First of all, what you're saying really only applies to versions of Windows prior to Windows 7 and Server 2008 R2. Open the Windows firewall settings up in one of these operating systems and have a look at it some time. Second, I'm not sure why you think port based firewall rules provide more security than process based rules. You almost assuredly have port 80 outbound open on any desktop computer if you plan on browsing the web, which is great because my malware(tm) only makes outbound connections on port 80, using HTTP so it passes any more complex rules looking at the traffic.
Egress filtering has always been a crap-shoot that ultimately fails to enhance security in any significant way, while generally being annoying.
I use to find it hard to imagine the type of person who seriously gets excited about each and every single realistic first person shooter that comes out, thinking that it was just the game developers who were out of touch with reality, then more and more I found there was a huge overlapping audience of people who are basically just gun nuts. They get off on the realistic sounds and models based off real fire-arms in games, and that is seriously enough for them to want to play these games.
Speaking for the rest of us gamers, would all you gun nuts please do us a favor and kill yourself? Or stop playing games, you know, whatever.
I'm not sure how the myth that multiple cores can only be used when multitasking got started (maybe those Best Buy commercials saying you can burn a CD and surf the net at the same time with a dual core processor?), but the primary purpose of the entire shift to multiple cores is that most heavy lifting problems in any application where CPU consumption is non-trivial can be broken up into multiple parts which can be digested by multiple threads in the same process.
Also contrary to popular belief is that parallelization is difficult. How many of you have ever written a for loop? Were the results of each iteration of that loop inextricably linked to the previous iteration? Probably not, so learn OpenMP and start writing some parallel software.
The catch 22 here however is that the folks writing the software tend to have a poor idea of what constitutes a one off task, and what users may want to automate. I think Microsoft is getting closer to an ideal solution with their modern products; a full programming language powering the scripting backend, and GUI tools that are actually built directly on top of that scripting back end so you're guaranteed that at least the CLI is a superset of the GUI functionality.
In spite of how complex the notion of cause is in a situation like this, in spite of how completely illogical it is, without someone to blame or punish people will feel very cheated if a robot driver kills or injures a human. At least when a human driver does it we can punish them to appease our human desire for blame.
Installing a keylogger that also does screen captures to "monitor the performance" of their laptops would be like a homebuilder installing secret video cameras all over your house that relay the pictures back to him telling you he needs to "monitor the performance" of the house.
I don't understand why this is tagged 'yay'. What this means is that the world's largest chip maker with partnership from the world's largest software company couldn't get a competing architecture off the ground in any meaningful way. That's not yay, that to me is just a little sad. Sure we have great designs beneath the all the baked-into-silicon legacy x86 translation, but as developers (especially the developers of compilers) we'll never get to see any of it, and we'll never get to reclaim any of that silicon for something more useful either.
I'd say it was at best stupid and at worst extremely irresponsible to build a supercomputer out of Playstation gaming consoles. For as long as CUDA has been around they could've built a significantly more powerful supercomputer with GPUs with more control over the hardware and software and it would've been cheaper. Remember: Even with the OtherOS option the access to the GPU and most of the cell SPEs is disabled, meaning it's extremely crippled, even for the price. Paying for the developer licenses even at a steep discount would've made this a very poor decision.
In addition to the CPU cost and the certificate costs, many web servers (especially when considering this "Whole Web" in TFS) are run using shared hosting. With HTTP 1.1 the requested hostname is included in the request and this allows you to bind websites for multiple domains onto a single IPv4 address all on port 80. This is impossible with SSL since the certificate used for TLS is sent to the client in the initialization of the connection before the GET request, and in order to maintain a validate certificate you need one for each domain.
TLDR you can't bind multiple SSL endpoints for multiple domains onto a single IPv4 address.
