I remember on 9/11 all the major news sites were effectively DDoS. I hope they and twitter now have a convenient switch to flip that will, in the case of the news sites, jettison all the garbage ad content and the complex page rendering code in favor of something more textual that would result in 100x page view scaling. For twitter I would imagine dedicating 10% of their infrastructure to purely asynchronous emergency broadcasts would do the trick in such a circumstance.
On 9/11, people were actually communicating with loved ones via Slashdot's comment system, because thanks to the heroic efforts of their admin team, Slashdot was one of the few major sites that managed to keep things running for most of the day (it wasn't entirely smooth, but it mostly worked). Serving a static-HTML version of the home page was one of the tricks they used.
A couple weeks later they posted an article describing what went on behind the scenes that day, but unfortunately I haven't been able to find a link to the article - does anyone else remember this?
actually, at the time, pretty nearly everyone was doing exactly that and had been doing it for years because they just didn't give a shit that it was a bad idea. after all, "we'll never get hacked".
It sounds like you don't understand what OneClick is. Not only was it not common then, it's not common now. Storing the credit card number is only part of it. Other than Amazon, the only site I'm aware of that does it is Apple's iTunes Store, and Apple licensed the patent from Amazon.
OneClick was something new; my recollection is that nobody had done anything quite like it - but not because it was novel or innovative. Nobody had done it before because everybody thought it was a bad idea. Store people's credit card numbers on file, readily accessible later just in case the customer decides to come back and buy something else? Click one button to effect a transaction, with money changing hands and everything? Are consumers really gonna trust you to manage that responsibly?
Amazon's innovation was proving that the answer to that question is yes. That's all. They showed that they could do it without consumers rioting in the streets. If you had asked anyone "skilled in the art" to design a system that could buy stuff online with the click of a button, anyone could have built it. They just probably would have told you it was a bad idea.
You think they cannot arrest them all? How naive are you? Of course they can! The US has the highest prison capacity in the world for a reason. (Which incidentally makes it the "least free" country on the planet in a very real sense. Quite an accomplishment.)
No, they can't arrest them all, because we still live in a democracy. If one kid goes to jail nobody cares and the politicians keep doing what they're doing, but when a whole classroom follows along, all of their parents start making noise, and when parents start making that kind of noise, it attracts the attention of the news media, and that attracts the attention of the politicians, and that solves the problem.
If you're a reporter, is there a small victimless crime you can commit in the process of accepting information from a source, such that you would be unable to reveal the identity of the source without simultaneously confessing to your own crime?
Those documents were compromised - by the NSA. I understand if you disagree, but I'm willing to give everyone the benefit of the doubt here and assume that Snowden didn't share the list with anyone else and The Guardian wasn't going to publish it. That means that in practical terms the British agents aren't actually at risk, and wouldn't have been at risk, although I certainly understand why the British government believes they are, and they legitimately could have been (if the British police can obtain the list from David Miranda, so can anyone else). Still, I believe their intention was to publish a story that this information had been obtained by the NSA, not publish the information itself.
Considering that the US has been, in recent years espousing the theory that cyber-attacks should be treated as real acts of war, suitable for real retaliation with real weapons, I would say it's pretty terrifying.
I wonder if it has occurred to anyone that the NSA's actions in other countries could be construed as acts of war....
actually that was a DoD initiative in 2007. now there are host-based security system clients on every computer to keep USB mass storage disabled and attempts to use it logged. doesnt help when you boot into a livecd, though.
Apple no longer makes computers that have optical drives. How long do you think it will be before the rest of the industry follows suit?
(Those who need them can of course still connect external optical drives.)
Having a romantic breakup is a lifestyle choice (at least that's what the other poster is arguing), and you put it into the same category as mental illness.
No need to wait for a TCP connection to time out. As soon as the page has finished loading, all connections are closed. HTTP is a stateless protocol; just because you have a web page open in front of you doesn't mean there's any connection to the server right now.
