Gah, what a lot of verbiage. Please let's keep this brief
Here is a typical and realistic scenario instead:
You connect to my site, and being the paranoid type you prefer https.
You get a self-signed cert. Would you grumpily accept it or would
you go to http? I'd imagine the former.
Next, you bring your laptop to a Starbucks, where for all you
know some bastard has stuck a hub and plug computer on the router
when it was all installed and the proprietor has no idea. You want
to use my site again. Would you use http or https?
Consider that with http you are guaranteed to be sniffed without
even knowing it. With https you cannot, and if they got fancy
and tried MitM the browser would raise a stink.
This scenario faces me all the time. So I'm quite happy with the self signed cert.
If I've missed something big, please do tell
Que some security pedant arguing that authentication from third party shysters like these is more important than having an encrypted connection.
Leaving aside the "shyster" bit, without some sort of third-party validation, how would you know that you've actually established a secure connection to the trusted party, rather than some MITM?
When you use unencrypted http, you are subject to MITM with every single connection you do. Plus simple passive sniffing
on top of it all. Is that any better?
Here's a very real scenario. Some months back, you connected to some minor site via https and accepted their self-signed certificate.
Today, you are at a Starbucks and want to look at that site again. You have two choices:
Connect via unencrypted sniffable, MITM-vulnerable http
Connect via encrypted unsniffable MITM-vulnerable https which will raise a stink if an MITM tries to pawn off a new cert
Since browsers make such a fuss about self-signed certs, all webserver installations
default to plain http. They could generate a self-signed cert on install and serve https
by default (redirecting http to https), but this is unworkable thanks to browsers treating self-signed worse than unencrypted.
Thanks to this, I can sniff my LAN and haul in gobs of login/password combination
(like from slashdot.org, which doesn't support https), since the vast majority of websites
use plain http since it takes an effort to use https.
I don't have to get frustrated by the encrypted self-signed connections that
I can't even MitM, because invariably they've already used them previously outside
my LAN and so any MitM attempt I try will throw up huge screaming warnings in the browser.
So ok, have it your way. Things are actually pretty awesome this way. It should take effort to have encryption,
because everybody sets up fancy MitM systems but absolutely nobody sniffs LANs with wireshark.
The MitM vulnerability is only there the first time you connect to a self-signed certificate site. After that you're fine.
With plain http, you are vulnerable every time you connect to the site. They don't even need MitM; they can just sniff the session.
This is absolutely terrible.
Folks like me who run small sites use self-signed certs all the time because I don't want to pay the extortion fees of the CA keepers, who seem to
dole out certificates without really checking anyway.
Self signed certs are not ideal, but they are definitely better than plain http. All I ask is that the browsers don't make quite such a big fuss
about them. They could simply say "This connection is using weak encryption. No bank or large institution would do this. [Ok this time] [Cancel] [Ok forever]"
instead of the big fuss that Firefox currently does. That message isn't entirely accurate, but it more or less explains it to a normal user.
If it's just some free webmail site (like mine), that's fine.
To put it another way, for your argument to be consistent every plain http connection should start with a big "Warning! This connection is unsecured!" dialog.
The way things are now, users think self-signed https connections are less secure than plain http connections which is ridiculous.
And if you have a self-signed certificate, you fail with an F no matter how good everything else is.
So once again it's a site implying that unencrypted plain http is somehow better than an TLS connection that happens to be using an unsigned certificate.
And firefox is still raising these big scary alerts about unsigned certs encouraging people to use unencrypted http instead of https.
Just goddamned brilliant.
It's the doorlock equivalent of raising a stink that since you don't have a triple deadbolt, just don't lock the door at all.
Hmmmm I'm a grizzled old developer and I don't entirely agree with you. Grace Hopper got about 30 seconds of coverage when I was at University (but I remember her anyway because of her awesomeness), but throwing a bunch of code at us and asking us to pretend to be compilers (i.e. detecting syntax errors) didn't occur at all. Instead we learned how to actually write compilers. And operating systems. And all that other hardcore stuff that goes along with having a degree in Computer Science rather than being a coding monkey.
I think the GP went to a really crappy college, and actually I'm curious which one it was. Uloi, will you confess:-) ?
The replacement instructions are obviously bogus and will be ignored.
What would be smarter would be to subtly modify the bomb recipes so that they simply won't work, or will blow up in the terrorist's face.
The famed Finnish sniper Simo Häyhä (505 kills, over 700 counting his machine gun badassery) preferred plain old iron sights.