Can I have mouse gestures that work on speed dial pages yet? What about an actually workable AdBlock / NoScript? The Chrome plugin API is so neutered that if you can't find the functionality in the (sparse) vanilla product, you're basically SOL for the features you find most valuable because plugin developers couldn't implement them properly even if they wanted to.
I personally can't imagine browsing the Internet without mouse gestures, and that includes the fucking speed dial.
Actually, it says a lot about the browser and operating system that the exploit was able to launch applications and write files to the disk. In a properly secured web browser and operating system neither of those things would have been possible, even if the browser was compromised. The browser should have simply crashed.
I've seen this happen first hand to useful and pertinent information on existing articles.
I authored a patch for a (notable?) SNES game a few years back called Seiken Densetsu 3 that allowed it to be played as 3 player. Many years before that a patch was created to play the game in english. The existing wikipedia article already had a story description as well as character descriptions and things of that nature, as well as information describing the english patch.
Shortly after I released my patch someone (not even me!) added information about it to the wikipedia article for the game, just a short sentence or two with citations linking a notable ROM hacking website with more information. A few weeks later the information was deleted for not being notable. Afterwards in google searches related to my patch I saw lots of forum posts with confused people trying to determine whether or not a patch existed, some saying the information was on Wikipedia, others saying they couldn't find it there.
You should never actually need to empty the recycle bin, ever. You can adjust the size of the recycle bin and Windows will automatically delete the oldest files once the recycle bin is at capacity, allowing you to retrieve recently deleted files you realize you want back. That is the purpose of the recycle bin.
Oh trust me, we were both aware our rights were being violated. We just wanted to get go home without being put on a sex offender list; we pissed off and scared. We knew we didn't do anything wrong, but we knew if we stood up for our rights and went the letter of the law route we'd probably end up going downtown for additional hassle. Such is the state of the system.
My friend and I once decided to go to a fast food restaurant (at the time we were ages 20 and 21). It was raining and my friend didn't have a coat, as a joke we cut up a garbage bag and he put it on, and even though I had a coat I thought it would be goofy if I wore my girlfriend's lab coat. We took a camera to record people's reactions (note what GP said about cameras) which I put in my vest pocket, where it was quite obvious / visible. We stood in line and placed our order, a few people working in the store thought we looked ridiculous and it was funny.
There was a lady in front of us there with her daughter who looked like she was about 15 that suddenly turned around and accused of taping her daughter for sexual purposes. Her daughter was dressed as a whore but obviously that was not our aim; If we were there to make videos of girls we would probably not wear weird costumes to attract attention to ourselves, and we might actually try to hide the camera. I offered to delete all the video we had shot because I understand some people might be uncomfortable being taped without their consent, but she insisted that we had hidden the pornographic material on the camera and that we wouldn't really delete anything. Her husband called the cops and at that point my friend and I figured we should just stay and explain ourselves to them because if we leave it's going to look like we fled, so we sat around and waited for the cops to show up. They eventually showed up and escorted my friend and I to the squad car where we explained our side of the story. After another half hour of waiting while they talked to the insane lady in the restaurant the cop came back and asked to see the camera which I happily handed over and showed him how to retrieve what was on it. Eventually he let us go, and the restaurant banned us for "causing" a disturbance.
Long story short the moral of the story is that it is a crime to 1) Be male and be near girls under 18 2) Do / wear anything weird 3) Be in possession of a camera. Even though we weren't actually arrested or charged with anything we still had to waste a few hours of our day to deal with the incident and suffer the embarrassment of the situation in public just because we were accused.
And what do you think is the reason it is perceived as traumatic only later in life? Could it have anything to do with the insane extremist trauma culture that equates consensual non-violent sexual activity at a young age to the equivalent of watching your mother being decapitated in front of you? It's a self fulfilling prophecy.
For the record I'm not stating that it isn't wrong, but just that the ridiculous and drastic overreactions of modern society to it have gone on long enough.
