"Doel, Tihange remain: Electrabel radiates, the citizen pays"
"The campaign manager of Greenpeace Energy, complains that the federal government (Michel I) failed, and will force obsolete nuclear plants to remain open.This choice creates new power shortages, it makes a transition to renewable energy impossible and offers Electrabel more profiteering that will be paid by the taxpayer. "
Mr Eloi names the Belgian minister of the Interior "Nuclear Ali". And given the state of the reactors, I fear this will turn out to be more accurate than intended. IMHO is it more to the point, already today, than the orginal nickname he's referring to.
> It is alleged that releasing the study would hamper the drive to > harmonize safety standards as part of the Transatlantic Trade > and Investment Partnership (TTIP) deal.
It is a moot point, since we will not allow TTIP to happen, and will not respect it if it does happen, and will sabotage it with everything we have, at every point, if it is forced down our throats:
I remember new year's eve Y2K, and everyone expecting blackouts, etc.. and me driving around with an X10 wireless remote, sending random commands to sequential channels. People's lights went on and off, burglar alarms (dis)armed themselves, garage doors opened, sprinklers sprinkled water onto the cold pavement (with great ice potential). People panicked. X10 had no notion of authentication. Probably still hasn't.
Now, I had to drive around, because I was using a commercial-grade transmitter, my range and impact were limited.
Now, Imagine that kind of attitude, but with everything just a few network hops away, no range limits, and with the Invisible Hand clearly not having spanked the market into having a clue.
Image a person less mature than me and that same kind of attitude, today. Or several thousands of them. Spread over the globe.
I can image the havoc, I'm having trouble imagining the useful applications.. A matter of age? I'm not near to connecting stuff I don't have to.
Imagine what would happen if the Silons attacked, also.
That these judges were required to show "loyalty" to their government by walking out, instead of asserting the independence of the judiciary - a basic requirement for a democracy that takes itself seriously - exposes, in my view, much about the sorry state of the United Kingdom. And it looks like it's the same everywhere I look..
Bewigged Fools! You of all people should know better!
That's another thing I will never understand: Back in the days (1998), we used an Object Store (*nix version of NeoAccess, in our case)
http://www.hephy.at/user/stamf..... because we bascially thought RDB would be over by the turn of the century, and good riddance. We were extremely happy with the results. These site ran on minimal hardware (as we couldn't afford anything else in the data center), and flew, as compared to the competition (and anything else we'd ever done on that scale and online before).
In the following years it turned out everyone else insisted on keeping SQL around, and so we had to turn to manual SQL wrapping again (we created code generators, because it's too error-prone and boring to do manually) until ORM came around, which IMHO is a totally ass-backward way of dealing with a DB from an OO point-of-view. Also, clients demanded that we run stuff in J2EE containers and hence, that we write it in Java, which I still consider to have been a marketing exercise by Sun Microsystems to obtain more broad meaning for their ailing Spark CPU line (Java has always ran suspiciously better on *nix than any other platform). Little did they count on GNU/Linux taking over the server universe. We did go Java, but never liked it, and still consider it the result of brainwashing, and don't understand the need for all those extra layers. There is not one thing that the container does that the OS cannot do better, except packaging, and ever there, J2EE is "write once, debug everywhere" in the field and therefore of little real help. Since then, other enviroments and languages came along, all with their strengths and weaknessess, but all with a common goal, from my POV, which is to make development more abstract, less error-prone, more specialized, easier to package and deploy etc.. and to take up a lot of extra CPU power and memory. I don't believe in making development easier: It resulted in the extremely dangerous monsters that are online, written in PHP by good-intentioned dilattantes with an excellent grasp of their fields but with little development skills. Same in Java, same in Python, same in Ruby.. While these are all interesting languages with interesting frameworks, they do not, IMHO contribute anyhting new except runtime inefficiency, and some extra layers to make debugging harder.
Moore's law saved our bacons, there, because as time progressed, everything became more inefficient, but everyone had bigger CPU's and a lot of RAM to be able to keep up.
