Presumably, the success of FreeNX and the advent of OpenNX is what pushed them over the edge -- the "code dump that no one can use hahaha" model wasn't working for them.
I'm not sure if you're being pedantic, or obtuse, or whether you just don't know this, but generally, when someone talks about the crypt method of password encoding, they mean "the standard Unix DES-based algorithm" talked about in your link.
Many people (not necessarily us super-smart slashdotters, but in the media and in general) appear to be taking the wrong lesson from this. This data breech shows that it doesn't really matter how good your password is if the list is not stored securely.
In this case, they were encoded with the flawed and ancient "crypt" method, which allowed the weakest passwords to be brute-forced very quickly. But there's plenty of CPU power out there, and rest assured that any stronger passwords wouldn't stand up to further scrutiny, no matter how many squiggly characters are included.
Because of this, people using weak passwords that they didn't use elsewhere ("lifehack" is a prime example) are certainly better off than someone who had a "strong" password used on multiple sites.
Why should people like myself, who have a legitimate reason for services on different ports, be punished because others lack the skills to properly secure their networks? Are you suggesting that I should have to proxy all of my services through apache even when their is no benefit to doing so? This isn't a problem that will be fixed from the top down I'm afraid.
You're misunderstanding. Alternate ports shouldn't be inherently penalized. They just shouldn't get a pagerank bump by being on the same hostname as something else. If your content is legit, there really shouldn't be any worry.
If the page-rank algorithm is currently automatically counting different web servers at the same address but on a different port as the same site, stop that.
The article says "... Tony Rosario, was an undercover agent with the Entertainment Software Association...". I'm gonna call O RLY on that one.
Even though not surprising that the entertainment industry lives in such a fantasy world, private corporate organizations do not get undercover agents. This was some random guy playing at cloak and dagger cops under the label of "private investigator".
Um, just who do you think is writing BTRFS? http://en.wikipedia.org/wiki/Btrfs I know its fashionable to knock Oracle every chance you get... but Look at the line:
As I understand it, Chris Mason brought his btrfs work with him when he started at Oracle, or at least the ideas for it. A kernel hacker of his caliber probably started the job with an agreement of exactly how that was going to go.
Oracle is a big organization; it's not surprising they act in apparently contradictory ways. They've done a reasonable amount of good open source work and made community contributions. But I stand by the statement that it's impossible to make a good prediction as to what Oracle is going to do with anything that comes from the Sun acquisition -- but you certainly don't need to take my word for it that most of the behavior so far seems to be aimed at short-term monetization rather than long-term community growth.
It differs from the Nvidia driver because the Nvidia module until recently was needed to make very common PC hardware work at all, and even with the new free software Nouveau drivers, still needed for game-level performance. ZFS has neat features, but you don't need it in order to have storage on Linux.
There's clearly a niche market for out-of-tree ZFS modules, or else this wouldn't have gotten funding. But if you're not already committed, it adds significant overhead. As someone who was dependent on OpenAFS for years for legacy reasons, I strongly caution people that the overhead is unlikely to be worth it.
OpenAFS, which still today provides features unavailable in any other production-ready network filesystem, is a nightmare to use in the real world because of its lack of integration with the mainline kernel. It's licensed under the "IPL", which like the CDDL is free-software/open source but not GPL compatible.
ZFS is very cool, but this approach is doomed to fail. It's much better to devote resources to getting our native filesystems up to speed -- or, ha, into convincing Oracle to relicense.
Personally, I was pretty sure Sun was going to go with relicensing under the GPLv3, which gives strong patent protection and would have put them in the hilarious position of being more-FSF free software than Linux. But with Oracle trying to squeeze the monetary blood from every last shred of good that came from Sun, who knows what's gonna happen.
The spores germinate only in very alkaline environments — concrete has a quite high pH. The article is vague on details, but notes that "[the bacteria] have a built-in self-destruct gene that prevents them from proliferating away from the concrete target."
