I'm rolling on the floor laughing at that article, but have to remind myself that it's probably an ignorant reporter and (not necessarily) Shawyer.
"Since the microwave photons in the waveguide are travelling close to the speed of light"... no, the microwave photons ARE light and are, by definition, moving at the speed of light at that point. I'm not really weaseling -- 'c' is the speed of light in open vacuum and is the same thing for all photons, but a waveguide is only a few multiples of the photon's wavelength and various weird things (to us) happen. See also the (Shamir?) pressure you can get when you hold two conductive plates close together. Longer wavelengths can't exist between the plates but can exist outside of them so you get a very slight net force pushing the plates together.
"any attempt to resolve the forces they generate must take account of Einstein's special theory of relativity."... no, standard EM theory will suffice. (Well, you might need some QM in there, but definitely not special relativity.)
and my favorite
"by mounting it on a sensitive balance, he has shown that it generates about 16 millinewtons of thrust, using 1 kilowatt of electrical power."
Let that sink in. This is as much power as a hair dryer or stove element, and it generates 16 mN of thrust. Could it be, oh, Satan?! I mean, thermal?!
This is particularly ironic since the article referred to the discovery of light pressure earlier. Everyone knows those little bulbs with white and black fans that "demonstrate" this effect. What most people don't know is that it isn't a perfect vacuum in there and, gosh, the dark side gets slightly hotter than the white side. That means the gas heats up on one side, expanding, you know the rest. IIRC they spin leading with the white side. It should be the other way since you have twice as much momentum transfer to reflect light (white) than to simply absorb it (black).
(BTW, I agree 100% with everyone who's pointing out that the walls of the cavity account for the rest of 'thrust' and that the device will just sit there driving up your power bill.)
I mostly agree with you, but there's one key difference. You should never use assertions in place of input validation. You must always code as if the assertions aren't there.
BUT, and this is important, there are times when you can have a legitimate business decision to skip input validation when the cost of the checking is higher than the cost of a mistake, esp. when these are internal methods that should never get unsanitized input. In those cases you may want to have contractual assertions without a corresponding regular check. Those cases should be clearly indicated, e.g., by using a different set of assert macros.
Another data point - marathoners tend to be a lot older than you would expect. As in an average age in late 30s or even 40s. The racers are younger, but the people out for fun are not.
There are some reasonable explanations. People in their 30s want to do it before they turn 40, people in their 40s and 50s start to see heart disease in their peers and see it as an investment in their own health.
But I have to wonder how much of it is because of relatively few 20-somethings being interested in distance running.
This is entirely pointless. It might catch some low-end content and players, but stings like you see on Dateline NBC are undoubtably far, far more effective at catching and convicting pedophiles.
The serious stuff is not going to be on an open web server, and if the feds have enough to get a search warrant for the host's SSL key then they have enough to seize the system and directly capture traffic on that server. In fact that's a common investigative tool -- seize the system but continue to run it for a month or two while collecting information. Merely visiting an IP address that contains kiddie porn or a pedophile's forum is suggestive, but no more. There could be plenty of legal material on that site.
Same thing with file sharing.
Worse for this "solution", is there doubt that the really serious players would go through hijacked PCs anyway? Can anyone seriously claim that no criminal has realized that he could set up a secure proxy server network on zombies? Hell, simply install OpenVPN on a non-standard port and in the mode where you have to have a valid key before you even get a response. Toss in BCP (iirc) and a script that periodically updates connection information and you have a system that goes through multiple hops with different encryption keys.
I know that organized crime is often shockingly net-ignorant, but kiddie porn has been shared by the net for years and all it takes is one group figuring out how to do this.
Unit tests should be as minimal as possible. E.g., you might have a single record loaded to test the basic CRUD operations for a class.
Why? You can set up your JUnit failure method so it takes a snapshot of the database at the point of failure and mails it to you (as an XML attachment). This means you can run smoke tests nightly -- try doing that with a "complete" database that's been scribbled on by other tests and developers since the problem occurred.
I'm confused by your statement. A single database server (Oracle, PostgreSQL, whatever) can hold many databases. You should definitely have two separate databases for each release (for developers and testing), and arguably a database for each developer for unit tests. It's a one-line change in your config files to switch from one database to another, hardly an onerous burden.
I guess some toys would only be able to handle a single database, but I can't imagine why anyone would use one when there are so many excellent free database servers.
(This is ignoring tools like Sleepy Cat DB since it's not something you would use in a J2EE context.)
Since when is a respected security researcher a "HACKER"?!
Seriously. I know the old definition of "hacker" and have been proud to be called one (in that sense) in the past, but the headline clearly refers to the malicious definition of hacker. This headline seems to serve no purpose other than deliberately blurring the line between legitimate researchers and the jerks who exploit weaknesses.
An adult with a sexual interest in spanking little girls may still be newsworthy.
An adult with a sexual interest in spanking adult women while role-playing? Very much not newsworthy unless there are extraordinary circumstances. E.g., a teacher who's already under investigation for inappropriate contact with students.