So you see, for me, the current situation with the traction of NoSQL and the immense opportunily (and necessity, IMHO) to make the server-side efficient and lean again (power is now a major cost in the data center, vs bandwidth) is really a lot of "back to the future".
Javascript on the server-side is total bollocks. Now that the client has gone smart again, because the browser *is* the client-side env, therefore Javascript has clearly won as *the* client-side language, and this means the server may become lean and mean again, because it can dispense with all the GUI, HTML, etc.. nonsense. And that means it can be done in real programming languages again. The kind where mistakes will cause a crash, not just inefficiency, unreliability and an entire generation of ops that think "just restart" is "normal". Which means that bad developers are filtered out, not saved by a nanny language and environment. Which means there will be less, but far better developers. And good developers can make good code in any language. Whatever I may have said and thought about JS in the past decade or so, I changed my mind since owning Crockford's "Javascript: The Good Parts". ON THE CLIENT SIDE, that is. I have never like anything but C(++), on the server side, and experiencing J2EE Containers, PHP, RubyOnRails, and various python frameworks there has only entrenched me more into thinking there is not one among them that I ended up respecting. If I could do a full e-commerce solution in serverside C++ in 1998, and get excellent performance from the cheap boxen of that time, imagine what you could do today by doing it right, on the server-side, by not wasting CPU cycles on another interpretative layer and letting some dumb algorithm mis-handle your memory management for you.
I believe the correct message to send would be for backers to retreat en masse and generally boycott this project. They could always come back when a more sane plan is announced.
While this is a sad development in itself, we can also take it as a great opportunity to create awareness around the many dangers of DRM: A general boycott now would, IMHO, get press attention and make a clear statement to media companies that buyers are sick and tired of being treated like farm animals./. can make it happen!
Agree with this one. It regularly happens to me, as well. I mean, I can sort of live with messages from people using Windows containing some sort of elongated lowercase j where, I learned years ago, they had inserted a smiley face and mistakenly assumed that this would be universally seen as such, but it's a whole different game where we're trying to be compact and logical, by using certain symbols such as brackets etc.. only to find one's correspondent is puzzled by the emotions conveyed by some round-headed Simpsons faces rendered by their email clients instead of what we meant. Not to mention the shame of apparently unpaired brackets.. Sorry for the long sentences: I'm in a hurry..
> Or are you suggesting the world should be ASCII only?
I agree that we should make sure that our legacy of >5000 years of written language can be represented using whatever means of communications are currently in vogue. This is covered by Unicode/UTF. Great, so far.
However, I'm also suggesting that during those 5000+ years of written, and what is probably about a million years of spoken language, we have developed words, some of which express emotional state and attitude, inperfectly, of course, but please refer to the Great Poets in any culture. It can be done, and it has been done exquisitely by some.
Humans have been struggling to express their emotions in words, for millenia, and we're making progress.. Therefore, I loathe seeing all those subtle possibilities of expression replaced by a small subset of visual babytalk, taking us back to the level of grunting and shrieking, basically.
Bottom line of what I'm trying to say is: There are plenty of baby-faces in the standards already. If some group (you mention the Japanese) want to occasionally forego their magnificent written culture and make baby-faces at each other: why not: The technology is already there and they have been known to do far crazier things over there. What I don't think we need is to *standardise* some visual NewSpeak to dumb down *everyone's* communications.
> What about all those BBS/ANSI characters from zillions of documents from the 80s? Yeah, what about them? They can all be represented. What's your point? I've been using:-) and:-( and ~%-} and such for decades. They're no replacement for the appropriate choice of words! There's no reason to formalise them!
Oh speaking of which, I confess to sneaking in control characters on BBS chat systems, I also confess to sneaking in UTF symbols into XMPP chat systems (my nick "had 5 stars"). That was cute for all of 30 minutes. Today, when I see that email that despairs of it's own lack of contents by using some graphical UTF-8 in the Subject:, I have pity on the author (but not on the message itself).
