I'd like to see phones that have enough smarts built in to try establishing a direct connection with the other phone instead of always going through the phone company's tower.
Can these phones talk directly to each other without going through a WEP?
A $10 rental with NO DEPOSIT and NO OBLIGATION TO RETURN IT.
Sounds like I can walk in, plop down ten bucks, and walk
out with a perfectly good hunk of hardware and no one will
come looking for me if I never bring it back.
I wonder when the first hack instructions will show up?
Does the GPL say they have to publish their source code???
Nope. Go read it.
The GPL allows for them to accompany their binaries with
an "offer" to send you the source at no more than their cost
to do so. For all practical purposes, merely including a
copy of the GPL varbage and some sort of contact information
for themselves completely meets those terms.
Use the contact information. Ask for the source.
Be willing to pay duplication, shipping, and handling
because they're not obligated to put it on the
Internet. (Remember, the GPL was born in the days when
you were expected to send your own blank tape and
self-addressed return packaging.) If you send your
request by registered mail and they don't respond
in a timely manner then, maybe,
you could have a case against them for license violation.
We made a similar decision when I was a developer at
Merge Technologies, that
we would not make any effort to "push" the source. Instead,
we would wait for requests and answer them as needed.
As far as I know, it has never been needed. Not many
hobbyists buy medical imaging systems, I guess.
My guess is that Linksys people probably hoped that the
demand for mucking about on their hardware platform would
be even lower than the demand for
Midori Linux,
you know... something like two or three hundred requests, max.
(Hey, who knew it would end up slated for the
entire
population of China?!?)
This "coast-to-coast 802.11" idea is just another proof
that far too few people know how to do a quick mental
exercise called, "reality check".
Remember the time when someone was trying to get everybody
to point their laser pointers at the moon at a certain
time on a certain night, hoping to light up the moon?
A "reality check" turns up the fact that they wouldn't
even make it through the atmosphere, diffused like headlights
in fog.
Even so with this 802.11 idea.
802.11 can be stretched only so far. Let's be
really generous and give it 10km. That means
that quite a few volunteers would have to be willing to
buy or build autonomous nodes to stretch across the
more desolate areas... and likely they'd have to haul
them into hazardous positions on their own backs to get
maximum range (across mountains, for example). That
equipment will have to be left in place for extended
periods of time, without service... so that'd require
solar or wind power too. How 'bout standing up to the
weather? Most off-the-shelf equipment wouldn't take
the extremes of hot and cold.
I am so glad that I opted to go with an Earthlink
connection (instead of TimeWarner's "RoadRunner" service).
Seeing articles about these people actively combatting
the very sources of SPAM just warms my heart. Hell, I'd
pay double for that kind of service.
I've been on Earthlink since sometime in August or September
and have had no problems at all. (I must say that the
TimeWarner installer-guy was way cool, too. He didn't much
favor TimeWarner but he knew what he was doing, for sure.
He had even heard of the Gateway/AOL "Touchpad"
that I had worked on for Transmeta! This guy was on the
ball.)
Jeez, do they have a "Donate to Earthlink" site? How 'bout
a "tip my install guy" link? Hey, now that sort
of thing would be sure to improve service, don't
you think?
When I worked at Transmeta, I found out why this behavior
happens... It's the MS Windows "Certification" qualification
statement about "boot time".
They officially measure boot time as the time from
turning on the power to the time when the "Start"
button shows up on the screen.
So all sorts of things get twisted around, delayed, etc.
by the OEMs just to make that damned button "clickable",
even though the action which is supposed to follow that
click won't happen for almost a minute.
So Dad and Son become "peers", because Son doesn't
get to use the computer otherwise.
Then Dad accidentally types "lashdot" instead of
"slashdot" and has to hard-reset to get
rid of the slew of pornographic pop-up windows that
result from his typo.
Son now has something to laugh about while he surfs
for porn on his buddy's old laptop or at the
public library.
I highly recommend Carl Sagan's "Baloney Detection
Kit" as described in his book,
The Demon-Haunted World:
Science as a Candle in the Dark.
Instead of just "warning signs" of bogus science, he gives
some objective tests which can be applied to nearly any
scientific claim.
If it matches any of the baloney detection tests it's not
just a wishy-washy might-be "warning sign", it's
proof that some part of the claim is bogus.
And for the curious, please...
DO NOT GO TO THE CARL SAGAN WEB SITE.
