> Does power of attorney even grant you permission to sign a document with another person's name, or does it merely grant you permission to sign a document on behalf of the other person but still using your own name?
It does whatever it says it does. Power of attorney is a rather general term, not one specific document. In general, if I say to you "you can sign my name on this type of document", you may indeed do that. Years ago I double checked the federal and Texas statutes on this issue.
> It's not a legal document because there are no signatures
Quoting TFS, 'furthermore, the word "NOT" was underlined with his signature beneath it.'
> if you start treating one tattoo as a legal document, you have to start treating ALL of them that way.
How do you figure? If you start treating one piece of paper as a legal document, you have to start treating ALL pieces of paper as legal documents?
BTW, the supreme law of the country, the US Constitution, is also written on skin.
> No, because a legal document that states they're DNR is a binding contract that they made.... > There's nothing to "prove." It simply is not a legally binding agreement/contract.
There are four elements that make up a contract. A DNR has none of the four. The four elements of a contract are: An offer An Acceptance Mutuality (agreed understanding of the terms) Exchange of consideration (payment)
Agreed. Imagine you have an 8 inch volleyball, drenched with syrup. A quarter of an inch away, almost touching the syrup-coated volleyball, there is a coin and you find microscopic traces of syrup on the coin. How do you guess the trace of a syrup got on the coin?
Most likely, it came from the big ball of syrup right next to the coin. Or maybe somehow syrup came in from outside and got on the coin, without ever making it 1/4 inch further to get in the volleyball. Which seems most plausible?
That's the scale we're talking about with ISS. Earth is 8,000 miles diameter, 25,000 miles circumference. The atmosphere extends to 6,200 miles up (exosphere). ISS is below the exosphere, in the thermosphere. ISS is only 250 from the surface - nearly touching the ground.
As someone else hinted, IIS is also travelling 18,000 miles per hour. At that altitude, there are roughly 4,000,000,000 air molecules per cubic meter*. Meaning ISS is colliding with billions of air molecules per second. It would be surprising if they didn't get a bug on the windshield.
* Yeah I used imperial and metric in the same post. Get over it.
> When you automate a few, or even all, sock factories, the workers can go make sweaters and underwear, etc.
Too late to make that argument. Sweaters and underwear were automated a long time ago. Along with the production of fabric to start with. As I've pointed out elsewhere on this page, someone keeping an eye on an automated loom has an average salary of $32,000. A weaver made ten cents a day. The more automated the work becomes, the more goods are produced per worker. More goods is more money coming into the factory, is more money to pay the workers.
I have a friend who "bottles water" for a living. Wholesale gross profit on each bottle of water is a penny or so. Imagine how much she could earn filling bottles manually. If she filled 500 bottles per day, her employer would gross $5. They could pay her $1-$2 / day. In fact "filling bottles" has been fully automated. Her and her half dozen co-workers produce hundreds of thousands of bottles or water every day. That's a decent amount of value produced, so she can make a reasonable paycheck.
> When you automate everything, the workers won't have that option.
About half of everything (all jobs) WAS automated in the last hundred years. The same the hundred years before that. For example typesetting is completely automated - it's called desktop publishing. And the advant of desktop publishing (fully automated typesetting) created a bunch of new jobs, which mostly pay more than typesetting did, because "web designer" is more productive work than "typesetter".
> The entire economy will shift.
Yep, it'll keep shifting. I was born in the manufacturing economy. I grew up in the service economy. I started my career in the information age. Now I work in the Web 2.0 / data science economy. About every 20-30 years years the economy shifts significantly, and it'll keep doing that as it has for hundreds of years.
They are all common jobs that lots of people do, of course. Or were, 100 years ago. They've all pretty much been automated. Of course we could now list 50 jobs that are common today that didn't exist 100 years a good o. In fact, over half of the US workforce works in jobs that didn't exist 100 years ago.
Yes jobs will be automated, as has been the case since the 1600s. And what's happened for hundreds of years is that as people no longer need to pick cotton, they instead design UIs, or test apps, or maintain automated looks that produce thousands of dollars of fabric per hour. The increased productivity of maintaining the automated look instead of weaving by hand is why median real household income has increased by 500%.
> . The only use I have for Windows is filing my S-corp taxes one per year, and I use a VM on my Macbook for that.
I've used Taxact.com for my S Corp for many years. I use Linux, and just recently started using Mac some. I'm sure other sites work just fine too. You don't *need* Windows for taxes.
Since my business was network security and I had root access to many customers' servers, nearly 20 years ago we decided Windows wouldn't be allowed on our network, and I've yet to have any need for it whatsoever. It's never even been an issue at all. The one thing I do use Windows for is I now work for another company that uses MS SQL, so using Microsoft's SQL client is convenient. Even that one use is going away as the company has decided MS SQL is unsustainable, so they'll need to switch to Postgres or MySQL / MariaDB.
I don't know, when just two or three companies have such a big chunk of the online space, government forcing a break up may be the only option. Three-quarters of online traffic goes through just the top two companies, CompuServe and Prodigy. Oh sorry, not anymore. Those companies went away when someone else offered something better. Three quarters of online traffic flows through AOL and Yahoo. No sorry it changed again. Yahoo has been beaten out by Altavista, and AOL is the main ISP. Fuck it's hard to keep up. You say Altavista, the mighty Altavista is gone? So it's AOL and who that run the whole internet now? What? No AOL? Dang the government should has done an amazing job breaking up all the online powerhouses.
