That means you have to control at least one IP address.
It's also really hard to send e-mail without at least one domain of your own.
Reseller pricing of low-end certificates is about the same cost as a domain. From Namecheap and elsewhere.
That said, I didn't know about this, and forgot to set up SSL at one of my domains. I didn't much care, but my reaction to this is pretty much "Oh, so that's what Google is bitching about. Okay."
I think that's ascribing too much competence. What are the odds? Unless they're doing this en masse - in which case we can try to find evidence of it - then I'm more inclined to take the story at face value. Have certainly seen my share of incompetent tech shops.
> The only reason the US could be justifiably paranoid about what China can/can't do to them, is if the US intends to default on China, stop paying interest, and pre-emptively attack China to get out of the situation.
Treasuries do not work that way. China can take advantage of the Federal Reserve's Quantitative Easing program in which a branch of the government effectively buys back said treasuries, but in treasuries are nothing more than pieces of paper that can be redeemed at a future date for a certain value, and these are bought and sold on a market just like any other commodity.
There is also the matter of users' hard drives basically being used as bitcoin hoarders' personal, no-cost banks. It's an ever-increasing externality as the size of the chain increases.
And that's just it - all stars involved are shedding mass in different directions, at varying rates. You might have instances where a single figure-eight of sorts gets performed, but that means there's been a capture and likely a subsequent ejection. But unless you actually want to engineer this somehow, and have a means of keeping it stable (planetary thrusters go!) - it won't be seen. If we ever find something like that the first assumption is going to be aliens having fun, and that's what Occom's razor is going to boil down to.
> If the server or isp supports ip6, the attacker just needs a home that can use 100000000000 IP addresses, and on ip6 is easy.
All with the same/64 or, if you're lucky, a/60 or/56 prefix.
For my own CMS, I do ratelimits on/56 and/24 subnets. I track the hostmask on ipv6 for things like logins, but that's largely just because it's there.It's about as useful and relevant to me as your connecting port. And don't expect a site owner to treat it as any more unique.
> And criminals *will* find a way to strip that information from their videos. Does that flag it as illegal? Sure. But it was already illegal to begin with.
Worse, it's another framing incident begging to happen. Find some other poor schmuck's key, sign incriminating images with it.
Use Cookie Monster, so some similar cookie disabling app. For most sites disabling cookies means disabling localStorage.
But cookies are dumb. 99% of the time I don't even want to be seeing what I store in localStorage, it's all user preference gloss, and certainly does not need to be sent between my server and your computer ten million times a day. But right now that's what we use cookies for.
Writing my own fully AJAX driven software, let me just say, adding 2kb to each and every single AJAX request is simply a non-starter. For my site, that will easily run 50 GB/day. Half my bandwidth just for cookies! No.
Storing the session in the URL has certainly been done (never seen a PHPSESSID link when you turn off cookies?) but it's an immense security issue on a community website. Someone steals your url, and they're you. No.
Stuff like Cookie Monster, Refcontrol, Noscript and Flash/extensionblock should simply be standard parts of the browser, with users educated how to use them properly.
If you need to increase the number of hugepages on a server, and memory is already seriously fragmented, doing that without a reboot is asking for a world of pain.
Slashdot Mirror
King Bhumibol Adulyade enjoys licking my toes.
Ha, ha! You got the short end of the deal. You should see what parts of me he licks.
With a username of 'drinkypoo', I'll pass on that offer, if you don't mind.
Or even if you do.
That means you have to control at least one IP address.
It's also really hard to send e-mail without at least one domain of your own.
Reseller pricing of low-end certificates is about the same cost as a domain. From Namecheap and elsewhere.
That said, I didn't know about this, and forgot to set up SSL at one of my domains. I didn't much care, but my reaction to this is pretty much "Oh, so that's what Google is bitching about. Okay."
This is much ado about rather little.
I think that's ascribing too much competence. What are the odds? Unless they're doing this en masse - in which case we can try to find evidence of it - then I'm more inclined to take the story at face value. Have certainly seen my share of incompetent tech shops.
I use tmpfs for /tmp, but then it is a webserver with a rather large amount of database throughput.
By my benchmarks ext4 was about 25% faster than ext3 for my typical database loads, largely due to extents. This is on my twin RAID 1 10krpm drives.
I still use ext3 for my /boot partitions, but other than that there doesn't seem to be much reason to stick to ext3 at all.
> Why would China want to teach the USA a lesson? The Chinese already own most US debt.
No, they do not. China and Hong Kong combined don't crack 10%.
> The only reason the US could be justifiably paranoid about what China can/can't do to them, is if the US intends to default on China, stop paying interest, and pre-emptively attack China to get out of the situation.
Treasuries do not work that way. China can take advantage of the Federal Reserve's Quantitative Easing program in which a branch of the government effectively buys back said treasuries, but in treasuries are nothing more than pieces of paper that can be redeemed at a future date for a certain value, and these are bought and sold on a market just like any other commodity.
