That's great if you're submitting printed work. Electronic coursework submission is becoming much more common, and a lot of academics want it in Word format. I work as part of an e-learning technology group, and while we encourage PDF wherever we can (because Word does not render the same in all cases, which risks all sorts of weirdness), the feedback is very clearly that academics prefer Word's commenting tools (over Foxit or Preview).
If I remember correctly, the web surfing is listed as "experimental". In short, if it turns out letting all traffic through is an issue, they can just tell 3G suppliers to firewall Kindles down to the Amazon store only, and still be within what they agreed to provide.
So... if they got a much more powerful processor, a completely different display (color, fast refresh, touch screen) and an entirely different operating system... it might be like a tablet?
It's a lot more plausible that tablet display contrast will improve, and people will tend to use a tablet where a Kindle isn't enough for them. Kindles aren't ever likely to develop into the tablet space.
As I understand it, there's nothing stopping them shipping GPG (along with details of where to get its source code), because it's not _part_ of Starcraft, it's a separate app...
> What? You don't? So... you're expecting a commercial plane to allow you to pull out wifi or drape a bunch of CAT-5 everywhere to play games on the flight? What?!?
> Okay, maybe more understandable than a plane, but if you're THAT bored on a train ride AND you feel you really really need to play Starcraft II before the trip's over, you need help.
You're aware there are train journeys over an hour, right? Edinburgh-London being the easy example, rolling in at 6-8 hours.
Ship it with a copy of GPG, and the rest is a few hundred lines (that includes doing it properly, with error handling and all the bits you might want. It's about 3 lines if you do it with bash and curl) of code to grab the key and run it through GPG.
As it happens the implementation is that when a login fails, it makes a note of the current time, plus 10 seconds, for the username and IP. When the next request comes in, it checks it, then holds on to the result until it's after the time recorded earlier.
However, from my understanding of how this works the delay would make the attack be essentially impossible (it would take months or years to get a crack, in which time there's a good chance the user will have changed their password).
...which is why we time-block on username, not just IP. So even if they have a valid username to start with, they can't test more than one password every 10 seconds for it. Yes, they can test 10,000 usernames every 10 seconds, but cracking any of them is still impractical.
As it happens, we test on password hashes anyway, so work done should be constant, but the original point was I'm shocked such delays aren't normal practice.
No, it's per user, and per IP, independently. AlXtreme's concern about DoSing an account doesn't apply because it doesn't reject a request, it just slows it (so a valid login may take an extra 9 seconds, but eh).
In terms of trying one account every 10 seconds... yes, they can, but it's dramatically cuts down the number of accounts/passwords they can try, and essentially makes the search time impractical.
Last time I coded a web based auth system, if you failed to log in it would refuse to check your next attempt until 10 seconds after the previous one (blocked by IP and by username). I, apparently foolishly, assumed most people would do the same...
Yeah... there's a lot of vocal people saying how evil DLC is, and yet Blizzard sold $2mil of sparkle ponies in the first four hours: http://www.1up.com/do/newsStory?cId=3178849 . Methinks you're only hearing people who hate DLC, everyone who likes it is off handing their credit card details to Blizzard & co....
I'd have to say... if you're not doing PC gaming yet, start. Steam has now had 2 massive sales that took many games down to the $10-20 level, with older games frequently lower. Yes, sure, you have to wait 6 months between sales, but if you want your games cheap, that's one way of doing it.
So the problem is that these are dangerous, and dangerous enough to injure innocent bystanders, and given the response from Slashdot apparently that danger is extremely opaque to most people. You pretty much can't buy dry ice as a child (unsure if it's illegal, or just nowhere will do it, but probably illegal), and there's a damn good reason for that. Talking of opaque risks, how many people are aware that there's an asphyxiation risk with dry ice? Any of you actually read the safety sheet for dry ice?
This is pretty much ideal stuff for letting someone who knows what they're doing, show you the results of. Mythbusters is probably ideal watching here...
I can believe it; you get some oddball universities that have a campus near nothing much at all.
