( self reply because this is slashdot without edit ability )
Oh ffs, this has nothing to do with signing into Yahoo ON your mobile phone.
> After set-up is complete, users will only have to type in their Yahoo Mail addresses when logging in from a new browser or device to prompt the Account Key log-in process. Yahoo will send a push notification to their smartphone where they can simply hit âoeyesâ to allow the new login. If users tap the notification theyâ(TM)ll be taken to a screen with more detail, such as what type of device is trying to log in and where in the world they are signing in from.
This is about using your phone and it's APP (or even an alternative e-mail address elsewhere) as a final "yes log me in on the device X in the world that just asked to log me in".
This is two factor without the second factor. Instead of sending a code to your phone, they simply send a hyperlink to your phone or alternate e-mail address asking you to confirm a login from elsewhere.
Notice the "second e-mail address" thingie. Yup, if plebs turn that on, e-mail addresses are chained together and someone stealing your gmail account will now have access to your yahoo account.
Hmmm, this is a neat idea, sure is a good idea for grandmas and the like. If it wasn't for the fact that people loose their phones all the time. And having users chain together mail accounts to allow them to recover their account when they loose their phone... eh, sounds dicey...
Does anyone actually have a reference to an article describing SPECIFICALLY how it works? Yahoo is being REALLY vague in their press releases, presumably to keep the plebs from getting confused or concerned. (All they say is "look, easy and safe".)
Everyone here is assuming they're sending an SMS code, but the descriptions from Yahoo read like this:
> To sign in, you'll just need to tap "Yes" on the notification we send to your phone.
Are they using MMS? (Multi Media Texts?)
Is their App reading your text messages!?!? Effectively using SMS as a side channel?
You know what comes next -- heavy attacks upon PHONE COMPANIES to steal phone numbers. The creaky ancient phone system is going to bust open under this... everyone's personal phone numbers are going to get slammed on a regular basis. Rich, famous, and powerful people especially.
Personally I think 80% of the blame is with the telco companies who can't get their asses off the couch to agree on a more modern open communication protocol, who instead are still using POTS and it's caller-id cludges which allow anyone in the world to falsify a phone call.
Maybe they'll do something neat like putting in one non-shingle platter.... (yeah yeah, cylinders, but still...) Or maybe everyone will do something really neat at the driver/OS level like putting one regular drive or one SSD in the array of shingle drives, and let zfs handle the optimization.
Personally, a 10TB drive would be perfect for many of us for the collections of.... stuff.... we have, that is write once and never write ever again, or if we do we don't really care about write speed. Any random read/write loads I have goes onto an SSD.
Yeah, I'm with all of you. If he's seeing symptoms for a long cable run, it's not any kind of "lag", it's flat out signaling loss and interference problems.
We should also point out that the physical specifications for some protocols and the high signaling rates may make it such that over a certain length, no type of cable will work.
For example - networking protocols and gear are designed for "not short distance" runs, but even they top out around 100m.
A quick similar google for hdmi shows that beyond the 15 meters (50 feet) distance you need very good quality cable, and that much longer than 30m (100 ft) is not doable.
> The British government source told CNN on Friday that Russia has moved 4,000 to 5,000 military personnel -- a figure far higher than one U.S. official's earlier claim of 1,000 troops.
Oh great, once again an "anonymous government source" is the basis for the media's coverage of a pending war?
No fucking way.
NONE of the independent media that has travelled to eastern ukraine has found actual russian troops.
> the Ukraine Defence Minister claims Russia has made threats that they're prepared to use tactical nuclear weapons to stop further resistance.
The Ukrainian government is the second least trustworthy news source involved in this conflict. This is the most idiotic infalmatory statement I've heard in ages.
The funniest thing is that weeks ago when the Ukraine forces were "winning", they didn't want to stop for talks but the rebels and Moscow did. Now that the rebels have the upper hand, Ukraine wants to talk but the rebels don't (or at least not without a partial pullback of Ukraine forces).
I don't know, thousands of small companies run forums online for customer interaction and customer support purposes. If this law is written in a bad way, BAM, suddenly no Russians will ever be allowed to create accounts on those forums, and no small company is going to go rent a server in Russia and dedicate engineer time to tying the two together so that Russians can register and login to a forum in Russia, but yet still see a single view of all the public posts and threads that exist on the "internal Russian" site and the external general site.