My educated guess from 20 years in computer security:
The graphical UI it gives up after a few tries, which is reasonable. Unit tests tested that you can login that way and maybe tested that it gives up.
Separately, on the underlying Unix side they may have tested that part well - if you enter a correct password you get in, an incorrect password doesn't get you in.
In Integration testing UI designers made sure it WORKS - you can log in that way. They didn't test crazy shit like entering a million-character password, entering no password over and over, etc. Who would do that anyway? Besides, "garbage in, garbage out", right?
No! "Garbage in, garbage out" is not okay for anything related to security, or really anything connected to the web. Security stuff has to expect garbage input of all kinds - megabytes of input when only a few bytes are expected, passwords with line feeds, empty input, etc. It has to be "garbage in, denied". Which normally means checking for whitelisted sane input first, and denying if the input is anything other than what you expected. Applications exposed on the internet are similar - you have to expect you'll be attacked a thousand times a day.
Therefore it's not enough to test that it works. You have to think about all the ways it could fail, ways it could not work, and test those.
> Hell a firewall breaks net neutrality's basic tenant.
> No, it doesn't. It's almost like you don't understand the principles at all. > NN deals with ISPs and other public network operators. It has no bearing on how you secure your own boundary.
That makes sense. If you have no idea how spam, DOS, etc work.
A very typical DOS attack has the attacker sending small DNS requests to ten thousand different servers. The servers reply, sending the (larger) answer to the apparent source of the request. The source IP has been forged, though, so the replies all go to the victim. There are two good, easy solutions to amplification attacks, and then a bad solution that doesn't really work.
First, best solution: By the time the request packets hit an internet backbone, the routers see that the source IP header doesn't match the network that connect to that port. In other words, they are forged. The backbone drops the traffic as it tries to enter. The packets therefore only exist on the attacker's side and maybe his local ISP - he's really just DOSing himself, using up his own resources in a failed attack.
Second best: The backbone sees the flood of DNS requests coming from 40.8.10.213 and recognizes the attack. They drop DNS traffic, or all traffic, from the attacking IP. Once again, the attack doesn't get much past the attacker's network, so it does little damage other than wasting the attacker's time.
Failed "solution": The victim sees they are being flooded with 100Mbps of DNS responses filling their internet connection. The packets are coming from all over the place. They start blocking the IPs where the packets came from (the servers of major web sites) at their local firewall. All that accomplishes is that their users can no longer access any of the web sites which the attacker bounced packets from (thousands of legitimate web sites). It doesn't solve the problem that their internet connection has become useless because it's filled with reply packets that the attacker triggered. Blocking at the local firewall only makes things WORSE for most DOS attacks. The victim blocking at their firewall also doesn't help their ISPs network, which is being flooded. In fact, if the firewall is set to reject the flood packets, that's even worse for the ISP, who now gets to handle a bunch of icmp reject notices coming back.
Spam is similar. Spammers don't send all their spam directly from their office IP to the destination. That would make it trivial to block them, if all the millions of spams they sent out had the spammer's IP address. Instead the spammer's send their millions of spams through millions of open relays, proxies, bots, etc. You'll never be able to block every infected desktop that's being used to send spam. What someone (who operates a backbone) can easily block is the offices of the company that sends millions of spams, blocking them so they can't send the spam TO the open proxies, bots, etc. That block has to happen BEFORE they reach the millions of proxies - the spam office can't be allowed to send traffic across the backbone in the first place. One they've reached their 100,000 proxies or bots it's too late - it's 100,000 harder to stop at that point.
In general, it's several thousand times more effective to stop attacks and spam close to the source. It's just not possible for every internet user to daily update the millions of bots and relays that the bad guys use - and it wouldn't work of they did, because the DOS would still flood their internet connection offline. --
Random text because Slashdot doesn't like posts which use the same words repeatedly. Therefore I now utilize some distinct ones which are not above. Horseradish tile shampoo towel Coca-Cola Mountain Dew mustard. Ketchup mayonnaise latex phenylketonurics and pulmonary restriction of the sciatic nerve. Tobacco products odorize gaseous atmospheres indoors. Communication protocol standard required committee approval meeting. Duplicative processes corporate requirements. Pumpkin fruit pie Thanksgiving whipped cream. Lemonade soda coffee tea. Marshmallows swimming in hydrogen monoxide soften quickly. Queso Blanco will be a good snack after I write arbitrary sentences to get around something silly.
> buying a house or a new-ish trailer just isn't in the cards for you. In fact you'd be lucky to buy a crappy old trailer for $5000... Then you have the crappy car that needs repairs every couple weeks. And just try and buy food after all that. This person woudl LOVE to think "long-term" you jack-ass.
I lived in trailer worth $1,500 while riding a bicycle to work flipping burgers. So I can understand not being able to afford a new house. What didn't do when I couldn't afford a new house is I didn't spend half my check on a new double wide which would depreciate $25,000 in the first five years. When you're broke is exactly when you can't afford thousands of dollars of depreciation every year.
Instead I thought long term - I lived somewhere that not only wouldn't leave me more broke by depreciation, but it was so cheap I could afford to save some of my burger-flipping money for a long-term goal. A year and a half ago I bought my family a 3,500 square foot house using the money I didn't spend on a $80,000 double-wide plus $200 / month lot rent that would be worth half that much a few years later.
