This is an UI issue. The "is this really $my_bank.com" question is already handled by the EV certs and green address bar.
Making people jump through unnecessary hoops to use self-signed certificates is just counter-productive, since it makes using encryption that much harder. Self-signed doesn't protect you against mitm but it protects you against an eavesdropper; it moves eavesdropping from a passive to an active attack. So the right question to ask is "Why do we want to make encrypted non-authenticated harder to use than not encrypted at all?".
having a third "encrypted but not 'secure'" state
It is really four states.
EV-cert, green address bar. Cert signed by trusted CA, padlock. Self-signed/expired, some indication that the connection is encrypted but not authenticated. Plain http, should really have a big red warning sign.
From the screen shots and the description, it sounds like this thing takes the d3d (or ogl) instruction stream, finds tasks that can be done in parallel and partition them up across several cards. Then it sends each stream to a card, using the regular d3d/ogl driver for the card. At the back end it merges the resulting framebuffers.
What I'd like to know is how they intend to handle a situation where the gpus have different capabilities. If you have a dx9 and a dx10 card, will it fall back to the lowest common denominator?
Also, what about cards that produce different results? Say, two cards that does anti-aliasing slightly different. The article says that Hydra will often change the work passed off to each card (or even the strategy for dividing work amongst the cards) on a frame by frame basis. If they produce different results you'd end up with flicker and strange artefacts.
Sounds like interesting technology but unless they get all those edge cases right...
Not only that, but he even "had a good portion of the restaurant employees gathered to see if the trainee would ever solve the melting mystery". Not only did he do a bad job of training her, he went out of his way to deliberately humiliate the poor lass.
To top it off he did it to what he describes as a "nice young girl", which makes me wonder how he treats people that aren't nice and young. In short, samzenpus just outed himself as a first-class douche bag.
If the carrier tried to control what you can connect to your landline, there would be a riot in the streets. Why is there no pitchfork-wielding mob when cell carriers do exactly the same?
That would likely be UPnP AV/DLNA. It is a set of standards to make media servers and media display devices work together automagically. Come to think of it, I wish MythTV would focus more on proper support for this instead of doing custom front-ends.
There is nothing that prevents a 'god' from altering the rules.
True. But how do you prevent the inhabitants of the Matrix going "Whoa! Deja-Vu!"?
Or in less Keanu Reeves-terms: Say for example that this 'god' changed the size of the nuclear force 2 bill years ago. That would change the ratio of different chemical elements compared to what we would expect to see.
I swear, sometimes it seems like people try to be dense.
Are you one of these people that suffer from the rare affliction called Collateral Damage Blindness?
There is a difference between a single night stand that has no consequences and one that results in a child, two broken marriages, 5 kids in foster home and half the town getting a nasty std.
This isn't an attack one could run against a client out on a DSL line, but if you were able to take over one machine in a colo, you might be able, over time, to get traffic for other machines directed to yours.
True. On the other hand, if you are on the same network segment then there are many other options available to you if you want to do evil. Blasting about 4 terabytes (1 Gb/s for 10H) at a DNS server isn't exactly a quiet attack, so if you intend to stay below the radar you're probably a lot better off trying some good old arp spoofing or tcp hijacking instead.
Yeah, that was sort of what I was expecting. My understanding is (IANAChipDesigner, etc) that to reach high clock rates, you'd need to have deeper pipelines than on the 486. The reason being that each step can then be considered an independent unit with regards to clock propagation.
It's a shame that Paulsbo, the low-power chipset for Atom, is designed for MIDs
Some people are actually making SBCs based on Atom/Poulsbo. While certainly not fast enough to use as a desktop PC, I'm sure people can build a lot of interesting appliances with a board like that.
What i'd like however, is a low power system with pcie to run mythtv, a system that has the capability to shut off the videocard when not in use... I don't really care about small, i want a couple of pci and a pcie slot
The the Atom is probably a bad fit. If you intend to run both myth frontend and backend on the box, I'd expect it to simply be too slow. Not to mention that once you start adding pci/pcie cards and HDs, the power consumption advantage of the Atom compared to other CPUs like the Nano becomes insignificant compared to the power consumption of the rest of the system.
Slashdot Mirror
Exactly.
This is an UI issue. The "is this really $my_bank.com" question is already handled by the EV certs and green address bar.
Making people jump through unnecessary hoops to use self-signed certificates is just counter-productive, since it makes using encryption that much harder. Self-signed doesn't protect you against mitm but it protects you against an eavesdropper; it moves eavesdropping from a passive to an active attack. So the right question to ask is "Why do we want to make encrypted non-authenticated harder to use than not encrypted at all?".
having a third "encrypted but not 'secure'" state
It is really four states.
EV-cert, green address bar.
Cert signed by trusted CA, padlock.
Self-signed/expired, some indication that the connection is encrypted but not authenticated.
Plain http, should really have a big red warning sign.
