Adobe is very smart about this. It's based on TIFF, so it's a pretty easy to read standard as there are a lot of libraries to read TIFF, leaving the only hard part being the processing of the pixel data.
They're also being smart by making the format open; the full specification is available for download and Adobe guaranteeing anyone the right to make a royalty free implimentation. Adobe is smart enough to realize that an open format isn't going to destroy their market dominance- the openness of PDF certainly hasn't done so- but it will help to reduce their costs. A well defined standard also reduces the worry that old photos will be trapped in unreadable proprietary formats. I think that it has the potential to be a big win for everyone.
And not to mention some SUVs have the spare underneath the rear floor.. exposed to the elements..grubby, heavy, dirty.
So keep a pair of work gloves in the trunk next to the emergency equipment. They'll also protect your knuckles from getting skinned if your hand slips off the lug wrench, and you can get a usable pair for about $2.
My SUV has it inside the trunk floor, but still, a 17-inch wheel on an SUV tire is heavy...and my commuter car has 18-inch wheels on 255/40R-18 tires..not lightweight at all..
Sounds like one more argument in favor of buying the smallest car that will fit your needs. Not only do they get better gas mileage and fit into smaller parking spaces, they have smaller, easier to change tires. I suppose that alloy wheels- which are designed to keep weight down for completely different reasons- would also help, here.
I'd be willing to bet that even most computer geeks / power users dont have that kind of intimate knowledge about their CPU's.
I would roughly equate knowing an engine's displacement and layout to knowing the cycle speed of a processor; both give you substantial but incomplete information about its power. Horsepower is more like knowing how your computer performs on processor-bound benchmarks (with understanding the limits of the benchmark corresponding to knowing the difference between different ways of measuring horsepower), while 0-60 times are more like a Quake 3 refresh-rate test.
(FWIW, my car has a 1.6 liter, SOHC 16 valve inline-4 with a fairly accurate manufacturer's rating of 117 HP SAE net.)
To stick with the car analogy, I'd say it's more like buying a car without any idea of how to drive it, and refusing to learn how.
Buying a computer without knowing the processor speed is a lot more like buying a car without knowing the displacement or power of the engine. (Quick! How much power does your car's engine produce? Is that SAE net or gross? Is that measured on a dynamometer or a manufacturer's number, and if the latter is your manufacturer optimistic or conservative in rating its engines?) Most people don't really know the answer to that question, certainly not at the level of knowing the true output of the engine rather than what the manufacturer tells them.
The reason is that it isn't really important. What people really want to know is whether their car has acceptable pickup and if it will be able to haul or tow the amount of stuff that they usually want to carry. Of course, that's why car manufacturers try to provide people with performance numbers, like 0-60 time and maximum towing capacity, as well as raw horsepower. It's not unreasonable for computer users to want similar performance reviews instead of context-free numbers. Knowing that a computer can run normal office software and older games but will have trouble with video editing and Doom 3 is much more useful than being told it has an AthlonXP1700 and a GeForce 2, just as knowing that a truck will go 0-60 in 9.3 seconds and can tow up to 2500 pounds is more useful than knowing that it has 250 horsepower.
You need to know CPU model and speed (because cycles per second ain't enough); system memory; type and speed, FSB speed; HD interface and speed (including burst and sustained); HD size, speed (burst and sustained), latency, cache; video adapter model, speed and memory size.... I think you get my point.
And I think that you miss an important point. You mention that the GHz speed of the processor isn't enough to know its true speed. The same is obviously true of the video card, possibly the memory, etc. In order to establish a level system, you'll need to devise some kind of translation of these factors into a single number. That process is deeply problematic.
