...magnetic cards which included access to restrooms and pretty much every room throughout the building. Few months later it turned out these fucks from HR were tracking employees who would take excessive breaks by going through the usage log checking against the ID.
3-digit passes are a blessing compared to that nightmare."
Ouch, I hope that company did not make it very far. We had those magnetic cards too but I've never heard of anyone getting in trouble based on them unless the card trace placed them near the scene of a theft or something. One time a bunch of cookies and candy and such went missing and so the building security people had to verify who was on the floor and such and investigate... that was a farce.
"if a hacker had administrator rights, wouldn't it already be game over? On the other hand, a 20 gb hack isn't extremely"
Yeah but there are a lot of other holes in windows that allow for priviledge execution. So let's say I use a remote exploit on your machine, gain admin access and then use this Swiss cheese hole to find your administrator password.
Great, now I have your administrator password and you are none the wiser. So even if you apply a patch to fix the remote exploit I used, I still have your admin password.
"Many Unix systems are now moving to MD5 encrypted passwords though, which as I understand it are more secure (how? I dunno... I'm not that up to date on it)."
The String -> MD5 hash is an easy converison, it was designed to work nicely on 32 bit processors
The MD5 -> String reverse-hash is not an easy conversion. So even if you give out the md5sum of your password, getting the actual password from that hash value is not trivial.
That is why it is more secure. Now MD5 is not invulnerable. I have read some reports about more mathematical vulnerabilities in it. Some say that SHA-1 crypto hashing is the only way to do things now adays.
"Interestingly enough one of our offices has bathrooms with a lock on the door that requires a 3 digit code to get in."
The same thing was true at my last job. Of course outsiders would not know that it was a 3 digit passwd. You could enter the digits between 1 and 4 as many times as you wanted.
The reason the bathroom door had a passwd was because the floor used to be an executive floor. The one of the company's executive VPs used to have an office there so everything was 'high security.' (This was at one of the top 10 banks in North America and top 5 in Canada. It was still high security when I worked there because we had access to an enormous amount of confidential information. Everything on the *internal* LAN was SSH. The most sensitive data was not allowed on network segments that were accessible by windows machines.)
"...I find that I watch some commercials. The ones that have "something" that hooks me. Often it's a movie preview, but it can be for anything."
I know what you mean. I don't have a TiVo but I do have a digital video converter I bought specifically for this purpose. I hook up to the satellite set top box through the converter and whenever ads come on, I record them onto my laptop. The shows don't get recorded (unless it's the "Best ads of 2003" or something.) Only the ads. My friends think I'm psychotic because of this.
So now I have a growing collection of TV ads on my hard drive encoded to MPEG-4. Go figure.
"We hate buymusic.com, because it uses evil DRM, is that right? I want to make sure. Cause it seems like itunes.com uses DRM also. I guess it's okay though because that is an Apple thing."
The buymusic DRM is too strong. It uses encrypted windows media 9. Good luck sharing with a few other machines, burning to CD, etc.
The apple DRM is just about right. You can burn the music to a CD in normal standard CD Audio and after that, you have a 100% lossless conversion to a DRM-free format, assuming that you consider the original AAC file to be a 'perfect' copy to begin with.
Just to clarify, by 'laying off the carbs' I was not suggesting that you totally cut off your carbohydrate intake. Just monitor and control it so that you are not eating too much for your level of exercise.
"It wouldn't surprise me if the mice are insane from lack of stimulation. People get the same way when they're cooped up and take up all sorts of repetitive psychotic behaviors. It's a self-protection method for the brain I believe, keeping itself occupied in some endless task rather than concentrating on its continuously uninteresting environment and going crazy."
"Contrary to all the paid ads on tv... just burning calories will take weight off. "
And lay off the carbohydrates too. This might start a flame war (Atkins diet arguments and such.) You should lay of the bread, chips, orange juice, and other things that have a lot of carbs. This stuff gets absorbed by your body and makes you fat. Actual fat is more or less just passing through and makes it into the toilet with your centrum multivitamin.
