Several influential directors took surprisingly public potshots at the color boom during the recent broadcaster's dinner... Behind the scenes filmmakers have begun to resist production executives eager for color sales. For reasons both aesthetic and practical, some directors often do not want to convert a film to color or go to the trouble and expense of shooting with color cameras, which are still relatively untested on big movies with complex stunts and locations. Tickets for color films carry a $0.05 to $0.10 premium, and industry executives roughly estimate that color pictures average an extra 20 percent at the box office. Filmmakers like Mr. Niblo argue that color technology does little to enhance a cinematic story, while adding a lot of bother.
You live somewhere where the neighbor's power and gas lines go through YOUR yard?
Actually, yes. Well, not power and gas (they run under the streets and to the house through the front yard). There is a large plastic lump in the backyard that apparently provides cable service for all of the houses around mine. The cable person shows up every now and then asking me if I know where it is since I let the shrubbery cover it up. Theres also a tall metal cannister-looking thing back there too that apparently does the same for my neighbors' telephones. I nearly cut through a wire running diagonally from it to another house while burying a cat. The wire was only about 3 inches deep. I hit it with the shovel but only nicked through the outer insulation so I wrapped it in electrical tape and reburied it with the cat. Phone company didn't show up to chew me out so I guess the tape held.
But guess what, the internet has the exact same peering agreements.
Just like the phone companies, the ISPs are crying about the contracts they signed. I pay ISP A for internet access, Amazon pays ISP B for internet access, and ISP A and B have an agreement to pay each other for the traffic they send either way (possibly with ISP C, D, and E somewhere in the middle). Now, ISP A whines that they're not getting enough money. Rather than charging me more, or charging ISP B more, they're claiming that they deserve to be able to charge Amazon for "using their network" despite their existing peering contract. They figure that if they just train their tech support to pretend that the problem is at the other end, they can extort Amazon into agreeing by simply dropping their traffic or redirecting it to a site that will pay. Same goes for other companies: voice over IP or IPTV that competes with their services or that they just don't want to pay their peers for? They'll drop that too, or just mess with it enough that its unusable. Sandvine and Comcast proves this is not a hypothetical. The fact that they were eventually caught just means they'll try harder next time.
Just like every other permanent construction in a municipality, you gotta have your permits and licenses and everything else in order.
It just goes with the modern view of freedom and property rights in America: my right to the value of my house trumps everyone else's right to do what they please with their property. If everyone in my neighborhood had a better swimming pool than me, my home's value would suffer. That's why we have homeowner associations, zoning laws and so on.
a 5mph roll-through is equally illegal as a 30mph drive-through
My mother got a ticket because according to the cop that stopped her, a 1 second stop (complete with car settling on its springs, ie really really stopped you're a liar if you claimed otherwise) is equally illegal as a 30mph drive-through and she's supposed to sit there with no oncoming traffic for at least 5 seconds.
Funny how the "slippery slope" extends both ways from 0mph.
If the light is red and you drive past it, how can you in any way claim to be innocent?
Do the cameras actually show the light in the picture? Are the cameras positioned so you can actually tell if the vehicle is over the line or not?
If the camera doesn't show that the light is red, how do you know that the light isn't malfunctioning and taking the picture while yellow or green? If you can't see whether you're over the line or not, how do you know that you actually ran it?
I drive through several of these things every evening on my way home. I've never seen one flash while the light is green or yellow, but I get flashed by them all the time while I'm coming to stop at a red light (I've seen them go off in the middle of a red light when nobody's even moving). I guess someone must review the picture to make sure the car photographed is actually in the intersection because I've never gotten a ticket.
Got a video on the government website you like? Well, kiss it goodbye, because the odds are that said government agency can't afford to close caption it (close captioning isn't cheap).
Good riddance! If I wanted to sit around for 15 minutes listening to someone drone on and on about something I could have read in 10, I'd watch the damn news and sit through all the commercials to find out what could be lurking in my fridge waiting to kill me!!1!