> Net Neutrality, is an easy set of rules to follow. Treat every packet like any other one.
Treating low-bandwidth flows that extremely sensitive to jitter (ex VoIP) the same as you treat high bandwidth flows that don't care about jitter (ex Netflix) would make everything work poorly. If all packets were treated the same, 1960s-style, your video would stutter so bad it would be unwatchable in 352 Ã-- 288 and your VoIP would have sounds arriving in the wrong order, so "hello jellomizer" would arrive as "lloeh mijellozer". Fortunately, the hundreds of pages of NN rules that were in effect for a year and half weren't quite that stupid.
An early draft DID say spam and spoofed packets had to be treated equally as legitimate packets, but we got the most obvious cases of stupid fixed. For security and prevention of DOS it's important to block spoofed and malicious packets as close to the source as possible and that wasn't completely made illegal by the NN rules as approved in 2015. It was damaged, but not completely barred in all cases like "treat every packet the same" would do.
People who don't know a port from a fragment do say "treat everything exactly the same" because they don't have any idea how carrier networks work, but policy makers at the FCC aren't listening to Facebook meme-based comments. One Congresswoman did, dangerously, but that was handled.
Unfortunately, there are several books each a thousand pages or more teaching network optimization methods to get the right flows into the right paths in the right order to provide the desired combination of jitter, packet loss, latency, and bandwidth that's needed for each type of flow. We moved away from mostly packet-based policy a long time ago - each packet is part of a flow. The user experience is based on the flow, such as a video stream or http response, so we focus most of our attention on flows, rather than tiny artificial, arbitrary pieces of data within the flow (packets). In other words, making routing, policing, and queueing decisions a million times, for a the million separate packets in a video, would be stupid - instead we make those decisions once, based on "he wants to watch a pre-recorded video, which will be buffered". Packet level stuff mostly comes into play because we know real-time flows such as RTP tend to have much packets that need to arrive in order, at equal intervals, while YouTube videos have much larger packets that are fine with being delivered in bursts, because it's buffered anyway.
Anyway the point is, I only know maybe 15% of what there is to know about how to most effectively provide the best network performance for each thing you want to do on the internet, because I've only read maybe 4,000 pages on the subject. The best engineers, the CCIEs, apply tens of thousands of pages worth of knowledge to get the right packets where they need to be at the right moment, with the right volume of packets vs the acceptable packet loss. It's a complex science. Rules telling them how they must do it must take into account the complexity. Not only the complexity of the network technologies that are common in carrier networks today, but emerging technologies. Otherwise, the rules will be either damaging, ineffective, or both. (And the 2015 included plenty of both)
That made me laugh, and made me curious, "what's up with the capitalization of the Constitution? I looked it up.
In the 1700s, it was common / correct to capitalize nouns in English. It still is in other languages, such as German. The practice was fading in the late 1700s, so like the Oxford comma today, it was arguable. Morris, who wrote the Constitution itself, chose to capitalize nouns. Two years later, they decided on the newer style for the Bill of Rights and used lower case. Just as today a document that isn't supposed to used Oxford comma may have one slip in accidentally, there are some inconsistencies in capitalizing nouns in the Constitution.
On the Oxford comma - sometimes it's needed for clarity. Sometimes it needs to be avoided for clarity. Just make the sentence clear.
> Total bans encourage workarounds and workarounds yield security breaches every single time.
That's certainly very true. Neither of us said people SHOULD engage in workarounds, but they DO. The more that a security measure is a PITA, the more people don't follow it. Right or wrong. Especially powerful people who are accustomed to being able to do what they want, generally - they aren't accustomed to being treated like children. In business, CEOs break security protocols more than anyone else because they are accustomed to making their own rules.
We all remember the results of the State Department email system being "inconvenient" (assuming you believe setting and a separate private mail server was really for convenience, and not for "heck no I don't write anything down! It could be subpoenaed!" (yes she actually said that).
On the other hand, you obviously want strong security measures inside the White House. I'm not sure there is a good solution that will actually work well. The best I can come up with is requiring all relevant White House staff to have two government-issued phones, one for work, one for personal, both secured. You can say "they just have to follow all the security best-practices", but saying that doesn't make it happen.
You assume newer is always faster. That's not necessarily so. Internet Explorer got slower and slower with each version. Vista was slower than XP. In the Linux world, going from 32-bit to 64-bit makes it slower, all other things being equal. It's entirely *possible* than a newer systemd will slow things down as it gets bigger and bigger - compare an old, small editor such as vi/vim vs the newest MS Word. Newer and bigger sure can be slower.
On the other hand, as someone else commented: > Linux distro produced by Intel, tuned by Intel for latest Intel hardware, works fastest of any distro on latest Intel hardware.
If I build a new table, I have exclusive control of that table, it's my property. If you catch a fish, you have exclusive control of that fish, it's your property. If you build a new method of mixing paint in a sealed can, you exclusive control of that method, it's your property.
The government issues you a document recognizing your ownership of your car. The government issues a document declaring your ownership of your house. The government issues a document declaring your ownership of your invention.
