We have a $1 and $2 coin already. We're getting a $5 coin, too, unless something changed.
This means at any time, I might have ~100-200g of change on me. Having heavy pockets gets old fast, and digging through fistfulls of change is a PITA. I'm going to resort to carrying around a moneyback on a rope soon. It'll double as a self defense tool against muggers - I'll brain you with my bag of money. Hahaha.
It'd be cooler to see disposable electronic cards of some sort.. they don't cost too too much and can be made as anonymous as cash. Although, you do have the electronic tampering issue without a clearinghouse of some type. That'd be bad. I have a theory that all these coins are supposed to deter people from using paper money..
Can you sniff ethernet with an anetnna? no. There is no frequency carrier on the signals, without a carrier...there is no way for the signal to be carried to the antenna
I hope you're not in charge of security anywhere important. Ethernet has a physical layer, just like 802.11 - hell, the reason 802.11 is so nifty is it's modelled after wired ethernet. Most ethernet cable is UTP (unshielded), and there is a nontrivial amount of leakage. Shielded is better, but how much? If someone really wants your precious data, you have to assume the channel is not secure. Anytime you have an electrical signal changing values, you have EMI generated. That EMI will be deterministic with the type and pattern of the signal, and you can reconstruct data from it. That's how things like Van Eck devices work.
I can't find the link now, but I am aware of at least one group that has sucessfully retrieved data from a UTP network cable carrying ethernet through a non-invasive tap.
End to end encryption only works on the actual data packets, the headers are still there, and wi-fi is transmitting over the air, to anyone who can recive the packets, its like being on one hudge hub. So you can sniff anyone on the wi-fi segment, and even spoof them. This is the entire idea behind "war drives"
What are you talking about? Sure, you can see my header block back to the VPN IP. Everything else is uncrackable gobblygook. What does this have to do with "war drives"? Wardriving is about finding unsecured networks and exploiting that to get an internet connection. You'd have to be pretty stupid to move your own sensitive data over a carrier you picked up from nowhere. Honeypot, anyone? So what could you do? An SSH tunnel sure sounds like a ticket.
PPPoE is a protocol that allowes to adsl modems to connect..then strip the ppp stuff from the frame and route the ethernet packet..this requires physical connectivity, and thus cant be used over wi-fi.
I think you completely missed my point. All verizon has to do is have a simple windows executable to set you up as a node on their VPN, bill you, and your data is secure. Through signed certificates, you can even be relatively certain that it is a verizon AP you've connected to.
Please. Wires are only marginally more secure than wireless - you can sniff ethernet cables with a directional antenna, too, and there's a much lower tech inductive couple mechanism for your phones.
Saying wireless is insecure should be like saying a wire is insecure. A wire IS insecure, if it's connected to anything. You should always assume wired and wireless networks have been compromised and do the only intelligent thing: Hard transparent encryption (ssh killed the telnet star, like you said) from end to end. There are many well-documented means for doing this on wireless networks. The only additional attack you might be vulerable to is DOS attacks - and you can usually find the person doing it and beat them with a bat. You don't get away from bandwidth DOS vulerablities with a wire, either.
There are many people running wireless in a production environment, myself being one of them. You just have to have the mind in gear before engaging your hands.
This could be easily automated for the masses, ala PPPoE. Try configuring that in linux or a *BSD, then try it with the install packages from most major DSL providers. Click, click, done. Implementing a daemon to do some sort of VPN through the hotspot could be made just as easy.
Here's something that post-secondary insitutions don't want you to know : For the majority of people, university does not make sense. Some form of training does - but while we're at it, in a lot of cases, not even high school makes sense.
The situtation might be different in the USA, but here, if you're just going to do a BA or BSc with no intention of a post-graduate or professional degree, then you're insane and probably wasting your time. It's not just the cost of tuition and the loans, but it's the opportunity cost of being in school that kills you. A year in school is a lot of money you could have saved and invested. There's always the risk you won't get into a professional school, or won't finish your degree, too. I know a lot of people who had to start over when they didn't think their programs through and bailed 3/4 of the way there for one reason or another.
