Doesn't this mean that all the "etch" host keys are vulnerable, too, on an ongoing basis?
SSH host keys are generated at sshd install time, and that package is included on the netinstall CD-roms, which means every time I re-use my 4.0r1 netinstall CD to set up a new box, I generate a new set of vulnerable host keys before I get to the security-updates step.
Hopefully, they'll advance the next point release and a 4.0r2 netinstall CD will do better.
I believe the population argument is bogus. Increasing wealth and standard of living is strongly correlated with decreasing fertility rates in every culture and nation on earth. Most population projections which include this effect show the earth's population peaking within 100 years, and then declining, and it's unlikely that a significant colonization effort will be underway within 100 years. (Sorry, can't find the population references.)
So, there's Scenario A, in which we all get richer, and the population problem stabilizes, so we can't use it as an argument to go to Mars. There's Scenario B, in which we don't get richer, and consequently can't afford to go to Mars. And of course there's Scenario C, in which a small group becomes very rich while the teeming masses remain poor and continue to reproduce -- in this scenario, the small number of rich people who can go to Mars don't substantially alleviate the population problem, because there aren't very many of them.
There's also a Scenario D, in which a small group of rich people innovate to make trips to Mars affordable for the teeming masses, but I think this is really Scenario A again -- if Mars-going technology is mass-affordable, then many other good things are also mass-affordable, which means that the masses have a high standard of living, which means they already have low fertility, and the population pressure, again, is low. A real Scenario D requires that Mars-going technology be somehow made much more affordable than terrestrial travel, energy, education and birth control, which I would rate as theoretically possible but unlikely.
Personally, I find manned space travel inspiring, but I think it's important to be clear-headed about exactly which problems it does and does not solve.
I agree about the military posturing, but it's important to point out that China did not in fact do exactly the same thing -- the Chinese satellite was in a fairly stable polar orbit, so the debris cloud from that exercise will be an orbital hazard for hundreds of years. The American military at least had the decency to toast a decaying satellite, so the debris will re-enter sooner rather than later.
The engine-noise problem (as distinct from the sonic-boom problem) has a fascinating feedback loop in it, which made the Boeing folks crazy during the American SST project in the 1960s. The problem is, every time you develop some engine technology which mitigates the high-exhaust-velocity issue and its attendant noise problem, some clever engineer applies that same solution to the already-quieter subsonic jets. Then the regulators notice that airliners are much quieter now, and implement stricter noise constraints, which are easily met by low-exhaust-velocity + noise-reduction-technology aircraft, but can not be met by the supersonic high-exhaust-velocity + noise-reduction-technology aircraft.
So noise becomes a moving target, driven forward by your own advances to try to reach it.
This is discussed in detail in Erik M. Conway's terrific book, High Speed Dreams.
Encryption is sort of a weird thing to want for a file server, isn't it?
- File servers tend not to be mobile, so the chances of the disk(s) falling into the wrong hands because of the physical theft of the device is fairly low. - File servers are up all the time, so the primary means of attack is to compromise a service or application on the already-running server, and gain access to the data with that application or service's privilege level. Encryption does not protect against this. - When file servers do go down, it's really nice for availability if they can restart autonomously. An encrypted file server would require operator intervention to supply the password. - File servers might not be able to tolerate the performance penalty of encryption.
I'm a big fan of LUKS/dm-crypt, I use it on my laptop, but (obviously) I don't see the case for an encrypted file server.
The most important thing you need to know is how to think about complicated programmed systems. They're deterministic and logical, but can be quite subtle sometimes, and appreciating how apparently non-logical behavior can arise from logical rules is extremely useful. Knowing the command-line switches of a specific compiler is nice, but it's not as important as being able to think critically about what's going on in a complicated system, and being able to convey your thinking succinctly in code that other people can read and maintain. Most Algol-like languages are pretty similar, so if you're proficient in one, you can probably shift to another fairly quickly, much more quickly than starting from scratch.
You should probably try to position yourself to take advantage of the coming era of shared-memory multi-processing on cheap multi-core CPUs. Then when that era fails to arrive, you'll have examined the programming problem from two angles, and will have the mental flexibility to deal with whatever actually does happen.
