more effective at blocking subversive communication
How does the rest of the world blocking outgoing (from China) SPAM email affect any kind of subversive communication? Even if the entire world blocks all email from all Chinese ISP, it still doesn't mean their subversive blocking efforts are any easier -- they still have to block the free access to subversive information (e.g. outgoing HTTP requests, incoming HTTP responses, incoming email, etc.).
What you are describing is called a fixed focus lens. And if one doesn't want to optically zoom, an extremely wide field of view is acceptable, and the image degradation is acceptable, they are great. That's why phones, and disposable cameras use them.
However, once you get into optical zooms, the focal length becomes too long to maintain the depth of field characteristics though the entire distance that is discernable. At that point, focusing the lens becomes necessary to put that limited depth of field where you need it for what you're looking at. Worse even, is that the depth of field becomes an even smaller range distance the closer you are to the camera, but I don't think macro photography is high on every phone camera owners mind:-)
".. causes the user of the technology to infringe copyrighted works without the user making a specific, informed decision, for each copyrighted work at issue, about whether to engage in such infringement;
"
Doesn't this mean that all the file sharing programs have to do, is to pop up a dialog box for each file that is can't verify the user has the rights to download?
Wouldn't that give the user a specific, informed decision about every file and also remove the program from inducing infringement by the terms of this draft?
Or perhaps the answer is for the teachers to get together and reduce the signal to noise ratio on the term papers for their subjects by submitting lots of bad term papers. They wouldn't even need to write them themselves, just make it mandatory for all students to submit the term papers to as many of these sites as they can find. The papers get wide exposure so they are easy to find for comparison, the students get credit for the work (theirs or not) and potential plagerizers are forced to think about which paper to copy and how much of it to copy.
That might even solve the problem altogether. If you were a student who plagerized someone else's work, would you want to risk incurring their legal wrath by having to post it as your own work so publically? The legends about the students caught that way might alone be enough to deter such obvious plagerism.
Automatically installing code on a user's system without their consent is never a good idea
And allowing users to clog the network with infected machines they are too clueless or too unwilling to fix is a better idea? MS and RedHat both already allow automatic installation of patches. That's all this is.
Virally propegated code, no matter the intent, still generates network traffic
True. And everybody downloading the patch also clogs the network, although not so bad because it damps itself out. But don't foget, such a "white" virus also suffers from its own success because the more machines that are patched, the harder it is for it to find more. When they give up the search, the network congestion ends. Not typically so with a malicious worm.
mistakes in their code which could have adverse effects on the systems they are attempting to patch
Agreed. And I personally have been bitten by a bad patch that sealed a hole while breaking an app. Just because the security patch was something I went and got didn't make me immune from bugs in it. What getting it myself did do was make me know where to go for the patch to the patch. If well known organizations are producing the "white" viruses, and those patches identified themselves as they installed, then you would know where to go for the patch to the patch when this happens.
back away from the internet in fear
True.. But by the same reasoning, if you don't like telemarketers, cancel the telephone, don't like spam, cancel the email account, etc. Not a very reasonable way to live one's life.
So I agree that people should have a grace period to install a patch or otherwise secure their systems from infections. However, after that, there is no reason not to release a white virus to patch the rest of the systems. They already have a virus that self-installed, and the owners already imply their consent to such actions by doing nothing, so I see no reason to worry about a self propagating patch on such systems. The ones that have been manually patched or otherwise secured are not affected.
Perhaps future elections will be held using secure quantum voting
Republicans spin to the left, Liberals to the right and democrats just sit there? Or is it Republicans to the right, Democrats to the left and Liberals do nothing? Or it is...
Years ago, it was explained to me that I didn't actually need the coupon from the newspaper to get the discount because, if they forced me to have it, then they were discriminating against people who did not get the paper.
Analogously, if MS actually tried to implement such a watch-to-get-the-goodie scheme, wouldn't they be discriminating against people who don't own a TV? Sure they can try to convince you that you have to watch for the goodie, but they can't actually force you to do so to get it.
Hmmm.. sounds to me like there might somehow be a patent in there somewhere to box them in and prevent them from being able to use this patent.. if only I could figure out what it was so I could patent it...
