die LIST
Outside an eval, prints the value of LIST to STDERR and
exits with the current value of $! (errno). If $! is 0,
exits with the value of ($? >> 8) (backtick `command`
status). If ($? >> 8) is 0, exits with 255. Inside
an eval(), the error message is stuffed into $@ and the
eval is terminated with the undefined value. This makes
die the way to raise an exception.
Equivalent examples:
die "Can't cd to spool: $!\n" unless chdir '/usr/spool/news';
chdir '/usr/spool/news' or die "Can't cd to spool: $!\n"
If the value of EXPR does not end in a newline, the current script line
number and input line number (if any) are also printed, and a newline
is supplied. Note that the ``input line number'' (also known as ``chunk'')
is subject to whatever notion of ``line'' happens to be currently in
effect, and is also available as the special variable $..
See $/ in the perlvar manpage and $. in the perlvar manpage.
Hint: sometimes appending ", stopped" to your message
will cause it to make better sense when the string "at foo line 123" is
appended. Suppose you are running script ``canasta''.
die "/etc/games is no good";
die "/etc/games is no good, stopped";
produce, respectively
/etc/games is no good at canasta line 123./etc/games is no good, stopped at canasta line 123.
See also exit(), warn(), and the Carp module.
If LIST is empty and $@ already contains a value (typically from a
previous eval) that value is reused after appending "\t...propagated".
This is useful for propagating exceptions:
eval {... };
die unless $@ =~/Expected exception/;
If $@ is empty then the string "Died" is used.
die() can also be called with a reference argument. If this happens to be
trapped within an eval(), $@ contains the reference. This behavior permits
a more elaborate exception handling implementation using objects that
maintain arbitrary state about the nature of the exception. Such a scheme
is sometimes preferable to matching particular string values of $@ using
regular expressions. Here's an example:
eval {... ; die Some::Module::Exception->new( FOO => "bar" ) };
if ($@) {
if (ref($@) && UNIVERSAL::isa($@,"Some::Module::Exception")) {
# handle Some::Module::Exception
}
else {
# handle all other possible exceptions
}
}
Because perl will stringify uncaught exception messages before displaying
them, you may want to overload stringification operations on such custom
exception objects. See the overload manpage for details about that.
You can arrange for a callback to be run just before the die
does its deed, by setting the $SIG{__DIE__} hook. The associated
handler will be called with the error text and can change the error
message, if it sees fit, by calling die again. See
$SIG{expr} in the perlvar manpage for details on setting %SIG entries, and
eval BLOCK for some examples. Although this feature was meant
to be run only right before your program was to exit, this is not
currently the case--the $SIG{__DIE__} hook is currently called
even inside eval()ed blocks/strings! If one wants the hook to do
nothing in such situations, put
die @_ if $^S;
as the first line of the handler (see $^S in the perlvar manpage). Because
this promotes strange action at a distance, this counterintuitive
behavior may be fixed in a future release.
I beg to differ. Excel '95 had far and away the most elaborate Easter egg I've ever seen. It was a built-in 3D Doom-style temple. You could walk around a la first-person shooter and read the names of the developers on the walls.
Naming an empty macro "Magic 8-ball" in Word '95 and putting it in the toolbar would give you a magic 8-ball shaped icon that would randomly spew the "Don't bet on it" or "Reply hazy-try later" kind of answers when you clicked on it.
Easter eggs weren't the exclusive province of the Office development team, either. The first 3D text screen saver under NT 3.51 had a couple of Easter eggs. Typing BEER into the text would bounce around names of beers. Typing VOLCANO would bounce around names of volcanos.
But once the temple thing was made public in the wild, Microsoft got all suity and made a big stink about it, and they claimed they'd fire anyone responsible for putting any new Easter eggs into any Microsoft product.
I just heard some sad news on talk radio - Superheavy element 118 was found missing from the periodic table this morning. There weren't any more details. I'm sure everyone in the Slashdot community will miss it - even if you didn't believe the work, there's no denying its contributions to popular science. Truly an American icon.
The local "fingerprint your kids" had the parents doing the card impressions with their children, and then keeping the cards for themselves.
Very few people would voluntarily give their childrens' fingerprints to the police "just in case." This program worked because the police officers helped ensure the parents got a useful working set of fingerprints, and the parents kept the cards in their possesion at all times.
You don't need to whip up anti-police state fears any more than necessary. Just posting DMCA / USA Patriot / SSSCA is enough to do that.
Hello...are you even reading the other posts in this thread? Have you read this research paper showing that every fingerprint scanner system on the market today can be defeated in your kitchen with about $10 worth of crap you can buy at any Radio Shack and Krogers?
You can post a dozen reasons why nobody will ever be able to fake them. You can probably invent and post a hundred different reasons. But that doesn't even slow down the people who ARE faking them today.
