Most of the data verification on Freenet is based on SHA256. There is a well supported mechanism for signed keys (SSKs), but those are almost always used to simply redirect to the hash-based keys that use SHA256. Signatures in Freenet are based on DSA (slightly different lengths than the standard specifies, but the math is identical).
The paper won't download here, so I'm asking without RTFA, but how can this work against Freenet? Do they discuss Freenet in the paper at all? Freenet does chunk-level hashing, and the network enforces that the data matches the hash at all steps. Nodes returning invalid data will rapidly get dropped by their peers. Attacks like this are something that Freenet is explicitly designed to prevent. Also, the anonymity guarantees that Freenet makes would make it hard (potentially very hard) for them to identify a single user, let alone "collusion".
I'm forced to wonder whether the researchers mention Freenet at all, or if the poster is simply lumping Freenet in with other p2p apps that it has very little in common with. (Bittorrent and Freenet should be similar in some ways to their resistance against this attack, but Freenet's strong anonymity guarantees should make it more resistant. The fact that a node engaged in widespread poisoning will have trouble even staying connected makes Freenet even more resistant.)
Or you could just use the quantum resistor noise from the input impedance of your sound card. Seriously, people seem to think getting good quality quantum entropy is hard. It isn't. The hard part is turning that entropy into bits: ensuring you have enough entropy to be generating as many bits as you are, and making sure that those bits are whitened and debiased properly, and that the entropy is properly distributed among them so that the non-random stuff in your input stream doesn't leak through. Not to mention more mundane things like ensuring that if your sound card or geiger counter or whatever dies and stops producing entropy you notice before you output a whole lot of "random" bits that look somewhat random but don't have any real entropy in them.
Can we stop talking about how the random bits come from background sound, lava lamps, radioactive decay, or wherever, and instead worry about whether they've been handled properly after they were gathered? After all, that's the hard part.
Most of those that I've seen (though I haven't looked recently) have been disappointingly low res -- fine for non-HD movies or presentations, not so good for desktop usage. I've heard reports that they can be overly dim, too, but that's something I'd be happy to test for myself in my environment.
Hence "approximately". Most kerosenes, diesels, and gasolines are somewhere in the range of 1.95-2.2 H per C. Yes, you won't find CH2 itself with any regularity outside of a combustion process, but I only specified ratios, not details of structure. Paraffin wax is very close to CnH2n, gasoline has a lot of octane (2.25:1 H:C ratio) but also some assorted unsaturated stuff that brings the average down.
It's phrased as a joke, but it's a serious point: you really can store the hydrogen, in a usably energetic form, by sticking it to carbon atoms. That's not true of oxygen, so changing out C for O in the statement misses the point completely. Furthermore, if you had a renewable method of generating hydrogen, it would be worth at least evaluating converting it into diesel (or kerosene, or gasoline, or methane, or...) for storage and transport -- not because diesel is more efficient, but because we have so much installed infrastructure to handle it.
In this case, it's actually basically correct. The electropotential of the reaction is 0.037 volts. That means that in order to get electrons to move, and the reaction to proceed, you have to apply [just over] 0.037 volts to the reaction cell. The *energy* required is related directly to this number -- you need 0.037 electron-volts of energy per electron you wish to move through the reaction, and each electron liberates one half of one H2 molecule. Note that volts is equivalent to joules per coulomb. If you want to know how much energy is needed per gram of hydrogen, you take (reaction potential) * (charge per electron) * (electrons per H2 molecule) * (H2 molecules per gram of H2) = 3570 J/gram.
In short: volts is the measure of energy input required per atom of H liberated. You didn't expect an answer of "3 joules", did you? You expected joules per gram. This is just a unit conversion away, and is actually more directly informative to people who understand the electrochemistry.
You know what's even better? People spread the stuff on their teeth!
Sorry, folks, chemicals are just chemicals... if you want to live in the modern world, you'll have to be ignorant, get over your weird hangups, or do without a rather large number of things.
Every time I see people complaining about hydrogen storage, I find myself wondering what's so hard about it. You can store hydrogen fairly densely and easily by just attaching it to carbon atoms in a roughly 2:1 ratio. What's more, we already have the infrastructure in place to transport and use hydrogen that's been stored in this manner. And, even better, no high pressures, low temperatures, or special materials are required!
No, compressing hydrogen does not get you liquid hydrogen. Room temperature is above its critical temperature, and so is a supercritical fluid -- more gas-like than liquid-like, regardless of pressure, until you hit truly, truly exotic regimes. Also, at the pressures people usually talk about storing compressed hydrogen at for these sorts of applications, it is already not behaving like an ideal gas -- doubling the pressure does not halve the volume.
