The problem isn't CRC vs secure hash, the problem is the number of bits available. He's not concerned about an attacker sneaking collisions into his filestore, and he always has the option of either a byte-by-byte comparison or choosing some number of random blocks to confirm the files are in fact the same. But 32 bits isn't enough simply because he's guaranteed to get collisions even if all the files are different, as he has more than 2^32 files. But using two different 32-bit CRC algorithms, for example, wouldn't be "secure" but would be reasonably safe. But as he's going to be disk bound, calculating an SHA-512 would be reasonable, as he can probably do that faster than he can read the data.
I confess, if I had a modern i5 or i7 processor and appropriate software I'd be tempted to in fact calculate some sort of AES-based HMAC, as I would have hardware assist to do that.
That involves reading every byte.
It would be faster to read the bytecount of each file, which doesn't involve reading the files themselves as that metadata is available, and then exclude from further examination all the files which have unique sizes. You could then read the first block of each large file, and discard all the files that have unique first blocks. After that, CRC32 (or MD5 or SHA1 --- you're going to be disk-bound anyway) and look for duplicates that way.
"It's at this point that @Rileyy_69 began lashing out with offensive tweets"
Actually, it isn't. A glance at his history (now, unfortunately, protected) showed that threatening rape, assault on pregnant women, knifing, strangling and the rest was his long-term form. As it happens, Twitter, which is fast becoming a sewer, is full of people talking like that, and it's only because he was foolish enough to get involved in a public figure that it came to attention. But that doesn't make it any less unpleasant. Clearly, he's like that all the time.
Everyone in the UK has the choice to switch, especially away from a tier-two LLU carrier. There is not a single line in the country for which Claranet is compulsory, the default choice or in any way anything other than an active choice. They don't even advertise much, so you have to seek their services out (indeed, I'm slightly surprised to learn they haven't been bought by one of the bigger players).
I used SunOS/Solaris as my desktop for twenty years, with everything from SunTools and NeWS through various X window managers through to their Gnome port. It was the Gnome port that finally made me realise I was wasting my time and (like a lot of Solaris developers) I switched to OSX on my desktop. It just works so well.
If you've spent any time around amateur theatre or amateur orchestras, you'll know that the real objective is to provide entertainment for the participants, and the interests of the audience come a long way down the list. If you go along to a concert by an amateur orchestra (and you don't, unless it's your wife or your child playing), then you simply don't have the same expectations as if it's professional, because the orchestra wants and audience so long as it doesn't have to compromise its own interests.
"However, Ecuador will not extradite Assange to the US or any other country"
Why not? The USA's not currently trying to extradite him, but if they did, Ecuador's got an extradition treaty with the USA. Why would Ecuador go out of their way to protect him?
"Assange is apparently on good terms with the president of Ecuador"
Perhaps. But why would he want to risk an international incident for him is a separate question.
You wouldn't accept the bona fides of Sweden, but would trust the government of Ecuador to behave honestly and protect your interests? Really?
Anyway, Ecuador don't have a dog in this fight other than Assange turning up on his doorstep. If their government accepted a fugitive from justice and then exported him from the UK, I'd predict that the UK would break off diplomatic relations and expel their diplomats. Which isn't going to cause the UK any pain; I have no idea what the implications of that for Ecuador are. Other EU states might follow suit if Ecuador announce that they'll provide a route of out jurisdiction for anyone faced with EU arrest.
"So if you are in Greece, you seem to have a bad option for storing your cash, and an even worse one."
You've got loads of other choices, though. Other EU or Swiss banks, denoted in Sterling, Dollars or Euros. Other EU government paper (including non-Eurozone paper like UK). Euro, Dollar or Sterling cash. Any number of options.
I'm not clear what signing a key with another, self-signed, key achieves. Why not just cache certificates presented by servers, and complain if a server you have previously contacted presents a fresh certificate for reasons other than expiration?
This has always been possible in theory -- obviously, the computer software has to generate the output so it must have the seed in an accessible form; probably under several layers of obfuscation and encryption
There are some slightly better techniques: McCune's Flicker system leverages TPMs (which any corporate laptop will have) in a way which means you can perform cryptographic operations securely unless the attacker can compromise the hardware in a pretty fundamental way. It would be ideal for implementing soft-tokens.
