Practically speaking, using an exponential distribution means this:
If you can expect a card to last (on average) one year when it's new, then, given that it's N months old, you can still expect it to last one year. An exponential distribution has no history.
Sometimes the screen saver *crashes*, and it becomes impossible to unlock. Sometimes it just refuses to power on for no apparent reason.
Turning off the screen-saver password, for some bizarre reason, fixes both problems. Of course, that does mean I have to pay attention to where I've put my laptop..
Or you could type in "sudo pmset hibernatemode 0" to disable the write-to-disk behaviour. Or 1 to make it shut off entirely, every time. Personally, I prefer 0.
(The default is 3, by the way. I never dared to try 2.)
Of course, put a wedding ring across its terminals, and it will pretend it's a heating element and burn your finger off.
I'd prefer to say that wattage matters; if the battery won't deliver more than a dozen, you won't notice anything. If it'll deliver a few billion, at twelve volts.. it might be considered safe with precautions, but I'd be very very careful around it.
Not to mention that breeders actually burn more than about half a percent of the fuel, reducing waste volume by a factor of fifty to two hundred or so, in addition to making the waste considerably hotter (and thus faster to become safe).
This still has limited applicability. Making a single data structure useful across hundreds of CPUs is impressive, but many problems can be more easily solved by using multiple structures - pipelining it, or using divide and conquer, or any of many other approaches.
No, you won't be able to directly read its memory; the OS won't let you. And it'll be encrypted on disk. There are still holes - physical ones, and temporary software flaws - but the goal here isn't to make it *impossible*; it's to make it much, much harder.
Turn it off? It doesn't turn *on* automatically; your bootloader does that for you (in quite safe ways, don't worry that it's a possible break).
No, the ancestor post is right: If a motherboard lacks the chip, that just means you don't have the *choice* of turning it on; nobody was going to force you. If it has the chip, but has built in intentional security flaws, then that's a compromise of applications that have been released that can bu run on this motherboard - but any new applications that are issued later will no longer work on it, since they obviously won't get access to newer keys.
How are you going to do that? The Trusted OS (tm) isn't going to let you inspect the memory of that program, and it's encrypted on disk. Directly access the memory chips? Sure, except in the next round, those will be encrypted too.
Good luck. I wish I didn't have to say this, but TCPA *can* be unbreakable (modulo physical attacks), unless there are errors in the implementation. Such errors will no doubt exist, but they can then be fixed - it's a relatively small interface, most of the OS doesn't matter - and newer software will only decrypt on the patched versions. They really *have* thought this through, you see...
That still doesn't mean you need non-local effects, though.
Instead, when you measure one particle, it splits your wavefunction in such a manner that - once yours eventually interacts with that of the/other/ particle and its measurer - the cases where you measure contradicting values cancel out, and the others don't.
The many-worlds interpretation makes most things easier. Try it, it's tasty.
It's an interesting question what exactly that means for conscious beings, though. Clearly you will never be conscious of any contradiction - that entire universe gets cancelled out - but if it's a local effect, it's still possible that you're (*someone* is, anyhow) conscious of the contradicting universe right up until the point where the contradiction would become measurable, at which point it cancels out and you pop right out of existence. On the other hand that universe would be identical in all respects to the one where you measure a non-contradicting value that happens to be the same, so what do I know?
It would be interesting to see if someone can construct a scenario where that *doesn't* happen,. and the local solution implies conscious beings popping out of existence at a frightening rate. Interesting, and a bit horrifying.
"Apparently, OpenSSL was using uninitialized memory as a source of randomness."
No, *this* bug. Nothing should ever depend on the value of uninitialized memory, and if clearing it produced a security flaw then there was one there already. Unless it was actually cleared after being filled from/dev/random or something, but then there shouldn't have been a valgrind warning in the first place.
I'm interested. Where do I sign up?..oh, you mean you were *sarcastic*? Well, that's.. using sarcasm without the appropriate tags, that's one for the kill lists for sure.
What's better in the long run? Is it better for a few dozen big and a few hundred small software vendors to make the money and grow bigger, or is it better for the money to be spread out among tens of thousands of businesses in thousands of communities?
I don't know which is better economically, and I don't care. What I do know is that the latter scenario describes a more interesting world that I'd be happier about living in - that means more to me than any reasonable amount of money.
Slashdot Mirror
Practically speaking, using an exponential distribution means this:
If you can expect a card to last (on average) one year when it's new, then, given that it's N months old, you can still expect it to last one year. An exponential distribution has no history.
It works surprisingly well.
There's nothing there to *pull*.
No, it would be flung out into space, just like a book would be if you hold it at arms' length, spin.. and release.
Sometimes the screen saver *crashes*, and it becomes impossible to unlock.
Sometimes it just refuses to power on for no apparent reason.
Turning off the screen-saver password, for some bizarre reason, fixes both problems. Of course, that does mean I have to pay attention to where I've put my laptop..