Oh great, more tiny pictures chosen by some arbitrary process, so that everyone's expression becomes more the same and more like the plastic people in soap operas, and even less language proficiency. A whole generation of TV-watchers and Social Media Addicts already talks that way, and now we want to have symbols so we can express THAT more efficiently in WRITING? Exactly what we need..
I make me don't want Net Neutrality after all. I'm now willing to pay for an Internet fast lane that requires an IQ test.
> Whoa - And the dastardly RIGHT-WING controlled media has covered it ALLLL up!!!!
No, the companies are. I've been corrected, in an earlier reply, on the fact that there are many real trade secrets involved in fracking. But that was not my point in the first place. And yes, the environmental and health issues surrounding fracking have been widely covered up. They must have been, or I would expect noone would tolerate fracking, anywhere!
Now about "right-wing" and "left-wing" those are just what I call "pro wrestling" terms: They are intended to give the illusion of choice, but in the industrialised world today, those wings are often both attached to the same fuselage, forming one plane, and piloted by one group.
> It's important to point out that McCarthy was right - there really were Communists in the State Department.
I'm sure there were. But am I reading correctly that you are reducing the whole phenomenon to "communists in the state department"???
So.. if the entire McCarthy era red scare witch hunt was really just about "communists in the state department", I'm curious to hear how you would describe the extermination camps of WW2, for example.
> Some conservatives regard the term as inappropriate and deprecate > what they say are myths created about McCarthy. (en.wikipedia.org/wiki/McCarthyism)
> You don't know what you're talking about. That is an understatement: I don't know the ins and outs of petrochemical processes, at all. But that was not my point and I apologize for not making it clearer. My point was that I consider ANY investment in fossil fuels, of ANY level of sophistication to be a waste of money, that should have been spent in R&D on sources of emergy viable towards the future.
Now, I understand from your comment that you *do* know what you're taking about. So would you kindly share with us a few key figures about the fracking process, such as how much of what is pumped in, how much of it is recovered, and where the rest goes. I can find some stuff online, but if I quote that I suspect I'll get accusations of bad research and following propaganda, so.. enlighten us, please.
> The technology revolution that is "fracking" has created billions in > wealth for states like Pennsylvania, Texas, Ohio and Wyoming.
This smells (PI) like corporate propaganda to me.
> Chinese firms are "aggressively" engaged in industrial espionage > conducting espionage against innovative US firms
riiight.. McCarthy, anyone? And.. innovative?? Innovation? Involving fossil fuels? The only trade secrets they are likely protecting is the toxicity and environmental impact of fracking. So the next logical step is that the chinese or whoever steal the "secrets", realise how stupid phracking is, then cancel any such plans at home and invest massively in renewables.
So this is great news. The fracking disaster will end with the US.
> Most Linux distributions use OpenSSL for TLS. > Even if a program links to GnuTLS, it may not use GnuTLS for certificate validation, > and if it doesn't, then it's not affected by this bug (one example is Google Chrome)
Agree. I've ran through everything that linked to gnutls on my distro (Arch) and although there's quite a lot of binaries that do, most of those do not offer TLS connections (or any network connectivity at all), so my guess (without knowing GNuTLS at all) is that they use some other feature offered by the library.
Of those that I know actually capable of SSL/TLS connections, all (also) link to OpenSSL.
So without making a definitive statement, AFAICT this should have near zero impact on GNU/Linux.
> So what are you proposing instead? I'm proposing to stop outsourcing most PKI to central authorities, making the "trust" a conscious user decision. Now before you argue that I can remove all authorities from my browser and add exceptions as I go, this is not a solution as what I will find is single-signed by some company I have no way of checking. If what I found was multi-signed there would be a reasonable chance of determining a level of trust via my web of trust. e.g. I would have something to go on while making that decision.
> I think the whole point of HTTPS Everywhere is that using it is better than not using it. Sure, but HTTPS (SSL, TLS..) is not what I have issues with. What I have issues with is using certificates single-signed by central authorities and preloading these into client software.