All from Joe and Sally Sixpack who don't have enough sense to, in affect, close their blinds when they undress for bed at night, or shout all of their telephone conversations, or leave their cars and houses unlocked and the windows down or open. So, what are folks to do when they pass by, plug their ears and close their eyes for 600 feet?
Real-world analogies are always suspect, but even if people are undressing with the curtains open, anyone who films them doing so does so at their legal peril in most jurisdictions. The people undressing with the curtains open may also be committing an offence ("indecent exposure" in UK law) but tu quoque isn't a defence.
The law regarding recording telephone conversations is more variable, but most jurisdictions have a "so long as one party consents" law, which in this case wouldn't be met. It doesn't matter, in UK law at least, whether the recording is done on the electrical or the acoustic side of the proceedings, and I'd be surprised if other legislation draws that distinction: recording phone calls with a sucker mic on the receiver is just as illegal as doing it electrically.
Engineers may like to believe that the burden of enforcing privacy lies with the subject, but law, and social mores, tend to make it an offence to overtly intrude on the privacy of even those unaware they are not maintaining it.
You might joke, but for the last twenty years, the RAF haven't faced any opponents where a competently flown late Spitfire wouldn't have been more than adequate. I guess for ground attack some new old stock Typhoons might be more appropriate, but the days of the RAF being able to demand limitless money for fast jets to counter the Russian menace are over: the potential enemies simply don't have the equipment.
Seven lower case characters is only a problem if the web service either (a) leaks hashes or (b) fails to use proper rate limiting and locking after bad login attempts. If a web service permits a brute-force dictionary attack, that's astoundingly poor practice. If it rate limits (three bad login attempts and you're grounded for ten minutes, three cycles of that and your account is locked permanently) then the attacker only gets nine guesses. Seven lower case letters is perfectly reasonable in that case, modulo using your username as your password or something equally silly.
It's not the damage to the purported painting behind the wall, it's the damage to the integrity of a building whose decorations have been in situ for over four hundred years. They're not talking about drilling holes in a wall painted with magnolia emulsion to get at whatever lies behind, rather doing serious damage to frescos by Vasari. That requires that you believe the remains of a painting which Leonardo himself severely damaged with braziers and part melted off the wall are of more intrinsic worth than the long-standing paintings by a non-trivial figure than have been on the walls of that room since it was given its present form. There are other artists apart from Leonardo, you know.
Google Translate does a reasonable job of the Italia Nostra press release (http://goo.gl/KcLTn) which is worth reading. That television funding has been made available for the work is dubious, to say the least: they're not going to care about Vasari, are they?
The problem now is that we're heading into "stuff that Leonardo stood on the other side of the road to is touched with his genius" obsession.
I recently went to the (London) National Gallery Leonardo exhibition, at which a substantial proportion of his surviving works were brought together (both Madonna of the Rocks, for example) and the paintings that survive in a decent condition are astoundingly good: you can argue the toss about the relative merits of Da Vinci, Velasquez, Rembrandt and the rest, but that's the company he's clearly keeping.
However, what you don't get in an exhibition of Velasquez to anything like the same extent is the huge slew of "school of", "preparatory sketch for", "disputed", "attributed" and so on. There's plenty of Velasquez (or Goya, or Titian, or at a slightly less major level Turner) to go around, and therefore there's not the same perceived need to drag up everything last scrap of paper. A lot of the stuff that's of disputed provenance (or even, in the case of Salvator Mundi, is of broadly accepted provenance) wouldn't be held in anything like the esteem it is on purely artistic grounds --- Salvator Mundi was sold without the attribution for less than fifty quid just over fifty years ago, for example, and even though otherwise sensible people can write of Madonna of the Yarnwinder "The merest touch of Leonardo's genius is better than almost anyone else's signature work" (http://goo.gl/f3B88) there's a real whiff of idolatry to this attitude. Clearly, if you want to be regarded highly as an artist, make sure a lot of your paintings decay and you have only a small pool of material for later enthusiasts to obsess over.
In this case, the chances of there being a recoverable painting are close to zero: there are accounts of the paint being melted off the wall with braziers. There's a copy by Reubens of the section that was completed, but a lot of the rest was lost anyway. The painting that's having holes drilled in it is a not inconsiderable piece. âoeBut if I had to choose, I would choose Leonardo,â rather gives the game away.