Literally, this means that forum owners need to put a little line on their registration page saying "sorry, no Russians allowed". And despite that, there's the possibility that the companies would suddenly be liable and in violation of Russian law for existing/prior users, and any users who sign up anyways, and any Russian users who sign up while obscuring their identity or origin (and what, are you a small company really going to put in filters on source IP addresses and hope that covers you, etc etc etc).
I understand the intent of the law, but I bet they write it loosely enough that they shoot tends of thousands of companies the world over in the foot.
That's a gross over-generalization, or rather hyperbolic spin on reality.
Do you drive a car? You help kill 100,000 Americans a year, by deciding to drive. And 20,000 pedestrians, and 10,000 cyclists. With complete impunity as long as it's an "accident" (statistical likelyhood with sufficient statistical reality).
> What I don't understand is why anyone would invest a single dime of their own money in a business operating in a country where the instant an investment starts paying off, someone else will come reap all your rewards.
They don't. Not any more, not to the same extent. Russia actually took a significant economic hit when the investment money slowly evaporated over the past 10 years, but it's hidden by the rise in the price of oil and gas (at least gas in Europe, still, so far..).
WHAT? That article is from 8 days ago!!! It's still talking about the Andamaan sea!! It says NOTHING about the search off Australia.
The diagram I saw two days ago showed all seven pings and their exact times (11 minutes past each hour), and that is how they have come up with these small slices of the arc. This article specifically states that:
What the NTSB has done is very simple. Assume it's most likely the plane is travelling at a steady speed, not too fast, not too slow, and mathematically match that to the available ping locations. BAM, you have the smalls slices shown there. All of the other areas would require the plane to do wierd things like turn around after the last ping, or slow down excessively, or speed up excessively.
OP's story/article is a pile of baloney, just like most media coverage. ALL of the pings have been used to create the new search areas, the ones that they've been carefully searching SINCE TUESDAY.
Comcast is not a peer. Comcast is an end user. Comcast should pay for both the inbound and outbound traffic onto a backbone.
Nowwww, this gets complicated as hell if Comcast owns or bought a backbone network.
I don't know. Maybe the old model just doesn't work any more, because in the old days "soruces" and "sinks" were spread out, now they're not, they're all segregated, network A is all sinks, network B is all source. And the idea that "source pays" seems kind of stupid. The siniks are the information consumers. Although I guess that provides no incentive for sources to get good network connections.
Maybe the "net source pays" should only apply if the traffic is traversing a network. If it's destination is on the given network, it should be "sink pays". If the source is on the given network, then it should be "source pays".
So you have a hosting plan, you are a source, you pay your hosting provider who pays their ISP. You have DSL or Cable, you are a sink and you pay your provider who pays for network. In between the two, anyone who accepts traffic that transits their network, well those peering points should obviously operate on some kind of "net source" manner, because that provides incentive for networks to build themselves out to reduce their "net source" charges.
Arcs are TESTABLE. Imarsat staff can look at live online airliner data and live ping timing data, and calibrate their calculations. If it's "plus or minus 5000 miles", it will be obvious. If it's "plus or minus 100 miles", it will also be obvious.
Please leave the eningeering and science to the Engineers and Scientists.
Did anyone OTHER than a bloody news organization specifically actually say this?
I'm certain it was a MISQUOTE or a badly written vague re-summary. Literally 12 hours ago I read a two part sentence, where the first part was based on what an "un-named source said", and the second part of the sentence even to my ears clearly was a vague rewrite of what the idiot reporter "understood" from what the source said but was note specifically quoted on.
Read one way the sentence the REPORTER wrote could be interpreted as "they have 4 hours of engine data", read the other way it was clear that the reporter was told "the engines were working at xpm and had fuel for 3 more hours"... and the fucking REPORTERS wrote up a summary that would OBVIOUSLY be misleading.
Seriously, the MEDIA is the biggest problem with this entire fucking thing. I.M.P.O.
Yup, same here. It's annoying, having twice as many hard drives as one needs including one entire set on the shelf, but it's the way to go.
I don't actually have a raid array for the live data, I have just a collection of disks mounted individually and so the files are already forced into "appropriate sized sets" suitable for a simple full disk robocopy.
I'm not sure what I'd do if I had a massive raid array of that size. Probably just grin and bear it and have a single 1-3 TB "new/incoming" that can be regularly backed up, and when it was full then make a final backup for the shelf and move it's contents into the long term raid array storage area, and I'd (try) and never make changes to the main long term raid files.