It's worth noting, the US has a bit more than 7 universities, so more variation (and getting an outlier in student population and remoteness that's extreme enough that this happens is therefore more likely): http://www.utexas.edu/world/univ/state/
I've been thinking something similar. In the case of a fast, adaptive virus, it might be essentially impossible to clear out an infestation without being able to slice the Internet down into smaller chunks (e.g., isolate the US, or each state, or smaller). 120 days is far, far too long; 30 days then having to explain what's going on would be much more sensible to me...
> Yea, sure, so when one component fails, you're stuck without ANY connectivity of any sort while you wait for the replacement for the entire kit.
However, in both cases, you're dependent on a single component (the ADSL modem) for connectivity. The difference is that I can't use the network if my ADSL modem dies, which isn't what you'd call a huge deal (well, it isn't for us, anyway).
In terms of replacement... why (possibly more accurately, where?) on earth would I have to wait for a technician to deliver the new one? Here (UK) it's much easier to get combined ADSL modem & router than trying to find the modem by itself....
1. I can't. Well, not without moving to a bigger city, and getting a new job.
2. I believe part of the argument was that restaurants need to either understand what they're asking for, or trust the experts, not just tell them to do something that's a bad idea.
3. A web site shouldn't need to be designed for a phone, the standards are explicitly intended that you don't know what you're targeting (or care). It's only if you start misusing the specs that the target platform becomes a serious issue. I'm happy to accept that a cut-down version for a phone can be helpful, but a website should be usable with a phone without being re-designed.
> am I breaking the law if I watch something on youtube that was placed there illegally
If you are aware of the content, certainly you would be in the UK (UK copyright law, last time I read it, even made it illegal to rip CDs you owned to MP3 for your own use, because it's a copy). You could almost certainly make a strong defence against such charges if the content was mis-represented (I don't mean if it's labelled "Not the latest blockbuster movie, lolz", I mean "Videos of my cat") and you stopped once aware of the true nature of the content, but if you're knowingly copying (by requesting YouTube send you a copy) copyrighted content that you do not have a right to, it's illegal.
On the other hand, at the time these laws were written, the sort of invasive monitoring being suggested here wasn't even a consideration. I don't think they were ever intended to catch someone who might genuinely make a mistake about this.
As someone whose day job is creating digital content, I want people to stop pirating content (and I want to strangle anyone who thinks they have some sort of moral high ground by illegally copying stuff - if it's overpriced, don't buy it, but don't copy it either). However, I also think the effort being put into stopping piracy is misguided, and vastly disproportionate to actual damage done. I would much rather see an emphasis on teaching people to make their own content, to show them the value of it, rather than this ineffective negative-reinforcement approach.
> It's not necessarily a bad thing, if you realize this, then you can easily predict a stock's movement and make some easy income; knowing exactly where the low and high values are going to be at any point in time. Again, the only thing that causes a stock to change its movement is actual human interaction that results in the trend being broken.
Do watch out; everyone is rushing to be ahead of the market. At the same time as you can see patterns emerging from the last generation of bots, other people are writing bots that work on those same patterns, which in turn will be succeeded by another generation of bots pulling out patterns that this generation misses. In theory, it'll all turn the market into something closely resembling a spline curve... unless we all go bankrupt first.
Personally, I've got my own auto-trader (up $150 so far this year - it's not a lot, but for a hobbyist developed auto-trader I might as well be walking on water). It's a lot cleverer than "This seems quite high", including cross-pricing against related assets, and all sorts of probability checks (so it not only guesses if an asset is over/under priced, but how much, what profit it can probably make, potential risk, and from that whether the trade is worth trying)...
> Does this mean American businessmen can't travel ao Australia with company laptops?
That would be my reading of this law, yes.
Personally, I already have a travel netbook, with a very limited set of data on it. Partly because it means a search isn't going to find anything interesting, partly because it means if I lose the laptop it's a lot less of an issue.
Occurs, do you actually mean 0.2Mb/s (which would be... about 25KB/s) or do you mean 250KB/s. The capitalisation of the 'b' is important (one is bits, the other bytes, there's a 8-times difference).
Slashdot Mirror
That's great if you're submitting printed work. Electronic coursework submission is becoming much more common, and a lot of academics want it in Word format. I work as part of an e-learning technology group, and while we encourage PDF wherever we can (because Word does not render the same in all cases, which risks all sorts of weirdness), the feedback is very clearly that academics prefer Word's commenting tools (over Foxit or Preview).