I saw no mention of how mcuh water evaporates from this thing in a day, but my gut feel says it's gonna be a bunch (>1gal/day). Anyone know any exact evaporation figures?
they have already suffered a "major loss of data"...the database has been GONE for weeks, months, or even years
OR, it means that the database is corrupt, and touching the corrupt areas causes the system to crash (and corrupt more data). The oldest data is the most likely to be corrupted without anyone knowing. Might even be a hardware failure.. you happily go on thinking the data is OK until you tried to access it and.. kablooie.
Does smell like a coverup for lack of backups.. perhaps the requestor should file for access to a backup of the data instead.. just to give them enough rope to hang themselves with. Then hand the situation over to the news media for investigation -- the inability to backup such a critical database has to be worth some mention on the media:-)
No matter how you figure it, you're in a tough spot. Fresh out of college, you are having to compete with the 5+ yr experience folks for a job. Sorry, but that's the reality of today's economy.
However, you do have one advantage.. perhaps. You are willing to work for less than those other guys. All you have to do is convince a potential employeer that you know as much as the 5+ guys about the skills the employeer really cares about, and you've got a shot.
If I were in your shoes, I'd take stock of my interests and other skills, then see if I could find work in places where that (domain) knowledge is very important. It'll be hard, there are not many places where all your qualifications will fit, and they may not be looking for a SW person (or even know they should). But, it might be easier than competing with the 5+ guys out there. As a way in, perhaps see if you can find some small places where they apply your interests and see if they need any odd computer-related jobs done? It's at least work in your field, possibly with a bunch of opportunities: you are building a rep within a few companies, you are making contacts that you might be able to network into something more permanent, and you are building your resume.
So, working with what you stated ("Desktop-grade routers, switches and wireless as well as any/all desktop PC (and some Mac) hardware"), do you know anyone with a very small company or even individuals that need this sort of stuff set up? How about friends and neighbors that need it set up but don't have the time? Wireless.. lack of wireless security is even hitting the mainstream news these days so practically everybody with wireless is aware they are probably at risk here.. got any neighbors that want that stuff set up but don't know how or have the time to learn? How about long term maintence on their setup? Do they have time to follow all the latest threats and upgrade their hardware/software/firmware/configuration as needed to keep the baddies out? Do they even have the time to figure out what the right * for them is? Think about it.. you can't support a family on this sort of odd job work (not at first anyway) so there's no competition from the 5+ guys down there. It gets you the networking experience you need, contacts and you might even be able to build a small company out of it. The one thing is won't get you though, is experience to chase after the large corporate net/sys admin jobs.. but is that what you need to do earn a living?
phones will be phased out completely, to be replaced by web addresses
I don't know about this, but having an algorithmic mapping between phone numbers and IP addresses (prolly IPv6) seems sensible. That way, all the communications technology can converge on a single nomenclature for addressing endpoints. At least this way, DNS becoms the equivalant of a phone directory, put in name to get the IP address/phone number or visa versa.
Come to think about it, the same could be said for street addresses. Probably want to wait for IPv8 or IPv12 or something like that before that made sense though.
The best offices I've had have been the kind with a door. I've always had to share the space with an office mate, but that was hardly a problem. The advantages were that the office was never louder than a cube farm, most of the time quieter, and if someone needed to concentrate, could be a lot quieter.
The only problem I've had with that setup was in an office where corporate communication was primarily by scuttlebutt. If your office works that way, you positively need to take the productivity hit that a cube farm has to provide a better communication channel.. maybe give every employee a set of noise-deadening earmuffs or something to try to get back some of the productivity loss.
.. it may be defeating the coolant systems on the laptop
Well, on my laptop (a different design Inspirion, with little fans out the back), the owners manual specifically states that the bottom of the laptop is part of the heat dissipation design, and that blocking it (such as putting it on the specifically discouraged soft surface) can lead to overheating.
However, given the fans and air intake on the sides, I risk it a lot, figuring that the case has a far shorter lifespan than the electrical ones put through that occasional stress. Besides, it helps keep me warm and toasty on those cold waits for the light rail:-)
each file is uniquely locked by the customer's live fingerprint scan
Just paste 'em over the buttons so they always read the same "fingerprint" pattern no matter what (or who) causes the button click. Sounds like the perfect open product design project:-)
Ok, I'm joking, but seriously, do these people never think of how to defeat their technology?