In Italy. I grew up assuming Italy was a first world western country, and from a few select aspects it is. But there's a whole bunch of other things that they are almost no better than 2nd or 3rd world at. The fact that they prosecuted and convicted someone of something like this in my and many people's books is utterly and completely worthless.
Yup, this. My 65 year old mom was able to put up with the annoyances of Noscript. She told me all the websites she regularly uses and I went through her bookmarks and history and configured Noscript to allow the minimums necessary on the sites that didn't quite work without partial permissions.
I even went so far as to install a local copy of VMware and put a browser in it without noscript (but with adblock), and told her to use it if she was ever "browsing dark corners and stuff she doesn't normally browse, wanted to click on a link in e-mail, or wanted to install something".
The computer within a computer confused her a little bit, don't think she ever did really understood that, but she got used to it and knew how to use it.
I think I was lucky that she'd not been on the internet long nor signed up for anything ever -- she got zero spam. That might be your second biggest viral vector. To counter that, I'd say tell her she's not to look at attachments or click on links in e-mail, even and especially if the e-mail came from friends or family, without forwarding the e-mail to you first.
Oh look, another company to whom I've entered into a commercial agreement with that now has a right to my entire browsing history and "public metadata". Super.
Slashdot Mirror
Correction - this is one factor with the one factor being possession of a separate physical device.
( self reply because this is slashdot without edit ability )
Oh ffs, this has nothing to do with signing into Yahoo ON your mobile phone.
> After set-up is complete, users will only have to type in their Yahoo Mail addresses when logging in from a new browser or device to prompt the Account Key log-in process. Yahoo will send a push notification to their smartphone where they can simply hit âoeyesâ to allow the new login. If users tap the notification theyâ(TM)ll be taken to a screen with more detail, such as what type of device is trying to log in and where in the world they are signing in from.
This is about using your phone and it's APP (or even an alternative e-mail address elsewhere) as a final "yes log me in on the device X in the world that just asked to log me in".
This is two factor without the second factor. Instead of sending a code to your phone, they simply send a hyperlink to your phone or alternate e-mail address asking you to confirm a login from elsewhere.
Notice the "second e-mail address" thingie. Yup, if plebs turn that on, e-mail addresses are chained together and someone stealing your gmail account will now have access to your yahoo account.
Hmmm, this is a neat idea, sure is a good idea for grandmas and the like. If it wasn't for the fact that people loose their phones all the time. And having users chain together mail accounts to allow them to recover their account when they loose their phone... eh, sounds dicey...
Does anyone actually have a reference to an article describing SPECIFICALLY how it works? Yahoo is being REALLY vague in their press releases, presumably to keep the plebs from getting confused or concerned. (All they say is "look, easy and safe".)
Everyone here is assuming they're sending an SMS code, but the descriptions from Yahoo read like this:
> To sign in, you'll just need to tap "Yes" on the notification we send to your phone.
Are they using MMS? (Multi Media Texts?)
Is their App reading your text messages!?!? Effectively using SMS as a side channel?
You know what comes next -- heavy attacks upon PHONE COMPANIES to steal phone numbers. The creaky ancient phone system is going to bust open under this... everyone's personal phone numbers are going to get slammed on a regular basis. Rich, famous, and powerful people especially.
http://ask.ofcom.org.uk/help/t...
Personally I think 80% of the blame is with the telco companies who can't get their asses off the couch to agree on a more modern open communication protocol, who instead are still using POTS and it's caller-id cludges which allow anyone in the world to falsify a phone call.
Maybe they'll do something neat like putting in one non-shingle platter.... (yeah yeah, cylinders, but still...) Or maybe everyone will do something really neat at the driver/OS level like putting one regular drive or one SSD in the array of shingle drives, and let zfs handle the optimization.
Personally, a 10TB drive would be perfect for many of us for the collections of .... stuff .... we have, that is write once and never write ever again, or if we do we don't really care about write speed. Any random read/write loads I have goes onto an SSD.
Yeah, I'm with all of you. If he's seeing symptoms for a long cable run, it's not any kind of "lag", it's flat out signaling loss and interference problems.
We should also point out that the physical specifications for some protocols and the high signaling rates may make it such that over a certain length, no type of cable will work.
For example - networking protocols and gear are designed for "not short distance" runs, but even they top out around 100m.
http://www.google.com/search?q...
A quick similar google for hdmi shows that beyond the 15 meters (50 feet) distance you need very good quality cable, and that much longer than 30m (100 ft) is not doable.
