I don't know about you guys, but I run many linux servers. I have a mix of CPU's, and the HT servers seem to perform better than non HT servers. Is linux better optimized for HT?
uhm, yeah, but that was a MUCH bigger hole. All you need for the hotmail bug was the victim's email address. (for a bug like that, they should have shut down the whole system until it was fixed) For google, you need their authentication token... which, is probably a problem for a lot of sites... not a super duper high priority bug if you ask me.
no no, they fixed this problem on the server side. Even if you give hackers your credentials, they still can't get in. I'd really like to see their code for this fix.
There is also a HUGE difference between SERVER applications like gmail and desktop software from Microsoft. With Gmail, none of the users need to update their computers to get the fix, while with Microsoft, everyone has to update their computer to get the fix. Who knows how many fixes Google has put in since gmail went live.
This device is not "getting farther from fossil fuels" as all the input fuel on the truck is still diesel. In fact, I'd say it rather confuses the whole matter. just because hydrogen is in the mix, it doesn't make a fully hydrogen powered car any closer.
The device IS environmentally friendly because it uses less fuel and produces less polution.
Yeah, but how does the hyrdogen become fuel? You burn some coal in a power plant to make the electricity to make the hydrogen. After all the releases from the power plant, you add on top of that water vapor from your car! That would make these cars even worse for the environment!
The truth is that water vapor may be a cause of global warming. Think of all the people watering their lawns in the desert. Where does all the water go?
Mod parent up. This is currently the best solution out there.. though I wish their interface were a bit more streamlined, they have no DRM and many options on formats.
compared to solar cells. Are you crazy or something? about the only place where land is more expensive is in or close to a city.
Solar cells cost about $100 per sqft.. while land around here costs about $50k per acre, or about $1 per sqft.
If you can get me some solar cells for less than $1 per square foot, I think we could have a good business.
Ok ok, so that was a bad question... But, is it worth it for the $1 install? Most spyware companies only pay $0.25, and they get massive pop up ads and unlimited upgrades!
This is the best answer here. If something is really more efficient, it will be cheaper to operate and own in the long term. If the goverment or a company has to subsidize something, it's probably not efficient enough for the free market (ie. ethanol)
I've tried many many times to install freevo and mythtv, but it's alway failed (why doesn't yum install mythtv work? ) . If these projects can't build a good installer, I certainly don't trust them to record a show or replace my tivo.
The location of the form is irrelevant, all that matters is that the action that it submits to is secured, and from a quick look at the HTML it is.
Having talked to security folks at chase, I know that that's what they think as well. Unfortunately, that is not the case, and they should be fired.
The only way to ensure that your login is not redirected, you'd have to look at the form action on the page, every time you use it. Not only that, but you'd have to verify that none of the javascripts on the page redirect the form submission. That's right, just looking at the form action is not enough.
An easy man in the middle attack on chase.com could rewrite the login form submissions to some other secure server. DNS poisoning is just one way to get in the middle. Proxying port 80 would be another.
My main point though is not that this practice is wrong and insecure, it's that it does not teach uses the most secure way to access their account.
Every time there is a banking security article, I start pointing to Chase bank and Amex, both of which use pitiful security practices on their sites. The most important one of all, is to teach the user to always login from a secure site, and one with the bank name.
Chase - has a login on their insecure site http://www.chase.com/, and puts a "lock" image on the page. This does not teach users where the proper lock is and dumbs down security.
Amex - does the same thing that Chase does on americanexpress.com.
CitiBank - Another bad problem, weird domain names. While Citibank uses citi.com and citibank.com, they put their credit card login on "accountonline.com"... Users have gotten used to weird domain names, and just trust the site when they see the logo. They use another domain name when linking from emails!
Maybe, the question is how many bloggers are making six figures per year.
My guess is that it's a lot more than you think, it's probably at least 5,000 - 10,000.
It does of course depend on what you consider a blog. Is fark.com a blog? I bet drew makes 7 figures.
The fact is, when small time operators make it big, they start shutting up about how much they make. I know a few website operators that started rolling in it.. You couldn't tell by their site.
I'm saying that the goverment does and should limit funding to the drug industry. I don't think the government should pay for all the R&D for the drug industry to profit.
The stem cell debate seems to me to be about not letting the government limiting the funding. I think the figure is around $100 million they are spending on stem cell research already.
If stem cells offer so much potential, private industry can well afford to fund the research.
There is no ban on stem cell research in the US!!! There is only a limitation on government funding of some specific types of stem cells.
I think there should be limits on all sorts of government funding. I have no idea on why everyone is suddenly for unlimited government funding of the drug industry.
Slashdot Mirror
If I wanted to raise 10 billion dollars for world peace, and no one gave me any money, does that mean that EVERYONE is against world peace?