Or you could type in "sudo pmset hibernatemode 0" to disable the write-to-disk behaviour. Or 1 to make it shut off entirely, every time. Personally, I prefer 0.
(The default is 3, by the way. I never dared to try 2.)
Of course, put a wedding ring across its terminals, and it will pretend it's a heating element and burn your finger off.
I'd prefer to say that wattage matters; if the battery won't deliver more than a dozen, you won't notice anything. If it'll deliver a few billion, at twelve volts.. it might be considered safe with precautions, but I'd be very very careful around it.
Never mind that self-signed certs are in no way less safe than un-encrypted http. How come we don't get a giant flashing warning sign for that?
No, it's pretty obviously copyright infringement.
I do believe we know well how that works already, here. ;)
Not to mention that breeders actually burn more than about half a percent of the fuel, reducing waste volume by a factor of fifty to two hundred or so, in addition to making the waste considerably hotter (and thus faster to become safe).
Mod parent up.
Come on. That's a troll, yes, but it's also true, which is more important.
Something I wish there was a (-1, crank) moderation.
Well, hopefully you were trying to be funny.
Sorry, slashdot comments can't be edited. /can't/ happen..
Not that it would happen, but since it
SSL doesn't, IPSec does. Sadly, the latter is hardly ever used.
IPv6 is supposed to have IPSec as a required element. I don't know how much this means; whether it'll actually be *used*, and resist MITM attacks.
This still has limited applicability. Making a single data structure useful across hundreds of CPUs is impressive, but many problems can be more easily solved by using multiple structures - pipelining it, or using divide and conquer, or any of many other approaches.
How are you going to hack it?
Seriously, how?
No, you won't be able to directly read its memory; the OS won't let you. And it'll be encrypted on disk. There are still holes - physical ones, and temporary software flaws - but the goal here isn't to make it *impossible*; it's to make it much, much harder.
Turn it off? It doesn't turn *on* automatically; your bootloader does that for you (in quite safe ways, don't worry that it's a possible break).
No, the ancestor post is right: If a motherboard lacks the chip, that just means you don't have the *choice* of turning it on; nobody was going to force you. If it has the chip, but has built in intentional security flaws, then that's a compromise of applications that have been released that can bu run on this motherboard - but any new applications that are issued later will no longer work on it, since they obviously won't get access to newer keys.
How are you going to do that?
The Trusted OS (tm) isn't going to let you inspect the memory of that program, and it's encrypted on disk. Directly access the memory chips? Sure, except in the next round, those will be encrypted too.
Good luck. I wish I didn't have to say this, but TCPA *can* be unbreakable (modulo physical attacks), unless there are errors in the implementation. Such errors will no doubt exist, but they can then be fixed - it's a relatively small interface, most of the OS doesn't matter - and newer software will only decrypt on the patched versions. They really *have* thought this through, you see...
Parent is not making a joke
See this
I am very sorry to slash your illusions, but slashdot is not, repeat not a requirement for galactic civilization.
That still doesn't mean you need non-local effects, though.
/other/ particle and its measurer - the cases where you measure contradicting values cancel out, and the others don't.
Instead, when you measure one particle, it splits your wavefunction in such a manner that - once yours eventually interacts with that of the
The many-worlds interpretation makes most things easier. Try it, it's tasty.
It's an interesting question what exactly that means for conscious beings, though. Clearly you will never be conscious of any contradiction - that entire universe gets cancelled out - but if it's a local effect, it's still possible that you're (*someone* is, anyhow) conscious of the contradicting universe right up until the point where the contradiction would become measurable, at which point it cancels out and you pop right out of existence. On the other hand that universe would be identical in all respects to the one where you measure a non-contradicting value that happens to be the same, so what do I know?
It would be interesting to see if someone can construct a scenario where that *doesn't* happen,. and the local solution implies conscious beings popping out of existence at a frightening rate. Interesting, and a bit horrifying.
"Apparently, OpenSSL was using uninitialized memory as a source of randomness."
/dev/random or something, but then there shouldn't have been a valgrind warning in the first place.
No, *this* bug. Nothing should ever depend on the value of uninitialized memory, and if clearing it produced a security flaw then there was one there already. Unless it was actually cleared after being filled from
This may be an incredibly obvious "yes", but..
Is *that* bug fixed now? Upstream, even?
I'm interested. Where do I sign up? ..oh, you mean you were *sarcastic*? Well, that's.. using sarcasm without the appropriate tags, that's one for the kill lists for sure.
That is just convention, but it doesn't really matter.
The *direction* of current flow is what he got wrong, and it'd be wrong even if we switched the labels.
What's better in the long run? Is it better for a few dozen big and a few hundred small software vendors to make the money and grow bigger, or is it better for the money to be spread out among tens of thousands of businesses in thousands of communities?
I don't know which is better economically, and I don't care. What I do know is that the latter scenario describes a more interesting world that I'd be happier about living in - that means more to me than any reasonable amount of money.
Gmail supports SPF just fine. It should be a simple matter to modify your mailserver so it will reject forged mail that pretends to be from google.