Take the issue of processor speed, for instance. You have two choices for deciding the level of a given processor; you can make a reasonable guess based on its stats, or you can set up some kind of a benchmark. Guessing is obviously going to suffer from all kinds of problems with subjectivity, so the most likely answer it to create some kind of benchmark. But creating the benchmark is going to be subject to all kinds of pressure from processor manufacturers. Intel will want to set up the benchmark in a way that favors their processors over AMD's, and AMD will want to do the reverse. Once the benchmark is settled on, manufacturers will start designing processors to the benchmark rather than to real world standards, and it will be very hard to avoid this problem by changing the benchmarkings because that would screw up the levels of existing systems. Now multiply this by every different component and you're sure to have a mess.
On top of the benchmarks for the individual components, you're likely to have systems integration issues. Each level will have a minimum standard for each component, but deciding on those standards will be another issue. Each component maker will want to bias the standards to emphasize their component, so that processor manufacturers will want a higher ratio of processor power to memory size than memory makers will. Even if the standards are set by a supposedly neutral third party, like a coalition of complete system retailers (i.e. Dell, IBM, etc) that group will be subject to pressure from the interested parties.
I mean, once you have a 40 gig player, I can't imagine needing much more.
That may or may not be true. You can argue that 40 GB is more than you need because you'll never be able to play that much on a single charge. OTOH, there are definite advantages to having your entire collection on a single player (like being able to keep and play from the whole thing without moving files on and off the player) and there are plenty of people with more than 40 GB of files. You could put a plausible upper bound on reasonable size- like enough to store an entire lifetime worth of audio- but 40 GB isn't there yet.
Re:Once again, I must complain about fonts
on
GNOME 2.8 Released
·
· Score: 2, Informative
The X is wider than the other character. Compare to the characters in the "File" menu, which are for some reason extremely thin!
Shock! Horror! They're using a proportional width font that makes characters like 'i' and 'l' look narrower than 'X' or 'W'! You might also want to double check that you're looking at the picture at full resolution. If you open it in a Gecko-based browser like Mozilla or Firefox, the image will default to being scaled to your browser window, and scaling a picture of a font tends to make it look awful. I think that the fonts look fine when looking at the image at full scale, though others are obviously free to disagree.
A really bad one could be almost unbelieveably nasty. Try reading about Warhol Worms, and then think about one with a destructive payload that targeted a zero day Windows vulnerability. A worm like that could take down a substantial fraction of the world's computers before anyone realized that there was a problem. A more subtle threat- like a slow worm that caused subtle data corruption- might be able to mess things up pretty badly before being wiped out, too.
Perhaps you should learn a lesson from this: read everything before you do anything. It isn't necessarily just a question how long the recipie takes, either. Sometimes a recipie will call for a tool or pan that you don't have and can't improvise easily. Sometimes you'll have to time things so that two subcomponents of a recipie come are finished at the same time. Just remember that you should know the whole recipie before starting and you'll save yourself a world of grief.
You don't really need to know where the link points to see which ones are fraudulent. You only need one simple rule- if they ask you to follow a link and fill in your information, it's a scam. The legitimate emails all either ask you to open up a browser and connect to the web site normally, or they provide a link that is informational only. I also thought that it was interesting that all of the text-only emails were legitimate, since phishers depend on html tricks to hide the fact that their links are fake.
It followed the proper security procedures involving the use of a login name, password, and bank account number.
No. It didn't follow the proper security procedures. It followed its choice of security procedures. The success of this kind of phishing scam is evidence that those security procedures are not proper; they're inadequate because they're so easily defeated with a bit of social engineering. The bank needs to design a better security system- one that uses a time-dependent smart card, for instance- so that phishing doesn't work.
Somehow disturbing to hear that US-American pupils are now practically prohibited from analysing and discussing those books under the guidance of a teacher.
It would be disturbing if that were what this list is, but it isn't. It's actually a list of books that people are trying to ban, not a list of the ones they've succeeded in banning, and part of the way that a book gets onto the list is by being so widely used that there are many opportunities to challenge it. It's also important to remember that the list is based on fewer than 7000 challenges over a 10 year span, so a book can make the top 100 if it was challenged fewer than 10 times per year in the whole country.
