You know, as a security sort of person, I tend to agree in principle. I do, however, find it fascinating how principle and reality don't quite line up all that often. A case in point, one of the blogs I read fairly regularly uses captchas. He doesn't really obscure it too much, and it's always the same 3 character string, related to the name of the site. Any spammer who actually posted more than once could easily figure it out. So far, none have. He wrote about his experiences with this here. So maybe captchas don't need to be all that complex...
One of the first articles I read on this had this gem:
The attorneys general said that in 2006 the media reported almost 100 crimes involving adults who used MySpace to prey or attempt to prey on children in the United States. They pointed to two cases in North Carolina, which is leading the charge to get answers from MySpace.
A former sheriff's deputy from was sentenced last year to 15 years in prison for molesting a 15-year-old North Carolina boy he met on MySpace. A North Carolina police officer was also arrested and charged with raping a 14-year-old girl he met on MySpace.
North Carolina, Connecticut, and other states have introduced legislation that would require social networking sites, like MySpace, to get parental permission before minors can register. In North Carolina, Cooper wants the legislature to pass a law that would make it a felony for convicted sex offenders to join social networking sites that include children.
So maybe, and I'm just throwing this out as a thought here, maybe it's just a crazy idea, but maybe instead of trying to keep the sex offenders out of MySpace.com, perhaps we might spend a little time attempting to keep them out of the fucking police force? I mean really, it's a pretty sad day when a "social networking" web site is expected to do a better job of doing background checks on its users than the police can do on their job applicants.
"Is there a solution to the woeful lack of qualified mathematics teachers that the Teachers' Union will find acceptable?"
No. Because among the Teachers' Union's membership there are 40% of mathematics teachers who would become unemployed if a solution were found. A good solution would help two groups of people: Qualified people who are not currently teachers, and students. Neither of those groups is a part of any Teachers' Union.
So, how hard might it be to generate random but valid data to fill out this XML? And then have a little daemon that does nothing but post it over and over 24/7? "Wow. Looks like a NAT/proxy server with millions of users behind it who really don't like WGA."
Unless someone's already found them. In which case we're further from finding them now than we have been since as long before they were found as we are past when they were found now. Yeah. That parses well.
Of course, this all assumes that the terms "closer" and "further" are being used to measure a temporal distance. If I'm looking for my keys, I could have been closest (physically) to finding them this morning when I was in the kitchen where they're under the newspaper, even though in only a few minutes I'll go back to the kitchen and actually find them, thus making me currently closer (temporally) to finding them right now than I was this morning.
Not that I actually think that's how the author meant it. It was probably meant to be just as bad as it sounds. But a similar statement could theoretically have been useful. Just not here.
It could be worse. They could have contacted ICANN and said "We know that someone is hosting a bunch of compromised usernames and passwords somewhere in the.org hierarchy. Could you please remove that TLD?"
I mean, yeah, it sounds unlikely, but... what if it worked?
That makes sense... I would say the alternative hypothesis would be that a solitary intergalactic binary star system went nova while traveling at a vector whose away-from-the-earth component approximated the redshift of the galaxy behind it. I can certainly see why that would be considered a bit of an unlikely event. I think the "colliding stars" theory is probably more likely.
OK, so this is calling into question one of the "standard candles" of astronomy and cosmology. But I'm curious exactly how? There's a fairly simple formula that relates absolute magnitude, relative magnitude, and distance. If you know any two, you can calculate the third. The whole concept of standard candles is that there are some events for which we know the absolute magnitude. This article is saying this is one of the standard candle events, but much brighter than ever before. The big question for me is, how do they know it's not just closer than ever before? My understanding is that the standard candle equations are the only way to determine distance at these ranges.
For me, much faster than anything I could click with my mouse, is ctrl-s. Alternatively, Atl,F,S is pretty speedy too. (not that I'm saying you should have suggested this to your friend... I've tried to suggest to my wife things like using ctrl-c and ctrl-v to cut and paste instead of the right-click menu. I've learned that these sorts of suggestions are not always taken kindly.)
Anyhow, the point I was getting to is this: Having not yet used, touched, observed, or otherwise interacted with Office 2007, I'm curious to find out how easy it is to use without a mouse. If they've made it so that anytime I want to do something more complicated than "save file" or "boldface" I'm going to have to use the mouse to do it, then I'll consider it a significant UI downgrade.