Arguing a negative is usually pretty worthless. But it's even more worthless when the positive has already been proven.
The gummy fingerprints defeated all the live finger detection systems handily.
The gummy mold is just an ordinary photo-etched copper-plated printed circuit board. (I made lots of them when I was a kid from stuff I bought at Radio Shack.) Take a photo of a fingerprint. Make a full size transparency of it. Expose the photosensitive circuit board using the transparency as a mask. Etch the circuit board. Pour ordinary hot liquid gelatin over the board in an even (3 mm or so) layer (the original paper gave a recipe, but you should be able to use any old recipe for "Knox Blox". It's just ordinary gelatin mixed with boiling water.) Harden it in the refrigerator. When it's time to use it, simply cover the tip of your own finger with the sheet of gelatin.
It passes live tests easily. The thin layer of gelatin is almost invisible. It's transparent, so your own skin shows through. It's conductive: it has a moisture content similar to your own body. And it's warm: your body heats up 3mm of gelatin quite rapidly.
And once you pass through the scanner, you just lick your fingertip and the evidence is gone.
Extensive testing of this was performed against eleven different fingerprint scanners earlier this year. EVERY TESTED SCANNER ACCEPTED THE GUMMY FINGERS, including those advertising "live and well detection", with acceptance rates varying between 65% - 100%. John Young's website has a copy of the paper here.
Biometrics, in general, are not sufficient for high security. They work best only in conjunction with other security measures.
Re:Legality of Attacking Spammers?
on
ISP Chief on Spam
·
· Score: 2
That's why I said "semi-innocent." Yes, they could, should and do turn off relaying to keep the spammers from abusing them. But I don't think relaying spam is enough of a crime to sic an attack script at them. Certainly it merits an email to their postmaster, and perhaps a second angry email if they fail to turn off relaying. But you really shouldn't attack them for relaying (which is not exactly a crime; after all, it's in an RFC.)
Re:Legality of Attacking Spammers?
on
ISP Chief on Spam
·
· Score: 3, Insightful
As Bruce Schneier pointed out in his most recent issue of Cryptogram in a story called Counterattack, "...vigilantism: citizens and companies taking the law into their own hands and going after their assailants. Viscerally, it's an appealing idea. But it's a horrible one, and one that society after society has eschewed." He then goes on to say that laws must be applied fairly, and that the legal system is the only place to receive justice.
I think one of the problems might be that your script could attack a semi-innocent mail relay, rather than the spammer's computer.
So while I would cheer if you really hammered their boxes into dust, I wouldn't suggest that you could get away with it. Nor do I think you'd have any legal ground to stand on. You certainly couldn't claim that you didn't realize a spammer might step into your test script, because you just published your intent to all of us.
But if you do, well, kick 'em in the URLs once for me.:-)
When I was a kid, I rationalized this one away by thinking that since Frodo found the ring was really, really heavy that Gwahir wouldn't be able to carry it. Since the "heaviness" is really an emotional burden rather than a physical burden (the book describes Frodo's state as blurring the two together) I then rationalized that eagles would require the moral equivalent of "happy thoughts" to be able to fly and carry weight. Bearing the ring-bearer would in itself be a very taxing burden.
But I find this whole discussion to be more "trek physics" than anything. It's just a story. It was written by a human. A very careful, thorough human, but still just a human. It has plot weaknesses just like any other work of fiction.
Damn, there goes my willing suspension of disbelief.
I think jeddak's point is that a subversive member of a network can simultaneously provide top quality looking information (true-looking or at least not provably false data), turn in or denounce fellow members, sow dissent amongst the group's leadership and report on illicit activities.
I would think a subversive is harder to detect on-line, as any on-line credentials these days can be easily forged. For example, am I a geek, a hacker, a Federal Agent, or a corporate security executive? Would you be able to tell from my on-line activities here on Slashdot?
Would you say that an organization that has been successfully infiltrated by such a person provides "good" or "bad" information? What if I'm normally totally 3l33t, always provide top quality info, but today I get arrested and my company plays ball with the DoJ and begins subversive posting under my name? Or apply a classic man-in-the-middle attack. Does the value of the network go up or down? The value of my groups?
I don't mean to turn this into a discussion about authentication or crypto or anything like that, but in today's environment the chances are good that a non-trustworthy member would have little problem turning any random group into an ineffective cesspool of backbiting and endless discussions. (Perhaps by posting questions such as these?) I don't see the value of the network going up in cases like that.
Re:Or maybe just twice nay?
on
Smart Mobs
·
· Score: 2
Let me see if I understand you.
If one more user joins Slashdot, Slashdot might get statistically a tiny bit better. And that same user might also join Kuro5hin, User Friendly, a handful
of blogs, and make them all tiny bits better also?