It's the rudest thing I've ever seen in my life, and does
a horrible discredit to the memory of the man.
Anyone remember reading Heinlein's The Moon is a Harsh
Mistress?
The first thing they're going to want to do is set up a
catapult to sling processed ore back to China. Then what
happens when they threaten to drop big cans of moon-rock
in places they're not wanted, like foreign cities, with
no parachute?
Did any of the Slashdot crowd pay attention in their
history class? Remember what the whole "space race"
was all about? The first country to establish a moon
base could rule the world. It could rain
destruction onto any point on the globe and it would
be almost impossible for other nations to effectively
counter-attack.
No "Star Wars" defense system is going to have much effect
on a big can full of rock. By the time it hits the atmosphere,
it would be too late to stop it from hitting the ground with
huge destructive potential. Heinlein
speculated something like a multi-megaton bomb.
So you download all the tunes from a CD by a "local" indie
band (local to someplace a thousand miles away). You just
wanted to "know what the rest of the CD is like". That puts
you a mere few clicks away from burning them onto a CD-R.
At that point you say to yourself, "Yeah, I like this.
I think I'll go hunting around at record shops to see
if anyone even knows who this band is so I can pay
fifteen bucks for the same CD I could burn myself and
a little bit of cover art. I'd pay to see them
perform too, if I ever find myself travelling through,
uh, Waukesha, Wisconsin."
Riiiiiight... You're a regular philanthropist.
Get real. You'd burn your own CD-R, leaving out a track
or two you didn't like and tossing in a few more
tracks since there's room, or a couple hundred more tracks
if your player handles mp3 disks.
What happens after that, well, it may help the band
gain popularity in some way... but quit using that lame
old line about mp3's making you want to go out and
buy the CD. Nobody should believe that.
it's experimentally falsibiable. The statement,
"oil will emulse better in water which has had all
dissolved gasses removed" can be put to the test,
and possibly disproved, and
you can duplicate this experiment in
the kitchen!
To remove all dissolved gasses from water, simply
heat the water at a "Low" setting and bring it
slowly to a boil. It's that simple.
There's a kids' science experiment to demonstrate
this effect at
http://www.bigelow.org/virtual/handson/diss_air.ht ml.
Watch for those air bubbles during heating to verify
that the water has dissolved gasses already.
Put the de-gassed water in a sealed container (a soda bottle)
and put some of the original water in an identical (but
labeled) container.
Collect water from other sources (tap, lake, well),
splitting those into original and de-gassed containers
in the same way. A sample from a fish tank is guaranteed
to have plenty of dissolved gasses, otherwise the fish
would be dead. Getting different water sources gives
reasonable independence from the effects of non-gaseous impurities (minerals, for example) on your results.
Let all water bottles come to the same temperature.
Choose an oil to try. Then for each bottle of water,
prepare another container with a small amount of oil.
Add a small amount of each type of water to those
oil samples and shake vigorously.
Quantify what you see by measuring the time
that it takes for all (or most) of the re-separation
to happen.
Remember, what you're looking for is any consistent
difference between the original and de-gassed samples.
You should have plenty of water left, so rinse out those
mixing containers and try different oils: canola oil,
corn oil, baby oil, motor oil, etc.
If you really want to be thorough, put all the
water bottles in the refrigerator to try the
experiment at another temperature.
If you try all this and you can't see any difference in
the mixing between the original and de-gassed water, then
you have disproved the theory. If you do see differences,
then you have successfully duplicated the experiment.
This is already the case with PayPal. You can use
PayPal to pay hundreds of different online vendors,
all from a pre-deposited account. Just like "NetCash"
tried to do, you pay first and then spend your "online"
currency in whatever miniscule amounts you want.
Problem is, there's still a minimum transaction fee.
A service which could sell "transactions" at a lower rate
by caching to a profit point might be viable.
I don't care if MS goes after spammers who target HotMail
users... but more than half of the SPAM I get in
my in-box comes through some HotMail address! HotMail
is the spammer.
It's too easy for spammers to use a free HotMail account
(like "bigscam89734@hotmail.com") to send SPAM from.
Microsoft should fix that first.
Looking over the peppercoin scheme, it appears that Rivest
is hoping to overcome the transaction fee by inducing the
purchasers to gamble a bit.
Every time you "buy" something, you take a chance
on paying some pre-set minimal fee (looks like [US]$10.00).
If all you buy is $0.50 items, your chance will be 5% each
time you buy. In the long run, it should even out...
