Of course, any time you see an article that begins along the lines of "scientists have concluded" or "scientists agree" you can pretty much bet that it's a reprinted press release of some group, there's an agenda attached, and your bullshit detector should go into high gear. That's not to say that there's a nonzero probability of truth, just that you should be extremely cautious.
There aren't many "conclusions" in science - even in the areas that lend themselves to the most concrete of measurements (such as physics), refinements and changes never seem to stop. In areas like biology and climatology where the relationships between the data sources and even the data itself are extremely complex and difficult to understand and interpret, it's pretty safe to call bullshit on anyone who claims to have an answer so perfect that we can "conclude" inquiry into the area.
Unfortunately (for serious environmentalists), many of these bullshit artists are found in the environmental movement where they are perfectly safe because the mere act of questioning them is treated as heresy. One can even speculate that the environmental movement has merely taken over the "the world is ending; you must follow us to be saved - and by the way, if any of you goddamned heathens question us, we'll burn your heretecal ass at the stake" meme from organized religion. This is also often phrased along the lines of "the situation is too serious for debate [or more research]! We must act [spend / offer up tithes to the goddess Giaa] now!" There has always been (and probably always will be) a large group of people whom, for some bizzare reason, want to believe the world is about to end and that they (the annointed / enlightened ones) must Act Now to save it. Organized religion has exploited this for centuries, and now the bulk of the environmental movement has jumped on the bandwagon.
Serious environmental research and debate is crucial for us having a nice place to exist and that's important (and worth protecting, spending money on, etc), but watching a bunch of sheep run around bleating about the end of the world (or the crucial coral reefs) makes me nausious. That being said, I'm all for reducing pollution and keeping an eye on things, but not under the auspices of alarmist sensationalism.
Methinks paragon_au just put that in there to get a rise out of knee-jerk, I didn't RTFA slashdotters. No one "official" ever used the term Advertising Terrorism.
Knee-jerk, didn't-RTFA reactions on Slashdot?!??? Bitch, please!
Seriously, though, the first thing I did on reading the summary was RTFA and check for use of the word terrorism or terror. Not mentioned once. Too bad we can't moderate articles (and editors) -1 TROLL.
Not only do these articles have nothing to do with terrorism, they're essentially about people being unhappy with contracts (the terms and conditions associated with tickets purchaed for Olympic events) they entered into of their own free will. And, no, I don't think not being able to wear a PUMA shirt to or eat a Burger King Whopper at an Olympic Event is some horrible suppression of speech (although the irony of forcing people to eat McDonalds food at events that are all about people in absolutely peak physical condition is priceless - whoops used a MasterCard trademarked word to discuss a Visa-sponsored event).
In any case, get over it already people. Take some personal fucking responsibility.
Slashdot: News for whiners, stuff that makes me roll my eyes (at least in this case).
From the rumors I've heard and interviews I've read, they hardly make fun of Bush at all... most of their sarcasm is directed towards Hollywood celebreties that have "opinions" (err... groupthink) relating to foriegn affairs...
This thing reminds me of Clay's horny, drug-addicted ferret, Angus, on Showtimes not-nearly-as-funny-as-it-should-be show "Free for all." I couldn't find any great pics, but Showtime's Free For All site is here.
The drug-addicted part is where I find the greatest resemblance.
Obviously the real challenge is forcing Microsoft to support it.
No problem! Just install this ActiveX control and you have instant Web Forms 2.0 capabilities (oh yeah, and I get all your credit card numbers... whoops... did I say that?)
If there are specific public areas that are considered highly desireable targets, then it's only prudent to have correspondingly high security, even if it's intrusive (I'm speaking generally). Especially in a place like this, where nobody's putting a gun to your head and saying "go to the olympics" (especially since Uday Hussein is no longer in charge of the the Iraqi teams) - attending the Olympics is a purely optional pursuit, and people can make an informed choice as to whether or not to subject themselves to the additional scrutiny. Think of it as a privacy trade-off, just as you consider the financial trade-offs of attending a relatively expensive event such as this.
Life is full of such trade-offs, and as long as people are allowed to make informed choices - especially in activities such as this that are purely optional - I don't see what the big deal is. If you don't like it, stay home. HDTV probably gives you a better view anyway!
sigh*...looks like Scaled Composites is still that much further along than anyone else. Honestly, does anyone think any of the other teams have a chance of beating them?
