In a word, they are pretty good, but not perfect. The commercial version includes the teaching portion where you talk for like twenty minutes as it learns your voice. I've only tried it in it's own little app, which is not a real good word processor, but it's good for entering text. I would read paragraphs of Newspaper articles as fast as I could, and it was nearly perfect. It would miss names or things that you would expect. It could even play back the audio of what you just read in/Your Voice/ or it's own TTS engine. It wasn't as good when I tried to feed is other stuff. I guess it's geared to corporate / news speak.
I've also developed some test apps w/ the SDK. It's not as good for free text, but could handle special commands and vocabularies. Things like automating mp3 playing and turning on and off lights would be good for that. You should try it out if that's what you're looking for!
I just got this kit in the mail today. B.E.A.M Solar Robot Kits. Interesting things to do with transistors, motors, solar cells and a few other parts. This guy put together a few kits from surplus parts. They all around $10.
Other sites have put together other BEAM kits that are more expensive. SolarBotics seems to have a lot of stuff listed.
Now I gotta go do some sodering!
rsync has some features..
on
A Better FTP?
·
· Score: 2, Redundant
not exactly FTP, but it does tranfer files. It tunnels over ssh, and can copy vast directory trees. And for slow connections, it can both compress the data, and only transfer the files and parts of files that are needed (sorta binary diff).
Re:Light on real story?
on
Review: K-PAX
·
· Score: 1
Well, I did say it was interesting, more interesting then most films, but disappointing.
The whole part about tracking down what had happened to prot 5 years ago does nothing to
help prot get better. The end is just depressing. Except for the rich, well off doc, is finally talking to his son again. Big deal.
Why did he stop talking to him in the first place? The doc is just a big self centered jerk, and only crazy people where doing anything useful.
Saw it : Ending insteresting, but disappointing.
on
Review: K-PAX
·
· Score: 3, Informative
In the end, Bridges fails to heal even one person. The only thing he might have done is
turn this fuctioning alien into a comatose patient. Prot was the only one actually helping
people, and his entity took of on a beam of light. While Prot couldn't take his own (borrowed) body with him to k-pax, he could take someone else's.
The movie is a cute flick, but it is heavy on the dreamy musical scenes and light on a real story.
It's a complete service. You just check in a kernel patch, and you get an email with the results! It runs all sorts of runs from networking to file system. I'm sure many people will find this very helpful.
Now there is a distributed system that would help
out this project. Granted, you need some hardware, but it shouldn't be that expensive. Those computerized Meade telescope
like this one,
aren't that expensive. Now if they could be centrally controlled and linked, very high resolution images could be rendered? I bet there are already some people set up with this. Any projects started? What are they tracking these days?
I've tracked down a number of security bugs. After verifying their existance, I immediately
contact the company(ies) involved. Guess what?
They don't all respond. Some of the problems I have found are with browser software, it was only until I made it public, with sample code, that I was even contacted by the companies.
In my most recent finds, not made public yet, there are a number of gross privacy bugs in some pretty major websites ( similar to the hotmail problems, but with banking, news and ecommerce sites ).. Well, besides the difficulty in even finding someone in their organization to tell about the problem, once told they ususally do nothing. So, the question I have is what do I do now? Leave your banking site wide open, or make the exploit public to get something done?
Ok, here is the plug for my Alice bot site. It let's you instantly create an alice bot on our website, then, modify the preferences to get it to say things you want. You can also download a client to get it on AIM. You can also talk to the thousands of bots already created..
http://www.webcomics.com/bot/
The RIAA believes that this kind of technological "self-help" against online pirates, if done carefully, is legal under current federal law. But the RIAA is worried about the USA Act banning that practice -- and neither the Senate nor the House versions of that bill include the RIAA's suggested changes.
It would seem that they are only trying to prevent this bill from outlawing their hacking. Is there no law preventing their cracks right now? Are they already working on a system to break into everyone's computer? Have they already started it up?
In fact, it's really an entirely different attack. While you may argue that it would be covered in the statement "many CGI programmers fail to consider ways in which their programs may be misused or subverted to execute malicious commands".. that's like saying that all security holes are just using in the server in some way the sa did not consider. It is hardly enough to direct developers to fix this problem.
They did not mention one exploit that was cross site scripting, even though there have been many many advisories from CERT.
Protecting input from being executed on the server side does not help here.
It is also not at all limited to cgi applications. In some cases, it's been the web server itself, in others, it's been the app server. It's also not limited to "user input", which many programmers seem to consider to be the form fields. It really any input values that can be passed to program from the external world. paths, id's, options, etc.. Also, a common place where these holes show up is in error messages spit back to users.. Hardly a place where people look for patching.
This one affects most every site, including ones like chase, citibank, aol, slashdot, nytimes and many more. It's cross platform and their is not an easy patch. I wouldn't be surprised if there
were already malicious undetected scripts that
could pretty much get your logins to all your favorite sites.
Tivo never actually plays live TV. It only plays recordings. Tivo is constanly recording the incoming video stream. The interface that you have is just a playback of recorded programs, including the current "live buffer". However, you can never actually watch live tv, the closest you can get is a ~2 second delay. Everything you see is coming directly off the harddrive... Maybe this is enough of a difference to not be infringing?
Gotta love my nokia 8290 w/ voicestream. IR modem to laptop or handheld. doubley wireless;-)
I can dial right into my ISP and voicestream it
doesn't cost anything when it's in my minutes.
Yeah, I have this as well, unfortunately, it can't learn to turn on my tv (philips) and many of the Tivo buttons don't work. Controlling the
computer and lights is a must in my book, which
is why I still use it.