If you're really paranoid, public key crypto is probably a better bet for your email than 1-time-pad. With public key crypto, the weakest link is the mathematics behind the cypher. With a one time pad, it's the security of the pad. Even the NSA would probably have an easier time stealing your correspondant's pad or "persuading" him to turn it over than they would cracking a decent public key cryptosystem.
I have no real problem with companies being subject to tighter restrictions. However, these restrictions shouldn't be too sweeping. If I send an e-mail to my friend using my Work's e-mail address the government should not be allowed to view that e-mail without a warrant.
There are several things to keep in mind. One is that a warrant would probably be required even if there's already a law mandating minimum record retention time. Law enforcement might try to wriggle around warrant requirements for personal emails recorded on business servers on the grounds that there was no expectation of privacy, but that's just an argument in favor of separating business and private correspondance. If you're worried about the government reading your mail, you really ought to take some steps to make it hard to read.
Another point is that this is far more likely to be applied to civil than criminal law. A typical business is sued by a competitor, supplier, or customer much more often than it is to be criminally investigated. Rules that make lawsuits easier are something of a double-edged sword, but my gut feeling is these rules are likely to be good overall. People who want to launch frivolous and harassing lawsuits don't really care how easy their suits are to win on the evidence, so lack of records won't stop them. OTOH, companies that are contemplating doing something wrong might think twice if they are legally required to retain incriminating documents and could be sanctioned if they're destroyed.
Finally, these rules are also likely to be aimed at government, which is definitely a good thing. Democracy depends on accountability, and accountability depends on access to information. I definitely want strong rules to prevent officials from destroying the records of how they reached their decisions. Doing otherwise is asking for trouble.
I suspect that learning typing formally is also important because of problems with repetitive stress injuries. I remember that one of the most important things that I learned in typing class was the proper way to hold my hands when typing. When I hold them the way that I was taught in typing class I can keep at it for a long time without problems, but my wrists will start hurting if I don't. I wouldn't be at all surprised to discover that most of the people who wind up with RSI from typing are self taught.
The American supercomputer industry has gone from innovator to an assembly operation.
So what? The supercomputer industry doesn't exist out of an abstract idea that supercomputers are a good thing. It exists because there's a market for supercomputers. If there is, great; the supercomputer companies should be able to keep in business- and keep innovating- by selling to it. If there isn't, then there's no point in keeping the business afloat artificially out of an abstract idea of protecting American innovation. Companies with a market for their products live. Companies without a market for their product die. That's the way that a free market works.
Believe it or not, they do have an "incomplete" visit to the site here. The only reason that it's incomplete is that the visitor didn't take the requisite 6 photographs. He did include a picture of his GPS at that location, though. Another person has asked for permission to visit, which seems like a reasonable approach to the problem.
This can be easily defeated by hacking the 1Ds's firmware. The private key and algorithm used for signing are most likely encoded within the firmware (easy to understand - this camera uses an embedded PowerPC control processor), rather than on a specialized crypto chip. Just pull out the algorithm and key, resign your CRW files and they're authentic.
It looks as though the function isn't (completely) built into the camera itself; it requires an external card to do some part of the signing. Your fundamental objection stands, though. As long as the system doing the signing is in the hands of the would-be forgers, it is vulnerable to being hacked.
I think that what this really shows is that signing has limits. You can create a perfect, tamper-proof signing system for your camera, but it can only prove that the image hasn't changed after leaving the camera. The system can't tell if the image coming through the lens is genuine. It will sign a picture of a printed version of a manipulated image as readily as it will sign the original, unmodified version.
In a modern court, the defense doesn't have to prove that you've doctored the picture.