The percentage of PCs shipping with Vista is, of course, only part of the story. I've seen anecdotal evidence that some people got new PCs late in the XP stage, with the idea of keeping them going until successor-of-Vista was available. And, in my own case, I switched to Mac in large part because I have a use for a commercial OS, but wanted to avoid Vista. Both of these strategies are effectively "lost" Vista sales that don't show up at all in the percentage-of-PCs numbers.
Vertical launch has a lot going for it. Remember that air (specifically, aerodynamic drag) is the enemy. Going straight up means that you traverse the shortest possible path through the air, and furthermore, that as you pick up speed, you also gain altitude, so the air is getting thinner (and drag is getting smaller) as you go faster.
Also, if you actually look at the launch profile of SpaceShipOne, you'll see that they do this too. They use the carrier aircraft to get a head start on altitude, but after release, while the rocket is burning, the SS1 vehicle goes almost straight up. The horizontal velocity imparted by the carrier vehicle is irrelevant.
I think this is a bit misleading -- it's true that the X-15 program explored the hypersonic flight envelope, but that machine was rocket-powered, never mounted a scramjet, and couldn't sustain hypersonic flight for more than a few minutes even with the extra fuel tanks that were later added.
I believe NASA-Dryden *did* do some scramjet tests with a pylon-mounted test unit, but that flew on an SR-71, which can "only" reach Mach 3-ish, but can do so for a long time.
Have you looked at octave? I haven't used it (or Matlab, either) much myself, but it's meant to be an open-source Matlab work-alike. If you're looking for matching syntax, this is probably a good bet.
> People don't seem to have any problem plugging their MP3 players into a USB port every once in a while to synchronize new content; so who decided that it customers would not tolerate doing the same thing with an e-Book reader?
I've been assuming this is a DRM issue. If you control the media-insertion path (fnarr), then you've got a better shot at keeping the DRM from being cracked, because the user never has unrestricted access to the media-plus-key, and therefore can't attempt to separate the media from the key.
But I'm just guessing -- does anyone know if DRM-protected Kindle content can be accessed separately without a Kindle device?
The idea of a game where the main play activity is to change the rules has a fairly old pedigree -- one variant, called nomic, was popularized (OK, in a geeky sense) by DouglasHofstadter in the Metamagical Themas column in Scientific American way back in 1982, and the game itself is older than that.
Nomic is a little different from the emphasis of TFA, in that nomic's creators focussed on the political implications of self-referential, self-modifying rule systems, and TFA seems to be mostly about the economics of such systems.
I and a group of my friends took on nomic many years ago, and found it to be mostly theoretically interesting, and not all that fun in practice.
When I first heard about "time machine", my first thought was that consumer-grade commercial software had finally discovered rsnapshot. It's packaged for Debian, and available in "sarge" -- that makes it at least three years old.
Rsnapshot is an rsync-and-hard-links based scheme that also doesn't store duplicate data, and provides nice date-indexed browseable full file trees, much like the way both "time machine" and this flyback gizmo are described.
I haven't been this excited since AOL re-invented "ytalk"...
One of the problems that human surgeons sometimes have when working from CAT scans is that the organs inside the body tend to move around and change shape after you cut it open. As the incision spreads, pressure is relieved and of course fluids can be released, changing the internal geometry. Are they really going to steer the scalpel with the pre-incision geometry?
I suppose for massive trauma injuries, it might be OK, but it seems like interactivity is a pretty strong general requirement for surgery.
> The intended purpose of military personnel is to die horribly
In the immortal words attributed to General George Patton: "No dumb bastard ever won a war by dying for his country. He won the war by making some other dumb bastard die for his country."
TFA (Yes, I'm new here...) says that it takes over the cookie to allow the attacker access to the GMail box for two years.
But what if you tell both the browser and GMail not to remember your password? I make that a policy with most web sites I use, mostly to protect me if someone steals my laptop -- no password bypass mechanisms allowed, no passwords stored in clear text allowed.
Luckily, there are enough geeky pedants on slashdot to make up for the fact that the editors have actually messed up this totemic bit of geek lore.
Moore was/is a technology manager, and his law is a management law. It says the number of transistors that can be economically placed on an integrated circuit, i.e. the transistor density of the price/performance "sweet spot", will increase exponentially, doubling roughly every two years.
The original refers to "complexity for minimum component cost", which emphasizes the economic aspect of it even more strongly.
