That's very... odd. Why would they require an on-line check to validate the signature? And why would there be a fee?
As understand it, it's because it's tied in with ICAO Doc 9303P1-1, which again, as I understand it, allows each passport-issuing state to have its own root CA. Now, a UK passport/ID card validator may not (and probably won't) know about the PKI for Tajikistan, say, so there needs to be a facility to allow offline checks of their passports/ID cards, based only on information the passport/ID card brings with it. Or not at all, in the case of Adam Laurie's modified clone (as some passport-issuing states may not even be signing their passports yet, or have any plans to do so).:-)
The whole point of public key-based digital signatures is that you can publish the root public keys far and wide. Then anyone can validate the signature offline -- and it scales arbitrarily.
I'm not saying you're mistaken, but there's a piece missing here.
That assumes that a consensus can be obtained regarding the operation of a unified system of root CAs. Looking at disputes related to DNS and US government administration of ICANN, I don't think that's likely any time soon.
As I understand it from this ZDnet article, Adam Laurie removed the DG14 certificate. This blog post ties in with that, and the idea that cards' authenticity can be checked on-line (at a cost of £2 per check) or offline. Without the DG14 certificate, the on-line check would fail, as you state, but the offline check will pass. Offline checks are necessary for scalability when you expect 70 million cards in circulation, each performing at least a few "low-security" transactions every day, but introduce obvious potential security problems.
I think there are two things of note. First the article is in the Daily Mail which has a populist agenda usually veering alarmingly to the right. They have jumped on the anti-id bandwagon so maybe this article should be taken with a pinch of salt.
True, but like a stopped clock, the Daily Mail does (occasionally) accurately tell a true story. In this case, I'm familiar with Adam Laurie and his work and trust him more than any Home Office spokesperson.
I think there's good justification to say the alleged crime occurred in the US.
Let's try a little thought experiment. If I stand at my country's border and swing my fists in the air, no crime is committed. If I swing my fists in the air and hit you whilst you're also in the same country, a crime of assault clearly occurs within my country. If, however, my fists hit you whilst you're stood in a neighbouring country, then if that neighbouring country has a crime of assault, then it has occurred there. If you were not stood there, no crime would have occurred, therefore, the location of the victim, rather than the perpetrator must be the defining characteristic.
Actually, it's F11's signatures that have changed; the compression is still gzip. You can bypass the 'unpack on a Fedora box' step by using rpm2cpio, then extracting the cpio archive.
(I'm aware that my suggestion doesn't deal with an already-logged in scenario. If anyone has an answer to that one, please, do reply with it!)
Sounds like you need some kind of RF token and a receiver attached to the netbook; if the token goes out of range, the machine logs you out and/or shuts down. If push came to shove, I imagine you could bodge something together with a Bluetooth receiver and a Bluetooth enabled phone like BluePromixity does.
So what exactly does windows 7 have that is either exciting or even worth a hundred euros?
Support for third-party applications that require Windows 7, and security updates past April 8, 2014. Whether that's worth 100 is subjective, of course; personally, that's only worth about 40 to me.
My point was that unlike FAT, UDF isn't a proprietary standard, but is nearly as widely supported, making it suitable for the same classes of devices as which currently use FAT.
Actually, the TomTom already runs Linux, and there's an established project for hacking it - OpenTom. Source code for the FOSS bits and notes on the toolchain TomTom use at www.tomtom.com.
- Ireland if I need to get out in a hurry, but still have family ties to the UK. - France if I'm no longer active in my IT career, but have family ties. - Germany or the Netherlands if I have a little bit more time to plan and still have ties. - Canada or New Zealand if I have plenty of time and no ties (since I anticipate it being a one-way trip, given the way energy prices are heading long-term).
My requirements were; English-speaking, or a language I feel I can become functional in fairly quickly; preferably, a vibrant IT industry; a certain amount of distance from the UK-USA political axis (I realise that both Ireland and New Zealand are somewhat weak here) and a temperate climate; a reasonably strong culture of civil liberties (at least in recent years!)
Note that none of those choices are perfect, and German friends especially tell me that Germany is implementing many of the same anti-liberty policies as the UK. So I'm in no hurry, and have decided to stick around as long as I can and try to fight the changes here. Partly out of sheer laziness, partly because I feel if the UK falls to authoritarianism, other states (Ireland, NZ, Canada particularly) may well feel they have to fall in line too.
