So they made a Genetic Algorithm to efficiently crack Salsa. In this case, Salsa10 and not Salsa20, but what does that mean for the Salsa algorithm in general? I've not seen any real analysis of the greater fallout if Salsa is weaker than expected!
The one in question asked for an Admin password. If you give a Linux system the root password (or even do a sudo) then I'm sure you can install a cryptolocker just as easily.
The interesting point on cryptolockers is you don't even need root to be effective. Encrypting the files the user owns (the real targets) doesn't require any special permissions. The only benefit you get from root level is a better chance of destroying backups.
Has to be unfit for sale to be returned under statutory warranty, and "fit for sale" is pretty broad.
The issue with Valve was they advertised that there were no returns for any reasons and didn't include the standard "except statutory warranties" disclaimer.
Sorry, but this is simply not true. Perhaps you should actually read the conventions before making this stuff up?
Nations unilaterally sign on to the conventions. The conventions deal with both lawful combatants and non-lawful combatants (though neither term is used in the conventions). "Terrorists" are in the same category as foreign spies and non-military murderers.
Sure, it's a good idea to kill of germs with UV light - but that ain't self cleaning. Someone sprinkles all over the seat, and leaves shaving hair in the sink, and you're going to need a lot more than a black light bulb.
It really all depends on how much UV you use, doesn't it? (evil grin)
What I haven't heard yet is where Android lands on the security spectrum.
Updates for all non-Nexus devices and even some Nexus devices are signed by the manufacturer, not by Google.
I'm pretty sure devices that allows for user-driven unlocked bootloaders (and therefore access for things like Cyanogenmod) doesn't require signing by the manufacturer - otherwise there would be no method to put Cyanogenmod on there. For example, my Galaxy Note 3 just put a big warning up when I went to update the firmware, but allowed me to do it.
So the other Sunday when they had "Free Data", customers managed to download around 2000TB of data over the mobile network. Cranking the speed up some more should enable an even more impressive effort in internet binge downloading!
Where Zimbra can't beat Exchange on is complete perfect integration with Outlook. It does however beat Exchange and Outlook on their offered functionality.
That's actually the key to the differentiation of Exchange. Integration with Outlook means integration with Office and the incredible morass of Office Automation that large businesses tend to build over time. Just as there was never a drop-in replacement for Notes, despite the detractors (usually Exchange fanboys) listing similar bullet-point by bullet-point comparisons and declaring victory, it's the ability for the groupware platforms like Notes and now Exchange to pull together a wide array of communication and messaging activities through desktop application integration that really gives them the leg up and lock in when it comes to the Enterprise.
Zimbra is, for sure, an outstanding messaging and communication solution that when you break down the bullets on the standalone Outlook/Exchange combo fares extremely well. Ain't always that simple.:)
Yes, this is a very different situation to Chernobyl but the worst case is actually far, far worse (in some ways of measuring at least). The problem here isn't the reactors themselves but with the spent fuel stockpile. Estimates have the potential for an uncontrolled meltdown in the spent fuel pile at orders of magnitude higher radiation exposure than were experienced from the Chernobyl incident, added to this exposure causing major problems in continuing to cool the reactor cores still under threat.
I have no idea what you're talking about "thousands of people to try to control the Russian plant" either. For a start, it was Ukrainian or Soviet but let's not stand on petty national boundaries too much. Second, about 30 people died as a direct result of the incident which makes it, uh, 0.03 thousand?
What bass-ackwards printers are they using? I'd have guessed that most printers used in a corporate environment are postscript based, so support shouldn't really be an issue.
Not in my experience. Printers tend to be a crazy mess of different technologies supplied by the cheapest supplier/closest friend of the IT Manager/whatever someone found at Best Buy/etc. I'd estimate maybe 25% of the printers I've seen in corp environments support Postscript, about 50% support some variant of PCL (which mostly overlaps the Postscript ones) and the rest are a mix of custom drivers and just plain bizzare cruft.
If it makes you feel any better, the non-PS/PCL ones tend to not have x64 drivers for Windows so the whole thing just demonstrates the typical corporate shortsightedness in purchasing decisions.
Scanners in a corporate environment tend to be photocopiers with a network card that dumps a file somewhere so they likely won't be as much trouble as a printer. There's still the odd bizzaro scanner that just doesn't have drivers for anything but Win95 but those are slowly dying out. Assuming SANE is a very, very risky proposition.
Having a Windows Print Server doesn't really work because Windows works best by offloading the rendering to the client rather than using the server.