A better choice for a lot of people is to learn a trade that's in demand and get good at it. Tradespeople make better money than you'd think, are often union protected for better or worse, and have a good quality of life. Another thing I think is nuts is living in a big city - it's novel for awhile, but you could own a house, land, and a car in a rural area and be free of debt and stress for a few years of downtown rent.
The other piece of advice I'd give people is to save up as much money as you can early on before you start spending - at least to the tune of $10,000 or so in liquid cash, after which you can make longer term investments. That is your freedom to retrain, or leave a shitty job, and it doesn't take long to get more than that.
Something overlooked by slashdotters is the need to choose a mate carefully and as soon as you can. Two incomes invested mean you can easily retire at 35 or 40. Two professional incomes are even better.
This is really easy, and cheap to do. LEDs shouldn't need any extra components - most bright ones you should be able to drive directly without causing any problems.
For control, you need a few extra components, but not many. A TIP122 or similar power switching resistor (a cheaper 2N2222 might work, dunno) and a 12V power supply can be used to control dirt-cheap automotive relays. The only (minor) gotcha is you need to hook up a diode in reverse across the coil to stop the back EMF. A 1N4002 connected with the negative cathode (the pin with the line on it) to the port on the solenoid you connected to +12 is it. The coffee FAQ has a good starting schematic. Once you can control a relay, you can control the world!
All you need to connect this up is a small value resistor from the parallel port to the base pin of the transistor, connect the relay solenoid between +12 and the collector pin, then tie the emitter to ground. Done!
Another neat trick is using that TIP122 to control the extra fans on your PC. You should wire up a reverse diode across the base and collector of the transistor to protect it from the fan as a safety measure, though.
If anyone is interested in this, though, I highly recommend you look at AVR microcontroller programming. You can use GCC, there's free linux and windows development tools, in C, and more examples than you can shake a stick at. The ability to communicate over serial lets you do all sorts of tricks with your PC.
Well, lo and behold, after four years in the workforce, two layoffs, slavedrivers at my first job, all that work is being farmed off to Asia, eastern Europe and other low-paying locales. No joke - you can walk to an average ASIC provider with $200,000 and get a 2 Million gate ASIC with an embedded ARM, SRAMS, and ADC/DACs designed turn key.
I'm also an EE. I've been employed without fail since I was 16, and that was a long time ago. There is a definate change happening in our industry - pure technology for the sake of technology business - putting together that ASIC - is, and has been, a dead end for some time. The money is in applying technology to problems, finding ways to use that technology to give a company a competitive margin, applying technology in new areas. Making that ARM chip -do- something. Engineering is about applied technology, and I think that's what I do best.
There has been a lot of growth in what I'm interested in - embedded systems. Those systems typically solve specific problems in industry, or help give that margin to reduce costs. Through positioning myself in that space, and maintaining a good network of connections from prior jobs and contracts I feel very positive the future.
I certainly hear what you are saying about the P.Eng designation. I could qualify for mine now, but will probably not bother pursuing it for another few years. I have every intention of hanging my shingle out eventually, when I have the capital saved to do so. There isn't much advantage to it right now, and I personally feel it may be too late to rely on government and professional organizations to change the trend of global outsourcing. Personal liability clauses, ala building design, would be a great boon - but not one that is likely to happen. I do feel my engineering degree is a great differentiating factor, though - It's gotten me jobs and contracts a CS degree would not have. Just like I feel that a P.Eng designation, and the right to have "Engineering" in my company name will be a differentiating factor when I go it on my own. I'm Canadian, though, and engineering is much more protected here than in the US.
I also have the cynical opinion I will never be able to set up a "home" as my parents knew it. Until I'm ready to retire, I live knowing I might have to move anywhere in the country to stay employed.
The other piece of unrelated advice I will tell everyone is to chose a mate carefully and as early as you feel you are mature enough to do so. Two professional incomes means the difference betwen retiring at 40 or 45 comfortably - or not retiring at all.
FPGA boards are very expensive because they're not mainstream and are typically a real PITA to integrate into software projects. I worked on FPGAs for about a year - the industry is coming a long way, new tools and compilers are becoming available almost monthly - but it's not a cheap place to play in. Even the low-end of the scale you're talking about $1000-1500USD for a board with a mid-sized Virtex on it.
