If it's still your favorite web comic of 2012, even though it has probably been updated once this year, then you need to read more web comics.
A short list (in no particular order) to get you started: Menage a 3 - three times a week wacky hijinks Misfile - I don't like the premise (an angelic fuck up), but the exploration of ideas with regards trans* folk is quite good YAFGC - daily dose of DnD style humor. The art is rough, but that adds to the charm Schlock Mercenary - others have discussed it Sinfest - Daily, classic, long running. Girls With Slingshots - Weekdays, Oglaf - NSFW funny stuff, Sundays only. Subnormality - Updated haphazardly, quite interesting and often strange comics. "Too many words." ------
Honorable Mentions (no particular order) go to: Something Positive - Not updated as much as I like, and the story lines are a bit less funny then they have been. Order of the Stick - If it updated regularly (at least twice a month) it would go up to the best list. But still. Flaky Pastry - Fridays, quite good, but the stories move slowly because only one day a week. If it were updated more often it would get bumped up. Questionable Content - not as good as in previous years, though the art's improved amazingly since the start -----
Well yes. Good point that I should have made, it is the intentional aspect that is most worrisome. You take a PDF file, take the hash, and then can easily generate another PDF file with the same hash. Which apparently could be used for fraud. Or, take an executable and then generate a malicious one with the same hash and trick someone into downloading it instead of the correct one. I should have expanded on that point in my original post.
I almost said something like that, along with the solution, but figured people could figure it out on their own.
With password hashes, the type of hash tends to be part of the end result (e.g. $B$ indicates a hash of type B, while $A$ indicates a hash of type A; not real examples, 'cause I can't be bothered looking them up). You could easily do something similar with generic hashes.
zippthorne (in a sibling to this post) gave some other thoughts.
Ethanol from plants may or may not be carbon neutral actually. It really depends on how much CO2 was used in the growing of the plants. If you use more fertiliser (from oil often), use heavy machinery to plant, grow and harvest the plants, etc., you may end up putting more CO2 into the air than you would otherwise if you had have just burnt the oil directly in your car. Check where your ethanol is coming from, and see whether or not subsidies are making the production inefficient and/or producing more CO2 than is otherwise saved.
Nah, you are. Hashes are used for a lot more than just passwords. Yes, for passwords a fast generic hash function like SHA2 or SHA3 (let alone MD5) is not such a good option. But for verifying that a downloaded executable or other file has not been modified, it's mostly fine. But don't use MD5, because it's completely broken (e.g. with it being possible to have two distinct PDF files having the same hash).
So use a generic hashthis() function (or class, whatever), and then you don't have to replace sha3() or blake2() or whatever through your code, merely modify the hashthis() function to use the new algorithm instead. Forward thinking amirite?
Ah yeah. Funny thing. Did you know the NLA does give money to the IA to run PANDORA? So there's one. The Library of Congress also works with the IA to build specific collections. So that's two. Other national libraries (and non-national libraries) also work with the IA to build collections of web based material. And they generally pay for it...
Did you know that legal deposit often doesn't cover electronic material? The NLA, for example, has no legal right to collect electronic material, and asks permission before archiving a website.
Fuck cultural relativism. 100 000 cases of polio is worse than backwards cultures being wiped out.
I do think that many so called backwards cultures are actually not. However, fuck Islam. In fact, fuck Christianity and Judaism and Buddhism as well. Religion is backwards.
Yeah, that was the point. I'd almost include that quote, but figured it would make the joke too obvious.
The main point (which probably now won't be seen by anyone) is that it doesn't matter what the guidelines are, people can still be prosecuted for "offensive" posts online. That I could be prosecuted for my post is an abomination. Well, except that I'm basically anonymous and they can't find me based on my posts here...
