P.S: Sorry for my english mistakes. I am a Canadian born french african.
In the interest in improving your English, versus picking on you for it, I'd like to tell you that instead of saying "nothing happen" you should have said "nothing happened" in both instances.
There are two major components that make ABC's video offering possible:
1) Adobe Flash Media Server, aka FMS. Streams Flash movies over HTTP, but does so in a "smart" manner so that video degrades based on the performance of the client and of the pipe.
2) Akamai, which hosts thousands of geographically dispersed servers across the world. Akamai licenses Flash Media Server and hosts it on thousands of "edge" servers, which basically cache the most popular videos and stream them out from the most efficient location.
However, Google Video and YouTube do not use FMS. Since it's not their content, they don't care about its reliability quite so much. They simply package up a video inside a Flash file and serve it directly to users. If the user doesn't have the bandwidth, the video hangs or other bad things happen. I am pretty sure Google Video and YouTube also do geographic clustering (co-location) in order to reduce lag abd bandwidth costs, but I'm not sure on the details of that.
Getting back to ABC, there are two differences between their business and Google's: 1) ABC takes the user experience much more seriously (since it's their content), and 2) ABC isn't a technology company. Therefore they'll pay a little extra for the reliability and quality of FMS, and they sign up for Akamai's services because they don't have their own server farms.
The problem has nothing to do with a hash being as difficult to brute force as a username and password pair. I agree that they're equivalent -- and that's the problem. Allowing people to copy and paste URLs with authentication credentials burnt-in to them is insecure. For this reason, session keys are put into cookies rather that query parameters. Otherwise someone could just copy someone's URL onto a different computer and take over someone's logged-in state (perhaps inadvertantly!).
The fact is that hiding authentication-related state in POSTs and cookies is good design. I'm not suggesting that it's more secure to put raw SQL into POSTs versus GETs, but let's not make it easy for users to shoot themselves in the foot.
The business model for this product would likely parallel the business models for online spyware companies, such as Gator/Claria. That is: Give people something they want for free, and then bundle some things they may be okay with having too. For example, maybe this device could be embedded into free iPods? And since many people go everywhere with their iPods, the ad measurement device is always there to do it's thing. Personally I would just buy an iPod on my own, but there are many teenagers who don't have that liberty.
I've competed in the Charlottesville 10-miler before, but I've never run 13 miles straight. But my basic joke was that you said you'd run half a marathon if anyone doubted you. Now that I've doubted you, start running!! Now!
Close icon 2x the size of minimise and maximise, yet should be used far less.
I would say I maximize a window maybe twice a week, and I minimize them at about the same rate. But I open and close applications hundreds of times a day. So while the risk of closing a window accidentally is high -- it's already an out of the ordinary experience to minimize and maximize windows, so I'm used to being careful when I do it. Besides, applications that let you input valuable data (like word processors, Photoshop, even Notepad) all prompt you if you try to close a window without saving first.
Averages are less volatile not because they include low volatility stocks but because they're averages. A similar thing happens with molecules in the air -- their average energy determines the temperature, but there's still some really fast and really slow ones. But just because they exist doesn't mean you're going to burn or freeze to death randomly.
In addition, the S&P 500 aims to track the 500 publically traded largest companies in the US. Currently Google is 40th in terms of market capitalization and while it's currently ranked 541 on the 2005 Fortune 1000 (based on revenue), the Fortune 1000 also includes private companies -- and current analyst revenue expectations place it around 250th place in 2006.
Given the S&P's declared goal, it makes perfect sense to add Google.
If that's true, then why do 75-80%of mutual funds under perform the S&P index? Sure, maybe some mutual funds also buy high and sell low, but statistically no more than half of funds can do that in a market generally trending upwards. Therefore owning the 500 biggest publically traded US companies is a successful investment strategy, even if index funds must pay up a bit when a company is added to the index.
I really am frustrated that we've allowed the Feds this power -- there really is no Constitutional or reasonable allowance for letting them disturb trade.
Section 8 of the Constitution literally says "The Congress shall have Power To... provide for the common Defence and... To regulate Commerce with foreign Nations." In addition, Congress has the power to "To make all Laws which shall be necessary and proper for carrying into Execution the foregoing Powers", which means they can create departments such as the FBI to act on their behalf. While it's arguable that Check Point's bid to acquire Sourcefire is a danger to our common defence, Congress certainly has the right to regulate it through the commerce clause if they see fit.
Why DOES anyone pay $29 for e-filing??? Is it that much work to print out the forms and pay $0.39, maybe $0.78, to mail them in??
Is it because you get your tax refund sooner? Do you really need the tax refund back soon so much that you're willing to pay $29 for it? You would have to have a refund over $5000 for the e-filing fee to be cost effective versus a standard loan, assuming using e-filing saves one month of waiting.
Despite the fact it uses Flash it is actually nicely implemented.
If you don't have Flash, Google Finance will automatically degrade itself to using static images. I noticed it myself after using Google Finance on my desktop, and then showing someone it on a server machine (without Flash).