I think there are two "highly offensive to a reasonable person" questions here. Is the responder's behavior highly offensive? Some individuals may feel that way, but as long as it's consenting it's legal and nobody else's business.
Is the publisher's behavior highly offensive? Absolutely. I can't imagine anyone being indifferent to the public disclosure of their sexual fantasies. Even porn stars -- who make a living displaying explicit sexual behavior -- keep their private lives private. It is hard to think of anything that we consider more private and unsuitable for public disclosure.
I just realized I needed to clarify something from the last post....
Many doctors won't accept patients without insurance (and without life-threatening conditions) even if they can pay for their treatment on the spot. I don't know why, but if you can't see a doctor then you don't have any choices other than the ER.
One proposed solution is literally RN (or was it 'practicing nurses'?) in store-front offices, with limited prescription-writing rights for antibiotics and light pain killers. They could take care of routine colds and infections, broken bones, etc., and would know when to refer the patient to an affiliated doctor. A $20 RN visit is far more affordable than an $80 doctor visit (or $300+ ER visit), and will have the secondary effect of lowering overall costs by catching serious problems early.
But there's been resistance to having RN-based front-line health care. Gosh, I wonder why?
Have you ever tried to get private/individual health insurance?
Seriously.
It can't be done.
In many states there's ONE carrier willing to issue individual health insurance, and it typically eliminates anyone with a "pre-existing health condition." You might think you're in the clear on that, but very, very few people can reach their mid-30s without having SOMETHING that they can use to deny coverage. I think in some areas NOBODY is willing to issue individual health insurance policies at any price.
When my COBRA ran out a few years ago the only insurance coverage I could get was the state-mandated "insurance of last resort". I was willing to make the sacrifices for the coverage, but most people couldn't since the premium was nearly half my mortgage payment. Fortunately my car was paid off and in reasonably good condition.
Our health care system is seriously screwed up -- did you know something like 47 million Americans are without insurance? It is absolutely inexcuseable for an industrial nation to not have, at a minimum, universal catastrophic health insurance to cover basic care for cancer, heart attacks, etc. People could still have private insurance for private hospital rooms, more exhaustive treatments, etc. It would be far cheaper for everyone involved than forcing doctors and hospitals to absorb massive losses on the uninsured and being forced to pass those costs onto everyone else (disproportionally hitting other uninsured patients since they can't negotiate capped prices), to say nothing of eliminating millions of bankruptcies caused solely by medical expenses.
(Don't get me started on people without insurance being forced to use ERs as 'urgent care', creating long waits for the rest of us and driving up costs since an ER visit is far more expensive than an RN and doc in a storefront office.)
I would definitely put everything you do into Debian packages -- nothing should be done on testing and production systems by hand and the package manager provides a known good framework. There's a bit of a learning curve on how to produce Debian packages, but I believe there are some 'hardening' packages that can be used as models for how to handle the type of sysadmin tasks you're looking at.
You're using make-kpkg to build your kernel, of course, so it's already kicking out packages for your locally-built kernels.... you are using make-kpkg, right?
I have to agree with the others that the fact that you're asking about version control tools is scary. That's something that should have been decided a long time ago.
quick followup -- reading his actual letter it's clear that he's referring to Dunn's actions as chair of the board of directors, not as CEO. The chair has certain rights relative to the rest of the board... but they aren't unlimited. If nothing else she had to know that most if not all board members have duties with other organizations and her actions would be likely to compromise their sensitive information.
The Board represents the stockholders and the C-level employees work for the board and at their discretion. That said, there's usually contracts involved that would require substantial payouts when the CEO is canned, but there is absolutely no reason why the board couldn't have heard this relevation, held a vote, then had her escorted off the property on the spot.
As I understand the situation, the remaining board members aren't entirely in the clear since the CEO appears to have committed criminal acts as a corporate officer and they took no action. At a minimum I would expect them to get rather interesting calls from their corporate director insurance carrier. Nothing like facing personal liability from stockholder suits to focus your attention.
In the real world, it's much murkier since you can have people who are both C-level employees and board members, and in many cases the CEO is also the chairman of the board. In those cases individuals can have mixed loyalties, but that's why you want outsiders on the board.
Like others, I run my own mail server and have never used my comcast email account. Frack, I don't even know what my "username" is since I use them solely for connectivity... a situation that can cause interesting problems when I need to make a service call.
Besides unannounced blacklists, there are several other reasons to use third-party mail hosting, if not running your own mail server.
1) ISPs can change headers at will. Specifically, they could replace your outgoing "myname@mydomain.com" with "mycomcastname@comcast.net" at any time. This would be a PR disaster, but it's an easy and effective anti-phishing tool and the ISP may be forced to do it under threat of an internet death penalty.
