The physical object cannot get lighter (less massive). By definition is 1kg no matter how much mass it has.
Actually... it can get lighter. Earth's gravitational field can get weaker as matter from earth is ejected or evaporates into space.
It can also get lighter as Earth's atmosphere gets heavier, making it more buoyant in earth's atmosphere.
That has nothing to do with how much mass the cylinder has, because MASS is not a measure of weight.
Mass and weight are independent. Weight is due to forces applied to mass inside a gravitational field;
if the field weakens or other forces are applied to the mass inside the field, the weight will decrease or increase without any change of mass.
Earth's gravitational field and atmosphere is also not uniform, so there are places (or altitudes) you can bring the same object to, and it will be lighter or heavier, with its amount of mass being the same.
Liveness detection was solved a long time ago. Cut off fingers won't be able to activate a proper fingerprint scanner, because they won't have a thermal signature that at all resembles a finger.
The federal government tried to do that in the past, and it was found unconstitutional/unenforceable against the states, so a constitutional amendment would be required to allow the government to do so.
They can develop a version of the biometric and alcohol sensors that can be embedded into a glove and be powered by inductance from an antenna on the 'hand scanner' plate used to authorize startup of the engine.
Then it's no problem, you just have to be wearing an approved set of gloves
where someone else (a child even) can start the car for the intoxicated driver.
Not unless the child's fingerprints match the biometric signature of an 'authorized driver programmed into the car'.
And no way the child is going to get programmed as an authorized driver, since you have to take your car to the local insurance company's office, and they have to see the proposed driver's drivers license, before they will register their National ID and bio data as an accepted driver (while noting the changes in the owner's insurance policy).
You can work around this by designing it to allow the engine to start if it can't get a good reading, but then any drunk person can just wear gloves to start up the car, which defeats the purpose.
Not if car manufacturers change the way cars are started to a biometric fingerprint reader.
Every driver would then have to remove their gloves and place their finger on the bio scanner,
which can have a dual purpose --- verify that the person is an authorized user of the car (not a car thief),
AND verify blood alcohol content.
Make the penalties for DUI much more severe for any driver who pressed the "I am wearing gloves" override button and used keys to start the ignition or who otherwise defeated or didn't have a working spot check system.
This is why all the Exchange "alternatives" are doomed to failure.
The free/inexpensive options all lack the critical functionality of Activesync or Outlook interoperability.
When software makers add these worthy functionality, they immediately try to start pricing their product at the same level as Exchange.
This is obviously some sort of shared greed complex. "We have the same functionality as this really expensive (overpriced) software, so we can charge a lot for it too...."
Well, they're not Microsoft. And if they want to charge more than 30% of the cost of Exchange (which is already massively overpriced), then they should just get out, because they are cluttering the market place and contributing to making simple functionality expensive.
Generally if you connect your iStuff to your companies network, you have to sign something saying you understand that they have the right to wipe said device. Unless the admins are morons, of course.
Except it's not always to your "companies network".
In many cases it's to your ISP or e-mail hosting provider account.
Can you explain what business a hosting provider has being able to wipe your device?
Even if they promise only to use the option if you cancel services (or fail to pay your bill)....
what business does anyone have being able to wipe your device just because you connected to their server, really?
We need a mass mailing where 1000's of people mail in their Sony labelled products to Sony. I got plenty of cd and dvd from Sony entertainment plus a few old PS1 laying around that I'm gonna mail in.
This only really hurts them if you find sony "business reply envelopes" , use it to mail the big boxes of their stuff, and maximize the postage costs.
What would really hurt Sony would be some mass boycots of their games, software, online services, and other playstation-related products.
To be effective, you need a lot of people to understand the evil Sony is up to.
Just people interested in homebrew, hacking the PS3, or open source are not enough.
And people need to know the measures Sony is taking are not just reasonable attempts to curtail privacy
or hacking/cheating in their games.
Find an honest strategy for convincing Joe Average person to join the boycott, with minimal effort;
e.g. A "tweet" or short message the average Joe will read and immediately join the boycott
and spread the message, then there might be a chance of Sony listening.
If not, it's probably futile, other than expressing disagreement, for the sake of it being known that a few people expressed disagreement with Sony (which they couldn't care less about).