As others pointed out, transcripts are acceptable, and as a fully-non-disabled person, greatly appreciated.
I tried to teach my cat to fetch one of those crinkly foil balls. About half the time I can throw the ball and she'll chase it down and bring it back for me to throw again. The other half she chases it down, bats it around, then comes back and waits for me to go get it and throw it again. I'm not sure who's winnning here.
I tried, but when I dialed your number I got a message saying that your BBS was not on Time Warner's approved data connection list, and I was forced to dial in to AOL.
If the two events were to be truly compared, then the First Amendment should have made anyone with a printing press unable to refuse to print and distribute whatever someone else wants based on content, and that includes the major newspapers of the time - the First Amendment did no such thing, but network neutrality will do if it were to be implemented as trumpeted on Slashdot.
LOL you think the ISP publishes anything (well, I suppose if they own/are owned by a TV network...)?
A better comparison would be if I printed up the paper and gave it to the paper boy (AT&T) to distribute, and when my customers picked up my paper, it had advertisements pasted all over the articles, or the headline that offended the paperboy is cut off, or mutilated in any number of different ways for different reasons.
Back then, the paperboy would have been arrested for damaging the goods. Now, the ISPs say "whoops my bad!" and upgrade Sandvine to a version that's harder to detect.
It goes a little bit beyond that. Entirely automatic autofill is usually tied to a specific site, everything else is autocomplete. In this case, the attack is to create an input named "name" and insert the letter A in there. If the victim's name starts A, Safari goes beyond the usual dropdown of options that other browsers use for autocomplete and inserts the whole name directly in the field. If it doesn't, then the attack javascript erases the A and writes B, and so on.
It's not a webkit bug. Chrome will show the autocomplete dropdown (the "name" box will show everything you ever put into an input named "name") but won't fill in the input field so the javascript can't see anything (but if you click on an option in the dropdown fast enough, the script will see that)
While doing this, I discovered that Chrome's autocomplete dropdown has an interesting glitch: if you switch tabs away from the script while it's running, the dropdown will appear on top of everything else in some random location (in my case, chrome runs on display 2, and the dropdown appeared on display 1). I guess they didn't expect that an input field could open a dropdown while that tab is not visible.
Of course none of us want to be the innocent guy in jail for a murder he didn't commit, but also of course, none of us want to be the victim of the thousand serial murderers you let free.
You'd rather be the victim of the one serial murderer you let free when you imprisoned the innocent guy for his crimes?
The concept is about more than just the one innocent person. That innocent person usually (except in the case of corrupt cops making up false charges) represents a guilty person getting away with it. These days it takes some serious fighting to reopen a case where someone was wrongly convicted. How many other boys suffered because this guy looked scary? (Answer: "at least three" according to the sidebar here.)
The sad fact is that while we pretend to claim "innocent until proven guilty", it remains the defense's job to prove the defendant innocent. The prosecutor can cherry pick whatever evidence he pleases to present to the court, and until recently didn't even have to reveal to the defense that they have evidence showing that the defendant is innocent (and now that they are supposed to, how do you enforce that?)
The javascript is in a file attached to the email. I've got dozens of them in my spam folder. Here's the entire content of one: Subject: Delivery Status Notification (Failure) From: Mail Delivery Subsystem [mailer-daemon@my domain]
Note: Forwarded message is attached.
This is an automatically generated Delivery Status Notification
THIS IS A WARNING MESSAGE ONLY.
Delivery to the following recipient has been delayed:
myself@my domain
Message will be retried for 2 more day(s)
Attached is "Forwarded Message.html", which has the obfuscated javascript in it.
It's pretty obvious, most of these claim I tried to email myself and it bounced. There's a second variant that uses a random "recipient" address, and an attachment named "Delivery Status Notification (Failure).html"
This is a BUG in Gmail's code, not the user's fault
LOL no. I've been getting these spams for a week or so now. It looks like the usual undeliverable mail message, "see attachment for details", but instead of the attachment being an email message it's an HTML file. So the user clicks on Returned Mail.html and goes wherever the javascript takes them.