No job is good for being a parent. They all get in the way.
The trick is to keep things balanced. Try to be there when they need you and to do good enough at work to further your career. Now matter what through, you have to face the three realities: 1) sometimes you won't be able to be there because of that pesky thing called a job, 2) you will probably have to give up on some of your career aspirations because you (I hope) don't want to put all your energy into your career anymore, and 3) keep an eye on the balance.. it won't happen automatically and it'll never stay balanced once done, so you have to keep going back every now and then and make adjustments (how often is up to you, but it isn't a do-and-forget kind of thing.. unless you want to look back in 20 years and realize you failed at the dad thing). I've found major life and work changes to be good times to do the rebalancing thing.. beginning and end of projects, beginning and end of the school year, etc.
Oh, and one more thing.. I don't know who said it, but it is very true about balancing work with family.. "you can please some of the people some of the time, but you can't please all the people all the time", I'd add "the trick is to please enough of the people to enough of a degree that everybody is happy enough".
Some math is useful for programming directly, logic, algebra, etc. However, the higher math isn't really needed to write the program, but to solve the problem you're writing a program for. So, while you might not use the math for a while, depending on what you get into over your career, you may find that a lot more of it applies toward your understanding of the problems you are asked to make the computer solve. That makes you capable of writing (and getting right) programs that someone with less math knowledge can't handle.
That said, one of the more useful courses I took in college was the numerical analysis, wherein we studied things like how to figure out the computational magnitude of an algorithm and how to reduce error progagation through an equation or algorithm. If such a course isn't on your school's list of required courses, put it on your own personal one. I've lost count of the times I've used knowledge from that course, and even of the smaller number of times I've had to teach the basics to a coworker so they could understand why it was important to write things "my way".
Their skill will save their jobs, since it allows the company to reliably deliver.
Do the suits making the oursourcing decision know this? If so, then yes, you are probably right, the smartest move is to be able to continue to deliver good quality products on time.
However, chances are, all they know is that their staff delivers quality products on time for a cost. If someone else comes along and convinces them that some other staff can do the same for less cost, well, it doesn't take a PhD to figure out which way the decision will go.
So, yes, while mediocrity will die in the long run, a lot of non-mediocre people will loose their jobs in the near term... unless they figure out a way to make the suits understand the value that the local people give them that outsourced people can't match (as soon as I figure out any, I'll get back to you:-).
..emplementing the poorly expressed goals of the customers may fall short in the real-world
I'm not sure I agree with this. In my experience, the customer usually can't express their needs hardly at all. They know they need help, but not what kind of help that should be. At best, this means they can dicuss the solution they want only in terms of their problem domain. This means that someone has to interpret what the customer wants. Who does the interpreting, and what their biases and knowledge is, colors their interpretation. This isn't really their fault, just a fact of being human. Then, they give their interpretation to the developers, who again, don't understand what is being asked of them, so they make yet another interpretation, coloring it with their biases and knowledge.
Im my experience, the projects that rely on more levels of interpretation ultimately don't deliver what the customer wants. The projects that eliminate the layers of interpretation succeed better. The extreme of eliminating the interpretation is to have the developer who is going to design and direct the efforts to implement the solution spend enough time with the problem domain to actually understand not just what solution the customer is asking for, but also why they are asking for it.
This is probably why a lot of Open Source projects seem to solve problems better than proprietary ones -- they are often started by people that know not only how to implement the solution, but also understand the problem domain to the point of understanding why someone might want that solution.
Is there an easier way to weed out the attempts from all of those script kiddies and worms to get into certain services on your network?
Port knocking is really just another form of password entry. It appears safer because there isn't a challenge prompt, but what does a prompt really buy you, anyway.
So, standard password passing schemes can be applied, which leaves one obvious solution..
encode a one time use password into the port sequence to knock on. This is probably the most secure solution as it still doesn't require any servers listening on ports and the port sequence changes every time it is used, so simple replay attacks don't work.
You won't get a challenge that you get to repond to though, so you'd have to compute it independently at both ends.. maybe like ratchet to the next challenge value every successful connect or every N minutes.
Figuring out how to pass a piece of data along with the knock, while still not requiring a server listening on a port, would be even better -- you'd not only have to know the magic port sequence to use this time, but the magic pieces of data to pass along with each tap. Perhaps the network protocol could be used? Encode into the knock sequence whether each tap is via UDP or TCP?