I'm running Ubuntu 12.04. I tried Unity (for a few weeks to let it seep in), and really didn't get it, so I installed Gnome 3. It has it's flaws, many of which are solved by extensions. Recently I got sick of some of the limitations and decided to try KDE. An apt-get install kde-desktop later, and I can. Except that it seems to be incredibly unstable. I'd already installed some games (Konquest, Ksirk, etc.) and these also seemed to be buggy. E.g. go to the about menu and it crashes... Well, KDE is buggy (at least on Ubuntu). I tried one of those widgets, the bouncing ball. It froze up my entire screen. And my computer is new (with an i7 CPU with loads of RAM). What with that and some other problems (I can't just recall) I gave up on KDE and went back to Gnome 3. Pity, Gnome 3 is limited as I said.
And if Debian just worked with my wireless, sound and touchscreen out of the box, I would use it instead. But it doesn't. Ubuntu does.
I can easily imagine the members of the parliament hanging by their necks in a row. I wish someone would help get rid of the vermin infesting the various palaces. Kate and Billy-boy, sliced groin to neck with their entrails hanging out. And I think that we should start a new sport, fucking up the filth. Every time you see a cop, stab 'em. They deserve it. I hope they all get killed in ghastly accidents. While on the topic, I wouldn't morn if more members of the armed forces were shot and killed. They are basically mercenaries yes? Killing people for pay. And they are the worst sort, protecting the capitalist state and enforcing it on others.
Now for some jokes:
Another British soldier has been killed by friendly fire in Afghanistan. That'll teach him for playing on hardcore.
12 shot dead at "soldier readiness station". Well, they weren't ready for that were they? Anyone got some better ones?
Anyway, I just head a knock at the door, I'll post this and then I'll be right back...
Meh, I bought a two gig stick of RAM about 3 years ago. It failed within the three years. If I was still in the country where I'd bought it (a place with decent consumer protection laws) I would have taken it back and complained. It caused some real trouble because my computer had been really stable, no crashes, etc. Ubuntu 10.04 (which I wish was going to be supported longer and then I'd still use it; 12.04 is much more unstable). What really confused me was that I'd just a few weeks before it failed run MemTest+ and turned up no errors. I didn't think RAM would be my problem.
TLDR: RAM can and does die. Live in a country with good consumer protection laws and make use of them.
Evil thought: The way to get model releases is to have a clause in the ToS like: "You allow us to use your likeness in advertisements and to sub-license this right to others, without any compensation to you."
Except obviously make it broader and more lawyer-speak like.
Then, only sell photos of people if they are members of the site (they will be 'tagged' in the photo by a helpful 'friend'). Should weed out most of the problems.
The difference between having the OK from a person to put a photo on a website (generally not needed) and having the OK to use a photo of a person to advertise a product (generally needed) is huge.
I can sell or give away photos as I like. However, as soon as I start using a photo of a person to advertise, I am implying that they are endorsing the product. And that's when the model release comes into effect.
This is despicable of course. And Instagram/Facebook needs to clearly and loudly (e.g. a click through notice when you login, and every day later until the 16th) explains this change in the ToS, and explains what it means (in plain English, not lawyer speak). But I bet they don't.
Anyway, any pictures with identifiable images of people in them could be a problem for whichever company purchases the image. Because of model rights you know? If an ad is run which has a person who is clearly identifiable, then in most places a model release is required. And I bet you that Instragram doesn't require that photographers have people sign model releases...
Our community has grown a lot since we wrote our original terms of service. To get things up to date for the millions of people now using Instagram, we’re bringing you new versions of our Privacy Policy and Terms of Service.
Here are a few key updates:
Nothing has changed about your photos’ ownership or who can see them.
Our updated privacy policy helps Instagram function more easily as part of Facebook by being able to share info between the two groups. This means we can do things like fight spam more effectively, detect system and reliability problems more quickly, and build better features for everyone by understanding how Instagram is used.
Our updated terms of service help protect you, and prevent spam and abuse as we grow.
This is just a small preview. Our new Privacy Policy and Terms of Service will be effective on January 16, 2013.
We know these documents are a little dry, but they’re very important. Please take a moment to read through them so you keep feeling comfortable sharing your beautiful photos on Instagram.
