Whoever Mr. Ashcroft is in private life... he has a job to do... You may agree or disagree with the way that he does it, but it shouldn't be anything personal, on his part or yours.
Well, what I know about him personally isn't much, but what there is of it I don't like (e.g. the 'covering up' of the justice statue because of (heaven forfend) a breast).
For the long version, look up "The Man Who Mistook His Wife for a Hat", by Oliver Sacks. Look up the chapter entitled "The President's Speech". Amusing from both a political and neurological point of view.
My mother- and father-in-law are Italian, direct from a small village on the side of a mountain about an hour southeast of Rome. I've been to their village. The amount of pasta they eat would put an Atkins groupie into horrified paralysis, but the average person I saw in Italy was noticeably thinner than the average middle-class American.
It ain't just carbs, folks. It ain't even just the portions; every dang meal over there has at least three courses. Just maybe it's exercise?
I dunno. Two-legged walking around a place as variable as a typical home with children is a tough problem on its own. Doing it safely, and also doing something useful at the same time, is not a problem I see being solved enough to be common in homes, if solved at all by 2014.
I'm also extremely doubtful that nanomedicine will be that far along in only ten years. There will be some neat discoveries, and maybe even some gene therapy (just read about some mice with muscular dystrophy being almost cured by a genetically engineered virus - the micrograph pictures of their muscle are flatly amazing), but fully artificial medical nanobots are at least two decades away, IMHguesstimate.
The current budget does, yes, include a few hundred million for Afghanistan. It didn't when the Bush administration proposed it to Congress; Congressional staffers had to add it.
How does Afghanistan have anything to do with Screwing Saudi Arabia and China, and why should that be our goal?
Oh, darn. I wasted my time looking those other citations up. Apparently you are unable to follow context, since you have totally missed the fact that I was replying to the parent post. I should have guessed, since you totally ignored the bulk of my post.
Aw, I got a Handera 330 & a CF Wifi card for about that. Syncs beautifully with Linux, I don't even use the Windows software. SD and CF slots, and while the screen is grayscale, my battery life will kick the snot out of any WinCE devices, and all color Palms - weeks on a few AAAs.
I haven't done it yet, but people have gotten over six hours of continuous pings over Wifi using a 330. I'm not sure an X30 will run for six hours, period...
Iraq was merely chosen for reasons of political expediency (since it was the nation, pre-war, with the best hopes of US and world-support for a military action). It's a centrally located middle east nation with a tyrant dictator...
Why wouldn't Afghanistan have been better on all counts?
But all this stuff misses the main point about Iraq. Saddam was contained by the sanctions. He wasn't particularly punished by them (he didn't miss any meals) but look at hii options post-9/11, pre-war:
Attack one or more of his Islamic neighbors.
Result: Gulf War II with full international support.
Attack Israel, either conventionally or with WMD.
Result: War. Quite possibly a glowing crater where Bagdhad once was.
Attack the United States, either conventionally or with WMD.
Result: it is to laugh. Iraq is stomped even worse than it actually was. Perhaps even a glowing crater. (If he actually posed any real military threat to us, the war might conceivably have been justified... but nobody thought that.)
Give, say, Al-Quaeda WMDs.
The only real terrorism Saddam has been tied to, the stipends for families of suicide bombers in Israel, was very public... because he was doing it for publicity. He doesn't gain a lot from attacking the U.S. by proxy, and if it's ever traced back to him (a significant probability, though far from a sure thing), we're back to a full-on military onslaught with widespread international support.
Maintain the status quo.
Result: pretty good for Saddam. He's still in charge of the county, livin' large, and he can tweak around oil prices and hurt the U.S. a bit by saber-rattling from time to time.
Saddam's a vicious, evil SOB. But he's not stupid, and he could see the above as well as anyone. If you can come up with another alternative path for him to take, I'd love to hear it.
If we really wanted to supress "Panislamic radicalism", screw Saudi Arabia or China or whatever, we could have done it better in Afghanistan. We had international support and clear moral grounding, a populace that actually didn't like the ruling regime and really did mostly welcome us, etc. If we'd spent the kind of dough and deployed the kind of troops there that we're currently throwing at Iraq, we might actually have been able to do some real nation-building.