The problem is... most of the "offshore providers where they don't care about IP laws";
are also the offshore providers where they don't care about financial laws,
malware distribution points, hackers, or anti-spam conventions.
Basically, the type of providers a responsible netizen shouldn't be supporting
It's not that you cant get competent employees who can keep your IT infrastructure safe at a utility
It's that they aren't willing to pay market rates for competent employees or willing to set aside money for appropriate IT programs to secure utility infrastructure.
They would rather find the most cut rate IT staff they can as long as they can make the utility functions work and allow the company to reap the financial benefits of the technology and internet connectivity in the least-costly lowest-overhead way possible (security isn't a major design consideration).
If an admin deletes all the files.... how quickly do you need every single photo back?
The longer your business can live without them, the less expensive a solution you will require,
and the more reliable a solution you can pick.
Some of the least expensive solutions are.... burn every new file to DVD and backup every new file to tape or traditional film. Translation: backup as you go.
If you want your collection to survive thermonuclear war and EMPs, then record every frame to film using a Film recorder; have the roll fixed and developed, and lock the film up in an underground bunker, in an airtight safe with minimal humidity.
For faster recovery, you will need regular full backups. Lock them up in different places.
Make sure to never ever reuse a tape. Always use fresh media for every new backup.
The bug's not new... in multiple editions of Windows; that means it's been around for quite a while.
Newly discovered, yes, but in the average month there are over 20 serious newly discovered bugs in Windows.
And there are millions more where that came from.
what about users with 8-character passwords who log in right after your proposed change with caps lock accidently down
Unix crypt() is NOT case-insensitive. If the Amazon passwords are case-insensitive due to crypt, then it is due to them converting the field to all lowercase or all uppercase before passing the input to crypt().
They could continue to do so; although, case-insensitive was inadvisable in the first place, they would have painted them into a corner -- however, they can still prompt the user to change their password after a successful login, and make the pw change mandatory.
You don't know the unhashed version for sure. What if there was a difference in capitalization, or a stray character appended to the end of a password?
On first login you generate the strong hash and store it in an auxillary database field.
You store both the strong hash and the weak crypt() hash side by side; and on the second login you replace the old crypt() hash.
Alternatively... you prompt them to enter a new password twice on the first login (which can be the same or different from the old one).
And it continues to be their fault. They can fix this easily.
Whenever a user logs in... check if their password is stored using crypt().
If it IS, then take the password they just used to login, and compute a stronger blowfish/salted md5 hash.
Replace the crypted password with the strong hash.
No reason they couldn't have done that when they first introduced stronger password hashing.
I don't like spammers either, but to charge the spammer with anything you have to show at least some culpability. The spammer had to know there was a non-negligible chance his junk messages could cause direct harm to someone as a result of the message.
This would fall under reckless disregard for the safety of others.
Sending out messages to random mobile phone numbers is certain to eventually result in you sending a text message to someone who will be harmed by receiving a text message. Whether the cause of death is... girlfriend sees spam and thinkgs boyfriend is cheating, resorts to capital murder..... Or that spam message was the one last piece of spam that caused them to crack and commit suicide. Or, whether their cell phone beeping to indicate a text message was what revealed her hiding place to the killer who broke in (aiding and abetting), or whether that message was the distraction at a critical moment, that caused the recipient to fall to their death, crash into the vehicle in front of them, or allowed their assailant to get the best of them.
A remote detonator is just one possible way.
You need to realize, every time you pick up a cell phone -- you are holding in your hands, a lethal weapon.
Look what happened in Egypt? Cell phones caused mass protests in the streets, violence, injuries, and deaths.
It got so bad they had to turn off all the cell phones to protect the people.
Unfortunately, they might have done so too late... thousands of lives could be lost, all because of cell phones <Evil Grin>
The physical object cannot get lighter (less massive). By definition is 1kg no matter how much mass it has.
Actually... it can get lighter. Earth's gravitational field can get weaker as matter from earth is ejected or evaporates into space.
It can also get lighter as Earth's atmosphere gets heavier, making it more buoyant in earth's atmosphere.
That has nothing to do with how much mass the cylinder has, because MASS is not a measure of weight.
Mass and weight are independent. Weight is due to forces applied to mass inside a gravitational field; if the field weakens or other forces are applied to the mass inside the field, the weight will decrease or increase without any change of mass.