It seems a lot like property to me, but actually it doesn't matter. Certainly a patent fight is a controversy under federal law. I don't see any fundamental reason we can't allow a patent holder to exercise their Constitutional right to a jury trial "in all controversies arising" under federal law. A quicker, less expensive adminstrative hearing can resolve most cases without having to go to court, but ignoring the plain language of the seventh amendment in order to deny patent holders their right to a judicial hearing seems a bit crazy to me.
You're quite right. If they specifically target 325 named government officials, as in this case, with tailored emails, that's spear phishing and very much the kind of thing sophisticated professionals will do. Once they have access using the credentials of the deputy director of the NSA, they would then move laterally to own most of the NDA network.
Targets such as the director, deputy director, and top network / database administrators is gold. That's even better than arbitrary code execution on some random system with an unprivileged account, which is what Hollywood-style hacking normally results in. (Though if you can follow that up with privilege escalation on a critical system, that gets even more interesting).
First, no, it's called "business personal property tax". Businesses pay ANOTHER tax every year for owning things, such as desks and staplers. This has nothing whatsoever to do with income tax. If you've never run a business, you could be forgiven for thinking that the only taxes are income taxes and sales tax (but please don't vote if you think that); businesses pay a dozen separate kinds of taxes, filing taxes at least 12 times per year.
> "take deductions equal to the cost of my desk, stapler and printer divided over the useful life (MACRS)... Either that or your accountant is not very good.
Maybe you're accountant isn't an accountant, he's just trying to play accountant on Slashdot. Items costing $2,500 or less each can be fully expensed in the first year. No need to wait five years for those tax savings, but more importantly no need to spend $30 tracking depreciation on each $10 stapler! If you're tracking depreciation on staplers, you're very much Doing It Wrong. For items over $2,500, you also expense $500,000 of equipment annually.
You're right, the guy complaining doesn't pay an annual tax on most of his property. In many states businesses DO pay an annual tax on objects they own, which is an expensive pain in the ass which generates little revenue compared to the expense. Individuals are MUCH better off in this regard. As a business owner, I pay annual taxes on my desk, my stapler, my printer, etc.
The observers supporting the patent review board in this case mostly seem to be coming from the perspective of "stopping bad patents as easily as possible is good". I'd certainly agree with that!
The issue on the other side is that the Constitution has two things to say about the matter. The federal government *Constitutionally* can't take things without due process of law (opportunity for a trial), and the seventh amendment guarantees the right to a *jury* trial for "controversies".
This tension between the efficiency of an administrative decision by the executive branch and Constitutional right to a jury trial has been successfully overcome with respect to decisions by IRS, FCC, FAA, etc. The key is to write the law in such a way that an administrative decision (faster and cheaper) can be appealed to a court (Constitutionally required) and the court will take due notice of the administrative body's decision and the reasoning behind that decision. That way you get the best of both worlds.
To use the IRS as an example, if a revenue or collections officer makes a decision you disagree with, you can first appeal to an separate appeals board using a Collections Due Process request. To maintain Independence, appeals employees generally aren't even allowed to talk to collections and revenue officers (with some minor exceptions). If you don't like the outcome of the appeals hearing / discussion, you can then appeal to the federal courts. The court will take notice of the IRS decision, so MOST of the time, if someone lost their argument with the Collections office and lost against with the appeals office, they have a weak argument and will lose in court. But they CAN go to court if they want to, and that preserves their rights.
Most issues are handled fairly efficiently - even if the revenue officer is wrong, the appeals office can correct it. That in no way limits someone's right to go to court, though. A similar process is supposed to be there for patent appeals decisions. If you think the patent appeals board got it wrong, you should be able to go to court. Because the court will read the appeals board decision and if it makes sense the court will uphold it, the board decision should be a strong predictor of how a court will decide. In other words, once the board decides, it's not likely that the court will reverse it unless the board is clearly wrong. That should, and apparently does, discourage patent trolls from pursuing a court action if the board rules their patent invalid.
Plaintiffs in this case say that the exact procedure allowed for appealing to the court doesn't meet the Constitutional imperative. They may be right. If so, the process will simply need to be adjusted to be more like the process uses to appeal IRS decisions, which has been held Constitutional.
10 CPUs with 72 cores each is 720 cores. 750 SOCs with 4 cores each is 3,000 cores (and RAM and motherboards included).
The point is to have a massive number of cores in a large number of machines, to simulate a large number of machines, at the budget point. Your idea would have 75% fewer cores.
> shared memory
Yep, that's another problem with your idea. It would no longer be an accurate simulation. Well except your plan doesn't include any RAM at all. Or motherboards, networking, etc. You're going to need to buy 750 network cards to simulate 750 machines, motherboards each capable of holding 18 cards, a number of storage devices, etc. So maybe FIVE 7290 CPUs with exotic motherboards plus RAM, network cards, storage, etc. Five 7290s would provide 360 cores, vs the 3,000 cores they got with the Pis.
Now AFTER the research yields fruit, in a couple years someone might want to put the ideas into production using fifty 72-core processors which may cost $2,000 each.
Slashdot Mirror
Given that what you do with these things is give money to an exchange that will steal from you, I propose we call them kleptocurrency.
> Does power of attorney even grant you permission to sign a document with another person's name, or does it merely grant you permission to sign a document on behalf of the other person but still using your own name?
It does whatever it says it does. Power of attorney is a rather general term, not one specific document. In general, if I say to you "you can sign my name on this type of document", you may indeed do that. Years ago I double checked the federal and Texas statutes on this issue.