The regular Mom and pop user won't notice, since their PC already runs at 486 speed due to all the malware installed.
You might want to reread the thread, btw. You obviously took gambino's reply as serious when it was a flippant answer to the AC. :-)
From the screen shots and the description, it sounds like this thing takes the d3d (or ogl) instruction stream, finds tasks that can be done in parallel and partition them up across several cards. Then it sends each stream to a card, using the regular d3d/ogl driver for the card. At the back end it merges the resulting framebuffers.
What I'd like to know is how they intend to handle a situation where the gpus have different capabilities. If you have a dx9 and a dx10 card, will it fall back to the lowest common denominator?
Also, what about cards that produce different results? Say, two cards that does anti-aliasing slightly different. The article says that Hydra will often change the work passed off to each card (or even the strategy for dividing work amongst the cards) on a frame by frame basis. If they produce different results you'd end up with flicker and strange artefacts.
Sounds like interesting technology but unless they get all those edge cases right...
Are you saying that it is better to counter drivel with drivel than to counter it with facts?
Burma!
Not only that, but he even "had a good portion of the restaurant employees gathered to see if the trainee would ever solve the melting mystery". Not only did he do a bad job of training her, he went out of his way to deliberately humiliate the poor lass.
To top it off he did it to what he describes as a "nice young girl", which makes me wonder how he treats people that aren't nice and young. In short, samzenpus just outed himself as a first-class douche bag.
Oh, please...
It is perfectly possible to be both correct and partisan noisy at the same time.
We have now reached Whiny, artistic types post lengthy diatribes about how this terrible design flaw has made the device unusable and scarred them emotionally.
And why is that?
If the carrier tried to control what you can connect to your landline, there would be a riot in the streets. Why is there no pitchfork-wielding mob when cell carriers do exactly the same?
That would likely be UPnP AV/DLNA. It is a set of standards to make media servers and media display devices work together automagically. Come to think of it, I wish MythTV would focus more on proper support for this instead of doing custom front-ends.
Media transport is done over http or rtp.
Erm.. Shouldn't it be "HTC will be first"?
Something must be seriously broken with the cell phone market in the US when $cell_carrier is considered more important than $phone_manufacturer.
Wait, you're saying that legalizing doping will result in "We're sorry, currently our video library can only be streamed within the United States."?
There is nothing that prevents a 'god' from altering the rules.
True. But how do you prevent the inhabitants of the Matrix going "Whoa! Deja-Vu!"?
Or in less Keanu Reeves-terms: Say for example that this 'god' changed the size of the nuclear force 2 bill years ago. That would change the ratio of different chemical elements compared to what we would expect to see.
I swear, sometimes it seems like people try to be dense.
Are you one of these people that suffer from the rare affliction called Collateral Damage Blindness?
There is a difference between a single night stand that has no consequences and one that results in a child, two broken marriages, 5 kids in foster home and half the town getting a nasty std.
The compass is lying, obviously.
This isn't an attack one could run against a client out on a DSL line, but if you were able to take over one machine in a colo, you might be able, over time, to get traffic for other machines directed to yours.
True. On the other hand, if you are on the same network segment then there are many other options available to you if you want to do evil. Blasting about 4 terabytes (1 Gb/s for 10H) at a DNS server isn't exactly a quiet attack, so if you intend to stay below the radar you're probably a lot better off trying some good old arp spoofing or tcp hijacking instead.
Argh, laughed so hard I messed up when clicking the moderate button.
Yeah, that was sort of what I was expecting. My understanding is (IANAChipDesigner, etc) that to reach high clock rates, you'd need to have deeper pipelines than on the 486. The reason being that each step can then be considered an independent unit with regards to clock propagation.
Yes, you are off.
1) Corporate personhood.
2) Google is using DMCA as a defense.
What I would like to know is how high you might clock a 486 core built in a modern fab.
Bull.
There is a specific exception for "caching only" both in US and EU law. See 512(b) of the DMCA and Article 13 of Directive 2000/31/EC
CPUs should never ever interpret unknown instructions as NOPs, they throw an exception instead.
And why would Intel's compiler emit code that is not x86-compliant? Code should look at cpuid feature bits, not "GenuineIntel".
It's a shame that Paulsbo, the low-power chipset for Atom, is designed for MIDs
Some people are actually making SBCs based on Atom/Poulsbo. While certainly not fast enough to use as a desktop PC, I'm sure people can build a lot of interesting appliances with a board like that.
What i'd like however, is a low power system with pcie to run mythtv, a system that has the capability to shut off the videocard when not in use... I don't really care about small, i want a couple of pci and a pcie slot
The the Atom is probably a bad fit. If you intend to run both myth frontend and backend on the box, I'd expect it to simply be too slow. Not to mention that once you start adding pci/pcie cards and HDs, the power consumption advantage of the Atom compared to other CPUs like the Nano becomes insignificant compared to the power consumption of the rest of the system.