Unfortunately it is a big deal. You just gave up every last drop of privacy you had. What's the next step?
No, really, I don't think this is a big deal at all. Governments have had voice tap capability for 30 or more years on communications network. Data tap capability on telephone switches has been around since at least the early 90's, that I am personally aware of. I suspect it dates back further. Are you aware that any voice conversation in North America is trivially tapped with a court order, and complete records of telephone calls date back like -forever-? Transparently, and without notification?
Once it's off your network - assume anyone can read it if it's not encrypted. Anyone who has been on the net for a long time has always assumed that about Email. Many people who have never seen a real sniffer in action would be scared to see what's possible.
This is just the continuation of that ability. It's a long way from ID cards, and since Windows isn't open source, how do you know that capability doesn't exist in there to begin with? You don't. So you run your own network, you firewall your data with code you can see, encrypt your communication channels, and hope for the best.
Ever wonder why you can't add on key exchange to those new J2ME phones for user-controlled encryption? Or any other advanced crypto features? Public key crypto renders content analysis useless, but for all practical purposes, traffic analysis is almost as good if it's complete. I don't need to know what you said to somone if I know to whom you said it and when, and can figure out what they did after that, etc etc.
If I really care about you, then out come the black vans and you get PATIOT'ed.
This doesn't seem to be that big a deal to me. If you're passing large amounts of data around that would attract the attention of people who could get a lawful intercept warrant, then I would assume you are smart enough to use SSH, IPSec, or some other similar secure communications technology that renders the capability of this system useless. I smell an attempt to get a law mandating that ISPs upgrade to this equipment, meaning they'll have to replace all their existing non-conforming equipment by some date. I imagine the post-dot-com networking market is taking a hurting now.
"They" can already get IP logs and such that reveal a lot even without access to the information contained in the packets. Traffic analysis is a very powerful tool. The only people who would really stand a lot to lose from this would be the music and/or warez traders. Warez isn't that big a deal, and music copying isn't a big criminal deal here in Canada.
*shrug* Another cash grab. Hope someone 0wns the system good and makes Cisco look stupid. Oh, wait, DMCA. Nevermind.
You can take precautions without a ESD strip. Unless I'm working on raw chips, or very, very expensive pieces of equipment, it's not worth the hassle. Nobody is going to bother, so here are some much easier to follow words of wisdom:
ESD advice for system self installers:
- Ground yourself to the metal chassis or something comparable on your system before you start assembling things. Do this frequently.
- Leave things in the anti-static bags until you're ready to put them together.
- Don't handle ram chips by the pins. Handle the modules by the edges of the package. If you can't get them into the system like this, then move the system so you can. This advice is good for motherboards, hard drives, system cards - handle them by their edges only, not on the pins or where the socket connector is.
- Never handle a cpu by the pins. Ever.
Taking those basic precautions will get you a long life and few problems without the hassle of wondering where a ESD strap is. Memtest is your friend, and use a good power supply. If you need to ask, odds are you don't have one.
10 years of computer buying, modern anyhow. Not a single cheap ass stick of generic memory has ever given me a problem - I've had more problems with brand name memory that's been from questionable sources. A good distributor should not sell you defective memory off the shelf.
If you like OpenBSD, chip in a few bucks. If it went down the way it did, then that's a shame. I'm a Canadian, FWIW, and it's really too bad this went down like it did. I also run a OpenBSD 3.2 firewall that I love. I can't say that it suprises me though, and it certainly is dissapointing.
If you're an American and don't like this, then write your elected representative of choice. I'll be writing mine, but only because I'd rather see them throw money at these guys than a $1.077 Billion dollar gun registry boondacle. OpenBSD sells boxed sets, and I certainly imagine they'll take cash, too.
I didn't see in the article anywhere you could send a donation to. OpenBSD.org has their own donations page and a orders page for their propaganda and cds and section for donations as well.
If nothing else, OpenBSD will profit greatly from the exposure and free publicity this will generate in the Globe and Mail tomorrow.