> As security increases, convenience decreases. I cannot argue with that:-) I just think it's necessary.
> this means that Firefox on Android with HTTPS Everywhere is now by far the most secure browser > against dragnet surveillance attacks like those performed by the NSA, GCHQ, and other intelligence agencies.
While I certainly think it is a good idea to encrypt traffic, this statement is highly misleading or naive: Since the CA system is *flawd by design* and every one of those "authorities" in the long list of built-in CA inside your browser can, by negligence or choice, supply any of these and other agencies with a valid certificate for *any hostname in the world*, initiatives like these protect your privacy only from your local sysadmin/ISP, and also do nothing against traffic analysis.
Should a US person/company trust that "China Internet Network Information Center" isn't going to create a cert for a US bank or company to perform a MITM attach with? Should a Chinese company trust "Wells Fargo" not to? Should the Greeks trust "TÜRKTRUST Bilgi letiim ve Biliim Güvenlii Hizmetleri A.. (c) Aralk 2007", or the Turks "Hellenic Academic and Research Institutions Cert. Authority"? What on earth makes you think ALL of these companies can resists pressures to misbehave? Yet all of them are built-in to your browser and "you" trust them.
Just go to any (Cloudflare, Akamai..)-accelerated site using https and check out the certificate used to see how that works: They are issued certificates for the customer domains they accelerate, and hence have access to all the traffic. In essence, they do exactly what a man-in-the-middle attack would do, except on a much grander scale (and with the collusion of the actual domain holders). The agencies can carry out such attacks from within the ISP's, and your browser would still show "green".
The Cert validation in the browsers leads to a *dangerous false sense of security* at most. This is crypto, a weakest-link business if ever there was one, folks. It's not ALL, or SOME that need to fail in order for PKI to fail, it's ANY of them.
Surely, we can do better than that: We should get rid of all centralised security illusions. Why aren't we signing contents using our PGP keys that at least make multiple signers possible and habitual, and, and this is the essential difference, IMHO: That *you* have made a conscious decision to trust or mistrust, to a certain degree, by reviewing a web of trust, as in informed consent as opposed to blind paternalism of massivly built-in, pretrusted certificates by distant companies you really have no clue about.
.. and NG adblockers (or browsers, full stop?) allow the contents according to the user's Web Of Trust.. Chances are.. any ads that *do* get through.. will be very appropriate and welcome..
Dunno how effective it is against different camera types and it does require you to wear a dumb-ass headband but it looks like a promising concept.
I've been playing around with various IR LED types, such as this one, at a couple wavelengths, and I found that in darkness and twilight, you need only very few to become a huge blob of ghostly light, but in good lighting conditions, a good camera like an Axis P3367 and even some of the crappy webcams I tried will see them as merely little points of red light. So I'll integrate a bunch in my backpack's straps and on it's surface, to at least get that commute, including subways etc.. covered, but with little hope of completeness.
So the real challenge may be: can we build a device that automates lens detection, focuses a small laser on the lens in question, and keeps it there while both the lens and the wearer of the countermeasure laser move along. +1 for a switch that will briefly increase laser power to burning strength. As in using a 2W Laser diode at low power. Capability:-)
Slashdot Mirror
"Doel, Tihange remain: Electrabel radiates, the citizen pays"
"The campaign manager of Greenpeace Energy, complains that the federal government (Michel I) failed, and will force obsolete nuclear plants to remain open.This choice creates new power shortages, it makes a transition to renewable energy impossible and offers Electrabel more profiteering that will be paid by the taxpayer. "
Mr Eloi names the Belgian minister of the Interior "Nuclear Ali". And given the state of the reactors, I fear this will turn out to be more accurate than intended. IMHO is it more to the point, already today, than the orginal nickname he's referring to.
Article (in Dutch)
http://www.dewereldmorgen.be/a...
Dodgy but serviceable Google Translation into English:
https://translate.google.com/t...
Then please help stop it:
http://www.newsletter-webversi...