Just think, a democratic Islamic state. Nothing better to scare the thugocracies of the Middle East, and perhaps even inspire their people. Yes, it would have attracted the same foreign insurgents there that Iraq has, but the native populace didn't get introduced to us by infrastructure bombing. The Soviets did that, and we helped the Afghanis against them.
How much money did Bush allocate for Afghanistan in the 2004 budget? Nothing. Not a damn thing. They forgot about it.
I use MD5 in my project (see sig) but I think it's still relatively safe. Each time a client connects, it gets a new, randomly-generated salt. It then uses HMAC to hash the secret password with the salt, and sends the response back.
The server compares the response with its own list of hash(password+salt) outputs, and if one matches, it runs the associated command.
Currently, a potential attacker sniffing the wire can record the salt and the response, but figuring out what password was used boils down to reversing MD5, making a pig out of sausage. Dictionary attacks are the most practical way to carry this out now. Fast collision-finding would allow someone to find a Y such that it hashes to the same value as X for a particular salt.
The problem is, finding an X and a Y that both hash to Z doesn't help much here. An attacker would need to find an X and a Y that, for (at least) two different salts S1 and S2, satisfied the condition that hash(X+S1)=hash(Y+S1) and hash(X+S2)=hash(Y+S2). In practice, they'd need to find such a hypothetical X, Y pair that satisfied this condition for a lot of potential salts to have a chance of successfully breaking in.
I'm not sure such pairs exist; I suspect that the only way for the above condition to be satisfied in practice is for X and Y to be equal, that is, for the attacker to reconstruct the actual password. Maybe I'm dense, but I think dictionary attacks are still the more practical choice...
As I understood it (I don't use port knocking), it's the practice of setting up your firewall to log connection attempts on certain ports... I didn't think it relied on UDP at all.
In practice, they use UDP so they don't have to wait for TCP timeouts on the client side. Some rely on sticking some kind of data in the payload of the packet, but it's hard to do that in a way that's resistant to replay attacks. If you use the current time as a salt, you either need precisely aligned clocks, or you need a 'window', which increases CPU usage and decreases security.
My SSH isn't exposed to the outside world at all until I talk to a server I wrote and do a challenge-response. Then SSH is exposed, for that IP address only. The client is simple enough to sit on a Palm Pilot - works even for an Internet cafe setup. Even then, SSH doesn't run on the standard port.
I am very confident that the challenge-response is secure by design. No one's been able to find any kind of hole in it. It's theoretically possible to brute-force it, but most people can't wait until the sun burns out to hack in.
Port knocking does provide a certain amount of security, but the more you try to make it secure against sniffing/replay attacks, the less reliable it becomes. Most of these systems are critically dependent on UDP packets being delivered, and delivered in the order they were sent. Neither of these is guaranteed on today's Internet. A lot of routers are programmed to just dump UDP packets on the floor if they are at all busy.
I wrote something that can be used to shield SSH and other services, but is fundamentally unhackable from the outside and is reliable because it uses TCP instead of UDP.
The video lilitation for PCs of the day was largely due to the amount of available video memory. Instead of storing data about the location, value, and attributes of an ASCII character, you needed enough memory to store data about the position and color of each pixel. The fact that most of the static data on the Apple was stored in ROM just made things easier.
Well, what if Apple had produced an add-on video card that had the ROM and so forth, plus a monitor? And the software to drive it? Have a switch so it could act as a simple CGA/EGA card for compatibility, or you could switch into a whole new Mac-style world...
It's tough to get too rich making third-party stuff like that. And you have to price it so that people can afford the base system (in this case, an IBM PC) and your add-on hardware. But then Apple's out of the CPU & motherboard business completely... could keep their costs down.
I am still boggled that programmers who claim to be interested in security (and who moreover claim to be uninfluenced by marketing and "cool", but rather by technical concerns) still choose C or C++ for their projects.
For some types of programs, performance (in speed and resource use) really really matters. There are targets that current VMs just can't meet. These situations are becoming increasingly rare (indeed, IMHO they are the distinct minority at this point, thank goodness), but they do exist.
Careful design can minimize a lot of this. I chose C for my secure networking program, but made sure it couldn't be subject to buffer overflow and other such attacks. If you look at the design goals and restraints, I think you'll agree that C was the right choice.