I just don't see the sum of all those tiny bits ever adding up to N^N. And at some point I believe these communities get too big, and fragment (AOL, Compuserve, and even Slashdot might be examples.) So does the network then benefit nine times by having one community split into three parts? That might be where these "exponential benefits" factor in.
I guess what sticks in my craw is that it's hard to imagine a single AOL disk ever improving the world in any way, shape or form. But I suppose for that Joe Sixpack and his family, the world just got a whole lot better. They simply have no idea how much better it could be.
Hey, other than the part where it'd really SUCK if gas cost that much, it'd do our environment a lot of good. Fewer people would drive themselves to work, everybody here would be a lot more energy conscious. If prices raised to the point where it cost me $100.00 to fill my truck, I'd want to trade it in for a motorcycle. (Of course with gas at that price, everybody would be ditching their trucks and they'd probably be worth less than a crappy motorbike.)
And I understated the cost a bit. It's about $20.00 to fill my tank. But some vehicles have tanks small enough to fill with $15.00.
Also, just to keep this on topic with the original discussion of paying for the moon shot with taxes, I pay $0.18 in federal and $0.20 in Minnesota state taxes per gallon. I understand you pay about $2.80 per gallon (50p/litre) in taxes. Right now our national average price per gallon AFTER taxes is $1.38. You pay about $4.70 or so for that same gallon. So not only are you getting raked by your government, but Scotland and Norway are cutting you no deals either, are they?
Have fuel cell cars or other electric cars taken off over there yet?
No, that's 40 cents per day in 1965 dollars. 40 cents per day when the average wage earner made $4,658.72 a year, or about $12.75 per day, and supported a family of four ($0.40 / person * 4 = $1.60) on that wage. Roughly 8% of your dad's or grandpa's paycheck went to the moon.
In 2001 dollars, that would be around $7.20 per day. Now it doesn't seem like Coke or chip money any more, that's almost half a tank of gas, or a sit-down lunch at a halfway decent restaurant. Every day.
Put it in perspective. In 1965, gas went for $0.20 / gallon. McDonalds' burgers were $0.19, and so were the fries.
Keep in mind that was $0.40 for EACH person. In 1965, there was only one "average wage earner" per family, but they were supporting an average of four people. Think $1.60 per day, out of your $12.75.
And these were taxes. You don't get to say, "Hey, Uncle Sam, the kid got sick and I came up a bit short so I'm not paying for your moon shot this week." Taxes weren't optional back in 1965, either.
I was more interested in the cost to the environment, so I did some research. What I found disturbed me enough to send a letter to the distributed.net people asking them to cease this pointless consumption of energy. What follows is a portion of that letter.
-------
Here's the executive summary: CPUs consume more electricity when actively computing than they do when idle. To solve the RC5-72 challenge may require an additional 2 million tons of coal be burned in order to produce the additional electricity required. That's over 200 full coal trains. 9.2 billion pounds of additional carbon dioxide will be produced and released. The details follow.
I sent a letter to my buddies during a discussion of relaunching our team to attack the RC5-72 challenge. It showed a simplistic estimation of the energy costs required for me to participate in the challenge. I know that my CPU uses more energy to perform math calculations than it does to sit idle. It has since occurred to me that not only would I be burning an extra megawatt or two of electricity during the contest to participate, but so would all the other participants.
I've researched things a bit more since then. The distributed.net speed page shows an Athlon 1GHz Thunderbird averaging 3,540,087 keys/sec, or 12,744,313,200 keys/hour during the RC5-64 contest. A hardware vendor's page shows an active Athlon 1GHz Thunderbird CPU consumes an extra 10 watt-hours above its standby level. This is only the difference between an active CPU and an idle CPU, and does not account for any other standby power savings that may or may not take place. That means a 1GHz Athlon Thunderbird participating in the contest can either sit idle or test 1,275 million keys at a cost of one additional watt-hour. Since the RC5-64 contest tested 15,769,938,165,961,326,592 keys, at this rate that is 12,368,578,953 additional watt-hours used. That means about 12 gigawatt-hours (gWH) of additional electrical power were produced and consumed over the last four years just to solve the contest.
This Los Alamos National Laboratory web page provided lots of data regarding coal and electrical generation. Referring to only the 1998 figures, I found that U.S. electric generators required 10,311 BTU to generate one kilowatt-hour. If the contest required 12 gWH of additional electricity, it must have taken about 123,732 million BTUs to generate it. Bituminous coal yields 24 million BTU per ton; sub-bituminous coal yields only 17 million BTU per ton. In 1998, the US was mining and burning about a 47%/53% mix, averaging out to about 20.5 million BTU/ton. Therefore 6,036 tons of coal had to be burned in order to generate that much eletricity. Over sixty railroad cars of coal. Looking at the CO2 problem, at the reported U.S. average of 208 lbs of CO2 produced per million BTU generated by burning coal, the contest was responsible for the production and emission of about 26 million pounds of carbon dioxide.