Thats a sequential test? You're an idiot. Try a random/semi random test; try some tests which are actually simulating a real life workload w/ and w/out memory cache.
Disk performance -hasn't- changed across the board. The linear IO throughput has changed but there's plenty of usage cases where that doesn't give you anything.
The OP said "Essentially our disks are no faster than they where 3 years ago, or even 5 years ago". Even a sequential test between a current drive and a five year old drive proves that statement false.
Of course, what you say is more precise, and correct, but we also have affordable and mass-market SSD devices. If it's low latency and fast "seek" times you're after, then that's the way to go, today. Some may say that's comparing apples and oranges, but when you start hitting the physical limitations of a device design, I'd say it's time to start looking at different designs that provide the same function.
We haven't talked dollars. The cost is important, but that's another dimension. Let's keep this to engineering chatter.
So what happens in shops that need really high performance? Well, if it's an application with lots of random reads but with hotspots, then cache will do nicely. But for raw random write performance i.e. the heavy transaction processing applications, it's gotta be more 15K RPM spindles at lower capacity. Or go crazy and solid state, but that's another party.
But the cost is part of the system engineering; I paid £77 each for the 200GB models in Nov 2004, and £88 each for the 1TB models in Dec 2008. That's pretty much the same price allowing for four years of inflation in between. So using RAID (or wider RAIDs if you were already using RAID) is even more affordable. I've been using RAID on my main home system since 2002. If you needed to use a 5*200GB JBOD in 2004, you should be able to justify at least a 8*1TB RAID10 array by now, or, as you say, upgrading from bog-standard 7200RPM drives to something faster; 10K, 15K or SSD.
Sure, from an engineering standpoint, it'd be elegant if there were fundamental and radical improvements (analogous to architectural improvements in CPU design), but from a pragmatic standpoint, who cares if you can get something fast enough by throwing more drives at the problem (analogous to ramping up the clock speed in CPU design).
I vote liberal and It's the only paper I generally read ( Okay sometimes the Independent...)
I tend to vote Lib Dem/Green and prefer to read from a number of sources for my news (in the hope I'll get something like a balanced overall picture), and read well-argued opposing editorials for opinion (e.g. Telegraph). I'll dip into things like the Daily Mail and The Sun just to see what the mass opinion is likely to be.
My career path after graduating with BSc in Comp Sci was a PC support technician for a University central IT department, to a junior pre-/post-sales tech at a small Value-Added Reseller specialising in Linux/network security/backup solutions, to the first line support desk of a computer security products VAR/distributor, onwards through second and third line and ending up as a member of their vulnerability assessment/penetration testing team.
I'd suggest that your next step is to go from doing IT for a non-IT specialist organisation, to doing so at a larger scale (e.g. a university or college, or a multinational), or even better, to join the help desk of an IT specialist organisation (e.g. ISP, manufacturer/software house, reseller). If you have a choice, pick something that'll give you exposure to lots of products and technologies, rather than just a handful.
Assuming you're planning on staying in the UK, I'm not sure a further qualification in Computing is useful, unless you're planning for a career in academia. You might want to look into alternatives that could 'flavour' an IT career and give you a background of the business you'd like to work in (e.g. Physics, Chemistry, Engineering, Law, Maths, Music)
...if there isn't, or it's quite reasonable, take the money, fulfil the contract, then take the money and go and do the same thing again, but even better next time now you have the capital to avoid cutting (any/as many) corners. Rinse and repeat.
Worked for a former boss/colleague of my acquaintance! Thrice!
Slashdot Mirror
That's very... odd. Why would they require an on-line check to validate the signature? And why would there be a fee?
As understand it, it's because it's tied in with ICAO Doc 9303P1-1, which again, as I understand it, allows each passport-issuing state to have its own root CA. Now, a UK passport/ID card validator may not (and probably won't) know about the PKI for Tajikistan, say, so there needs to be a facility to allow offline checks of their passports/ID cards, based only on information the passport/ID card brings with it. Or not at all, in the case of Adam Laurie's modified clone (as some passport-issuing states may not even be signing their passports yet, or have any plans to do so). :-)
As for the fee, that's probably related to The chancellor, Gordon Brown, [making] it clear that the ID card scheme, which is estimated to cost at least £5.8bn, has to be self-financing.
The whole point of public key-based digital signatures is that you can publish the root public keys far and wide. Then anyone can validate the signature offline -- and it scales arbitrarily.
I'm not saying you're mistaken, but there's a piece missing here.