BUT...
Realistically, Rivest is making a very conceited assumption;
that everyone will be using his micropayment service.
The more services, the harder it is to hit that "long run"
point where everything evens out. And guess what?
Banking systems ALWAYS err to the benefit
of the bank. (Surprise!) They will never allow
themselves to come up short. The most likely implementation
will bill you the very first time you use it and then
give you the random chance.
So, how many Rivest-ish micropayment services would you
give your credit card info to? (Did he think he was the only
one who could do it?)...and how much opportunity do you think
this provides for credit fraud, since you never really
know whether you should have been charged
or not.
HOW 'BOUT A SERVICE THAT JUST ADDS UP MICROPAYMENTS
AND BILLS YOU WHEN THEY HIT A LIMIT LIKE $10.00?
Does anyone remember "NetCash"? They could even ask you to
pay the first $10 in advance once they were popular enough.
PayPal is already in a good position to implement this...
but they don't.
Chances are they've looked into it and figured it wasn't
going to be profitable.
...for thereby some have been hospitalized without health
care and jailed for income tax fraud.
Seriously. I've heard of way too many people going
into "consulting" or "contracting" with not the slightest idea
how to get themselves affordable health care or life insurance
nor how to handle their self-employed income taxes. Some
have been surprisingly naïve about taxes, and it sounds
like there are lots of small operations openly
suggesting that being paid as a contractor allows one
to skip paying taxes.
You said,
[...] this pays my bills and leaves me with some spending money at the end of the day
...a hand-to-mouth sounding quip which leaves a lot of the
story un-told (I hope). Optimistically assuming that you
simply forgot to mention that you're lumping taxes and
insurance into the "bills" category, you haven't given enough
information to the typical Slashdot reader.
Before one would even think of hanging out their own shingle,
one must remember that roughly half of the
money coming in will be going right back out again for taxes
and insurance.
Skip those, and you could end up in a lot more trouble than
the money you "saved" can compensate for.
It's difficult to support anyone while
sick, jobless, jailed or dead.
The author of the article appears to have missed the point.
His address was used as a return address because the spammer
did not care about any e-mailed responses.
The spammer never expected (and probably didn't want)
to receive any response in the normal "reply" sense.
The message almost certainly contained some sort of
serial-numbered link to the spammer's web site. That
way if your serial number shows up in their web server's
log, they know that you've opened their message.
Doesn't sound like a big win for them... until you know
that advertising is big business. By proving
that you opened the message, they can claim that their
spam will make one more "impression". Initially, they'll
want to do a little profiling because audiences "targeted"
by interest areas can be sold for higher rates, something
like [US]$10 per 1000 impressions in general and up around
[US]$20 or more for 1000 targeted impressions.
Once you've opened one of those dumb spams with a mail
client that will load images from HTML IMG tags, you become
part of the "audience" which that spammer can sell to
advertising clients.
And by the way... five hundred e-mails is nothing
compared to the number of hits the spammer probably got
back.
Aside from having a 64kB key (1 million bits), they claim:
When a transmission of conventional algorithm is sent, it includes an encrypted form of the actual data. Given that a hacker have enough computing power and time, any message can be deciphered. With the VME engine the case is different; the actual data is never transferred. Therefore, when intercepted by a hacker, the results will yield absolutely nothing.
Did you catch that? They claim that the data isn't
contained in the encrypted message!
O-kaaaay... so, how does it get from here to there?!?
Pulling a statement like this out of their posterior
crevices proves that they don't know what they're
talking about. Of course the "actual data"
is transferred... that's what we call it when
data goes from one place to another. Running it through
their magic algorithm doesn't eliminate the information
content, else there wouldn't be any point in sending
the message at all.
This statement could be a clue to the algorithm though,
especially combined with the claims that it's faster
than RSA and with its suspiciously huge key...
And of course there's another problem.
How do you get a 64kB key from a user?
You don't. And there's no mention
of "VME" being a public-key algorithm, so it's just a
session key, not a public key. How useful is that?
Not very.
I think I'm beginning to see why this company was able
to have lean times even while others were getting VC
funding to develop the business plan of the South Park
underwear gnomes. Now though, we live in more patriotic
times when people will believe that tank commanders have
the proper background to recognize when they've "stumbled
upon" good cryptographic algorithms.