"Some who have read the book, or at any rate have reviewed it,
have found it boring, absurd, or contemptible; and I have no
cause to complain, since I have similar opinions of their works,
or of the kinds of writing that they evidently prefer."
I got a DVD player and loaded up a hacked firmware. I can always hit "menu" or "skip" or "fast forward". Screw that stupid FBI/Interpol warning, I've read it already.
The other nice thing is disabling Macrovision. I can copy DVDs to VHS; much safer for four-year-olds to handle.
(No, I don't pirate them, I just want to use what I bought how I want. The same thing with game cracks - forget just once and leave a game disk out, and you wouldn't believe what a two-year-old can do to it. Being able to play the game while the precious install media is safe in its case on a high shelf is wonderful.)
since we have the stupid electorial college, voting for the 3rd party , doesn't do no good. can do more harm then good (like last election)
Actually, the parent effectively said that voting for a third party candidate was better than not voting at all. Rather different from changing one's vote from one of the big two to a third party.
No kidding. People complain about how big the Palm III series was; this thing's huge. You won't be just sticking it in your pocket anytime soon. And even 6 hours of battery life is limiting. My Palm only needs battery changes every couple of weeks at most. I suppose if you really need a laptop, this thing would be more convenient, but sheesh...
Hmmm. What's the limit on the timeouts of the protocol, vs. the speed of light? Even with lots of power and directional antennas, eventually there will be a distance where connection is impossible just becuase the ack's can't get there fast enough.
Seems timeouts range up to a second or so; hundreds of milliseconds to authenticate. So you're not going to see anyone much further than 186,000 miles.:->
The OS limits things, and now it's as discontinued as the Newtwon, but My Handera 330 is pretty dang sweet. *Two* expansion slots, one CF, one SD. I have a 128MB SD card for apps and data (and for PalmOS, where a large app is ~300K, that's practically infinite), and a 48MB CF card for backups. Plus a CF 802.11 card, and that makes a big difference. Surfing and email anywhere.
Weeks on a set of AAAs (Wifi does suck power, but not as much as you'd think), small and portable. I've got the clip-on GPS and a foldable keyboard. Most of the benefits of a laptop, with much better portability and battery life.
Now, if I actually needed a portable webserver or MP3 player, the Newtwon would be it. But for the purposes I use it for, the H330 is right in the sweet spot.
I used to work for an industrial robot company. People have a positive talent for giving orders to a robot that would cause it to damage itself if it tried to follow them. So in practice (insofar as such laws can be practically implemented, which as you point out isn't all that far), the third and second laws are swapped.
The first law's still paramount, of course. Having the robot crash and freeze up was considered a less severe bug than having it move unexpectedly, or in an unexpected way. Such an unpredictable motion had a much greater chance of hurting someone than a simple freeze.
Since, NDA's/patents are only valid if the technology has not been released into the public domain, it's not possible to release this code.
Hmmm. Sorta. Unlike trademark law in the U.S., you are free to pick and choose who you will go after for patent infringement. Just because you let one person use it for free doesn't mean you can't prosecute others.
Releasing GPL'd drivers, with a license that says you're free to use the patented tech so long as it was only in GPL'd code, would be no big deal. The competitors still couldn't use the patented tech w/o a license in closed-source drivers. If they did use it, they'd have to release their drivers under the GPL, too.
The result is no worse than the current state, and in some ways better. If you find a competitor using your tech (and you know they've got teams examining each other's drivers - they find when their competitors are cheating on bnechmarks, after all) you've got them for both patend and copyright violation. If they put their tech under the GPL, too, you can use it in your GPL'd drivers.
Slashdot Mirror
Well, what I know about him personally isn't much, but what there is of it I don't like (e.g. the 'covering up' of the justice statue because of (heaven forfend) a breast).
The way he has carried out his job, however, I find abhorrent. Pushing the "PATRIOT Act", all by itself, would warrant my condemnation. But looking into how much torture U.S. interrogators could get away with, and refusing to own up to it, is beneath contempt.
For the long version, look up "The Man Who Mistook His Wife for a Hat", by Oliver Sacks. Look up the chapter entitled "The President's Speech". Amusing from both a political and neurological point of view.
It ain't just carbs, folks. It ain't even just the portions; every dang meal over there has at least three courses. Just maybe it's exercise?
