I've wondered about this for a while as a way to defeat XSS attacks but would be adding some sort of ability to sign the content in a HTML response be beneficial here? You could use your SSL cert to simply add a signature response body for content transmitted over http. I way to inform the browser to expect the signature that the ISP can't strip out may be problematic though.
The XSS idea would be to have the ability to have multi-part responses from the web server. The browser would put the page together from each part in order but only parts that contained a valid signature from your domain cert would have scripts and such executed by the browser. Then we don't have to worry about escaping scripts and such in the output content.
Here in WI all the stores that sell CFLs take the dead ones back. I still think the best way to deal with peoples concerns over the CFL waste is to just tack on a $0.25 deposit per lamp even if people don't take them back themselves you can bet people will be digging through garbage to take them back.
There is always the concern of buying votes. There can be no way to verify how any person voted once they leave the booth otherwise someone with $$ could very very easily buy an election.
I believe the CA laws require power companies to pay you the same amount they charge you for power. Plus since he is on a peak/off peak plan power is really that much more expensive during the day (living in CA doesn't help Kw/h costs any either) so during peak solar output he is getting more $ per Kw/h generated than he pays to use the power at night. While he does use a lot of power and has a large space to panels his numbers seem to work out.
These are meant to poison filters. The idea being if they send a lot of messages with text they know that don't look like spam they can poison the filters and later use those known words/patterns to get real spam through the filter. There are likely other bits they are trying to poison as well with the non-SPAM SPAM messages.
I would, and I'm sure I'm not alone. If apple gets this working and I can download HD shows $4/show I'll cancel my HD cable subscription. With that costing me $80 / month I could download 20 HD shows a month, watch them whenever I want and be very happy.
The only thing I would be missing is sports. Someone gives me a la carte sports channels and I will be a very happy person.
These data are sent to the distributed server which determines the optimal allocation of work between all clients, while guaranteeing each client that as much or more work will be done on the project of their choice as would occur if that client worked solely on its preferred project.
The idea is if I want to dedicate my computer to SETI. And my computer can do 10 units/hr, my involvement in the BOINC network ensures that at least 10 more units/hr of SETI are being done. The actual work may be done by someone else's CPU which is better suited to SETI and my PC may be doing RC5 but the effect of me joining and saying I want to be 100% on SETI is at least the same, if not better.
I use it and it works well. I started when I got an online banking account that wouldn't let me use my standard username. I had to have mixed case and numbers in both my username and password. I got KeepPass and now store everything in there.
It runs in my system tray and I can click, enter my master password and have access to all my passwords. It has also let me use long random passwords for my very important sites since I don't need to remember them any more.
Also you can use a USB key as part of the key to unlock the database so you have the something you know + something you have security.
Try WinRar, they have versions for OSs other than windows and it does everything you want it to.
http://www.rarlab.com/download.htm
-Encryption is done using AES -You can specify a file size to split the archives across or you can let it auto-detect the size -You can configure your backups with include/exclude file lists -There are a few ways to do backup recovery. One involves adding some extra data to each archive that allows corrupt archives to be repaired or the parity data can be split off into seperate files. I've had to recover archives using both systems and they work very well. -Rar probably has some of the best compression ratios I've seen from any tool I've ever used.
Using winrar and a simple batch file I make regular backups of my windows laptop and using the linux version and a shell script I make regular backups of my FC3 box.
The school I went to had an electronic submision program setup for turning in your assigments. It did diffs automaticly after the due date and would flag all the items that were over a certain threshold of common code. Seemed to work pretty well, know a few people that got letters from the dean about copied code.
I remember helping a friend prove that the harrasing emails that his sister was recieving were coming from someone in the area. There was another girl that the school who was suspected of the emails but the fake contact info for the hotmail account was from the other side of the country. Luckly at that time hotmail correctly included the IP of the machine the person was logged in from in the email headers (not sure if they still do) and it was fairly simple to trace back to a general location. When confronted that the emails were coming from somewhere in the town and the ISP would look up the account info for us she confesed.
The idea is the same then as it is now, the kid feels like they can say what they want and get away with it. Fortunatly most don't really know how to be anonymous online so finding the source via your local geek isn't too difficult.
On a similar note my banking websites refused to work with firefox unless I changed the User-Agent a few months ago. I'd try changing it back now and then and within the last month all of them now work just fine with firefox and it's default User-Agent.
I'm running across fewer and fewer websites that require IE or don't work correctly with firefox.
My only gripe is memory usage can get high if you run through lots of tabs and never close the browser window but it's still a lot better than IE (all praise Adblock!)
A new method would be cool but speed is more what I'd look for. Using SpamPal http://www.spampal.org for intelligent white/black listing and DSNBL with the http://spampalbayes.sourceforge.net/ Bayesian plugin seems to be working 99.9% for me. I'm still convinced that the Bayesian text based filtering methods are THE BEST way to filter spam. A well trained filter with some inteligent rules to whitelist & blacklist email address works wonders.