2) ISPs can record every single message you send. (Recording all inbound mail may not be cost-effective, yet, due to the high spam volume.) A year ago I wouldn't have worried about this too much, but between the AT&T wiretapping case and the ongoing calls for mandatory data retention for two years I think you now have to treat it as a given. Maybe not this day, but definitely within the next few years at most. I know email is protected by law, but (iirc) recent court decisions have held that the law doesn't apply to email "at rest", to say nothing about doubts whether anyone would actually obey the law.
3) Finally, there's also the risk that a business competitor, divorce lawyer, etc., can compromise somebody at the ISP and get copies of all of your email anyway.
A mail hosting provider should take care of the first problem, and the second is trivial with your own virtual host. (I recommend tummy.com) I get all of my mail (in- and out-bound) over IMAP/S and SMTP+TLS over an openVPN network.
Entrapment is offering an inducement that is enough to convince law-abiding citizen to do something illegal. That's usually money, but it could be other things as well. It's a risky defense since it requires admitting the wrongdoing.
This wouldn't be entrapment since 1) non-pedophiles may have legitimate reasons to monitor that newsgroup. e.g., see the recent Salon.com article on kiddie porn researchers being frustrated since the feds don't have any exceptions for properly accredited researchers. I can easily see somebody snarfing that thread to see how much of it is spam, how much is clearly adult erotica, how much is teenage non-erotica, and how much is questionable content. I suspect the latter is only a tiny fraction of the traffic.
If mere subscription is enough to be criminal, the ISPs could simply require people to log in to access all newsgroups and then monitor who subscribes to that group.
And 2) there is no inducement for people to look at the group. Nobody is standing on the street corner offering people $100 to peek into the group.
Domains can be priced due to political reasons? The example given is sex.com (which points out to just how far into the weeds this country has gotten).
What about the political parties? What's to keep a registrar from saying Republican domains can be registered for $10/year, but Democrat domains will cost $100/year? We might think that no shareholders would stand for this, but rogue corporate management is no longer rare. (They have to have annual meetings? Sure, on the second week in January in Fargo, North Dakota, and stockholder questions will only be accepted for two hours. Answers not guaranteed.)
That might be too naked, but you could easily have subtle biases. The two major parties get "preferred rates" since they buy so many domains. Third-parties and upstart challengers get higher rates. BushSucks type sites get the highest rates. Subtle, but real, pressure against change.
Let me see if I can explain this in a few paragraphs....
A single encryption key defines a one-to-one mapping between each plaintext block and ciphertext block. (In ECB (electronic codebook) mode, but the chained block encoding follows a similar analysis.) It has to be bidirectional so that the decryption is unique.
This means that, AT A MAXIMUM, your meaningful keyspace can be no larger than the 2^(number of bits in block). In practice it takes a lot of hard work to ensure that you have 2^(number of bits in key) distinct and non-trivial mappings, and ideally for any arbitrary plaintext and ciphertext block you can guarantee that there is a unique key that will produce that result. However it's easy to screw up and only have, e.g., 2^40 actual encryptions even though you have a keysize of 64 or even 128 bits.
Double encryption also defines a one-to-one mapping between each plaintext block and ciphertext block... but you have the same blocksize. If the keys form a "group", then any double encryption will be equivalent to a single encryption with a different key. In fact any N-encryptions will be equavalent to encyrption with a single different key. Some combinations will leave you with no encryption. (XOR encryption is a trivial example of this -- you'll get no encryption whenever you have an even number of encryptions.)
Worse, your keys may not form a group because there's some property that gets cancelled out in a double encryption. E.g., maybe something drops out each time both keys have a '1' in the same spot. In this case double encryption would be significantly weaker than single encryption.
Triple-DES encryption is an oddball since it isn't (or wasn't) known whether DES keys form a group. Remember that a DES key is only 56 bits, but a DES cipherblock is 64 bits -- you know that can't get every possible mapping between plaintext and ciphertext by running through the keyspace.
Hence 3DES. However 3DES isn't simply encryption three times, e.g., the form we studied in my grad class used two (not three) 56-bit keys, in an EDE pattern. That is, you encrypt with the first key, then DECRYPT with the second key, then encrypt with the first key again. I didn't follow all of the reasoning but I seem to recall it was because of some property of the S and P boxes.
Albertson's (used to?) let you get the card anonymously, but you had to ask.
Safeway and Kroger has been *******, but I picked up a Safeway card because I was there with my girlfriend and reminded her that I had "lost" my card. They gave me a card and application to fill out so I would continue to get my bennies. Gosh, I seem to have misplaced that form!
The bottom line is that you can get them without providing personal information, but you have to be persistent. It also goes without saying that they're cash-only cards if you wish to remain anonymous.
P.S., whatever you do, don't make up stuff. It can cause problems for the person who actually has that address, phone number, etc., while giving the company the false sense that nobody minds the questions. Local managers may think a single person walking away from a sale is a kook, but they'll pay attention if it happens several times each week.
You didn't include the fact that the $3.00 "sale" price was bumped up from the pre-card prices.
