While they are long and relatively uncommon words, both lamentation and lachrymation are behaviors I'd expect a small child to be quite familiar with if not highly experienced at, and not anything to be embarrassed about discussing in front of them.
However, perhaps I missed the intent of your post. As you suggest, the adults using the words likely don't understand them; whether they are more embarrassed by that fact or some imagined scandalous meaning is an interesting question.
That is just DRM with a different face, and equally broken. Besides, just compact the JS and it's probably "good enough". If a bank is relying on that kind of excuse for security, it just means it'll take 3 hours instead of 2 for someone to hack them senseless.
More fundamentally, I don't think you *can* effectively firewall against boneheaded moves by people in places of trust such as the aforementioned bank developer.
In the long run for this application it may as well run at 10 Hz. It wakes up and runs a few thousand cycles every ten minutes or so, and spends the rest of its time halted.
Is there something that happens at 0F? Ice and salt at 1 atm will stabilize at 0 degrees Fahrenheit; the zero point was originally defined in terms of ice and ammonium chloride.
Zittrain clearly shows how clueless he is by lumping Libertarians and Anarchists together, in his contrived "graph". In fact, Libertarian principles support the very kind of self-governance that Zittrain espouses... without the "central authority".
Perhaps this is because with his two variables it is difficult to separate the two. Whether the legitimacy of authority derives top-down or bottom-up, or whether it is inclusive or exclusive of multiple roots, is rather orthogonal to what John Adams so aptly called "a government of laws and not of men".
I have never seen an audience so under-whelmed and outright scared. They just could not deal with the notion that Netscape was proposing that the OS was irrelevant. "But... but... where's my Windows desktop?".
Oh, just like StarOffice was when Sun first got hold of it, and like Office 2007 is today, and like any number of vertical suites are. It's dreadfully common, and tends to irritate the hell out of anyone trying to get real work done. I call them "Pinky and the Brain" applications. Their mission: take over the world, one desktop at a time.
PKI doesn't even solve the right problem a good chunk of the time. How many sites have a link on a non-secured page that refers to some third party order processing firm? A man-in-the-middle can tweak the received non-secured page to point to a different "secured" web server and the customer is none the wiser. PKI provides decent assurance when you type in a "https:" URL and very little when you click on a link, which is why PayPal inter aliawarn you to type in the URL.
Indeed, you've got to start somewhere, and for SSL there is this whole PKI thingy, with a few reasonably trustworthy CAs and with a few reasonably trustworthy ways of getting CA root certificates (ie. provided by popular browsers or by OS).
This is about choosing a point on Zooko's Triangle [warning: self-signed certificate]. HTTPS PKI as deployed chooses to rely on a small set of trusted third party identification services. This has two limitations: in security parlance "trusted" means "able to subvert YOUR security if it doesn't perform as advertised", and it requires real-world-linkable identification which is a nonstarter in anonymous systems.
That said, trust chaining still works in anonymous spaces. If you trust Alice (say alice4b8ajlnt9pq.onion) to supply you with secure links, and Alice gives you a link to Bob (say bobqiprlcn38afdc.onion), if that link resolves successfully you can be sure you are talking to the same Bob that Alice intended.
If all you have is a hash, how do you verify that the hash (and therefore corresponding data) is original and not for example changed by a man-in-the-middle-attack?
How do you define "original"? If you define it as "signed by a key linked to a known real-world identity" you have excluded anonymous protocols by definition. If you define it as "received through a different, reasonably trustworthy channel", it's on the same footing as real-world PKI: "reasonably trustworthy". In either case, the salient point is that in both examples I gave, the address is the hash, therefore you must have received the hash before beginning to retrieve the data.
How do you verify the integrity of all the root certificates in your browser's trust store? The hash on the download page next to the link? How do you verify that? You've got to start somewhere.
If the link pointing to a secured, anonymous site is a hash of the site's public key, you can verify that the site you're talking to can use the corresponding private key, which is the same thing SSL buys you. The high-priced "secure site certificates" just certify that the owner of $DNS_NAME also owns $PUBLIC_KEY; if you got a self-authenticating link from another web site you trust, the level of assurance is comparable.
So true, and look at what these monopolistic pigs are doing with their earnings instead of improving infrastructure:
"Comcast Corp. saw its shares jump Thursday, rallying after the cable giant reported a 54% rise in fourth-quarter earnings on increased revenue from its broadband and digital telephone services, and declared its first dividend in nearly a decade."
Sounds to me like they're doing their job: turning a profit from customers to pay shareholders. I'm just glad I'm not their customer. If enough people tell them to bury their fiber where the sun doesn't shine, they'll have to pay attention, but too many people want their ESPN...
"The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding." -- Louis Brandeis
A lot of these pro-surveillance types really believe they're helping make the world safer by trading away civil rights for police powers. They just don't realize that every concentration of power (and vast stores of surveillance data are just that) attracts abuse, whether or not it's officially "in the right hands".
Find out what ISP the Phonographic Institute uses, and file a complaint that they're violating my copyright. According to that logic, the ISP must then disconnect them.