That assumes that a consensus can be obtained regarding the operation of a unified system of root CAs. Looking at disputes related to DNS and US government administration of ICANN, I don't think that's likely any time soon.
As I understand it from this ZDnet article, Adam Laurie removed the DG14 certificate. This blog post ties in with that, and the idea that cards' authenticity can be checked on-line (at a cost of £2 per check) or offline. Without the DG14 certificate, the on-line check would fail, as you state, but the offline check will pass. Offline checks are necessary for scalability when you expect 70 million cards in circulation, each performing at least a few "low-security" transactions every day, but introduce obvious potential security problems.
I think there are two things of note. First the article is in the Daily Mail which has a populist agenda usually veering alarmingly to the right. They have jumped on the anti-id bandwagon so maybe this article should be taken with a pinch of salt.
True, but like a stopped clock, the Daily Mail does (occasionally) accurately tell a true story. In this case, I'm familiar with Adam Laurie and his work and trust him more than any Home Office spokesperson.
Apple are also welcome to study the GPLed source of btrfs and develop their own independent, but compatible implementation.
I think there's good justification to say the alleged crime occurred in the US.
Let's try a little thought experiment. If I stand at my country's border and swing my fists in the air, no crime is committed. If I swing my fists in the air and hit you whilst you're also in the same country, a crime of assault clearly occurs within my country. If, however, my fists hit you whilst you're stood in a neighbouring country, then if that neighbouring country has a crime of assault, then it has occurred there. If you were not stood there, no crime would have occurred, therefore, the location of the victim, rather than the perpetrator must be the defining characteristic.
Actually, it's F11's signatures that have changed; the compression is still gzip. You can bypass the 'unpack on a Fedora box' step by using rpm2cpio, then extracting the cpio archive.
You're welcome to study the GPLed drivers and write your own independent BSD-licensed implementation.
(I'm aware that my suggestion doesn't deal with an already-logged in scenario. If anyone has an answer to that one, please, do reply with it!)
Sounds like you need some kind of RF token and a receiver attached to the netbook; if the token goes out of range, the machine logs you out and/or shuts down. If push came to shove, I imagine you could bodge something together with a Bluetooth receiver and a Bluetooth enabled phone like BluePromixity does.
New series on BBC which seems apropos: on iPlayer
It might be The Stuff!
So what exactly does windows 7 have that is either exciting or even worth a hundred euros?
Support for third-party applications that require Windows 7, and security updates past April 8, 2014. Whether that's worth 100 is subjective, of course; personally, that's only worth about 40 to me.
Similarity of some symptoms, medication that is effective for both conditions, a history of one or other condition in a person's ancestry...
Um, FAT doesn't have those things either.
My point was that unlike FAT, UDF isn't a proprietary standard, but is nearly as widely supported, making it suitable for the same classes of devices as which currently use FAT.
Hopefully, soon, we can start using UDF instead of FAT. Cross-OS compatibility is pretty much there, though FAT's support is still the most broad.
China mandated micro-USB charging sockets in December 2006, so the EU is just falling in line. Yawn.
Actually, the TomTom already runs Linux, and there's an established project for hacking it - OpenTom. Source code for the FOSS bits and notes on the toolchain TomTom use at www.tomtom.com.
...and my shortlist kinda worked like this:
- Ireland if I need to get out in a hurry, but still have family ties to the UK.
- France if I'm no longer active in my IT career, but have family ties.
- Germany or the Netherlands if I have a little bit more time to plan and still have ties.
- Canada or New Zealand if I have plenty of time and no ties (since I anticipate it being a one-way trip, given the way energy prices are heading long-term).
My requirements were; English-speaking, or a language I feel I can become functional in fairly quickly; preferably, a vibrant IT industry; a certain amount of distance from the UK-USA political axis (I realise that both Ireland and New Zealand are somewhat weak here) and a temperate climate; a reasonably strong culture of civil liberties (at least in recent years!)
Note that none of those choices are perfect, and German friends especially tell me that Germany is implementing many of the same anti-liberty policies as the UK. So I'm in no hurry, and have decided to stick around as long as I can and try to fight the changes here. Partly out of sheer laziness, partly because I feel if the UK falls to authoritarianism, other states (Ireland, NZ, Canada particularly) may well feel they have to fall in line too.
Thats a sequential test? You're an idiot. Try a random/semi random test; try some tests which are actually simulating a real life workload w/ and w/out memory cache.