I don't know about you guys, but I run many linux servers. I have a mix of CPU's, and the HT servers seem to perform better than non HT servers. Is linux better optimized for HT?
uhm, yeah, but that was a MUCH bigger hole. All you need for the hotmail bug was the victim's email address. (for a bug like that, they should have shut down the whole system until it was fixed) For google, you need their authentication token... which, is probably a problem for a lot of sites... not a super duper high priority bug if you ask me.
no no, they fixed this problem on the server side. Even if you give hackers your credentials, they still can't get in. I'd really like to see their code for this fix.
There is also a HUGE difference between SERVER applications like gmail and desktop software from Microsoft. With Gmail, none of the users need to update their computers to get the fix, while with Microsoft, everyone has to update their computer to get the fix. Who knows how many fixes Google has put in since gmail went live.
It's all based on size of the download file... which I guess to more tuned to the cost of their business.
for this device, they just need to fill up on water... which I assume they already have water tanks on the trucks?
This device is not "getting farther from fossil fuels" as all the input fuel on the truck is still diesel. In fact, I'd say it rather confuses the whole matter. just because hydrogen is in the mix, it doesn't make a fully hydrogen powered car any closer.
The device IS environmentally friendly because it uses less fuel and produces less polution.
Yeah, but how does the hyrdogen become fuel? You burn some coal in a power plant to make the electricity to make the hydrogen. After all the releases from the power plant, you add on top of that water vapor from your car! That would make these cars even worse for the environment!
The truth is that water vapor may be a cause of global warming. Think of all the people watering their lawns in the desert. Where does all the water go?
it's called auto-save and it's enabled by default.
Mod parent up. This is currently the best solution out there.. though I wish their interface were a bit more streamlined, they have no DRM and many options on formats.
compared to solar cells. Are you crazy or something? about the only place where land is more expensive is in or close to a city. Solar cells cost about $100 per sqft.. while land around here costs about $50k per acre, or about $1 per sqft. If you can get me some solar cells for less than $1 per square foot, I think we could have a good business.
Yeah, like nothing. They are only paying for US installs.
Ok ok, so that was a bad question... But, is it worth it for the $1 install? Most spyware companies only pay $0.25, and they get massive pop up ads and unlimited upgrades!
Uhg. Yes. I lost all my respect for this article, the author and the site. If they can't present the units right, what else did they do wrong?
This is the best answer here. If something is really more efficient, it will be cheaper to operate and own in the long term. If the goverment or a company has to subsidize something, it's probably not efficient enough for the free market (ie. ethanol)
It would have been nice if apple linked up w/ google video... or if only google had a gPod.
I've tried many many times to install freevo and mythtv, but it's alway failed (why doesn't yum install mythtv work? ) . If these projects can't build a good installer, I certainly don't trust them to record a show or replace my tivo.
Having talked to security folks at chase, I know that that's what they think as well. Unfortunately, that is not the case, and they should be fired.
The only way to ensure that your login is not redirected, you'd have to look at the form action on the page, every time you use it. Not only that, but you'd have to verify that none of the javascripts on the page redirect the form submission. That's right, just looking at the form action is not enough.
An easy man in the middle attack on chase.com could rewrite the login form submissions to some other secure server. DNS poisoning is just one way to get in the middle. Proxying port 80 would be another.
My main point though is not that this practice is wrong and insecure, it's that it does not teach uses the most secure way to access their account.
I get redirect to accountonline.com when logging into my credit card account. You can see pages on it, for example; https://www.accountonline.com/View?docId=UserIDLoo kup&siteId=CB&langId=EN
Chase - has a login on their insecure site http://www.chase.com/, and puts a "lock" image on the page. This does not teach users where the proper lock is and dumbs down security.
Amex - does the same thing that Chase does on americanexpress.com.
CitiBank - Another bad problem, weird domain names. While Citibank uses citi.com and citibank.com, they put their credit card login on "accountonline.com"... Users have gotten used to weird domain names, and just trust the site when they see the logo. They use another domain name when linking from emails!
My guess is that it's a lot more than you think, it's probably at least 5,000 - 10,000.
It does of course depend on what you consider a blog. Is fark.com a blog? I bet drew makes 7 figures.
The fact is, when small time operators make it big, they start shutting up about how much they make. I know a few website operators that started rolling in it.. You couldn't tell by their site.
There are lots of alternative root DNS projects out there: http://en.wikipedia.org/wiki/Alternative_DNS_root and it's only a matter of ISPs dns or your own dns settings to support them.
The stem cell debate seems to me to be about not letting the government limiting the funding. I think the figure is around $100 million they are spending on stem cell research already.
If stem cells offer so much potential, private industry can well afford to fund the research.
I think there should be limits on all sorts of government funding. I have no idea on why everyone is suddenly for unlimited government funding of the drug industry.