Cutting back on the carbohydrates and stepping up on the exercise is really what makes the difference.
Now, would anyone with a better understanding of dietary values care to correct me?
"What do you do to stay in shape? Any secrets, acessories?"
Walk to work. Seriously.
I spend about 70 minutes total walking to and from work each day and it makes all the in the world. It's been two months now I have gotten comments from many people about how it seems that I am slimming down.
I always make sure to walk with shoes that properly support my feet (lovely last-year-model Rockports for 1/10th of $retail at an official outlet store) and keep a brisk pace. It works wonders.
"Firewire might be able to pass it (although 270 megabit for uncompressed video seems low, but I'm too lazy to do the math) but what do you have that can record at 270 megabit? You need quite a computer to keep up with that."
That 270 megabit speed is just 33.75 megabytes per second. The latest Seagate SATA 7200 RPM drives are have a sustained write speed of 32 to 58 megabytes per second. See the PDF spec for more information. These drives are not exactly speed demons and most 7200 RPM IDE drives from the last few years will be able to handle that fairly easily.
This is not the stretch you seem to be making it out to be.
"Keep the computers and monitors in goo proof cases, and maintain a supply of disposable keyboards and mice."
I think this idea has merit. Back when I was taking biology, we did this experiment where we had to swab four different things onto agar and observe the bacterial growth. My group did a keyboard from a computer lab as well as a railing, a door handle and a classroom desk surface.
The growth from the keyboard grew faster and had more types of stuff growing than all the others combined. It eventually overran the whole agar plate.
This is why, whenever I start a new job, I alway scrub the keyboard down with soap and water. It's relatively labour intenstive and it takes half an hour or so, but it's worth it. Of course that amount of labour mutiplied by the number of keyboards in a large institution is probably large compared to the cost of having a large supply of replacement keyboards.
Getting a 'cool mist humidifier' (not to be mistaken for a warm mist humidifier) can do the trick assuming it's not very humid in your server room to begin with. Last winter I was living in a place that had very dry air so I got myself a CDN$50 honeywell cool mist humidifier from future shop and it did make the room more humid. It also made my freeze my butt off. My room felt air conditioned when the rest of the house felt like an oven because the landlord had the furnace running all the time.
A danger of this include making the server room too humid so it damanges your equipment. Most humidifiers will allow you to set a target humidity level so keep this a few notches below the tolerances for your gear.
Another danger is that you have to fill them with water. Having devices full of water that can be spilled is not so desireable in your server room.
Lastly, humidifiers are a bit noisy so if you need a quiet server room, this is not for you.
" Very untrue. DVI is uncompressed video. Do you realize what bit rate uncompressed video is flowing at? As far as I know, there aren't really a whole lot of things out there that can record that kind of digital stream at DVD resolutions, not to mention HDTV resolutions. That's why the MPAA loves DVI."
What, 270 megabit? Firewire can handle that. The speed and capacity of everything gets bigger. There was a time the MPAA said movie piracy over the internet would be a non issue since movies were so frickin' big that you would have to wait weeks to transfer even one. Heh.
" What trialware or shareware programs were good enough that you "registered" or paid for them ?
Were you coerced into it by nag screens and lack of functionality, or was it primarily good will and the desire to do the right thing ?"
Here is a list of the ones I have paid for:
UltimateZIP - a winzip cline
Trillian - a mult-IM program
QueryWEB - automate the publishing of MS Access databases to the web
VNC - lovely OSS remote desktop program
Turbo Navigator - Norton Commander-esque dual paned file manager
Interestingly, NONE of these had nag screens and there was no benefit of getting more functionality functionality at the time I paid (i.e. trillian pro was not accounced, UltimateZIP has not added the sponsor screen.) All of those could be just used for FREE forever . But they were useful so I paid.
In contrast, stuff with annoying nag screens was promptly deleted because the nag screens made it useless. The only shareware games I ever bought to get the extra functionality were RedHook's Revenge and One Must Fall 2097. And those only had gentle shareware reminders and you could play the shareware forever if you wanted.