Earth's gravitational field and atmosphere is also not uniform, so there are places (or altitudes) you can bring the same object to, and it will be lighter or heavier, with its amount of mass being the same.
now he's going to cut my finger off as well.
Liveness detection was solved a long time ago. Cut off fingers won't be able to activate a proper fingerprint scanner, because they won't have a thermal signature that at all resembles a finger.
The federal government tried to do that in the past, and it was found unconstitutional/unenforceable against the states, so a constitutional amendment would be required to allow the government to do so.
They can develop a version of the biometric and alcohol sensors that can be embedded into a glove and be powered by inductance from an antenna on the 'hand scanner' plate used to authorize startup of the engine.
Then it's no problem, you just have to be wearing an approved set of gloves
where someone else (a child even) can start the car for the intoxicated driver.
Not unless the child's fingerprints match the biometric signature of an 'authorized driver programmed into the car'.
And no way the child is going to get programmed as an authorized driver, since you have to take your car to the local insurance company's office, and they have to see the proposed driver's drivers license, before they will register their National ID and bio data as an accepted driver (while noting the changes in the owner's insurance policy).
You can work around this by designing it to allow the engine to start if it can't get a good reading, but then any drunk person can just wear gloves to start up the car, which defeats the purpose.
Not if car manufacturers change the way cars are started to a biometric fingerprint reader.
Every driver would then have to remove their gloves and place their finger on the bio scanner, which can have a dual purpose --- verify that the person is an authorized user of the car (not a car thief), AND verify blood alcohol content.
Make the penalties for DUI much more severe for any driver who pressed the "I am wearing gloves" override button and used keys to start the ignition or who otherwise defeated or didn't have a working spot check system.
This is why all the Exchange "alternatives" are doomed to failure. The free/inexpensive options all lack the critical functionality of Activesync or Outlook interoperability.
When software makers add these worthy functionality, they immediately try to start pricing their product at the same level as Exchange.
This is obviously some sort of shared greed complex. "We have the same functionality as this really expensive (overpriced) software, so we can charge a lot for it too...."
Well, they're not Microsoft. And if they want to charge more than 30% of the cost of Exchange (which is already massively overpriced), then they should just get out, because they are cluttering the market place and contributing to making simple functionality expensive.
Generally if you connect your iStuff to your companies network, you have to sign something saying you understand that they have the right to wipe said device. Unless the admins are morons, of course.
Except it's not always to your "companies network". In many cases it's to your ISP or e-mail hosting provider account.
Can you explain what business a hosting provider has being able to wipe your device?
Even if they promise only to use the option if you cancel services (or fail to pay your bill).... what business does anyone have being able to wipe your device just because you connected to their server, really?
We need a mass mailing where 1000's of people mail in their Sony labelled products to Sony. I got plenty of cd and dvd from Sony entertainment plus a few old PS1 laying around that I'm gonna mail in.
This only really hurts them if you find sony "business reply envelopes" , use it to mail the big boxes of their stuff, and maximize the postage costs.
What would really hurt Sony would be some mass boycots of their games, software, online services, and other playstation-related products.
To be effective, you need a lot of people to understand the evil Sony is up to. Just people interested in homebrew, hacking the PS3, or open source are not enough.
And people need to know the measures Sony is taking are not just reasonable attempts to curtail privacy or hacking/cheating in their games.
Find an honest strategy for convincing Joe Average person to join the boycott, with minimal effort; e.g. A "tweet" or short message the average Joe will read and immediately join the boycott and spread the message, then there might be a chance of Sony listening.
If not, it's probably futile, other than expressing disagreement, for the sake of it being known that a few people expressed disagreement with Sony (which they couldn't care less about).
No fraud whatsoever is required to keep one's identity secret on the internet; even from governments of another country.
The problem is... most of the "offshore providers where they don't care about IP laws"; are also the offshore providers where they don't care about financial laws, malware distribution points, hackers, or anti-spam conventions.
Basically, the type of providers a responsible netizen shouldn't be supporting
Nowhere in the text of the DMCA is there any "take down letter" procedure whatsoever for "circumvention devices".
It's not that you cant get competent employees who can keep your IT infrastructure safe at a utility
It's that they aren't willing to pay market rates for competent employees or willing to set aside money for appropriate IT programs to secure utility infrastructure.