Moore's law has never been about what's possible, it's always been about what's cheap.
Re:Is there an "entry-level" for radio astronomy?
on
Entry-Level Astronomy?
·
· Score: 1
There's a nice picture of the historical entry into radio astronomy here.
A repurposed TV dish with a decent microwave receiver ought to do you pretty well. Just remember that radio astronomy happens one pixel at a time.
Driving on public roads has long been considered a privilege, not a right. This is the basis for requiring a license to drive, and requiring vehicles to be registered, carry identification plates, and (in many jurisdictions) be insured, so this step is actually fairly well-grounded. There are lots of public toll roads in the US, and lots of them are in New York.
And you already pay extra for using public roads when they're congested -- you pay directly with your time and the extra fuel you burn in that three-light delay, and with the wear and tear on your vehicle, and you pay indirectly by the collective loss of economic productivity from all the people sitting in traffic, and of course there is the environmental damage due to air pollution from all those cars. What this plan does is change the way you pay.
While I'm not at all sure I like this particular plan, I also recognize the need (in general) to balance the public's right of access to public resources, against the public representative's duty to manage these resources efficiently so that they remain useful.
So, to answer your question, that at least is why I am not outraged.
I wonder if this is part of the beginning of a new, computationally-driven problem-solving paradigm. As more and more data is stored, and if search algorithms become more and more clever, the cost of "looking up" (computationally speaking) the answer to a problem might be lower than the cost of "remembering" (using local storage) or "figuring out" (using local CPU power) the answer.
This is already happening informally in the personal sphere, because of things like Google, recently amplified by the iPhone and its inevitable successors in the ubiquitous rapid-access web-tool field. As they say, these days, if you have a web browser, you hardly have to wonder about anything anymore.
Of course, problem solving by search isn't exactly a new paradigm, but it could be a newly-cheap paradigm.
Slashdot Mirror
Doesn't this mean that all the "etch" host keys are vulnerable, too, on an ongoing basis?
SSH host keys are generated at sshd install time, and that package is included on the netinstall CD-roms, which means every time I re-use my 4.0r1 netinstall CD to set up a new box, I generate a new set of vulnerable host keys before I get to the security-updates step.
Hopefully, they'll advance the next point release and a 4.0r2 netinstall CD will do better.
And to think I wasted my mod points on trivialities in the "Developer" section. If only I'd known something important was coming.
Wile E. Coyote, Sooper Jeenyus -- I like the sound of that.
I plead guilty to terminological sloppiness -- I meant birth rate, of course.
> b) it alleviates population issues
I believe the population argument is bogus. Increasing wealth and standard of living is strongly correlated with decreasing fertility rates in every culture and nation on earth. Most population projections which include this effect show the earth's population peaking within 100 years, and then declining, and it's unlikely that a significant colonization effort will be underway within 100 years. (Sorry, can't find the population references.)
So, there's Scenario A, in which we all get richer, and the population problem stabilizes, so we can't use it as an argument to go to Mars. There's Scenario B, in which we don't get richer, and consequently can't afford to go to Mars. And of course there's Scenario C, in which a small group becomes very rich while the teeming masses remain poor and continue to reproduce -- in this scenario, the small number of rich people who can go to Mars don't substantially alleviate the population problem, because there aren't very many of them.
There's also a Scenario D, in which a small group of rich people innovate to make trips to Mars affordable for the teeming masses, but I think this is really Scenario A again -- if Mars-going technology is mass-affordable, then many other good things are also mass-affordable, which means that the masses have a high standard of living, which means they already have low fertility, and the population pressure, again, is low. A real Scenario D requires that Mars-going technology be somehow made much more affordable than terrestrial travel, energy, education and birth control, which I would rate as theoretically possible but unlikely.
Personally, I find manned space travel inspiring, but I think it's important to be clear-headed about exactly which problems it does and does not solve.
I agree about the military posturing, but it's important to point out that China did not in fact do exactly the same thing -- the Chinese satellite was in a fairly stable polar orbit, so the debris cloud from that exercise will be an orbital hazard for hundreds of years. The American military at least had the decency to toast a decaying satellite, so the debris will re-enter sooner rather than later.