> It's not a legal document because there are no signatures
Quoting TFS, 'furthermore, the word "NOT" was underlined with his signature beneath it.'
> if you start treating one tattoo as a legal document, you have to start treating ALL of them that way.
How do you figure? If you start treating one piece of paper as a legal document, you have to start treating ALL pieces of paper as legal documents?
BTW, the supreme law of the country, the US Constitution, is also written on skin.
> No, because a legal document that states they're DNR is a binding contract that they made. ...
> There's nothing to "prove." It simply is not a legally binding agreement/contract.
There are four elements that make up a contract. A DNR has none of the four. The four elements of a contract are:
An offer
An Acceptance
Mutuality (agreed understanding of the terms)
Exchange of consideration (payment)
Agreed. Imagine you have an 8 inch volleyball, drenched with syrup. A quarter of an inch away, almost touching the syrup-coated volleyball, there is a coin and you find microscopic traces of syrup on the coin. How do you guess the trace of a syrup got on the coin?
Most likely, it came from the big ball of syrup right next to the coin. Or maybe somehow syrup came in from outside and got on the coin, without ever making it 1/4 inch further to get in the volleyball. Which seems most plausible?
That's the scale we're talking about with ISS. Earth is 8,000 miles diameter, 25,000 miles circumference. The atmosphere extends to 6,200 miles up (exosphere). ISS is below the exosphere, in the thermosphere. ISS is only 250 from the surface - nearly touching the ground.
As someone else hinted, IIS is also travelling 18,000 miles per hour. At that altitude, there are roughly 4,000,000,000 air molecules per cubic meter*. Meaning ISS is colliding with billions of air molecules per second. It would be surprising if they didn't get a bug on the windshield.
* Yeah I used imperial and metric in the same post. Get over it.
> When you automate a few, or even all, sock factories, the workers can go make sweaters and underwear, etc.
Too late to make that argument. Sweaters and underwear were automated a long time ago. Along with the production of fabric to start with. As I've pointed out elsewhere on this page, someone keeping an eye on an automated loom has an average salary of $32,000. A weaver made ten cents a day. The more automated the work becomes, the more goods are produced per worker. More goods is more money coming into the factory, is more money to pay the workers.
I have a friend who "bottles water" for a living. Wholesale gross profit on each bottle of water is a penny or so. Imagine how much she could earn filling bottles manually. If she filled 500 bottles per day, her employer would gross $5. They could pay her $1-$2 / day. In fact "filling bottles" has been fully automated. Her and her half dozen co-workers produce hundreds of thousands of bottles or water every day. That's a decent amount of value produced, so she can make a reasonable paycheck.
> When you automate everything, the workers won't have that option.
About half of everything (all jobs) WAS automated in the last hundred years. The same the hundred years before that. For example typesetting is completely automated - it's called desktop publishing. And the advant of desktop publishing (fully automated typesetting) created a bunch of new jobs, which mostly pay more than typesetting did, because "web designer" is more productive work than "typesetter".
> The entire economy will shift.
Yep, it'll keep shifting. I was born in the manufacturing economy. I grew up in the service economy. I started my career in the information age. Now I work in the Web 2.0 / data science economy. About every 20-30 years years the economy shifts significantly, and it'll keep doing that as it has for hundreds of years.
That should be "automated loom".
Loom operators today make about $32,000/year. Rather better than the 10 cents a day Weaver's made.
What do these names have in common?
Smith, Potter, Taylor, Spinner, Weaver, Webster, Dyer, Thatcher, Tyler, Miller, Baker, Cheeseman, Spicer, Cook, Fisher, Carter, Clarke, Skinner
They are all common jobs that lots of people do, of course. Or were, 100 years ago. They've all pretty much been automated. Of course we could now list 50 jobs that are common today that didn't exist 100 years a good o. In fact, over half of the US workforce works in jobs that didn't exist 100 years ago.
Yes jobs will be automated, as has been the case since the 1600s. And what's happened for hundreds of years is that as people no longer need to pick cotton, they instead design UIs, or test apps, or maintain automated looks that produce thousands of dollars of fabric per hour. The increased productivity of maintaining the automated look instead of weaving by hand is why median real household income has increased by 500%.
The DNA match didn't prove yetis are actually bears. Maybe the bears are actually yetis!
* Of course they are bears.
I have some ni-cads batteries here you can try out against a modern battery and then you can tell me they haven't gotten any better.
> . The only use I have for Windows is filing my S-corp taxes one per year, and I use a VM on my Macbook for that.
I've used Taxact.com for my S Corp for many years. I use Linux, and just recently started using Mac some. I'm sure other sites work just fine too. You don't *need* Windows for taxes.
Since my business was network security and I had root access to many customers' servers, nearly 20 years ago we decided Windows wouldn't be allowed on our network, and I've yet to have any need for it whatsoever. It's never even been an issue at all. The one thing I do use Windows for is I now work for another company that uses MS SQL, so using Microsoft's SQL client is convenient. Even that one use is going away as the company has decided MS SQL is unsustainable, so they'll need to switch to Postgres or MySQL / MariaDB.