Not any more... I stole their sparkplug wires... They'll spend weeks trying to figure it out!
I posted this idea in a previous discussion: modern cryptography allows you to have your cake and eat it too, at least in this case. My solution:
Binary-encode the results and a serial number (used to uniquely identify the vote in the tally - note that all current ballots, at least where I live, are serialized), salt it, then encrypt it using one of several public keys (there could be thousands of them). Append information that determines which key is used. Print out the data as a two-dimensional barcode. This barcode could be read at a machine at various government offices.
Yes, there is potential to have someone else read the barcode, but there are physical ways to limit the abuse (have a "trusted" person or people put the barcode through the reader, the voter can then view the vote through goggles or an American-Football Instant-replay style viewer, there are many other options). At this point you can make sure nobody is going in there to check more than one vote. Someone could, with a great deal of effort, check several receipts, but it would be impractical to verify votes on anything even approaching large scale. You could make it a felony to knowingly do so, etc. At this point, even though you can't necessarily claim perfect security, you can say it's reasonable (hell, with any system you could use your cell phone to take a picture of your selections, etc).
Anyway, this gives you a printed receipt that no one can read (unless they get all of the private keys) or trace back to a specific voter. The voter can personally go back to the gubmint and verify their vote against the database. This could, of course, still be rigged, but it would require a more or less complete compromise of the systems involved.
Actually, John Carmack has stated that they have a business plan that does not rely on them winning the X-Prize, or getting any other sort of cash windfall (I'm summarizing, so any mistake is mine and not his). Some great insight as to their plans can be gleaned from the Armadillo Aerospace Forum at XPrize.org.
Even though they are not as polished or well-funded as Scaled Composites, their openness with their processes, plans, trials, and tribulations makes them one hell of a lot cooler and several orders of magnitude more interesting, at least in my book.
The question is, what kind of cross-licensing agreement(s) does IBM have with MS? Many large tech companies cross-license their entire portfolios in order to avoid patent litigation wars.
After this whole thing started I simply had my dns cache resolve verisign.com addresses through my local dns server... problem solved. In fact, I'd forgotten about the whole thing...
If they expect you to be on-call after hours (it's officially in your job description, etc.), then it is reasonable for them to provide the means for you to handle that (be it network / Internet connectivity, hardware, software, etc). I've gone as far as requiring them to provide hardware (and I've gotten this for other employees as well).
As far as cell phones and pagers go, rates have dropped significantly, and personal use has increased to the point where it's like asking your company to provide you with a home phone so they can call you - it's probably asking a bit much. However, if you can show that your work-related cellular useage is hitting you in the pocketbook, then you should have the company provide you with a dedicated (business-stuff-only) phone that they can audit to their heart's content.
Knowing only the skimpy details provided in the story description, it sounds like your boss is a cheap asshole who needs to be set straight.
The article indicates that the projectiles will have basic navigation and steering capabilities similar to other supersonic missiles - one of the challenges they had to deal with was creating a guidance package that could withstand the high-energy electromagnetic forces involved in the launch process.
I have to disagree with this to a certain extent on a practical level. If a system's keys are encyrpted then user or administrative intervention is required on reboot. This is usually an unacceptable condition for "border" devices, especially for small- and medium-sized companies that typically don't have 24x7 administrative support. Our solution has been to strictly control root access to the VPN systems, and to strictly limit running processes on it - typically SSH w/ key-based authentication, and maybe some DNS caching / servies using the DJBDNS tools for small remote sites that don't have another box to run that on.
But that's it. Only two admins for each box have any sort of login access (once logged in they can su / sudo). Only root can read or write the files (root's password is 20-char random alpha-numeric-symbolic, locked in a safe and basically never used). Yes, there's the old "boot access is root access" saw, but that's a trade-off we're willing to accept. "Central" VPN devices are typically stored in a reasonably secure co-lo facility, or dedicated server room with controlled access, and if the key for one remote site gets compromised, then so be it. Keep in mind that IPSec keys can be set up as IP Address-specific (with the exception of road warriors). On travelling Windows laptops, we can encrypt local keys with XP file encryption built in to NTFS, and with each remote host having a unique key, and with fairly strict firewall rules for road warriors (easy to implement because Free/OpenS/WAN creates a virtual network interface that is subject to the usual NetFilter rules) exposure is reasonably limited.
