IBM probably deserves some credit (or blame) as well, VM/CMS's filesystem may not have been case insensitive (since filenames were all upper case), but 3270 monitors had a switch that would toggle the screen display between mixed (or lower) case to all uppercase. You could still type in mixed case, but it was displayed as upper case.
I understand perhaps the barber on the Enterprise, or the waiters in Ten Forward. You want a ride on the starship, but you're not smart enough to get through the academy, so you sign on as a waiter. But there were still people doing this kind of shit on earth. Like at Sisko's dad's restaurant. Who the hell, given the wonders of the future, free of want and worry, says "I'm going to go wait tables for 8 hours at a stretch!"
Waiting tables isn't all that bad when you're not doing it because you have to feed your family and you have to work long shifts whether you're sick or not because you can't afford to take time off. Especially when you're dealing with a relatively affluent clientele that understands your explanation "Oh, the soup is cold because the replicator is on the fritz".
I waited on executives and bused tables for everyone else at a corporate campus cafeteria while in college, and it was one of the easiest jobs I've had. They didn't even complain to me about the food if it didn't come out right since it was their own company's chef that prepared it. Food was so cheap to employees that it might as well have been free. Since it was at the workplace, everyone was nice and didn't leave any big messes or anything, the worst we had to deal with was when someone accidentally dropped a tray and we had to mop it up, but even then the tray dropper was very apologetic and helped to clean up. This is what I imagine waiting on tables in the Star Trek world must be like.
The San Francisco - Oakland - San Jose MSA area is 27000 km^2. (this MSA covers a large area, from Santa Cruz up to Sonoma)
So, 42 km^3 spread over 27,000 km^2 is around 1.5m of rainfall.
Add in the Sacramento CSA (which extends to Tahoe), and that's another 57,000 km^2 and that takes it down to around half a meter of rain, or around 19" of rain.
That doesn't seem like that much water since SF and Sacramento average over 20" of rain per year, so it sounds like they are saying that even if it only rained from the San Francisco Area through Sacramento to Tahoe, the entire state of California is "only" one year's worth of rain behind.
Why is an opinion column being presented as "news"? There's nothing here to suggest that any research or study has been done, it's all Mr. Haselton's opinion of what he thinks is happening. Either stop branding yourself as "News for Nerds", or stop running opinion columns under the guise of "News".
Who's old enough to remember when the best technology was found at work
For as long as I've used a personal computer (as opposed to dialing in to the school/work mainframe), I've had a better computer at home than at work. I had a color monitor at home while still using monochrome at work, I've had fast graphics cards (sometimes dual) at home while my work computer was using a cheap integrated card, I had an SSD in my home computer long before I got one in my work computer. There was a brief time when work had a better internet connection than my 56kbs modem, but ever since I got DSL and then a faster cable connection, I've had a better connection at home than at work. Instead of a fractional T1 shared among the office, I had 768 or 1.5mbit DSL... instead of a 10mbit dedicated internet connection at the office, I had a 25mbit cable modem connection.
It's only quite recently that work has surpassed what I'm willing to pay for at home -- now my office has a gigabit pipe to the internet and on my desk I have a 27" iMac (maxed out on CPU and RAM with a 1TB SSD) and two 27" monitors (in addition to the iMac display). My home environment is not even close to my work environment.
Oh cute. You think a VM is going to protect you from the host.
I think he runs everything in a VM -- different VM's for different tasks, the only thing the host does is run the VM's.
If this is the case, this does give him good protection from malware - even if the VM used for downloading pirated software gets infected by malware, it's going to be hard (but not impossible) for it to infect the host then then jump to his online banking VM.
That's not the right answer, the right answer is "Tell your employer to buy you a computer for work use at home." I don't mind using my home computer to do work, but not if my employer is going to mandate what software I run on it. If they are worried enough about my computer being a risk unless I run their security software, then they ought to be worried enough about my computer to want to manage the entire computer - both hardware and software... not just the security software.
Or just drop the F-35 program entirely, use drones and cruise missiles for most of what the F-35 would do, and keep the A-10's for close in air support.
You can do that as long as you're willing to start replacing all of your C++ compilers for application development with NTFS filesystems and X-Windows.
Those weapons platforms don't really overlap that much in their capabilities. Maybe by 2115 instead of 2015.....
2115? They still won't have the F-35 combat ready by then.
Warthogs? A-10s are some of the least-expensive, easiest to maintain aircraft in the USAF inventory, and their role in CAS is unrivaled.
Cut a handful of F-35s and you've saved about as much money and probably made our military more combat ready.
Or just drop the F-35 program entirely, use drones and cruise missiles for most of what the F-35 would do, and keep the A-10's for close in air support.