You really expect that to work? Individuals will be presumed guilty, while corporations will be presumed innocent because unlike those pesky humans they have Policies and Procedures to Prevent This Sort of Thing.
But please don't shrug this off like its not a big deal. It was deliberately misleading on a scale we haven't seen before in terms of Windows marketing.
I'll buy that it was deliberately misleading, but not an outright scam. It reminds me of the sort of greasy sales technique I'd expect from a used car dealer: skirting just on the legal side of the line, getting a lot of people peeved at them, but coated in the legal equivalent of polytetrafluoroethane. I'll be surprised if this lawsuit sticks.
You left out your penis size, which I'm sure is gigantic!
I'd as soon he continue leaving it out, I hear enough about it in "male enhancement product" spam as it is.
In any case, Windows Vista Capable means just that -- it'll come up, but that doesn't mean it'll work well or that 100% of features will work. I don't see what all the fuss is about. For what it's worth (not nearly what I paid for it!) I bought a retail copy of Ultimate, it runs acceptably on my Capable ultra-portable even though the machine performs like a 7 year old desktop, though I did turn off the sidebar.
People don't understand simple math.. . . . They STILL BUY CRAP!!!
Point taken. I wasn't considering the prevalence of irrational behavior among high risk borrowers.
Free markets are great, and black markets WILL intervene to fill in the gaps..
So if black markets will intervene to fill in the gaps, why not capture that segment in a legitimate market? While the result is essentially the personal lending equivalent of junk bonds, it's probably better from a harm reduction standpoint to let speculators fund that market rather than someone who will send the goon squad around to politely discuss payment options.
Credit cards that specifically target high risk people, giving them teaser rates that will jump at the first late payment. This sort of thing CAN be regulated easily and still support a relatively free market.
Fair enough. Teaser rates seem to lead to either the lender taking advantage of an unwary borrower or a smart borrower taking advantage of the lender, neither of which would seem to help stability.
9. Limit maximum APR on any form of lending to 15% over inflation so credit card's are limited to around 17.5% APR / year.
While I'm as annoyed as the next guy with credit card rates, I don't think usury laws help any. Instead you get a whole mess of creative dodges, from the old contractum trinius to replacing interest with high transaction and account maintenance fees. Meanwhile, desperate people with bad credit are simply frozen out of the legitimate market and driven to illegal loan sharks.
Inflation at 2.5%? USDX has been walloped over the past year suggesting a ~12% inflation rate, rather at variance with the 2-3% CPI creep.
I think to be a decent engineer you should know at least one tool/language in each relavent category. It may or may not be the same one you end up using but at least you will know the basic concepts.
Agreed: what you really need is the meta-level skill of deriving principles from examples of the art. The first GUI framework I learned was plain C direct to Win16 User and GDI libraries; the conceptual model -- event-driven style, object-oriented code (without language support!), and so forth made learning Xlib a walk in the park, even though you have to roll your own dispatcher since Xlib doesn't come with one; it was pretty easy, even fun, at that point to cobble up a rudimentary X toolkit in Objective-C (w00t! late-bound methods!).
C++ fills the niche of where you still want tight control but some OOP capabilities would be usefull.
Just be very careful when Greenspunning more sophisticated capabilities you end up needing; you may be better off mixing in an interpreted language and alternating hard and soft layers. And yes, garbage collection and hard realtime constraints are compatible, while COM-style AddRef/Release reference counting breaks realtime since Release can cascade indefinitely. (Remember, hard realtime means predictable performance, not maximum execution speed.)
Slashdot Mirror
While they are long and relatively uncommon words, both lamentation and lachrymation are behaviors I'd expect a small child to be quite familiar with if not highly experienced at, and not anything to be embarrassed about discussing in front of them.
However, perhaps I missed the intent of your post. As you suggest, the adults using the words likely don't understand them; whether they are more embarrassed by that fact or some imagined scandalous meaning is an interesting question.
Nothing dirty; it's more to do with lachrymation than lactation. (Insert obligatory wisecrack about crying over spilled milk here.)
That is just DRM with a different face, and equally broken. Besides, just compact the JS and it's probably "good enough". If a bank is relying on that kind of excuse for security, it just means it'll take 3 hours instead of 2 for someone to hack them senseless.
More fundamentally, I don't think you *can* effectively firewall against boneheaded moves by people in places of trust such as the aforementioned bank developer.
In the long run for this application it may as well run at 10 Hz. It wakes up and runs a few thousand cycles every ten minutes or so, and spends the rest of its time halted.
*ding*ding*ding* You win the thread! I needed a good laugh today. Too bad I don't have mod points. :-)
You're probably right. ;)
I just appreciate a good Earth Shattering Kaboom! (Okay, I exaggerate.)
Back in Reagan's day, our intel folks managed to slip the Soviets a surprise that would have made Jokey Smurf proud with their bundle of purloined technology.
Perhaps this is because with his two variables it is difficult to separate the two. Whether the legitimacy of authority derives top-down or bottom-up, or whether it is inclusive or exclusive of multiple roots, is rather orthogonal to what John Adams so aptly called "a government of laws and not of men".