A bit of a lie really. The key point from the various articles is:
Instagram does not claim ownership of any Content that you post on or through the Service. Instead, you hereby grant to Instagram a non-exclusive, fully paid and royalty-free, transferable, sub-licensable, worldwide license to use the Content that you post on or through the Service, except that you can control who can view certain of your Content and activities on the Service as described in the Service's Privacy Policy, available here: http://instagram.com/legal/privacy/. Some or all of the Service may be supported by advertising revenue. To help us deliver interesting paid or sponsored content or promotions, you agree that a business or other entity may pay us to display your username, likeness, photos (along with any associated metadata), and/or actions you take, in connection with paid or sponsored content or promotions, without any compensation to you. If you are under the age of eighteen (18), or under any other applicable age of majority, you represent that at least one of your parents or legal guardians has also agreed to this provision (and the use of your name, likeness, username, and/or photos (along with any associated metadata)) on your behalf.
What if I am only known by an alias? If you have a longstanding and well established pseudonym, many people may not know you by your "real" name.
Moreover, some people may wish to generally follow the policies of the website they sign up for. But if they are told from the start they are not welcome if they don't use their "real" name, then,...
"Additionally, anonymous people tend to act like jackasses online, so their costs are bound to be higher."
Anonymous people maybe slightly more likely to act like "jackasses" online, however, pseudonymous people, and those using their real names, also act like right dickheads as well. It's not really a good reason to remove anonymity.
There are many more reasons to not require real names. Political activists (especially in repressive locations) really don't want to use their real name; people with "unusual" hobbies or opinions may not want their "real life" identity connected with discussions online; etc. etc. etc.
Do you work for MS on the IE team or something? That seems like the sort of thing I'd expect to hear from them...
How far are you into the CSS2 spec? I know, I know, you've only had 14 years to read it, and that's not quite long enough, and CSS2.1 is only just "finished" last year.
It is double opt-in. As in, I signed up for the emails. I get an email asking me to confirm. I click reply and send. I get the emails. Text from the confirmation email (with email addresses changed):
Dear webmaster@yahoo.com
We have received a request to subscribe this address to our mailing list, where send out the locations of new 'Circumventor' servers to help bypass Internet censorship.
To confirm that you want to subscribe this address to our mailing list, you MUST REPLY TO THIS MESSAGE without changing the subject line. (The subject line has a 14-digit number in parentheses on the end, and you have to leave that in the subject when you reply.) Just hit 'Reply' and hit 'Send', and that should be enough. This is to prevent people from signing up other people without their permission.
Please do not write any message to us when you reply, since the replies are processed automatically and your message will not be read. If you have any questions, please send a separate message to webmaster@hotmail.com
Once you reply to this message, you will be added to the Circumventor list.
[You are receiving this because you subscribed to the Circumventor distribution list. To unsubscribe from this list, click here: http://www.peacefire.org/circumventor/cv-unsub.html or reply with the word "unsubscribe" in the subject.]
Because then someone from the censorship companies or the censorship departments could easily get all the latest domains and block them automatically. By creating multiple domains and emailing them to a section of his subscriber list, he makes it that much harder to block all of them.
Here's the latest email I got from Mr Haselton (with the email addresses changed though). It's apparently very easy to subscribe. (Though it's not one click as you do need to enter your email address if you use the webpage option.) Is that good enough for you?
From: Bennett Haselton at Peacefire.org <webmaster@yahoo.com> Reply-to: "Bennett Haselton at Peacefire.org" <webmaster@yahoo.com> To: webmaster@hotmail.com Subject: new Circumventor, in a new format Date: Fri, 07 Dec 2012 04:00:02 -0500 (07/12/12 10:00:02) Envelope-To: webmaster@hotmail.com
[You are receiving this because you subscribed to the Circumventor distribution list. To unsubscribe from this list, click here: http://www.peacefire.org/circumventor/cv-unsub.html or reply with the word "unsubscribe" in the subject.]
Happy Holidays everybody -- your early Christmas gift enclosed:
This Circumventor site is in a different format but it should work as well as the others. You *must* access this one with 'https' at the beginning of the Web address; it won't work with 'http'.