How do they know that those Americans are not American spies that know of plots against the state of the captors until they torture them? Isn't that the same rationale that the USA used to lock prisoners away in Guantanamo Bay (where tortures took place) without a trial -- many were victims of circumstance, being in the wrong place at the wrong time, but we just locked them away with no real recourse for release since they *might* have been enemy combatants.
You think after 5 years in Afghanistan, Iraq, Yemen, etc that the "wrong place wrong time" headcount was only 750!? For real? Those guys weren't just random brownies they scooped up in order to look busy. The guys that made it to Gitmo (despite what it says in the article I am sure you are about to reference about the one guy who swears he is totally innocent and he just happens to have the same name as some other terrorist) were into some next level shit.
I'm just saying that if the US government is going to scoop up "suspected terrorists" and lock them up indefinitely with no trial (not to mention torture them), then they have no moral high ground to stand on when other entities do the same thing when they capture USA citizens.
So, hey, if a couple of your CIA agents or citizens end up getting offed or tortured, don't suddenly say that's unfair. Because it's kind of the bar you set.
The question is, were the Americans tortured with the intention that they should reveal knowledge they possessed about plots against the state of the captors? If that's the case then sure, it sucks, but it's war. We hate them, they hate us, and the gloves are off. If they are torturing certain Americans completely unrelated to the military, as a form of collective punishment, then no *fuck that* we are still on the high ground and we are good to go on dropping a few thousand more bombs on those barbarians.
How do they know that those Americans are not American spies that know of plots against the state of the captors until they torture them? Isn't that the same rationale that the USA used to lock prisoners away in Guantanamo Bay (where tortures took place) without a trial -- many were victims of circumstance, being in the wrong place at the wrong time, but we just locked them away with no real recourse for release since they *might* have been enemy combatants.
The City of London has 9000 residents but about 500,000 people actually working there during the day.
9000 residents and 619 security cameras sounds like OMG BIG BROTHER TROLOLOLOLWTFBBQHAX.
The more realistic, 509,000 people and 619 cameras sounds much less dramatic.
The definition of the City of London being in this case the boundary of the City of London.
Another way to look at is in terms of area.... The City of London covers about 1.12 square miles... If the cameras all cover ground level, them then the cameras could cover a grid with a camera spaced every 225 feet, or about one minute's walking distance.
The Google vs. Oracle lawsuit made a business case for not-invented-here syndrome. I think every major platform vendor will have there own programming languages in the future. Custom APIs and programming languages stops entire classes of patent/copyright lawsuits dead. It stops developers from moving between eco-systems. It even prevents your employees from stealing top-secret software and moving to a competitors. (And if they do steal the software, it becomes really obvious when law-enforcement shows up.)
I do agree from a portability/programmer perspective, NIH programming sucks. However, the legal perspective - it's great!
Also, the funny thing with lawsuits - even if you win, you still lose.
Given the permissive BSD style license that both Google and Facebook use for their respective languages, I don't think that they created these languages for any of these reasons.
It seems that detecting stolen software would be easier if the code was stolen and used as-is. If someone steals secret Go language code from Google and moves to Facebook and rewrites it in Hack (after all, the the actual coding is the easy part of any software project so rewriting it is much easier than creating the project from scratch), it's going to harder to prove it's stolen than if someone steals secret Python code and moves to Facebook and runs it there. They *could* rewrite the python code, but they don't have to, whereas they'd *have* to rewrite software that's written in some proprietary language.
Ruggedness. You can literally beat someone to death with these flashlights and they still work afterwards.
I'm pretty sure I could do the same thing with a $40 maglite. People just aren't that rugged.
I can't believe someone spent a mod point downmodding this post as 'redundant' -- how can it be redundant when it's the only post on this article talking about a maglite being able to beat someone to death!? Offtopic I could see, maybe overrated, perhaps even flamebait. But redundant!?
I'd like to know what kind of Flashlights Santa Clara, CA received at $900 each. ($130K for 145 of them).
They received a utility truck worth $47K - if they put just 53 of their flashlights in the back of the truck, they'd be worth more than the truck itself.
Oh man, that's peanuts compared to my job. Our Cicso IP Phone VOICEMAIL has to be a 7 digit or longer password. And they block repeating numbers, obvious guesses like 867-5309 (or your own phone number). They block patterns like pressing the keypad diagonally or all the corners twice or whatever. AND you have to change it every 30 days. You better believe everyone keeps a post-it with their voicemail password right on their phone. It's a self-defeating system it's so complex.