Of course organizations are made of people, the point is that the people that make up an organization can change over time. So the loyalty that an "organization" earned in the past is only relevant if the organization is made up of the same people. If it's all new people, they've got to earn their own loyalty.
And of course I wouldn't let it out of the bag about Darth Vader being Soylent Green's father. It'd ruin everything for those who hadn't seen it yet.:)
The flip side of this study is also true. In the last 15 years, I've worked for 9 different companies. I've had 2 bosses. I've had many of the same co-workers.
"Carbon neutral" strikes me as an odd appelation. The basic equation that makes up mass balances 101 is, mass in minus mass out yields accumulation. Google is currently carbon neutral in the fact that the amount of carbon entering their campus, minus the amount of carbon leaving their campus is very nearly zero, on just about any meaningful timeframe. The same can be said about the Earth as a whole.
Now, I know what they mean - with regards to (hydrocarbons + O2 <-> CO2 + water + energy) they operate in such a way as to not tip the equilibrium point of the reaction one way or the other in general on this planet.
The humor inherent in my post was in applying the same logic to other reactions (U235 <-> Lighter elements + energy), (H2 <-> He + energy), and (matter + antimatter <-> energy), which, if Google did a little bit more of, would help them to do a better job with the carbon equilibrium equation.
As it is, they're currently planning to use solar to achieve carbon neutrality. If they succeed, they do so by sacrificing helium neutrality.
All joking aside, I really would love for Google (or nearly anyone else) to really commit to carbon neutrality, or even on-balance hydrocarbon accumulation by building themselves a big nuke plant for all their power needs.
You know, the thing that I thought most funny about this was the statement: "Pollution would cease being created". The earth was highly polluted before humans got here. Our atmosphere is made up of about 20% the toxic waste given off by cyanobacteria. And we like it that way. Of course, the cyanobacteria probably don't like it too much, but that's what they get for never doing an environmental impact study on the effects of large-scale photosynthesis. If they had, perhaps they would have curbed their activities a bit, thus inadvertently saving the planet from those pesky humans in the process.
Biological pollution will stop once there is no life left on the planet. At which point, the only thing left will be entropic pollution, which will continue until the ultimate heat death of the universe.
I wonder if this group of authors of children's literature has given any thought to worrying about children having "real play (as opposed to sedentary, text-and-pictures-on-paper-based entertainment), first-hand experience of the world they live in". Personally, I tend to believe (with no basis in fact) that the best things for kids are (in order) real, outside-with-others-and-nature play, followed by reading, followed by playing games, followed by watching TV/movies. I'm not at all sure *why* it is that reading seems better than playing games, but I think it's a question that really should be answered before trying to get rid of the games.
OK, so it's 750 students, and say it lasts 20 years (I'd call that optimistic, I haven't seen a whole lot of schools that old without some serious refresh, and this is a high-tech school as well - high tech gets real old real fast.) Anyhow, that's still $4500 per year, per student. And that's purely depreciation on the building. Once you add in teacher salaries, administrative overhead, maintenance, and (this is Microsoft after all) software licensing and upgrades, that won't be chump change.
But it's better than that. It's $245K that they have to pay back to the people who won. So now, not only can you buy elections, but you can get a manufacturer rebate!
I recall a friend who had a "create your own question" security system at.. I believe it was his bank. Anyhow, it was a question that was asked by call center employees. He had far too much fun with that. He said "I love it! Every time I call my bank, they have to ask me 'Jack, why are you such a fucking pussy?', and every time I have to reply 'Because I am what I eat.'"
So, there may be other reasons not to use this sort of system.
But, fundamentally, it's a horrible security measure and should be taken out and shot.
Maybe, but it's done. The last surgery I watched (my wife's C-section) they were extremely meticulous about sponges in versus sponges out. They double-checked the count of the number of packs-of-10 sponges in the room at the start, there was one person who it appeard had the sole duty of counting used sponges and putting them in little plastic strips with 10 sponge-sized pouches per strip. Then someone else double-checked that count. Then before they closed, they counted the number of unopened packs and added the number of plastic strips, and made sure it was the same as the number they started out with. It seemed like a very well-thought-out way of avoiding that exact problem.
Actually, as far as uses of RFID go, this seems like a fairly good one. The incremental cost of adding RFID to surgical instruments is trivial, you aren't working against a dedicated attacker trying to subvert your system, and although the number of instances of instruments left in patients is fairly low, this system, I would think, would probably cost-justify itself given the cost-per-incident-avoided.