Oh, just like StarOffice was when Sun first got hold of it, and like Office 2007 is today, and like any number of vertical suites are. It's dreadfully common, and tends to irritate the hell out of anyone trying to get real work done. I call them "Pinky and the Brain" applications. Their mission: take over the world, one desktop at a time.
PKI doesn't even solve the right problem a good chunk of the time. How many sites have a link on a non-secured page that refers to some third party order processing firm? A man-in-the-middle can tweak the received non-secured page to point to a different "secured" web server and the customer is none the wiser. PKI provides decent assurance when you type in a "https:" URL and very little when you click on a link, which is why PayPal inter alia warn you to type in the URL.
This is about choosing a point on Zooko's Triangle [warning: self-signed certificate]. HTTPS PKI as deployed chooses to rely on a small set of trusted third party identification services. This has two limitations: in security parlance "trusted" means "able to subvert YOUR security if it doesn't perform as advertised", and it requires real-world-linkable identification which is a nonstarter in anonymous systems.
That said, trust chaining still works in anonymous spaces. If you trust Alice (say alice4b8ajlnt9pq.onion) to supply you with secure links, and Alice gives you a link to Bob (say bobqiprlcn38afdc.onion), if that link resolves successfully you can be sure you are talking to the same Bob that Alice intended.
How do you define "original"? If you define it as "signed by a key linked to a known real-world identity" you have excluded anonymous protocols by definition. If you define it as "received through a different, reasonably trustworthy channel", it's on the same footing as real-world PKI: "reasonably trustworthy". In either case, the salient point is that in both examples I gave, the address is the hash, therefore you must have received the hash before beginning to retrieve the data.
How do you verify the integrity of all the root certificates in your browser's trust store? The hash on the download page next to the link? How do you verify that? You've got to start somewhere.
If the identifier for a block of data is a hash of the data, you can verify its integrity without knowing a hill of beans about who or where it came from.
If the link pointing to a secured, anonymous site is a hash of the site's public key, you can verify that the site you're talking to can use the corresponding private key, which is the same thing SSL buys you. The high-priced "secure site certificates" just certify that the owner of $DNS_NAME also owns $PUBLIC_KEY; if you got a self-authenticating link from another web site you trust, the level of assurance is comparable.
If the algorithms that underpin this stuff are broken then the whole digital security house of cards is toast, including "High Assurance SSL Certificates" (Now with green pixel paint for your clients' address bars! Sorry, cross-site scripting protection not included.)
That'd be the g-rated wireless service at family friendly restaurants.
Sounds to me like they're doing their job: turning a profit from customers to pay shareholders. I'm just glad I'm not their customer. If enough people tell them to bury their fiber where the sun doesn't shine, they'll have to pay attention, but too many people want their ESPN...
"The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding." -- Louis Brandeis
A lot of these pro-surveillance types really believe they're helping make the world safer by trading away civil rights for police powers. They just don't realize that every concentration of power (and vast stores of surveillance data are just that) attracts abuse, whether or not it's officially "in the right hands".
You really expect that to work? Individuals will be presumed guilty, while corporations will be presumed innocent because unlike those pesky humans they have Policies and Procedures to Prevent This Sort of Thing.
I'll buy that it was deliberately misleading, but not an outright scam. It reminds me of the sort of greasy sales technique I'd expect from a used car dealer: skirting just on the legal side of the line, getting a lot of people peeved at them, but coated in the legal equivalent of polytetrafluoroethane. I'll be surprised if this lawsuit sticks.
I'd as soon he continue leaving it out, I hear enough about it in "male enhancement product" spam as it is.
In any case, Windows Vista Capable means just that -- it'll come up, but that doesn't mean it'll work well or that 100% of features will work. I don't see what all the fuss is about. For what it's worth (not nearly what I paid for it!) I bought a retail copy of Ultimate, it runs acceptably on my Capable ultra-portable even though the machine performs like a 7 year old desktop, though I did turn off the sidebar.
I don't remember a cell phone that actually produced a dial tone; my memory is fuzzy but perhaps some of the older Motorola "brick" analog phones did.
TFA would be here.
Point taken. I wasn't considering the prevalence of irrational behavior among high risk borrowers.
So if black markets will intervene to fill in the gaps, why not capture that segment in a legitimate market? While the result is essentially the personal lending equivalent of junk bonds, it's probably better from a harm reduction standpoint to let speculators fund that market rather than someone who will send the goon squad around to politely discuss payment options.
Fair enough. Teaser rates seem to lead to either the lender taking advantage of an unwary borrower or a smart borrower taking advantage of the lender, neither of which would seem to help stability.
While I'm as annoyed as the next guy with credit card rates, I don't think usury laws help any. Instead you get a whole mess of creative dodges, from the old contractum trinius to replacing interest with high transaction and account maintenance fees. Meanwhile, desperate people with bad credit are simply frozen out of the legitimate market and driven to illegal loan sharks.
Inflation at 2.5%? USDX has been walloped over the past year suggesting a ~12% inflation rate, rather at variance with the 2-3% CPI creep.