I don't mean to be callous, and I've given
generously to the Katrina relief cause and
expect to give again, but...
What should the widowed mother of 3 do to improve her lot, when she's already working 2 part-time
Assuming she wasn't raped, she should
have required her mate to
get decent life insurance before she had
sex.
What about the 50 year old mechanic who hurts his back on the job and can't work. His case for workman's comp gets denied, all the way up to the state supreme court. His considerable savings are
Assuming such a case exists, this one is
much tougher to rebutt. He should have
purchased disability insurance when he was
younger (a mistake that I too made, and
now that I'm older, with pre-existing
conditions, disability insurance is not
attainable). Advice to slashdotters who
are still young and healthy: buy yourself
disability insurance from a solid
insurer now. The gov't and
employee disability benefits either won't be
there or won't be adequate.
I hope you're lucky and don't have the world collapse around you - no amount of planning and preparation can spare you from everything.
Agreed. There will always be cases that
defeat best planning. But if everyone
plans, fewer people will need society's help,
and the help per destitute person will
thus be much better than what we can offer
now.
The entire project would almost certainly have been a complete and dismal failure had there not been massive subsidies from the French and British governments keeping the thing in the air.
The project was a failure because the people who lived on the ground refused to put up with the sonic booms. Where it not for that, mass production, competition, etc. would have made the Concorde (or a successor) successful.
It had a hard time filling seats because its seats
were expensive. Again, because no aircraft maker
had incentive to drive costs down.
But if people started getting tons of solicited emails from different companies that all came from signing up at another site, that other site would have a strong disincentive to not give out users emails.
What prevents the person sending spam from
lying about where the spammer got the email address from?
The problem I see is enforcement.
A variation on a theme is to use disposable
email addresses
And your argument that algorithms are not tunable for larger digest production is wrong. MD5 as defined and specified cannot produce longer digests, but it would be a relatively "simple" matter to rework it to use larger blocks. (Say, instead of per-byte, it works per-2-byte)
It's always possible to take a hash algorithm and extend it to produce a larger digest. It just won't be backwards compatible, so in all cases but the academic it's mostly just a useless point.
Odd then, that no one has this. md5 is much faster
in software than sha-1. It wouldn't be useless
at all as protocols like IPsec, Kerberos,
TLS, etc. are always looking to add more
algorithms. 256 bit md5 wouldn't be useless
at all.
But if you're going to make a hash out of MD5 concat SHA-1, then that hash won't be backwards compatible, and you'll need to write and validate code that would process it anyways.
I've no idea what you are talking about.
Backwards compatible with what? In any case,
this is what SSL/TLS does... uses multiple
hash algorithms in order to insulate it
from non-brute-force attacks.
I wonder how this will effect RFC 4109 in that it depreciates MD5 in favor of SHA1. Does this mean that SHA1, at 2^63 is less secure than MD5 at a brute-force 2^64? I'm not a crypto expert or anything, just asking the question; will this effect the proposed standard for the HASH algorithm used in IPsec?
First there are already attacks on MD5 that are less
than O(2^64) which don't involve brute force.
Second, RFC 4109 refers to the HMAC algorithms used for computing per packet integrity checksum
that is resistant to tampering by a man in the
middle.
HMACs take as input both a known message and
a shared secret (often, a session key for a symmetric key algorithm like DES, triple DES, AES, RC4, etc) and compute hash result ( MD5, or SHA1, or SHA-256, etc. ). In other words, part of the
input to the hash algorithm is unknown. This
makes it very difficult to find two messages,
X and Y that compute the same HMAC. I.e. find
X and Y such that HMAC(X, K) == HMAC(Y, K), where
K is the shared secret. The attacks on MD5 and
SHA-1 so far assume that there is no K, or if
there is, it is known. And if the man in the middle knows
K, he doesn't need to use these new cool attacks
to tamper with messages; he's the man in the middle, he just tampers and re-computes the HMAC
with far less computational overhead.
I've see no indication in Schneir's blog entry
that these attacks break HMACs.
That said, it is surprising that SHA-256 wasn't
added to the MUST list for RFC4109, given that
when this RFC was published, it was known that
SHA1 had be shown to be vulnerable to
attacks of less than O(2^69). But then again,
the RFC also mentions AES128 as MUST, but not
AES256. Odd.
This is no better than increasing the hash key size. In fact, it's worse than increasing the hash key by the same.
This is true only if the hash key size (N) of
an algorithm is tunable, and as another poster
remarked, if the only attack is a brute force
attack of O(2^N) as opposed to attacks of the
nature the folks in China are producing which
are less than O(2^N).