I'm also extremely doubtful that nanomedicine will be that far along in only ten years. There will be some neat discoveries, and maybe even some gene therapy (just read about some mice with muscular dystrophy being almost cured by a genetically engineered virus - the micrograph pictures of their muscle are flatly amazing), but fully artificial medical nanobots are at least two decades away, IMHguesstimate.
Okay, fine, I'll cite a few other places... Happy now?
The current budget does, yes, include a few hundred million for Afghanistan. It didn't when the Bush administration proposed it to Congress; Congressional staffers had to add it.
How does Afghanistan have anything to do with Screwing Saudi Arabia and China, and why should that be our goal?
Oh, darn. I wasted my time looking those other citations up. Apparently you are unable to follow context, since you have totally missed the fact that I was replying to the parent post. I should have guessed, since you totally ignored the bulk of my post.
I haven't done it yet, but people have gotten over six hours of continuous pings over Wifi using a 330. I'm not sure an X30 will run for six hours, period...
Why wouldn't Afghanistan have been better on all counts?
When Hussein accused UN weapons inspectors of being US spies in 1998...
Um...they actually were spies.
But all this stuff misses the main point about Iraq. Saddam was contained by the sanctions. He wasn't particularly punished by them (he didn't miss any meals) but look at hii options post-9/11, pre-war:
- Attack one or more of his Islamic neighbors.
- Attack Israel, either conventionally or with WMD.
- Attack the United States, either conventionally or with WMD.
- Give, say, Al-Quaeda WMDs.
- Maintain the status quo.
Saddam's a vicious, evil SOB. But he's not stupid, and he could see the above as well as anyone. If you can come up with another alternative path for him to take, I'd love to hear it.Result: Gulf War II with full international support.
Result: War. Quite possibly a glowing crater where Bagdhad once was.
Result: it is to laugh. Iraq is stomped even worse than it actually was. Perhaps even a glowing crater. (If he actually posed any real military threat to us, the war might conceivably have been justified... but nobody thought that.)
The only real terrorism Saddam has been tied to, the stipends for families of suicide bombers in Israel, was very public... because he was doing it for publicity. He doesn't gain a lot from attacking the U.S. by proxy, and if it's ever traced back to him (a significant probability, though far from a sure thing), we're back to a full-on military onslaught with widespread international support.
Result: pretty good for Saddam. He's still in charge of the county, livin' large, and he can tweak around oil prices and hurt the U.S. a bit by saber-rattling from time to time.
If we really wanted to supress "Panislamic radicalism", screw Saudi Arabia or China or whatever, we could have done it better in Afghanistan. We had international support and clear moral grounding, a populace that actually didn't like the ruling regime and really did mostly welcome us, etc. If we'd spent the kind of dough and deployed the kind of troops there that we're currently throwing at Iraq, we might actually have been able to do some real nation-building.
Just think, a democratic Islamic state. Nothing better to scare the thugocracies of the Middle East, and perhaps even inspire their people. Yes, it would have attracted the same foreign insurgents there that Iraq has, but the native populace didn't get introduced to us by infrastructure bombing. The Soviets did that, and we helped the Afghanis against them.
How much money did Bush allocate for Afghanistan in the 2004 budget? Nothing. Not a damn thing. They forgot about it.
Currently, a potential attacker sniffing the wire can record the salt and the response, but figuring out what password was used boils down to reversing MD5, making a pig out of sausage. Dictionary attacks are the most practical way to carry this out now. Fast collision-finding would allow someone to find a Y such that it hashes to the same value as X for a particular salt.
The problem is, finding an X and a Y that both hash to Z doesn't help much here. An attacker would need to find an X and a Y that, for (at least) two different salts S1 and S2, satisfied the condition that hash(X+S1)=hash(Y+S1) and hash(X+S2)=hash(Y+S2). In practice, they'd need to find such a hypothetical X, Y pair that satisfied this condition for a lot of potential salts to have a chance of successfully breaking in.
I'm not sure such pairs exist; I suspect that the only way for the above condition to be satisfied in practice is for X and Y to be equal, that is, for the attacker to reconstruct the actual password. Maybe I'm dense, but I think dictionary attacks are still the more practical choice...
In practice, they use UDP so they don't have to wait for TCP timeouts on the client side. Some rely on sticking some kind of data in the payload of the packet, but it's hard to do that in a way that's resistant to replay attacks. If you use the current time as a salt, you either need precisely aligned clocks, or you need a 'window', which increases CPU usage and decreases security.
