At a place I use to work, we had a guy who used a Model M APL keyboard. Since he could code anyone else in the company under the table (while asleep, drunk, and with one hand tied behind his back), no-one minded.
I still have two NOS Model M's in their original boxes in a cupboard in case my current Model M dies...
Hopefully you didn't use them in a shared office space or, if you did, have now moved on to products more suited to collaborative environments!
Not only do I use a Model M, but my PC is set up to play sound from a Smith-Corona Super 5 when I hit a key. When I'm working, everyone in the office knows about it.
Tandems are amazing. Ages ago I was working at a company that had a CLX, which even then was about 15 years old. The building was hit by a series of power glitches that, at best, rebooted the standard PCs and servers, and at worst permanently killed the hardware. The owner took me next door to the CLX, which had a series of entries on the console: "Power lost / Power restored". That was all.
Asking the question in the OP without further qualification (a) makes it pretty much impossible to answer properly because definitions of "computer" and "uptime" vary a lot, and (b) opens you up to pissing contests from companies still using refrigerator-sized ladder logic controllers from the 1960s (50 years continuous operation and still going strong). Speaking of those, I've seen 1930s relay ladder logic controllers for elevators that are still working just fine, alongside their mercury vapour rectifiers.
Clearly you haven't worked for the Government. My favorite was the mainframes built in the '60's that we were trying to retrofit into more modern day laptops using an emulator card.
The mainframes couldn't be emulated in software?
Uhhh... assuming that that's Poe's Law in effect rather than intended as a joke, that makes about as much sense as asking whether an A10 can be emulated using a Learjet with a cannon strapped to it.
Isn't Open Solaries dead after Oracle turned it back into Solaris "Express" (whatever that's supposed to mean)? With illumos you still get the cool stuff like containers and dtrace, but without the Oracle crapification.
.. while it's been slowly going down the tubes at a far higher rate than 1%. On a recent trip to New Zealand I was shocked to see that the banks were offering a cash rate of 1:1 from AUD to NZD. I mean, it used to be close to 1:1 with the USD, and now it's 1:1 with the NZD. I guess the government's next major goal is to make it 1:1 with the RMB.
If you want something done right, you do it yourself.
Exactly, that way you know your medical procedure will work out. I once performed an appendectomy on myself with a rusty sardine can. Another time I was caught short without instrument one and removed a uterine tumor with my teeth. But that was in the Upper Effendi.. in any case DIY medicine is perfectly practical, you just need to remember to wash the suction cup by swishing it around in the toilet-bowl before you use it for heart massage.
We also discuss the potential impact of our attack on several published schemes. Quite surprisingly, for subtle reasons, the schemes we study happen to be immune to our attack.
In other words the paper says "Here is a devastating attack in paired hash functions that happens not to work on real-world uses of paired hash functions". In fact RIPEMD-160, the longest-lived unbroken hash function, gets its security precisely from being a cascaded hash (and is be immune to the attack described in the paper).
hashsha1(data) . hashmd5(data) could possibly be better, but what your suggesting sounds worse to me.
That's exactly what SSLv3 did. The TLS folks then decided they could drop the dual hash because, you know, SHA-1 is so good that we don't need the extra safety level. It's one of the rare cases when the crypto in protocol version n+1 is actually weaker than in version n.
I'm sure they're having a lot of fun wanking around with these pointless projects. It must be a great way to distract yourself from the ~24,000 open bugs still waiting to be fixed in Firefox.
Most SSL/TLS clients do not check for a relevant CRL.
And that's the important point in this case, revocation doesn't work so why bother? Other CAs go through the pretense (well, if enough pressure is put on them, typically via public shaming, mostly they ignore misuse of certs), while Lets Encrypt has made a sensible policy decision not to bother.
A more amusing issue is the current discussion on one of the Mozilla lists about what to do about Kazakhstan's request to get their MITM CA cert included in the browser's list of trusted CAs.
This is a story about China, the cows there say å"z. å"z, å"z, å"z say the Chinese cows.
(Fscking Slashspot's non-Unicode brokenness, when this story appears on Soylent News I'll repost this comment there so the proper character gets displayed. In fact why is anyone still reading this site and not Soylent?)
a few odd boxes of granola bars to work in some health food
Have you looked at the ingredient list for most of the granola that's out there? If it wasn't for the established practice of calling it "granola", it'd have to be sold as candy.
It's a good thing we don't have Czechs or Serbians working in the labs that discover these, otherwise we'd now have to figure out how to pronounce Srjnfldvpstvium, Crztlmftszprtium, Fzrtshjnmium, and Strcknstfrtztlium.
What really surprises me is that this is the first Firefox headline in I-don't-know-how-long that doesn't boil down to "Mozilla announces yet another way they're going to fuck up what used to be a leading web browser".
Slashdot Mirror
"I want my tulip bulbs back! Waah! Waah!".
At a place I use to work, we had a guy who used a Model M APL keyboard. Since he could code anyone else in the company under the table (while asleep, drunk, and with one hand tied behind his back), no-one minded.
I still have two NOS Model M's in their original boxes in a cupboard in case my current Model M dies...
Hopefully you didn't use them in a shared office space or, if you did, have now moved on to products more suited to collaborative environments!