They would rather find the most cut rate IT staff they can as long as they can make the utility functions work and allow the company to reap the financial benefits of the technology and internet connectivity in the least-costly lowest-overhead way possible (security isn't a major design consideration).
If an admin deletes all the files.... how quickly do you need every single photo back?
The longer your business can live without them, the less expensive a solution you will require, and the more reliable a solution you can pick.
Some of the least expensive solutions are.... burn every new file to DVD and backup every new file to tape or traditional film. Translation: backup as you go.
If you want your collection to survive thermonuclear war and EMPs, then record every frame to film using a Film recorder; have the roll fixed and developed, and lock the film up in an underground bunker, in an airtight safe with minimal humidity.
For faster recovery, you will need regular full backups. Lock them up in different places. Make sure to never ever reuse a tape. Always use fresh media for every new backup.
Would needlessly worry the users.
It's not needless, since their password is stored insecurely.
You can avoid worrying them by concisely explaining what it is about.
It's not a bug! It is a FEATURE!! Get with the times, man.
No... it's both a bug and a feature.
In Windows parlance... some features are bugs. All bugs are features.
You can't just take the password that resulted in successful login and rehash it, because the mapping is not injective.
Yes, you can.... it will just make the other possible passwords invalid after next successful login.
Then the user can request a password reset using the standard procedure, or sign up for a new account if necessary.
Last I checked Amazon allows multiple accounts to exist with the same e-mail address and different passwords.
The bug's not new... in multiple editions of Windows; that means it's been around for quite a while.
Newly discovered, yes, but in the average month there are over 20 serious newly discovered bugs in Windows. And there are millions more where that came from.
Anybody who programs in Ruby/RoR uses either vi or Rubymine.
I use Notepad++ and TextMate for RoR coding.
what about users with 8-character passwords who log in right after your proposed change with caps lock accidently down
Unix crypt() is NOT case-insensitive. If the Amazon passwords are case-insensitive due to crypt, then it is due to them converting the field to all lowercase or all uppercase before passing the input to crypt(). They could continue to do so; although, case-insensitive was inadvisable in the first place, they would have painted them into a corner -- however, they can still prompt the user to change their password after a successful login, and make the pw change mandatory.
I thought PaSswOrD was reasonably secure. How was I supposed to know it was case-insensitive?
You don't know the unhashed version for sure. What if there was a difference in capitalization, or a stray character appended to the end of a password?
On first login you generate the strong hash and store it in an auxillary database field.
You store both the strong hash and the weak crypt() hash side by side; and on the second login you replace the old crypt() hash. Alternatively... you prompt them to enter a new password twice on the first login (which can be the same or different from the old one).
It's the cheap ass developers fault.
And it continues to be their fault. They can fix this easily.
Whenever a user logs in... check if their password is stored using crypt(). If it IS, then take the password they just used to login, and compute a stronger blowfish/salted md5 hash. Replace the crypted password with the strong hash.
No reason they couldn't have done that when they first introduced stronger password hashing.
. The spammer had to know there was a non-negligible chance his junk messages could cause direct harm to someone as a result of the message.
What text message sender could be unaware of the $0.25 per message charge they are incurring on recipients?
I don't like spammers either, but to charge the spammer with anything you have to show at least some culpability. The spammer had to know there was a non-negligible chance his junk messages could cause direct harm to someone as a result of the message.
This would fall under reckless disregard for the safety of others.
Sending out messages to random mobile phone numbers is certain to eventually result in you sending a text message to someone who will be harmed by receiving a text message. Whether the cause of death is... girlfriend sees spam and thinkgs boyfriend is cheating, resorts to capital murder..... Or that spam message was the one last piece of spam that caused them to crack and commit suicide. Or, whether their cell phone beeping to indicate a text message was what revealed her hiding place to the killer who broke in (aiding and abetting), or whether that message was the distraction at a critical moment, that caused the recipient to fall to their death, crash into the vehicle in front of them, or allowed their assailant to get the best of them. A remote detonator is just one possible way.
You need to realize, every time you pick up a cell phone -- you are holding in your hands, a lethal weapon.
Look what happened in Egypt? Cell phones caused mass protests in the streets, violence, injuries, and deaths. It got so bad they had to turn off all the cell phones to protect the people. Unfortunately, they might have done so too late... thousands of lives could be lost, all because of cell phones <Evil Grin>