You can really see this with soda since it's usually discounted. We saw prices for 6-packs of 24 fl oz soda running at $2.00 in December (2001?). On January 1st several stores rolled out their cards and the same product cost _$5.00_. But if you signed up for their card you could get the soda for just $3.00.
They called it a 40% savings. I call it a 50% increase.
The "regular" prices have gotten a more realistic, but the discounted prices are still often significantly higher than what you can find elsewhere.
What if the original CD itself is considered the 'backup'? Wouldn't that make your fire argument moot?
Ten years ago this would have been dismissed as a silly question. But today -- how many people listen to the original CD vs. the same song ripped to an iPod or copied onto a disposable CD for the car? I think a substantial number of people take this to its logical extreme -- they play a CD once to rip it, then toss it into a box in case they ever need to re-rip it. If the original media isn't the 'backup' in this case, what possibly could be?
First, as others have pointed out there's no connection between stress and Asperger's.
Second, the fact that 99% of the people with the disease du jour from a short checklist in Reader's Digest or Slashdot or whatever does not mean that the other 1% are also just fooling themselves. Dismissing them is as unacceptable as dismissing anyone else with a "hidden" illness. E.g., my girlfriend has fibromyagia (only she can spell it). She looks fine, we can go on short hikes, but I would never say that she's just lazy if she doesn't want to go on longer or more intense hikes.
BTW I have AS, and it took an autism specialist, a long questionaire and an hour+ interview focused heavily on my childhood and teen years to make that diagnosis. Like most adults (it seems) my main reaction during the interview was "uh, oh, that makes sense now!", and the main benefit is having a context when doing the hard work with clinical psychologists. The people who want to use a (self-)diagnosis as a "get out of a jail free card" disgust me, and I suspect everyone else who has AS and is working hard to work around it.
What do I mean by 'hard work'? E.g., my natural response is a conversation is extremely 'flat', something people interpret as being uninterested or even aloof. I've learned how to 'act' to give the right social signals (nodding, 'uh huh', etc.) so it's no longer a problem in casual conversation, but it came across as false and manipulative for years. Even today I'll slip if I'm tired.
You need to experience more of the world. What passes for "religion" in the main stream media (and politics:-( ) in the US is just a stagnant tidal pool among all religions.
I'm reminded of a great quote from the Dalai Lama(iirc, and *) that I saw a few months ago. Some interviewer was asking what it would mean to Buddhism if scientists proved something contrary to our teachings. He looked at the interviewer like he was insane, then said that the teachings would be changed to reflect reality. No fuss, but then again the central premise of Buddhism is to become truly aware of what's going on. (Which is an incredibly scary thing, once you start to get serious about it. You can't hide things from yourself any longer.)
(*) ObDisclosure -- I consider myself a Buddhist in a Tibetean tradition, so strictly speaking the Dalai Lama is our spiritual leader. But it's nothing like what you would see in the Catholic church, for instance. I just thought the statement really caught the way that it's a non-issue.
My workplace issued new laptops with ~150 DPI (measured with a ruler). Basically twice what the old standard was. Twice what everyone designs their icons for, so those icons take up 1/4 the amount of screen real estate as they should.
I was able to get my applications to use reasonable fonts. It's NOT as simple as just setting the Windows display resolution to 150 DPI -- many apps merrily continue to insist on what they know you really meant and I still had to specify 24pt font to get what should be a 12pt font. But you can largely force the apps to behave.
But icons? WHERE ARE YE OLDE INSTRUMENTS OF TORTURE?!
I'm serious. Few applications support multiple icon sizes, so I have to take it at faith that the icons on this application actually mean something. E.g., I'm told that the subversion plug-in indicates if the file has been modified, if it's been modified on the server, locally, or both, and probably other nifty information. I can't tell since the icons force that information into about 6 pixes square.
Controls aren't quite as bad since they're not trying to cram the information into such as small space, but they're still so small that I have to remember that the icon for the local webserver is the grey box that's the second icon in the third group, not the little icon of a server.
I'm only in my 40s and only need reading glasses occasionally, but mild presbyopia and icons a fraction of their intended size is a bad combination.... and coworkers still wonder why I prefer the command line instead of the nifty new tools.
You need to think carefully before using an 'old' old computer, three years old or older.
-- can you connect to it? Really old systems won't have USB and may not even have PCI for a network card. You can work around this, but is it worth the effort?
-- full PCs consume a lot of power compared to a networked printer or a non-network printer and a liberated Linksys router or NSLU2. I could easily believe that half of my power bill comes from idle and even "powered off" electronics, and my place looks like the bridge of the Enterprise when I get up to go to the bathroom in the middle of the night.
-- old PCs may be fire hazards due to aging components.
The last point can't be overemphasized. Systems collect dust in places where it can't be easily blown out, insulation plasticizers dry out, etc. They can be safe to run when you're around, but I wouldn't trust them running when I'm asleep or away.
Slashdot Mirror
I'm rolling on the floor laughing at that article, but have to remind myself that it's probably an ignorant reporter and (not necessarily) Shawyer.