So, the print driver issue is likely real (though odd because it would have been cheaper to just get Linux compatible stuff for far less than driver development costs); the interop between OpenOffice and MS Office is definitely real; and there's more likely a lot of plain bad planning that just made a mess of the whole migration which put a bad name on tech that really isn't that bad.
That still doesn't explain why you think select() (or epoll) is actually better than IOCP. It more says "select isn't that bad", but says nothing about IOCP itself. I'm curious as to why you believe it is "deeply flawed" and "convoluted" to use completion ports.
Apple also sells their OS as a retail stand-alone item as well as the bundled item (go check the Apple Store). I think a valid argument could be made that Apple therefore is behaving the same way IBM is, but you would be hard pressed to define the Mac as a monopoly in any class of machine that isn't defined by the manufacturer.
Having said that, this whole debate about which API is more portable is just a touch silly. Unlike in years gone by, there really isn't much to choose from between any of the 3D graphics API's. They all work in more or less the same way, and all have more or less the same features. Writing a platform specific wrapper really is a fairly trivial to do these days.....
How are you supposed to have a religious war if you bring some facts like that into it? Of course the API matters very little compared to the rest of the system, but when has that ever stopped Slashdotters going rabid over things?
Pick whatever API suits the platform you're targetting and run with it. Have to go cross-platform then use a different shim to the API of choice on that platform. Simple.
It's hardly a "random senator". It's the Government's Minister of Communications and he's pushing the fact that they've already done trials and found the filters "100% effective".
I don't think there's that much "widespread unpopularity" either - it's all couched in "if you're against this, then you're on the side of child pornographers", so people aren't really that opposed to it. It's being played very well by the people who want to control the net over here - never mind that once it actually goes in it will be a nightmare to control.
Sun has completely tanked in just about every aspect of their business. They're trading at around 1% of their peak value, and about 10% of their 5 year value. They're still laying off staff like nobody's business and they're really ripe for snapping up by some other company. McNealy drove them into the ground with a complete failure to read the market and respond to threats to Java and/or external influences on Java. Now you have the promise of Java revolutionizing the desktop all but dead to.NET, and IBM and Apache effectively in control of Java in the server space.
Taking McNealy's advice on technology is about as smart as taking Kenneth Lay's advice on energy independence.
If you really want some better advice, look towards some of the more successful companies in the software space and get a set of opinions to compare against each other. I'd probably take a range like IBM, Microsoft, Oracle, Apple for opinions and take into account their natural biases when you read their reports. McNealy's just wrong and so typical of governments rewarding failure with fat contracting positions.
Seriously - you need to read the Judge's ruling because you're fairly clearly making up strawmen to complain against. His ruling was based on the precedent very clearly set on this exact issue in MAI Sys. Corp v Peak Computer Corp, which supercedes the previous rulings you seem to want to revert to.
Look - the law doesn't work the way you want it to. A judge can't pick and choose which precedents to follow and ignore. He must choose the precedent most recently and directly related to his case. If you don't like it, then you have to appeal it up to the level the previous precedent was set at.
I agree that the owner/licensee thing is bad, but your complaint of "stupid judges" isn't going to help because had he done anything else then Blizz would have absolute grounds for a mistrial (ie the judge not following precedent). Is that really what you want?
The judge is a retard. I can show him a receipt for WoW. Money was taken for the game. That means that unless Blizzard and Walmart are conspiring to defraud gamers that Blizzard sells the game.
If he's paid *any* attention to law he'd realize that EULAs, which are the only thing here purporting to keep the software in Blizzard's control, aren't binding because they're post-sale modifications to a contract.
Again, if you'd read the ruling he states this matter as already settled law, and not settled in the way you seem to think it is. He can't overrule the 9th circuit court of appeals so he's bound by their previous decision that shrinkwrap licenses and more importantly the license you agree to each time you log into the server all state that you are a licensee and not an owner.
I pay money when I rent a car. That doesn't mean I own it, so "paying money" isn't a sufficient criteria. I don't like the "license" vs "owner" situation either and I think it's a blatant distortion of the intent of the copyright law, but until you can get Congress to change the wording you're screwed.
If you'd read the opinion from the Judge, he took that exact paragraph into consideration. His determination was that the end user is not an "owner of a copy" but a "licensee of a copy" and therefore it does not apply.
There's a lot of language from the Judge in there that makes me think he wants it appealed though. He mentions a couple of times that he can't overturn a 9th Circuit ruling...