Disk performance -hasn't- changed across the board. The linear IO throughput has changed but there's plenty of usage cases where that doesn't give you anything.
The OP said "Essentially our disks are no faster than they where 3 years ago, or even 5 years ago". Even a sequential test between a current drive and a five year old drive proves that statement false.
Of course, what you say is more precise, and correct, but we also have affordable and mass-market SSD devices. If it's low latency and fast "seek" times you're after, then that's the way to go, today. Some may say that's comparing apples and oranges, but when you start hitting the physical limitations of a device design, I'd say it's time to start looking at different designs that provide the same function.
We haven't talked dollars. The cost is important, but that's another dimension. Let's keep this to engineering chatter.
So what happens in shops that need really high performance? Well, if it's an application with lots of random reads but with hotspots, then cache will do nicely. But for raw random write performance i.e. the heavy transaction processing applications, it's gotta be more 15K RPM spindles at lower capacity. Or go crazy and solid state, but that's another party.
But the cost is part of the system engineering; I paid £77 each for the 200GB models in Nov 2004, and £88 each for the 1TB models in Dec 2008. That's pretty much the same price allowing for four years of inflation in between. So using RAID (or wider RAIDs if you were already using RAID) is even more affordable. I've been using RAID on my main home system since 2002. If you needed to use a 5*200GB JBOD in 2004, you should be able to justify at least a 8*1TB RAID10 array by now, or, as you say, upgrading from bog-standard 7200RPM drives to something faster; 10K, 15K or SSD.
Sure, from an engineering standpoint, it'd be elegant if there were fundamental and radical improvements (analogous to architectural improvements in CPU design), but from a pragmatic standpoint, who cares if you can get something fast enough by throwing more drives at the problem (analogous to ramping up the clock speed in CPU design).
# hdparm -Tt /dev/sdc
/dev/sdc: /dev/sdc | grep Model /dev/sda
/dev/sda: /dev/sda | grep Model
Timing cached reads: 5120 MB in 2.00 seconds = 2562.04 MB/sec
Timing buffered disk reads: 84 MB in 3.02 seconds = 27.77 MB/sec # hdparm -i
Model=ST3200822A, FwRev=3.01, SerialNo=xxxxxx
# hdparm -Tt
Timing cached reads: 6078 MB in 1.99 seconds = 3052.95 MB/sec
Timing buffered disk reads: 338 MB in 3.01 seconds = 112.22 MB/sec
# hdparm -i
Model=ST31000333AS, FwRev=SD1B, SerialNo=xxxxxx
It's not even a full order of magnitude faster, but 112MB/s is still nearly four times faster. And these are both magnetic discs, rather than SSDs.
I vote liberal and It's the only paper I generally read ( Okay sometimes the Independent...) I tend to vote Lib Dem/Green and prefer to read from a number of sources for my news (in the hope I'll get something like a balanced overall picture), and read well-argued opposing editorials for opinion (e.g. Telegraph). I'll dip into things like the Daily Mail and The Sun just to see what the mass opinion is likely to be.
My career path after graduating with BSc in Comp Sci was a PC support technician for a University central IT department, to a junior pre-/post-sales tech at a small Value-Added Reseller specialising in Linux/network security/backup solutions, to the first line support desk of a computer security products VAR/distributor, onwards through second and third line and ending up as a member of their vulnerability assessment/penetration testing team.
I'd suggest that your next step is to go from doing IT for a non-IT specialist organisation, to doing so at a larger scale (e.g. a university or college, or a multinational), or even better, to join the help desk of an IT specialist organisation (e.g. ISP, manufacturer/software house, reseller). If you have a choice, pick something that'll give you exposure to lots of products and technologies, rather than just a handful.
Assuming you're planning on staying in the UK, I'm not sure a further qualification in Computing is useful, unless you're planning for a career in academia. You might want to look into alternatives that could 'flavour' an IT career and give you a background of the business you'd like to work in (e.g. Physics, Chemistry, Engineering, Law, Maths, Music)
Watchbird
In an ideal world, we wouldn't need police. People would be nice to each other and crime wouldn't happen.
...and in those circumstances, we wouldn't need laws or governments to enforce them which is... anarchy.
...if there isn't, or it's quite reasonable, take the money, fulfil the contract, then take the money and go and do the same thing again, but even better next time now you have the capital to avoid cutting (any/as many) corners. Rinse and repeat.
Worked for a former boss/colleague of my acquaintance! Thrice!