When it comes to the RC5-72 contest the numbers get even worse, since according to the RC5-72 speed page the number of keys per second drops to about 72% of the RC5-64 cracking speed for the Athlon 1GHz Thunderbird. Assuming that this 72% ratio is similar across most architectures, extrapolating the contest to RC5-72 should require about 2^8 times as much of everything to solve at 72% efficiency, or about 356 times the RC5-64 figures. 12 gWH * 356 is 4.3 terawatt-hours. 6,036 tons * 356 is over 2 million tons of coal. More than 210 full trains. 26 * 356 is about 9.2 billion pounds of carbon dioxide that will be produced.
Now, these numbers are pretty much long-range projections made from some small, narrow observations. Not every CPU will consume 10 additional watts when busy. And not every CPU would otherwise drop to an idle or standby state. But some computers will be left on and cracking keys rather than hibernating or being powered off, which could save 116 watts/hour or more. And some may consume more than 10 extra watt-hours when active; such as a Pentium III-667 MHz which consumes 34 watt-hours operating but only 5 watt-hours when it can drop to standby.
Also, only about 56% of our electricity is generated by burning coal: the rest is produced by nuclear power, or burning natural gas, fuel oil or biomass; about 10% is produced by renewable resources. The key could be found tomorrow, or it could be found 15 years from now. So my estimates are still just that: estimates. I could be wrong by orders of magnitude, but even so, the fact is that the RC5-72 contest is going to increase electricity consumption. Over the course of its life, the RC5-72 contest might be responsible for burning only 100 tons of coal, or it might cause the burn of 4 billion tons of coal.
-------
And for those of you are still reading and haven't been bored by all the numbers, I think it would have cost me about $850.00 worth of electricity to personally participate. The prize is $10,000, $1,000 of which goes to distributed.net, $8,000 goes to a charitable organization of distributed.net's choosing (the EFF, I think) and $1,000 goes to the person whose machine found the winning key.
That's an $850 investment for a 1/165,000,000,000 chance of winning $1,000 in the next 10 years. That's discounting
rising electric costs
devaluation of the dollar due to inflation
the chances that RSA will still be in business and able to pay the $10,000 reward in 10 years.
I think my money would be MUCH safer invested in lottery tickets, where I've heard that investments pay out about $0.11 on the dollar (average.)
I dunno, I pretty much find "programming is programming." Don't get me wrong: the Windows API is convoluted, and the most interesting and useful bits are all undocumented. A good example would be everything related to process control -- I just spent an entire day tring to find decent documentation for NtQuerySystemInformation.
But if you're writing application programs that pretty much stick to the standard operations, programming for the Win32 API is "just programming." Once you start getting into the alleged "helper" type wrappers, such as MFC, then you're way screwed, of course; but then again I don't see the Widget Tool Kit as being the single greatest feat of API engineering ever written, either.
Microsoft tools are very nice (but costly.) MSDN documentation is usually good (but certainly has its holes.) All in all it doesn't completely suck; it's just not quite as satisfying as accomplishing the same task on a machine with fewer (or at least more far-flung) resources.
No, you're trivializing some people who have a hard time distinguishing between a machine's reacting to input and a person's opinion.
People will think whatever they want to think. By saying "you're reading too much into this" you ignore the fact that many people are still not geeky enough to deal with "user agent" software. Sure, being TiVo owners might generally mean they're more "l337", but many of them aren't. And the more computers are asked to form "opinions" the more these people will be confused.
The difference is that when you're talking contract law, the devil is most certainly in the details.
Your foot will probably heal by itself. It might heal faster given certain generic treatments (ice, stretching or immobilization or whatever.) And if it doesn't get better in a couple of weeks, you go see a doctor anyway, who goes "tsk, tsk, you should have seen me last week" but fixes you up all the same.
But the contract that he writes and signs will effectively "own" his business and the payrolls of four other people for the next year. If he forgets to dot a legal 'i' or cross some legal 't', a troubled client might take serious advantage of him. Hiring a lawyer to draft the contract will help cover those clauses that might otherwise expose him to some unforseen liabilities.
I'm not saying that his client is shady, or that he isn't honest. I'm saying keep in mind that three years ago every dot-com had a million dollars of venture capital to fund these projects. These days, money is not so free and customers may have their financial situations change. If his client starts feeling the money belt tighten, this guy had better have an airtight contract to make sure that 1) he gets paid for work he does; or at least 2) he can stop working if he doesn't get paid.