Getting back in sync on the challenge value would be a bitch through... oh, the price of security:-)
It is the chlorine that breaks off normal CFCs like Freon (CCl2F2) when exposed to UV rays
As I recall, the C-Cl bond absorbed the UV energy and broke. That required that the UV energy be the right wavelength. The C-Fl bond will be much tighter, so will take a different (shorter?) wavelength. Of course, as you pointed out, once broken, it too will start the Ozone-destroying chain reaction just as well as Cl does.
Slashdot Mirror
How does the rest of the world blocking outgoing (from China) SPAM email affect any kind of subversive communication? Even if the entire world blocks all email from all Chinese ISP, it still doesn't mean their subversive blocking efforts are any easier -- they still have to block the free access to subversive information (e.g. outgoing HTTP requests, incoming HTTP responses, incoming email, etc.).
However, once you get into optical zooms, the focal length becomes too long to maintain the depth of field characteristics though the entire distance that is discernable. At that point, focusing the lens becomes necessary to put that limited depth of field where you need it for what you're looking at. Worse even, is that the depth of field becomes an even smaller range distance the closer you are to the camera, but I don't think macro photography is high on every phone camera owners mind :-)
At any rate, that's why it needs to focus at all.
".. causes the user of the technology to infringe copyrighted works without the user making a specific, informed decision, for each copyrighted work at issue, about whether to engage in such infringement; "
Doesn't this mean that all the file sharing programs have to do, is to pop up a dialog box for each file that is can't verify the user has the rights to download? Wouldn't that give the user a specific, informed decision about every file and also remove the program from inducing infringement by the terms of this draft?
Or perhaps the answer is for the teachers to get together and reduce the signal to noise ratio on the term papers for their subjects by submitting lots of bad term papers. They wouldn't even need to write them themselves, just make it mandatory for all students to submit the term papers to as many of these sites as they can find. The papers get wide exposure so they are easy to find for comparison, the students get credit for the work (theirs or not) and potential plagerizers are forced to think about which paper to copy and how much of it to copy.
That might even solve the problem altogether. If you were a student who plagerized someone else's work, would you want to risk incurring their legal wrath by having to post it as your own work so publically? The legends about the students caught that way might alone be enough to deter such obvious plagerism.
On RedHat strains of Linux, check out the Red Hat Network. Turn on auto updating.
And allowing users to clog the network with infected machines they are too clueless or too unwilling to fix is a better idea? MS and RedHat both already allow automatic installation of patches. That's all this is.
Virally propegated code, no matter the intent, still generates network traffic
True. And everybody downloading the patch also clogs the network, although not so bad because it damps itself out. But don't foget, such a "white" virus also suffers from its own success because the more machines that are patched, the harder it is for it to find more. When they give up the search, the network congestion ends. Not typically so with a malicious worm.
mistakes in their code which could have adverse effects on the systems they are attempting to patch
Agreed. And I personally have been bitten by a bad patch that sealed a hole while breaking an app. Just because the security patch was something I went and got didn't make me immune from bugs in it. What getting it myself did do was make me know where to go for the patch to the patch. If well known organizations are producing the "white" viruses, and those patches identified themselves as they installed, then you would know where to go for the patch to the patch when this happens.
back away from the internet in fear
True.. But by the same reasoning, if you don't like telemarketers, cancel the telephone, don't like spam, cancel the email account, etc. Not a very reasonable way to live one's life.
So I agree that people should have a grace period to install a patch or otherwise secure their systems from infections. However, after that, there is no reason not to release a white virus to patch the rest of the systems. They already have a virus that self-installed, and the owners already imply their consent to such actions by doing nothing, so I see no reason to worry about a self propagating patch on such systems. The ones that have been manually patched or otherwise secured are not affected.
Republicans spin to the left, Liberals to the right and democrats just sit there? Or is it Republicans to the right, Democrats to the left and Liberals do nothing? Or it is...
Dang! now I'm too dizzy to vote
Analogously, if MS actually tried to implement such a watch-to-get-the-goodie scheme, wouldn't they be discriminating against people who don't own a TV? Sure they can try to convince you that you have to watch for the goodie, but they can't actually force you to do so to get it.