We need this why again? I love how there's this crisis that requires microsoft to have access to my computer's execution. What's so wrong with the current model of computing that requires something to literally shake it to it's core? Why can I not be trusted with the keys to my own computer?
"No."
No, I'm not going to buy a Palladium computer. Vote with your wallets on this one, and it'll sink into the historical curiosities bin with Divx. Apple, hopefully, will have nothing to do with this, but if they get sucked in, then I can guess there's going to be one hell of a demand for pre-palladium computing devices. Joe consumer isn't as stupid as he/she appears, sometimes. I don't see any win here for me, and I see big wins for Wintel. Uh-uh.
Now, can someone tell me what practical applications there might be of this? Or is it strictly an abstract concept?
People thought imaginary numbers were voodoo when the concept was introduced. As an EE, that magic box in front of you now is largely possible because of the applications of those numbers ~350 years after the fact. Check out A history of hypercomplex numbers.
Math is about the language of patterns and logic. Dicovering a new principle is akin to explaining on a language - you have more tools to describe things with.
I do wish math -teachers- had better abilities to describe and show visually why math is nifty. If I had a good math teacher in grade school, my life would be different now. I was lucky enough to have one in my first year of university (Dr. Chernoff @ UNB - you 0wn), and that's why I survived my engineering degree. Math is neither hard, or useless. It's like saying language is useless.
Going to ban heavy trucks? Their exhaust is loaded with microparticulates. Living in a modern society has risks, what's the news there? Living in the woods has worse risks. That's the price of advancement.
If I had a nickle for everyone who said "wait 5 years"... anyhow, I've had good luck - 30lbs of muscle is nothing to sneeze at - but I'd like to put on another 20lbs. OOG SMASH STUFF GOOD!
Ya know, tinkering with things made me into the productive, honest, educated person I am today. Building a red box from old ascii schematics is probably why I'm a EE today. Fooling around with the - gasp - provided schematics for my commodore 64 and Amiga. Did any of that harm anyone? Nope. I can remember though, when things started to get more secure - you couldn't play around with the phones anymore, because all the signalling went OOB. Etc, etc. People wouldn't give you programming information for hardware. Blah.
Now it seems like they just whip out the DCMA in the US (I'm Canadian). Now, if I was still a EE in school, all I'd need to know is maybe that system isn't as secure as it has to be. If there's no two way secure challenge, and a playback attack works.. hahaha.. that's a first year digital lab level skill project.
Stupid companies. Any university with a EE department is going to be getting a new system shortly, mark my words. No exploit required.
This is funny. I work out three times a week and eat nonstop in an effort to gain weight. While I continue to up my strength (impressively so), I steem to peak around 155-160lbs. I'm 6'3. If I stop, I immediately start losing weight.. I was 130lbs for the longest time.
*shrug* As long as there's no famines in the future I guess I'm OK then:).
Thermodynamics is your friend; eat less calories than you burn and I guarantee! (tm) you'll lose weight over the long run, water retention not included.
Last time I buy a game before getting a copy first. It sucked HARD. F1 Racing and Geoff Crammond's Grand Prix 4 are fastly better games, but guess what? EA appears to have the rights to all later than 2001 FIA rights. So nobody else can make a F1 game based around recent teams.
One of the interesting things I took from the astrohysics class I took for an elective in University was the prof commented on a problem with planes like the concorde. To get the speed they need, they need to go at a high altitude. One of the problems with burning fuel at that altitude is you are polluting in the upper atmosphere - affecting ozone and it's production.
..in the embedded world. My company is wrapping up a project to move from a NT/IE embedded system running a web application to a Linux/Konq one. There's no contest which is better. It's not even close. This is too little, too late.
We're also migrating from MSQL server because of the insane licensing fees. There's been some movement here from Microsoft too, but once bitten..
Slashdot Mirror
damn units...
and my massive 4x8" desk. Take two sheets of 3/4 plywood, screw them together, and stick legs on it. Presto. Room for everything, including two cats.
We have a $1 and $2 coin already. We're getting a $5 coin, too, unless something changed.
This means at any time, I might have ~100-200g of change on me. Having heavy pockets gets old fast, and digging through fistfulls of change is a PITA. I'm going to resort to carrying around a moneyback on a rope soon. It'll double as a self defense tool against muggers - I'll brain you with my bag of money. Hahaha.
