As much as I don't like existing ISPs, I'm not sure I'm really in favor of a government-run (municipal) ISPs either. It's not hard to imagine, like highway funding, the federal government offering money for municipal ISPs, contingent upon compliance with a few minor requirements. Or criminal penalties for "excessive" bandwidth, or unsanctioned usage. Or for it to come full-circle, with private companies offering muni's better, faster connections, and funding it through tolls.
There are upsides though. Instead of some random number like 192.168.x.x, you just have to remember fdbc:b4f0:0b6f:ecaa:xxxx:xxxx:xxxx:xxxx using this simple mnemonic (in honor of the Big Game (not TM) this weekend):
First Down Brings Cheers, But 4th [down] Feels [like you are a] 0, Oh, but sicks football Easy as Can AAahhhhhhhhhh!!!!! (The relaxed Aaah, not the screaming one.)
Then for the interface ID just use something equally easy to remember, like:
Angry Bullet Ants Are Bad For Eating Because Bites Bites Bites Bites Bites Bites Bites Bites
I spent about three days digging for the damn thing, but then remembered something a friend had mentioned: the magnetometers in smartphones can be used as metal detectors. I tromped in, borrowed my mom's cell, and found the pipe almost immediately. I'd come within a few inches of it, but then been digging in the wrong direction.
I had a similar situation once, except instead of snow, it was rock and dirt, instead of a feed pipe, it was the exit to the cavern I had inadvertently sealed over, and instead of Valdez, it was Minecraft.
Well, what does "get" mean? Has purchased? As in nobody wants to pay for faster service? Or can obtain, as in everybody else is too far from the nearest DSLAM? I would expect to see the lowest speeds in the most economically depressed areas simply because people have other priorities. Although I'm all for removing various tiers of service. Gigabit for all, I say!
If you wanted to go one step further you could fill some of the glass packs with different chemicals that when combined produced combustion and incinerated the bills further.
No that anyone here is designing or implementing an ATM security system, but something that could/would harm an intruder would probably count as a booby trap, and those are illegal. Nothing worse than having to fork over money to the guy who tried to steal your money.
Since the losses due to card fraud are almost entirely borne by the banks, I have to assume it is more cost effective to take the losses than to chip all of the cards.
I mean, when you qualify your comparisons by using ambiguous, ill-defined phrases like "well written," you can say anything. Novels are less interesting than a well written comic. Rules are less useful than a well written law.
Java is generally going to require less effort to port unless you're using platform-specific libraries, and that's easy to avoid since so much is included in the JDK.
As for the security of that code, everything may be within your control in C, but that doesn't come without some cost -- namely requiring deep knowledge of everything that's within your control to avoid creating your own security holes. And if you're using third party libraries (which is typical) then you're sacrificing some degree of control anyway. This is especially true if they're closed-source libraries, but even with open source, many people just trust that someone else has reviewed the code.
Yes it is. Perfection is the enemy of good enough, but that's what people expect these days. The pursuit of perfection has a large cost, in time, money, and freedom while wasting all of those on an unachievable goal. What else are you willing to sacrifice for perfect security?
Thank you. I was going to make a post along the same lines, and you've done it better than I could.
I agree that there's some amount of wrongness to mocking, diminishing, devaluing, or invalidating other people's religious beliefs, feelings, etc. It may (and should) be legal, but that doesn't make it ethical. It doesn't justify a response though. Two wrongs don't make a right.
The problem is that Islam doesn't call for pacifism against offenses; it calls for vengeance through physical punishment and/or death. Since there's no shared doctrine, the pope can't use scripture to accomplish his political goal of showing common ground with Muslims.
On the one hand, I think it's potentially beneficial to demonstrate common ground between the two major religions, and empathy with the feelings of the faithful regardless of their faith. On the other hand, sometimes it's better to just lead by example.
It's really only a problem if it results in the miscarriage of justice; otherwise it's just a potential problem. There are lots of potential problems in any situation, and no reason to believe (or evidence provided) that this potential problem is dire enough to warrant more attention than any other aspect of the case. But since the judge has been addressing it all along, a better headline might be: "Judge ensuring adequate explanations of technical issues. Nothing to see here."