As always, the only completely secure system is one that has been unplugged, put through a metal grinder, melted down, and had the resulting slag turned to plasma in the core of a fission reactor. Unfortunately, systems must be reasonably accessible in order to be useful, and thus trade-offs must be made. If they are made intelligently, then a system can be both accessible and reasonably secure.
It's an implementation of IPSec, and thus is compatible with a whole slew of systems. For most corporations running VPNs, Extranets, etc., IPSec is pretty much the defacto standard. I'll be the first to call IPSec a huge designed-by-committee pain in the ass, but it's pretty damned secure when properly implemented, and it's a widely supported open standard.
Even since FreeS/WAN gave up on changing the world to Opportunistic Encryption (not my favorite idea, but I suppose if I feel too strongly I can write my own damn implementation:) ), I've been looking into alternatives, and obviously OpenS/WAN is the first choice. A frustration I had when looking into it was that I couldn't find any documentation describing the differences between the two projects. I didn't do any diffs on the documentations, but from a brief perusal it looks pretty much like the FreeS/WAN docs. Does anyone out there have a list of specific differences between the projects - other than the included patches for things like x.509 NAT traversal, etc that are also included in Super FreeS/WAN (I'm kind of assuming that there are more changes)?
Instead of a Spam tax to Microsoft, we pay a penny or so to a numbered Swiss account that is charged with paying for a dedicated band of mercenaries. After some well publicized cases of kneecapping of identified Spammers, I do believe the volume will finally subside...
Forget the kneecaps, cut off their balls. (I'm assuming most spammers are guys - "Denial of Cervix" jokes are left as an exercise for the reader).
Binary-encode the results and a serial number (used to uniquely identify the vote in the tally - note that all current ballots, at least where I live, are serialized), salt it, then encrypt it using one of several public keys (there could be thousands of them). Append information that determines which key is used. Print out the data as a two-dimensional barcode. This barcode could be read at a machine at various government offices.
Yes, there is potential to have someone else read the barcode, but there are physical ways to limit the abuse (have a "trusted" person or people put the barcode through the reader, the voter can then view the vote through goggles or an American-Football Instant-replay style viewer, there are many other options). At this point you can make sure nobody is going in there to check more than one vote. Someone could, with a great deal of effort, check several receipts, but it would be impractical to verify votes on anything even approaching large scale. You could make it a felony to knowingly do so, etc.
This gives you a printed receipt that no one can read (unless they get all of the private keys) or trace back to a specific voter. The voter can personally go back to the gubmint and verify their vote against the database. This could, of course, still be rigged, but it would require a more or less complete compromise of the systems involved.
Slashdot Mirror
You can encrypt conversations using Trillian Pro over AIM (both parties must be running this combo)
Of course, any time you see an article that begins along the lines of "scientists have concluded" or "scientists agree" you can pretty much bet that it's a reprinted press release of some group, there's an agenda attached, and your bullshit detector should go into high gear. That's not to say that there's a nonzero probability of truth, just that you should be extremely cautious.
There aren't many "conclusions" in science - even in the areas that lend themselves to the most concrete of measurements (such as physics), refinements and changes never seem to stop. In areas like biology and climatology where the relationships between the data sources and even the data itself are extremely complex and difficult to understand and interpret, it's pretty safe to call bullshit on anyone who claims to have an answer so perfect that we can "conclude" inquiry into the area.
Unfortunately (for serious environmentalists), many of these bullshit artists are found in the environmental movement where they are perfectly safe because the mere act of questioning them is treated as heresy. One can even speculate that the environmental movement has merely taken over the "the world is ending; you must follow us to be saved - and by the way, if any of you goddamned heathens question us, we'll burn your heretecal ass at the stake" meme from organized religion. This is also often phrased along the lines of "the situation is too serious for debate [or more research]! We must act [spend / offer up tithes to the goddess Giaa] now!" There has always been (and probably always will be) a large group of people whom, for some bizzare reason, want to believe the world is about to end and that they (the annointed / enlightened ones) must Act Now to save it. Organized religion has exploited this for centuries, and now the bulk of the environmental movement has jumped on the bandwagon.
Serious environmental research and debate is crucial for us having a nice place to exist and that's important (and worth protecting, spending money on, etc), but watching a bunch of sheep run around bleating about the end of the world (or the crucial coral reefs) makes me nausious. That being said, I'm all for reducing pollution and keeping an eye on things, but not under the auspices of alarmist sensationalism.