The engine-noise problem (as distinct from the sonic-boom problem) has a fascinating feedback loop in it, which made the Boeing folks crazy during the American SST project in the 1960s. The problem is, every time you develop some engine technology which mitigates the high-exhaust-velocity issue and its attendant noise problem, some clever engineer applies that same solution to the already-quieter subsonic jets. Then the regulators notice that airliners are much quieter now, and implement stricter noise constraints, which are easily met by low-exhaust-velocity + noise-reduction-technology aircraft, but can not be met by the supersonic high-exhaust-velocity + noise-reduction-technology aircraft.
So noise becomes a moving target, driven forward by your own advances to try to reach it.
This is discussed in detail in Erik M. Conway's terrific book, High Speed Dreams.
Encryption is sort of a weird thing to want for a file server, isn't it?
- File servers tend not to be mobile, so the chances of the disk(s) falling into the wrong hands because of the physical theft of the device is fairly low.
- File servers are up all the time, so the primary means of attack is to compromise a service or application on the already-running server, and gain access to the data with that application or service's privilege level. Encryption does not protect against this.
- When file servers do go down, it's really nice for availability if they can restart autonomously. An encrypted file server would require operator intervention to supply the password.
- File servers might not be able to tolerate the performance penalty of encryption.
I'm a big fan of LUKS/dm-crypt, I use it on my laptop, but (obviously) I don't see the case for an encrypted file server.
The most important thing you need to know is how to think about complicated programmed systems. They're deterministic and logical, but can be quite subtle sometimes, and appreciating how apparently non-logical behavior can arise from logical rules is extremely useful. Knowing the command-line switches of a specific compiler is nice, but it's not as important as being able to think critically about what's going on in a complicated system, and being able to convey your thinking succinctly in code that other people can read and maintain. Most Algol-like languages are pretty similar, so if you're proficient in one, you can probably shift to another fairly quickly, much more quickly than starting from scratch.
You should probably try to position yourself to take advantage of the coming era of shared-memory multi-processing on cheap multi-core CPUs. Then when that era fails to arrive, you'll have examined the programming problem from two angles, and will have the mental flexibility to deal with whatever actually does happen.
The percentage of PCs shipping with Vista is, of course, only part of the story.
I've seen anecdotal evidence that some people got new PCs late in the XP stage, with the idea of keeping them going until successor-of-Vista was available.
And, in my own case, I switched to Mac in large part because I have a use for a commercial OS, but wanted to avoid Vista.
Both of these strategies are effectively "lost" Vista sales that don't show up at all in the percentage-of-PCs numbers.
> Or they might just replace it with something even more baffling.
There is a second theory, which states that this has already happened.
Vertical launch has a lot going for it. Remember that air (specifically, aerodynamic drag) is the enemy. Going straight up means that you traverse the shortest possible path through the air, and furthermore, that as you pick up speed, you also gain altitude, so the air is getting thinner (and drag is getting smaller) as you go faster.
Also, if you actually look at the launch profile of SpaceShipOne, you'll see that they do this too. They use the carrier aircraft to get a head start on altitude, but after release, while the rocket is burning, the SS1 vehicle goes almost straight up. The horizontal velocity imparted by the carrier vehicle is irrelevant.
I think this is a bit misleading -- it's true that the X-15 program explored the hypersonic flight envelope, but that machine was rocket-powered, never mounted a scramjet, and couldn't sustain hypersonic flight for more than a few minutes even with the extra fuel tanks that were later added.
I believe NASA-Dryden *did* do some scramjet tests with a pylon-mounted test unit, but that flew on an SR-71, which can "only" reach Mach 3-ish, but can do so for a long time.
Have you looked at octave? I haven't used it (or Matlab, either) much myself, but it's meant to be an open-source Matlab work-alike. If you're looking for matching syntax, this is probably a good bet.
> People don't seem to have any problem plugging their MP3 players into a USB port every once in a while to synchronize new content; so who decided that it customers would not tolerate doing the same thing with an e-Book reader?
I've been assuming this is a DRM issue. If you control the media-insertion path (fnarr), then you've got a better shot at keeping the DRM from being cracked, because the user never has unrestricted access to the media-plus-key, and therefore can't attempt to separate the media from the key.
But I'm just guessing -- does anyone know if DRM-protected Kindle content can be accessed separately without a Kindle device?