"Since the microwave photons in the waveguide are travelling close to the speed of light"... no, the microwave photons ARE light and are, by definition, moving at the speed of light at that point. I'm not really weaseling -- 'c' is the speed of light in open vacuum and is the same thing for all photons, but a waveguide is only a few multiples of the photon's wavelength and various weird things (to us) happen. See also the (Shamir?) pressure you can get when you hold two conductive plates close together. Longer wavelengths can't exist between the plates but can exist outside of them so you get a very slight net force pushing the plates together.
"any attempt to resolve the forces they generate must take account of Einstein's special theory of relativity."... no, standard EM theory will suffice. (Well, you might need some QM in there, but definitely not special relativity.)
and my favorite
"by mounting it on a sensitive balance, he has shown that it generates about 16 millinewtons of thrust, using 1 kilowatt of electrical power."
Let that sink in. This is as much power as a hair dryer or stove element, and it generates 16 mN of thrust. Could it be, oh, Satan?! I mean, thermal?!
This is particularly ironic since the article referred to the discovery of light pressure earlier. Everyone knows those little bulbs with white and black fans that "demonstrate" this effect. What most people don't know is that it isn't a perfect vacuum in there and, gosh, the dark side gets slightly hotter than the white side. That means the gas heats up on one side, expanding, you know the rest. IIRC they spin leading with the white side. It should be the other way since you have twice as much momentum transfer to reflect light (white) than to simply absorb it (black).
(BTW, I agree 100% with everyone who's pointing out that the walls of the cavity account for the rest of 'thrust' and that the device will just sit there driving up your power bill.)
I mostly agree with you, but there's one key difference. You should never use assertions in place of input validation. You must always code as if the assertions aren't there.
BUT, and this is important, there are times when you can have a legitimate business decision to skip input validation when the cost of the checking is higher than the cost of a mistake, esp. when these are internal methods that should never get unsanitized input. In those cases you may want to have contractual assertions without a corresponding regular check. Those cases should be clearly indicated, e.g., by using a different set of assert macros.
Another data point - marathoners tend to be a lot older than you would expect. As in an average age in late 30s or even 40s. The racers are younger, but the people out for fun are not.
There are some reasonable explanations. People in their 30s want to do it before they turn 40, people in their 40s and 50s start to see heart disease in their peers and see it as an investment in their own health.
But I have to wonder how much of it is because of relatively few 20-somethings being interested in distance running.
This is entirely pointless. It might catch some low-end content and players, but stings like you see on Dateline NBC are undoubtably far, far more effective at catching and convicting pedophiles.
The serious stuff is not going to be on an open web server, and if the feds have enough to get a search warrant for the host's SSL key then they have enough to seize the system and directly capture traffic on that server. In fact that's a common investigative tool -- seize the system but continue to run it for a month or two while collecting information. Merely visiting an IP address that contains kiddie porn or a pedophile's forum is suggestive, but no more. There could be plenty of legal material on that site.
Same thing with file sharing.
Worse for this "solution", is there doubt that the really serious players would go through hijacked PCs anyway? Can anyone seriously claim that no criminal has realized that he could set up a secure proxy server network on zombies? Hell, simply install OpenVPN on a non-standard port and in the mode where you have to have a valid key before you even get a response. Toss in BCP (iirc) and a script that periodically updates connection information and you have a system that goes through multiple hops with different encryption keys.
I know that organized crime is often shockingly net-ignorant, but kiddie porn has been shared by the net for years and all it takes is one group figuring out how to do this.
Unit tests should be as minimal as possible. E.g., you might have a single record loaded to test the basic CRUD operations for a class.
Why? You can set up your JUnit failure method so it takes a snapshot of the database at the point of failure and mails it to you (as an XML attachment). This means you can run smoke tests nightly -- try doing that with a "complete" database that's been scribbled on by other tests and developers since the problem occurred.
I'm confused by your statement. A single database server (Oracle, PostgreSQL, whatever) can hold many databases. You should definitely have two separate databases for each release (for developers and testing), and arguably a database for each developer for unit tests. It's a one-line change in your config files to switch from one database to another, hardly an onerous burden.
I guess some toys would only be able to handle a single database, but I can't imagine why anyone would use one when there are so many excellent free database servers.
(This is ignoring tools like Sleepy Cat DB since it's not something you would use in a J2EE context.)
Since when is a respected security researcher a "HACKER"?!
Seriously. I know the old definition of "hacker" and have been proud to be called one (in that sense) in the past, but the headline clearly refers to the malicious definition of hacker. This headline seems to serve no purpose other than deliberately blurring the line between legitimate researchers and the jerks who exploit weaknesses.
An adult with a sexual interest in spanking little girls may still be newsworthy.
An adult with a sexual interest in spanking adult women while role-playing? Very much not newsworthy unless there are extraordinary circumstances. E.g., a teacher who's already under investigation for inappropriate contact with students.