" Wouldn't be easier to just rip a DVD from a DVD-ROM with some software (that's free too). There's less hassle IMHO."
For you and me that would be less hassle than DVI to PVR. But the MPAA does not care about whether you or I can 'pirate' in that manner because we actually know something about technology and will always be able to get around lame anti-piracy methods for fair use. It cares about whether or not it's easy for the average joe to do it. The DVI output makes this possible because all you need to do is connect a DVI cable, audio cable, hit play on the DVD and record on the PVR. Bingo. That's easy enough for a typical person to understand.
The average person is not technically adept enough to mess with ripping, demuxing, etc. even though that is the way I prefer to store my movies on CD-R for mobile enjoyment.
" I just had an idea like this. I thought it would be handy to be able to have a card that went through the credit card systems (i.e, could be used wherever you use a credit card), but wasn't a credit card and wasn't tied to a bank account. It would just be cash. You pay $100 cash and get this "cash credit card" that is worth $100."
A company called Mondex tried to implement something like this. My home town was actually a pilot test area and I was using it for about a year back around 1997 or so. The main cards were attached to a bank account and you can withdraw from ATMs from your bank account. But you could also get auxiluary cards that can only be filled up from other cards (via these little interface devices, properly equipped phones, and 'in the future' over the net) and are not attached to a bank account. There is still a phone with the modex slot on the main computer desk at my home.
The people did not like it because while you were out playing with a little plastic card with a chip, the banks were taking the 'real' money and investing it. Sure, it was perfectly legal to use this money 'twice.' But they desperately tried to hide this fact and convince you that it was the same as cash. It was really the banks' dishonesty that killed it, not the fact that the money was being used twice, and also the fact that it added at least 10s to the transaction for the card to be read and the amount to be processed.
Now I have heard tales of true debit systems being more common throughout Europe. Maybe some actual Europeans can fill me in here. Supposedly there are systems where you just pay a lump sum and you get a debit card that is the same as cash and you can pay for things in a lot of places with it. Can you use these as one-use credit cards as well?
" dont see what the MPAA has to do with DVD players w/ DVI output. Are they just afraid that i'll be watching American Psycho on my new 23" Apple Cinema Display?"
The DVI output gives you a digital version of the 'analogue hole.' The output is not encrypted so it would be really really easy to capture that video onto another device and you've got a perfect CSS and macrovision free copy of the video (but not the audio. You'd have to use a device that snychs the audio output and remuxes it with the video.)
I could see some company making PVRs where you could record from DVI, thus allowing the average joe to copy rented DVDs.
True, although if they had had functioning DNS and DHCP to begin with they it wouldn't have happened. And I do agree with you about running standard MX servers - clealy rogers service is only for casual use.
" Let me clarify: when I tried Rogers a couple of years back (before split from @Home), the actual service was dreadful. The first four days the DHCP servers were down so I couldn't get an IP."
The stories I have heard from my friends that had it back then concur with that. But basically the one time they did get an IP they just recorded it and told the computer that it was a static address. After entering the DNS of the local university, all was good.
"I found huge amounts of latency that increased at every hop. It could have been my neighbourhood."
I hadn't heard any stories like that, but I guess it varied from area to area. It was still fast 4 years ago for my friends when it worked.
"I wouldn't go back to them now because of their AUP: no servers. I pay $4/mo for a static IP (Rogers doesn't offer that at all), and I have freedom to use my connection as I see fit. I host my own domain on it amongst other things."
That's your option. I would do the same as what you did if I actually lived in TO on a permanent basis and had a land line and such. But for my current setup, rogers fits the bill more nicely than something connected to a landline.
The few times that I have run a server, I just kept it on a high port and I never heard anything about it.
"Should happen soon, though - you can already order internet access from cable companies w/o subscribing to their TV services."
The assclowns at Rogers charge you an extra $10 per month to get cable internet without cable TV. This was thoroughly covered by the Royal Canadian Air Farce.