Evidently, someone was embarassed by this "unbreakable
encryption" article (because I doubt many slashdot readers
actually bothered to follow the link)... It's redirecting
browsers to the Intel products page instead.
"Unbreakable encryption" is always just a marketing ploy.
This shouldn't be any more newsworthy than when Microsoft
says their newest product is "totally hot", should it?
ALL dynamic content that has ever been linked
must have been linked somewhere in the chain from a static
link. Don't you get it? A "dynamic link" is
dynamic content! So how did you get 'hold of that dynamic
link in the first place? Must've come via a static link.
And there certainly was a lot of dynamic content prior to
1996. You've heard of Yahoo!
They were generating dynamic content well before Win95 came
out, as I recall.
What other way could you link to dynamic content? You could
use a "dynamic link", but if it was a dynamically generated
link then it would itself qualify as dynamic content!
So how did you link to that? Must've been
(eventually) from a static link, whether on a page or
in your browser preferences.
All dynamic content is traceable to some static link. It's
not a new idea, it's a necessary condition!
This is not a "valid patent". Every dynamic page
which existed prior to this patent was prior art.
the primary audience of Slashdot includes a huge majority
of college-going, dorm-living geeks, and
it took about fifteen seconds to find a link to the actual
report detailing this master-key exploit,
we can assume that the physical security
of every university and many high-schools will be
compromised before the end of this week.
Maybe it's time for me to go into business...
I could set up a booth in the student union giving
away pamphlets telling the "danger and weakness"
of the dorm locks (dumbed-down exploit instructions
with sketches of burglers and frightened co-eds)
and make a fortune selling secondary locks!
(Just skip this if you don't know anything about common
master key systems.)
One nice "fix" (for new installs or re-keying) comes to mind. There's no rule that says a master key has to be cut higher
for every tumbler position... so you could increase the
complexity of the system in an exponential way again:
allow master heights to be higher or lower than
non-master heights. The would-be cracker must then file a
bit farther down on the flipped ones.
make sure that every tumbler position has at least two
heights which work, with unused positions having random heights.
This means that finding another height for a tumbler won't
necessarily mean that it's useful.
Allow non-master keys to use master heights, at random.
The result is that you'll still have a master keyed system but
individual keys and locks will no longer give a linear search.
Instead of making only (T+1) keys, now you'll have to search
a space of (T^2) keys.
The logistics are much more imposing!
Look, to use this guy's system, you can make (T+1) pre-cut
blanks, five to find the master heights and the sixth uncut one
for making the final master.
Using the three points above though, you've made the cracker's
job much more difficult. He'll have to go through the first
phase with the five pre-cut keys and a file... but that's not
all!
Since the lock may have false positions, he has to get access
to another lock. This can be dangerous for an insider,
since they could be caught trying keys on doors they're not
supposed to be. Now he has to do all five tumbler hieghts with
the file, again. That may give him enough information
to make a sub-master key that would open both of those locks,
but it if both locks have some tumblers which match both high
and low positions, he won't know which to use for the
real master.
They don't need your permission in a check-box if you're already
giving them your e-mail address during the regsitration.
They can just put a clause in the license agreement that says
you agree to receive solicitations from them. You probably
didn't bother to read it anyway.
(My favorite part of most EULAs is how they say, "User agrees to abide by any future changes Company may make to this agreement." How legal can that be?!?)
Technically, they're being "nice" by making it possible for you
to un-check the box at all.
It's easier just to give a fake address like other posters have
suggested. We've been using that trick ever since Radio Shack
started asking for your home phone number.
There are hundreds of games in the same class as
"snood", including all the knock-offs. You can
probably remember playing some of
these:
Shoot the things dropping from above.
Fit the falling blocks.
Blast floating rocks to bits or be crushed.
Pilot and shoot your way along a lengthy
and trecherous course.
Use a paddle to bounce a ball off a brick
wall.
Guide a hungry thing through a maze, avoiding
predators and gathering food.
These and many other "simple" games are popular
for the same reasons:
They're different
from each other. Each type came up with a whole
new paradigm. By comparison, all first-person
shooter games are practically identical.
They're straightforward enough that any one
of them could be assigned as an intermediate
programming class project. Knock-offs everywhere.
Everyone says they've played "Tetris", but
nowadays how many people do you think have
ever even seen the real "Tetris(tm)"?
It was a DOS-based game, remember?
They're not like real life at all. We play
games for escape, mostly.
Slashdot Mirror
Can these phones talk directly to each other without going through a WEP?