Hmmm.. sounds to me like there might somehow be a patent in there somewhere to box them in and prevent them from being able to use this patent.. if only I could figure out what it was so I could patent it...
Windows: remember to top off the computer daily, say, with every OS patch.
Linux: um.. er.. well,, just remember to top off the thing daily, OK?
I saw no mention of how mcuh water evaporates from this thing in a day, but my gut feel says it's gonna be a bunch (>1gal/day). Anyone know any exact evaporation figures?
I get it.. so when he gets lost and someone takes him to an embassy, his government can come and get him, right?
OR, it means that the database is corrupt, and touching the corrupt areas causes the system to crash (and corrupt more data). The oldest data is the most likely to be corrupted without anyone knowing. Might even be a hardware failure.. you happily go on thinking the data is OK until you tried to access it and.. kablooie.
Does smell like a coverup for lack of backups.. perhaps the requestor should file for access to a backup of the data instead.. just to give them enough rope to hang themselves with. Then hand the situation over to the news media for investigation -- the inability to backup such a critical database has to be worth some mention on the media :-)
However, you do have one advantage.. perhaps. You are willing to work for less than those other guys. All you have to do is convince a potential employeer that you know as much as the 5+ guys about the skills the employeer really cares about, and you've got a shot.
If I were in your shoes, I'd take stock of my interests and other skills, then see if I could find work in places where that (domain) knowledge is very important. It'll be hard, there are not many places where all your qualifications will fit, and they may not be looking for a SW person (or even know they should). But, it might be easier than competing with the 5+ guys out there. As a way in, perhaps see if you can find some small places where they apply your interests and see if they need any odd computer-related jobs done? It's at least work in your field, possibly with a bunch of opportunities: you are building a rep within a few companies, you are making contacts that you might be able to network into something more permanent, and you are building your resume.
So, working with what you stated ("Desktop-grade routers, switches and wireless as well as any/all desktop PC (and some Mac) hardware"), do you know anyone with a very small company or even individuals that need this sort of stuff set up? How about friends and neighbors that need it set up but don't have the time? Wireless.. lack of wireless security is even hitting the mainstream news these days so practically everybody with wireless is aware they are probably at risk here.. got any neighbors that want that stuff set up but don't know how or have the time to learn? How about long term maintence on their setup? Do they have time to follow all the latest threats and upgrade their hardware/software/firmware/configuration as needed to keep the baddies out? Do they even have the time to figure out what the right * for them is? Think about it.. you can't support a family on this sort of odd job work (not at first anyway) so there's no competition from the 5+ guys down there. It gets you the networking experience you need, contacts and you might even be able to build a small company out of it. The one thing is won't get you though, is experience to chase after the large corporate net/sys admin jobs.. but is that what you need to do earn a living?
I don't know about this, but having an algorithmic mapping between phone numbers and IP addresses (prolly IPv6) seems sensible. That way, all the communications technology can converge on a single nomenclature for addressing endpoints. At least this way, DNS becoms the equivalant of a phone directory, put in name to get the IP address/phone number or visa versa.
Come to think about it, the same could be said for street addresses. Probably want to wait for IPv8 or IPv12 or something like that before that made sense though.
The only problem I've had with that setup was in an office where corporate communication was primarily by scuttlebutt. If your office works that way, you positively need to take the productivity hit that a cube farm has to provide a better communication channel.. maybe give every employee a set of noise-deadening earmuffs or something to try to get back some of the productivity loss.
Well, on my laptop (a different design Inspirion, with little fans out the back), the owners manual specifically states that the bottom of the laptop is part of the heat dissipation design, and that blocking it (such as putting it on the specifically discouraged soft surface) can lead to overheating.
However, given the fans and air intake on the sides, I risk it a lot, figuring that the case has a far shorter lifespan than the electrical ones put through that occasional stress. Besides, it helps keep me warm and toasty on those cold waits for the light rail :-)
Just paste 'em over the buttons so they always read the same "fingerprint" pattern no matter what (or who) causes the button click. Sounds like the perfect open product design project :-)
Ok, I'm joking, but seriously, do these people never think of how to defeat their technology?
