Yes, someone else should be doing it a lot cheaper for more data. Still, $3000 is an absolute bargain compared to trying to do this as a one off your self.
There is a portable version (have not tried it) or installer that's about 200MB or less. I think most people would prefer to use a cloud storage app and run it locally.
They got it working with broadway (gtk app to webpage) a while back so if you really want it its possible to do it yourself.
This raises the issue of people with usernames in common. There will be people who (accidentally or intentionally) share a usernames with those reported by sex offenders who will now be monitored. It would be trivial and impossible to prove it was intentional to get a name on that list so at least in the short term someone can be treated as a sex offender.
Or does he just want publicity? This is an extreme solution to something that is not really a current a problem and it has issues of its own.
The two main consequences of Desktop apps to me is you have to get them installed keep and keep them updated everywhere (and according to him you can't trust a browser download) and these apps will be OS specific.
Someone would make a lot of money somewhere getting this enforced and it would require creating an appstore/repo for every platform where you could get these from. This seems like a great chance to make parts of the web specific to a OS.
What you could do without breaking anything is have a site broadcast in the header that they want private sandbox from the rest of your running web-pages and only allow the browser to send and receive data to the provided site. It would break advertising but that’s necessary to be secure anyway.
This is way to simple not to have been done before, someone will have actually used it and unless they have rushed off to gitmo i would guess its undetectable.
I could understand why they might want local authentication but they should at least be able hand out keys to airlines for each airport and encrypt it using the key for the airport you are departing from.
You could argue that i guess but you wont be able to begin to support it.
You could argue that "It just works" is extremely hard on third party hardware with no or partial support from them and without Linus it would be in an even worse.
Why do the states need to cast it as block vote? Yes there was probably some reason to do it 100+ years ago but you could make changes in the interest of making your best effort to have a democracy.
Yes the system is backwards, it was made as a the end of a civil war, is unnecessary complex and is old.
Its far more important the lower house gets seats proportional to population than an upper one, in the context of system is probably not that backwards the senate is not being based on population.
There are systems like STV where you are still voting/ranking individuals but if your happy with the candidates that make it though R or D selections then you are probably happy with the current system.
The WA system seems weird and to enforce a two party state. can you have a liberal indepent win the other primary as a RINO and then have a final election.
Yeah i know i did, i was meaning a general change for US to create some change or allow other parties some influence. Its all hypothetical anyway not like it will change too much tradition and no incentive for the current politicians. The main problem is the stupid EC system for electing presidents that needs to go first and even a national FPP system would work.
There no point to IRV if there are still two only parties, IRV still converges to two parties just like FFP they just you need make sure your candidates are of reasonable quality.
The bigger issue there is that the number of Representatives was capped at 435 in 1911...*snip*... Sure, that's a lot, but that's half the seating capacity of Madison Square Garden, and it would allow for local politicians to accurately represent their constituency.
Thats why you could want a proportional system if you cant get someone to represent you geographic area at least you could get someone closer ideologically from a larger area.
I am aware of how it works, we recently rejected with other systems it in a referendum. That video would be how it could work in almost ever other democracy, though its completely contrived situation.
The US has unique political problems that would make it extremely difficult for a third party to be anything more than a protest vote. It is an improvement but like every where else all it does disincentivise the two dominate parties don’t run poor candidates. You could settle for that if you want but as far as politics are concerned you will just get a few more independents.
Also electing the president by a national FFP or STV system would be a massive step forward.
IRV is not that different to the current system in the US. You need a proportional system, which allows other parties to get to at least have some representation and everyone’s vote count (except for those lost in rounding).
PR has its problems but most of those already are present in the US system anyway. What kind of backwards system allows only voters in the small number of "swing states" to have a vote that actually ends up mattering in deciding you president.
I am guessing the GP does not want a exact reproduction of the current book just the bleed-though and transfer from the adjacent page removed.
The desired black text is clearly darker than undesired text so just save it in a layer with transparency and some reasonable feathering. Then change all the dark/black pixels to the average brown for the area the text was in and blur the area. Finally overlay the desired text back onto the page.
I know its not exploit proof but becoming a platinum sponsor and insisting they spend the money on code review. Then make custom modifications to remove all functionality and you should get close.
If the people buying and operating these systems really cared about security I am sure they could piece together a far more secure solution at the expense of cost and convenience from current software.
I suspect the main reason is even though you may have to get a stopwatch out to tell the difference on a desktop, CLR/.NET does not have native performance which will show when you try to run them on thin (as in mm) devices. Most significantly you probably need to fit twice as much RAM in the case, i would guess memory bandwidth and cache sizes also are not friendly to performance and it would cost users battery time as no one would use the low power APIs.
The other things i can think of is that they don't want rushed ports to Metro and maybe it was easier to start from scratch.
should be the main metric for security for web browsers (and other software exposed to the internet).