I think there are two "highly offensive to a reasonable person" questions here. Is the responder's behavior highly offensive? Some individuals may feel that way, but as long as it's consenting it's legal and nobody else's business.
Is the publisher's behavior highly offensive? Absolutely. I can't imagine anyone being indifferent to the public disclosure of their sexual fantasies. Even porn stars -- who make a living displaying explicit sexual behavior -- keep their private lives private. It is hard to think of anything that we consider more private and unsuitable for public disclosure.
According to an update on the original article, the board adjorned without action on Sunday. They are scheduled to meet again Monday afternoon(iirc).
I just realized I needed to clarify something from the last post....
Many doctors won't accept patients without insurance (and without life-threatening conditions) even if they can pay for their treatment on the spot. I don't know why, but if you can't see a doctor then you don't have any choices other than the ER.
One proposed solution is literally RN (or was it 'practicing nurses'?) in store-front offices, with limited prescription-writing rights for antibiotics and light pain killers. They could take care of routine colds and infections, broken bones, etc., and would know when to refer the patient to an affiliated doctor. A $20 RN visit is far more affordable than an $80 doctor visit (or $300+ ER visit), and will have the secondary effect of lowering overall costs by catching serious problems early.
But there's been resistance to having RN-based front-line health care. Gosh, I wonder why?
Have you ever tried to get private/individual health insurance?
Seriously.
It can't be done.
In many states there's ONE carrier willing to issue individual health insurance, and it typically eliminates anyone with a "pre-existing health condition." You might think you're in the clear on that, but very, very few people can reach their mid-30s without having SOMETHING that they can use to deny coverage. I think in some areas NOBODY is willing to issue individual health insurance policies at any price.
When my COBRA ran out a few years ago the only insurance coverage I could get was the state-mandated "insurance of last resort". I was willing to make the sacrifices for the coverage, but most people couldn't since the premium was nearly half my mortgage payment. Fortunately my car was paid off and in reasonably good condition.
Our health care system is seriously screwed up -- did you know something like 47 million Americans are without insurance? It is absolutely inexcuseable for an industrial nation to not have, at a minimum, universal catastrophic health insurance to cover basic care for cancer, heart attacks, etc. People could still have private insurance for private hospital rooms, more exhaustive treatments, etc. It would be far cheaper for everyone involved than forcing doctors and hospitals to absorb massive losses on the uninsured and being forced to pass those costs onto everyone else (disproportionally hitting other uninsured patients since they can't negotiate capped prices), to say nothing of eliminating millions of bankruptcies caused solely by medical expenses.
(Don't get me started on people without insurance being forced to use ERs as 'urgent care', creating long waits for the rest of us and driving up costs since an ER visit is far more expensive than an RN and doc in a storefront office.)
I would definitely put everything you do into Debian packages -- nothing should be done on testing and production systems by hand and the package manager provides a known good framework. There's a bit of a learning curve on how to produce Debian packages, but I believe there are some 'hardening' packages that can be used as models for how to handle the type of sysadmin tasks you're looking at.
... you are using make-kpkg, right?
You're using make-kpkg to build your kernel, of course, so it's already kicking out packages for your locally-built kernels.
I have to agree with the others that the fact that you're asking about version control tools is scary. That's something that should have been decided a long time ago.
quick followup -- reading his actual letter it's clear that he's referring to Dunn's actions as chair of the board of directors, not as CEO. The chair has certain rights relative to the rest of the board... but they aren't unlimited. If nothing else she had to know that most if not all board members have duties with other organizations and her actions would be likely to compromise their sensitive information.
The Board represents the stockholders and the C-level employees work for the board and at their discretion. That said, there's usually contracts involved that would require substantial payouts when the CEO is canned, but there is absolutely no reason why the board couldn't have heard this relevation, held a vote, then had her escorted off the property on the spot.
As I understand the situation, the remaining board members aren't entirely in the clear since the CEO appears to have committed criminal acts as a corporate officer and they took no action. At a minimum I would expect them to get rather interesting calls from their corporate director insurance carrier. Nothing like facing personal liability from stockholder suits to focus your attention.
In the real world, it's much murkier since you can have people who are both C-level employees and board members, and in many cases the CEO is also the chairman of the board. In those cases individuals can have mixed loyalties, but that's why you want outsiders on the board.
Like others, I run my own mail server and have never used my comcast email account. Frack, I don't even know what my "username" is since I use them solely for connectivity... a situation that can cause interesting problems when I need to make a service call.
Besides unannounced blacklists, there are several other reasons to use third-party mail hosting, if not running your own mail server.
1) ISPs can change headers at will. Specifically, they could replace your outgoing "myname@mydomain.com" with "mycomcastname@comcast.net" at any time. This would be a PR disaster, but it's an easy and effective anti-phishing tool and the ISP may be forced to do it under threat of an internet death penalty.