For this game, it's not a UT engine game anymore, it was ported to Source.
Aside from that, the Unreal Engines have a free development kit that's free for free games. It doesn't have everything their commerical game engine license gets (no engine source code and nobody's going to answer you if you call them at 3 in the morning the day before release).
If you do almost any sort of reasonable hashing or encryption algorthm on a password, this becomes a moot point,
You risk making the problem WORSE, especially if you compare the ASCII (hexadecimal) representation of your hashes. If I know what hash algorithm you use, I can produce a rainbow table, and attempt to log in 16 times to determine the first hexadecimal character of the hash, 16 more times to determine the second and so on. For md5 (128 bits, 32 nibbles) it would take 512 (16*32) login attempts to find a password from my rainbow table that hashes to the same thing your account did.
If you have a basic (A-Za-z0-9) plaintext password that's at least 9 letters long, it's "stronger" (62*9=558 attempts), and that's without punctuation.
It's true that bytewise comparison of a 128bit hash would take 4096 attempts (256*16) but if you're not going to block me after 100 failed logins, it's unlikely that you're going to stop me after 4000, either.
The answer is either random delay or not short-circuiting test logic anywhere in a login routine. Blocking login attempts after N failures is another good idea.
One that will always loop through the longest string (would need to figure out something to compare it to once past the end of the short string), even after it has decided they're not equal.
Slashdot Mirror
Just imagine if way back when, people were saying
You live somewhere where the neighbor's power and gas lines go through YOUR yard?
Actually, yes. Well, not power and gas (they run under the streets and to the house through the front yard). There is a large plastic lump in the backyard that apparently provides cable service for all of the houses around mine. The cable person shows up every now and then asking me if I know where it is since I let the shrubbery cover it up. Theres also a tall metal cannister-looking thing back there too that apparently does the same for my neighbors' telephones. I nearly cut through a wire running diagonally from it to another house while burying a cat. The wire was only about 3 inches deep. I hit it with the shovel but only nicked through the outer insulation so I wrapped it in electrical tape and reburied it with the cat. Phone company didn't show up to chew me out so I guess the tape held.
And guess what? They all do that, they all have peering arrangements with each other for call completion.
Hilariously, Google Voice has already been caught blocking calls to certain rural call centers because they discovered they didn't like the exchange contracts anymore. The rest of the major Telcos are whining to mama government to get the rural exchanges to stop. http://www.pcworld.com/businesscenter/article/189820/rural_carrier_traffic_pumping_isnt_easy_issue.html
But guess what, the internet has the exact same peering agreements.
Just like the phone companies, the ISPs are crying about the contracts they signed. I pay ISP A for internet access, Amazon pays ISP B for internet access, and ISP A and B have an agreement to pay each other for the traffic they send either way (possibly with ISP C, D, and E somewhere in the middle). Now, ISP A whines that they're not getting enough money. Rather than charging me more, or charging ISP B more, they're claiming that they deserve to be able to charge Amazon for "using their network" despite their existing peering contract. They figure that if they just train their tech support to pretend that the problem is at the other end, they can extort Amazon into agreeing by simply dropping their traffic or redirecting it to a site that will pay. Same goes for other companies: voice over IP or IPTV that competes with their services or that they just don't want to pay their peers for? They'll drop that too, or just mess with it enough that its unusable. Sandvine and Comcast proves this is not a hypothetical. The fact that they were eventually caught just means they'll try harder next time.
Just like every other permanent construction in a municipality, you gotta have your permits and licenses and everything else in order.
It just goes with the modern view of freedom and property rights in America: my right to the value of my house trumps everyone else's right to do what they please with their property. If everyone in my neighborhood had a better swimming pool than me, my home's value would suffer. That's why we have homeowner associations, zoning laws and so on.