Which is only relevant if the faked photograph is being used by the prosecution in a criminal case. There are plenty of other uses for faked photographs. Somebody might want to defame somebody they don't like (like the faked picture of John Kerry standing next to Jane Fonda at an anti-war rally) or manipulate the public into supporting some cause that they otherwise wouldn't accept. In a situation like that, it would be up to the people who disagree with the manipulator to prove that the photo is a fake, and it's quite likely that the only court that would matter is the court of public opinion, which doesn't have such neat and tidy rules.
I strongly suspect that the solution will be some sort of hardware image signing, rather than after-the-fact examination. Canon already offers a Data Verification Kit for their superb EOS 1-DS digital SLR. They don't give too many details, but my guess is that they can attach a cryptographically signed hash of the image data into the file header so that it's possible to confirm the integrity of the data later. Since the EOS 1-Ds can only save data in raw and JPEG formats, and since this doesn't make sense for raw data (which has to be processed to be turned into a viewable image) it seems likely that they have this working with JPEGs.
Slashdot Mirror
They're also being smart by making the format open; the full specification is available for download and Adobe guaranteeing anyone the right to make a royalty free implimentation. Adobe is smart enough to realize that an open format isn't going to destroy their market dominance- the openness of PDF certainly hasn't done so- but it will help to reduce their costs. A well defined standard also reduces the worry that old photos will be trapped in unreadable proprietary formats. I think that it has the potential to be a big win for everyone.
So keep a pair of work gloves in the trunk next to the emergency equipment. They'll also protect your knuckles from getting skinned if your hand slips off the lug wrench, and you can get a usable pair for about $2.
Sounds like one more argument in favor of buying the smallest car that will fit your needs. Not only do they get better gas mileage and fit into smaller parking spaces, they have smaller, easier to change tires. I suppose that alloy wheels- which are designed to keep weight down for completely different reasons- would also help, here.
I would roughly equate knowing an engine's displacement and layout to knowing the cycle speed of a processor; both give you substantial but incomplete information about its power. Horsepower is more like knowing how your computer performs on processor-bound benchmarks (with understanding the limits of the benchmark corresponding to knowing the difference between different ways of measuring horsepower), while 0-60 times are more like a Quake 3 refresh-rate test.
(FWIW, my car has a 1.6 liter, SOHC 16 valve inline-4 with a fairly accurate manufacturer's rating of 117 HP SAE net.)
Buying a computer without knowing the processor speed is a lot more like buying a car without knowing the displacement or power of the engine. (Quick! How much power does your car's engine produce? Is that SAE net or gross? Is that measured on a dynamometer or a manufacturer's number, and if the latter is your manufacturer optimistic or conservative in rating its engines?) Most people don't really know the answer to that question, certainly not at the level of knowing the true output of the engine rather than what the manufacturer tells them.
The reason is that it isn't really important. What people really want to know is whether their car has acceptable pickup and if it will be able to haul or tow the amount of stuff that they usually want to carry. Of course, that's why car manufacturers try to provide people with performance numbers, like 0-60 time and maximum towing capacity, as well as raw horsepower. It's not unreasonable for computer users to want similar performance reviews instead of context-free numbers. Knowing that a computer can run normal office software and older games but will have trouble with video editing and Doom 3 is much more useful than being told it has an AthlonXP1700 and a GeForce 2, just as knowing that a truck will go 0-60 in 9.3 seconds and can tow up to 2500 pounds is more useful than knowing that it has 250 horsepower.
And I think that you miss an important point. You mention that the GHz speed of the processor isn't enough to know its true speed. The same is obviously true of the video card, possibly the memory, etc. In order to establish a level system, you'll need to devise some kind of translation of these factors into a single number. That process is deeply problematic.
Take the issue of processor speed, for instance. You have two choices for deciding the level of a given processor; you can make a reasonable guess based on its stats, or you can set up some kind of a benchmark. Guessing is obviously going to suffer from all kinds of problems with subjectivity, so the most likely answer it to create some kind of benchmark. But creating the benchmark is going to be subject to all kinds of pressure from processor manufacturers. Intel will want to set up the benchmark in a way that favors their processors over AMD's, and AMD will want to do the reverse. Once the benchmark is settled on, manufacturers will start designing processors to the benchmark rather than to real world standards, and it will be very hard to avoid this problem by changing the benchmarkings because that would screw up the levels of existing systems. Now multiply this by every different component and you're sure to have a mess.