The Slashdot crowd will no doubt have some ideas regarding coverage of intellectual property, and I'm sure that's what this guy wants to read. But he needs to spend a few dollars on a decent contract lawyer to ensure that his company's future isn't thrown away by a PREVENTABLE turn of the die. Isn't protecting a million dollar investment worth $5000?
When I was a kid they locked us in the math room for an entire summer and I had to edit programs on paper tape with a hole punch for $1.50/hr, and feed 'em back through a 110 baud teletype.
It's hard to imagine someone getting fired for such a stupid reason. It's not like there are thousands of people standing in line to get hired by Radio Shack...
And I'm not very sorry if I got some guy in trouble, because I'd always bitch if they started typing in fake data on my behalf. The scenario went "can I have you name and address, please?" and I'd say, "No." They'd start typing in phone number "0000" for the search, and I'd say "NO, THAT'S NOT ME, YOU MAY NOT TYPE IN A NAME AND ADDRESS ON THIS SALE." They'd get pissed, but too damn bad.
I've thought it was a crock of sh!t since the 70's and I continued to think it was a crock until today. This is the first good consumer privacy news I've heard in a long time.
I was in there today over lunch returning some Ni-Cd batteries (my boss found the actual rechargable pack I needed, so I didn't have to kludge one together from cells.) And a buddy bought a set of rabbit ears for his TV.
And they ASKED FOR MY NAME AND ADDRESS. Of course since I was returning something, I kind of expect that these days. This store had stopped asking on sales quite a while ago, actually.
Radio Shack is where you go if you need 1/8" - 1/4" stereo adapters or burglar alarm magnets. You can find other random things there, like radio scanners or odd batteries, (and they still carry CB radios, too!) They also have the Sonic Blue DVD/VCR combo box. But if you need electronic components, "rotsa ruck." It's mostly a phone / toy / Sprint / satellite TV store these days.
Outside an eval, prints the value of LIST to STDERR and exits with the current value of $! (errno). If $! is 0, exits with the value of ($? >> 8) (backtick `command` status). If ($? >> 8) is 0, exits with 255. Inside an eval(), the error message is stuffed into $@ and the eval is terminated with the undefined value. This makes die the way to raise an exception.
Equivalent examples:
die "Can't cd to spool: $!\n" unless chdir '/usr/spool/news'; chdir '/usr/spool/news' or die "Can't cd to spool: $!\n"If the value of EXPR does not end in a newline, the current script line number and input line number (if any) are also printed, and a newline is supplied. Note that the ``input line number'' (also known as ``chunk'') is subject to whatever notion of ``line'' happens to be currently in effect, and is also available as the special variable $.. See $/ in the perlvar manpage and $. in the perlvar manpage.
Hint: sometimes appending ", stopped" to your message will cause it to make better sense when the string "at foo line 123" is appended. Suppose you are running script ``canasta''.
die "/etc/games is no good"; die "/etc/games is no good, stopped";produce, respectively
See also exit(), warn(), and the Carp module.
If LIST is empty and $@ already contains a value (typically from a previous eval) that value is reused after appending "\t...propagated". This is useful for propagating exceptions:
eval {If $@ is empty then the string "Died" is used.
die() can also be called with a reference argument. If this happens to be trapped within an eval(), $@ contains the reference. This behavior permits a more elaborate exception handling implementation using objects that maintain arbitrary state about the nature of the exception. Such a scheme is sometimes preferable to matching particular string values of $@ using regular expressions. Here's an example:
eval {Because perl will stringify uncaught exception messages before displaying them, you may want to overload stringification operations on such custom exception objects. See the overload manpage for details about that.
You can arrange for a callback to be run just before the die does its deed, by setting the $SIG{__DIE__} hook. The associated handler will be called with the error text and can change the error message, if it sees fit, by calling die again. See $SIG{expr} in the perlvar manpage for details on setting %SIG entries, and eval BLOCK for some examples. Although this feature was meant to be run only right before your program was to exit, this is not currently the case--the $SIG{__DIE__} hook is currently called even inside eval()ed blocks/strings! If one wants the hook to do nothing in such situations, put
die @_ if $^S;as the first line of the handler (see $^S in the perlvar manpage). Because this promotes strange action at a distance, this counterintuitive behavior may be fixed in a future release.
Naming an empty macro "Magic 8-ball" in Word '95 and putting it in the toolbar would give you a magic 8-ball shaped icon that would randomly spew the "Don't bet on it" or "Reply hazy-try later" kind of answers when you clicked on it.
Easter eggs weren't the exclusive province of the Office development team, either. The first 3D text screen saver under NT 3.51 had a couple of Easter eggs. Typing BEER into the text would bounce around names of beers. Typing VOLCANO would bounce around names of volcanos.
But once the temple thing was made public in the wild, Microsoft got all suity and made a big stink about it, and they claimed they'd fire anyone responsible for putting any new Easter eggs into any Microsoft product.