Or where the government is too cheap to paint white lines more frequently than once a century.
If the pay was too low they would find other jobs
Those who can, get six figure jobs doing. Those who can't, teach.
And most importantly, North Korea only sinks ships every now and then, there are no daily RPG attacks on our bases and trucks.
a 5mph roll-through is equally illegal as a 30mph drive-through
My mother got a ticket because according to the cop that stopped her, a 1 second stop (complete with car settling on its springs, ie really really stopped you're a liar if you claimed otherwise) is equally illegal as a 30mph drive-through and she's supposed to sit there with no oncoming traffic for at least 5 seconds.
Funny how the "slippery slope" extends both ways from 0mph.
If the light is red and you drive past it, how can you in any way claim to be innocent?
Do the cameras actually show the light in the picture? Are the cameras positioned so you can actually tell if the vehicle is over the line or not?
If the camera doesn't show that the light is red, how do you know that the light isn't malfunctioning and taking the picture while yellow or green?
If you can't see whether you're over the line or not, how do you know that you actually ran it?
I drive through several of these things every evening on my way home. I've never seen one flash while the light is green or yellow, but I get flashed by them all the time while I'm coming to stop at a red light (I've seen them go off in the middle of a red light when nobody's even moving). I guess someone must review the picture to make sure the car photographed is actually in the intersection because I've never gotten a ticket.
Got a video on the government website you like? Well, kiss it goodbye, because the odds are that said government agency can't afford to close caption it (close captioning isn't cheap).
Good riddance! If I wanted to sit around for 15 minutes listening to someone drone on and on about something I could have read in 10, I'd watch the damn news and sit through all the commercials to find out what could be lurking in my fridge waiting to kill me!!1!
As others pointed out, transcripts are acceptable, and as a fully-non-disabled person, greatly appreciated.
Except without the spinning gifs and animated backgrounds and lame MIDI loops?
SOLD!
I tried to teach my cat to fetch one of those crinkly foil balls. About half the time I can throw the ball and she'll chase it down and bring it back for me to throw again. The other half she chases it down, bats it around, then comes back and waits for me to go get it and throw it again. I'm not sure who's winnning here.
I tried, but when I dialed your number I got a message saying that your BBS was not on Time Warner's approved data connection list, and I was forced to dial in to AOL.
If the two events were to be truly compared, then the First Amendment should have made anyone with a printing press unable to refuse to print and distribute whatever someone else wants based on content, and that includes the major newspapers of the time - the First Amendment did no such thing, but network neutrality will do if it were to be implemented as trumpeted on Slashdot.
LOL you think the ISP publishes anything (well, I suppose if they own/are owned by a TV network...)?
A better comparison would be if I printed up the paper and gave it to the paper boy (AT&T) to distribute, and when my customers picked up my paper, it had advertisements pasted all over the articles, or the headline that offended the paperboy is cut off, or mutilated in any number of different ways for different reasons.
Back then, the paperboy would have been arrested for damaging the goods. Now, the ISPs say "whoops my bad!" and upgrade Sandvine to a version that's harder to detect.
It goes a little bit beyond that. Entirely automatic autofill is usually tied to a specific site, everything else is autocomplete. In this case, the attack is to create an input named "name" and insert the letter A in there. If the victim's name starts A, Safari goes beyond the usual dropdown of options that other browsers use for autocomplete and inserts the whole name directly in the field. If it doesn't, then the attack javascript erases the A and writes B, and so on.
It's not a webkit bug. Chrome will show the autocomplete dropdown (the "name" box will show everything you ever put into an input named "name") but won't fill in the input field so the javascript can't see anything (but if you click on an option in the dropdown fast enough, the script will see that)
While doing this, I discovered that Chrome's autocomplete dropdown has an interesting glitch: if you switch tabs away from the script while it's running, the dropdown will appear on top of everything else in some random location (in my case, chrome runs on display 2, and the dropdown appeared on display 1). I guess they didn't expect that an input field could open a dropdown while that tab is not visible.