I don't know, when just two or three companies have such a big chunk of the online space, government forcing a break up may be the only option. Three-quarters of online traffic goes through just the top two companies, CompuServe and Prodigy. Oh sorry, not anymore. Those companies went away when someone else offered something better. Three quarters of online traffic flows through AOL and Yahoo. No sorry it changed again. Yahoo has been beaten out by Altavista, and AOL is the main ISP. Fuck it's hard to keep up. You say Altavista, the mighty Altavista is gone? So it's AOL and who that run the whole internet now? What? No AOL? Dang the government should has done an amazing job breaking up all the online powerhouses.
I wonder why you were modded down. Seemed informative to me. It seems you corrected an error in my post. Thanks for that.
My educated guess from 20 years in computer security:
The graphical UI it gives up after a few tries, which is reasonable. Unit tests tested that you can login that way and maybe tested that it gives up.
Separately, on the underlying Unix side they may have tested that part well - if you enter a correct password you get in, an incorrect password doesn't get you in.
In Integration testing UI designers made sure it WORKS - you can log in that way. They didn't test crazy shit like entering a million-character password, entering no password over and over, etc. Who would do that anyway? Besides, "garbage in, garbage out", right?
No! "Garbage in, garbage out" is not okay for anything related to security, or really anything connected to the web. Security stuff has to expect garbage input of all kinds - megabytes of input when only a few bytes are expected, passwords with line feeds, empty input, etc. It has to be "garbage in, denied". Which normally means checking for whitelisted sane input first, and denying if the input is anything other than what you expected. Applications exposed on the internet are similar - you have to expect you'll be attacked a thousand times a day.
Therefore it's not enough to test that it works. You have to think about all the ways it could fail, ways it could not work, and test those.
> Hell a firewall breaks net neutrality's basic tenant.
> No, it doesn't. It's almost like you don't understand the principles at all.
> NN deals with ISPs and other public network operators. It has no bearing on how you secure your own boundary.
That makes sense. If you have no idea how spam, DOS, etc work.
A very typical DOS attack has the attacker sending small DNS requests to ten thousand different servers. The servers reply, sending the (larger) answer to the apparent source of the request. The source IP has been forged, though, so the replies all go to the victim. There are two good, easy solutions to amplification attacks, and then a bad solution that doesn't really work.
First, best solution:
By the time the request packets hit an internet backbone, the routers see that the source IP header doesn't match the network that connect to that port. In other words, they are forged. The backbone drops the traffic as it tries to enter. The packets therefore only exist on the attacker's side and maybe his local ISP - he's really just DOSing himself, using up his own resources in a failed attack.
Second best:
The backbone sees the flood of DNS requests coming from 40.8.10.213 and recognizes the attack. They drop DNS traffic, or all traffic, from the attacking IP. Once again, the attack doesn't get much past the attacker's network, so it does little damage other than wasting the attacker's time.
Failed "solution":
The victim sees they are being flooded with 100Mbps of DNS responses filling their internet connection. The packets are coming from all over the place. They start blocking the IPs where the packets came from (the servers of major web sites) at their local firewall. All that accomplishes is that their users can no longer access any of the web sites which the attacker bounced packets from (thousands of legitimate web sites). It doesn't solve the problem that their internet connection has become useless because it's filled with reply packets that the attacker triggered. Blocking at the local firewall only makes things WORSE for most DOS attacks. The victim blocking at their firewall also doesn't help their ISPs network, which is being flooded. In fact, if the firewall is set to reject the flood packets, that's even worse for the ISP, who now gets to handle a bunch of icmp reject notices coming back.
Spam is similar. Spammers don't send all their spam directly from their office IP to the destination. That would make it trivial to block them, if all the millions of spams they sent out had the spammer's IP address. Instead the spammer's send their millions of spams through millions of open relays, proxies, bots, etc. You'll never be able to block every infected desktop that's being used to send spam. What someone (who operates a backbone) can easily block is the offices of the company that sends millions of spams, blocking them so they can't send the spam TO the open proxies, bots, etc. That block has to happen BEFORE they reach the millions of proxies - the spam office can't be allowed to send traffic across the backbone in the first place. One they've reached their 100,000 proxies or bots it's too late - it's 100,000 harder to stop at that point.
In general, it's several thousand times more effective to stop attacks and spam close to the source. It's just not possible for every internet user to daily update the millions of bots and relays that the bad guys use - and it wouldn't work of they did, because the DOS would still flood their internet connection offline.
--
Random text because Slashdot doesn't like posts which use the same words repeatedly. Therefore I now utilize some distinct ones which are not above. Horseradish tile shampoo towel Coca-Cola Mountain Dew mustard. Ketchup mayonnaise latex phenylketonurics and pulmonary restriction of the sciatic nerve. Tobacco products odorize gaseous atmospheres indoors. Communication protocol standard required committee approval meeting. Duplicative processes corporate requirements. Pumpkin fruit pie Thanksgiving whipped cream. Lemonade soda coffee tea. Marshmallows swimming in hydrogen monoxide soften quickly. Queso Blanco will be a good snack after I write arbitrary sentences to get around something silly.
> buying a house or a new-ish trailer just isn't in the cards for you. In fact you'd be lucky to buy a crappy old trailer for $5000 ... Then you have the crappy car that needs repairs every couple weeks. And just try and buy food after all that. This person woudl LOVE to think "long-term" you jack-ass.
I lived in trailer worth $1,500 while riding a bicycle to work flipping burgers. So I can understand not being able to afford a new house. What didn't do when I couldn't afford a new house is I didn't spend half my check on a new double wide which would depreciate $25,000 in the first five years. When you're broke is exactly when you can't afford thousands of dollars of depreciation every year.