The people using cryptographic hashes for non-cryptographic purposes are idiots. As an example already cited in above comments the CRC class of hash functions actually makes certain statistical guarantees for the longest run of possible errant bytes in source data and are extremely faster, making them far more suitable for file integrity checks and other similar tasks.
Does git seriously use SHA1 for file integrity verification? Different hashes are for different purposes. The CRC class of hash functions actually makes certain statistical guarantees for the longest run of possible errant bytes in source data and are extremely faster, making them far more suitable for file integrity checks.
Unless I'm missing something why would we ever want performance improvements in a secure hash function? SHA isn't for verifying data, there are superior hashes in that respect with regards to performance and certain statistical guarantees. A secure hash is supposed to have 2 properties: 1) It needs to be irreversible 2) It should be slow so as to reduce the feasibility of brute force attacks.
A very slow hash function that takes maybe 5ms to process would be extremely usable for authentication in practical usage, but almost impossible to run dictionary attacks against. So why is faster better here?
Parent is correct. Additionally, GP talks about QoS being applied to pirated downloads so he can watch Youtube, but ironically what I've noticed is that because P2P traffic is difficult to identify (encryption, random ports) I can have torrents that fly but I can barely watch Youtube because it has been so strongly QoS'd, so people can load plain web pages.
The problem is people asserting they know what the Internet is for, and other rogue uses should be throttled so they can enjoy the Internet for it's intended(tm) purpose.
Why do we keep hearing this word innovation applied in this context? ISPs don't innovate. They carry fucking bits. The innovators are the ones who are doing something useful with those bits, which is ironically what they are trying to prevent.
What offends me is that everyone everyone is just taking it as a given that he did actually rape her. If you RTFA there is no evidence cited other than the accusation made by the girl in her police report, which was filed a full 2 days after the fact. The kid testified the death threats were made in response to the rape allegation, which is obviously stupid and irresponsible and wrong, but can you imagine how mad you would feel if you were falsely accused of rape?
Slashdot Mirror
First of all, what you're saying really only applies to versions of Windows prior to Windows 7 and Server 2008 R2. Open the Windows firewall settings up in one of these operating systems and have a look at it some time. Second, I'm not sure why you think port based firewall rules provide more security than process based rules. You almost assuredly have port 80 outbound open on any desktop computer if you plan on browsing the web, which is great because my malware(tm) only makes outbound connections on port 80, using HTTP so it passes any more complex rules looking at the traffic.
Egress filtering has always been a crap-shoot that ultimately fails to enhance security in any significant way, while generally being annoying.
I use to find it hard to imagine the type of person who seriously gets excited about each and every single realistic first person shooter that comes out, thinking that it was just the game developers who were out of touch with reality, then more and more I found there was a huge overlapping audience of people who are basically just gun nuts. They get off on the realistic sounds and models based off real fire-arms in games, and that is seriously enough for them to want to play these games.
Speaking for the rest of us gamers, would all you gun nuts please do us a favor and kill yourself? Or stop playing games, you know, whatever.
I'm not sure how the myth that multiple cores can only be used when multitasking got started (maybe those Best Buy commercials saying you can burn a CD and surf the net at the same time with a dual core processor?), but the primary purpose of the entire shift to multiple cores is that most heavy lifting problems in any application where CPU consumption is non-trivial can be broken up into multiple parts which can be digested by multiple threads in the same process.
Also contrary to popular belief is that parallelization is difficult. How many of you have ever written a for loop? Were the results of each iteration of that loop inextricably linked to the previous iteration? Probably not, so learn OpenMP and start writing some parallel software.
The catch 22 here however is that the folks writing the software tend to have a poor idea of what constitutes a one off task, and what users may want to automate. I think Microsoft is getting closer to an ideal solution with their modern products; a full programming language powering the scripting backend, and GUI tools that are actually built directly on top of that scripting back end so you're guaranteed that at least the CLI is a superset of the GUI functionality.