Consider it sunken, but if you want to help:
http://www.newsletter-webversi...
> It is alleged that releasing the study would hamper the drive to
> harmonize safety standards as part of the Transatlantic Trade
> and Investment Partnership (TTIP) deal.
It is a moot point, since we will not allow TTIP to happen, and will not respect it if it does happen, and will sabotage it with everything we have, at every point, if it is forced down our throats:
http://www.newsletter-webversi...
I remember new year's eve Y2K, and everyone expecting blackouts, etc.. and me driving around with an X10 wireless remote,
sending random commands to sequential channels. People's lights went on and off, burglar alarms (dis)armed themselves,
garage doors opened, sprinklers sprinkled water onto the cold pavement (with great ice potential). People panicked. X10 had no notion of authentication. Probably still hasn't.
Now, I had to drive around, because I was using a commercial-grade transmitter, my range and impact were limited.
Now, Imagine that kind of attitude, but with everything just a few network hops away, no range limits, and with the Invisible Hand clearly not having spanked the market into having a clue.
Image a person less mature than me and that same kind of attitude, today. Or several thousands of them. Spread over the globe.
I can image the havoc, I'm having trouble imagining the useful applications.. A matter of age? I'm not near to connecting stuff I don't have to.
Imagine what would happen if the Silons attacked, also.
Mr Assange is a de facto political prisoner.
That these judges were required to show "loyalty" to their government by walking out, instead of asserting the independence of the judiciary - a basic requirement for a democracy that takes itself seriously - exposes, in my view, much about the sorry state of the United Kingdom. And it looks like it's the same everywhere I look..
Bewigged Fools! You of all people should know better!
That's another thing I will never understand: Back in the days (1998), we used an Object Store (*nix version of NeoAccess, in our case)
http://www.hephy.at/user/stamf... .. because we bascially thought RDB would be over by the turn of the century, and good riddance. We were extremely happy with the results. These site ran on minimal hardware (as we couldn't afford anything else in the data center), and flew, as compared to the competition (and anything else we'd ever done on that scale and online before).
In the following years it turned out everyone else insisted on keeping SQL around, and so we had to turn to manual SQL wrapping again (we created code generators, because it's too error-prone and boring to do manually) until ORM came around, which IMHO is a totally ass-backward way of dealing with a DB from an OO point-of-view. Also, clients demanded that we run stuff in J2EE containers and hence, that we write it in Java, which I still consider to have been a marketing exercise by Sun Microsystems to obtain more broad meaning for their ailing Spark CPU line (Java has always ran suspiciously better on *nix than any other platform). Little did they count on GNU/Linux taking over the server universe. We did go Java, but never liked it, and still consider it the result of brainwashing, and don't understand the need for all those extra layers. There is not one thing that the container does that the OS cannot do better, except packaging, and ever there, J2EE is "write once, debug everywhere" in the field and therefore of little real help. Since then, other enviroments and languages came along, all with their strengths and weaknessess, but all with a common goal, from my POV, which is to make development more abstract, less error-prone, more specialized, easier to package and deploy etc.. and to take up a lot of extra CPU power and memory. I don't believe in making development easier: It resulted in the extremely dangerous monsters that are online, written in PHP by good-intentioned dilattantes with an excellent grasp of their fields but with little development skills. Same in Java, same in Python, same in Ruby.. While these are all interesting languages with interesting frameworks, they do not, IMHO contribute anyhting new except runtime inefficiency, and some extra layers to make debugging harder.
Moore's law saved our bacons, there, because as time progressed, everything became more inefficient, but everyone had bigger CPU's and a lot of RAM to be able to keep up.
So you see, for me, the current situation with the traction of NoSQL and the immense opportunily (and necessity, IMHO) to make the server-side efficient and lean again (power is now a major cost in the data center, vs bandwidth) is really a lot of "back to the future".