Seriously, though, the first thing I did on reading the summary was RTFA and check for use of the word terrorism or terror. Not mentioned once. Too bad we can't moderate articles (and editors) -1 TROLL.
Not only do these articles have nothing to do with terrorism, they're essentially about people being unhappy with contracts (the terms and conditions associated with tickets purchaed for Olympic events) they entered into of their own free will. And, no, I don't think not being able to wear a PUMA shirt to or eat a Burger King Whopper at an Olympic Event is some horrible suppression of speech (although the irony of forcing people to eat McDonalds food at events that are all about people in absolutely peak physical condition is priceless - whoops used a MasterCard trademarked word to discuss a Visa-sponsored event).
In any case, get over it already people. Take some personal fucking responsibility.
Slashdot: News for whiners, stuff that makes me roll my eyes (at least in this case).
From the rumors I've heard and interviews I've read, they hardly make fun of Bush at all... most of their sarcasm is directed towards Hollywood celebreties that have "opinions" (err... groupthink) relating to foriegn affairs...
This thing reminds me of Clay's horny, drug-addicted ferret, Angus, on Showtimes not-nearly-as-funny-as-it-should-be show "Free for all." I couldn't find any great pics, but Showtime's Free For All site is here.
The drug-addicted part is where I find the greatest resemblance.
If there are specific public areas that are considered highly desireable targets, then it's only prudent to have correspondingly high security, even if it's intrusive (I'm speaking generally). Especially in a place like this, where nobody's putting a gun to your head and saying "go to the olympics" (especially since Uday Hussein is no longer in charge of the the Iraqi teams) - attending the Olympics is a purely optional pursuit, and people can make an informed choice as to whether or not to subject themselves to the additional scrutiny. Think of it as a privacy trade-off, just as you consider the financial trade-offs of attending a relatively expensive event such as this.
Life is full of such trade-offs, and as long as people are allowed to make informed choices - especially in activities such as this that are purely optional - I don't see what the big deal is. If you don't like it, stay home. HDTV probably gives you a better view anyway!
So they'll be spending $35,000 for a new rocket, and $35,000 for the bandwidth charges incurred by the slashdot linkage...
I can prove I voted; here in California they give me a serialized receipt.
I posted this idea in a previous discussion: modern cryptography allows you to have your cake and eat it too, at least in this case. My solution:
Binary-encode the results and a serial number (used to uniquely identify the vote in the tally - note that all current ballots, at least where I live, are serialized), salt it, then encrypt it using one of several public keys (there could be thousands of them). Append information that determines which key is used. Print out the data as a two-dimensional barcode. This barcode could be read at a machine at various government offices.
Yes, there is potential to have someone else read the barcode, but there are physical ways to limit the abuse (have a "trusted" person or people put the barcode through the reader, the voter can then view the vote through goggles or an American-Football Instant-replay style viewer, there are many other options). At this point you can make sure nobody is going in there to check more than one vote. Someone could, with a great deal of effort, check several receipts, but it would be impractical to verify votes on anything even approaching large scale. You could make it a felony to knowingly do so, etc. At this point, even though you can't necessarily claim perfect security, you can say it's reasonable (hell, with any system you could use your cell phone to take a picture of your selections, etc).
Anyway, this gives you a printed receipt that no one can read (unless they get all of the private keys) or trace back to a specific voter. The voter can personally go back to the gubmint and verify their vote against the database. This could, of course, still be rigged, but it would require a more or less complete compromise of the systems involved.
News for automotive bling-bling, stuff that matters (if you're a rap star, or want to just pretend you are).
Actually, John Carmack has stated that they have a business plan that does not rely on them winning the X-Prize, or getting any other sort of cash windfall (I'm summarizing, so any mistake is mine and not his). Some great insight as to their plans can be gleaned from the Armadillo Aerospace Forum at XPrize.org.
Even though they are not as polished or well-funded as Scaled Composites, their openness with their processes, plans, trials, and tribulations makes them one hell of a lot cooler and several orders of magnitude more interesting, at least in my book.
Know child's left behind? Isn't that the program used in Catholic schools?
The question is, what kind of cross-licensing agreement(s) does IBM have with MS? Many large tech companies cross-license their entire portfolios in order to avoid patent litigation wars.
After this whole thing started I simply had my dns cache resolve verisign.com addresses through my local dns server... problem solved. In fact, I'd forgotten about the whole thing...
