullies.
And cuss words... had to break a system we got from a company buyout, not a friendly happy "synergistic" one either. About 30%...
I used to think the same thing! What a co-inkidink! Than someone hacked into a (fortunately, base install, nothin else) machine and I no longer think that.
Holy fishguts, Batman... you're right!
Well, true, but FIPS 140-2 *does* cover key storage, key load and minimum sizes. Also, their security policy may specify certain physical security requirements which could lead to a certification under these circumstances.
Of course, at level 1, this probably didn't mean much, depending upon where they defined the security boundaries.
NIAP is changing CC evaluation, and FIPS 140-3 is a *long* time coming. Hopefully these minimum standards can also take into account mobile devices at some point, as there is an entirely different set of needs when you compare a secure SCIF to some guy loosing his USB key down at the bar.
The data is encrypted on the drive, however the USB interface is cleartext. Authentication should unlock a (hopefully random, hopefully stored encrypted) drive specific key.
The real failure is certifying labs - NIST contracts third party labs to follow the guidelines and only reviews the final documentation. Source review should have caught this. The operational test should have caught this.
Oh well!
Oh, that's almost devilish... nice!
I'll have to remember that if I ever get dragged, kicking and screaming, back into corptocracy!
Whoa there, pardner!
That's fine for web apps, desktop apps, etc - but generally VM's have a big I/O slowdown (db's, server software, high disk usage) and aren't even usable for graphics/game development. Know your target!
That said, I love VM's and use it all the time - especially for kernel development - but it's not a catch-all solution!
I think it was Pinko Commies the last time... made being a communist rather a fun engagement I imagine.
People that never learn C or delve into actual hardware & kernel architecture have real troubles with issues such as concurrency, atomicity and threading. High performance code is difficult to master in Java, as you much understand what's happening in the implementation.
You seem to forget that the Java core is written in C/C++? I've worked at top tier industry web sites - java is not immune to stupid code practices. It crashes a bit nicer, but downtime is still measured in lost dollars.
Oh, and bring a towel.
Actually, I think the approval process is decent - at least as a consumer. I get age-appropriate ratings (sort of), cheap apps, and generally don't have many issues with lockup and the like.
I don't think you can qualify it either way, gifted developers make it into their fields because they're passionate about it. However they got there is only a reflection of how good education is doing in terms of school and tracking people into professions they like.
In the past, you saw gifted hackers from everywhere, but lately I have to agree that schools are doing a better job - and so I'm seeing more come with degrees from "good schools.
That is all.
Watch our for N. Korean hitmen if you go!
It's probably far more productive to contact your state's public utility commissioner (name varies by state), the FCC, or your state's attorney general.
Really, you're already taxed out the nose for regulatory agencies & law enforcement, might as well utilize as much free muscle as you can.
The "subtlety" here is that Windows is needlessly complex
I believe the correct description is "a vain attempt to obfuscate the true meaning of certain security details, which were chosen over provable, known-good techniques."
But I'm just a security software developer, what would I know?
Until 10 years ago, Rockets were the domain of NASA, it's billionaire contractors, and freckle-faced kids. Not you've got people from all kinds of backgrounds excited and building new designs, trying new things, and raising a new generation of inventors, engineers, and students.
That's the point of these contests - more rocket scientists, tech, and healthy innovation.