If not, why not?
Sounds like I can walk in, plop down ten bucks, and walk out with a perfectly good hunk of hardware and no one will come looking for me if I never bring it back.
I wonder when the first hack instructions will show up?
Nope. Go read it.
The GPL allows for them to accompany their binaries with an "offer" to send you the source at no more than their cost to do so. For all practical purposes, merely including a copy of the GPL varbage and some sort of contact information for themselves completely meets those terms.
Use the contact information. Ask for the source. Be willing to pay duplication, shipping, and handling because they're not obligated to put it on the Internet. (Remember, the GPL was born in the days when you were expected to send your own blank tape and self-addressed return packaging.) If you send your request by registered mail and they don't respond in a timely manner then, maybe, you could have a case against them for license violation.
We made a similar decision when I was a developer at Merge Technologies, that we would not make any effort to "push" the source. Instead, we would wait for requests and answer them as needed. As far as I know, it has never been needed. Not many hobbyists buy medical imaging systems, I guess.
My guess is that Linksys people probably hoped that the demand for mucking about on their hardware platform would be even lower than the demand for Midori Linux, you know... something like two or three hundred requests, max. (Hey, who knew it would end up slated for the entire population of China?!? )
-Rick
(one of the original Midori developers)
Remember the time when someone was trying to get everybody to point their laser pointers at the moon at a certain time on a certain night, hoping to light up the moon? A "reality check" turns up the fact that they wouldn't even make it through the atmosphere, diffused like headlights in fog.
Even so with this 802.11 idea.
802.11 can be stretched only so far. Let's be really generous and give it 10km. That means that quite a few volunteers would have to be willing to buy or build autonomous nodes to stretch across the more desolate areas... and likely they'd have to haul them into hazardous positions on their own backs to get maximum range (across mountains, for example). That equipment will have to be left in place for extended periods of time, without service... so that'd require solar or wind power too. How 'bout standing up to the weather? Most off-the-shelf equipment wouldn't take the extremes of hot and cold.
Now how likely does this project sound?
Seeing articles about these people actively combatting the very sources of SPAM just warms my heart. Hell, I'd pay double for that kind of service.
I've been on Earthlink since sometime in August or September and have had no problems at all. (I must say that the TimeWarner installer-guy was way cool, too. He didn't much favor TimeWarner but he knew what he was doing, for sure. He had even heard of the Gateway/AOL "Touchpad" that I had worked on for Transmeta! This guy was on the ball.)
Jeez, do they have a "Donate to Earthlink" site? How 'bout a "tip my install guy" link? Hey, now that sort of thing would be sure to improve service, don't you think?
They officially measure boot time as the time from turning on the power to the time when the "Start" button shows up on the screen.
So all sorts of things get twisted around, delayed, etc. by the OEMs just to make that damned button "clickable", even though the action which is supposed to follow that click won't happen for almost a minute.
Then Dad accidentally types "lashdot" instead of "slashdot" and has to hard-reset to get rid of the slew of pornographic pop-up windows that result from his typo.
Son now has something to laugh about while he surfs for porn on his buddy's old laptop or at the public library.
If it matches any of the baloney detection tests it's not just a wishy-washy might-be "warning sign", it's proof that some part of the claim is bogus.
And for the curious, please...
It's the rudest thing I've ever seen in my life, and does a horrible discredit to the memory of the man.-Rick
The first thing they're going to want to do is set up a catapult to sling processed ore back to China. Then what happens when they threaten to drop big cans of moon-rock in places they're not wanted, like foreign cities, with no parachute?
Did any of the Slashdot crowd pay attention in their history class? Remember what the whole "space race" was all about? The first country to establish a moon base could rule the world. It could rain destruction onto any point on the globe and it would be almost impossible for other nations to effectively counter-attack.
No "Star Wars" defense system is going to have much effect on a big can full of rock. By the time it hits the atmosphere, it would be too late to stop it from hitting the ground with huge destructive potential. Heinlein speculated something like a multi-megaton bomb.
At that point you say to yourself, "Yeah, I like this. I think I'll go hunting around at record shops to see if anyone even knows who this band is so I can pay fifteen bucks for the same CD I could burn myself and a little bit of cover art. I'd pay to see them perform too, if I ever find myself travelling through, uh, Waukesha, Wisconsin."
Riiiiiight... You're a regular philanthropist.