You can attempt to access the "regular" Facebook through this one, for example, but it might not work correctly; the most reliable way is to enter http://m.facebook.com/ on this Circumventor site, which will take you to mobile Facebook. Unfortunately Youtube still isn't accessible yet but we're working on it.
Don't waste too much time on those school computers - Santa's watching!
Bennett
***
"When I was in high school these twins got mono. They got stereo." -Demetri Martin
Peacefire.org 14615 NE 30th PL #10D, Bellevue WA 98007/blockquote.
After the last article I signed up for the service of getting emailed the proxy sites. Guess what, I've had no problem. I've not recieved any spam to the email address I used. I've only received emails that I specifically requested.
So, ah.
Dude, you're a fucking idiot. Hotmail and Yahoo are not doing anyone good... Get lost!
If someone is running an incredibly popular opt-in email list, that doesn't automatically make them a spammer. In fact, because it's all opt-in it makes them the opposite. It's solicited, not unsolicited. Mr Haselton is one of the good guys, and you are a moron if you can't see that.
He has very little chance of actually being elected. In both those two states it is routine for up to a hundred people to stand, and so people just tend to vote "above the line" (select a party, and then the party allocates preferences as published prior to the election). None of the major parties are going to give high preferences to this new party, and of the minors, only the Greens have any real clout. Depending on politics, the Greens might preference the Labor Party ahead of the Wikileaks party, which'll mean Wikileaks Party gets fuck all.
Individually, he may get more than 4% of the vote and thus get his $1000 back, but I think that's pretty doubtful.
Even the Sex Party did poorly last time around, and they actually had a wider appeal base (you know, everyone who doesn't like conservatism when it comes to sex).
Conclusion: This is a stunt, but hopefully it will make people think about freedom a bit more.
Slashdot Mirror
If it's still your favorite web comic of 2012, even though it has probably been updated once this year, then you need to read more web comics.
A short list (in no particular order) to get you started:
Menage a 3 - three times a week wacky hijinks
Misfile - I don't like the premise (an angelic fuck up), but the exploration of ideas with regards trans* folk is quite good
YAFGC - daily dose of DnD style humor. The art is rough, but that adds to the charm
Schlock Mercenary - others have discussed it
Sinfest - Daily, classic, long running.
Girls With Slingshots - Weekdays,
Oglaf - NSFW funny stuff, Sundays only.
Subnormality - Updated haphazardly, quite interesting and often strange comics. "Too many words."
------
Honorable Mentions (no particular order) go to:
Something Positive - Not updated as much as I like, and the story lines are a bit less funny then they have been.
Order of the Stick - If it updated regularly (at least twice a month) it would go up to the best list. But still.
Flaky Pastry - Fridays, quite good, but the stories move slowly because only one day a week. If it were updated more often it would get bumped up.
Questionable Content - not as good as in previous years, though the art's improved amazingly since the start
-----
Go for it.
Well yes. Good point that I should have made, it is the intentional aspect that is most worrisome. You take a PDF file, take the hash, and then can easily generate another PDF file with the same hash. Which apparently could be used for fraud. Or, take an executable and then generate a malicious one with the same hash and trick someone into downloading it instead of the correct one. I should have expanded on that point in my original post.
I almost said something like that, along with the solution, but figured people could figure it out on their own.
With password hashes, the type of hash tends to be part of the end result (e.g. $B$ indicates a hash of type B, while $A$ indicates a hash of type A; not real examples, 'cause I can't be bothered looking them up). You could easily do something similar with generic hashes.
zippthorne (in a sibling to this post) gave some other thoughts.
Ethanol from plants may or may not be carbon neutral actually. It really depends on how much CO2 was used in the growing of the plants. If you use more fertiliser (from oil often), use heavy machinery to plant, grow and harvest the plants, etc., you may end up putting more CO2 into the air than you would otherwise if you had have just burnt the oil directly in your car. Check where your ethanol is coming from, and see whether or not subsidies are making the production inefficient and/or producing more CO2 than is otherwise saved.