As far as I know, md5 is not tunable to outputting
more than 160 bits.
Note that SSL in fact uses this technique (use
multiple hashes) to protect against hash
collisions.
> as long as it does not interfere with safety
As long the airline's WiFi is compliant
WiFi equipment how can it interfere with
safety? Unless perhaps the safety equipment
is running over WiFi. If the safety equipment
is that critical then it shouldn't use
WiFi... there's a reason the FCC gave those
frequencies out.
> Aerodynamics is a pretty mature science. Look at
> cars, aircraft, and ships. They do not double
> in performance every 18 months.
Ships and cars have reached their limits because
there are practical limits to how fast
they can go through water and over land. That's
why manned flight was invented; more room; less
friction; fewer obstacles.
Aerodynamics is a highly regulated field. Were
it not for whiners living next to airports,
supersonic airliners would have been common
place, and we might be dabbling in suborbitals
for transoceanic trips. The same regulations have held back the personal aircraft. Finally,
entering the aircraft manufacturing business has
huge regulatory barriers to entry because of
safety concerns. There were zero such concerns
when the silicon-based integrated circuit business
started (today of course, the toxic waste
such business produces is a barrier to entry).
I'll grant you that doubling in air speed every
18 months since say 1970 would not have
happened, but nor is there a market for it.
I'd be perfectly happy with a one hour flight
from Denver, CO to Sydney, NSW... cutting it
to a few minutes makes no difference.
So that the open solaris community can create
independently from Sun. So that the community knows this is real. Without the real potential
of independence, non-Sun developers won't spend
time on open solaris verus Linux, *BSD, etc.
And if independence is achievable, it won't be
possible for Sun to take its ball and bat home
like it did with its aborted Community Source Solaris 8 effort. Sun can pull the plug on
opensolaris.org when it wants, but if an
independent distro is possible, Sun won't be
able to kill interest in open solaris.
Answer: George didn't think of till it till after
the latest re-release of a A New Hope. Don't
worry, George will digitally add Qui-Gon and
dialog with Obi_wan when the 3D version comes out.
Convert it to base64, and post it to Usenet.
Rely on groups.google.com to keep it around
forever. If you are worried about the
copyright police, encrypt with pgp before
conversion to base64.
> finally we can create a worm which installs linux.
Seriously I once worked for a company that used
Linux as its operating system for the hardware
it was selling. Once of the problems was how to
make installation of the operating system and our
valued added software easier by the out sourced
field engineers. One of the engineers
tinkered, and found that he could produce a
CD-R which would be inserted into any PC with a
BIOS (and a CD-ROM tray of course). Power cycling
the PC resulted in the unconditional, and
unprompted installation of Linux and our product.
And then the RH executives who lost their jobs as a result of the shutdown should just make a new company, with the same, or similar, products.
How does Microsoft win?
Easy. Microsoft offers to make the RH execs
filthy rich, and in return they promise to not
compete. And that's whether or not MS
dismisses said execs, which doesn't seem likely
in this case.
What do you think would happen if gas had a competitor? What if electric cars rivaled gas-powered cars for efficiency/ease-of-use? You're damn right gas prices wouldn't be so high.
You're damn wrong if you think they wouldn't be
so high.
The electricity has got to come from somewhere.
Usually a power plant fueled with hydrocarbons
(coal, natural gas, oil... checked your
heating bill lately?)
Until wind, solar, fission take a bigger bite
of the power plant pie, gas prices will be
high, with our without efficient electric
cars.
Where I am in east TN, it used to be just Comcast offering cable and cable internet services. As a result, their internet service was like $70/mo, and their cable TV was way overpriced.
Since several more cable providers have moved into the area, they all have roughly the same price, which is around $30-40 for internet service.
Now what could POSSIBLY warrant a $30/month drop in price for Comcast? Competition, maybe?
Less than one percent of all
cable TV markets have choice of more than one
provider (45 in 9000 as of 1990).
The only way they'd be in competition is you could
pick cable service from one or more of 3 (you did
say several came into the area) or more cable
companies.
(That article notes that Henderson, TN has comeptition, but that's west TN, not where you live, in east TN).
I have trouble believing it. Very few markets have two
providers. Three would be a miracle.
I do believe that DSL and/or broadband wireless
are driving your cable TV internet service down,
so competition is working for you, but not
in the cable TV market.
Nonetheless, as the article says, cable TV
rates drop when there is competition.
As an aside, I lived for a few years in the early
1980s in a market in Orange County, FL (which the
link I gave mentions as competitive), and will
say the the prices, customer service, and channel selection were excellent.