It'd be cooler to see disposable electronic cards of some sort.. they don't cost too too much and can be made as anonymous as cash. Although, you do have the electronic tampering issue without a clearinghouse of some type. That'd be bad. I have a theory that all these coins are supposed to deter people from using paper money..
Your reply is borderline incoherent.
Can you sniff ethernet with an anetnna? no. There is no frequency carrier on the signals, without a carrier...there is no way for the signal to be carried to the antenna
I hope you're not in charge of security anywhere important. Ethernet has a physical layer, just like 802.11 - hell, the reason 802.11 is so nifty is it's modelled after wired ethernet. Most ethernet cable is UTP (unshielded), and there is a nontrivial amount of leakage. Shielded is better, but how much? If someone really wants your precious data, you have to assume the channel is not secure. Anytime you have an electrical signal changing values, you have EMI generated. That EMI will be deterministic with the type and pattern of the signal, and you can reconstruct data from it. That's how things like Van Eck devices work.
I can't find the link now, but I am aware of at least one group that has sucessfully retrieved data from a UTP network cable carrying ethernet through a non-invasive tap.
End to end encryption only works on the actual data packets, the headers are still there, and wi-fi is transmitting over the air, to anyone who can recive the packets, its like being on one hudge hub. So you can sniff anyone on the wi-fi segment, and even spoof them. This is the entire idea behind "war drives"
What are you talking about? Sure, you can see my header block back to the VPN IP. Everything else is uncrackable gobblygook. What does this have to do with "war drives"? Wardriving is about finding unsecured networks and exploiting that to get an internet connection. You'd have to be pretty stupid to move your own sensitive data over a carrier you picked up from nowhere. Honeypot, anyone? So what could you do? An SSH tunnel sure sounds like a ticket.
PPPoE is a protocol that allowes to adsl modems to connect..then strip the ppp stuff from the frame and route the ethernet packet..this requires physical connectivity, and thus cant be used over wi-fi.
I think you completely missed my point. All verizon has to do is have a simple windows executable to set you up as a node on their VPN, bill you, and your data is secure. Through signed certificates, you can even be relatively certain that it is a verizon AP you've connected to.
Please. Wires are only marginally more secure than wireless - you can sniff ethernet cables with a directional antenna, too, and there's a much lower tech inductive couple mechanism for your phones.
Saying wireless is insecure should be like saying a wire is insecure. A wire IS insecure, if it's connected to anything. You should always assume wired and wireless networks have been compromised and do the only intelligent thing: Hard transparent encryption (ssh killed the telnet star, like you said) from end to end. There are many well-documented means for doing this on wireless networks. The only additional attack you might be vulerable to is DOS attacks - and you can usually find the person doing it and beat them with a bat. You don't get away from bandwidth DOS vulerablities with a wire, either.
There are many people running wireless in a production environment, myself being one of them. You just have to have the mind in gear before engaging your hands.
This could be easily automated for the masses, ala PPPoE. Try configuring that in linux or a *BSD, then try it with the install packages from most major DSL providers. Click, click, done. Implementing a daemon to do some sort of VPN through the hotspot could be made just as easy.
Here's something that post-secondary insitutions don't want you to know : For the majority of people, university does not make sense. Some form of training does - but while we're at it, in a lot of cases, not even high school makes sense.
The situtation might be different in the USA, but here, if you're just going to do a BA or BSc with no intention of a post-graduate or professional degree, then you're insane and probably wasting your time. It's not just the cost of tuition and the loans, but it's the opportunity cost of being in school that kills you. A year in school is a lot of money you could have saved and invested. There's always the risk you won't get into a professional school, or won't finish your degree, too. I know a lot of people who had to start over when they didn't think their programs through and bailed 3/4 of the way there for one reason or another.
A better choice for a lot of people is to learn a trade that's in demand and get good at it. Tradespeople make better money than you'd think, are often union protected for better or worse, and have a good quality of life. Another thing I think is nuts is living in a big city - it's novel for awhile, but you could own a house, land, and a car in a rural area and be free of debt and stress for a few years of downtown rent.