Not only do I use a Model M, but my PC is set up to play sound from a Smith-Corona Super 5 when I hit a key. When I'm working, everyone in the office knows about it.
Tandems are amazing. Ages ago I was working at a company that had a CLX, which even then was about 15 years old. The building was hit by a series of power glitches that, at best, rebooted the standard PCs and servers, and at worst permanently killed the hardware. The owner took me next door to the CLX, which had a series of entries on the console: "Power lost / Power restored". That was all.
Asking the question in the OP without further qualification (a) makes it pretty much impossible to answer properly because definitions of "computer" and "uptime" vary a lot, and (b) opens you up to pissing contests from companies still using refrigerator-sized ladder logic controllers from the 1960s (50 years continuous operation and still going strong). Speaking of those, I've seen 1930s relay ladder logic controllers for elevators that are still working just fine, alongside their mercury vapour rectifiers.
Clearly you haven't worked for the Government. My favorite was the mainframes built in the '60's that we were trying to retrofit into more modern day laptops using an emulator card.
The mainframes couldn't be emulated in software?
Uhhh... assuming that that's Poe's Law in effect rather than intended as a joke, that makes about as much sense as asking whether an A10 can be emulated using a Learjet with a cannon strapped to it.
You don't need Galaxy Quest when you've got Traumschiff Surprise. Insalata mista, baby!
Isn't Open Solaries dead after Oracle turned it back into Solaris "Express" (whatever that's supposed to mean)? With illumos you still get the cool stuff like containers and dtrace, but without the Oracle crapification.
.. while it's been slowly going down the tubes at a far higher rate than 1%. On a recent trip to New Zealand I was shocked to see that the banks were offering a cash rate of 1:1 from AUD to NZD. I mean, it used to be close to 1:1 with the USD, and now it's 1:1 with the NZD. I guess the government's next major goal is to make it 1:1 with the RMB.
If you want something done right, you do it yourself.
Exactly, that way you know your medical procedure will work out. I once performed an appendectomy on myself with a rusty sardine can. Another time I was caught short without instrument one and removed a uterine tumor with my teeth. But that was in the Upper Effendi.. in any case DIY medicine is perfectly practical, you just need to remember to wash the suction cup by swishing it around in the toilet-bowl before you use it for heart massage.
I'm a Doctor Jim, not some e-paper pushing records clerk!
Exactly. You're not in Guatemala now.
Except that you'll be forced to upgrade to Win10 by increasingly aggressive MS malware long before then...
You seem to have missed the bit that says:
We also discuss the potential impact of our attack on several published schemes. Quite surprisingly, for subtle reasons, the schemes we study happen to be immune to our attack.
In other words the paper says "Here is a devastating attack in paired hash functions that happens not to work on real-world uses of paired hash functions". In fact RIPEMD-160, the longest-lived unbroken hash function, gets its security precisely from being a cascaded hash (and is be immune to the attack described in the paper).
hashsha1(data) . hashmd5(data) could possibly be better, but what your suggesting sounds worse to me.
That's exactly what SSLv3 did. The TLS folks then decided they could drop the dual hash because, you know, SHA-1 is so good that we don't need the extra safety level. It's one of the rare cases when the crypto in protocol version n+1 is actually weaker than in version n.
Firefox OS needs to go. Rust needs to go. Servo needs to go.
You forgot the main one: Asa Dotzler needs to go.
I'm sure they're having a lot of fun wanking around with these pointless projects. It must be a great way to distract yourself from the ~24,000 open bugs still waiting to be fixed in Firefox.
Most SSL/TLS clients do not check for a relevant CRL.
And that's the important point in this case, revocation doesn't work so why bother? Other CAs go through the pretense (well, if enough pressure is put on them, typically via public shaming, mostly they ignore misuse of certs), while Lets Encrypt has made a sensible policy decision not to bother.
A more amusing issue is the current discussion on one of the Mozilla lists about what to do about Kazakhstan's request to get their MITM CA cert included in the browser's list of trusted CAs.
Maybe ISIS could give them medals, they're running a great recruitment campaign for them.
This is Windows Spyware Edition we're talking about, the suffix should be _Unclean_.
You are all Cows. Cows say Mooo.
This is a story about China, the cows there say å"z. å"z, å"z, å"z say the Chinese cows.
(Fscking Slashspot's non-Unicode brokenness, when this story appears on Soylent News I'll repost this comment there so the proper character gets displayed. In fact why is anyone still reading this site and not Soylent?)
I just upgraded to AC you bastards
What were you on before that, 12V batteries?
a few odd boxes of granola bars to work in some health food
Have you looked at the ingredient list for most of the granola that's out there? If it wasn't for the established practice of calling it "granola", it'd have to be sold as candy.
It's a good thing we don't have Czechs or Serbians working in the labs that discover these, otherwise we'd now have to figure out how to pronounce Srjnfldvpstvium, Crztlmftszprtium, Fzrtshjnmium, and Strcknstfrtztlium.
What really surprises me is that this is the first Firefox headline in I-don't-know-how-long that doesn't boil down to "Mozilla announces yet another way they're going to fuck up what used to be a leading web browser".
Next question Mr.Betteridge.
Windows 10 is free, like syphilis.