What's the point of a 7 digit numeric PIN? That's only around 24 bits worth of entropy (even less since the attacker knows that it doesn't have well known patterns and repeated digits so he can exclude those from his search). So 7 digits provides no real protection against an offline password hash attack.
And hopefully the phone system itself can prevent an online attack by locking out accounts that have had too many incorrect guesses.
So what's the advantage of such a long numeric PIN?
Both links establish properly and TLS security model isn't broken.
Right because the CDN has an plain-text copy of the content (which is the point I'm responding to in the grandparent's post) -- the CDN can't transparently ship me SSL encrypted content from the website I'm going to, the CDN has the plain-text content and it's the CDN that establishes the SSL session with me -- I have no assurance at all that what the CDN is showing me is what the original site intended, which is where a CDN break's SSL's security model -- I have to trust that what the CDN is sending me is actually the content from the site that I'm visiting meant to send me. (or conversely, the website that's using the CDN has to trust that what the CDN is sending to their users is what they expected it to be)
There's absolutely no reason why it has to be, if it is indeed done that way.
No reason except for that's how SSL works... Otherwise you get no end to end encryption or assurance that some third party (like the CDN itself) hasn't modified the page. The CDN can't grab an SSL protected page from the host and serve it to browsers with having access to the unencrypted page.
The CDN could retrieve content over SSL, store it as plaintext, and reencrypt with a new ssl certificate (supplied by the host website) it before serving it to you but that's just a specialized case of MITM that many corporate firewalls do to inspect pages, and it breaks the whole security model of SSL.
Slashdot Mirror
And between Exxon and Google, guess which one has a private jumbo jet for its executives...
http://www.bloomberg.com/news/...
Exxon has at least 4 $50M Global Express and 4 $20M Challenger 500 jets.
The difference, of course, is that Google doesn't own their jets, they are owned by a separate LLC started by the founders that use the jets.
For creating case-insensitive file systems.
What.
The.
Fuck.
IBM probably deserves some credit (or blame) as well, VM/CMS's filesystem may not have been case insensitive (since filenames were all upper case), but 3270 monitors had a switch that would toggle the screen display between mixed (or lower) case to all uppercase. You could still type in mixed case, but it was displayed as upper case.
I didn't know Yahoo was trying to create some new hardware device... any details about this device?
I understand perhaps the barber on the Enterprise, or the waiters in Ten Forward. You want a ride on the starship, but you're not smart enough to get through the academy, so you sign on as a waiter. But there were still people doing this kind of shit on earth. Like at Sisko's dad's restaurant. Who the hell, given the wonders of the future, free of want and worry, says "I'm going to go wait tables for 8 hours at a stretch!"
Waiting tables isn't all that bad when you're not doing it because you have to feed your family and you have to work long shifts whether you're sick or not because you can't afford to take time off. Especially when you're dealing with a relatively affluent clientele that understands your explanation "Oh, the soup is cold because the replicator is on the fritz".
I waited on executives and bused tables for everyone else at a corporate campus cafeteria while in college, and it was one of the easiest jobs I've had. They didn't even complain to me about the food if it didn't come out right since it was their own company's chef that prepared it. Food was so cheap to employees that it might as well have been free. Since it was at the workplace, everyone was nice and didn't leave any big messes or anything, the worst we had to deal with was when someone accidentally dropped a tray and we had to mop it up, but even then the tray dropper was very apologetic and helped to clean up. This is what I imagine waiting on tables in the Star Trek world must be like.
The San Francisco - Oakland - San Jose MSA area is 27000 km^2. (this MSA covers a large area, from Santa Cruz up to Sonoma)
So, 42 km^3 spread over 27,000 km^2 is around 1.5m of rainfall.
Add in the Sacramento CSA (which extends to Tahoe), and that's another 57,000 km^2 and that takes it down to around half a meter of rain, or around 19" of rain.
That doesn't seem like that much water since SF and Sacramento average over 20" of rain per year, so it sounds like they are saying that even if it only rained from the San Francisco Area through Sacramento to Tahoe, the entire state of California is "only" one year's worth of rain behind.
Why is an opinion column being presented as "news"? There's nothing here to suggest that any research or study has been done, it's all Mr. Haselton's opinion of what he thinks is happening. Either stop branding yourself as "News for Nerds", or stop running opinion columns under the guise of "News".
"innocence of muslims" really?
what an awkward for this to come up as people are held hostage by extremist muslims
Yes I know, not all muslims are like that, religion of peace, vocal minority, blah blah blah
You can defend a bear all you want, it's still gonna rip your face off
Then you will probably be happy to learn that the video is actually anti-Islamic.