IBM is still International Business Machines. In fact, they file their yearly financial statements with the SEC as International Business Machines. What do you think IBM stands for these days?
Having diversity in web browsers makes it more time consuming (read: espensive) to develop web applications. However, the cost of developing Windows applications has remained the same, or even decreased with.NET's continuing adoption, making developing applications on Windows a more attractive option. And I probably don't have to state that by having more applications on Windows-only continues the Microsoft lock-in.
It's still a confusing term. I'm on a couple email lists with C++ developers here at work, and when they talk about ".NET" they mean Visual Studio. Even though we've upgraded to Visual Studio 2005!! And these are relatively smart and well educated developers, but they're caught in a habit.
It's going to be a long time before ".NET" ever means anything specific, if ever. Instead I think people will use terms like CLR, or even C# (even though it's just one of many languages to develop managed code), to describe the managed code framework. Though I think the fully-qualified term ".NET framework" is pretty clear, even though GP's first impression was that it's a fluff term.
Someday soon you will need explicit permission to generate machine code, enforced through the PKI mechanism they already have in place. To flip that "unsafe" switch you'll need a signed certificate, which Microsoft will only sign when you agree to their terms.
While this is technically possible, if Microsoft made it very difficult or expensive to develop applications for Windows, less applications would be developed for Windows. The value of the Windows platform would drop significantly. Users, without modern applications, would switch to Linux and OSX in hordes, especially now that many important applications are web applications that run great in Firefox on any major operating system.
Whereas a normal 8-character password would have around 90 possibilities for each letter, in this case, each character would have a maximum of around 26 possibilities
You're neglecting to account for the number of permutations in each of the four categories required. While in each category there's a maximum of around 26 possibilities, each category can be spread out over 28 different locations (8 choose 2). Now once the combinations for one category have been spread out, the combinations for the next category are limited to the remaining 6 positions (and 4 positions next)... so there's actually (8 choose 2) * (6 choose 2) * (4 choose 2) = 2520 configurations of character categories. That means there's significantly more entropy in the password scheme than your calculations indicate, though of course the most potential entropy would come with no character use requirements.
Slashdot Mirror
P.S: Sorry for my english mistakes. I am a Canadian born french african.
In the interest in improving your English, versus picking on you for it, I'd like to tell you that instead of saying "nothing happen" you should have said "nothing happened" in both instances.
There are two major components that make ABC's video offering possible:
1) Adobe Flash Media Server, aka FMS. Streams Flash movies over HTTP, but does so in a "smart" manner so that video degrades based on the performance of the client and of the pipe.
2) Akamai, which hosts thousands of geographically dispersed servers across the world. Akamai licenses Flash Media Server and hosts it on thousands of "edge" servers, which basically cache the most popular videos and stream them out from the most efficient location.
However, Google Video and YouTube do not use FMS. Since it's not their content, they don't care about its reliability quite so much. They simply package up a video inside a Flash file and serve it directly to users. If the user doesn't have the bandwidth, the video hangs or other bad things happen. I am pretty sure Google Video and YouTube also do geographic clustering (co-location) in order to reduce lag abd bandwidth costs, but I'm not sure on the details of that.
Getting back to ABC, there are two differences between their business and Google's: 1) ABC takes the user experience much more seriously (since it's their content), and 2) ABC isn't a technology company. Therefore they'll pay a little extra for the reliability and quality of FMS, and they sign up for Akamai's services because they don't have their own server farms.
George Mason University?
Both Windows Live and Google have the same strategy. The only difference is that Microsoft's dumb enough to tell it to people.
Are we supposed to believe someone who goes to college in Mississippi and calls it "Uni"?? :)
The problem has nothing to do with a hash being as difficult to brute force as a username and password pair. I agree that they're equivalent -- and that's the problem. Allowing people to copy and paste URLs with authentication credentials burnt-in to them is insecure. For this reason, session keys are put into cookies rather that query parameters. Otherwise someone could just copy someone's URL onto a different computer and take over someone's logged-in state (perhaps inadvertantly!).
The fact is that hiding authentication-related state in POSTs and cookies is good design. I'm not suggesting that it's more secure to put raw SQL into POSTs versus GETs, but let's not make it easy for users to shoot themselves in the foot.
The business model for this product would likely parallel the business models for online spyware companies, such as Gator/Claria. That is: Give people something they want for free, and then bundle some things they may be okay with having too. For example, maybe this device could be embedded into free iPods? And since many people go everywhere with their iPods, the ad measurement device is always there to do it's thing. Personally I would just buy an iPod on my own, but there are many teenagers who don't have that liberty.
I've competed in the Charlottesville 10-miler before, but I've never run 13 miles straight. But my basic joke was that you said you'd run half a marathon if anyone doubted you. Now that I've doubted you, start running!! Now!
I ran a half-marathon in under an hour and a half and put up 235 pounds on the bench for anybody who doubts me.
I doubt you. Now go run a half-marathon, fatty.
Does -anyone- wear sandals and a ponytail anymore? That's kind of cliche.
:)
Yes, my ex-girlfriend does. And without her I'd probably know a lot more about Linux by now.