"In my area (Toronto), DSL is much faster than cable. I get 3.5Mbs/800Kbs for about CAD$50. Cable isn't an option as it is only offered one company (Rogers), and it's a horrible one at that."
That DSL is a sweet package, but cable is not quite so 'horrible' as you describe. Rogers cable is 1.5M/256K for $45 and it works just fine. (The intro rate for the first 4 months is $25.) In the short intervals when I lived in Toronto for business purposes (about 7 months) I *never* had a problem with it except ones that were related to my own cable box. (Some assclown tampered with it.) It worked up to the advertised speeds and my bittorrent client was very happy compared to the ultra-lame 28.8 dialup at home. (There is no broadband or even 56K available at home from any provider. Stupid rural areas.)
Clearly rogers cable is less cost effective than your DSL, but I DSL's hidden cost is that you have to pay for a phone line as well. I just rely on my cell and forego the landline. I only needed rogers long enough to scrap it at the end of getting the intro rate and then move out of TO again, but I can say for sure that it was not 'horrible.'
"If the French are working so hard to keep their language pure, why did they deicde to use a word a French-Speaking Canadian came up with?"
Uh, because the guy us a Francophone? It's still French whether it's in Canada or France. Mind you, there are definite differences between Quebec and France French, but they are still the same language.
In QC, Anglophones are a hated minority. Everything is tilted to the advantage of the French. Anglo universities don't get any of the juicy funding that the French ones do and so on. It is illegal to put up a sign where French and English have equal prominence. It must be all French or the English must be smaller.
Btw, there is no Canadian flag in front of the Quebec government buildings;-)
Slashdot Mirror
Ouch, I hope that company did not make it very far. We had those magnetic cards too but I've never heard of anyone getting in trouble based on them unless the card trace placed them near the scene of a theft or something. One time a bunch of cookies and candy and such went missing and so the building security people had to verify who was on the floor and such and investigate ... that was a farce.
Yeah but there are a lot of other holes in windows that allow for priviledge execution. So let's say I use a remote exploit on your machine, gain admin access and then use this Swiss cheese hole to find your administrator password.
Great, now I have your administrator password and you are none the wiser. So even if you apply a patch to fix the remote exploit I used, I still have your admin password.
The String -> MD5 hash is an easy converison, it was designed to work nicely on 32 bit processors
The MD5 -> String reverse-hash is not an easy conversion. So even if you give out the md5sum of your password, getting the actual password from that hash value is not trivial.
That is why it is more secure. Now MD5 is not invulnerable. I have read some reports about more mathematical vulnerabilities in it. Some say that SHA-1 crypto hashing is the only way to do things now adays.
The same thing was true at my last job. Of course outsiders would not know that it was a 3 digit passwd. You could enter the digits between 1 and 4 as many times as you wanted.
The reason the bathroom door had a passwd was because the floor used to be an executive floor. The one of the company's executive VPs used to have an office there so everything was 'high security.' (This was at one of the top 10 banks in North America and top 5 in Canada. It was still high security when I worked there because we had access to an enormous amount of confidential information. Everything on the *internal* LAN was SSH. The most sensitive data was not allowed on network segments that were accessible by windows machines.)
I know what you mean. I don't have a TiVo but I do have a digital video converter I bought specifically for this purpose. I hook up to the satellite set top box through the converter and whenever ads come on, I record them onto my laptop. The shows don't get recorded (unless it's the "Best ads of 2003" or something.) Only the ads. My friends think I'm psychotic because of this.
So now I have a growing collection of TV ads on my hard drive encoded to MPEG-4. Go figure.
The buymusic DRM is too strong. It uses encrypted windows media 9. Good luck sharing with a few other machines, burning to CD, etc.
The apple DRM is just about right. You can burn the music to a CD in normal standard CD Audio and after that, you have a 100% lossless conversion to a DRM-free format, assuming that you consider the original AAC file to be a 'perfect' copy to begin with.