The instrument at full output is supposed to be 1.4 MW. Assuming 5$/kWhr (note that big installations end up paying less per kWhr, on average, than a residential user) that's over $100,000/day in electricity costs.
According to my math, that ends up being $168,000.00 per day. That's certainly well over $100K/day. However, I do take exception to one of your assumptions. $5/kWhr seems excessive. From my (residential) power bill:
Non-Fuel Energy Charge:
First 1000 KWH $0.042310 per KWH
Over 1000 KWH $0.052310 per KWH
Fuel Charge:
First 1000 KWH $0.058410 per KWH
Over 1000 KWH $0.068410 per KWH
That ends up being, at most, about 12 cents/KWH, or for a full day, it's $4056.19 That's still a lot more than I'd like to pay for my power bill, it'd end up being about $121,685.76 for a 30 day month, but it's a far cry from over $100K per day.
Of course, this being ORNL, they could just build their own power plant. I'm sure they could find the pieces for one laying around somewhere...
That is absolutely fascinating, and I thank you for pointing it out for me. It brings up so many interesting lines of thought. Given their findings I would expect that CB usage would be similar to a handsfree cellphone. It really makes me wonder what the core differences are between some things... For instance, one of the core differences between some of these activities is whether you're just listening, or if you have to actually speak. Another difference would be how much you actually care about what you're listening to (if you don't have to speak). And I wonder if it would be just as bad talking to a blindfolded passenger.
So many fascinating questions. And I seriously covet his simulator. That is definitely the way to do this sort of test...
I remember that episode, and the thing that bugged me about it was similar to what bugs me about these laws. (Actually, many things bug me about these laws, but if you accept the class of laws as usefull and desireable, then there's one thing that bugs me in relation to its effectiveness) That thing is that there seems to be a lack of comparative studies with different types of distractions. I know full well that talking on a cell phone held up to your ear is distracting and will cause you to do whatever else you're doing less effectively, whether it be driving, coding, playing Quake, posting on slashdot, or reading a book. I've done all of the above, and trust me, it's not pretty. And I think it's valuable information to relate the level of distraction to the level of incapacitation experienced through intoxication. However, I would love to see how it stacks up against the level of distraction experienced while:
talking on a cellphone using a handsfree speaker/microphone set
talking on a cellphone using a headset
talking on a CB radio
talking to a passenger in the front seat
talking to a passenger in the back seat
dealing with an unruly toddler
eating a burger
eating spagetti
and the list goes on and on...
Of course, the thing that's really galling is to hear about these laws, and then see a cop doing 80 in a 65 zone (without lights/siren on) while talking on a cellphone and typing on the laptop in the passenger seat.
Slashdot Mirror
You know, as a security sort of person, I tend to agree in principle. I do, however, find it fascinating how principle and reality don't quite line up all that often. A case in point, one of the blogs I read fairly regularly uses captchas. He doesn't really obscure it too much, and it's always the same 3 character string, related to the name of the site. Any spammer who actually posted more than once could easily figure it out. So far, none have. He wrote about his experiences with this here. So maybe captchas don't need to be all that complex...
So maybe, and I'm just throwing this out as a thought here, maybe it's just a crazy idea, but maybe instead of trying to keep the sex offenders out of MySpace.com, perhaps we might spend a little time attempting to keep them out of the fucking police force? I mean really, it's a pretty sad day when a "social networking" web site is expected to do a better job of doing background checks on its users than the police can do on their job applicants.
Jeesh.
"Is there a solution to the woeful lack of qualified mathematics teachers that the Teachers' Union will find acceptable?"
No. Because among the Teachers' Union's membership there are 40% of mathematics teachers who would become unemployed if a solution were found. A good solution would help two groups of people: Qualified people who are not currently teachers, and students. Neither of those groups is a part of any Teachers' Union.
So, how hard might it be to generate random but valid data to fill out this XML? And then have a little daemon that does nothing but post it over and over 24/7? "Wow. Looks like a NAT/proxy server with millions of users behind it who really don't like WGA."
Petty, I know, but fun.
Unless someone's already found them. In which case we're further from finding them now than we have been since as long before they were found as we are past when they were found now. Yeah. That parses well.
Of course, this all assumes that the terms "closer" and "further" are being used to measure a temporal distance. If I'm looking for my keys, I could have been closest (physically) to finding them this morning when I was in the kitchen where they're under the newspaper, even though in only a few minutes I'll go back to the kitchen and actually find them, thus making me currently closer (temporally) to finding them right now than I was this morning.