Everybody seems to be hating on the new Transformers movie, but really, the critics have it wrong. In actuality, Michael Bay finally made an art movie.
You're right, the Times didn't censor Wikipedia. Wikipedia censored its contributors. I'm not sure how you could possibly arrive at the conclusion that Jimmy Wales was not "exercising official supervision over conduct". He's an official (in the context of Wikipedia) and he put a stop to certain conduct. So, by your own definition, censorship.
I happen to think WP and the times did the right thing here; I still think it was censorship. In the same scenario, if the government had been the one doing it, I'd have been a lot more skeptical that it was ok -- but I believe that how wrong censorship is depends on the circumstances, including the reasons to publish, the reasons not to publish, and who is exercising the control.
They're getting less money. That means they either need to spend less money, take in more money, engage in deficit spending, or some combination of those. As someone whose taxes they will be spending, I think they should both raise taxes and spend less, but not make up the budget shortfall on either one alone.
Of course the budget looks different as a result of changing economic conditions. So what? I know they need to change either income or expenses, and they appear to as well. My complaint is with how they plan to go about collecting more money, not the fact that they plan to do so.
I also note that if they want to spend less, that means that some people currently employed by the government won't be any more. In the middle of an economic downturn is a particularly harsh time to cut jobs. I think it's reasonable for the government to decide that it isn't fair to make up the entire budget shortfall by cutting jobs, and that some of it should be made up by taxpayers tightening their belts. Cutting lots of jobs isn't going to help the economy recover, but neither is having the budget collapse. A mixed approach seems appropriate.
My only complaint is that, if they need to raise taxes, they should look at the reasonably effective set of taxes in place, and just increase them slightly. Finding new taxes that people won't notice is more complicated, and takes up time they could better spend on other things. Trying to hide those taxes is disingenuous; I don't mind paying higher taxes if needed, I do mind them trying to make me not notice.
Speaking as a resident of NC, I think this law is a bad idea. I'm of mixed mind on Amazon's response, but I can't really fault them for it. The NC government has budget problems; they need to either cut spending or raise taxes. Personally, I'm inclined to think they should do a bit of both. However, I really think they should just raise income taxes, rather than trying to find new taxes that people won't notice as much. Fewer, simpler taxes is a good thing.
You'll note I said 50% faster, not 50% higher clock speed. He's complaining about benchmark numbers, which you may have noticed are not the same thing as clock speed.
Well, more generally, you have to apply Amdahl's law. Most complicated programs operate in a realm where there aren't well defined bottlenecks, and you can get more performance through more computer power, more memory, faster memory, faster disks, faster networking...
The point I was trying to make is that if you have crap code, and throw more compute power at it, it's unreasonable to expect it to perform like it isn't crap code -- but probably entirely reasonable to expect faster crap code.
Developers have been known to trade off performance for development ease. Frequently the result is crap code. Yes, it performs like crap on both sets of processors. But if the application is CPU-limited (rather than IO or memory or...), then throwing faster CPUs at it ought to make it proportionally faster, no? Obviously they thought the previous performance was acceptable, is it unreasonable to think that buying CPUs marketed as 50% faster should give a 50% performance increase? Clearly crap code will still run like crap, but you ought to be able to throw more CPU power at it and get 150% of crap performance.
Tennessee's laws state that in prosecuting the offense of sexual exploitation of a minor, "the state is not required to prove the actual identity or age of the minor."
I wonder if that's been tested. It sounds scary, in that it assumes the "minor" part.
TFA also makes it sound like in this case the identities of the people in the photograph are known. Personally, I think it's reasonable to prosecute someone for harming a minor if it's clear that's what they've done, even if you're not sure of the exact age or identity. However, as the defendant can probably produce the original photos he worked from, the models should be identifiable and provably of legal age (the ones that were nude, that is). (If they're adults, it should also be easy enough to show that without actual proof -- which, as the law says, is not required.)
Of course, imnsho, they should have to demonstrate actual harm, either direct or indirect -- production or sale, not just possession, in other words. Seeing as this didn't even involve the exploitation of a minor at any point, there shouldn't even be a question. But the law doesn't seem all that interested in my opinions...
It seems to me that helping them communicate (setting up proxies, opening more tor exit nodes, etc) is helpful, but not particularly open to cries of puppetry. Plenty of people are doing exactly that, and I think it's wonderful that there are simple things a quiet geek can do to help out a bit. Of course, detractors can always claim that open communication is a Western ideal, but it's become quite clear that a lot of Iranians want it as well.