Get real. You'd burn your own CD-R, leaving out a track or two you didn't like and tossing in a few more tracks since there's room, or a couple hundred more tracks if your player handles mp3 disks.
What happens after that, well, it may help the band gain popularity in some way... but quit using that lame old line about mp3's making you want to go out and buy the CD. Nobody should believe that.
Don't shake in bottles. What was I thinking? Put the oil and water into a zip-lock bag with no air and squish it all around to mix.
Incidentally, my own experiments have so far shown no difference in emulsion effects between normal and de-gassed water ...so far.
-Rick
To remove all dissolved gasses from water, simply heat the water at a "Low" setting and bring it slowly to a boil. It's that simple. There's a kids' science experiment to demonstrate this effect at http://www.bigelow.org/virtual/handson/diss_air.ht ml.
Watch for those air bubbles during heating to verify
that the water has dissolved gasses already.
Put the de-gassed water in a sealed container (a soda bottle) and put some of the original water in an identical (but labeled) container. Collect water from other sources (tap, lake, well), splitting those into original and de-gassed containers in the same way. A sample from a fish tank is guaranteed to have plenty of dissolved gasses, otherwise the fish would be dead. Getting different water sources gives reasonable independence from the effects of non-gaseous impurities (minerals, for example) on your results. Let all water bottles come to the same temperature.
Choose an oil to try. Then for each bottle of water, prepare another container with a small amount of oil. Add a small amount of each type of water to those oil samples and shake vigorously.
Quantify what you see by measuring the time that it takes for all (or most) of the re-separation to happen. Remember, what you're looking for is any consistent difference between the original and de-gassed samples.
You should have plenty of water left, so rinse out those mixing containers and try different oils: canola oil, corn oil, baby oil, motor oil, etc. If you really want to be thorough, put all the water bottles in the refrigerator to try the experiment at another temperature.
If you try all this and you can't see any difference in the mixing between the original and de-gassed water, then you have disproved the theory. If you do see differences, then you have successfully duplicated the experiment.
There you go. You're a scientist!
This is already the case with PayPal. You can use PayPal to pay hundreds of different online vendors, all from a pre-deposited account. Just like "NetCash" tried to do, you pay first and then spend your "online" currency in whatever miniscule amounts you want.
Problem is, there's still a minimum transaction fee.
A service which could sell "transactions" at a lower rate by caching to a profit point might be viable.
It's too easy for spammers to use a free HotMail account (like "bigscam89734@hotmail.com") to send SPAM from. Microsoft should fix that first.
Every time you "buy" something, you take a chance on paying some pre-set minimal fee (looks like [US]$10.00). If all you buy is $0.50 items, your chance will be 5% each time you buy. In the long run, it should even out...
BUT...
Realistically, Rivest is making a very conceited assumption; that everyone will be using his micropayment service. The more services, the harder it is to hit that "long run" point where everything evens out. And guess what?
Banking systems ALWAYS err to the benefit of the bank. (Surprise!) They will never allow themselves to come up short. The most likely implementation will bill you the very first time you use it and then give you the random chance.
So, how many Rivest-ish micropayment services would you give your credit card info to? (Did he think he was the only one who could do it?) ...and how much opportunity do you think
this provides for credit fraud, since you never really
know whether you should have been charged
or not.
HOW 'BOUT A SERVICE THAT JUST ADDS UP MICROPAYMENTS AND BILLS YOU WHEN THEY HIT A LIMIT LIKE $10.00? Does anyone remember "NetCash"? They could even ask you to pay the first $10 in advance once they were popular enough. PayPal is already in a good position to implement this... but they don't.
Chances are they've looked into it and figured it wasn't going to be profitable.
-Rick
Seriously. I've heard of way too many people going into "consulting" or "contracting" with not the slightest idea how to get themselves affordable health care or life insurance nor how to handle their self-employed income taxes. Some have been surprisingly naïve about taxes, and it sounds like there are lots of small operations openly suggesting that being paid as a contractor allows one to skip paying taxes.
You said,
Before one would even think of hanging out their own shingle, one must remember that roughly half of the money coming in will be going right back out again for taxes and insurance. Skip those, and you could end up in a lot more trouble than the money you "saved" can compensate for. It's difficult to support anyone while sick, jobless, jailed or dead.
-Rick
The message almost certainly contained some sort of serial-numbered link to the spammer's web site. That way if your serial number shows up in their web server's log, they know that you've opened their message.