Instead I thought long term - I lived somewhere that not only wouldn't leave me more broke by depreciation, but it was so cheap I could afford to save some of my burger-flipping money for a long-term goal. A year and a half ago I bought my family a 3,500 square foot house using the money I didn't spend on a $80,000 double-wide plus $200 / month lot rent that would be worth half that much a few years later.
> Net Neutrality, is an easy set of rules to follow. Treat every packet like any other one.
Treating low-bandwidth flows that extremely sensitive to jitter (ex VoIP) the same as you treat high bandwidth flows that don't care about jitter (ex Netflix) would make everything work poorly. If all packets were treated the same, 1960s-style, your video would stutter so bad it would be unwatchable in 352 Ã-- 288 and your VoIP would have sounds arriving in the wrong order, so "hello jellomizer" would arrive as "lloeh mijellozer". Fortunately, the hundreds of pages of NN rules that were in effect for a year and half weren't quite that stupid.
An early draft DID say spam and spoofed packets had to be treated equally as legitimate packets, but we got the most obvious cases of stupid fixed. For security and prevention of DOS it's important to block spoofed and malicious packets as close to the source as possible and that wasn't completely made illegal by the NN rules as approved in 2015. It was damaged, but not completely barred in all cases like "treat every packet the same" would do.
People who don't know a port from a fragment do say "treat everything exactly the same" because they don't have any idea how carrier networks work, but policy makers at the FCC aren't listening to Facebook meme-based comments. One Congresswoman did, dangerously, but that was handled.
Unfortunately, there are several books each a thousand pages or more teaching network optimization methods to get the right flows into the right paths in the right order to provide the desired combination of jitter, packet loss, latency, and bandwidth that's needed for each type of flow. We moved away from mostly packet-based policy a long time ago - each packet is part of a flow. The user experience is based on the flow, such as a video stream or http response, so we focus most of our attention on flows, rather than tiny artificial, arbitrary pieces of data within the flow (packets). In other words, making routing, policing, and queueing decisions a million times, for a the million separate packets in a video, would be stupid - instead we make those decisions once, based on "he wants to watch a pre-recorded video, which will be buffered". Packet level stuff mostly comes into play because we know real-time flows such as RTP tend to have much packets that need to arrive in order, at equal intervals, while YouTube videos have much larger packets that are fine with being delivered in bursts, because it's buffered anyway.
Anyway the point is, I only know maybe 15% of what there is to know about how to most effectively provide the best network performance for each thing you want to do on the internet, because I've only read maybe 4,000 pages on the subject. The best engineers, the CCIEs, apply tens of thousands of pages worth of knowledge to get the right packets where they need to be at the right moment, with the right volume of packets vs the acceptable packet loss.
It's a complex science. Rules telling them how they must do it must take into account the complexity. Not only the complexity of the network technologies that are common in carrier networks today, but emerging technologies. Otherwise, the rules will be either damaging, ineffective, or both. (And the 2015 included plenty of both)
That made me laugh, and made me curious, "what's up with the capitalization of the Constitution? I looked it up.
In the 1700s, it was common / correct to capitalize nouns in English. It still is in other languages, such as German. The practice was fading in the late 1700s, so like the Oxford comma today, it was arguable. Morris, who wrote the Constitution itself, chose to capitalize nouns. Two years later, they decided on the newer style for the Bill of Rights and used lower case. Just as today a document that isn't supposed to used Oxford comma may have one slip in accidentally, there are some inconsistencies in capitalizing nouns in the Constitution.
On the Oxford comma - sometimes it's needed for clarity. Sometimes it needs to be avoided for clarity. Just make the sentence clear.
It depends on what the meaning of "it" is.
- Bill
> Total bans encourage workarounds and workarounds yield security breaches every single time.
That's certainly very true. Neither of us said people SHOULD engage in workarounds, but they DO. The more that a security measure is a PITA, the more people don't follow it. Right or wrong. Especially powerful people who are accustomed to being able to do what they want, generally - they aren't accustomed to being treated like children. In business, CEOs break security protocols more than anyone else because they are accustomed to making their own rules.
We all remember the results of the State Department email system being "inconvenient" (assuming you believe setting and a separate private mail server was really for convenience, and not for "heck no I don't write anything down! It could be subpoenaed!" (yes she actually said that).
On the other hand, you obviously want strong security measures inside the White House. I'm not sure there is a good solution that will actually work well. The best I can come up with is requiring all relevant White House staff to have two government-issued phones, one for work, one for personal, both secured. You can say "they just have to follow all the security best-practices", but saying that doesn't make it happen.
You assume newer is always faster. That's not necessarily so. Internet Explorer got slower and slower with each version. Vista was slower than XP. In the Linux world, going from 32-bit to 64-bit makes it slower, all other things being equal. It's entirely *possible* than a newer systemd will slow things down as it gets bigger and bigger - compare an old, small editor such as vi/vim vs the newest MS Word. Newer and bigger sure can be slower.
On the other hand, as someone else commented:
> Linux distro produced by Intel, tuned by Intel for latest Intel hardware, works fastest of any distro on latest Intel hardware.
If I build a new table, I have exclusive control of that table, it's my property.
If you catch a fish, you have exclusive control of that fish, it's your property.