Where I live now in Colorado, a few years the
city allowed cable TV competition, but stipulated
that the newcomer had to provide 100% coverage of
the city before they'd get a franchise. Needless
to say, the newcomer said thanks but no thanks.
Idiot governments.
In the current economy, people are indeed cost
sensitive, and vendor advice to solve issues
usually adds up to higher cost, even if the
advice isn't to buy more, but to say change
a tunable parameter. Change has to be tested.
Let's say the employer leases office space
for the employee in Tenessee, puts in a broadband
link to the office in New York. How is this
different from IBM (a NY state headquartered
company) leasing buildings in Austin, Texas for
its thousands of employees?
(The mistake that was made here was in the
"telecommuter" paying NY state tax for the
25% of the time he was spending in New York.)
Do IBM Austin employees pay NY state tax for the
time they spend at IBM's headquarter facilities?
Me thinks telecommuters should lease back their
home office to their employers for a $1 a
month.
Hell, he'll win me back if he makes "Sith" nothing more than a 2 hour extremely bloody high body count Gungan snuff flick. The only time the Gungan slaughter stops is when the Ewoks show up and they become the target.
I think slashdot ought to have an annual Best Posts
awards event, and I nominate the above for 2005.
This will have me chuckling from now till the final credits role on "Sith".
Beans and rice are very inexpensive and consitute a large part of a healthy diet.
Yeah high in carbohydrates, and the major contributor to calories in a Taco Bell burrito; the food of choice among many of the poor.
Many of the poor get fat from the junk the served in
free school lunch programs, not to mention sugared soda served there. The bad eating habits start with government.
You see, Canada is a democracy with no real restraining constititution: the notwithstanding clause makes it possible for the government to pass a law overriding any judgement against it.
For five years. During which time an election will take place, and the government can be turfed. The
During the 5 years the government cherry picks
the opinion polls and gets re-elected. With no
term limits on Prime Minister. Hence,
21 distinct Canadians PMs in 138 years vs.
42 distinct US presidents in 216 years.
And you'd
think that since in Canada a PM can call an
election any time, when he inherits the job
due to a resignation or death of his predeccessor, he'd be in a hurry to call an election to get
legitimacy (there's no such provision in the
U.S. constitution). But these people often wait a year
or more to call an election or hand over power
to someone else. Like current Canadian PM.
clause has never even been used by the federal government.
So? The point it is there. Such a clause can't help intimidate the federal judiciary, lest the clause is invoked, and the
country look like a banana republic and/or
the masses disrupt Peace and Order due to Bad Government.
And the Senate is unElected, inEffective, and
inEqual, unlike the USA. So Canada's more populous provinces can dominate the smaller ones. Unlike the United States.
Slashdot Mirror
What the US needs to do is to find a cheaper, less CO2 producing, source of energy.
The project was a failure because the people who lived on the ground refused to put up with the sonic booms. Where it not for that, mass production, competition, etc. would have made the Concorde (or a successor) successful.
It had a hard time filling seats because its seats were expensive. Again, because no aircraft maker had incentive to drive costs down.
What prevents the person sending spam from lying about where the spammer got the email address from?
The problem I see is enforcement.
A variation on a theme is to use disposable email addresses
Second, RFC 4109 refers to the HMAC algorithms used for computing per packet integrity checksum that is resistant to tampering by a man in the middle. HMACs take as input both a known message and a shared secret (often, a session key for a symmetric key algorithm like DES, triple DES, AES, RC4, etc) and compute hash result ( MD5, or SHA1, or SHA-256, etc. ). In other words, part of the input to the hash algorithm is unknown. This makes it very difficult to find two messages, X and Y that compute the same HMAC. I.e. find X and Y such that HMAC(X, K) == HMAC(Y, K), where K is the shared secret. The attacks on MD5 and SHA-1 so far assume that there is no K, or if there is, it is known. And if the man in the middle knows K, he doesn't need to use these new cool attacks to tamper with messages; he's the man in the middle, he just tampers and re-computes the HMAC with far less computational overhead.
I've see no indication in Schneir's blog entry that these attacks break HMACs.
That said, it is surprising that SHA-256 wasn't added to the MUST list for RFC4109, given that when this RFC was published, it was known that SHA1 had be shown to be vulnerable to attacks of less than O(2^69). But then again, the RFC also mentions AES128 as MUST, but not AES256. Odd.
As far as I know, md5 is not tunable to outputting more than 160 bits.
Note that SSL in fact uses this technique (use multiple hashes) to protect against hash collisions.
> as long as it does not interfere with safety ... there's a reason the FCC gave those
frequencies out.