Shameless plug time: Freenet is designed to provide anonymous, censorship resistant communications channels in the face of a serious adversary. For a number of technical reasons, the current version isn't all that well suited to the current situation in Iran. However, people are working on that and it might well be helpful at some point in the future. However, there's a less technical problem: it has no Persian translation! If anyone knows someone who speaks Persian well enough to translate, a translation would be much appreciated. The software includes a translation interface, so it's really easy to contribute a full or partial translation. Plenty of support for such an effort would be available as well.
If you can exploit a computer in any meaningful sense (ie get your code running on it), then it's fairly trivial to get a web server running. Contrary to popular belief, a basic web server is a *really* simple program. This won't even save a malware author any time or effort; it's as easy to ship their own as to reconfigure the one already present.
If your goal is to improve safety, it is not sufficient to find a way to blame the pilot and stop your investigation.
If your goal is to assign blame, then you can blame the pilot and stop. Unfortunately, that doesn't tend to improve safety, which ought to be the goal of a crash investigation.
Any report that ends with "pilot error" isn't worth the electrons it's printed on. Some airlines have dramatically lower pilot error rates than others; why? Pilots, like any other piece of the system, do not operate in a vacuum. Any investigation that determined that a crash was caused by a hydraulic failure, for example, would then proceed to investigate why the hydraulics failed. Were they built properly originally? Maintained correctly? Inspected properly? Used within design specifications? Similarly, when you find pilot error to be the cause, you should ask why the pilot made a mistake. Was he overworked? Distracted? Managing cockpit resources poorly? If so, why? In general, you can find a deeper cause for pilot error. Sometimes the NTSB / FAA keep investigating, sometimes they don't. Many of the underlying causes for pilot error involve things like airline policies, pilot cultures there, etc. And the airlines have the ability to affect those, for better or worse. Unsurprisingly, not all airlines are the same when it comes to safety and pilot error rates.
That would be why they say you have to take relativistic effects into account -- all of them, general relativity included, not just special relativity and its time dilation effects.
Slashdot Mirror
Most of the data verification on Freenet is based on SHA256. There is a well supported mechanism for signed keys (SSKs), but those are almost always used to simply redirect to the hash-based keys that use SHA256. Signatures in Freenet are based on DSA (slightly different lengths than the standard specifies, but the math is identical).
The paper won't download here, so I'm asking without RTFA, but how can this work against Freenet? Do they discuss Freenet in the paper at all? Freenet does chunk-level hashing, and the network enforces that the data matches the hash at all steps. Nodes returning invalid data will rapidly get dropped by their peers. Attacks like this are something that Freenet is explicitly designed to prevent. Also, the anonymity guarantees that Freenet makes would make it hard (potentially very hard) for them to identify a single user, let alone "collusion".
I'm forced to wonder whether the researchers mention Freenet at all, or if the poster is simply lumping Freenet in with other p2p apps that it has very little in common with. (Bittorrent and Freenet should be similar in some ways to their resistance against this attack, but Freenet's strong anonymity guarantees should make it more resistant. The fact that a node engaged in widespread poisoning will have trouble even staying connected makes Freenet even more resistant.)
Or you could just use the quantum resistor noise from the input impedance of your sound card. Seriously, people seem to think getting good quality quantum entropy is hard. It isn't. The hard part is turning that entropy into bits: ensuring you have enough entropy to be generating as many bits as you are, and making sure that those bits are whitened and debiased properly, and that the entropy is properly distributed among them so that the non-random stuff in your input stream doesn't leak through. Not to mention more mundane things like ensuring that if your sound card or geiger counter or whatever dies and stops producing entropy you notice before you output a whole lot of "random" bits that look somewhat random but don't have any real entropy in them.
Can we stop talking about how the random bits come from background sound, lava lamps, radioactive decay, or wherever, and instead worry about whether they've been handled properly after they were gathered? After all, that's the hard part.
Most of those that I've seen (though I haven't looked recently) have been disappointingly low res -- fine for non-HD movies or presentations, not so good for desktop usage. I've heard reports that they can be overly dim, too, but that's something I'd be happy to test for myself in my environment.
That works great... up until you look at the cost of projector bulbs. They cost as much as new LCD display.