Solution? Fiber. http://www.gefen.com/kvm/ext-h... Not cheap though, $1700.
> The British government source told CNN on Friday that Russia has moved 4,000 to 5,000 military personnel -- a figure far higher than one U.S. official's earlier claim of 1,000 troops.
Oh great, once again an "anonymous government source" is the basis for the media's coverage of a pending war?
No fucking way.
NONE of the independent media that has travelled to eastern ukraine has found actual russian troops.
> the Ukraine Defence Minister claims Russia has made threats that they're prepared to use tactical nuclear weapons to stop further resistance.
The Ukrainian government is the second least trustworthy news source involved in this conflict. This is the most idiotic infalmatory statement I've heard in ages.
The funniest thing is that weeks ago when the Ukraine forces were "winning", they didn't want to stop for talks but the rebels and Moscow did. Now that the rebels have the upper hand, Ukraine wants to talk but the rebels don't (or at least not without a partial pullback of Ukraine forces).
Cool. Was it easy to find all the things and settings to do this? Or do you have your own list of plugins and settings that were necessary?
I don't know, thousands of small companies run forums online for customer interaction and customer support purposes. If this law is written in a bad way, BAM, suddenly no Russians will ever be allowed to create accounts on those forums, and no small company is going to go rent a server in Russia and dedicate engineer time to tying the two together so that Russians can register and login to a forum in Russia, but yet still see a single view of all the public posts and threads that exist on the "internal Russian" site and the external general site.
Literally, this means that forum owners need to put a little line on their registration page saying "sorry, no Russians allowed". And despite that, there's the possibility that the companies would suddenly be liable and in violation of Russian law for existing/prior users, and any users who sign up anyways, and any Russian users who sign up while obscuring their identity or origin (and what, are you a small company really going to put in filters on source IP addresses and hope that covers you, etc etc etc).
I understand the intent of the law, but I bet they write it loosely enough that they shoot tends of thousands of companies the world over in the foot.
The "organics" did not react with the "nuclear" part of the "nuclear waste", they reacted with the 1% acid that was still in the solution.
A pure chemical reaction.
(Made complicated/ugly by the combustion products carrying away small amounts of nuclear waste, for sure.)
Thanks! And here's a good link for the ISSs current position and track: http://iss.astroviewer.net/
> they can kill 13 people with impunity
That's a gross over-generalization, or rather hyperbolic spin on reality.
Do you drive a car? You help kill 100,000 Americans a year, by deciding to drive. And 20,000 pedestrians, and 10,000 cyclists. With complete impunity as long as it's an "accident" (statistical likelyhood with sufficient statistical reality).
> What I don't understand is why anyone would invest a single dime of their own money in a business operating in a country where the instant an investment starts paying off, someone else will come reap all your rewards.
They don't. Not any more, not to the same extent. Russia actually took a significant economic hit when the investment money slowly evaporated over the past 10 years, but it's hidden by the rise in the price of oil and gas (at least gas in Europe, still, so far..).
What's that? The pings "got longer"? OMG I've never heard that before, that sounds like new information!, post. post. post. post. post.
Ummm, except this was all published FIVE DAYS AGO, simply in a more useful form:
http://i1.minus.com/iPcccu2MDL...
They've been searching based on this "new information" since TUESDAY:
http://www.abc.net.au/news/201...
Slate, FutureWise, Jeff Wise, and Timothy, are all idiots who are FIVE DAYS OUT OF DATE.
WHAT? That article is from 8 days ago!!! It's still talking about the Andamaan sea!! It says NOTHING about the search off Australia.
The diagram I saw two days ago showed all seven pings and their exact times (11 minutes past each hour), and that is how they have come up with these small slices of the arc. This article specifically states that:
http://online.wsj.com/news/art...
Here is the image I'm talking about:
http://i1.minus.com/iPcccu2MDL...
What the NTSB has done is very simple. Assume it's most likely the plane is travelling at a steady speed, not too fast, not too slow, and mathematically match that to the available ping locations. BAM, you have the smalls slices shown there. All of the other areas would require the plane to do wierd things like turn around after the last ping, or slow down excessively, or speed up excessively.
OP's story/article is a pile of baloney, just like most media coverage. ALL of the pings have been used to create the new search areas, the ones that they've been carefully searching SINCE TUESDAY.
Peering is for peers. For backbone providers.
Comcast is not a peer. Comcast is an end user. Comcast should pay for both the inbound and outbound traffic onto a backbone.