There is something slightly sad about kids being convinced that their elite skills mean they are undetectable finding that actually national agencies are not totally ineffective. It's a sort of hacker Dunning-Kreuger effect: people who might be able to convincingly shield their identity on-line aren't confident about it and therefore take additional precautions, while those who are confident may find their confidence is misplaced.
Very few people in the UK subscribe to magazines, because we have a huge number of newsagents. Some of them are national chains --- WH Smith, John Menzies --- who do double-duty as distributors and wholesalers. But most are sole-trader corner shops, which do newspaper delivery, sell milk and often host sub-postoffices. They stock a wide range of magazines on what amounts to sale-or-return, and will get you pretty well anything else. City centre or railway station newsagents will stock a wide range of international publications as well, and if you go to a newsagent in London near a railway station you'll be able to buy most of the European newspapers as well (last week in London I was able to buy that day's L'Equippe over the counter to read with lunch, admittedly a late lunch).
There's a middle-class tradition of subscribing to Private Eye, partly because in the 70s and 80s it was slightly harder to get over the counter due to WH Smith's refusal to handle distribution, and partly because they make it insanely cheap to do so because they need the cashflow. If you want The New Yorker or US Wired or something, again you get a subscription because, even airmail, it's half the price of buying it over the counter (I subscribed to US Wired from 1.2 until it became a life-style magazine, and I've subscribed to The New Yorker for fifteen years or more), and the same applies to things like Time. But for UK-published general interest magazines, it's usually bought at a newsagent or delivered by a newsagent. "Trade" publications, for which a lot of the readership will either get it free or have it paid for by their employer, are done by post, but that's a rather different market.
So that's why there's no subscription cards (or very few). They'll sell you a subscription if you want, but it'll normally cost you twelve times the cover price. They might throw in a small discount or a gift, and you're probably getting the postage for free, but it's lot like US publications where even an international airmail subscription is about half the cover price. You might opt for a subscription if you live in the sticks where there's no handy newsagent, or as a way of giving a gift at Christmas, or if the magazine you want doesn't have proper distribution. But in general, you don't. That we have as a household three magazines on subscription, and have had as many as six, is extremely unusual in urban England.
No, he really wasn't. Firstly, a "Don" is used of any Oxbridge lecturer; there is no such thing as "the Don ". Secondly, he was a professor of Anglo-Saxon (ie, not English) for many years, and then latterly a professor of English more generally but whose research, teaching and other interests were entirely based around Anglo-Saxon. He was most certain not an expert on how "the language" worked, etc, if by "the language" you mean anything written subsequent to Chaucer (if not earlier). Tolkein may have been an expert on Anglo-Saxon (although, as recounted by Larkin and Amis, a very boring one), but as he was writing in English, that hardly matters.
Tolkein was writing for adults. Rowling was writing for children. To attempt to make a "standards are falling, you know" point out of that is a category error.
Slashdot Mirror
I confess, if I had a modern i5 or i7 processor and appropriate software I'd be tempted to in fact calculate some sort of AES-based HMAC, as I would have hardware assist to do that.
That involves reading every byte. It would be faster to read the bytecount of each file, which doesn't involve reading the files themselves as that metadata is available, and then exclude from further examination all the files which have unique sizes. You could then read the first block of each large file, and discard all the files that have unique first blocks. After that, CRC32 (or MD5 or SHA1 --- you're going to be disk-bound anyway) and look for duplicates that way.
"It's at this point that @Rileyy_69 began lashing out with offensive tweets"
Actually, it isn't. A glance at his history (now, unfortunately, protected) showed that threatening rape, assault on pregnant women, knifing, strangling and the rest was his long-term form. As it happens, Twitter, which is fast becoming a sewer, is full of people talking like that, and it's only because he was foolish enough to get involved in a public figure that it came to attention. But that doesn't make it any less unpleasant. Clearly, he's like that all the time.
Nonsense. iWork runs on 10.4 on a PPC machine.
Everyone in the UK has the choice to switch, especially away from a tier-two LLU carrier. There is not a single line in the country for which Claranet is compulsory, the default choice or in any way anything other than an active choice. They don't even advertise much, so you have to seek their services out (indeed, I'm slightly surprised to learn they haven't been bought by one of the bigger players).