Now, What Could Possibly Go Wrong and all of that, but the bases are nominally covered.
Google got popular because it was SIMPLE and FAST.
You're missing something. It was simple and fast, and gave results head and shoulders above those returned by the competition. Now, it's true that the competition had given up on getting better results and was instead working on trying to make money off of you while it tried to convince you you didn't want to leave the site anyway (so never mind those search results anyway -- please stay at our "portal"). But Google did more than just minimalism. Suddenly, the Internet was useful, because you could find what you needed, even if it was on some obscure page.
And how did Google make that work so well? Well, precisely by doing what you're worried about: organizing the results in a way which matches their algorithm's guess as to the most helpful response for your query.
Actually, I think it really is "beyond-astronomical degrees" that someone's self-selected password happens to have the same MD5 hash as that of a single letter repeated three times. That's what we're talking about here, not just any hash collision.
I think you meant to say that the latter (unfortunate password with same hash as "ppp") is improbable so the former (password actually was chosen to be "ppp") is more likely.
The bit I was replying to was convoluted enough that I probably shouldn't have referred to it that way. I meant the whole of "It was probably not ppp, but a rather unfortunate password whose md5 is the same as for 'ppp'." as the former and "they'd actually put in a password like that." as unfortunate but probably true.
It was probably not ppp, but a rather unfortunate password whose md5 is the same as for "ppp". I can't believe they'd actually put in a password like that.
Since the former is statistically improbable to beyond-astronomical degrees, the latter is, unfortunately, more likely.
Go to the local mass-market store like Lowes or even Target and look for a CFL bulb with the most lumens per watt.
Well, maybe. All fluorescent bulbs give off light at specific points in the spectrum, not broad almost-black-body radiation like sunlight through the atmosphere. And the cheaper ones are, as a rule of thumb, worse. It might wake you up, but it's unclear if it has the same effect on mood. It might -- more study needed!
It's a gimmick. There's no gigantic artificial whole-town sun or anything. Certainly nothing "ultimate".
Philips makes an alarm clock that includes a gradually-increasing bright light. They're couching this in the terms of an "experiment", but there's no actual science being performed. They just picked a north-of-the-arctic-circle town and gave away some of the product as a publicity stunt, and then sent out a text release, which is being published as news.
I live in Boston, which is north enough for me. I have a different Philips lightbox product, and I think it does provide a useful regulation of my mood in late winter afternoons. But I don't think the science behind it is particularly well developed, even if it seems promising. I thought for a second as I started to read the aticle (after I realized it wasn't the giant artificial sun thing) that it was a real scientific experiment with control groups and so on. Even then, it'd be hard to really control, because you can't exactly do a double-blind study. But, it's actually even lamer than that.
It's four colors, but they're four completely different colors in completely different shapes. The MS Windows logo has red-orange, green, blue, and yellow, in different window-pane-like configurations depending on version. (In older versions, the orange was more red, and the blue and green were darker -- clearly the four perceptual primary colors.)
The Fedora glyphs are a navy blue, a magenta-tinged pink, definitely orange, and bright green. They're decidedly off-primary, and not in the same way that the Windows 7 and other recent MS logos are.
If you think I'm being pedantic, look at them actually side-by-side and you'll see that the comparison is ridiculous.
Surprisingly, Microsoft doesn't actually own the concept of using four colors for a logo. It reminds me of this silliness. So yeah, I thought you were trolling. And I'll give you a half apology, because even if you weren't trolling, it's pretty silly.
Slashdot Mirror
Also, it comes with a copy of the GPL and an offer for source code.
Presumably, the success of FreeNX and the advent of OpenNX is what pushed them over the edge -- the "code dump that no one can use hahaha" model wasn't working for them.
(Pay no attention to the "PHP is no'" part of the above post. Awesome cut-paste-fail.)