Hrm... I don't even have an email address from my ISP. I could probably get one if I wanted but I have no need for it as I my university supplies an email address that I use. I send email through my ISPs SMTP server because the auth SMTP setup we have doesn't work very well through NATs. I have a feeling this is going to be a royal pain in the but.
I actually read a very good suggestion along these lines and know people on an ISP that does it.
By default many egress ports (25, 135,...) are blocked and at least 1-1024 incomming are blocked with a default account from the ISP. You are told this up front and most people just shrug and don't care/understand and aren't affected by it at all. For a small once time service charge (like $5 or something) you call them and tell them you want ports XXX unblocked for whatever reason.
The catch... if you have the default settings and something bad happens from your PC you're much more likely to be able to convince them it was a virus/trojan or some such. If something bad happens from your PC via any of the ports you had opened up you are completely liable.
Doesn't seem like a bad deal to me. You get the access you want if you'd like but by getting it you assume full responsiblity for your the actions taken from your PC.
"The u's electricians seem to have a habit of reversing hot and neutral, and in my machine room a new outlet's ground to neutral was -50 VAC. So power strips wouldn't be enough, you'd need a multimeter as well. heh"
There is no such thing as a Negative AC voltage. Current flows in both directions through the conductors in an AC circut. This is not saying that getting the hot & nuetral mixed is not a bad thing. I have seen some poorly constructed equipment where you may be able to contact what is supposed to be the nuetral lead. If the wiring was backwards you'd get shocked. Other than that from an electrical standpoint there is no difference which way it is wired.
Seems like for a tech site that is rather obsessed with open standards this place would come at least a little close to validating via the W3C The new XHTML & CSS they have whipped up looks good and renders A LOT faster in both IE and Opera on my PC.
Slashdot Mirror
I've wondered about this for a while as a way to defeat XSS attacks but would be adding some sort of ability to sign the content in a HTML response be beneficial here? You could use your SSL cert to simply add a signature response body for content transmitted over http. I way to inform the browser to expect the signature that the ISP can't strip out may be problematic though.
The XSS idea would be to have the ability to have multi-part responses from the web server. The browser would put the page together from each part in order but only parts that contained a valid signature from your domain cert would have scripts and such executed by the browser. Then we don't have to worry about escaping scripts and such in the output content.
Move to a better state?
Here in WI all the stores that sell CFLs take the dead ones back. I still think the best way to deal with peoples concerns over the CFL waste is to just tack on a $0.25 deposit per lamp even if people don't take them back themselves you can bet people will be digging through garbage to take them back.
There is always the concern of buying votes. There can be no way to verify how any person voted once they leave the booth otherwise someone with $$ could very very easily buy an election.
Little nit pick ... GPS signals go from the satellite to the receiver not the other way around.
I believe the CA laws require power companies to pay you the same amount they charge you for power. Plus since he is on a peak/off peak plan power is really that much more expensive during the day (living in CA doesn't help Kw/h costs any either) so during peak solar output he is getting more $ per Kw/h generated than he pays to use the power at night. While he does use a lot of power and has a large space to panels his numbers seem to work out.
These are meant to poison filters. The idea being if they send a lot of messages with text they know that don't look like spam they can poison the filters and later use those known words/patterns to get real spam through the filter. There are likely other bits they are trying to poison as well with the non-SPAM SPAM messages.
I wish I had mod points. Seems like an easy enough task for companies to do and would sure reduce the ammount of phishing spam we see.
I would, and I'm sure I'm not alone. If apple gets this working and I can download HD shows $4/show I'll cancel my HD cable subscription. With that costing me $80 / month I could download 20 HD shows a month, watch them whenever I want and be very happy.
The only thing I would be missing is sports. Someone gives me a la carte sports channels and I will be a very happy person.
I think the parent addressed this in their post.
These data are sent to the distributed server which determines the optimal allocation of work between all clients, while guaranteeing each client that as much or more work will be done on the project of their choice as would occur if that client worked solely on its preferred project.
The idea is if I want to dedicate my computer to SETI. And my computer can do 10 units/hr, my involvement in the BOINC network ensures that at least 10 more units/hr of SETI are being done. The actual work may be done by someone else's CPU which is better suited to SETI and my PC may be doing RC5 but the effect of me joining and saying I want to be 100% on SETI is at least the same, if not better.
Or assuming a radius of 60km you need 22 airships. A diameter of 60km gets you 87 airships.
I use it and it works well. I started when I got an online banking account that wouldn't let me use my standard username. I had to have mixed case and numbers in both my username and password. I got KeepPass and now store everything in there.