As long the airline's WiFi is compliant WiFi equipment how can it interfere with safety? Unless perhaps the safety equipment is running over WiFi. If the safety equipment is that critical then it shouldn't use WiFi
> cars, aircraft, and ships. They do not double
> in performance every 18 months.
Ships and cars have reached their limits because there are practical limits to how fast they can go through water and over land. That's why manned flight was invented; more room; less friction; fewer obstacles.
Aerodynamics is a highly regulated field. Were it not for whiners living next to airports, supersonic airliners would have been common place, and we might be dabbling in suborbitals for transoceanic trips. The same regulations have held back the personal aircraft. Finally, entering the aircraft manufacturing business has huge regulatory barriers to entry because of safety concerns. There were zero such concerns when the silicon-based integrated circuit business started (today of course, the toxic waste such business produces is a barrier to entry).
I'll grant you that doubling in air speed every 18 months since say 1970 would not have happened, but nor is there a market for it. I'd be perfectly happy with a one hour flight from Denver, CO to Sydney, NSW ... cutting it
to a few minutes makes no difference.
So that the open solaris community can create independently from Sun. So that the community knows this is real. Without the real potential of independence, non-Sun developers won't spend time on open solaris verus Linux, *BSD, etc.
And if independence is achievable, it won't be possible for Sun to take its ball and bat home like it did with its aborted Community Source Solaris 8 effort. Sun can pull the plug on opensolaris.org when it wants, but if an independent distro is possible, Sun won't be able to kill interest in open solaris.
It's all about more money for George.
There is an analogy between Sony and the Dem Party ... they both keep doing the same things,
and losing.
Convert it to base64, and post it to Usenet. Rely on groups.google.com to keep it around forever. If you are worried about the copyright police, encrypt with pgp before conversion to base64.
Seriously I once worked for a company that used Linux as its operating system for the hardware it was selling. Once of the problems was how to make installation of the operating system and our valued added software easier by the out sourced field engineers. One of the engineers tinkered, and found that he could produce a CD-R which would be inserted into any PC with a BIOS (and a CD-ROM tray of course). Power cycling the PC resulted in the unconditional, and unprompted installation of Linux and our product.
Easy. Microsoft offers to make the RH execs filthy rich, and in return they promise to not compete. And that's whether or not MS dismisses said execs, which doesn't seem likely in this case.
The electricity has got to come from somewhere. Usually a power plant fueled with hydrocarbons (coal, natural gas, oil ... checked your
heating bill lately?)
Until wind, solar, fission take a bigger bite of the power plant pie, gas prices will be high, with our without efficient electric cars.
The only way they'd be in competition is you could pick cable service from one or more of 3 (you did say several came into the area) or more cable companies.
(That article notes that Henderson, TN has comeptition, but that's west TN, not where you live, in east TN).
I have trouble believing it. Very few markets have two providers. Three would be a miracle.
I do believe that DSL and/or broadband wireless are driving your cable TV internet service down, so competition is working for you, but not in the cable TV market.
Nonetheless, as the article says, cable TV rates drop when there is competition.
As an aside, I lived for a few years in the early 1980s in a market in Orange County, FL (which the link I gave mentions as competitive), and will say the the prices, customer service, and channel selection were excellent.
Where I live now in Colorado, a few years the city allowed cable TV competition, but stipulated that the newcomer had to provide 100% coverage of the city before they'd get a franchise. Needless to say, the newcomer said thanks but no thanks. Idiot governments.
Plenty of fat Canucks.
In the current economy, people are indeed cost sensitive, and vendor advice to solve issues usually adds up to higher cost, even if the advice isn't to buy more, but to say change a tunable parameter. Change has to be tested.
(The mistake that was made here was in the "telecommuter" paying NY state tax for the 25% of the time he was spending in New York.)
Do IBM Austin employees pay NY state tax for the time they spend at IBM's headquarter facilities?
Me thinks telecommuters should lease back their home office to their employers for a $1 a month.
This will have me chuckling from now till the final credits role on "Sith".
Many of the poor get fat from the junk the served in free school lunch programs, not to mention sugared soda served there. The bad eating habits start with government.
And you'd think that since in Canada a PM can call an election any time, when he inherits the job due to a resignation or death of his predeccessor, he'd be in a hurry to call an election to get legitimacy (there's no such provision in the U.S. constitution). But these people often wait a year or more to call an election or hand over power to someone else. Like current Canadian PM.
So? The point it is there. Such a clause can't help intimidate the federal judiciary, lest the clause is invoked, and the country look like a banana republic and/or the masses disrupt Peace and Order due to Bad Government.And the Senate is unElected, inEffective, and inEqual, unlike the USA. So Canada's more populous provinces can dominate the smaller ones. Unlike the United States.