Nah, you are. Hashes are used for a lot more than just passwords. Yes, for passwords a fast generic hash function like SHA2 or SHA3 (let alone MD5) is not such a good option. But for verifying that a downloaded executable or other file has not been modified, it's mostly fine. But don't use MD5, because it's completely broken (e.g. with it being possible to have two distinct PDF files having the same hash).
For password hashing use Blowfish/Bcrypt.
So use a generic hashthis() function (or class, whatever), and then you don't have to replace sha3() or blake2() or whatever through your code, merely modify the hashthis() function to use the new algorithm instead. Forward thinking amirite?
Ya. I donated a few of my coins. I'm not sure how the matching donations thing works though. Does anyone know?
Ah yeah. Funny thing. Did you know the NLA does give money to the IA to run PANDORA? So there's one. The Library of Congress also works with the IA to build specific collections. So that's two. Other national libraries (and non-national libraries) also work with the IA to build collections of web based material. And they generally pay for it...
Did you know that legal deposit often doesn't cover electronic material? The NLA, for example, has no legal right to collect electronic material, and asks permission before archiving a website.
The more you know...
Fuck cultural relativism.
100 000 cases of polio is worse than backwards cultures being wiped out.
I do think that many so called backwards cultures are actually not. However, fuck Islam. In fact, fuck Christianity and Judaism and Buddhism as well. Religion is backwards.
Yeah, that was the point. I'd almost include that quote, but figured it would make the joke too obvious.
The main point (which probably now won't be seen by anyone) is that it doesn't matter what the guidelines are, people can still be prosecuted for "offensive" posts online. That I could be prosecuted for my post is an abomination. Well, except that I'm basically anonymous and they can't find me based on my posts here...
I'm running Ubuntu 12.04. I tried Unity (for a few weeks to let it seep in), and really didn't get it, so I installed Gnome 3. It has it's flaws, many of which are solved by extensions. Recently I got sick of some of the limitations and decided to try KDE. An apt-get install kde-desktop later, and I can. Except that it seems to be incredibly unstable. I'd already installed some games (Konquest, Ksirk, etc.) and these also seemed to be buggy. E.g. go to the about menu and it crashes...
Well, KDE is buggy (at least on Ubuntu). I tried one of those widgets, the bouncing ball. It froze up my entire screen. And my computer is new (with an i7 CPU with loads of RAM). What with that and some other problems (I can't just recall) I gave up on KDE and went back to Gnome 3. Pity, Gnome 3 is limited as I said.
And if Debian just worked with my wireless, sound and touchscreen out of the box, I would use it instead. But it doesn't. Ubuntu does.
I can easily imagine the members of the parliament hanging by their necks in a row. I wish someone would help get rid of the vermin infesting the various palaces. Kate and Billy-boy, sliced groin to neck with their entrails hanging out. And I think that we should start a new sport, fucking up the filth. Every time you see a cop, stab 'em. They deserve it. I hope they all get killed in ghastly accidents. While on the topic, I wouldn't morn if more members of the armed forces were shot and killed. They are basically mercenaries yes? Killing people for pay. And they are the worst sort, protecting the capitalist state and enforcing it on others.
Now for some jokes:
Another British soldier has been killed by friendly fire in Afghanistan. That'll teach him for playing on hardcore.
12 shot dead at "soldier readiness station". Well, they weren't ready for that were they?
Anyone got some better ones?
Anyway, I just head a knock at the door, I'll post this and then I'll be right back...
Meh, I bought a two gig stick of RAM about 3 years ago. It failed within the three years. If I was still in the country where I'd bought it (a place with decent consumer protection laws) I would have taken it back and complained.
It caused some real trouble because my computer had been really stable, no crashes, etc. Ubuntu 10.04 (which I wish was going to be supported longer and then I'd still use it; 12.04 is much more unstable). What really confused me was that I'd just a few weeks before it failed run MemTest+ and turned up no errors. I didn't think RAM would be my problem.
TLDR: RAM can and does die. Live in a country with good consumer protection laws and make use of them.
Evil thought:
The way to get model releases is to have a clause in the ToS like:
"You allow us to use your likeness in advertisements and to sub-license this right to others, without any compensation to you."