2) ISPs can record every single message you send. (Recording all inbound mail may not be cost-effective, yet, due to the high spam volume.) A year ago I wouldn't have worried about this too much, but between the AT&T wiretapping case and the ongoing calls for mandatory data retention for two years I think you now have to treat it as a given. Maybe not this day, but definitely within the next few years at most. I know email is protected by law, but (iirc) recent court decisions have held that the law doesn't apply to email "at rest", to say nothing about doubts whether anyone would actually obey the law.
3) Finally, there's also the risk that a business competitor, divorce lawyer, etc., can compromise somebody at the ISP and get copies of all of your email anyway.
A mail hosting provider should take care of the first problem, and the second is trivial with your own virtual host. (I recommend tummy.com) I get all of my mail (in- and out-bound) over IMAP/S and SMTP+TLS over an openVPN network.
IANAL, yada yada
Entrapment is offering an inducement that is enough to convince law-abiding citizen to do something illegal. That's usually money, but it could be other things as well. It's a risky defense since it requires admitting the wrongdoing.
This wouldn't be entrapment since 1) non-pedophiles may have legitimate reasons to monitor that newsgroup. e.g., see the recent Salon.com article on kiddie porn researchers being frustrated since the feds don't have any exceptions for properly accredited researchers. I can easily see somebody snarfing that thread to see how much of it is spam, how much is clearly adult erotica, how much is teenage non-erotica, and how much is questionable content. I suspect the latter is only a tiny fraction of the traffic.
If mere subscription is enough to be criminal, the ISPs could simply require people to log in to access all newsgroups and then monitor who subscribes to that group.
And 2) there is no inducement for people to look at the group. Nobody is standing on the street corner offering people $100 to peek into the group.
Domains can be priced due to political reasons? The example given is sex.com (which points out to just how far into the weeds this country has gotten).
What about the political parties? What's to keep a registrar from saying Republican domains can be registered for $10/year, but Democrat domains will cost $100/year? We might think that no shareholders would stand for this, but rogue corporate management is no longer rare. (They have to have annual meetings? Sure, on the second week in January in Fargo, North Dakota, and stockholder questions will only be accepted for two hours. Answers not guaranteed.)
That might be too naked, but you could easily have subtle biases. The two major parties get "preferred rates" since they buy so many domains. Third-parties and upstart challengers get higher rates. BushSucks type sites get the highest rates. Subtle, but real, pressure against change.
Let me see if I can explain this in a few paragraphs....
A single encryption key defines a one-to-one mapping between each plaintext block and ciphertext block. (In ECB (electronic codebook) mode, but the chained block encoding follows a similar analysis.) It has to be bidirectional so that the decryption is unique.
This means that, AT A MAXIMUM, your meaningful keyspace can be no larger than the 2^(number of bits in block). In practice it takes a lot of hard work to ensure that you have 2^(number of bits in key) distinct and non-trivial mappings, and ideally for any arbitrary plaintext and ciphertext block you can guarantee that there is a unique key that will produce that result. However it's easy to screw up and only have, e.g., 2^40 actual encryptions even though you have a keysize of 64 or even 128 bits.
Double encryption also defines a one-to-one mapping between each plaintext block and ciphertext block... but you have the same blocksize. If the keys form a "group", then any double encryption will be equivalent to a single encryption with a different key. In fact any N-encryptions will be equavalent to encyrption with a single different key. Some combinations will leave you with no encryption. (XOR encryption is a trivial example of this -- you'll get no encryption whenever you have an even number of encryptions.)
Worse, your keys may not form a group because there's some property that gets cancelled out in a double encryption. E.g., maybe something drops out each time both keys have a '1' in the same spot. In this case double encryption would be significantly weaker than single encryption.
Triple-DES encryption is an oddball since it isn't (or wasn't) known whether DES keys form a group. Remember that a DES key is only 56 bits, but a DES cipherblock is 64 bits -- you know that can't get every possible mapping between plaintext and ciphertext by running through the keyspace.
Hence 3DES. However 3DES isn't simply encryption three times, e.g., the form we studied in my grad class used two (not three) 56-bit keys, in an EDE pattern. That is, you encrypt with the first key, then DECRYPT with the second key, then encrypt with the first key again. I didn't follow all of the reasoning but I seem to recall it was because of some property of the S and P boxes.
Albertson's (used to?) let you get the card anonymously, but you had to ask.
Safeway and Kroger has been *******, but I picked up a Safeway card because I was there with my girlfriend and reminded her that I had "lost" my card. They gave me a card and application to fill out so I would continue to get my bennies. Gosh, I seem to have misplaced that form!
The bottom line is that you can get them without providing personal information, but you have to be persistent. It also goes without saying that they're cash-only cards if you wish to remain anonymous.
P.S., whatever you do, don't make up stuff. It can cause problems for the person who actually has that address, phone number, etc., while giving the company the false sense that nobody minds the questions. Local managers may think a single person walking away from a sale is a kook, but they'll pay attention if it happens several times each week.
You didn't include the fact that the $3.00 "sale" price was bumped up from the pre-card prices.