If you're not using cookies, you can use query strings to track state. For every link on the page, you add a query string to the URL containing a session ID number, so when the user clicks any link, the session ID is passed in the query string. But that looks ugly, so you should just use cookies.
Could she charge everyone who emails her a cent and claim attorney-client privilege?
You ask that as if the notion of attorney-client privilege would magically prevent the NSA from spying on everybody's email. It won't, because the NSA's official position is that they're already not reading anybody's email that they're not supposed to. If your email is privileged, the NSA will continue to "not read" it, just as they have been.
Newspapers should take truth and accurate reporting seriously. They should have a science editor with a scientific background who can check the work of the reporters.
Sure, but who's going to pay for that? It's way cheaper to just print whatever's trending on Twitter. The public has clearly indicated that they don't really care.
If spacial ability in children is a predictor of their scientific creativity later in life, then if we could improve children's spacial abilities, this might produce more creative adults. The next step is to look for ways to do that, and then see if it worked.
My roommate and I did this in our apartment complex during college, running 10base2 coax to friends in another building in the same complex. It worked great for six months, until management found it and threatened eviction.
OK, but let's say the city said "our city is dying, everything is falling apart, but damnit at least we're gonna have good emergency services!" If that's their priority, and then this happens, it's a pretty big deal.
Configure all of your devices to proxy HTTP and HTTPS traffic through that intercepting proxy.
If your device does not complain about your self-signed certificate enabled HTTPS proxy, then there is something seriously rotten security-wise
If you can load your self-made CA cert onto the device and explicitly tell it to trust any cert issued by that CA, then everything is fine. Obviously if you don't do that, a MITM attack should cause scary warnings.:-)
Slashdot Mirror
I remember on 9/11 all the major news sites were effectively DDoS. I hope they and twitter now have a convenient switch to flip that will, in the case of the news sites, jettison all the garbage ad content and the complex page rendering code in favor of something more textual that would result in 100x page view scaling. For twitter I would imagine dedicating 10% of their infrastructure to purely asynchronous emergency broadcasts would do the trick in such a circumstance.
On 9/11, people were actually communicating with loved ones via Slashdot's comment system, because thanks to the heroic efforts of their admin team, Slashdot was one of the few major sites that managed to keep things running for most of the day (it wasn't entirely smooth, but it mostly worked). Serving a static-HTML version of the home page was one of the tricks they used.
A couple weeks later they posted an article describing what went on behind the scenes that day, but unfortunately I haven't been able to find a link to the article - does anyone else remember this?
actually, at the time, pretty nearly everyone was doing exactly that and had been doing it for years because they just didn't give a shit that it was a bad idea. after all, "we'll never get hacked".
It sounds like you don't understand what OneClick is. Not only was it not common then, it's not common now. Storing the credit card number is only part of it. Other than Amazon, the only site I'm aware of that does it is Apple's iTunes Store, and Apple licensed the patent from Amazon.
OneClick was something new; my recollection is that nobody had done anything quite like it - but not because it was novel or innovative. Nobody had done it before because everybody thought it was a bad idea. Store people's credit card numbers on file, readily accessible later just in case the customer decides to come back and buy something else? Click one button to effect a transaction, with money changing hands and everything? Are consumers really gonna trust you to manage that responsibly?
Amazon's innovation was proving that the answer to that question is yes. That's all. They showed that they could do it without consumers rioting in the streets. If you had asked anyone "skilled in the art" to design a system that could buy stuff online with the click of a button, anyone could have built it. They just probably would have told you it was a bad idea.
You think they cannot arrest them all? How naive are you? Of course they can! The US has the highest prison capacity in the world for a reason. (Which incidentally makes it the "least free" country on the planet in a very real sense. Quite an accomplishment.)
No, they can't arrest them all, because we still live in a democracy. If one kid goes to jail nobody cares and the politicians keep doing what they're doing, but when a whole classroom follows along, all of their parents start making noise, and when parents start making that kind of noise, it attracts the attention of the news media, and that attracts the attention of the politicians, and that solves the problem.
An experience of a life-time, and some controlled food and shelter. This is the most transformative health program available.