If I remember correctly, the web surfing is listed as "experimental". In short, if it turns out letting all traffic through is an issue, they can just tell 3G suppliers to firewall Kindles down to the Amazon store only, and still be within what they agreed to provide.
So... if they got a much more powerful processor, a completely different display (color, fast refresh, touch screen) and an entirely different operating system... it might be like a tablet?
It's a lot more plausible that tablet display contrast will improve, and people will tend to use a tablet where a Kindle isn't enough for them. Kindles aren't ever likely to develop into the tablet space.
Apologies, just checked, Edinburgh-London is just under 5 hours.
As I understand it, there's nothing stopping them shipping GPG (along with details of where to get its source code), because it's not _part_ of Starcraft, it's a separate app...
> 3-5 day cruises and people do pay for them.
Not that I'd do anything that silly, of course, but... got any more information on those? :)
> What? You don't? So... you're expecting a commercial plane to allow you to pull out wifi or drape a bunch of CAT-5 everywhere to play games on the flight? What?!?
Delta have Wi-Fi equipped a lot of their planes, actually ( http://blog.delta.com/category/wi-fi/ ) and the new Boeing Dreamliner comes with networking as standard (although mostly it comes up as a security risk - http://en.wikipedia.org/wiki/Boeing_787#Computer_network_vulnerability ).
> Okay, maybe more understandable than a plane, but if you're THAT bored on a train ride AND you feel you really really need to play Starcraft II before the trip's over, you need help.
You're aware there are train journeys over an hour, right? Edinburgh-London being the easy example, rolling in at 6-8 hours.
Ship it with a copy of GPG, and the rest is a few hundred lines (that includes doing it properly, with error handling and all the bits you might want. It's about 3 lines if you do it with bash and curl) of code to grab the key and run it through GPG.
As it happens the implementation is that when a login fails, it makes a note of the current time, plus 10 seconds, for the username and IP. When the next request comes in, it checks it, then holds on to the result until it's after the time recorded earlier.
However, from my understanding of how this works the delay would make the attack be essentially impossible (it would take months or years to get a crack, in which time there's a good chance the user will have changed their password).
...which is why we time-block on username, not just IP. So even if they have a valid username to start with, they can't test more than one password every 10 seconds for it. Yes, they can test 10,000 usernames every 10 seconds, but cracking any of them is still impractical.
As it happens, we test on password hashes anyway, so work done should be constant, but the original point was I'm shocked such delays aren't normal practice.
No, it's per user, and per IP, independently. AlXtreme's concern about DoSing an account doesn't apply because it doesn't reject a request, it just slows it (so a valid login may take an extra 9 seconds, but eh).
In terms of trying one account every 10 seconds... yes, they can, but it's dramatically cuts down the number of accounts/passwords they can try, and essentially makes the search time impractical.
Last time I coded a web based auth system, if you failed to log in it would refuse to check your next attempt until 10 seconds after the previous one (blocked by IP and by username). I, apparently foolishly, assumed most people would do the same...
Yeah... there's a lot of vocal people saying how evil DLC is, and yet Blizzard sold $2mil of sparkle ponies in the first four hours: http://www.1up.com/do/newsStory?cId=3178849 . Methinks you're only hearing people who hate DLC, everyone who likes it is off handing their credit card details to Blizzard & co....
I'd have to say... if you're not doing PC gaming yet, start. Steam has now had 2 massive sales that took many games down to the $10-20 level, with older games frequently lower. Yes, sure, you have to wait 6 months between sales, but if you want your games cheap, that's one way of doing it.
So the problem is that these are dangerous, and dangerous enough to injure innocent bystanders, and given the response from Slashdot apparently that danger is extremely opaque to most people. You pretty much can't buy dry ice as a child (unsure if it's illegal, or just nowhere will do it, but probably illegal), and there's a damn good reason for that. Talking of opaque risks, how many people are aware that there's an asphyxiation risk with dry ice? Any of you actually read the safety sheet for dry ice?
This is pretty much ideal stuff for letting someone who knows what they're doing, show you the results of. Mythbusters is probably ideal watching here...
I can believe it; you get some oddball universities that have a campus near nothing much at all.