The other piece of advice I'd give people is to save up as much money as you can early on before you start spending - at least to the tune of $10,000 or so in liquid cash, after which you can make longer term investments. That is your freedom to retrain, or leave a shitty job, and it doesn't take long to get more than that.
Something overlooked by slashdotters is the need to choose a mate carefully and as soon as you can. Two incomes invested mean you can easily retire at 35 or 40. Two professional incomes are even better.
This is really easy, and cheap to do. LEDs shouldn't need any extra components - most bright ones you should be able to drive directly without causing any problems.
For control, you need a few extra components, but not many. A TIP122 or similar power switching resistor (a cheaper 2N2222 might work, dunno) and a 12V power supply can be used to control dirt-cheap automotive relays. The only (minor) gotcha is you need to hook up a diode in reverse across the coil to stop the back EMF. A 1N4002 connected with the negative cathode (the pin with the line on it) to the port on the solenoid you connected to +12 is it. The coffee FAQ has a good starting schematic. Once you can control a relay, you can control the world!
All you need to connect this up is a small value resistor from the parallel port to the base pin of the transistor, connect the relay solenoid between +12 and the collector pin, then tie the emitter to ground. Done!
Another neat trick is using that TIP122 to control the extra fans on your PC. You should wire up a reverse diode across the base and collector of the transistor to protect it from the fan as a safety measure, though.
If anyone is interested in this, though, I highly recommend you look at AVR microcontroller programming. You can use GCC, there's free linux and windows development tools, in C, and more examples than you can shake a stick at. The ability to communicate over serial lets you do all sorts of tricks with your PC.
Well, lo and behold, after four years in the workforce, two layoffs, slavedrivers at my first job, all that work is being farmed off to Asia, eastern Europe and other low-paying locales. No joke - you can walk to an average ASIC provider with $200,000 and get a 2 Million gate ASIC with an embedded ARM, SRAMS, and ADC/DACs designed turn key.
I'm also an EE. I've been employed without fail since I was 16, and that was a long time ago. There is a definate change happening in our industry - pure technology for the sake of technology business - putting together that ASIC - is, and has been, a dead end for some time. The money is in applying technology to problems, finding ways to use that technology to give a company a competitive margin, applying technology in new areas. Making that ARM chip -do- something. Engineering is about applied technology, and I think that's what I do best.
There has been a lot of growth in what I'm interested in - embedded systems. Those systems typically solve specific problems in industry, or help give that margin to reduce costs. Through positioning myself in that space, and maintaining a good network of connections from prior jobs and contracts I feel very positive the future.
I certainly hear what you are saying about the P.Eng designation. I could qualify for mine now, but will probably not bother pursuing it for another few years. I have every intention of hanging my shingle out eventually, when I have the capital saved to do so. There isn't much advantage to it right now, and I personally feel it may be too late to rely on government and professional organizations to change the trend of global outsourcing. Personal liability clauses, ala building design, would be a great boon - but not one that is likely to happen. I do feel my engineering degree is a great differentiating factor, though - It's gotten me jobs and contracts a CS degree would not have. Just like I feel that a P.Eng designation, and the right to have "Engineering" in my company name will be a differentiating factor when I go it on my own. I'm Canadian, though, and engineering is much more protected here than in the US.
I also have the cynical opinion I will never be able to set up a "home" as my parents knew it. Until I'm ready to retire, I live knowing I might have to move anywhere in the country to stay employed.
The other piece of unrelated advice I will tell everyone is to chose a mate carefully and as early as you feel you are mature enough to do so. Two professional incomes means the difference betwen retiring at 40 or 45 comfortably - or not retiring at all.
..from a Canadian.
Well, since you're tracing causality, what country does the U.S. have to thank most for its freedom? France.
Where did the statue of liberty come from? A gift from the people of France. It cost ~$100,000 IIRC.
FPGA boards are very expensive because they're not mainstream and are typically a real PITA to integrate into software projects. I worked on FPGAs for about a year - the industry is coming a long way, new tools and compilers are becoming available almost monthly - but it's not a cheap place to play in. Even the low-end of the scale you're talking about $1000-1500USD for a board with a mid-sized Virtex on it.