The trick is to keep things balanced. Try to be there when they need you and to do good enough at work to further your career. Now matter what through, you have to face the three realities: 1) sometimes you won't be able to be there because of that pesky thing called a job, 2) you will probably have to give up on some of your career aspirations because you (I hope) don't want to put all your energy into your career anymore, and 3) keep an eye on the balance.. it won't happen automatically and it'll never stay balanced once done, so you have to keep going back every now and then and make adjustments (how often is up to you, but it isn't a do-and-forget kind of thing.. unless you want to look back in 20 years and realize you failed at the dad thing). I've found major life and work changes to be good times to do the rebalancing thing.. beginning and end of projects, beginning and end of the school year, etc.
Oh, and one more thing.. I don't know who said it, but it is very true about balancing work with family.. "you can please some of the people some of the time, but you can't please all the people all the time", I'd add "the trick is to please enough of the people to enough of a degree that everybody is happy enough".
And after all, we all know that a mere spark couldn't possibly ignite gasoline vapor. Come to think of it.. I wonder how spark plugs work now? :-)
Well, technically yes, but since only evildoers will cry, wear hard contact lenses and have long eyelashes..
That said, one of the more useful courses I took in college was the numerical analysis, wherein we studied things like how to figure out the computational magnitude of an algorithm and how to reduce error progagation through an equation or algorithm. If such a course isn't on your school's list of required courses, put it on your own personal one. I've lost count of the times I've used knowledge from that course, and even of the smaller number of times I've had to teach the basics to a coworker so they could understand why it was important to write things "my way".
Do the suits making the oursourcing decision know this? If so, then yes, you are probably right, the smartest move is to be able to continue to deliver good quality products on time.
However, chances are, all they know is that their staff delivers quality products on time for a cost. If someone else comes along and convinces them that some other staff can do the same for less cost, well, it doesn't take a PhD to figure out which way the decision will go.
So, yes, while mediocrity will die in the long run, a lot of non-mediocre people will loose their jobs in the near term... unless they figure out a way to make the suits understand the value that the local people give them that outsourced people can't match (as soon as I figure out any, I'll get back to you :-).
I'm not sure I agree with this. In my experience, the customer usually can't express their needs hardly at all. They know they need help, but not what kind of help that should be. At best, this means they can dicuss the solution they want only in terms of their problem domain. This means that someone has to interpret what the customer wants. Who does the interpreting, and what their biases and knowledge is, colors their interpretation. This isn't really their fault, just a fact of being human. Then, they give their interpretation to the developers, who again, don't understand what is being asked of them, so they make yet another interpretation, coloring it with their biases and knowledge.
Im my experience, the projects that rely on more levels of interpretation ultimately don't deliver what the customer wants. The projects that eliminate the layers of interpretation succeed better. The extreme of eliminating the interpretation is to have the developer who is going to design and direct the efforts to implement the solution spend enough time with the problem domain to actually understand not just what solution the customer is asking for, but also why they are asking for it.
This is probably why a lot of Open Source projects seem to solve problems better than proprietary ones -- they are often started by people that know not only how to implement the solution, but also understand the problem domain to the point of understanding why someone might want that solution.
Port knocking is really just another form of password entry. It appears safer because there isn't a challenge prompt, but what does a prompt really buy you, anyway.
So, standard password passing schemes can be applied, which leaves one obvious solution.. encode a one time use password into the port sequence to knock on. This is probably the most secure solution as it still doesn't require any servers listening on ports and the port sequence changes every time it is used, so simple replay attacks don't work.
You won't get a challenge that you get to repond to though, so you'd have to compute it independently at both ends.. maybe like ratchet to the next challenge value every successful connect or every N minutes.
Figuring out how to pass a piece of data along with the knock, while still not requiring a server listening on a port, would be even better -- you'd not only have to know the magic port sequence to use this time, but the magic pieces of data to pass along with each tap. Perhaps the network protocol could be used? Encode into the knock sequence whether each tap is via UDP or TCP?
Getting back in sync on the challenge value would be a bitch through... oh, the price of security :-)
As I recall, the C-Cl bond absorbed the UV energy and broke. That required that the UV energy be the right wavelength. The C-Fl bond will be much tighter, so will take a different (shorter?) wavelength. Of course, as you pointed out, once broken, it too will start the Ozone-destroying chain reaction just as well as Cl does.