Wouldn't that be too late? Apache logs the request after it is successful. Some request for/path/to/shell/sh?rm+-rf+/ would only need one request, were that a real hole. Your log analysis would detect it, if the log file was even still there.
Instead, your script would have to be a module or proxy that filters all incoming requests. And stops them before the trouble.
You can run thousands of webservers on a single server, single ip address. You use the names. Similarly, this can be extended to other services. (Do a search on/., it was mentioned earlier).
They actually tried very hard to prevent such copieds. It actually seemed like a resonable system at the time.
1. The make you put the cd in your computer before you could listen to the songs 2. You could only 'stream' the music files once they were on your list.
granted, someone did come out with software to capture the streams, but then those files would have to be renamed and tagged. In reality, it's the cd rippers that that contibuted to napster files.
It worked for me when I had a notification for them. Of course, they only sent me back a snide comment saying that it wasn't their problem. After the story broke on wired.com and NYTimes, they finally responded. "We're such fucking idiots" is what the first guy said to me on the phone, wondering why some of his underlings hadn't given more of an effort.
Oh, and it was also a Netscape problem, and they ignored me as well.
Slashdot Mirror
I've also developed some test apps w/ the SDK. It's not as good for free text, but could handle special commands and vocabularies. Things like automating mp3 playing and turning on and off lights would be good for that. You should try it out if that's what you're looking for!
/. needs spell check.
Other sites have put together other BEAM kits that are more expensive. SolarBotics seems to have a lot of stuff listed.
Now I gotta go do some sodering!
not exactly FTP, but it does tranfer files. It tunnels over ssh, and can copy vast directory trees. And for slow connections, it can both compress the data, and only transfer the files and parts of files that are needed (sorta binary diff).
Well, I did say it was interesting, more interesting then most films, but disappointing. The whole part about tracking down what had happened to prot 5 years ago does nothing to help prot get better. The end is just depressing. Except for the rich, well off doc, is finally talking to his son again. Big deal. Why did he stop talking to him in the first place? The doc is just a big self centered jerk, and only crazy people where doing anything useful.
The movie is a cute flick, but it is heavy on the dreamy musical scenes and light on a real story.
It's a complete service. You just check in a kernel patch, and you get an email with the results! It runs all sorts of runs from networking to file system. I'm sure many people will find this very helpful.
Now there is a distributed system that would help out this project. Granted, you need some hardware, but it shouldn't be that expensive. Those computerized Meade telescope like this one, aren't that expensive. Now if they could be centrally controlled and linked, very high resolution images could be rendered? I bet there are already some people set up with this. Any projects started? What are they tracking these days?
In my most recent finds, not made public yet, there are a number of gross privacy bugs in some pretty major websites ( similar to the hotmail problems, but with banking, news and ecommerce sites ).. Well, besides the difficulty in even finding someone in their organization to tell about the problem, once told they ususally do nothing. So, the question I have is what do I do now? Leave your banking site wide open, or make the exploit public to get something done?
Ok, here is the plug for my Alice bot site. It let's you instantly create an alice bot on our website, then, modify the preferences to get it to say things you want. You can also download a client to get it on AIM. You can also talk to the thousands of bots already created..
http://www.webcomics.com/bot/
They did not mention one exploit that was cross site scripting, even though there have been many many advisories from CERT.
Protecting input from being executed on the server side does not help here. It is also not at all limited to cgi applications. In some cases, it's been the web server itself, in others, it's been the app server. It's also not limited to "user input", which many programmers seem to consider to be the form fields. It really any input values that can be passed to program from the external world. paths, id's, options, etc.. Also, a common place where these holes show up is in error messages spit back to users.. Hardly a place where people look for patching.
A year and a half old advisory, and sites still refuse to fix it. http://www.cert.org/advisories/CA-2000-02.html
Some of you will remember the problems with Hotmail relating to cross site scripting. Newsflash, it affects your site too!
Tivo never actually plays live TV. It only plays recordings. Tivo is constanly recording the incoming video stream. The interface that you have is just a playback of recorded programs, including the current "live buffer". However, you can never actually watch live tv, the closest you can get is a ~2 second delay. Everything you see is coming directly off the harddrive... Maybe this is enough of a difference to not be infringing?
Gotta love my nokia 8290 w/ voicestream. IR modem to laptop or handheld. doubley wireless ;-)
I can dial right into my ISP and voicestream it
doesn't cost anything when it's in my minutes.
http://www.djw.org/information/palm8290.html
http://www.djw.org/information/palm8290.html
Yeah, I have this as well, unfortunately, it can't learn to turn on my tv (philips) and many of the Tivo buttons don't work. Controlling the
computer and lights is a must in my book, which
is why I still use it.
I believe you are correct with that analysis. Should it have read:
"there is a 20% chance of MS rewriting IIS by the end of next year"
So I can't use FrontPage on i-hate-racism-and-porn.org?
Those rules of yours would have blocked your own post because it contained "root.exe"... it's not always bad to have that string in your packets.
Instead, your script would have to be a module or proxy that filters all incoming requests. And stops them before the trouble.
You can run thousands of webservers on a single server, single ip address. You use the names. Similarly, this can be extended to other services. (Do a search on /., it was mentioned earlier).
http://www.roche.com/home/investor/inv-finance/
They are pulling in cash hand over fist. Now, why couldn't they negotiate a lower price w/ Brazil so that wouldn't send half their budget to Roche?
1. The make you put the cd in your computer before you could listen to the songs
2. You could only 'stream' the music files once they were on your list.
granted, someone did come out with software to capture the streams, but then those files would have to be renamed and tagged. In reality, it's the cd rippers that that contibuted to napster files.
Oh, and it was also a Netscape problem, and they ignored me as well.