If you build a new method of mixing paint in a sealed can, you exclusive control of that method, it's your property.
The government issues you a document recognizing your ownership of your car. The government issues a document declaring your ownership of your house. The government issues a document declaring your ownership of your invention.
It seems a lot like property to me, but actually it doesn't matter. Certainly a patent fight is a controversy under federal law. I don't see any fundamental reason we can't allow a patent holder to exercise their Constitutional right to a jury trial "in all controversies arising" under federal law. A quicker, less expensive adminstrative hearing can resolve most cases without having to go to court, but ignoring the plain language of the seventh amendment in order to deny patent holders their right to a judicial hearing seems a bit crazy to me.
You're quite right. If they specifically target 325 named government officials, as in this case, with tailored emails, that's spear phishing and very much the kind of thing sophisticated professionals will do. Once they have access using the credentials of the deputy director of the NSA, they would then move laterally to own most of the NDA network.
Targets such as the director, deputy director, and top network / database administrators is gold. That's even better than arbitrary code execution on some random system with an unprivileged account, which is what Hollywood-style hacking normally results in. (Though if you can follow that up with privilege escalation on a critical system, that gets even more interesting).
Yes, indeed I do this for a living.
First, no, it's called "business personal property tax". Businesses pay ANOTHER tax every year for owning things, such as desks and staplers. This has nothing whatsoever to do with income tax. If you've never run a business, you could be forgiven for thinking that the only taxes are income taxes and sales tax (but please don't vote if you think that); businesses pay a dozen separate kinds of taxes, filing taxes at least 12 times per year.
> "take deductions equal to the cost of my desk, stapler and printer divided over the useful life (MACRS) ... Either that or your accountant is not very good.
Maybe you're accountant isn't an accountant, he's just trying to play accountant on Slashdot. Items costing $2,500 or less each can be fully expensed in the first year. No need to wait five years for those tax savings, but more importantly no need to spend $30 tracking depreciation on each $10 stapler! If you're tracking depreciation on staplers, you're very much Doing It Wrong. For items over $2,500, you also expense $500,000 of equipment annually.
You're right, the guy complaining doesn't pay an annual tax on most of his property. In many states businesses DO pay an annual tax on objects they own, which is an expensive pain in the ass which generates little revenue compared to the expense. Individuals are MUCH better off in this regard. As a business owner, I pay annual taxes on my desk, my stapler, my printer, etc.
The observers supporting the patent review board in this case mostly seem to be coming from the perspective of "stopping bad patents as easily as possible is good". I'd certainly agree with that!
The issue on the other side is that the Constitution has two things to say about the matter. The federal government *Constitutionally* can't take things without due process of law (opportunity for a trial), and the seventh amendment guarantees the right to a *jury* trial for "controversies".
This tension between the efficiency of an administrative decision by the executive branch and Constitutional right to a jury trial has been successfully overcome with respect to decisions by IRS, FCC, FAA, etc. The key is to write the law in such a way that an administrative decision (faster and cheaper) can be appealed to a court (Constitutionally required) and the court will take due notice of the administrative body's decision and the reasoning behind that decision. That way you get the best of both worlds.
To use the IRS as an example, if a revenue or collections officer makes a decision you disagree with, you can first appeal to an separate appeals board using a Collections Due Process request. To maintain Independence, appeals employees generally aren't even allowed to talk to collections and revenue officers (with some minor exceptions). If you don't like the outcome of the appeals hearing / discussion, you can then appeal to the federal courts. The court will take notice of the IRS decision, so MOST of the time, if someone lost their argument with the Collections office and lost against with the appeals office, they have a weak argument and will lose in court. But they CAN go to court if they want to, and that preserves their rights.
Most issues are handled fairly efficiently - even if the revenue officer is wrong, the appeals office can correct it. That in no way limits someone's right to go to court, though. A similar process is supposed to be there for patent appeals decisions. If you think the patent appeals board got it wrong, you should be able to go to court. Because the court will read the appeals board decision and if it makes sense the court will uphold it, the board decision should be a strong predictor of how a court will decide. In other words, once the board decides, it's not likely that the court will reverse it unless the board is clearly wrong. That should, and apparently does, discourage patent trolls from pursuing a court action if the board rules their patent invalid.
Plaintiffs in this case say that the exact procedure allowed for appealing to the court doesn't meet the Constitutional imperative. They may be right. If so, the process will simply need to be adjusted to be more like the process uses to appeal IRS decisions, which has been held Constitutional.
10 CPUs with 72 cores each is 720 cores.
750 SOCs with 4 cores each is 3,000 cores (and RAM and motherboards included).
The point is to have a massive number of cores in a large number of machines, to simulate a large number of machines, at the budget point. Your idea would have 75% fewer cores.
> shared memory
Yep, that's another problem with your idea. It would no longer be an accurate simulation. Well except your plan doesn't include any RAM at all. Or motherboards, networking, etc. You're going to need to buy 750 network cards to simulate 750 machines, motherboards each capable of holding 18 cards, a number of storage devices, etc. So maybe FIVE 7290 CPUs with exotic motherboards plus RAM, network cards, storage, etc. Five 7290s would provide 360 cores, vs the 3,000 cores they got with the Pis.
Now AFTER the research yields fruit, in a couple years someone might want to put the ideas into production using fifty 72-core processors which may cost $2,000 each.