In spite of how complex the notion of cause is in a situation like this, in spite of how completely illogical it is, without someone to blame or punish people will feel very cheated if a robot driver kills or injures a human. At least when a human driver does it we can punish them to appease our human desire for blame.
Installing a keylogger that also does screen captures to "monitor the performance" of their laptops would be like a homebuilder installing secret video cameras all over your house that relay the pictures back to him telling you he needs to "monitor the performance" of the house.
I don't understand why this is tagged 'yay'. What this means is that the world's largest chip maker with partnership from the world's largest software company couldn't get a competing architecture off the ground in any meaningful way. That's not yay, that to me is just a little sad. Sure we have great designs beneath the all the baked-into-silicon legacy x86 translation, but as developers (especially the developers of compilers) we'll never get to see any of it, and we'll never get to reclaim any of that silicon for something more useful either.
I'd say it was at best stupid and at worst extremely irresponsible to build a supercomputer out of Playstation gaming consoles. For as long as CUDA has been around they could've built a significantly more powerful supercomputer with GPUs with more control over the hardware and software and it would've been cheaper. Remember: Even with the OtherOS option the access to the GPU and most of the cell SPEs is disabled, meaning it's extremely crippled, even for the price. Paying for the developer licenses even at a steep discount would've made this a very poor decision.
In addition to the CPU cost and the certificate costs, many web servers (especially when considering this "Whole Web" in TFS) are run using shared hosting. With HTTP 1.1 the requested hostname is included in the request and this allows you to bind websites for multiple domains onto a single IPv4 address all on port 80. This is impossible with SSL since the certificate used for TLS is sent to the client in the initialization of the connection before the GET request, and in order to maintain a validate certificate you need one for each domain.
TLDR you can't bind multiple SSL endpoints for multiple domains onto a single IPv4 address.
http://www.romhacking.net/hacks/179/
Can I have mouse gestures that work on speed dial pages yet? What about an actually workable AdBlock / NoScript? The Chrome plugin API is so neutered that if you can't find the functionality in the (sparse) vanilla product, you're basically SOL for the features you find most valuable because plugin developers couldn't implement them properly even if they wanted to.
I personally can't imagine browsing the Internet without mouse gestures, and that includes the fucking speed dial.
Actually, it says a lot about the browser and operating system that the exploit was able to launch applications and write files to the disk. In a properly secured web browser and operating system neither of those things would have been possible, even if the browser was compromised. The browser should have simply crashed.
I've seen this happen first hand to useful and pertinent information on existing articles.
I authored a patch for a (notable?) SNES game a few years back called Seiken Densetsu 3 that allowed it to be played as 3 player. Many years before that a patch was created to play the game in english. The existing wikipedia article already had a story description as well as character descriptions and things of that nature, as well as information describing the english patch.
Shortly after I released my patch someone (not even me!) added information about it to the wikipedia article for the game, just a short sentence or two with citations linking a notable ROM hacking website with more information. A few weeks later the information was deleted for not being notable. Afterwards in google searches related to my patch I saw lots of forum posts with confused people trying to determine whether or not a patch existed, some saying the information was on Wikipedia, others saying they couldn't find it there.
You should never actually need to empty the recycle bin, ever. You can adjust the size of the recycle bin and Windows will automatically delete the oldest files once the recycle bin is at capacity, allowing you to retrieve recently deleted files you realize you want back. That is the purpose of the recycle bin.
Because you're supposed to pay for their kids.
In Canada we go to work AND return in the dark for almost half the year, even with DST.
Oh trust me, we were both aware our rights were being violated. We just wanted to get go home without being put on a sex offender list; we pissed off and scared. We knew we didn't do anything wrong, but we knew if we stood up for our rights and went the letter of the law route we'd probably end up going downtown for additional hassle. Such is the state of the system.