Strewth, what else will these wankers think of next? Should put a blooming firewall up just for their bloody precious egos? Bugger that. Sounds like a bunch of whinging Poms to me.
IT is a service department (something many bigger IT departments forget) and their primary goal should be to keep the customers happy, within obvious budget constraints. If I were benchmarking IT (or HR, or accounting, or any other internal service organization) I would simply benchmark the level of satisfaction by their internal customers.
I think comparing with other companies is a waste of time simply because no two companies have the same requirements or specific networking setup - usually for historical reasons.
Of course, if you want a good company to benchmark against, my company's IT department routinely costs me days for downtime by pushing out broken OS patches, deleting random DLLs from my system directory because THEY don't want it any more (never mind the devs use it) and flagging internal applications as disallowed just because they were too lazy to even to a second or two of research. Oh yeah - they consider themselves a profit center too by charging us internally for the number of PCs we have sitting on our desk, never mind I wouldn't call them for help if they were my last option.
Did you actually do any research before posting that rant?
First, you can open Control Panel and run most of the applets there without triggering a UAC warning.
Next, the UAC warnings aren't all that common once you have your machine set up and running. The exception there is the power user that actually tinkers with the system at an administrator level quite often, but for the normal user who just runs apps all day - they won't see a UAC prompt at all. If you want to disprove me - just list for me the normal user actions that trigger a UAC prompt, I dare you.
Lastly, how do you figure UAC is actually a bad thing and disabling it will improve your security? The far more reasonable approach is to stop using applications that need the privileges that UAC actually protects. In your world, apparently you should run everything as root on Linux as well because, well, sudo is just far too much of a pain to use when you're tinkering in/etc?
Leave UAC enabled. Stop running bad applications (if you must run Vista at all).
We have them. Plenty of them. Just having them isn't enough if people don't vote for them. That's because you use First Past the Post voting, where voting for a third party is really just a vote against your preferred party. Now if the US did the sensible thing and switched to instant runoff voting where you could legitimately have a third party without the votes for that party being a negative in a two-major-party system then it would make sense.
Why would someone vote Libertarian when it really just ends up a vote for the Democrats? Why would someone vote Green when it really just ends up a vote for the Republicans?
Slashdot Mirror
So they made a Genetic Algorithm to efficiently crack Salsa. In this case, Salsa10 and not Salsa20, but what does that mean for the Salsa algorithm in general? I've not seen any real analysis of the greater fallout if Salsa is weaker than expected!
The one in question asked for an Admin password. If you give a Linux system the root password (or even do a sudo) then I'm sure you can install a cryptolocker just as easily.
The interesting point on cryptolockers is you don't even need root to be effective. Encrypting the files the user owns (the real targets) doesn't require any special permissions. The only benefit you get from root level is a better chance of destroying backups.
80t? Pff... In Australia we can do up to around 130t for the properly massive trains (HML BAB Quad)
Refer https://www.nhvr.gov.au/files/201602-0116-mass-and-dimension-limits.pdf
Has to be unfit for sale to be returned under statutory warranty, and "fit for sale" is pretty broad.
The issue with Valve was they advertised that there were no returns for any reasons and didn't include the standard "except statutory warranties" disclaimer.
Sorry, but this is simply not true. Perhaps you should actually read the conventions before making this stuff up?
Nations unilaterally sign on to the conventions. The conventions deal with both lawful combatants and non-lawful combatants (though neither term is used in the conventions). "Terrorists" are in the same category as foreign spies and non-military murderers.
Sure, it's a good idea to kill of germs with UV light - but that ain't self cleaning. Someone sprinkles all over the seat, and leaves shaving hair in the sink, and you're going to need a lot more than a black light bulb.
It really all depends on how much UV you use, doesn't it? (evil grin)
~ > dig plus.google.com
plus.google.com 600 IN CNAME 4chan.org.
What I haven't heard yet is where Android lands on the security spectrum.
Updates for all non-Nexus devices and even some Nexus devices are signed by the manufacturer, not by Google.
I'm pretty sure devices that allows for user-driven unlocked bootloaders (and therefore access for things like Cyanogenmod) doesn't require signing by the manufacturer - otherwise there would be no method to put Cyanogenmod on there. For example, my Galaxy Note 3 just put a big warning up when I went to update the firmware, but allowed me to do it.
So the other Sunday when they had "Free Data", customers managed to download around 2000TB of data over the mobile network. Cranking the speed up some more should enable an even more impressive effort in internet binge downloading!