Not that I actually think that's how the author meant it. It was probably meant to be just as bad as it sounds. But a similar statement could theoretically have been useful. Just not here.
It could be worse. They could have contacted ICANN and said "We know that someone is hosting a bunch of compromised usernames and passwords somewhere in the .org hierarchy. Could you please remove that TLD?"
I mean, yeah, it sounds unlikely, but... what if it worked?
That makes sense... I would say the alternative hypothesis would be that a solitary intergalactic binary star system went nova while traveling at a vector whose away-from-the-earth component approximated the redshift of the galaxy behind it. I can certainly see why that would be considered a bit of an unlikely event. I think the "colliding stars" theory is probably more likely.
OK, so this is calling into question one of the "standard candles" of astronomy and cosmology. But I'm curious exactly how? There's a fairly simple formula that relates absolute magnitude, relative magnitude, and distance. If you know any two, you can calculate the third. The whole concept of standard candles is that there are some events for which we know the absolute magnitude. This article is saying this is one of the standard candle events, but much brighter than ever before. The big question for me is, how do they know it's not just closer than ever before? My understanding is that the standard candle equations are the only way to determine distance at these ranges.
For me, much faster than anything I could click with my mouse, is ctrl-s. Alternatively, Atl,F,S is pretty speedy too. (not that I'm saying you should have suggested this to your friend... I've tried to suggest to my wife things like using ctrl-c and ctrl-v to cut and paste instead of the right-click menu. I've learned that these sorts of suggestions are not always taken kindly.)
Anyhow, the point I was getting to is this: Having not yet used, touched, observed, or otherwise interacted with Office 2007, I'm curious to find out how easy it is to use without a mouse. If they've made it so that anytime I want to do something more complicated than "save file" or "boldface" I'm going to have to use the mouse to do it, then I'll consider it a significant UI downgrade.
Of course organizations are made of people, the point is that the people that make up an organization can change over time. So the loyalty that an "organization" earned in the past is only relevant if the organization is made up of the same people. If it's all new people, they've got to earn their own loyalty.
:)
And of course I wouldn't let it out of the bag about Darth Vader being Soylent Green's father. It'd ruin everything for those who hadn't seen it yet.
The flip side of this study is also true. In the last 15 years, I've worked for 9 different companies. I've had 2 bosses. I've had many of the same co-workers.
Loyalty is to people, not organizations.
"Carbon neutral" strikes me as an odd appelation. The basic equation that makes up mass balances 101 is, mass in minus mass out yields accumulation. Google is currently carbon neutral in the fact that the amount of carbon entering their campus, minus the amount of carbon leaving their campus is very nearly zero, on just about any meaningful timeframe. The same can be said about the Earth as a whole.
Now, I know what they mean - with regards to (hydrocarbons + O2 <-> CO2 + water + energy) they operate in such a way as to not tip the equilibrium point of the reaction one way or the other in general on this planet.
The humor inherent in my post was in applying the same logic to other reactions (U235 <-> Lighter elements + energy), (H2 <-> He + energy), and (matter + antimatter <-> energy), which, if Google did a little bit more of, would help them to do a better job with the carbon equilibrium equation.
As it is, they're currently planning to use solar to achieve carbon neutrality. If they succeed, they do so by sacrificing helium neutrality.
All joking aside, I really would love for Google (or nearly anyone else) to really commit to carbon neutrality, or even on-balance hydrocarbon accumulation by building themselves a big nuke plant for all their power needs.
And their goals for 2007 include becoming uranium-neutral. Perhaps in 2008, they'll be helium-neutral.
By 2020, they hope to be matter-neutral.
You know, the thing that I thought most funny about this was the statement: "Pollution would cease being created". The earth was highly polluted before humans got here. Our atmosphere is made up of about 20% the toxic waste given off by cyanobacteria. And we like it that way. Of course, the cyanobacteria probably don't like it too much, but that's what they get for never doing an environmental impact study on the effects of large-scale photosynthesis. If they had, perhaps they would have curbed their activities a bit, thus inadvertently saving the planet from those pesky humans in the process.
Biological pollution will stop once there is no life left on the planet. At which point, the only thing left will be entropic pollution, which will continue until the ultimate heat death of the universe.