If they expect you to be on-call after hours (it's officially in your job description, etc.), then it is reasonable for them to provide the means for you to handle that (be it network / Internet connectivity, hardware, software, etc). I've gone as far as requiring them to provide hardware (and I've gotten this for other employees as well).
As far as cell phones and pagers go, rates have dropped significantly, and personal use has increased to the point where it's like asking your company to provide you with a home phone so they can call you - it's probably asking a bit much. However, if you can show that your work-related cellular useage is hitting you in the pocketbook, then you should have the company provide you with a dedicated (business-stuff-only) phone that they can audit to their heart's content.
Knowing only the skimpy details provided in the story description, it sounds like your boss is a cheap asshole who needs to be set straight.
Actually, the humor value makes these far more useful than most Microsoft Knowledge Base articles....
Ultra-super rescue disk: Insert Linux
Bootable from a 3.5" CDR...
The article indicates that the projectiles will have basic navigation and steering capabilities similar to other supersonic missiles - one of the challenges they had to deal with was creating a guidance package that could withstand the high-energy electromagnetic forces involved in the launch process.
I have to disagree with this to a certain extent on a practical level. If a system's keys are encyrpted then user or administrative intervention is required on reboot. This is usually an unacceptable condition for "border" devices, especially for small- and medium-sized companies that typically don't have 24x7 administrative support. Our solution has been to strictly control root access to the VPN systems, and to strictly limit running processes on it - typically SSH w/ key-based authentication, and maybe some DNS caching / servies using the DJBDNS tools for small remote sites that don't have another box to run that on.
But that's it. Only two admins for each box have any sort of login access (once logged in they can su / sudo). Only root can read or write the files (root's password is 20-char random alpha-numeric-symbolic, locked in a safe and basically never used). Yes, there's the old "boot access is root access" saw, but that's a trade-off we're willing to accept. "Central" VPN devices are typically stored in a reasonably secure co-lo facility, or dedicated server room with controlled access, and if the key for one remote site gets compromised, then so be it. Keep in mind that IPSec keys can be set up as IP Address-specific (with the exception of road warriors). On travelling Windows laptops, we can encrypt local keys with XP file encryption built in to NTFS, and with each remote host having a unique key, and with fairly strict firewall rules for road warriors (easy to implement because Free/OpenS/WAN creates a virtual network interface that is subject to the usual NetFilter rules) exposure is reasonably limited.
As always, the only completely secure system is one that has been unplugged, put through a metal grinder, melted down, and had the resulting slag turned to plasma in the core of a fission reactor. Unfortunately, systems must be reasonably accessible in order to be useful, and thus trade-offs must be made. If they are made intelligently, then a system can be both accessible and reasonably secure.
Even since FreeS/WAN gave up on changing the world to Opportunistic Encryption (not my favorite idea, but I suppose if I feel too strongly I can write my own damn implementation :) ), I've been looking into alternatives, and obviously OpenS/WAN is the first choice. A frustration I had when looking into it was that I couldn't find any documentation describing the differences between the two projects. I didn't do any diffs on the documentations, but from a brief perusal it looks pretty much like the FreeS/WAN docs. Does anyone out there have a list of specific differences between the projects - other than the included patches for things like x.509 NAT traversal, etc that are also included in Super FreeS/WAN (I'm kind of assuming that there are more changes)?
Binary-encode the results and a serial number (used to uniquely identify the vote in the tally - note that all current ballots, at least where I live, are serialized), salt it, then encrypt it using one of several public keys (there could be thousands of them). Append information that determines which key is used. Print out the data as a two-dimensional barcode. This barcode could be read at a machine at various government offices.
Yes, there is potential to have someone else read the barcode, but there are physical ways to limit the abuse (have a "trusted" person or people put the barcode through the reader, the voter can then view the vote through goggles or an American-Football Instant-replay style viewer, there are many other options). At this point you can make sure nobody is going in there to check more than one vote. Someone could, with a great deal of effort, check several receipts, but it would be impractical to verify votes on anything even approaching large scale. You could make it a felony to knowingly do so, etc.
This gives you a printed receipt that no one can read (unless they get all of the private keys) or trace back to a specific voter. The voter can personally go back to the gubmint and verify their vote against the database. This could, of course, still be rigged, but it would require a more or less complete compromise of the systems involved.