My friend and I once decided to go to a fast food restaurant (at the time we were ages 20 and 21). It was raining and my friend didn't have a coat, as a joke we cut up a garbage bag and he put it on, and even though I had a coat I thought it would be goofy if I wore my girlfriend's lab coat. We took a camera to record people's reactions (note what GP said about cameras) which I put in my vest pocket, where it was quite obvious / visible. We stood in line and placed our order, a few people working in the store thought we looked ridiculous and it was funny.
There was a lady in front of us there with her daughter who looked like she was about 15 that suddenly turned around and accused of taping her daughter for sexual purposes. Her daughter was dressed as a whore but obviously that was not our aim; If we were there to make videos of girls we would probably not wear weird costumes to attract attention to ourselves, and we might actually try to hide the camera. I offered to delete all the video we had shot because I understand some people might be uncomfortable being taped without their consent, but she insisted that we had hidden the pornographic material on the camera and that we wouldn't really delete anything. Her husband called the cops and at that point my friend and I figured we should just stay and explain ourselves to them because if we leave it's going to look like we fled, so we sat around and waited for the cops to show up. They eventually showed up and escorted my friend and I to the squad car where we explained our side of the story. After another half hour of waiting while they talked to the insane lady in the restaurant the cop came back and asked to see the camera which I happily handed over and showed him how to retrieve what was on it. Eventually he let us go, and the restaurant banned us for "causing" a disturbance.
Long story short the moral of the story is that it is a crime to 1) Be male and be near girls under 18 2) Do / wear anything weird 3) Be in possession of a camera. Even though we weren't actually arrested or charged with anything we still had to waste a few hours of our day to deal with the incident and suffer the embarrassment of the situation in public just because we were accused.
And what do you think is the reason it is perceived as traumatic only later in life? Could it have anything to do with the insane extremist trauma culture that equates consensual non-violent sexual activity at a young age to the equivalent of watching your mother being decapitated in front of you? It's a self fulfilling prophecy.
For the record I'm not stating that it isn't wrong, but just that the ridiculous and drastic overreactions of modern society to it have gone on long enough.
The people using cryptographic hashes for non-cryptographic purposes are idiots. As an example already cited in above comments the CRC class of hash functions actually makes certain statistical guarantees for the longest run of possible errant bytes in source data and are extremely faster, making them far more suitable for file integrity checks and other similar tasks.
Does git seriously use SHA1 for file integrity verification? Different hashes are for different purposes. The CRC class of hash functions actually makes certain statistical guarantees for the longest run of possible errant bytes in source data and are extremely faster, making them far more suitable for file integrity checks.
Unless I'm missing something why would we ever want performance improvements in a secure hash function? SHA isn't for verifying data, there are superior hashes in that respect with regards to performance and certain statistical guarantees. A secure hash is supposed to have 2 properties: 1) It needs to be irreversible 2) It should be slow so as to reduce the feasibility of brute force attacks.
A very slow hash function that takes maybe 5ms to process would be extremely usable for authentication in practical usage, but almost impossible to run dictionary attacks against. So why is faster better here?
Parent is correct. Additionally, GP talks about QoS being applied to pirated downloads so he can watch Youtube, but ironically what I've noticed is that because P2P traffic is difficult to identify (encryption, random ports) I can have torrents that fly but I can barely watch Youtube because it has been so strongly QoS'd, so people can load plain web pages.
The problem is people asserting they know what the Internet is for, and other rogue uses should be throttled so they can enjoy the Internet for it's intended(tm) purpose.
Why do we keep hearing this word innovation applied in this context? ISPs don't innovate. They carry fucking bits. The innovators are the ones who are doing something useful with those bits, which is ironically what they are trying to prevent.
What offends me is that everyone everyone is just taking it as a given that he did actually rape her. If you RTFA there is no evidence cited other than the accusation made by the girl in her police report, which was filed a full 2 days after the fact. The kid testified the death threats were made in response to the rape allegation, which is obviously stupid and irresponsible and wrong, but can you imagine how mad you would feel if you were falsely accused of rape?