Hypocrisy has nothing to do with it.
Just to clarify, by 'laying off the carbs' I was not suggesting that you totally cut off your carbohydrate intake. Just monitor and control it so that you are not eating too much for your level of exercise.
So that explains why I have over 2500 posts on slashdot ...
And lay off the carbohydrates too. This might start a flame war (Atkins diet arguments and such.) You should lay of the bread, chips, orange juice, and other things that have a lot of carbs. This stuff gets absorbed by your body and makes you fat. Actual fat is more or less just passing through and makes it into the toilet with your centrum multivitamin.
Cutting back on the carbohydrates and stepping up on the exercise is really what makes the difference.
Now, would anyone with a better understanding of dietary values care to correct me?
Walk to work. Seriously.
I spend about 70 minutes total walking to and from work each day and it makes all the in the world. It's been two months now I have gotten comments from many people about how it seems that I am slimming down.
I always make sure to walk with shoes that properly support my feet (lovely last-year-model Rockports for 1/10th of $retail at an official outlet store) and keep a brisk pace. It works wonders.
That 270 megabit speed is just 33.75 megabytes per second. The latest Seagate SATA 7200 RPM drives are have a sustained write speed of 32 to 58 megabytes per second. See the PDF spec for more information. These drives are not exactly speed demons and most 7200 RPM IDE drives from the last few years will be able to handle that fairly easily.
This is not the stretch you seem to be making it out to be.
I think this idea has merit. Back when I was taking biology, we did this experiment where we had to swab four different things onto agar and observe the bacterial growth. My group did a keyboard from a computer lab as well as a railing, a door handle and a classroom desk surface.
The growth from the keyboard grew faster and had more types of stuff growing than all the others combined. It eventually overran the whole agar plate.
This is why, whenever I start a new job, I alway scrub the keyboard down with soap and water. It's relatively labour intenstive and it takes half an hour or so, but it's worth it. Of course that amount of labour mutiplied by the number of keyboards in a large institution is probably large compared to the cost of having a large supply of replacement keyboards.
A danger of this include making the server room too humid so it damanges your equipment. Most humidifiers will allow you to set a target humidity level so keep this a few notches below the tolerances for your gear.
Another danger is that you have to fill them with water. Having devices full of water that can be spilled is not so desireable in your server room.
Lastly, humidifiers are a bit noisy so if you need a quiet server room, this is not for you.
What, 270 megabit? Firewire can handle that. The speed and capacity of everything gets bigger. There was a time the MPAA said movie piracy over the internet would be a non issue since movies were so frickin' big that you would have to wait weeks to transfer even one. Heh.
Here is a list of the ones I have paid for:
UltimateZIP - a winzip cline
Trillian - a mult-IM program
QueryWEB - automate the publishing of MS Access databases to the web
VNC - lovely OSS remote desktop program
Turbo Navigator - Norton Commander-esque dual paned file manager
Interestingly, NONE of these had nag screens and there was no benefit of getting more functionality functionality at the time I paid (i.e. trillian pro was not accounced, UltimateZIP has not added the sponsor screen.) All of those could be just used for FREE forever . But they were useful so I paid.
In contrast, stuff with annoying nag screens was promptly deleted because the nag screens made it useless. The only shareware games I ever bought to get the extra functionality were RedHook's Revenge and One Must Fall 2097. And those only had gentle shareware reminders and you could play the shareware forever if you wanted.
For you and me that would be less hassle than DVI to PVR. But the MPAA does not care about whether you or I can 'pirate' in that manner because we actually know something about technology and will always be able to get around lame anti-piracy methods for fair use. It cares about whether or not it's easy for the average joe to do it. The DVI output makes this possible because all you need to do is connect a DVI cable, audio cable, hit play on the DVD and record on the PVR. Bingo. That's easy enough for a typical person to understand.
The average person is not technically adept enough to mess with ripping, demuxing, etc. even though that is the way I prefer to store my movies on CD-R for mobile enjoyment.