Doesn't sound like a big win for them... until you know that advertising is big business. By proving that you opened the message, they can claim that their spam will make one more "impression". Initially, they'll want to do a little profiling because audiences "targeted" by interest areas can be sold for higher rates, something like [US]$10 per 1000 impressions in general and up around [US]$20 or more for 1000 targeted impressions.
Once you've opened one of those dumb spams with a mail client that will load images from HTML IMG tags, you become part of the "audience" which that spammer can sell to advertising clients.
And by the way... five hundred e-mails is nothing compared to the number of hits the spammer probably got back.
http://www.meganet.com/Technology/explain.htm
Aside from having a 64kB key (1 million bits), they claim:
Did you catch that? They claim that the data isn't contained in the encrypted message!
O-kaaaay... so, how does it get from here to there?!? Pulling a statement like this out of their posterior crevices proves that they don't know what they're talking about. Of course the "actual data" is transferred... that's what we call it when data goes from one place to another. Running it through their magic algorithm doesn't eliminate the information content, else there wouldn't be any point in sending the message at all.
This statement could be a clue to the algorithm though, especially combined with the claims that it's faster than RSA and with its suspiciously huge key...
And of course there's another problem. How do you get a 64kB key from a user? You don't. And there's no mention of "VME" being a public-key algorithm, so it's just a session key, not a public key. How useful is that? Not very.
I think I'm beginning to see why this company was able to have lean times even while others were getting VC funding to develop the business plan of the South Park underwear gnomes. Now though, we live in more patriotic times when people will believe that tank commanders have the proper background to recognize when they've "stumbled upon" good cryptographic algorithms.
"Unbreakable encryption" is always just a marketing ploy. This shouldn't be any more newsworthy than when Microsoft says their newest product is "totally hot", should it?
ALL dynamic content that has ever been linked must have been linked somewhere in the chain from a static link. Don't you get it? A "dynamic link" is dynamic content! So how did you get 'hold of that dynamic link in the first place? Must've come via a static link.
And there certainly was a lot of dynamic content prior to 1996. You've heard of Yahoo! They were generating dynamic content well before Win95 came out, as I recall.
HOW ELSE COULD IT BE DONE?!?
What other way could you link to dynamic content? You could use a "dynamic link", but if it was a dynamically generated link then it would itself qualify as dynamic content! So how did you link to that? Must've been (eventually) from a static link, whether on a page or in your browser preferences.
All dynamic content is traceable to some static link. It's not a new idea, it's a necessary condition!
This is not a "valid patent". Every dynamic page which existed prior to this patent was prior art.
- the primary audience of Slashdot includes a huge majority
of college-going, dorm-living geeks, and
- it took about fifteen seconds to find a link to the actual
report detailing this master-key exploit,
we can assume that the physical security of every university and many high-schools will be compromised before the end of this week.Maybe it's time for me to go into business... I could set up a booth in the student union giving away pamphlets telling the "danger and weakness" of the dorm locks (dumbed-down exploit instructions with sketches of burglers and frightened co-eds) and make a fortune selling secondary locks!
One nice "fix" (for new installs or re-keying) comes to mind. There's no rule that says a master key has to be cut higher for every tumbler position... so you could increase the complexity of the system in an exponential way again:
The result is that you'll still have a master keyed system but individual keys and locks will no longer give a linear search. Instead of making only (T+1) keys, now you'll have to search a space of (T^2) keys.
The logistics are much more imposing!
Look, to use this guy's system, you can make (T+1) pre-cut blanks, five to find the master heights and the sixth uncut one for making the final master.
Using the three points above though, you've made the cracker's job much more difficult. He'll have to go through the first phase with the five pre-cut keys and a file... but that's not all!
Since the lock may have false positions, he has to get access to another lock. This can be dangerous for an insider, since they could be caught trying keys on doors they're not supposed to be. Now he has to do all five tumbler hieghts with the file, again. That may give him enough information to make a sub-master key that would open both of those locks, but it if both locks have some tumblers which match both high and low positions, he won't know which to use for the real master.
(My favorite part of most EULAs is how they say, "User agrees to abide by any future changes Company may make to this agreement." How legal can that be?!?)
Technically, they're being "nice" by making it possible for you to un-check the box at all.
It's easier just to give a fake address like other posters have suggested. We've been using that trick ever since Radio Shack started asking for your home phone number.
-Rick
These and many other "simple" games are popular for the same reasons:
Well, that's what I think.
-Rick