Which raises the question: will they still be willing to go die on Mars, after spending seven years turning their life around?
If you're a reporter, is there a small victimless crime you can commit in the process of accepting information from a source, such that you would be unable to reveal the identity of the source without simultaneously confessing to your own crime?
*whoosh*
Didn't we know this ten years ago? How is this news?
Those documents were compromised - by the NSA. I understand if you disagree, but I'm willing to give everyone the benefit of the doubt here and assume that Snowden didn't share the list with anyone else and The Guardian wasn't going to publish it. That means that in practical terms the British agents aren't actually at risk, and wouldn't have been at risk, although I certainly understand why the British government believes they are, and they legitimately could have been (if the British police can obtain the list from David Miranda, so can anyone else). Still, I believe their intention was to publish a story that this information had been obtained by the NSA, not publish the information itself.
Considering that the US has been, in recent years espousing the theory that cyber-attacks should be treated as real acts of war, suitable for real retaliation with real weapons, I would say it's pretty terrifying.
I wonder if it has occurred to anyone that the NSA's actions in other countries could be construed as acts of war....
actually that was a DoD initiative in 2007. now there are host-based security system clients on every computer to keep USB mass storage disabled and attempts to use it logged. doesnt help when you boot into a livecd, though.
Apple no longer makes computers that have optical drives. How long do you think it will be before the rest of the industry follows suit?
(Those who need them can of course still connect external optical drives.)
I'm being forced to learn Python.
Having a romantic breakup is a lifestyle choice (at least that's what the other poster is arguing), and you put it into the same category as mental illness.
FTP is a stupid protocol and needs to die. Please use something else (such as SFTP).
No need to wait for a TCP connection to time out. As soon as the page has finished loading, all connections are closed. HTTP is a stateless protocol; just because you have a web page open in front of you doesn't mean there's any connection to the server right now.
If you're not using cookies, you can use query strings to track state. For every link on the page, you add a query string to the URL containing a session ID number, so when the user clicks any link, the session ID is passed in the query string. But that looks ugly, so you should just use cookies.
Could she charge everyone who emails her a cent and claim attorney-client privilege?
You ask that as if the notion of attorney-client privilege would magically prevent the NSA from spying on everybody's email. It won't, because the NSA's official position is that they're already not reading anybody's email that they're not supposed to. If your email is privileged, the NSA will continue to "not read" it, just as they have been.
Aww crap. Well, they were the last to do so, so it comes at no surprise. I guess I needed to learn how to emulate that through JavaScript anyway.
But kids CAN play with things like this:
http://www.newscientist.com/article/mg21929275.800-kindergarten-coders-can-program-before-they-can-read.html
Newspapers should take truth and accurate reporting seriously. They should have a science editor with a scientific background who can check the work of the reporters.
Sure, but who's going to pay for that? It's way cheaper to just print whatever's trending on Twitter. The public has clearly indicated that they don't really care.
If spacial ability in children is a predictor of their scientific creativity later in life, then if we could improve children's spacial abilities, this might produce more creative adults. The next step is to look for ways to do that, and then see if it worked.
Would a hyperlink suffice? Do search engine spiders parse robots.txt when they arrive at a page from an external link?
Yes they do, so no, linking to a Tumblr page would not get the Tumblr page indexed.
My roommate and I did this in our apartment complex during college, running 10base2 coax to friends in another building in the same complex. It worked great for six months, until management found it and threatened eviction.
OK, but let's say the city said "our city is dying, everything is falling apart, but damnit at least we're gonna have good emergency services!" If that's their priority, and then this happens, it's a pretty big deal.
Configure all of your devices to proxy HTTP and HTTPS traffic through that intercepting proxy.
If your device does not complain about your self-signed certificate enabled HTTPS proxy, then there is something seriously rotten security-wise
If you can load your self-made CA cert onto the device and explicitly tell it to trust any cert issued by that CA, then everything is fine. Obviously if you don't do that, a MITM attack should cause scary warnings. :-)
I thought the number was supposed to be around 300 million...
That only counts as one.