Do you REALLY think they don't have something to decipher all encrypted traffic?
No, but I'm very sure "they're" not going to put it in a cisco router. It's always easier just to beat you with a rubber hose, anyhow.
Unfortunately it is a big deal. You just gave up every last drop of privacy you had. What's the next step?
No, really, I don't think this is a big deal at all. Governments have had voice tap capability for 30 or more years on communications network. Data tap capability on telephone switches has been around since at least the early 90's, that I am personally aware of. I suspect it dates back further. Are you aware that any voice conversation in North America is trivially tapped with a court order, and complete records of telephone calls date back like -forever-? Transparently, and without notification?
Once it's off your network - assume anyone can read it if it's not encrypted. Anyone who has been on the net for a long time has always assumed that about Email. Many people who have never seen a real sniffer in action would be scared to see what's possible.
This is just the continuation of that ability. It's a long way from ID cards, and since Windows isn't open source, how do you know that capability doesn't exist in there to begin with? You don't. So you run your own network, you firewall your data with code you can see, encrypt your communication channels, and hope for the best.
Ever wonder why you can't add on key exchange to those new J2ME phones for user-controlled encryption? Or any other advanced crypto features? Public key crypto renders content analysis useless, but for all practical purposes, traffic analysis is almost as good if it's complete. I don't need to know what you said to somone if I know to whom you said it and when, and can figure out what they did after that, etc etc.
If I really care about you, then out come the black vans and you get PATIOT'ed.
This doesn't seem to be that big a deal to me. If you're passing large amounts of data around that would attract the attention of people who could get a lawful intercept warrant, then I would assume you are smart enough to use SSH, IPSec, or some other similar secure communications technology that renders the capability of this system useless. I smell an attempt to get a law mandating that ISPs upgrade to this equipment, meaning they'll have to replace all their existing non-conforming equipment by some date. I imagine the post-dot-com networking market is taking a hurting now.
"They" can already get IP logs and such that reveal a lot even without access to the information contained in the packets. Traffic analysis is a very powerful tool. The only people who would really stand a lot to lose from this would be the music and/or warez traders. Warez isn't that big a deal, and music copying isn't a big criminal deal here in Canada.
*shrug* Another cash grab. Hope someone 0wns the system good and makes Cisco look stupid. Oh, wait, DMCA. Nevermind.
You can take precautions without a ESD strip. Unless I'm working on raw chips, or very, very expensive pieces of equipment, it's not worth the hassle. Nobody is going to bother, so here are some much easier to follow words of wisdom:
ESD advice for system self installers:
- Ground yourself to the metal chassis or something comparable on your system before you start assembling things. Do this frequently.
- Leave things in the anti-static bags until you're ready to put them together.
- Don't handle ram chips by the pins. Handle the modules by the edges of the package. If you can't get them into the system like this, then move the system so you can. This advice is good for motherboards, hard drives, system cards - handle them by their edges only, not on the pins or where the socket connector is.
- Never handle a cpu by the pins. Ever.
Taking those basic precautions will get you a long life and few problems without the hassle of wondering where a ESD strap is. Memtest is your friend, and use a good power supply. If you need to ask, odds are you don't have one.
10 years of computer buying, modern anyhow. Not a single cheap ass stick of generic memory has ever given me a problem - I've had more problems with brand name memory that's been from questionable sources. A good distributor should not sell you defective memory off the shelf.
When in doubt, test.
If you like OpenBSD, chip in a few bucks. If it went down the way it did, then that's a shame. I'm a Canadian, FWIW, and it's really too bad this went down like it did. I also run a OpenBSD 3.2 firewall that I love. I can't say that it suprises me though, and it certainly is dissapointing.
If you're an American and don't like this, then write your elected representative of choice. I'll be writing mine, but only because I'd rather see them throw money at these guys than a $1.077 Billion dollar gun registry boondacle. OpenBSD sells boxed sets, and I certainly imagine they'll take cash, too.
I didn't see in the article anywhere you could send a donation to. OpenBSD.org has their own donations page and a orders page for their propaganda and cds and section for donations as well.