The idea of a game where the main play activity is to change the rules has a fairly old pedigree -- one variant, called nomic, was popularized (OK, in a geeky sense) by DouglasHofstadter in the Metamagical Themas column in Scientific American way back in 1982, and the game itself is older than that.
Nomic is a little different from the emphasis of TFA, in that nomic's creators focussed on the political implications of self-referential, self-modifying rule systems, and TFA seems to be mostly about the economics of such systems.
I and a group of my friends took on nomic many years ago, and found it to be mostly theoretically interesting, and not all that fun in practice.
When I first heard about "time machine", my first thought was that consumer-grade commercial software had finally discovered rsnapshot. It's packaged for Debian, and available in "sarge" -- that makes it at least three years old.
Rsnapshot is an rsync-and-hard-links based scheme that also doesn't store duplicate data, and provides nice date-indexed browseable full file trees, much like the way both "time machine" and this flyback gizmo are described.
I haven't been this excited since AOL re-invented "ytalk"...
One of the problems that human surgeons sometimes have when working from CAT scans is that the organs inside the body tend to move around and change shape after you cut it open. As the incision spreads, pressure is relieved and of course fluids can be released, changing the internal geometry. Are they really going to steer the scalpel with the pre-incision geometry?
I suppose for massive trauma injuries, it might be OK, but it seems like interactivity is a pretty strong general requirement for surgery.
> The intended purpose of military personnel is to die horribly
In the immortal words attributed to General George Patton:
"No dumb bastard ever won a war by dying for his country. He won the war by making some other dumb bastard die for his country."
> Incidentally if anyone does work out the original sequence, I'd love to hear about it.
I applied my own personal proprietary seekrit algorithm, and got "3", "1", "3", "3", "7", ":", ")".
What do I win?
TFA (Yes, I'm new here...) says that it takes over the cookie to allow the attacker access to the GMail box for two years.
But what if you tell both the browser and GMail not to remember your password? I make that a policy with most web sites I use, mostly to protect me if someone steals my laptop -- no password bypass mechanisms allowed, no passwords stored in clear text allowed.
Does that make you safe against this attack also?
Luckily, there are enough geeky pedants on slashdot to make up for the fact that the editors have actually messed up this totemic bit of geek lore.
Moore was/is a technology manager, and his law is a management law. It says the number of transistors that can be economically placed on an integrated circuit, i.e. the transistor density of the price/performance "sweet spot", will increase exponentially, doubling roughly every two years.
The original refers to "complexity for minimum component cost", which emphasizes the economic aspect of it even more strongly.
Moore's law has never been about what's possible, it's always been about what's cheap.
There's a nice picture of the historical entry into radio astronomy here.
A repurposed TV dish with a decent microwave receiver ought to do you pretty well. Just remember that radio astronomy happens one pixel at a time.
A real nerd would know, it's Simple Object Access Protocol, and/or Service Oriented Architecture Protocol. Wiki entry..
Driving on public roads has long been considered a privilege, not a right. This is the basis for requiring a license to drive, and requiring vehicles to be registered, carry identification plates, and (in many jurisdictions) be insured, so this step is actually fairly well-grounded. There are lots of public toll roads in the US, and lots of them are in New York.
And you already pay extra for using public roads when they're congested -- you pay directly with your time and the extra fuel you burn in that three-light delay, and with the wear and tear on your vehicle, and you pay indirectly by the collective loss of economic productivity from all the people sitting in traffic, and of course there is the environmental damage due to air pollution from all those cars. What this plan does is change the way you pay.
While I'm not at all sure I like this particular plan, I also recognize the need (in general) to balance the public's right of access to public resources, against the public representative's duty to manage these resources efficiently so that they remain useful.
So, to answer your question, that at least is why I am not outraged.
I wonder if this is part of the beginning of a new, computationally-driven problem-solving paradigm. As more and more data is stored, and if search algorithms become more and more clever, the cost of "looking up" (computationally speaking) the answer to a problem might be lower than the cost of "remembering" (using local storage) or "figuring out" (using local CPU power) the answer.
This is already happening informally in the personal sphere, because of things like Google, recently amplified by the iPhone and its inevitable successors in the ubiquitous rapid-access web-tool field. As they say, these days, if you have a web browser, you hardly have to wonder about anything anymore.
Of course, problem solving by search isn't exactly a new paradigm, but it could be a newly-cheap paradigm.