It would difficult to argue that there are not security holes in all browsers and that the holes can be found and exploited with sufficient resources. All of the security measures browser makers use at best make it harder to get a working exploit. I think that that closing the wholes as fast as possible lowers the expected profit for finding an exploit and lowers the time the user is exposed and that this is more effective than sandboxing and memory randomization to providing a secure browser.
What makes more sense given the story is that Dotcom was on a fast fibre tail using a service that was actually in Sydney somewhere ( ~30ms away ) and for whatever reason this service switched to a node in the middle of the USA which could be 180ms away.
Where are you getting your info from? I realize the article is terrible but it clear the lag is from routing though NZ IPs, where are you getting Sydney from? I assume he is tracerouting to the xbox servers, they are in Sydney?
Supposedly he has some technicians out to look at it? I guess it could be general incompetence from his provider.
Sorry did not see you wrote the GP to the post as well. That gives it some context. You are right, my home connection (in NZ) only adds 20ms to Sydney.
Still does not mean that going across Australia does not increase latency. Try pinging Perth.
Still don't think you do something that noticeable using NZ ips to bounce the connection to the US and back. It could just be shitty equipment (with ssl processing delay) and 2 to 3 hops off the main fiber.
You do realize the skytower is a major data center with a massive cable. I would think you would be pretty close to testing the undersea cable latency between those two points.
Nice FUD, no one was ready for you initial comment and you get full credit it and the terrible replies (including this one it appears).
The solution is to have a set of fully managed policy configuration files that combines dynamically at run time with separately stored user settings.
this is the a solution... If you want the exact same process as window yes you can shoot holes all over place without proving the methods best in the first place.
Text files have comments, names and a directory. You make notes of your changes in comments and add suffixes to files to back them up.
The system is not registry values in text files, learn how to admin the system first if you want to make these comments.
I am not sure of the exact time-line but i highly doubt Linux reinvented the wheel.
So much work from everyone involved and we just throw it away??
This is a standard for many years in the future. SHA-1 is still used in some current applications and is considered secure and people are still using MD5.
Everyone can just ignore the new standard and the researcher can have a decade or two to try to break it before its needed. Where is the harm?
No if it's an inside job, it will be so they can claim that: the new win8/IE10 security methods work and this time they have solved IE's security problems.
Slashdot Mirror
Yes, someone else should be doing it a lot cheaper for more data.
Still, $3000 is an absolute bargain compared to trying to do this as a one off your self.
Depends on the QOS requirements.
They might have to pay out a grand for every 30 seconds you can't get your data or there is too much latency.
There is a portable version (have not tried it) or installer that's about 200MB or less.
I think most people would prefer to use a cloud storage app and run it locally.
They got it working with broadway (gtk app to webpage) a while back so if you really want it its possible to do it yourself.
Its a tougher sell to put LO on the cloud. With no licensing costs you can just install it locally.
I would be far more excited by a mobile version.
This raises the issue of people with usernames in common.
There will be people who (accidentally or intentionally) share a usernames with those reported by sex offenders who will now be monitored.
It would be trivial and impossible to prove it was intentional to get a name on that list so at least in the short term someone can be treated as a sex offender.
Or does he just want publicity?
This is an extreme solution to something that is not really a current a problem and it has issues of its own.
The two main consequences of Desktop apps to me is you have to get them installed keep and keep them updated everywhere (and according to him you can't trust a browser download) and these apps will be OS specific.
Someone would make a lot of money somewhere getting this enforced and it would require creating an appstore/repo for every platform where you could get these from. This seems like a great chance to make parts of the web specific to a OS.
What you could do without breaking anything is have a site broadcast in the header that they want private sandbox from the rest of your running web-pages and only allow the browser to send and receive data to the provided site. It would break advertising but that’s necessary to be secure anyway.
This is way to simple not to have been done before, someone will have actually used it and unless they have rushed off to gitmo i would guess its undetectable.
I could understand why they might want local authentication but they should at least be able hand out keys to airlines for each airport and encrypt it using the key for the airport you are departing from.
You could argue that i guess but you wont be able to begin to support it.
You could argue that "It just works" is extremely hard on third party hardware with no or partial support from them and without Linus it would be in an even worse.
Why do the states need to cast it as block vote? Yes there was probably some reason to do it 100+ years ago but you could make changes in the interest of making your best effort to have a democracy.
Yes the system is backwards, it was made as a the end of a civil war, is unnecessary complex and is old.
Its far more important the lower house gets seats proportional to population than an upper one, in the context of system is probably not that backwards the senate is not being based on population.
There are systems like STV where you are still voting/ranking individuals but if your happy with the candidates that make it though R or D selections then you are probably happy with the current system.
The WA system seems weird and to enforce a two party state. can you have a liberal indepent win the other primary as a RINO and then have a final election.
Yeah i know i did, i was meaning a general change for US to create some change or allow other parties some influence. Its all hypothetical anyway not like it will change too much tradition and no incentive for the current politicians. The main problem is the stupid EC system for electing presidents that needs to go first and even a national FPP system would work.