The function predates PHP 1.0 by about 20 years. :) PHP is no'
I'm not sure if you're being pedantic, or obtuse, or whether you just don't know this, but generally, when someone talks about the crypt method of password encoding, they mean "the standard Unix DES-based algorithm" talked about in your link.
Many people (not necessarily us super-smart slashdotters, but in the media and in general) appear to be taking the wrong lesson from this. This data breech shows that it doesn't really matter how good your password is if the list is not stored securely.
In this case, they were encoded with the flawed and ancient "crypt" method, which allowed the weakest passwords to be brute-forced very quickly. But there's plenty of CPU power out there, and rest assured that any stronger passwords wouldn't stand up to further scrutiny, no matter how many squiggly characters are included.
Because of this, people using weak passwords that they didn't use elsewhere ("lifehack" is a prime example) are certainly better off than someone who had a "strong" password used on multiple sites.
Amazing how that works.
Why should people like myself, who have a legitimate reason for services on different ports, be punished because others lack the skills to properly secure their networks? Are you suggesting that I should have to proxy all of my services through apache even when their is no benefit to doing so? This isn't a problem that will be fixed from the top down I'm afraid.
You're misunderstanding. Alternate ports shouldn't be inherently penalized. They just shouldn't get a pagerank bump by being on the same hostname as something else. If your content is legit, there really shouldn't be any worry.
If the page-rank algorithm is currently automatically counting different web servers at the same address but on a different port as the same site, stop that.
The article says "... Tony Rosario, was an undercover agent with the Entertainment Software Association ...". I'm gonna call O RLY on that one.
Even though not surprising that the entertainment industry lives in such a fantasy world, private corporate organizations do not get undercover agents. This was some random guy playing at cloak and dagger cops under the label of "private investigator".
Um, just who do you think is writing BTRFS? http://en.wikipedia.org/wiki/Btrfs I know its fashionable to knock Oracle every chance you get... but Look at the line:
As I understand it, Chris Mason brought his btrfs work with him when he started at Oracle, or at least the ideas for it. A kernel hacker of his caliber probably started the job with an agreement of exactly how that was going to go.
Oracle is a big organization; it's not surprising they act in apparently contradictory ways. They've done a reasonable amount of good open source work and made community contributions. But I stand by the statement that it's impossible to make a good prediction as to what Oracle is going to do with anything that comes from the Sun acquisition -- but you certainly don't need to take my word for it that most of the behavior so far seems to be aimed at short-term monetization rather than long-term community growth.
It differs from the Nvidia driver because the Nvidia module until recently was needed to make very common PC hardware work at all, and even with the new free software Nouveau drivers, still needed for game-level performance. ZFS has neat features, but you don't need it in order to have storage on Linux.
There's clearly a niche market for out-of-tree ZFS modules, or else this wouldn't have gotten funding. But if you're not already committed, it adds significant overhead. As someone who was dependent on OpenAFS for years for legacy reasons, I strongly caution people that the overhead is unlikely to be worth it.
OpenAFS, which still today provides features unavailable in any other production-ready network filesystem, is a nightmare to use in the real world because of its lack of integration with the mainline kernel. It's licensed under the "IPL", which like the CDDL is free-software/open source but not GPL compatible.
ZFS is very cool, but this approach is doomed to fail. It's much better to devote resources to getting our native filesystems up to speed -- or, ha, into convincing Oracle to relicense.
Personally, I was pretty sure Sun was going to go with relicensing under the GPLv3, which gives strong patent protection and would have put them in the hilarious position of being more-FSF free software than Linux. But with Oracle trying to squeeze the monetary blood from every last shred of good that came from Sun, who knows what's gonna happen.
The bacteria they made in the lab likes the acidity of concrete. What about the mutant bacteria that the bacteria in the crack makes?
It won't survive because it's still in the very alkaline concrete environment? Or as Morbo might put it: EVOLUTION DOES NOT WORK THAT WAY.
What's the acidity of your lungs? Oh, I see. You didn't read the article. Carry on, then.