What the hell, I've karma to burn.
Very few people would voluntarily give their childrens' fingerprints to the police "just in case." This program worked because the police officers helped ensure the parents got a useful working set of fingerprints, and the parents kept the cards in their possesion at all times.
You don't need to whip up anti-police state fears any more than necessary. Just posting DMCA / USA Patriot / SSSCA is enough to do that.
You can post a dozen reasons why nobody will ever be able to fake them. You can probably invent and post a hundred different reasons. But that doesn't even slow down the people who ARE faking them today.
Arguing a negative is usually pretty worthless. But it's even more worthless when the positive has already been proven.
The gummy mold is just an ordinary photo-etched copper-plated printed circuit board. (I made lots of them when I was a kid from stuff I bought at Radio Shack.) Take a photo of a fingerprint. Make a full size transparency of it. Expose the photosensitive circuit board using the transparency as a mask. Etch the circuit board. Pour ordinary hot liquid gelatin over the board in an even (3 mm or so) layer (the original paper gave a recipe, but you should be able to use any old recipe for "Knox Blox". It's just ordinary gelatin mixed with boiling water.) Harden it in the refrigerator. When it's time to use it, simply cover the tip of your own finger with the sheet of gelatin.
It passes live tests easily. The thin layer of gelatin is almost invisible. It's transparent, so your own skin shows through. It's conductive: it has a moisture content similar to your own body. And it's warm: your body heats up 3mm of gelatin quite rapidly.
And once you pass through the scanner, you just lick your fingertip and the evidence is gone.
Extensive testing of this was performed against eleven different fingerprint scanners earlier this year. EVERY TESTED SCANNER ACCEPTED THE GUMMY FINGERS, including those advertising "live and well detection", with acceptance rates varying between 65% - 100%. John Young's website has a copy of the paper here.
Biometrics, in general, are not sufficient for high security. They work best only in conjunction with other security measures.
That's why I said "semi-innocent." Yes, they could, should and do turn off relaying to keep the spammers from abusing them. But I don't think relaying spam is enough of a crime to sic an attack script at them. Certainly it merits an email to their postmaster, and perhaps a second angry email if they fail to turn off relaying. But you really shouldn't attack them for relaying (which is not exactly a crime; after all, it's in an RFC.)
I think one of the problems might be that your script could attack a semi-innocent mail relay, rather than the spammer's computer.
So while I would cheer if you really hammered their boxes into dust, I wouldn't suggest that you could get away with it. Nor do I think you'd have any legal ground to stand on. You certainly couldn't claim that you didn't realize a spammer might step into your test script, because you just published your intent to all of us.
But if you do, well, kick 'em in the URLs once for me. :-)
But I find this whole discussion to be more "trek physics" than anything. It's just a story. It was written by a human. A very careful, thorough human, but still just a human. It has plot weaknesses just like any other work of fiction.
Damn, there goes my willing suspension of disbelief.
I would think a subversive is harder to detect on-line, as any on-line credentials these days can be easily forged. For example, am I a geek, a hacker, a Federal Agent, or a corporate security executive? Would you be able to tell from my on-line activities here on Slashdot?
Would you say that an organization that has been successfully infiltrated by such a person provides "good" or "bad" information? What if I'm normally totally 3l33t, always provide top quality info, but today I get arrested and my company plays ball with the DoJ and begins subversive posting under my name? Or apply a classic man-in-the-middle attack. Does the value of the network go up or down? The value of my groups?
I don't mean to turn this into a discussion about authentication or crypto or anything like that, but in today's environment the chances are good that a non-trustworthy member would have little problem turning any random group into an ineffective cesspool of backbiting and endless discussions. (Perhaps by posting questions such as these?) I don't see the value of the network going up in cases like that.
If one more user joins Slashdot, Slashdot might get statistically a tiny bit better. And that same user might also join Kuro5hin, User Friendly, a handful of blogs, and make them all tiny bits better also?
I just don't see the sum of all those tiny bits ever adding up to N^N. And at some point I believe these communities get too big, and fragment (AOL, Compuserve, and even Slashdot might be examples.) So does the network then benefit nine times by having one community split into three parts? That might be where these "exponential benefits" factor in.
I guess what sticks in my craw is that it's hard to imagine a single AOL disk ever improving the world in any way, shape or form. But I suppose for that Joe Sixpack and his family, the world just got a whole lot better. They simply have no idea how much better it could be.
And I understated the cost a bit. It's about $20.00 to fill my tank. But some vehicles have tanks small enough to fill with $15.00.