There no point to IRV if there are still two only parties, IRV still converges to two parties just like FFP they just you need make sure your candidates are of reasonable quality.
The bigger issue there is that the number of Representatives was capped at 435 in 1911...*snip*... Sure, that's a lot, but that's half the seating capacity of Madison Square Garden, and it would allow for local politicians to accurately represent their constituency.
Thats why you could want a proportional system if you cant get someone to represent you geographic area at least you could get someone closer ideologically from a larger area.
I am aware of how it works, we recently rejected with other systems it in a referendum. That video would be how it could work in almost ever other democracy, though its completely contrived situation.
The US has unique political problems that would make it extremely difficult for a third party to be anything more than a protest vote. It is an improvement but like every where else all it does disincentivise the two dominate parties don’t run poor candidates. You could settle for that if you want but as far as politics are concerned you will just get a few more independents.
Also electing the president by a national FFP or STV system would be a massive step forward.
IRV is not that different to the current system in the US. You need a proportional system, which allows other parties to get to at least have some representation and everyone’s vote count (except for those lost in rounding).
PR has its problems but most of those already are present in the US system anyway. What kind of backwards system allows only voters in the small number of "swing states" to have a vote that actually ends up mattering in deciding you president.
I am guessing the GP does not want a exact reproduction of the current book just the bleed-though and transfer from the adjacent page removed.
The desired black text is clearly darker than undesired text so just save it in a layer with transparency and some reasonable feathering. Then change all the dark/black pixels to the average brown for the area the text was in and blur the area. Finally overlay the desired text back onto the page.
I know its not exploit proof but becoming a platinum sponsor and insisting they spend the money on code review. Then make custom modifications to remove all functionality and you should get close.
If the people buying and operating these systems really cared about security I am sure they could piece together a far more secure solution at the expense of cost and convenience from current software.
I suspect the main reason is even though you may have to get a stopwatch out to tell the difference on a desktop, CLR/.NET does not have native performance which will show when you try to run them on thin (as in mm) devices. Most significantly you probably need to fit twice as much RAM in the case, i would guess memory bandwidth and cache sizes also are not friendly to performance and it would cost users battery time as no one would use the low power APIs.
The other things i can think of is that they don't want rushed ports to Metro and maybe it was easier to start from scratch.
should be the main metric for security for web browsers (and other software exposed to the internet).
It would difficult to argue that there are not security holes in all browsers and that the holes can be found and exploited with sufficient resources. All of the security measures browser makers use at best make it harder to get a working exploit.
I think that that closing the wholes as fast as possible lowers the expected profit for finding an exploit and lowers the time the user is exposed and that this is more effective than sandboxing and memory randomization to providing a secure browser.
What makes more sense given the story is that Dotcom was on a fast fibre tail using a service that was actually in Sydney somewhere ( ~30ms away ) and for whatever reason this service switched to a node in the middle of the USA which could be 180ms away.
Where are you getting your info from? I realize the article is terrible but it clear the lag is from routing though NZ IPs, where are you getting Sydney from?
I assume he is tracerouting to the xbox servers, they are in Sydney?
Supposedly he has some technicians out to look at it? I guess it could be general incompetence from his provider.
Sorry did not see you wrote the GP to the post as well. That gives it some context. You are right, my home connection (in NZ) only adds 20ms to Sydney.
Still does not mean that going across Australia does not increase latency. Try pinging Perth.
Still don't think you do something that noticeable using NZ ips to bounce the connection to the US and back. It could just be shitty equipment (with ssl processing delay) and 2 to 3 hops off the main fiber.
You do realize the skytower is a major data center with a massive cable.
I would think you would be pretty close to testing the undersea cable latency between those two points.
Nice FUD, no one was ready for you initial comment and you get full credit it and the terrible replies (including this one it appears).
The solution is to have a set of fully managed policy configuration files that combines dynamically at run time with separately stored user settings.
this is the a solution...
If you want the exact same process as window yes you can shoot holes all over place without proving the methods best in the first place.
Text files have comments, names and a directory. You make notes of your changes in comments and add suffixes to files to back them up.
The system is not registry values in text files, learn how to admin the system first if you want to make these comments.
I am not sure of the exact time-line but i highly doubt Linux reinvented the wheel.
I think all the finalists are 512 or more bit hashes that make collisions far harder than the current bit lengths.
If you are just meaning passwords then chose a more suited hash function as this is not what SHA-3 is for.
So much work from everyone involved and we just throw it away??
This is a standard for many years in the future. SHA-1 is still used in some current applications and is considered secure and people are still using MD5.
Everyone can just ignore the new standard and the researcher can have a decade or two to try to break it before its needed. Where is the harm?
No if it's an inside job, it will be so they can claim that: the new win8/IE10 security methods work and this time they have solved IE's security problems.
Except for the part about people caring about whether their software is proprietary or open.
That's the wrong question, the question should be:
Has the consumer benefited from having an open-source kernel and operating system being available?