I am very confident that the challenge-response is secure by design. No one's been able to find any kind of hole in it. It's theoretically possible to brute-force it, but most people can't wait until the sun burns out to hack in.
Port knocking does provide a certain amount of security, but the more you try to make it secure against sniffing/replay attacks, the less reliable it becomes. Most of these systems are critically dependent on UDP packets being delivered, and delivered in the order they were sent. Neither of these is guaranteed on today's Internet. A lot of routers are programmed to just dump UDP packets on the floor if they are at all busy.
I wrote something that can be used to shield SSH and other services, but is fundamentally unhackable from the outside and is reliable because it uses TCP instead of UDP.
Well, what if Apple had produced an add-on video card that had the ROM and so forth, plus a monitor? And the software to drive it? Have a switch so it could act as a simple CGA/EGA card for compatibility, or you could switch into a whole new Mac-style world...
It's tough to get too rich making third-party stuff like that. And you have to price it so that people can afford the base system (in this case, an IBM PC) and your add-on hardware. But then Apple's out of the CPU & motherboard business completely... could keep their costs down.
For some types of programs, performance (in speed and resource use) really really matters. There are targets that current VMs just can't meet. These situations are becoming increasingly rare (indeed, IMHO they are the distinct minority at this point, thank goodness), but they do exist.
Careful design can minimize a lot of this. I chose C for my secure networking program, but made sure it couldn't be subject to buffer overflow and other such attacks. If you look at the design goals and restraints, I think you'll agree that C was the right choice.
If you have to ask why, you're not a member of the intended audience.
...as I say every time this comes up. The more complicated the knock sequence, the less reliable it will be.
"Some who have read the book, or at any rate have reviewed it, have found it boring, absurd, or contemptible; and I have no cause to complain, since I have similar opinions of their works, or of the kinds of writing that they evidently prefer."
The other nice thing is disabling Macrovision. I can copy DVDs to VHS; much safer for four-year-olds to handle.
(No, I don't pirate them, I just want to use what I bought how I want. The same thing with game cracks - forget just once and leave a game disk out, and you wouldn't believe what a two-year-old can do to it. Being able to play the game while the precious install media is safe in its case on a high shelf is wonderful.)
Actually, the parent effectively said that voting for a third party candidate was better than not voting at all. Rather different from changing one's vote from one of the big two to a third party.
No kidding. People complain about how big the Palm III series was; this thing's huge. You won't be just sticking it in your pocket anytime soon. And even 6 hours of battery life is limiting. My Palm only needs battery changes every couple of weeks at most. I suppose if you really need a laptop, this thing would be more convenient, but sheesh...
Seems timeouts range up to a second or so; hundreds of milliseconds to authenticate. So you're not going to see anyone much further than 186,000 miles. :->
Weeks on a set of AAAs (Wifi does suck power, but not as much as you'd think), small and portable. I've got the clip-on GPS and a foldable keyboard. Most of the benefits of a laptop, with much better portability and battery life.
Now, if I actually needed a portable webserver or MP3 player, the Newtwon would be it. But for the purposes I use it for, the H330 is right in the sweet spot.
The first law's still paramount, of course. Having the robot crash and freeze up was considered a less severe bug than having it move unexpectedly, or in an unexpected way. Such an unpredictable motion had a much greater chance of hurting someone than a simple freeze.
Hmmm. Sorta. Unlike trademark law in the U.S., you are free to pick and choose who you will go after for patent infringement. Just because you let one person use it for free doesn't mean you can't prosecute others.
Releasing GPL'd drivers, with a license that says you're free to use the patented tech so long as it was only in GPL'd code, would be no big deal. The competitors still couldn't use the patented tech w/o a license in closed-source drivers. If they did use it, they'd have to release their drivers under the GPL, too.
The result is no worse than the current state, and in some ways better. If you find a competitor using your tech (and you know they've got teams examining each other's drivers - they find when their competitors are cheating on bnechmarks, after all) you've got them for both patend and copyright violation. If they put their tech under the GPL, too, you can use it in your GPL'd drivers.
Does any major commercial game these days make any good use out of dual-CPU systems? Or do they still just use one processor?