On top of the benchmarks for the individual components, you're likely to have systems integration issues. Each level will have a minimum standard for each component, but deciding on those standards will be another issue. Each component maker will want to bias the standards to emphasize their component, so that processor manufacturers will want a higher ratio of processor power to memory size than memory makers will. Even if the standards are set by a supposedly neutral third party, like a coalition of complete system retailers (i.e. Dell, IBM, etc) that group will be subject to pressure from the interested parties.
You got the acronym wrong. It's "EMACS Makes A Computer Slow". HTH.
That may or may not be true. You can argue that 40 GB is more than you need because you'll never be able to play that much on a single charge. OTOH, there are definite advantages to having your entire collection on a single player (like being able to keep and play from the whole thing without moving files on and off the player) and there are plenty of people with more than 40 GB of files. You could put a plausible upper bound on reasonable size- like enough to store an entire lifetime worth of audio- but 40 GB isn't there yet.
Shock! Horror! They're using a proportional width font that makes characters like 'i' and 'l' look narrower than 'X' or 'W'! You might also want to double check that you're looking at the picture at full resolution. If you open it in a Gecko-based browser like Mozilla or Firefox, the image will default to being scaled to your browser window, and scaling a picture of a font tends to make it look awful. I think that the fonts look fine when looking at the image at full scale, though others are obviously free to disagree.
A really bad one could be almost unbelieveably nasty. Try reading about Warhol Worms, and then think about one with a destructive payload that targeted a zero day Windows vulnerability. A worm like that could take down a substantial fraction of the world's computers before anyone realized that there was a problem. A more subtle threat- like a slow worm that caused subtle data corruption- might be able to mess things up pretty badly before being wiped out, too.
Perhaps you should learn a lesson from this: read everything before you do anything. It isn't necessarily just a question how long the recipie takes, either. Sometimes a recipie will call for a tool or pan that you don't have and can't improvise easily. Sometimes you'll have to time things so that two subcomponents of a recipie come are finished at the same time. Just remember that you should know the whole recipie before starting and you'll save yourself a world of grief.
You don't really need to know where the link points to see which ones are fraudulent. You only need one simple rule- if they ask you to follow a link and fill in your information, it's a scam. The legitimate emails all either ask you to open up a browser and connect to the web site normally, or they provide a link that is informational only. I also thought that it was interesting that all of the text-only emails were legitimate, since phishers depend on html tricks to hide the fact that their links are fake.
No. It didn't follow the proper security procedures. It followed its choice of security procedures. The success of this kind of phishing scam is evidence that those security procedures are not proper; they're inadequate because they're so easily defeated with a bit of social engineering. The bank needs to design a better security system- one that uses a time-dependent smart card, for instance- so that phishing doesn't work.
To write intelligible code in Perl you just have to follow a few basic rules, most of which are not Perl specific:
If you follow these rules, you'll be surprised at how readable your code becomes.
It would be disturbing if that were what this list is, but it isn't. It's actually a list of books that people are trying to ban, not a list of the ones they've succeeded in banning, and part of the way that a book gets onto the list is by being so widely used that there are many opportunities to challenge it. It's also important to remember that the list is based on fewer than 7000 challenges over a 10 year span, so a book can make the top 100 if it was challenged fewer than 10 times per year in the whole country.
If you're really paranoid, public key crypto is probably a better bet for your email than 1-time-pad. With public key crypto, the weakest link is the mathematics behind the cypher. With a one time pad, it's the security of the pad. Even the NSA would probably have an easier time stealing your correspondant's pad or "persuading" him to turn it over than they would cracking a decent public key cryptosystem.