Who's old enough to remember when the best technology was found at work
For as long as I've used a personal computer (as opposed to dialing in to the school/work mainframe), I've had a better computer at home than at work. I had a color monitor at home while still using monochrome at work, I've had fast graphics cards (sometimes dual) at home while my work computer was using a cheap integrated card, I had an SSD in my home computer long before I got one in my work computer. There was a brief time when work had a better internet connection than my 56kbs modem, but ever since I got DSL and then a faster cable connection, I've had a better connection at home than at work. Instead of a fractional T1 shared among the office, I had 768 or 1.5mbit DSL... instead of a 10mbit dedicated internet connection at the office, I had a 25mbit cable modem connection.
It's only quite recently that work has surpassed what I'm willing to pay for at home -- now my office has a gigabit pipe to the internet and on my desk I have a 27" iMac (maxed out on CPU and RAM with a 1TB SSD) and two 27" monitors (in addition to the iMac display). My home environment is not even close to my work environment.
Oh cute. You think a VM is going to protect you from the host.
I think he runs everything in a VM -- different VM's for different tasks, the only thing the host does is run the VM's.
If this is the case, this does give him good protection from malware - even if the VM used for downloading pirated software gets infected by malware, it's going to be hard (but not impossible) for it to infect the host then then jump to his online banking VM.
Then buy a work PC for home use.
Next problem?
That's not the right answer, the right answer is "Tell your employer to buy you a computer for work use at home." I don't mind using my home computer to do work, but not if my employer is going to mandate what software I run on it. If they are worried enough about my computer being a risk unless I run their security software, then they ought to be worried enough about my computer to want to manage the entire computer - both hardware and software... not just the security software.
Security scanning software that looks at all of my files? How will I be violated next? /sarcasm
Seriously, these privacy alarmists are kooks. They have no idea how IT works.
There's a big difference between scanning files and collecting them.
Or just drop the F-35 program entirely, use drones and cruise missiles for most of what the F-35 would do, and keep the A-10's for close in air support.
You can do that as long as you're willing to start replacing all of your C++ compilers for application development with NTFS filesystems and X-Windows.
Those weapons platforms don't really overlap that much in their capabilities. Maybe by 2115 instead of 2015 .....
2115? They still won't have the F-35 combat ready by then.
But then what will the F-35 pilots fly in?
They can sit in air conditioned rooms in Colorado and use the fly-by-videogame interface.
Warthogs? A-10s are some of the least-expensive, easiest to maintain aircraft in the USAF inventory, and their role in CAS is unrivaled.
Cut a handful of F-35s and you've saved about as much money and probably made our military more combat ready.
Or just drop the F-35 program entirely, use drones and cruise missiles for most of what the F-35 would do, and keep the A-10's for close in air support.
How do they know that those Americans are not American spies that know of plots against the state of the captors until they torture them? Isn't that the same rationale that the USA used to lock prisoners away in Guantanamo Bay (where tortures took place) without a trial -- many were victims of circumstance, being in the wrong place at the wrong time, but we just locked them away with no real recourse for release since they *might* have been enemy combatants.
You think after 5 years in Afghanistan, Iraq, Yemen, etc that the "wrong place wrong time" headcount was only 750!? For real? Those guys weren't just random brownies they scooped up in order to look busy. The guys that made it to Gitmo (despite what it says in the article I am sure you are about to reference about the one guy who swears he is totally innocent and he just happens to have the same name as some other terrorist) were into some next level shit.
I'm just saying that if the US government is going to scoop up "suspected terrorists" and lock them up indefinitely with no trial (not to mention torture them), then they have no moral high ground to stand on when other entities do the same thing when they capture USA citizens.
So, hey, if a couple of your CIA agents or citizens end up getting offed or tortured, don't suddenly say that's unfair. Because it's kind of the bar you set.
The question is, were the Americans tortured with the intention that they should reveal knowledge they possessed about plots against the state of the captors? If that's the case then sure, it sucks, but it's war. We hate them, they hate us, and the gloves are off. If they are torturing certain Americans completely unrelated to the military, as a form of collective punishment, then no *fuck that* we are still on the high ground and we are good to go on dropping a few thousand more bombs on those barbarians.
How do they know that those Americans are not American spies that know of plots against the state of the captors until they torture them? Isn't that the same rationale that the USA used to lock prisoners away in Guantanamo Bay (where tortures took place) without a trial -- many were victims of circumstance, being in the wrong place at the wrong time, but we just locked them away with no real recourse for release since they *might* have been enemy combatants.
The City of London has 9000 residents but about 500,000 people actually working there during the day.
9000 residents and 619 security cameras sounds like OMG BIG BROTHER TROLOLOLOLWTFBBQHAX.