They've stepped the civil offence up to a criminal one by claiming conspiracy to infringe copyright, which makes it criminal.
I used SunOS/Solaris as my desktop for twenty years, with everything from SunTools and NeWS through various X window managers through to their Gnome port. It was the Gnome port that finally made me realise I was wasting my time and (like a lot of Solaris developers) I switched to OSX on my desktop. It just works so well.
And so, Linux desktops...
Why not? The USA's not currently trying to extradite him, but if they did, Ecuador's got an extradition treaty with the USA. Why would Ecuador go out of their way to protect him?
"Assange is apparently on good terms with the president of Ecuador"
Perhaps. But why would he want to risk an international incident for him is a separate question.
Anyway, Ecuador don't have a dog in this fight other than Assange turning up on his doorstep. If their government accepted a fugitive from justice and then exported him from the UK, I'd predict that the UK would break off diplomatic relations and expel their diplomats. Which isn't going to cause the UK any pain; I have no idea what the implications of that for Ecuador are. Other EU states might follow suit if Ecuador announce that they'll provide a route of out jurisdiction for anyone faced with EU arrest.
" criminals are highly unlikely to be able to gather all expended brass"
Because they're too stupid to buy revolvers?
"Certainly there are ways to subvert this,"
By using a revolver?
"So if you are in Greece, you seem to have a bad option for storing your cash, and an even worse one." You've got loads of other choices, though. Other EU or Swiss banks, denoted in Sterling, Dollars or Euros. Other EU government paper (including non-Eurozone paper like UK). Euro, Dollar or Sterling cash. Any number of options.
I'm not clear what signing a key with another, self-signed, key achieves. Why not just cache certificates presented by servers, and complain if a server you have previously contacted presents a fresh certificate for reasons other than expiration?
There are some slightly better techniques: McCune's Flicker system leverages TPMs (which any corporate laptop will have) in a way which means you can perform cryptographic operations securely unless the attacker can compromise the hardware in a pretty fundamental way. It would be ideal for implementing soft-tokens.
Real-world analogies are always suspect, but even if people are undressing with the curtains open, anyone who films them doing so does so at their legal peril in most jurisdictions. The people undressing with the curtains open may also be committing an offence ("indecent exposure" in UK law) but tu quoque isn't a defence.
The law regarding recording telephone conversations is more variable, but most jurisdictions have a "so long as one party consents" law, which in this case wouldn't be met. It doesn't matter, in UK law at least, whether the recording is done on the electrical or the acoustic side of the proceedings, and I'd be surprised if other legislation draws that distinction: recording phone calls with a sucker mic on the receiver is just as illegal as doing it electrically.
Engineers may like to believe that the burden of enforcing privacy lies with the subject, but law, and social mores, tend to make it an offence to overtly intrude on the privacy of even those unaware they are not maintaining it.
You might joke, but for the last twenty years, the RAF haven't faced any opponents where a competently flown late Spitfire wouldn't have been more than adequate. I guess for ground attack some new old stock Typhoons might be more appropriate, but the days of the RAF being able to demand limitless money for fast jets to counter the Russian menace are over: the potential enemies simply don't have the equipment.
Seven lower case characters is only a problem if the web service either (a) leaks hashes or (b) fails to use proper rate limiting and locking after bad login attempts. If a web service permits a brute-force dictionary attack, that's astoundingly poor practice. If it rate limits (three bad login attempts and you're grounded for ten minutes, three cycles of that and your account is locked permanently) then the attacker only gets nine guesses. Seven lower case letters is perfectly reasonable in that case, modulo using your username as your password or something equally silly.
I guess all that talk about how keen Turkey is to join the EU is just that: talk.
It's not the damage to the purported painting behind the wall, it's the damage to the integrity of a building whose decorations have been in situ for over four hundred years. They're not talking about drilling holes in a wall painted with magnolia emulsion to get at whatever lies behind, rather doing serious damage to frescos by Vasari. That requires that you believe the remains of a painting which Leonardo himself severely damaged with braziers and part melted off the wall are of more intrinsic worth than the long-standing paintings by a non-trivial figure than have been on the walls of that room since it was given its present form. There are other artists apart from Leonardo, you know.