(I say this because she was fun to hang out with, not because she was evil.)
Close icon 2x the size of minimise and maximise, yet should be used far less.
I would say I maximize a window maybe twice a week, and I minimize them at about the same rate. But I open and close applications hundreds of times a day. So while the risk of closing a window accidentally is high -- it's already an out of the ordinary experience to minimize and maximize windows, so I'm used to being careful when I do it. Besides, applications that let you input valuable data (like word processors, Photoshop, even Notepad) all prompt you if you try to close a window without saving first.
Averages are less volatile not because they include low volatility stocks but because they're averages. A similar thing happens with molecules in the air -- their average energy determines the temperature, but there's still some really fast and really slow ones. But just because they exist doesn't mean you're going to burn or freeze to death randomly.
In addition, the S&P 500 aims to track the 500 publically traded largest companies in the US. Currently Google is 40th in terms of market capitalization and while it's currently ranked 541 on the 2005 Fortune 1000 (based on revenue), the Fortune 1000 also includes private companies -- and current analyst revenue expectations place it around 250th place in 2006.
Given the S&P's declared goal, it makes perfect sense to add Google.
If that's true, then why do 75-80%of mutual funds under perform the S&P index? Sure, maybe some mutual funds also buy high and sell low, but statistically no more than half of funds can do that in a market generally trending upwards. Therefore owning the 500 biggest publically traded US companies is a successful investment strategy, even if index funds must pay up a bit when a company is added to the index.
If you're that concerned about it, why don't you short Google as a hedge?
I really am frustrated that we've allowed the Feds this power -- there really is no Constitutional or reasonable allowance for letting them disturb trade.
... provide for the common Defence and ... To regulate Commerce with foreign Nations." In addition, Congress has the power to "To make all Laws which shall be necessary and proper for carrying into Execution the foregoing Powers", which means they can create departments such as the FBI to act on their behalf. While it's arguable that Check Point's bid to acquire Sourcefire is a danger to our common defence, Congress certainly has the right to regulate it through the commerce clause if they see fit.
Section 8 of the Constitution literally says "The Congress shall have Power To
Why DOES anyone pay $29 for e-filing??? Is it that much work to print out the forms and pay $0.39, maybe $0.78, to mail them in??
Is it because you get your tax refund sooner? Do you really need the tax refund back soon so much that you're willing to pay $29 for it? You would have to have a refund over $5000 for the e-filing fee to be cost effective versus a standard loan, assuming using e-filing saves one month of waiting.
Despite the fact it uses Flash it is actually nicely implemented.
If you don't have Flash, Google Finance will automatically degrade itself to using static images. I noticed it myself after using Google Finance on my desktop, and then showing someone it on a server machine (without Flash).
IBM is still International Business Machines. In fact, they file their yearly financial statements with the SEC as International Business Machines. What do you think IBM stands for these days?
Having diversity in web browsers makes it more time consuming (read: espensive) to develop web applications. However, the cost of developing Windows applications has remained the same, or even decreased with .NET's continuing adoption, making developing applications on Windows a more attractive option. And I probably don't have to state that by having more applications on Windows-only continues the Microsoft lock-in.
"miracale" (with a Spanish pronounciation) would be an excellent name for Pfizer jalapeno suppositories!
I know, that's the point of my post.
It's still a confusing term. I'm on a couple email lists with C++ developers here at work, and when they talk about ".NET" they mean Visual Studio. Even though we've upgraded to Visual Studio 2005!! And these are relatively smart and well educated developers, but they're caught in a habit.
It's going to be a long time before ".NET" ever means anything specific, if ever. Instead I think people will use terms like CLR, or even C# (even though it's just one of many languages to develop managed code), to describe the managed code framework. Though I think the fully-qualified term ".NET framework" is pretty clear, even though GP's first impression was that it's a fluff term.
Is this game a joke?? Oh, it's made by Schadenfreude Interactive. They must have just made it so they can laugh at their customers.
Someday soon you will need explicit permission to generate machine code, enforced through the PKI mechanism they already have in place. To flip that "unsafe" switch you'll need a signed certificate, which Microsoft will only sign when you agree to their terms.
While this is technically possible, if Microsoft made it very difficult or expensive to develop applications for Windows, less applications would be developed for Windows. The value of the Windows platform would drop significantly. Users, without modern applications, would switch to Linux and OSX in hordes, especially now that many important applications are web applications that run great in Firefox on any major operating system.
Whereas a normal 8-character password would have around 90 possibilities for each letter, in this case, each character would have a maximum of around 26 possibilities
... so there's actually (8 choose 2) * (6 choose 2) * (4 choose 2) = 2520 configurations of character categories. That means there's significantly more entropy in the password scheme than your calculations indicate, though of course the most potential entropy would come with no character use requirements.
You're neglecting to account for the number of permutations in each of the four categories required. While in each category there's a maximum of around 26 possibilities, each category can be spread out over 28 different locations (8 choose 2). Now once the combinations for one category have been spread out, the combinations for the next category are limited to the remaining 6 positions (and 4 positions next)