There are several things to keep in mind. One is that a warrant would probably be required even if there's already a law mandating minimum record retention time. Law enforcement might try to wriggle around warrant requirements for personal emails recorded on business servers on the grounds that there was no expectation of privacy, but that's just an argument in favor of separating business and private correspondance. If you're worried about the government reading your mail, you really ought to take some steps to make it hard to read.
Another point is that this is far more likely to be applied to civil than criminal law. A typical business is sued by a competitor, supplier, or customer much more often than it is to be criminally investigated. Rules that make lawsuits easier are something of a double-edged sword, but my gut feeling is these rules are likely to be good overall. People who want to launch frivolous and harassing lawsuits don't really care how easy their suits are to win on the evidence, so lack of records won't stop them. OTOH, companies that are contemplating doing something wrong might think twice if they are legally required to retain incriminating documents and could be sanctioned if they're destroyed.
Finally, these rules are also likely to be aimed at government, which is definitely a good thing. Democracy depends on accountability, and accountability depends on access to information. I definitely want strong rules to prevent officials from destroying the records of how they reached their decisions. Doing otherwise is asking for trouble.
Or, if you spell it backwards, Driver Returns On Foot.
I suspect that learning typing formally is also important because of problems with repetitive stress injuries. I remember that one of the most important things that I learned in typing class was the proper way to hold my hands when typing. When I hold them the way that I was taught in typing class I can keep at it for a long time without problems, but my wrists will start hurting if I don't. I wouldn't be at all surprised to discover that most of the people who wind up with RSI from typing are self taught.
How about bend, fold, spindle, or staple?
They trust IBM, of course. But do bear in mind that what they get is (gasp) a cluster of IBM macines running Linux, not an exotic vector computer.
So what? The supercomputer industry doesn't exist out of an abstract idea that supercomputers are a good thing. It exists because there's a market for supercomputers. If there is, great; the supercomputer companies should be able to keep in business- and keep innovating- by selling to it. If there isn't, then there's no point in keeping the business afloat artificially out of an abstract idea of protecting American innovation. Companies with a market for their products live. Companies without a market for their product die. That's the way that a free market works.
Believe it or not, they do have an "incomplete" visit to the site here. The only reason that it's incomplete is that the visitor didn't take the requisite 6 photographs. He did include a picture of his GPS at that location, though. Another person has asked for permission to visit, which seems like a reasonable approach to the problem.
It looks as though the function isn't (completely) built into the camera itself; it requires an external card to do some part of the signing. Your fundamental objection stands, though. As long as the system doing the signing is in the hands of the would-be forgers, it is vulnerable to being hacked.
I think that what this really shows is that signing has limits. You can create a perfect, tamper-proof signing system for your camera, but it can only prove that the image hasn't changed after leaving the camera. The system can't tell if the image coming through the lens is genuine. It will sign a picture of a printed version of a manipulated image as readily as it will sign the original, unmodified version.
Which is only relevant if the faked photograph is being used by the prosecution in a criminal case. There are plenty of other uses for faked photographs. Somebody might want to defame somebody they don't like (like the faked picture of John Kerry standing next to Jane Fonda at an anti-war rally) or manipulate the public into supporting some cause that they otherwise wouldn't accept. In a situation like that, it would be up to the people who disagree with the manipulator to prove that the photo is a fake, and it's quite likely that the only court that would matter is the court of public opinion, which doesn't have such neat and tidy rules.
I strongly suspect that the solution will be some sort of hardware image signing, rather than after-the-fact examination. Canon already offers a Data Verification Kit for their superb EOS 1-DS digital SLR. They don't give too many details, but my guess is that they can attach a cryptographically signed hash of the image data into the file header so that it's possible to confirm the integrity of the data later. Since the EOS 1-Ds can only save data in raw and JPEG formats, and since this doesn't make sense for raw data (which has to be processed to be turned into a viewable image) it seems likely that they have this working with JPEGs.