Javascript on the server-side is total bollocks. Now that the client has gone smart again, because the browser *is* the client-side env, therefore Javascript has clearly won as *the* client-side language, and this means the server may become lean and mean again, because it can dispense with all the GUI, HTML, etc.. nonsense. And that means it can be done in real programming languages again. The kind where mistakes will cause a crash, not just inefficiency, unreliability and an entire generation of ops that think "just restart" is "normal". Which means that bad developers are filtered out, not saved by a nanny language and environment. Which means there will be less, but far better developers. And good developers can make good code in any language. Whatever I may have said and thought about JS in the past decade or so, I changed my mind since owning Crockford's "Javascript: The Good Parts". ON THE CLIENT SIDE, that is. I have never like anything but C(++), on the server side, and experiencing J2EE Containers, PHP, RubyOnRails, and various python frameworks there has only entrenched me more into thinking there is not one among them that I ended up respecting. If I could do a full e-commerce solution in serverside C++ in 1998, and get excellent performance from the cheap boxen of that time, imagine what you could do today by doing it right, on the server-side, by not wasting CPU cycles on another interpretative layer and letting some dumb algorithm mis-handle your memory management for you.
Dear concerned netizens,
I believe the correct message to send would be for backers to retreat en masse and generally boycott this project. They could always come back when a more sane plan is announced.
While this is a sad development in itself, we can also take it as a great opportunity to create awareness around the many dangers of DRM: A general boycott now would, IMHO, get press attention and make a clear statement to media companies that buyers are sick and tired of being treated like farm animals. /. can make it happen!
-f
Agree with this one. It regularly happens to me, as well.
I mean, I can sort of live with messages from people using Windows containing some sort of elongated lowercase j where, I learned years ago, they had inserted a smiley face and mistakenly assumed that this would be universally seen as such, but it's a whole different game where we're trying to be compact and logical, by using certain symbols such as brackets etc.. only to find one's correspondent is puzzled by the emotions conveyed by some round-headed Simpsons faces rendered by their email clients instead of what we meant. Not to mention the shame of apparently unpaired brackets.. Sorry for the long sentences: I'm in a hurry..
Referring to my erratum, seconds after that post:
> Erratum to avoid jokes about language proficiency:
>and *with* even less language proficiency
> I*t* makes me *not* want Net Neutrality
> Or are you suggesting the world should be ASCII only?
I agree that we should make sure that our legacy of >5000 years of written language can be represented using whatever means of communications are currently in vogue. This is covered by Unicode/UTF. Great, so far.
However, I'm also suggesting that during those 5000+ years of written, and what is probably about a million years of spoken language, we have developed words, some of which express emotional state and attitude, inperfectly, of course, but please refer to the Great Poets in any culture. It can be done, and it has been done exquisitely by some.
Humans have been struggling to express their emotions in words, for millenia, and we're making progress.. Therefore, I loathe seeing all those subtle possibilities of expression replaced by a small subset of visual babytalk, taking us back to the level of grunting and shrieking, basically.
Bottom line of what I'm trying to say is: There are plenty of baby-faces in the standards already. If some group (you mention the Japanese) want to occasionally forego their magnificent written culture and make baby-faces at each other: why not: The technology is already there and they have been known to do far crazier things over there. What I don't think we need is to *standardise* some visual NewSpeak to dumb down *everyone's* communications.
> What about all those BBS/ANSI characters from zillions of documents from the 80s? :-) and :-( and ~%-} and such for decades. They're no replacement for the appropriate choice of words! There's no reason to formalise them!
Yeah, what about them? They can all be represented. What's your point? I've been using
Oh speaking of which, I confess to sneaking in control characters on BBS chat systems, I also confess to sneaking in UTF symbols into XMPP chat systems (my nick "had 5 stars"). That was cute for all of 30 minutes. Today, when I see that email that despairs of it's own lack of contents by using some graphical UTF-8 in the Subject:, I have pity on the author (but not on the message itself).