Hence "approximately". Most kerosenes, diesels, and gasolines are somewhere in the range of 1.95-2.2 H per C. Yes, you won't find CH2 itself with any regularity outside of a combustion process, but I only specified ratios, not details of structure. Paraffin wax is very close to CnH2n, gasoline has a lot of octane (2.25:1 H:C ratio) but also some assorted unsaturated stuff that brings the average down.
It's phrased as a joke, but it's a serious point: you really can store the hydrogen, in a usably energetic form, by sticking it to carbon atoms. That's not true of oxygen, so changing out C for O in the statement misses the point completely. Furthermore, if you had a renewable method of generating hydrogen, it would be worth at least evaluating converting it into diesel (or kerosene, or gasoline, or methane, or...) for storage and transport -- not because diesel is more efficient, but because we have so much installed infrastructure to handle it.
In this case, it's actually basically correct. The electropotential of the reaction is 0.037 volts. That means that in order to get electrons to move, and the reaction to proceed, you have to apply [just over] 0.037 volts to the reaction cell. The *energy* required is related directly to this number -- you need 0.037 electron-volts of energy per electron you wish to move through the reaction, and each electron liberates one half of one H2 molecule. Note that volts is equivalent to joules per coulomb. If you want to know how much energy is needed per gram of hydrogen, you take (reaction potential) * (charge per electron) * (electrons per H2 molecule) * (H2 molecules per gram of H2) = 3570 J/gram.
In short: volts is the measure of energy input required per atom of H liberated. You didn't expect an answer of "3 joules", did you? You expected joules per gram. This is just a unit conversion away, and is actually more directly informative to people who understand the electrochemistry.
You know what's even better? People spread the stuff on their teeth!
Sorry, folks, chemicals are just chemicals... if you want to live in the modern world, you'll have to be ignorant, get over your weird hangups, or do without a rather large number of things.
Every time I see people complaining about hydrogen storage, I find myself wondering what's so hard about it. You can store hydrogen fairly densely and easily by just attaching it to carbon atoms in a roughly 2:1 ratio. What's more, we already have the infrastructure in place to transport and use hydrogen that's been stored in this manner. And, even better, no high pressures, low temperatures, or special materials are required!
No, compressing hydrogen does not get you liquid hydrogen. Room temperature is above its critical temperature, and so is a supercritical fluid -- more gas-like than liquid-like, regardless of pressure, until you hit truly, truly exotic regimes. Also, at the pressures people usually talk about storing compressed hydrogen at for these sorts of applications, it is already not behaving like an ideal gas -- doubling the pressure does not halve the volume.
They build enough iPhones that, if they announced to vendors that they wanted such a chip, it would get built.
Everybody seems to be hating on the new Transformers movie, but really, the critics have it wrong. In actuality, Michael Bay finally made an art movie.
You're right, the Times didn't censor Wikipedia. Wikipedia censored its contributors. I'm not sure how you could possibly arrive at the conclusion that Jimmy Wales was not "exercising official supervision over conduct". He's an official (in the context of Wikipedia) and he put a stop to certain conduct. So, by your own definition, censorship.
I happen to think WP and the times did the right thing here; I still think it was censorship. In the same scenario, if the government had been the one doing it, I'd have been a lot more skeptical that it was ok -- but I believe that how wrong censorship is depends on the circumstances, including the reasons to publish, the reasons not to publish, and who is exercising the control.
They're getting less money. That means they either need to spend less money, take in more money, engage in deficit spending, or some combination of those. As someone whose taxes they will be spending, I think they should both raise taxes and spend less, but not make up the budget shortfall on either one alone.
Of course the budget looks different as a result of changing economic conditions. So what? I know they need to change either income or expenses, and they appear to as well. My complaint is with how they plan to go about collecting more money, not the fact that they plan to do so.
I also note that if they want to spend less, that means that some people currently employed by the government won't be any more. In the middle of an economic downturn is a particularly harsh time to cut jobs. I think it's reasonable for the government to decide that it isn't fair to make up the entire budget shortfall by cutting jobs, and that some of it should be made up by taxpayers tightening their belts. Cutting lots of jobs isn't going to help the economy recover, but neither is having the budget collapse. A mixed approach seems appropriate.
My only complaint is that, if they need to raise taxes, they should look at the reasonably effective set of taxes in place, and just increase them slightly. Finding new taxes that people won't notice is more complicated, and takes up time they could better spend on other things. Trying to hide those taxes is disingenuous; I don't mind paying higher taxes if needed, I do mind them trying to make me not notice.