I wonder if this group of authors of children's literature has given any thought to worrying about children having "real play (as opposed to sedentary, text-and-pictures-on-paper-based entertainment), first-hand experience of the world they live in". Personally, I tend to believe (with no basis in fact) that the best things for kids are (in order) real, outside-with-others-and-nature play, followed by reading, followed by playing games, followed by watching TV/movies. I'm not at all sure *why* it is that reading seems better than playing games, but I think it's a question that really should be answered before trying to get rid of the games.
OK, so it's 750 students, and say it lasts 20 years (I'd call that optimistic, I haven't seen a whole lot of schools that old without some serious refresh, and this is a high-tech school as well - high tech gets real old real fast.) Anyhow, that's still $4500 per year, per student. And that's purely depreciation on the building. Once you add in teacher salaries, administrative overhead, maintenance, and (this is Microsoft after all) software licensing and upgrades, that won't be chump change.
But it's better than that. It's $245K that they have to pay back to the people who won. So now, not only can you buy elections, but you can get a manufacturer rebate!
I think it's safe to say that any entity that doesn't know the human race is addicted to pr0n can be conclusively determined not to be sentient.
I recall a friend who had a "create your own question" security system at.. I believe it was his bank. Anyhow, it was a question that was asked by call center employees. He had far too much fun with that. He said "I love it! Every time I call my bank, they have to ask me 'Jack, why are you such a fucking pussy?', and every time I have to reply 'Because I am what I eat.'"
So, there may be other reasons not to use this sort of system.
But, fundamentally, it's a horrible security measure and should be taken out and shot.
I recall reading a while back that the literal translation of the term "black hole" into Russian is.. well, very rude.
And manages to tie this all in with Penthouse.
So it makes sense, you know, if you're an astrophysicist who speaks Russian and likes porn.
a pile of bloody sponges is much harder to count
Maybe, but it's done. The last surgery I watched (my wife's C-section) they were extremely meticulous about sponges in versus sponges out. They double-checked the count of the number of packs-of-10 sponges in the room at the start, there was one person who it appeard had the sole duty of counting used sponges and putting them in little plastic strips with 10 sponge-sized pouches per strip. Then someone else double-checked that count. Then before they closed, they counted the number of unopened packs and added the number of plastic strips, and made sure it was the same as the number they started out with. It seemed like a very well-thought-out way of avoiding that exact problem.
Actually, as far as uses of RFID go, this seems like a fairly good one. The incremental cost of adding RFID to surgical instruments is trivial, you aren't working against a dedicated attacker trying to subvert your system, and although the number of instances of instruments left in patients is fairly low, this system, I would think, would probably cost-justify itself given the cost-per-incident-avoided.
Ethereal.org is definitely not a packet capture utility. Ethereal.com is what's sniffing the glue that holds the internet together.
OK, I'm not arguing with your math here, but:
The instrument at full output is supposed to be 1.4 MW. Assuming 5$/kWhr (note that big installations end up paying less per kWhr, on average, than a residential user) that's over $100,000/day in electricity costs.
According to my math, that ends up being $168,000.00 per day. That's certainly well over $100K/day. However, I do take exception to one of your assumptions. $5/kWhr seems excessive. From my (residential) power bill:
Non-Fuel Energy Charge:
First 1000 KWH $0.042310 per KWH
Over 1000 KWH $0.052310 per KWH
Fuel Charge:
First 1000 KWH $0.058410 per KWH
Over 1000 KWH $0.068410 per KWH
That ends up being, at most, about 12 cents/KWH, or for a full day, it's $4056.19 That's still a lot more than I'd like to pay for my power bill, it'd end up being about $121,685.76 for a 30 day month, but it's a far cry from over $100K per day.
Of course, this being ORNL, they could just build their own power plant. I'm sure they could find the pieces for one laying around somewhere...
That is absolutely fascinating, and I thank you for pointing it out for me. It brings up so many interesting lines of thought. Given their findings I would expect that CB usage would be similar to a handsfree cellphone. It really makes me wonder what the core differences are between some things... For instance, one of the core differences between some of these activities is whether you're just listening, or if you have to actually speak. Another difference would be how much you actually care about what you're listening to (if you don't have to speak). And I wonder if it would be just as bad talking to a blindfolded passenger.
So many fascinating questions. And I seriously covet his simulator. That is definitely the way to do this sort of test...
Thanks for the info.
Of course, the thing that's really galling is to hear about these laws, and then see a cop doing 80 in a 65 zone (without lights/siren on) while talking on a cellphone and typing on the laptop in the passenger seat.