Except obviously make it broader and more lawyer-speak like.
Then, only sell photos of people if they are members of the site (they will be 'tagged' in the photo by a helpful 'friend'). Should weed out most of the problems.
The difference between having the OK from a person to put a photo on a website (generally not needed) and having the OK to use a photo of a person to advertise a product (generally needed) is huge.
I can sell or give away photos as I like. However, as soon as I start using a photo of a person to advertise, I am implying that they are endorsing the product. And that's when the model release comes into effect.
This is despicable of course. And Instagram/Facebook needs to clearly and loudly (e.g. a click through notice when you login, and every day later until the 16th) explains this change in the ToS, and explains what it means (in plain English, not lawyer speak). But I bet they don't.
Anyway, any pictures with identifiable images of people in them could be a problem for whichever company purchases the image. Because of model rights you know? If an ad is run which has a person who is clearly identifiable, then in most places a model release is required. And I bet you that Instragram doesn't require that photographers have people sign model releases...
Oh, and the blog post:
A bit of a lie really. The key point from the various articles is:
http://instagram.com/about/legal/terms/updated/
You can express your disapproval of these changes by emailing support@instagram.com.
What if I am only known by an alias? If you have a longstanding and well established pseudonym, many people may not know you by your "real" name.
Moreover, some people may wish to generally follow the policies of the website they sign up for. But if they are told from the start they are not welcome if they don't use their "real" name, then, ...
"Additionally, anonymous people tend to act like jackasses online, so their costs are bound to be higher."
Anonymous people maybe slightly more likely to act like "jackasses" online, however, pseudonymous people, and those using their real names, also act like right dickheads as well. It's not really a good reason to remove anonymity.
There are many more reasons to not require real names. Political activists (especially in repressive locations) really don't want to use their real name; people with "unusual" hobbies or opinions may not want their "real life" identity connected with discussions online; etc. etc. etc.
See also: My Name Is Me and Who is harmed by a "Real Names" policy?.
Do you work for MS on the IE team or something? That seems like the sort of thing I'd expect to hear from them...
How far are you into the CSS2 spec? I know, I know, you've only had 14 years to read it, and that's not quite long enough, and CSS2.1 is only just "finished" last year.
It is double opt-in. As in, I signed up for the emails. I get an email asking me to confirm. I click reply and send. I get the emails. Text from the confirmation email (with email addresses changed):
At the top of the emails:
Seems pretty easy to me...
Because then someone from the censorship companies or the censorship departments could easily get all the latest domains and block them automatically. By creating multiple domains and emailing them to a section of his subscriber list, he makes it that much harder to block all of them.
Here's the latest email I got from Mr Haselton (with the email addresses changed though).
It's apparently very easy to subscribe. (Though it's not one click as you do need to enter your email address if you use the webpage option.) Is that good enough for you?
After the last article I signed up for the service of getting emailed the proxy sites. Guess what, I've had no problem. I've not recieved any spam to the email address I used. I've only received emails that I specifically requested.
So, ah.
Dude, you're a fucking idiot. Hotmail and Yahoo are not doing anyone good... Get lost!
If someone is running an incredibly popular opt-in email list, that doesn't automatically make them a spammer. In fact, because it's all opt-in it makes them the opposite. It's solicited, not unsolicited. Mr Haselton is one of the good guys, and you are a moron if you can't see that.
He has very little chance of actually being elected. In both those two states it is routine for up to a hundred people to stand, and so people just tend to vote "above the line" (select a party, and then the party allocates preferences as published prior to the election). None of the major parties are going to give high preferences to this new party, and of the minors, only the Greens have any real clout. Depending on politics, the Greens might preference the Labor Party ahead of the Wikileaks party, which'll mean Wikileaks Party gets fuck all.
Individually, he may get more than 4% of the vote and thus get his $1000 back, but I think that's pretty doubtful.
Even the Sex Party did poorly last time around, and they actually had a wider appeal base (you know, everyone who doesn't like conservatism when it comes to sex).
Conclusion: This is a stunt, but hopefully it will make people think about freedom a bit more.