Google Translate does a reasonable job of the Italia Nostra press release (http://goo.gl/KcLTn) which is worth reading. That television funding has been made available for the work is dubious, to say the least: they're not going to care about Vasari, are they?
The problem now is that we're heading into "stuff that Leonardo stood on the other side of the road to is touched with his genius" obsession.
I recently went to the (London) National Gallery Leonardo exhibition, at which a substantial proportion of his surviving works were brought together (both Madonna of the Rocks, for example) and the paintings that survive in a decent condition are astoundingly good: you can argue the toss about the relative merits of Da Vinci, Velasquez, Rembrandt and the rest, but that's the company he's clearly keeping.
However, what you don't get in an exhibition of Velasquez to anything like the same extent is the huge slew of "school of", "preparatory sketch for", "disputed", "attributed" and so on. There's plenty of Velasquez (or Goya, or Titian, or at a slightly less major level Turner) to go around, and therefore there's not the same perceived need to drag up everything last scrap of paper. A lot of the stuff that's of disputed provenance (or even, in the case of Salvator Mundi, is of broadly accepted provenance) wouldn't be held in anything like the esteem it is on purely artistic grounds --- Salvator Mundi was sold without the attribution for less than fifty quid just over fifty years ago, for example, and even though otherwise sensible people can write of Madonna of the Yarnwinder "The merest touch of Leonardo's genius is better than almost anyone else's signature work" (http://goo.gl/f3B88) there's a real whiff of idolatry to this attitude. Clearly, if you want to be regarded highly as an artist, make sure a lot of your paintings decay and you have only a small pool of material for later enthusiasts to obsess over.
In this case, the chances of there being a recoverable painting are close to zero: there are accounts of the paint being melted off the wall with braziers. There's a copy by Reubens of the section that was completed, but a lot of the rest was lost anyway. The painting that's having holes drilled in it is a not inconsiderable piece. âoeBut if I had to choose, I would choose Leonardo,â rather gives the game away.
I presume I needed tags around "elite".
There is something slightly sad about kids being convinced that their elite skills mean they are undetectable finding that actually national agencies are not totally ineffective. It's a sort of hacker Dunning-Kreuger effect: people who might be able to convincingly shield their identity on-line aren't confident about it and therefore take additional precautions, while those who are confident may find their confidence is misplaced.
There's a middle-class tradition of subscribing to Private Eye, partly because in the 70s and 80s it was slightly harder to get over the counter due to WH Smith's refusal to handle distribution, and partly because they make it insanely cheap to do so because they need the cashflow. If you want The New Yorker or US Wired or something, again you get a subscription because, even airmail, it's half the price of buying it over the counter (I subscribed to US Wired from 1.2 until it became a life-style magazine, and I've subscribed to The New Yorker for fifteen years or more), and the same applies to things like Time. But for UK-published general interest magazines, it's usually bought at a newsagent or delivered by a newsagent. "Trade" publications, for which a lot of the readership will either get it free or have it paid for by their employer, are done by post, but that's a rather different market.
So that's why there's no subscription cards (or very few). They'll sell you a subscription if you want, but it'll normally cost you twelve times the cover price. They might throw in a small discount or a gift, and you're probably getting the postage for free, but it's lot like US publications where even an international airmail subscription is about half the cover price. You might opt for a subscription if you live in the sticks where there's no handy newsagent, or as a way of giving a gift at Christmas, or if the magazine you want doesn't have proper distribution. But in general, you don't. That we have as a household three magazines on subscription, and have had as many as six, is extremely unusual in urban England.
No, he really wasn't. Firstly, a "Don" is used of any Oxbridge lecturer; there is no such thing as "the Don ". Secondly, he was a professor of Anglo-Saxon (ie, not English) for many years, and then latterly a professor of English more generally but whose research, teaching and other interests were entirely based around Anglo-Saxon. He was most certain not an expert on how "the language" worked, etc, if by "the language" you mean anything written subsequent to Chaucer (if not earlier). Tolkein may have been an expert on Anglo-Saxon (although, as recounted by Larkin and Amis, a very boring one), but as he was writing in English, that hardly matters.
Tolkein was writing for adults. Rowling was writing for children. To attempt to make a "standards are falling, you know" point out of that is a category error.