The more realistic, 509,000 people and 619 cameras sounds much less dramatic.
The definition of the City of London being in this case the boundary of the City of London.
Another way to look at is in terms of area.... The City of London covers about 1.12 square miles... If the cameras all cover ground level, them then the cameras could cover a grid with a camera spaced every 225 feet, or about one minute's walking distance.
The Google vs. Oracle lawsuit made a business case for not-invented-here syndrome. I think every major platform vendor will have there own programming languages in the future. Custom APIs and programming languages stops entire classes of patent/copyright lawsuits dead. It stops developers from moving between eco-systems. It even prevents your employees from stealing top-secret software and moving to a competitors. (And if they do steal the software, it becomes really obvious when law-enforcement shows up.)
I do agree from a portability/programmer perspective, NIH programming sucks. However, the legal perspective - it's great!
Also, the funny thing with lawsuits - even if you win, you still lose.
Given the permissive BSD style license that both Google and Facebook use for their respective languages, I don't think that they created these languages for any of these reasons.
It seems that detecting stolen software would be easier if the code was stolen and used as-is. If someone steals secret Go language code from Google and moves to Facebook and rewrites it in Hack (after all, the the actual coding is the easy part of any software project so rewriting it is much easier than creating the project from scratch), it's going to harder to prove it's stolen than if someone steals secret Python code and moves to Facebook and runs it there. They *could* rewrite the python code, but they don't have to, whereas they'd *have* to rewrite software that's written in some proprietary language.
What makes these flashlights worth $900?
Ruggedness. You can literally beat someone to death with these flashlights and they still work afterwards.
I'm pretty sure I could do the same thing with a $40 maglite. People just aren't that rugged.
I can't believe someone spent a mod point downmodding this post as 'redundant' -- how can it be redundant when it's the only post on this article talking about a maglite being able to beat someone to death!? Offtopic I could see, maybe overrated, perhaps even flamebait. But redundant!?
I assumed it was a case a Not Invented Here Syndrome.
What makes these flashlights worth $900?
Ruggedness. You can literally beat someone to death with these flashlights and they still work afterwards.
I'm pretty sure I could do the same thing with a $40 maglite. People just aren't that rugged.
I'd like to know what kind of Flashlights Santa Clara, CA received at $900 each. ($130K for 145 of them).
They received a utility truck worth $47K - if they put just 53 of their flashlights in the back of the truck, they'd be worth more than the truck itself.
What makes these flashlights worth $900?
Oh man, that's peanuts compared to my job. Our Cicso IP Phone VOICEMAIL has to be a 7 digit or longer password. And they block repeating numbers, obvious guesses like 867-5309 (or your own phone number). They block patterns like pressing the keypad diagonally or all the corners twice or whatever. AND you have to change it every 30 days. You better believe everyone keeps a post-it with their voicemail password right on their phone. It's a self-defeating system it's so complex.
What's the point of a 7 digit numeric PIN? That's only around 24 bits worth of entropy (even less since the attacker knows that it doesn't have well known patterns and repeated digits so he can exclude those from his search). So 7 digits provides no real protection against an offline password hash attack.
And hopefully the phone system itself can prevent an online attack by locking out accounts that have had too many incorrect guesses.
So what's the advantage of such a long numeric PIN?
CDN hosted content will be linked to by the page served to the client just like it is now.
Example: you connect to https://examplebank.com/ the page served back to you links to content (images, scripts, we) hosted on https://examplecdn.com/
Both links establish properly and TLS security model isn't broken.
Right because the CDN has an plain-text copy of the content (which is the point I'm responding to in the grandparent's post) -- the CDN can't transparently ship me SSL encrypted content from the website I'm going to, the CDN has the plain-text content and it's the CDN that establishes the SSL session with me -- I have no assurance at all that what the CDN is showing me is what the original site intended, which is where a CDN break's SSL's security model -- I have to trust that what the CDN is sending me is actually the content from the site that I'm visiting meant to send me. (or conversely, the website that's using the CDN has to trust that what the CDN is sending to their users is what they expected it to be)
There's absolutely no reason why it has to be, if it is indeed done that way.
No reason except for that's how SSL works... Otherwise you get no end to end encryption or assurance that some third party (like the CDN itself) hasn't modified the page. The CDN can't grab an SSL protected page from the host and serve it to browsers with having access to the unencrypted page.
The CDN could retrieve content over SSL, store it as plaintext, and reencrypt with a new ssl certificate (supplied by the host website) it before serving it to you but that's just a specialized case of MITM that many corporate firewalls do to inspect pages, and it breaks the whole security model of SSL.