Also, just to keep this on topic with the original discussion of paying for the moon shot with taxes, I pay $0.18 in federal and $0.20 in Minnesota state taxes per gallon. I understand you pay about $2.80 per gallon (50p/litre) in taxes. Right now our national average price per gallon AFTER taxes is $1.38. You pay about $4.70 or so for that same gallon. So not only are you getting raked by your government, but Scotland and Norway are cutting you no deals either, are they?
Have fuel cell cars or other electric cars taken off over there yet?
In 2001 dollars, that would be around $7.20 per day. Now it doesn't seem like Coke or chip money any more, that's almost half a tank of gas, or a sit-down lunch at a halfway decent restaurant. Every day.
Put it in perspective. In 1965, gas went for $0.20 / gallon. McDonalds' burgers were $0.19, and so were the fries.
Keep in mind that was $0.40 for EACH person. In 1965, there was only one "average wage earner" per family, but they were supporting an average of four people. Think $1.60 per day, out of your $12.75.
And these were taxes. You don't get to say, "Hey, Uncle Sam, the kid got sick and I came up a bit short so I'm not paying for your moon shot this week." Taxes weren't optional back in 1965, either.
It was a DAMN EXPENSIVE program.
Hey, what if the girl from the X10 pop-up turns out to be a real-life terrorist? How will we know? And how will they advertise that one?
"Have you seen this girl? If not, buy one of these cameras and you might see MORE of her..."
-------
Here's the executive summary: CPUs consume more electricity when actively computing than they do when idle. To solve the RC5-72 challenge may require an additional 2 million tons of coal be burned in order to produce the additional electricity required. That's over 200 full coal trains. 9.2 billion pounds of additional carbon dioxide will be produced and released. The details follow.
I sent a letter to my buddies during a discussion of relaunching our team to attack the RC5-72 challenge. It showed a simplistic estimation of the energy costs required for me to participate in the challenge. I know that my CPU uses more energy to perform math calculations than it does to sit idle. It has since occurred to me that not only would I be burning an extra megawatt or two of electricity during the contest to participate, but so would all the other participants.
I've researched things a bit more since then. The distributed.net speed page shows an Athlon 1GHz Thunderbird averaging 3,540,087 keys/sec, or 12,744,313,200 keys/hour during the RC5-64 contest. A hardware vendor's page shows an active Athlon 1GHz Thunderbird CPU consumes an extra 10 watt-hours above its standby level. This is only the difference between an active CPU and an idle CPU, and does not account for any other standby power savings that may or may not take place. That means a 1GHz Athlon Thunderbird participating in the contest can either sit idle or test 1,275 million keys at a cost of one additional watt-hour. Since the RC5-64 contest tested 15,769,938,165,961,326,592 keys, at this rate that is 12,368,578,953 additional watt-hours used. That means about 12 gigawatt-hours (gWH) of additional electrical power were produced and consumed over the last four years just to solve the contest.
This Los Alamos National Laboratory web page provided lots of data regarding coal and electrical generation. Referring to only the 1998 figures, I found that U.S. electric generators required 10,311 BTU to generate one kilowatt-hour. If the contest required 12 gWH of additional electricity, it must have taken about 123,732 million BTUs to generate it. Bituminous coal yields 24 million BTU per ton; sub-bituminous coal yields only 17 million BTU per ton. In 1998, the US was mining and burning about a 47%/53% mix, averaging out to about 20.5 million BTU/ton. Therefore 6,036 tons of coal had to be burned in order to generate that much eletricity. Over sixty railroad cars of coal. Looking at the CO2 problem, at the reported U.S. average of 208 lbs of CO2 produced per million BTU generated by burning coal, the contest was responsible for the production and emission of about 26 million pounds of carbon dioxide.
When it comes to the RC5-72 contest the numbers get even worse, since according to the RC5-72 speed page the number of keys per second drops to about 72% of the RC5-64 cracking speed for the Athlon 1GHz Thunderbird. Assuming that this 72% ratio is similar across most architectures, extrapolating the contest to RC5-72 should require about 2^8 times as much of everything to solve at 72% efficiency, or about 356 times the RC5-64 figures. 12 gWH * 356 is 4.3 terawatt-hours. 6,036 tons * 356 is over 2 million tons of coal. More than 210 full trains. 26 * 356 is about 9.2 billion pounds of carbon dioxide that will be produced.
Now, these numbers are pretty much long-range projections made from some small, narrow observations. Not every CPU will consume 10 additional watts when busy. And not every CPU would otherwise drop to an idle or standby state. But some computers will be left on and cracking keys rather than hibernating or being powered off, which could save 116 watts/hour or more. And some may consume more than 10 extra watt-hours when active; such as a Pentium III-667 MHz which consumes 34 watt-hours operating but only 5 watt-hours when it can drop to standby.