It runs in my system tray and I can click, enter my master password and have access to all my passwords. It has also let me use long random passwords for my very important sites since I don't need to remember them any more.
Also you can use a USB key as part of the key to unlock the database so you have the something you know + something you have security.
But 2 engine planes have some restrictions on flights paths:
http://en.wikipedia.org/wiki/ETOPS
Wow, not even a RTFA mistake, the summary clearly states that it is a 3 year max for the jail time.
Thats what I ended up doing for both my grandmothers. It was easier to swap out the icon for the firefox shortcut than break the habit of running IE.
For many people if you install FF, import their IE settings and swap the shortcut targets they will never notice the difference.
Try WinRar, they have versions for OSs other than windows and it does everything you want it to.
http://www.rarlab.com/download.htm
-Encryption is done using AES
-You can specify a file size to split the archives across or you can let it auto-detect the size
-You can configure your backups with include/exclude file lists
-There are a few ways to do backup recovery. One involves adding some extra data to each archive that allows corrupt archives to be repaired or the parity data can be split off into seperate files. I've had to recover archives using both systems and they work very well.
-Rar probably has some of the best compression ratios I've seen from any tool I've ever used.
Using winrar and a simple batch file I make regular backups of my windows laptop and using the linux version and a shell script I make regular backups of my FC3 box.
The school I went to had an electronic submision program setup for turning in your assigments. It did diffs automaticly after the due date and would flag all the items that were over a certain threshold of common code. Seemed to work pretty well, know a few people that got letters from the dean about copied code.
Wish I had some mod points to bump this up higher :-)
It makes a lot of people a feeling of power.
I remember helping a friend prove that the harrasing emails that his sister was recieving were coming from someone in the area. There was another girl that the school who was suspected of the emails but the fake contact info for the hotmail account was from the other side of the country. Luckly at that time hotmail correctly included the IP of the machine the person was logged in from in the email headers (not sure if they still do) and it was fairly simple to trace back to a general location. When confronted that the emails were coming from somewhere in the town and the ISP would look up the account info for us she confesed.
The idea is the same then as it is now, the kid feels like they can say what they want and get away with it. Fortunatly most don't really know how to be anonymous online so finding the source via your local geek isn't too difficult.
On a similar note my banking websites refused to work with firefox unless I changed the User-Agent a few months ago. I'd try changing it back now and then and within the last month all of them now work just fine with firefox and it's default User-Agent.
I'm running across fewer and fewer websites that require IE or don't work correctly with firefox.
My only gripe is memory usage can get high if you run through lots of tabs and never close the browser window but it's still a lot better than IE (all praise Adblock!)
A new method would be cool but speed is more what I'd look for. Using SpamPal http://www.spampal.org for intelligent white/black listing and DSNBL with the http://spampalbayes.sourceforge.net/ Bayesian plugin seems to be working 99.9% for me. I'm still convinced that the Bayesian text based filtering methods are THE BEST way to filter spam. A well trained filter with some inteligent rules to whitelist & blacklist email address works wonders.
That would be really interesting to find out ... talk about conter-suit opportunity!
Hrm ... I don't even have an email address from my ISP. I could probably get one if I wanted but I have no need for it as I my university supplies an email address that I use. I send email through my ISPs SMTP server because the auth SMTP setup we have doesn't work very well through NATs. I have a feeling this is going to be a royal pain in the but.
I actually read a very good suggestion along these lines and know people on an ISP that does it.
...) are blocked and at least 1-1024 incomming are blocked with a default account from the ISP. You are told this up front and most people just shrug and don't care/understand and aren't affected by it at all. For a small once time service charge (like $5 or something) you call them and tell them you want ports XXX unblocked for whatever reason.
... if you have the default settings and something bad happens from your PC you're much more likely to be able to convince them it was a virus/trojan or some such. If something bad happens from your PC via any of the ports you had opened up you are completely liable.
By default many egress ports (25, 135,
The catch
Doesn't seem like a bad deal to me. You get the access you want if you'd like but by getting it you assume full responsiblity for your the actions taken from your PC.
"The u's electricians seem to have a habit of reversing hot and neutral, and in my machine room a new outlet's ground to neutral was -50 VAC. So power strips wouldn't be enough, you'd need a multimeter as well. heh"
There is no such thing as a Negative AC voltage. Current flows in both directions through the conductors in an AC circut. This is not saying that getting the hot & nuetral mixed is not a bad thing. I have seen some poorly constructed equipment where you may be able to contact what is supposed to be the nuetral lead. If the wiring was backwards you'd get shocked. Other than that from an electrical standpoint there is no difference which way it is wired.
Seems like for a tech site that is rather obsessed with open standards this place would come at least a little close to validating via the W3C The new XHTML & CSS they have whipped up looks good and renders A LOT faster in both IE and Opera on my PC.