A company called Mondex tried to implement something like this. My home town was actually a pilot test area and I was using it for about a year back around 1997 or so. The main cards were attached to a bank account and you can withdraw from ATMs from your bank account. But you could also get auxiluary cards that can only be filled up from other cards (via these little interface devices, properly equipped phones, and 'in the future' over the net) and are not attached to a bank account. There is still a phone with the modex slot on the main computer desk at my home.
The people did not like it because while you were out playing with a little plastic card with a chip, the banks were taking the 'real' money and investing it. Sure, it was perfectly legal to use this money 'twice.' But they desperately tried to hide this fact and convince you that it was the same as cash. It was really the banks' dishonesty that killed it, not the fact that the money was being used twice, and also the fact that it added at least 10s to the transaction for the card to be read and the amount to be processed.
Now I have heard tales of true debit systems being more common throughout Europe. Maybe some actual Europeans can fill me in here. Supposedly there are systems where you just pay a lump sum and you get a debit card that is the same as cash and you can pay for things in a lot of places with it. Can you use these as one-use credit cards as well?
The DVI output gives you a digital version of the 'analogue hole.' The output is not encrypted so it would be really really easy to capture that video onto another device and you've got a perfect CSS and macrovision free copy of the video (but not the audio. You'd have to use a device that snychs the audio output and remuxes it with the video.)
I could see some company making PVRs where you could record from DVI, thus allowing the average joe to copy rented DVDs.
True, although if they had had functioning DNS and DHCP to begin with they it wouldn't have happened. And I do agree with you about running standard MX servers - clealy rogers service is only for casual use.
The stories I have heard from my friends that had it back then concur with that. But basically the one time they did get an IP they just recorded it and told the computer that it was a static address. After entering the DNS of the local university, all was good.
"I found huge amounts of latency that increased at every hop. It could have been my neighbourhood."
I hadn't heard any stories like that, but I guess it varied from area to area. It was still fast 4 years ago for my friends when it worked.
"I wouldn't go back to them now because of their AUP: no servers. I pay $4/mo for a static IP (Rogers doesn't offer that at all), and I have freedom to use my connection as I see fit. I host my own domain on it amongst other things."
That's your option. I would do the same as what you did if I actually lived in TO on a permanent basis and had a land line and such. But for my current setup, rogers fits the bill more nicely than something connected to a landline.
The few times that I have run a server, I just kept it on a high port and I never heard anything about it.
This would be unlikely because the federal government would lose the 7% GST (goods and service tax) they make when someone buys a windows license.
The assclowns at Rogers charge you an extra $10 per month to get cable internet without cable TV. This was thoroughly covered by the Royal Canadian Air Farce.
USA != America
That DSL is a sweet package, but cable is not quite so 'horrible' as you describe. Rogers cable is 1.5M/256K for $45 and it works just fine. (The intro rate for the first 4 months is $25.) In the short intervals when I lived in Toronto for business purposes (about 7 months) I *never* had a problem with it except ones that were related to my own cable box. (Some assclown tampered with it.) It worked up to the advertised speeds and my bittorrent client was very happy compared to the ultra-lame 28.8 dialup at home. (There is no broadband or even 56K available at home from any provider. Stupid rural areas.)
Clearly rogers cable is less cost effective than your DSL, but I DSL's hidden cost is that you have to pay for a phone line as well. I just rely on my cell and forego the landline. I only needed rogers long enough to scrap it at the end of getting the intro rate and then move out of TO again, but I can say for sure that it was not 'horrible.'
Uh, because the guy us a Francophone? It's still French whether it's in Canada or France. Mind you, there are definite differences between Quebec and France French, but they are still the same language.
In QC, Anglophones are a hated minority. Everything is tilted to the advantage of the French. Anglo universities don't get any of the juicy funding that the French ones do and so on. It is illegal to put up a sign where French and English have equal prominence. It must be all French or the English must be smaller.
Btw, there is no Canadian flag in front of the Quebec government buildings ;-)