Besides, the case doesn't rest on understanding Tor -- Ulbricht was observed accessing and communicating via the dreadpirateroberts account. You don't need to trace a phone call to demonstrate that someone on the other end is who you say they are; just show that they were observed on the other end of the phone while you were talking to them. This isn't rocket science or voodoo. And even if their evidence was purely circumstantial -- say DPR consistently appeared online when Ulbricht was at a computer, and never when he was away from a computer -- circumstantial evidence is still evidence.
It appears from everything we know thus far that Ulbricht was definitely the person responsible for running the site. Personally, my only concern is that they're using parallel construction (aka lying) to build the case.
ASLR is already implemented in Windows (since Vista for libraries, and 7 for kernel, IIRC) and OS X (since 10.5 for libraries, and 10.8 for everything), in iOS since 4.3, Android since 4.0.
I'll leave it as a judgment call to the reader as to how effective/successful any of those have been.
Still of limited value. ROP already bypasses DEP/NX protections, which are required for W^X to be effective. ROP techniques are used to great effect in iPhone jailbreaks.
These protections may guard against a (very small subset of) casual attackers, but they're just another minor hurdle for determined attackers.
Slashdot Mirror
As much as I don't like existing ISPs, I'm not sure I'm really in favor of a government-run (municipal) ISPs either. It's not hard to imagine, like highway funding, the federal government offering money for municipal ISPs, contingent upon compliance with a few minor requirements. Or criminal penalties for "excessive" bandwidth, or unsanctioned usage. Or for it to come full-circle, with private companies offering muni's better, faster connections, and funding it through tolls.
But maybe I'm just a pessimist.
There are upsides though. Instead of some random number like 192.168.x.x, you just have to remember fdbc:b4f0:0b6f:ecaa:xxxx:xxxx:xxxx:xxxx using this simple mnemonic (in honor of the Big Game (not TM) this weekend):
First Down Brings Cheers,
But 4th [down] Feels [like you are a] 0,
Oh, but sicks football
Easy as Can AAahhhhhhhhhh!!!!! (The relaxed Aaah, not the screaming one.)
Then for the interface ID just use something equally easy to remember, like:
Angry Bullet Ants Are
Bad For Eating Because
Bites Bites Bites Bites
Bites Bites Bites Bites
I spent about three days digging for the damn thing, but then remembered something a friend had mentioned: the magnetometers in smartphones can be used as metal detectors. I tromped in, borrowed my mom's cell, and found the pipe almost immediately. I'd come within a few inches of it, but then been digging in the wrong direction.
I had a similar situation once, except instead of snow, it was rock and dirt, instead of a feed pipe, it was the exit to the cavern I had inadvertently sealed over, and instead of Valdez, it was Minecraft.
And your mom.
(Sorry, it's been too long since I've seen one of those.)
That's what she said.
(I am so sorry. I promise to get out more.)
IoT is web two point oh... point oh.
And that, friends, is why "British comedy" is an oxymoron.
Well, what does "get" mean? Has purchased? As in nobody wants to pay for faster service? Or can obtain, as in everybody else is too far from the nearest DSLAM? I would expect to see the lowest speeds in the most economically depressed areas simply because people have other priorities. Although I'm all for removing various tiers of service. Gigabit for all, I say!
It was Houston. Not surprisingly, they caught the guy almost immediately.
If you wanted to go one step further you could fill some of the glass packs with different chemicals that when combined produced combustion and incinerated the bills further.
No that anyone here is designing or implementing an ATM security system, but something that could/would harm an intruder would probably count as a booby trap, and those are illegal. Nothing worse than having to fork over money to the guy who tried to steal your money.
Don't be ridiculous.
They can't afford wallets in Detroit.
No sir! In the US, fraud is borne by the merchant. http://www.nerdwallet.com/blog...
You are correct that it's more economical for the banks to incur 0 cost than a non-zero cost, however.
Since they make us rich!