Nowwww, this gets complicated as hell if Comcast owns or bought a backbone network.
I don't know. Maybe the old model just doesn't work any more, because in the old days "soruces" and "sinks" were spread out, now they're not, they're all segregated, network A is all sinks, network B is all source. And the idea that "source pays" seems kind of stupid. The siniks are the information consumers. Although I guess that provides no incentive for sources to get good network connections.
Maybe the "net source pays" should only apply if the traffic is traversing a network. If it's destination is on the given network, it should be "sink pays". If the source is on the given network, then it should be "source pays".
So you have a hosting plan, you are a source, you pay your hosting provider who pays their ISP. You have DSL or Cable, you are a sink and you pay your provider who pays for network. In between the two, anyone who accepts traffic that transits their network, well those peering points should obviously operate on some kind of "net source" manner, because that provides incentive for networks to build themselves out to reduce their "net source" charges.
> Arcs are a lie
Arcs are TESTABLE. Imarsat staff can look at live online airliner data and live ping timing data, and calibrate their calculations. If it's "plus or minus 5000 miles", it will be obvious. If it's "plus or minus 100 miles", it will also be obvious.
Please leave the eningeering and science to the Engineers and Scientists.
Did anyone OTHER than a bloody news organization specifically actually say this?
I'm certain it was a MISQUOTE or a badly written vague re-summary. Literally 12 hours ago I read a two part sentence, where the first part was based on what an "un-named source said", and the second part of the sentence even to my ears clearly was a vague rewrite of what the idiot reporter "understood" from what the source said but was note specifically quoted on.
Read one way the sentence the REPORTER wrote could be interpreted as "they have 4 hours of engine data", read the other way it was clear that the reporter was told "the engines were working at xpm and had fuel for 3 more hours"... and the fucking REPORTERS wrote up a summary that would OBVIOUSLY be misleading.
Seriously, the MEDIA is the biggest problem with this entire fucking thing. I.M.P.O.
Yup, same here. It's annoying, having twice as many hard drives as one needs including one entire set on the shelf, but it's the way to go.
I don't actually have a raid array for the live data, I have just a collection of disks mounted individually and so the files are already forced into "appropriate sized sets" suitable for a simple full disk robocopy.
I'm not sure what I'd do if I had a massive raid array of that size. Probably just grin and bear it and have a single 1-3 TB "new/incoming" that can be regularly backed up, and when it was full then make a final backup for the shelf and move it's contents into the long term raid array storage area, and I'd (try) and never make changes to the main long term raid files.
Are you sure he said "video"?
Running a shower against a wall is something I might do to defeat laser reflector and conduction audio taps.
They might just have an audio tape with nothing but the thunder of water on it, and be really pissed :)
> There was a trial
In Italy. I grew up assuming Italy was a first world western country, and from a few select aspects it is. But there's a whole bunch of other things that they are almost no better than 2nd or 3rd world at. The fact that they prosecuted and convicted someone of something like this in my and many people's books is utterly and completely worthless.
> Ownership of copyright means you should be able to stop publishing new html
Just because you own the copyright doesn't mean you get to demand that everyone in the world burn the books you sold them.
> enforcing Firefox with Adblock and Noscript
Yup, this. My 65 year old mom was able to put up with the annoyances of Noscript. She told me all the websites she regularly uses and I went through her bookmarks and history and configured Noscript to allow the minimums necessary on the sites that didn't quite work without partial permissions.
I even went so far as to install a local copy of VMware and put a browser in it without noscript (but with adblock), and told her to use it if she was ever "browsing dark corners and stuff she doesn't normally browse, wanted to click on a link in e-mail, or wanted to install something".
The computer within a computer confused her a little bit, don't think she ever did really understood that, but she got used to it and knew how to use it.
I think I was lucky that she'd not been on the internet long nor signed up for anything ever -- she got zero spam. That might be your second biggest viral vector. To counter that, I'd say tell her she's not to look at attachments or click on links in e-mail, even and especially if the e-mail came from friends or family, without forwarding the e-mail to you first.
Yeah, but when they're communicating via e-mail and filing bug reports and writing documentation, they're SKIMPING heavily.
The difference in quality and quantity of written content between people who can touch type and people who can't, is pretty big.
impo touch typing should be a mandatory class in high school these days.
Oh look, another company to whom I've entered into a commercial agreement with that now has a right to my entire browsing history and "public metadata". Super.