Refer: https://exchange.telstra.com.au/2016/02/15/big-day-of-free-data/
Where Zimbra can't beat Exchange on is complete perfect integration with Outlook. It does however beat Exchange and Outlook on their offered functionality.
That's actually the key to the differentiation of Exchange. Integration with Outlook means integration with Office and the incredible morass of Office Automation that large businesses tend to build over time. Just as there was never a drop-in replacement for Notes, despite the detractors (usually Exchange fanboys) listing similar bullet-point by bullet-point comparisons and declaring victory, it's the ability for the groupware platforms like Notes and now Exchange to pull together a wide array of communication and messaging activities through desktop application integration that really gives them the leg up and lock in when it comes to the Enterprise.
Zimbra is, for sure, an outstanding messaging and communication solution that when you break down the bullets on the standalone Outlook/Exchange combo fares extremely well. Ain't always that simple. :)
If it's properly secure then open source the code. Security is in the algorithm, not the implementation.
Why not just use a one-time-pad? Get the launch crew to type it in on mission start?
Yes, this is a very different situation to Chernobyl but the worst case is actually far, far worse (in some ways of measuring at least). The problem here isn't the reactors themselves but with the spent fuel stockpile. Estimates have the potential for an uncontrolled meltdown in the spent fuel pile at orders of magnitude higher radiation exposure than were experienced from the Chernobyl incident, added to this exposure causing major problems in continuing to cool the reactor cores still under threat.
I have no idea what you're talking about "thousands of people to try to control the Russian plant" either. For a start, it was Ukrainian or Soviet but let's not stand on petty national boundaries too much. Second, about 30 people died as a direct result of the incident which makes it, uh, 0.03 thousand?
What bass-ackwards printers are they using? I'd have guessed that most printers used in a corporate environment are postscript based, so support shouldn't really be an issue.
Not in my experience. Printers tend to be a crazy mess of different technologies supplied by the cheapest supplier/closest friend of the IT Manager/whatever someone found at Best Buy/etc. I'd estimate maybe 25% of the printers I've seen in corp environments support Postscript, about 50% support some variant of PCL (which mostly overlaps the Postscript ones) and the rest are a mix of custom drivers and just plain bizzare cruft.
If it makes you feel any better, the non-PS/PCL ones tend to not have x64 drivers for Windows so the whole thing just demonstrates the typical corporate shortsightedness in purchasing decisions.
Scanners in a corporate environment tend to be photocopiers with a network card that dumps a file somewhere so they likely won't be as much trouble as a printer. There's still the odd bizzaro scanner that just doesn't have drivers for anything but Win95 but those are slowly dying out. Assuming SANE is a very, very risky proposition.
Having a Windows Print Server doesn't really work because Windows works best by offloading the rendering to the client rather than using the server.
So, the print driver issue is likely real (though odd because it would have been cheaper to just get Linux compatible stuff for far less than driver development costs); the interop between OpenOffice and MS Office is definitely real; and there's more likely a lot of plain bad planning that just made a mess of the whole migration which put a bad name on tech that really isn't that bad.
That still doesn't explain why you think select() (or epoll) is actually better than IOCP. It more says "select isn't that bad", but says nothing about IOCP itself. I'm curious as to why you believe it is "deeply flawed" and "convoluted" to use completion ports.
Apple also sells their OS as a retail stand-alone item as well as the bundled item (go check the Apple Store). I think a valid argument could be made that Apple therefore is behaving the same way IBM is, but you would be hard pressed to define the Mac as a monopoly in any class of machine that isn't defined by the manufacturer.
Having said that, this whole debate about which API is more portable is just a touch silly. Unlike in years gone by, there really isn't much to choose from between any of the 3D graphics API's. They all work in more or less the same way, and all have more or less the same features. Writing a platform specific wrapper really is a fairly trivial to do these days.....
How are you supposed to have a religious war if you bring some facts like that into it? Of course the API matters very little compared to the rest of the system, but when has that ever stopped Slashdotters going rabid over things?
Pick whatever API suits the platform you're targetting and run with it. Have to go cross-platform then use a different shim to the API of choice on that platform. Simple.
It's hardly a "random senator". It's the Government's Minister of Communications and he's pushing the fact that they've already done trials and found the filters "100% effective".
I don't think there's that much "widespread unpopularity" either - it's all couched in "if you're against this, then you're on the side of child pornographers", so people aren't really that opposed to it. It's being played very well by the people who want to control the net over here - never mind that once it actually goes in it will be a nightmare to control.
Seriously, what?