You can really see this with soda since it's usually discounted. We saw prices for 6-packs of 24 fl oz soda running at $2.00 in December (2001?). On January 1st several stores rolled out their cards and the same product cost _$5.00_. But if you signed up for their card you could get the soda for just $3.00.
They called it a 40% savings. I call it a 50% increase.
The "regular" prices have gotten a more realistic, but the discounted prices are still often significantly higher than what you can find elsewhere.
What if the original CD itself is considered the 'backup'? Wouldn't that make your fire argument moot?
Ten years ago this would have been dismissed as a silly question. But today -- how many people listen to the original CD vs. the same song ripped to an iPod or copied onto a disposable CD for the car? I think a substantial number of people take this to its logical extreme -- they play a CD once to rip it, then toss it into a box in case they ever need to re-rip it. If the original media isn't the 'backup' in this case, what possibly could be?
First, as others have pointed out there's no connection between stress and Asperger's.
Second, the fact that 99% of the people with the disease du jour from a short checklist in Reader's Digest or Slashdot or whatever does not mean that the other 1% are also just fooling themselves. Dismissing them is as unacceptable as dismissing anyone else with a "hidden" illness. E.g., my girlfriend has fibromyagia (only she can spell it). She looks fine, we can go on short hikes, but I would never say that she's just lazy if she doesn't want to go on longer or more intense hikes.
BTW I have AS, and it took an autism specialist, a long questionaire and an hour+ interview focused heavily on my childhood and teen years to make that diagnosis. Like most adults (it seems) my main reaction during the interview was "uh, oh, that makes sense now!", and the main benefit is having a context when doing the hard work with clinical psychologists. The people who want to use a (self-)diagnosis as a "get out of a jail free card" disgust me, and I suspect everyone else who has AS and is working hard to work around it.
What do I mean by 'hard work'? E.g., my natural response is a conversation is extremely 'flat', something people interpret as being uninterested or even aloof. I've learned how to 'act' to give the right social signals (nodding, 'uh huh', etc.) so it's no longer a problem in casual conversation, but it came across as false and manipulative for years. Even today I'll slip if I'm tired.
You need to experience more of the world. What passes for "religion" in the main stream media (and politics :-( ) in the US is just a stagnant tidal pool among all religions.
I'm reminded of a great quote from the Dalai Lama(iirc, and *) that I saw a few months ago. Some interviewer was asking what it would mean to Buddhism if scientists proved something contrary to our teachings. He looked at the interviewer like he was insane, then said that the teachings would be changed to reflect reality. No fuss, but then again the central premise of Buddhism is to become truly aware of what's going on. (Which is an incredibly scary thing, once you start to get serious about it. You can't hide things from yourself any longer.)
(*) ObDisclosure -- I consider myself a Buddhist in a Tibetean tradition, so strictly speaking the Dalai Lama is our spiritual leader. But it's nothing like what you would see in the Catholic church, for instance. I just thought the statement really caught the way that it's a non-issue.
Images are bad, but icons are worse!
... and coworkers still wonder why I prefer the command line instead of the nifty new tools.
My workplace issued new laptops with ~150 DPI (measured with a ruler). Basically twice what the old standard was. Twice what everyone designs their icons for, so those icons take up 1/4 the amount of screen real estate as they should.
I was able to get my applications to use reasonable fonts. It's NOT as simple as just setting the Windows display resolution to 150 DPI -- many apps merrily continue to insist on what they know you really meant and I still had to specify 24pt font to get what should be a 12pt font. But you can largely force the apps to behave.
But icons? WHERE ARE YE OLDE INSTRUMENTS OF TORTURE?!
I'm serious. Few applications support multiple icon sizes, so I have to take it at faith that the icons on this application actually mean something. E.g., I'm told that the subversion plug-in indicates if the file has been modified, if it's been modified on the server, locally, or both, and probably other nifty information. I can't tell since the icons force that information into about 6 pixes square.
Controls aren't quite as bad since they're not trying to cram the information into such as small space, but they're still so small that I have to remember that the icon for the local webserver is the grey box that's the second icon in the third group, not the little icon of a server.
I'm only in my 40s and only need reading glasses occasionally, but mild presbyopia and icons a fraction of their intended size is a bad combination.
You need to think carefully before using an 'old' old computer, three years old or older.
-- can you connect to it? Really old systems won't have USB and may not even have PCI for a network card. You can work around this, but is it worth the effort?
-- full PCs consume a lot of power compared to a networked printer or a non-network printer and a liberated Linksys router or NSLU2. I could easily believe that half of my power bill comes from idle and even "powered off" electronics, and my place looks like the bridge of the Enterprise when I get up to go to the bathroom in the middle of the night.
-- old PCs may be fire hazards due to aging components.
The last point can't be overemphasized. Systems collect dust in places where it can't be easily blown out, insulation plasticizers dry out, etc. They can be safe to run when you're around, but I wouldn't trust them running when I'm asleep or away.