Of course none of us want to be the innocent guy in jail for a murder he didn't commit, but also of course, none of us want to be the victim of the thousand serial murderers you let free.
You'd rather be the victim of the one serial murderer you let free when you imprisoned the innocent guy for his crimes?
The concept is about more than just the one innocent person. That innocent person usually (except in the case of corrupt cops making up false charges) represents a guilty person getting away with it. These days it takes some serious fighting to reopen a case where someone was wrongly convicted. How many other boys suffered because this guy looked scary? (Answer: "at least three" according to the sidebar here.)
The sad fact is that while we pretend to claim "innocent until proven guilty", it remains the defense's job to prove the defendant innocent. The prosecutor can cherry pick whatever evidence he pleases to present to the court, and until recently didn't even have to reveal to the defense that they have evidence showing that the defendant is innocent (and now that they are supposed to, how do you enforce that?)
The javascript is in a file attached to the email. I've got dozens of them in my spam folder. Here's the entire content of one:
Subject: Delivery Status Notification (Failure)
From: Mail Delivery Subsystem [mailer-daemon@my domain]
Note: Forwarded message is attached.
This is an automatically generated Delivery Status Notification
THIS IS A WARNING MESSAGE ONLY.
Delivery to the following recipient has been delayed:
myself@my domain
Message will be retried for 2 more day(s)
Attached is "Forwarded Message.html", which has the obfuscated javascript in it.
It's pretty obvious, most of these claim I tried to email myself and it bounced. There's a second variant that uses a random "recipient" address, and an attachment named "Delivery Status Notification (Failure).html"
This is a BUG in Gmail's code, not the user's fault
LOL no. I've been getting these spams for a week or so now. It looks like the usual undeliverable mail message, "see attachment for details", but instead of the attachment being an email message it's an HTML file. So the user clicks on Returned Mail.html and goes wherever the javascript takes them.
For this game, it's not a UT engine game anymore, it was ported to Source.
Aside from that, the Unreal Engines have a free development kit that's free for free games. It doesn't have everything their commerical game engine license gets (no engine source code and nobody's going to answer you if you call them at 3 in the morning the day before release).
See http://www.udk.com/
could not find their way around these patents for two decades
Sure, there was a way around the patents: be incompatible with TrueType.
That's how PNG was invented to work around the patents on GIF.
Only if you didn't file a flight plan for the missile at least one week in advance *ducks*
If you do almost any sort of reasonable hashing or encryption algorthm on a password, this becomes a moot point,
You risk making the problem WORSE, especially if you compare the ASCII (hexadecimal) representation of your hashes. If I know what hash algorithm you use, I can produce a rainbow table, and attempt to log in 16 times to determine the first hexadecimal character of the hash, 16 more times to determine the second and so on. For md5 (128 bits, 32 nibbles) it would take 512 (16*32) login attempts to find a password from my rainbow table that hashes to the same thing your account did.
If you have a basic (A-Za-z0-9) plaintext password that's at least 9 letters long, it's "stronger" (62*9=558 attempts), and that's without punctuation.
It's true that bytewise comparison of a 128bit hash would take 4096 attempts (256*16) but if you're not going to block me after 100 failed logins, it's unlikely that you're going to stop me after 4000, either.
The answer is either random delay or not short-circuiting test logic anywhere in a login routine. Blocking login attempts after N failures is another good idea.
One that will always loop through the longest string (would need to figure out something to compare it to once past the end of the short string), even after it has decided they're not equal.
After working 6 years in a TV station, I can tell a real story
Apparently working 6 years in a TV station doesn't qualify you to do jack: http://www.news9.com/Global/story.asp?S=12793977
(Undoing all my mods because someone is wrong on the internet, and being a huge asshole about it)
You get bonus points if the DLC is awesome .