WKR,
-f
Erratum to avoid jokes about language proficiency:
and *with* even less language proficiency
I*t* makes me *not* want Net Neutrality
Oh great, more tiny pictures chosen by some arbitrary process, so that everyone's expression becomes more the same and more like the plastic people in soap operas, and even less language proficiency. A whole generation of TV-watchers and Social Media Addicts already talks that way, and now we want to have symbols so we can express THAT more efficiently in WRITING? Exactly what we need..
I make me don't want Net Neutrality after all. I'm now willing to pay for an Internet fast lane that requires an IQ test.
Oh but wait.. Apple.. right.. who cares..
> Whoa - And the dastardly RIGHT-WING controlled media has covered it ALLLL up!!!!
No, the companies are. I've been corrected, in an earlier reply, on the fact that there are many real trade secrets involved in fracking. But that was not my point in the first place. And yes, the environmental and health issues surrounding fracking have been widely covered up. They must have been, or I would expect noone would tolerate fracking, anywhere!
Now about "right-wing" and "left-wing" those are just what I call "pro wrestling" terms: They are intended to give the illusion of choice, but in the industrialised world today, those wings are often both attached to the same fuselage, forming one plane, and piloted by one group.
> It's important to point out that McCarthy was right - there really were Communists in the State Department.
I'm sure there were. But am I reading correctly that you are reducing the whole phenomenon to "communists in the state department"???
So.. if the entire McCarthy era red scare witch hunt was really just about "communists in the state department", I'm curious to hear how you would describe the extermination camps of WW2, for example.
> Some conservatives regard the term as inappropriate and deprecate > what they say are myths created about McCarthy.
(en.wikipedia.org/wiki/McCarthyism)
Indeed.
> You don't know what you're talking about.
That is an understatement: I don't know the ins and outs of petrochemical processes, at all. But that was not my point and I apologize for not making it clearer. My point was that I consider ANY investment in fossil fuels, of ANY level of sophistication to be a waste of money, that should have been spent in R&D on sources of emergy viable towards the future.
Now, I understand from your comment that you *do* know what you're taking about. So would you kindly share with us a few key figures about the fracking process, such as how much of what is pumped in, how much of it is recovered, and where the rest goes. I can find some stuff online, but if I quote that I suspect I'll get accusations of bad research and following propaganda, so.. enlighten us, please.
Thanks,
-f
> The technology revolution that is "fracking" has created billions in
> wealth for states like Pennsylvania, Texas, Ohio and Wyoming.
This smells (PI) like corporate propaganda to me.
> Chinese firms are "aggressively" engaged in industrial espionage
> conducting espionage against innovative US firms
riiight.. McCarthy, anyone? And.. innovative?? Innovation? Involving fossil fuels? The only trade secrets they are likely protecting is the toxicity and environmental impact of fracking. So the next logical step is that the chinese or whoever steal the "secrets", realise how stupid phracking is, then cancel any such plans at home and invest massively in renewables.
So this is great news. The fracking disaster will end with the US.
-f
> and not as late as it did on April 1
That must have been the most expensive April Fool's joke EVER.
-f
> Most Linux distributions use OpenSSL for TLS.
> Even if a program links to GnuTLS, it may not use GnuTLS for certificate validation,
> and if it doesn't, then it's not affected by this bug (one example is Google Chrome)
Agree. I've ran through everything that linked to gnutls on my distro (Arch) and although there's
quite a lot of binaries that do, most of those do not offer TLS connections (or any network connectivity at all), so my
guess (without knowing GNuTLS at all) is that they use some other feature offered by the library.
Of those that I know actually capable of SSL/TLS connections, all (also) link to OpenSSL.
So without making a definitive statement, AFAICT this should have near zero impact on GNU/Linux.
deny demime = xlsx:docx:pptx
log_message = Message contains OOXML Attachment.
message = We Do Not Accept OOXML (docx,xlsx,pptx) Attachments See http://noooxml.wikidot.com/
deny demime = dat
log_message = Proprietary Attachment format
message = Non-Standard Attachment Practice (winmail.dat). Please Fix Your Email System.
> So what are you proposing instead?
I'm proposing to stop outsourcing most PKI to central authorities, making the "trust" a conscious user decision.