It's the truly destitute we don't care about.
Yeah, just like the subway, the railroad, the ATM, the vacuum tube, the computer, the car phone, the television camera, the CRT, and the gas/street light.
Too bad Europe is lagging in all of those things due to their entrenched legacy systems.
No. They's why they're all blank.
Yeah! I wish people would stop demonizing things like the measels!
I mean, when you qualify your comparisons by using ambiguous, ill-defined phrases like "well written," you can say anything. Novels are less interesting than a well written comic. Rules are less useful than a well written law.
Java is generally going to require less effort to port unless you're using platform-specific libraries, and that's easy to avoid since so much is included in the JDK.
As for the security of that code, everything may be within your control in C, but that doesn't come without some cost -- namely requiring deep knowledge of everything that's within your control to avoid creating your own security holes. And if you're using third party libraries (which is typical) then you're sacrificing some degree of control anyway. This is especially true if they're closed-source libraries, but even with open source, many people just trust that someone else has reviewed the code.
Yes it is. Perfection is the enemy of good enough, but that's what people expect these days. The pursuit of perfection has a large cost, in time, money, and freedom while wasting all of those on an unachievable goal. What else are you willing to sacrifice for perfect security?
I think you meant "fighting against censorship."
Although I guess it depends on the library.
Thank you. I was going to make a post along the same lines, and you've done it better than I could.
I agree that there's some amount of wrongness to mocking, diminishing, devaluing, or invalidating other people's religious beliefs, feelings, etc. It may (and should) be legal, but that doesn't make it ethical. It doesn't justify a response though. Two wrongs don't make a right.
The problem is that Islam doesn't call for pacifism against offenses; it calls for vengeance through physical punishment and/or death. Since there's no shared doctrine, the pope can't use scripture to accomplish his political goal of showing common ground with Muslims.
On the one hand, I think it's potentially beneficial to demonstrate common ground between the two major religions, and empathy with the feelings of the faithful regardless of their faith. On the other hand, sometimes it's better to just lead by example.
It's really only a problem if it results in the miscarriage of justice; otherwise it's just a potential problem. There are lots of potential problems in any situation, and no reason to believe (or evidence provided) that this potential problem is dire enough to warrant more attention than any other aspect of the case. But since the judge has been addressing it all along, a better headline might be: "Judge ensuring adequate explanations of technical issues. Nothing to see here."
Besides, the case doesn't rest on understanding Tor -- Ulbricht was observed accessing and communicating via the dreadpirateroberts account. You don't need to trace a phone call to demonstrate that someone on the other end is who you say they are; just show that they were observed on the other end of the phone while you were talking to them. This isn't rocket science or voodoo. And even if their evidence was purely circumstantial -- say DPR consistently appeared online when Ulbricht was at a computer, and never when he was away from a computer -- circumstantial evidence is still evidence.
It appears from everything we know thus far that Ulbricht was definitely the person responsible for running the site. Personally, my only concern is that they're using parallel construction (aka lying) to build the case.
ASLR is already implemented in Windows (since Vista for libraries, and 7 for kernel, IIRC) and OS X (since 10.5 for libraries, and 10.8 for everything), in iOS since 4.3, Android since 4.0.
I'll leave it as a judgment call to the reader as to how effective/successful any of those have been.
Still of limited value. ROP already bypasses DEP/NX protections, which are required for W^X to be effective. ROP techniques are used to great effect in iPhone jailbreaks.
These protections may guard against a (very small subset of) casual attackers, but they're just another minor hurdle for determined attackers.
For a primer, see also: https://en.wikipedia.org/wiki/... (And the rest of the article.)
The biggest security advantage that BSD has is being such a small target.
Again, it depends on what they're debugging. If it's a syntax error in a SQL string, then assembly helps not so much.
while (hitCount < arraySize) {
i=rand() % arraySize;
if (hitArray[i] == 0) {
sum += array[i];
array[i]=0;
hitArray[i]=1;
hitCount++;
}
}
No, 50% are below the median.
Though to be fair, 80% probably don't know the difference.