Sun has completely tanked in just about every aspect of their business. They're trading at around 1% of their peak value, and about 10% of their 5 year value. They're still laying off staff like nobody's business and they're really ripe for snapping up by some other company. McNealy drove them into the ground with a complete failure to read the market and respond to threats to Java and/or external influences on Java. Now you have the promise of Java revolutionizing the desktop all but dead to .NET, and IBM and Apache effectively in control of Java in the server space.
Taking McNealy's advice on technology is about as smart as taking Kenneth Lay's advice on energy independence.
If you really want some better advice, look towards some of the more successful companies in the software space and get a set of opinions to compare against each other. I'd probably take a range like IBM, Microsoft, Oracle, Apple for opinions and take into account their natural biases when you read their reports. McNealy's just wrong and so typical of governments rewarding failure with fat contracting positions.
Seriously - you need to read the Judge's ruling because you're fairly clearly making up strawmen to complain against. His ruling was based on the precedent very clearly set on this exact issue in MAI Sys. Corp v Peak Computer Corp, which supercedes the previous rulings you seem to want to revert to.
Look - the law doesn't work the way you want it to. A judge can't pick and choose which precedents to follow and ignore. He must choose the precedent most recently and directly related to his case. If you don't like it, then you have to appeal it up to the level the previous precedent was set at.
I agree that the owner/licensee thing is bad, but your complaint of "stupid judges" isn't going to help because had he done anything else then Blizz would have absolute grounds for a mistrial (ie the judge not following precedent). Is that really what you want?
The judge is a retard. I can show him a receipt for WoW. Money was taken for the game. That means that unless Blizzard and Walmart are conspiring to defraud gamers that Blizzard sells the game.
If he's paid *any* attention to law he'd realize that EULAs, which are the only thing here purporting to keep the software in Blizzard's control, aren't binding because they're post-sale modifications to a contract.
Again, if you'd read the ruling he states this matter as already settled law, and not settled in the way you seem to think it is. He can't overrule the 9th circuit court of appeals so he's bound by their previous decision that shrinkwrap licenses and more importantly the license you agree to each time you log into the server all state that you are a licensee and not an owner.
I pay money when I rent a car. That doesn't mean I own it, so "paying money" isn't a sufficient criteria. I don't like the "license" vs "owner" situation either and I think it's a blatant distortion of the intent of the copyright law, but until you can get Congress to change the wording you're screwed.
If you'd read the opinion from the Judge, he took that exact paragraph into consideration. His determination was that the end user is not an "owner of a copy" but a "licensee of a copy" and therefore it does not apply.
There's a lot of language from the Judge in there that makes me think he wants it appealed though. He mentions a couple of times that he can't overturn a 9th Circuit ruling...
Strewth, what else will these wankers think of next? Should put a blooming firewall up just for their bloody precious egos? Bugger that. Sounds like a bunch of whinging Poms to me.
IT is a service department (something many bigger IT departments forget) and their primary goal should be to keep the customers happy, within obvious budget constraints. If I were benchmarking IT (or HR, or accounting, or any other internal service organization) I would simply benchmark the level of satisfaction by their internal customers.
I think comparing with other companies is a waste of time simply because no two companies have the same requirements or specific networking setup - usually for historical reasons.
Of course, if you want a good company to benchmark against, my company's IT department routinely costs me days for downtime by pushing out broken OS patches, deleting random DLLs from my system directory because THEY don't want it any more (never mind the devs use it) and flagging internal applications as disallowed just because they were too lazy to even to a second or two of research. Oh yeah - they consider themselves a profit center too by charging us internally for the number of PCs we have sitting on our desk, never mind I wouldn't call them for help if they were my last option.
Did you actually do any research before posting that rant?
/etc?
First, you can open Control Panel and run most of the applets there without triggering a UAC warning.
Next, the UAC warnings aren't all that common once you have your machine set up and running. The exception there is the power user that actually tinkers with the system at an administrator level quite often, but for the normal user who just runs apps all day - they won't see a UAC prompt at all. If you want to disprove me - just list for me the normal user actions that trigger a UAC prompt, I dare you.
Lastly, how do you figure UAC is actually a bad thing and disabling it will improve your security? The far more reasonable approach is to stop using applications that need the privileges that UAC actually protects. In your world, apparently you should run everything as root on Linux as well because, well, sudo is just far too much of a pain to use when you're tinkering in
Leave UAC enabled. Stop running bad applications (if you must run Vista at all).
Why would someone vote Libertarian when it really just ends up a vote for the Democrats?
Why would someone vote Green when it really just ends up a vote for the Republicans?