Now before you argue that I can remove all authorities from my browser and add exceptions as I go, this is not a solution as what I will find
is single-signed by some company I have no way of checking. If what I found was multi-signed there would be a reasonable chance of determining
a level of trust via my web of trust. e.g. I would have something to go on while making that decision.
> I think the whole point of HTTPS Everywhere is that using it is better than not using it.
Sure, but HTTPS (SSL, TLS..) is not what I have issues with. What I have issues with is using certificates single-signed by central authorities and preloading these into client software.
> As security increases, convenience decreases. :-) I just think it's necessary.
I cannot argue with that
> this means that Firefox on Android with HTTPS Everywhere is now by far the most secure browser
> against dragnet surveillance attacks like those performed by the NSA, GCHQ, and other intelligence agencies.
While I certainly think it is a good idea to encrypt traffic, this statement is highly misleading or naive: Since the CA
system is *flawd by design* and every one of those "authorities" in the long list of built-in CA inside
your browser can, by negligence or choice, supply any of these and other agencies with a valid certificate for
*any hostname in the world*, initiatives like these protect your privacy only from your local sysadmin/ISP, and also
do nothing against traffic analysis.
Should a US person/company trust that "China Internet Network Information Center" isn't going to create a cert for a
US bank or company to perform a MITM attach with? Should a Chinese company trust "Wells Fargo" not to?
Should the Greeks trust "TÜRKTRUST Bilgi letiim ve Biliim Güvenlii Hizmetleri A.. (c) Aralk 2007", or the
Turks "Hellenic Academic and Research Institutions Cert. Authority"? What on earth makes you think ALL of these
companies can resists pressures to misbehave? Yet all of them are built-in to your browser and "you" trust them.
Just go to any (Cloudflare, Akamai..)-accelerated site using https and check out the certificate used to see how that works:
They are issued certificates for the customer domains they accelerate, and hence have access to all the traffic.
In essence, they do exactly what a man-in-the-middle attack would do, except on a much grander scale (and with the collusion
of the actual domain holders). The agencies can carry out such attacks from within the ISP's, and your browser would still show "green".
The Cert validation in the browsers leads to a *dangerous false sense of security* at most. This is crypto, a weakest-link business
if ever there was one, folks. It's not ALL, or SOME that need to fail in order for PKI to fail, it's ANY of them.
Surely, we can do better than that: We should get rid of all centralised security illusions. Why aren't we signing contents using our PGP
keys that at least make multiple signers possible and habitual, and, and this is the essential difference, IMHO: That *you* have made a
conscious decision to trust or mistrust, to a certain degree, by reviewing a web of trust, as in informed consent as opposed to blind paternalism
of massivly built-in, pretrusted certificates by distant companies you really have no clue about.
WKR,
-f
.. and NG adblockers (or browsers, full stop?) allow the contents according to the user's Web Of Trust .. ..
Chances are.. any ads that *do* get through.. will be very appropriate and welcome
-f
Anyone know if those LED baseball caps really work? What about a can of spray paint, aimed at the Glass-hole?
This looks promising, it's an IR based 'camera blinder' that hides your face:
http://www.slashgear.com/surveillance-cam-blinder-2010369/
Dunno how effective it is against different camera types and it does require you to wear a dumb-ass headband but it looks like a promising concept.
I've been playing around with various IR LED types, such as this one, at a couple wavelengths, and I found that in darkness and twilight, you need only very few to become a huge blob of ghostly light, but in good lighting conditions, a good camera like an Axis P3367 and even some of the crappy webcams I tried will see them as merely little points of red light. So I'll integrate a bunch in my backpack's straps and on it's surface, to at least get that commute, including subways etc.. covered, but with little hope of completeness.
So the real challenge may be: can we build a device that automates lens detection, focuses a small laser on the lens in question, and keeps it there while both the lens and the wearer of the countermeasure laser move along. +1 for a switch that will briefly increase laser power to burning strength. As in using a 2W Laser diode at low power. Capability :-)