Also, only about 56% of our electricity is generated by burning coal: the rest is produced by nuclear power, or burning natural gas, fuel oil or biomass; about 10% is produced by renewable resources. The key could be found tomorrow, or it could be found 15 years from now. So my estimates are still just that: estimates. I could be wrong by orders of magnitude, but even so, the fact is that the RC5-72 contest is going to increase electricity consumption. Over the course of its life, the RC5-72 contest might be responsible for burning only 100 tons of coal, or it might cause the burn of 4 billion tons of coal.
-------
And for those of you are still reading and haven't been bored by all the numbers, I think it would have cost me about $850.00 worth of electricity to personally participate. The prize is $10,000, $1,000 of which goes to distributed.net, $8,000 goes to a charitable organization of distributed.net's choosing (the EFF, I think) and $1,000 goes to the person whose machine found the winning key.
That's an $850 investment for a 1/165,000,000,000 chance of winning $1,000 in the next 10 years. That's discounting
I think my money would be MUCH safer invested in lottery tickets, where I've heard that investments pay out about $0.11 on the dollar (average.)
So run it on an Athlon... Crack keys and heat your house at the same time!
But if you're writing application programs that pretty much stick to the standard operations, programming for the Win32 API is "just programming." Once you start getting into the alleged "helper" type wrappers, such as MFC, then you're way screwed, of course; but then again I don't see the Widget Tool Kit as being the single greatest feat of API engineering ever written, either.
Microsoft tools are very nice (but costly.) MSDN documentation is usually good (but certainly has its holes.) All in all it doesn't completely suck; it's just not quite as satisfying as accomplishing the same task on a machine with fewer (or at least more far-flung) resources.
Actually, according to the USA PATRIOT act, they'll probably get those statistics from your library card...
People will think whatever they want to think. By saying "you're reading too much into this" you ignore the fact that many people are still not geeky enough to deal with "user agent" software. Sure, being TiVo owners might generally mean they're more "l337", but many of them aren't. And the more computers are asked to form "opinions" the more these people will be confused.
Your foot will probably heal by itself. It might heal faster given certain generic treatments (ice, stretching or immobilization or whatever.) And if it doesn't get better in a couple of weeks, you go see a doctor anyway, who goes "tsk, tsk, you should have seen me last week" but fixes you up all the same.
But the contract that he writes and signs will effectively "own" his business and the payrolls of four other people for the next year. If he forgets to dot a legal 'i' or cross some legal 't', a troubled client might take serious advantage of him. Hiring a lawyer to draft the contract will help cover those clauses that might otherwise expose him to some unforseen liabilities.
I'm not saying that his client is shady, or that he isn't honest. I'm saying keep in mind that three years ago every dot-com had a million dollars of venture capital to fund these projects. These days, money is not so free and customers may have their financial situations change. If his client starts feeling the money belt tighten, this guy had better have an airtight contract to make sure that 1) he gets paid for work he does; or at least 2) he can stop working if he doesn't get paid.
The Slashdot crowd will no doubt have some ideas regarding coverage of intellectual property, and I'm sure that's what this guy wants to read. But he needs to spend a few dollars on a decent contract lawyer to ensure that his company's future isn't thrown away by a PREVENTABLE turn of the die. Isn't protecting a million dollar investment worth $5000?
When I was a kid they locked us in the math room for an entire summer and I had to edit programs on paper tape with a hole punch for $1.50/hr, and feed 'em back through a 110 baud teletype.
Oh, wait. I did.
And I'm not very sorry if I got some guy in trouble, because I'd always bitch if they started typing in fake data on my behalf. The scenario went "can I have you name and address, please?" and I'd say, "No." They'd start typing in phone number "0000" for the search, and I'd say "NO, THAT'S NOT ME, YOU MAY NOT TYPE IN A NAME AND ADDRESS ON THIS SALE." They'd get pissed, but too damn bad.
I've thought it was a crock of sh!t since the 70's and I continued to think it was a crock until today. This is the first good consumer privacy news I've heard in a long time.
And they ASKED FOR MY NAME AND ADDRESS. Of course since I was returning something, I kind of expect that these days. This store had stopped asking on sales quite a while ago, actually.
Radio Shack is where you go if you need 1/8" - 1/4" stereo adapters or burglar alarm magnets. You can find other random things there, like radio scanners or odd batteries, (and they still carry CB radios, too!) They also have the Sonic Blue DVD/VCR combo box. But if you need electronic components, "rotsa ruck." It's mostly a phone / toy / Sprint / satellite TV store these days.
Good luck with your gambling. I like to see somebody with a plan... :-)
Spike has been Spike since before I met him in 1990. You were nine at the time.
You, sir, are an impostor. Hopefully a happy, hungover impostor (happy belated birthday!), but an impostor nonetheless.
"I served with Spike. I know Spike. Spike is a friend of mine. MyDixieWrecked, you're no Spike."