There is also the matter of users' hard drives basically being used as bitcoin hoarders' personal, no-cost banks. It's an ever-increasing externality as the size of the chain increases.
> Could someone explain how they would escape that spiral? I'm not an economist so I don't know if there are other routes of which I'm unaware.
Start a rival chain, don't make it crazy deflationary, possibly patch up a few of Bitcoin's technical flaws.
Ironically it might spur even more Bitcoin transactions as people move to the new chain.
And that's just it - all stars involved are shedding mass in different directions, at varying rates. You might have instances where a single figure-eight of sorts gets performed, but that means there's been a capture and likely a subsequent ejection. But unless you actually want to engineer this somehow, and have a means of keeping it stable (planetary thrusters go!) - it won't be seen. If we ever find something like that the first assumption is going to be aliens having fun, and that's what Occom's razor is going to boil down to.
It'll get ejected - that configuration isn't stable.
For Alpha Centauri A and B, the 'stable zone' is out to roughly Jupiter's orbit from each star - plenty of room for both to have habitable worlds.
> If the server or isp supports ip6, the attacker just needs a home that can use 100000000000 IP addresses, and on ip6 is easy.
All with the same /64 or, if you're lucky, a /60 or /56 prefix.
For my own CMS, I do ratelimits on /56 and /24 subnets. I track the hostmask on ipv6 for things like logins, but that's largely just because it's there.It's about as useful and relevant to me as your connecting port. And don't expect a site owner to treat it as any more unique.
> And criminals *will* find a way to strip that information from their videos. Does that flag it as illegal? Sure. But it was already illegal to begin with.
Worse, it's another framing incident begging to happen. Find some other poor schmuck's key, sign incriminating images with it.
The evaluation, however, is science. It's being used to, presumably, measure something. If it's being done faultily, then it needs to be corrected.
I'd like to continue feeling safe on the ground, thankyouverymuch.
This probably costs Google something like a few dollars per year per employee.
Insurance costs in general are cheaper for larger groups, on a per-person basis.
I routinely get 55x bounce messages from Hotmail on accounts with active users.
Better than Yahoo's 45x permabounces, but still annoying.
Gmail, GMX and AOL, on the other hand, are very pleasant to work with. I can even talk to humans at AOL.
Good set of postfix rules and a very mild tweaking of Spamassassin and I have nearly no spam reach my inbox.
smtpd_client_restrictions = permit_mynetworks,
reject_unknown_client_hostname,
reject_unauth_pipelining,
check_client_access pcre:/etc/postfix/reject-domains,
permit
smtpd_helo_restrictions = permit_mynetworks,
check_helo_access pcre:/etc/postfix/nomail-domains,
check_helo_access mysql:/etc/postfix/reject-helo-mydomains.cf,
reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname,
permit
smtpd_sender_restrictions = permit_mynetworks,
check_sender_access pcre:/etc/postfix/nomail-domains,
check_sender_access mysql:/etc/postfix/reject-sender-mydomains.cf,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
permit
smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination,
check_recipient_access pcre:/etc/postfix/reject-users,
Use Cookie Monster, so some similar cookie disabling app. For most sites disabling cookies means disabling localStorage.
But cookies are dumb. 99% of the time I don't even want to be seeing what I store in localStorage, it's all user preference gloss, and certainly does not need to be sent between my server and your computer ten million times a day. But right now that's what we use cookies for.
Writing my own fully AJAX driven software, let me just say, adding 2kb to each and every single AJAX request is simply a non-starter. For my site, that will easily run 50 GB/day. Half my bandwidth just for cookies! No.
Storing the session in the URL has certainly been done (never seen a PHPSESSID link when you turn off cookies?) but it's an immense security issue on a community website. Someone steals your url, and they're you. No.
Stuff like Cookie Monster, Refcontrol, Noscript and Flash/extensionblock should simply be standard parts of the browser, with users educated how to use them properly.
> The real question of course is how Obama would handle Galactus.
He'd come to the table with "You can only eat half the planet." And manage to walk away with Galactus agreeing to spare 10%.
Right. So now is not the time to complain - wait for the bad deed to actually occur before screaming about said bad deed.
I love the "You can sue after you've been harmed" mantra. Die of food poisoning? Just sue!
Except now we're going to see arguments that all adult sites should move to .xxx domains.
I hope that idea will be a straight up non-starter and stay that way.
A company a family member worked at got hit by that one.
They bought backup software for some insane amount of money.
Time came they had a crash and needed to restore from backup.
There was no restore software.
If you need to increase the number of hugepages on a server, and memory is already seriously fragmented, doing that without a reboot is asking for a world of pain.
This nonsense stopped around 6.16 or so, but yes until then it was freaking annoying. Java updates will remove old versions now.
Even by American standards. Unlimited voice+text+data plans go for a whopping $45 in the US.