It's worth noting, the US has a bit more than 7 universities, so more variation (and getting an outlier in student population and remoteness that's extreme enough that this happens is therefore more likely): http://www.utexas.edu/world/univ/state/
I've been thinking something similar. In the case of a fast, adaptive virus, it might be essentially impossible to clear out an infestation without being able to slice the Internet down into smaller chunks (e.g., isolate the US, or each state, or smaller). 120 days is far, far too long; 30 days then having to explain what's going on would be much more sensible to me...
> Yea, sure, so when one component fails, you're stuck without ANY connectivity of any sort while you wait for the replacement for the entire kit.
However, in both cases, you're dependent on a single component (the ADSL modem) for connectivity. The difference is that I can't use the network if my ADSL modem dies, which isn't what you'd call a huge deal (well, it isn't for us, anyway).
In terms of replacement... why (possibly more accurately, where?) on earth would I have to wait for a technician to deliver the new one? Here (UK) it's much easier to get combined ADSL modem & router than trying to find the modem by itself....
Errr... aren't those stats based on web hits? So, Linux servers (which I'd assume is the majority of Linux installs) won't show?
1. I can't. Well, not without moving to a bigger city, and getting a new job.
2. I believe part of the argument was that restaurants need to either understand what they're asking for, or trust the experts, not just tell them to do something that's a bad idea.
3. A web site shouldn't need to be designed for a phone, the standards are explicitly intended that you don't know what you're targeting (or care). It's only if you start misusing the specs that the target platform becomes a serious issue. I'm happy to accept that a cut-down version for a phone can be helpful, but a website should be usable with a phone without being re-designed.
4. Not so far...
> am I breaking the law if I watch something on youtube that was placed there illegally
If you are aware of the content, certainly you would be in the UK (UK copyright law, last time I read it, even made it illegal to rip CDs you owned to MP3 for your own use, because it's a copy). You could almost certainly make a strong defence against such charges if the content was mis-represented (I don't mean if it's labelled "Not the latest blockbuster movie, lolz", I mean "Videos of my cat") and you stopped once aware of the true nature of the content, but if you're knowingly copying (by requesting YouTube send you a copy) copyrighted content that you do not have a right to, it's illegal.
On the other hand, at the time these laws were written, the sort of invasive monitoring being suggested here wasn't even a consideration. I don't think they were ever intended to catch someone who might genuinely make a mistake about this.
As someone whose day job is creating digital content, I want people to stop pirating content (and I want to strangle anyone who thinks they have some sort of moral high ground by illegally copying stuff - if it's overpriced, don't buy it, but don't copy it either). However, I also think the effort being put into stopping piracy is misguided, and vastly disproportionate to actual damage done. I would much rather see an emphasis on teaching people to make their own content, to show them the value of it, rather than this ineffective negative-reinforcement approach.
> It's not necessarily a bad thing, if you realize this, then you can easily predict a stock's movement and make some easy income; knowing exactly where the low and high values are going to be at any point in time. Again, the only thing that causes a stock to change its movement is actual human interaction that results in the trend being broken.
Do watch out; everyone is rushing to be ahead of the market. At the same time as you can see patterns emerging from the last generation of bots, other people are writing bots that work on those same patterns, which in turn will be succeeded by another generation of bots pulling out patterns that this generation misses. In theory, it'll all turn the market into something closely resembling a spline curve... unless we all go bankrupt first.
Personally, I've got my own auto-trader (up $150 so far this year - it's not a lot, but for a hobbyist developed auto-trader I might as well be walking on water). It's a lot cleverer than "This seems quite high", including cross-pricing against related assets, and all sorts of probability checks (so it not only guesses if an asset is over/under priced, but how much, what profit it can probably make, potential risk, and from that whether the trade is worth trying)...
Grand Theft Equine sounds better...
> Does this mean American businessmen can't travel ao Australia with company laptops?
That would be my reading of this law, yes.
Personally, I already have a travel netbook, with a very limited set of data on it. Partly because it means a search isn't going to find anything interesting, partly because it means if I lose the laptop it's a lot less of an issue.
Occurs, do you actually mean 0.2Mb/s (which would be... about 25KB/s) or do you mean 250KB/s. The capitalisation of the 'b' is important (one is bits, the other bytes, there's a 8-times difference).