The spores germinate only in very alkaline environments — concrete has a quite high pH. The article is vague on details, but notes that "[the bacteria] have a built-in self-destruct gene that prevents them from proliferating away from the concrete target."
Now, What Could Possibly Go Wrong and all of that, but the bases are nominally covered.
Google got popular because it was SIMPLE and FAST.
You're missing something. It was simple and fast, and gave results head and shoulders above those returned by the competition. Now, it's true that the competition had given up on getting better results and was instead working on trying to make money off of you while it tried to convince you you didn't want to leave the site anyway (so never mind those search results anyway -- please stay at our "portal"). But Google did more than just minimalism. Suddenly, the Internet was useful, because you could find what you needed, even if it was on some obscure page.
And how did Google make that work so well? Well, precisely by doing what you're worried about: organizing the results in a way which matches their algorithm's guess as to the most helpful response for your query.
After all, there's always been wget -r and grep.
Actually, I think it really is "beyond-astronomical degrees" that someone's self-selected password happens to have the same MD5 hash as that of a single letter repeated three times. That's what we're talking about here, not just any hash collision.
I think you meant to say that the latter (unfortunate password with same hash as "ppp") is improbable so the former (password actually was chosen to be "ppp") is more likely.
The bit I was replying to was convoluted enough that I probably shouldn't have referred to it that way. I meant the whole of "It was probably not ppp, but a rather unfortunate password whose md5 is the same as for 'ppp'." as the former and "they'd actually put in a password like that." as unfortunate but probably true.
It was probably not ppp, but a rather unfortunate password whose md5 is the same as for "ppp". I can't believe they'd actually put in a password like that.
Since the former is statistically improbable to beyond-astronomical degrees, the latter is, unfortunately, more likely.
Until Microsoft permanently ceases asserting software patent rights, sharing their source code is of very limited value.
And therefore, it's interesting that the chose to use a license that explicitly offers a Grant of Patent License.
Go to the local mass-market store like Lowes or even Target and look for a CFL bulb with the most lumens per watt.
Well, maybe. All fluorescent bulbs give off light at specific points in the spectrum, not broad almost-black-body radiation like sunlight through the atmosphere. And the cheaper ones are, as a rule of thumb, worse. It might wake you up, but it's unclear if it has the same effect on mood. It might -- more study needed!
s/text release/press release/
It's a gimmick. There's no gigantic artificial whole-town sun or anything. Certainly nothing "ultimate".
Philips makes an alarm clock that includes a gradually-increasing bright light. They're couching this in the terms of an "experiment", but there's no actual science being performed. They just picked a north-of-the-arctic-circle town and gave away some of the product as a publicity stunt, and then sent out a text release, which is being published as news.
I live in Boston, which is north enough for me. I have a different Philips lightbox product, and I think it does provide a useful regulation of my mood in late winter afternoons. But I don't think the science behind it is particularly well developed, even if it seems promising. I thought for a second as I started to read the aticle (after I realized it wasn't the giant artificial sun thing) that it was a real scientific experiment with control groups and so on. Even then, it'd be hard to really control, because you can't exactly do a double-blind study. But, it's actually even lamer than that.
Okay, fine -- I'll post to undo the moderation.
It's four colors, but they're four completely different colors in completely different shapes. The MS Windows logo has red-orange, green, blue, and yellow, in different window-pane-like configurations depending on version. (In older versions, the orange was more red, and the blue and green were darker -- clearly the four perceptual primary colors.)
The Fedora glyphs are a navy blue, a magenta-tinged pink, definitely orange, and bright green. They're decidedly off-primary, and not in the same way that the Windows 7 and other recent MS logos are.
If you think I'm being pedantic, look at them actually side-by-side and you'll see that the comparison is ridiculous.
Surprisingly, Microsoft doesn't actually own the concept of using four colors for a logo. It reminds me of this silliness. So yeah, I thought you were trolling. And I'll give you a half apology, because even if you weren't trolling, it's pretty silly.