Speaking as a resident of NC, I think this law is a bad idea. I'm of mixed mind on Amazon's response, but I can't really fault them for it. The NC government has budget problems; they need to either cut spending or raise taxes. Personally, I'm inclined to think they should do a bit of both. However, I really think they should just raise income taxes, rather than trying to find new taxes that people won't notice as much. Fewer, simpler taxes is a good thing.
You'll note I said 50% faster, not 50% higher clock speed. He's complaining about benchmark numbers, which you may have noticed are not the same thing as clock speed.
Well, more generally, you have to apply Amdahl's law. Most complicated programs operate in a realm where there aren't well defined bottlenecks, and you can get more performance through more computer power, more memory, faster memory, faster disks, faster networking...
The point I was trying to make is that if you have crap code, and throw more compute power at it, it's unreasonable to expect it to perform like it isn't crap code -- but probably entirely reasonable to expect faster crap code.
Developers have been known to trade off performance for development ease. Frequently the result is crap code. Yes, it performs like crap on both sets of processors. But if the application is CPU-limited (rather than IO or memory or...), then throwing faster CPUs at it ought to make it proportionally faster, no? Obviously they thought the previous performance was acceptable, is it unreasonable to think that buying CPUs marketed as 50% faster should give a 50% performance increase? Clearly crap code will still run like crap, but you ought to be able to throw more CPU power at it and get 150% of crap performance.
TFA:
I wonder if that's been tested. It sounds scary, in that it assumes the "minor" part.
TFA also makes it sound like in this case the identities of the people in the photograph are known. Personally, I think it's reasonable to prosecute someone for harming a minor if it's clear that's what they've done, even if you're not sure of the exact age or identity. However, as the defendant can probably produce the original photos he worked from, the models should be identifiable and provably of legal age (the ones that were nude, that is). (If they're adults, it should also be easy enough to show that without actual proof -- which, as the law says, is not required.)
Of course, imnsho, they should have to demonstrate actual harm, either direct or indirect -- production or sale, not just possession, in other words. Seeing as this didn't even involve the exploitation of a minor at any point, there shouldn't even be a question. But the law doesn't seem all that interested in my opinions...
It seems to me that helping them communicate (setting up proxies, opening more tor exit nodes, etc) is helpful, but not particularly open to cries of puppetry. Plenty of people are doing exactly that, and I think it's wonderful that there are simple things a quiet geek can do to help out a bit. Of course, detractors can always claim that open communication is a Western ideal, but it's become quite clear that a lot of Iranians want it as well.
Shameless plug time: Freenet is designed to provide anonymous, censorship resistant communications channels in the face of a serious adversary. For a number of technical reasons, the current version isn't all that well suited to the current situation in Iran. However, people are working on that and it might well be helpful at some point in the future. However, there's a less technical problem: it has no Persian translation! If anyone knows someone who speaks Persian well enough to translate, a translation would be much appreciated. The software includes a translation interface, so it's really easy to contribute a full or partial translation. Plenty of support for such an effort would be available as well.
If you can exploit a computer in any meaningful sense (ie get your code running on it), then it's fairly trivial to get a web server running. Contrary to popular belief, a basic web server is a *really* simple program. This won't even save a malware author any time or effort; it's as easy to ship their own as to reconfigure the one already present.
Perhaps that's the problem. I think lightning rods are supposed to be more coppery than irony.
If your goal is to improve safety, it is not sufficient to find a way to blame the pilot and stop your investigation.
If your goal is to assign blame, then you can blame the pilot and stop. Unfortunately, that doesn't tend to improve safety, which ought to be the goal of a crash investigation.
Any report that ends with "pilot error" isn't worth the electrons it's printed on. Some airlines have dramatically lower pilot error rates than others; why? Pilots, like any other piece of the system, do not operate in a vacuum. Any investigation that determined that a crash was caused by a hydraulic failure, for example, would then proceed to investigate why the hydraulics failed. Were they built properly originally? Maintained correctly? Inspected properly? Used within design specifications? Similarly, when you find pilot error to be the cause, you should ask why the pilot made a mistake. Was he overworked? Distracted? Managing cockpit resources poorly? If so, why? In general, you can find a deeper cause for pilot error. Sometimes the NTSB / FAA keep investigating, sometimes they don't. Many of the underlying causes for pilot error involve things like airline policies, pilot cultures there, etc. And the airlines have the ability to affect those, for better or worse. Unsurprisingly, not all airlines are the same when it comes to safety and pilot error rates.
That would be why they say you have to take relativistic effects into account -- all of them, general relativity included, not just special relativity and its time dilation effects.