If nothing else, OpenBSD will profit greatly from the exposure and free publicity this will generate in the Globe and Mail tomorrow.
We need this why again? I love how there's this crisis that requires microsoft to have access to my computer's execution. What's so wrong with the current model of computing that requires something to literally shake it to it's core? Why can I not be trusted with the keys to my own computer?
"No."
No, I'm not going to buy a Palladium computer. Vote with your wallets on this one, and it'll sink into the historical curiosities bin with Divx. Apple, hopefully, will have nothing to do with this, but if they get sucked in, then I can guess there's going to be one hell of a demand for pre-palladium computing devices. Joe consumer isn't as stupid as he/she appears, sometimes. I don't see any win here for me, and I see big wins for Wintel. Uh-uh.
"No."
Or does that make me a terrorist?
Now, can someone tell me what practical applications there might be of this? Or is it strictly an abstract concept?
People thought imaginary numbers were voodoo when the concept was introduced. As an EE, that magic box in front of you now is largely possible because of the applications of those numbers ~350 years after the fact. Check out A history of hypercomplex numbers.
Math is about the language of patterns and logic. Dicovering a new principle is akin to explaining on a language - you have more tools to describe things with.
I do wish math -teachers- had better abilities to describe and show visually why math is nifty. If I had a good math teacher in grade school, my life would be different now. I was lucky enough to have one in my first year of university (Dr. Chernoff @ UNB - you 0wn), and that's why I survived my engineering degree. Math is neither hard, or useless. It's like saying language is useless.
Going to ban heavy trucks? Their exhaust is loaded with microparticulates. Living in a modern society has risks, what's the news there? Living in the woods has worse risks. That's the price of advancement.
Google search on diesel particulate and cancer.
Pushing 30 :)
If I had a nickle for everyone who said "wait 5 years"... anyhow, I've had good luck - 30lbs of muscle is nothing to sneeze at - but I'd like to put on another 20lbs. OOG SMASH STUFF GOOD!
Ya know, tinkering with things made me into the productive, honest, educated person I am today. Building a red box from old ascii schematics is probably why I'm a EE today. Fooling around with the - gasp - provided schematics for my commodore 64 and Amiga. Did any of that harm anyone? Nope. I can remember though, when things started to get more secure - you couldn't play around with the phones anymore, because all the signalling went OOB. Etc, etc. People wouldn't give you programming information for hardware. Blah.
Now it seems like they just whip out the DCMA in the US (I'm Canadian). Now, if I was still a EE in school, all I'd need to know is maybe that system isn't as secure as it has to be. If there's no two way secure challenge, and a playback attack works.. hahaha.. that's a first year digital lab level skill project.
Stupid companies. Any university with a EE department is going to be getting a new system shortly, mark my words. No exploit required.
*shrug* You reap what you sow.
This is funny. I work out three times a week and eat nonstop in an effort to gain weight. While I continue to up my strength (impressively so), I steem to peak around 155-160lbs. I'm 6'3. If I stop, I immediately start losing weight.. I was 130lbs for the longest time.
:).
*shrug* As long as there's no famines in the future I guess I'm OK then
Thermodynamics is your friend; eat less calories than you burn and I guarantee! (tm) you'll lose weight over the long run, water retention not included.
Last time I buy a game before getting a copy first. It sucked HARD. F1 Racing and Geoff Crammond's Grand Prix 4 are fastly better games, but guess what? EA appears to have the rights to all later than 2001 FIA rights. So nobody else can make a F1 game based around recent teams.
Arrgh.
One of the interesting things I took from the astrohysics class I took for an elective in University was the prof commented on a problem with planes like the concorde. To get the speed they need, they need to go at a high altitude. One of the problems with burning fuel at that altitude is you are polluting in the upper atmosphere - affecting ozone and it's production.
Not a big amount, but it's certainly there.
..in the embedded world. My company is wrapping up a project to move from a NT/IE embedded system running a web application to a Linux/Konq one. There's no contest which is better. It's not even close. This is too little, too late.
We're also migrating from MSQL server because of the insane licensing fees. There's been some movement here from Microsoft too, but once bitten..