What's interesting there is that he preferred it because of the concealment factor. His typical kills were done at 400+ m which is pretty close by modern standards, but he got that close by not lugging around a huge bling-bling scope and having to poke his head up to use it.
As an example, some years ago the corrupt CRTC allowed Rogers to buy out Fido, thereby creating a GSM monopoly. And this was supposed to somebody benefit Canadians? Unbelievable.
Get rid of the bastards. Replace them with almost anything; it couldn't be worse.
Mars is (averaged) 4 light-minutes away. (http://casswww.ucsd.edu/public/tutorial/Intro.html)
That 4 light-minutes is quite misleading. That's the average distance from Earth's orbital ellipse to Mars's orbital ellipse. However, what really matters is what phase of the orbit each planet is in. If they happen to be right next to each other at the closest approach, it's 3 light minutes. But if Mars in the opposite part of its orbit (i.e. on the other side of the Sun from Earth), it will be a whole 20 light minutes apart.
In my humble opinion, every ticket that's dismissed at Court should be made known to the police officer, it should be recorded against his record, and it should be made an offence to systemically issue tickets that are dismissed – the offence being a species of barratry.
I agree with that so much it hurts.
Cops are constantly making charges they know won't stick solely as a form of punishment. Plus, they have the incentive of
getting a day's pay for just sitting around in court surfing the web on their laptops until the case comes up and gets dismissed.
It's disgusting.
It still pisses me off that Fedora Linux does not recognise "Edinburgh" as a capital when selecting the TZ during installation but it does recognise USA state capitals.
That's not a Fedora thing of even a Linux thing. It's due to the organization of the timezone database,
which uses cities (not necessarily capitals) to pin down timezone locations.
For example, there is no Ottawa entry even though that is the capital of Canada, but it does have Toronto and Montreal simply because they are much bigger population-wise.
Also, Cardiff has no entry although it is the capital of Wales, and you don't hear the Welsh complaining. Well, maybe they are complaining but
who would understand what they're saying?
I am very much in the middle. I have a smart phone on a $10/month pay-as-you-go plan in Canada.
The key thing is that it has WiFi. So if I'm in a typical coffee shop, googling etc is completely free.
Plus I can also do VoIP calls then, so I don't even pay any cellphone rates in those places.
Outside of WiFi hotspots, I mostly use it as a "dumb" phone. However, on the rare occasion when I still
desperately need to google something, I'll use the $1 data "day pass" option.
As for the GPS, it has very detailed maps already downloaded, so I can use that without any sort of phone data plan.
Some years back I read about a guy cruising around the world, and the hassle of gun regulations discouraged him from carrying arms.
So he built an imitation rocket launcher out of tubing and other plumbing equipment. Whenever a suspicious looking speedboat seemed to be heading his way, he'd haul it out and stand there in his cockpit with it on his shoulder.
On more than one occasion the speedboat in question would do a U-turn and leave...
Beta radiation detectors in general don't have a lot of use in the field because there is always gamma radiation with beta radiation. And small gamma detectors already exist, such as the digital electronic portable dosimeters workers at nuclear plants use. If there is a question about beta dose, these same workers have thermoluminescent dosimeters with beta windows that can be analyzed on-site. If you actually need to survey an area, you can always use a beta-gamma dosimeter, but you would only do that if you were health physics tech.
There is no real use for this device.
FTFA:
Each kind of radioactive material produces different ratios of gamma rays to beta particles, and so from the signal one can tell what it is. A basic use for the detector is to see whether a soil sample, for example, is contaminated with anything radioactive. It could also be used to check whether a given area is worth mining for elements such as uranium.
Their claim is that the beta/gamma ratio (which it detects) is useful. Are you saying it is not?
Python whitespace is conceptually pretty close, probably why I find it repulsive.
Python whitespace in a nutshell: Indent your code as always. Next, don't bother with any brace brackets because you're done.
Why this bothers anybody is utterly beyond me. On the other hand, when I write C these days I sometimes
wonder why I have to babysit the compiler by entering a bunch of brace brackets when the indentation is
already there showing the code structure plain as a day.
Yeah, you cannot make any kind of a reasonable receiver with just two transistors. Especially not if you want FM.
And of course there's no way any manufacturer would include unnecessary parts, especially transistors back in the day when they were expensive.
"1-bit DAC" is basically PDM (Pulse DensityModulation). Calling it "1-bit" is a confusing marketing term.
It's hard to make an accurate DAC, since the weightings of the inputs have to be perfect powers of two which is hard to pull off.
So instead, they use a very high frequency and use an on/off signal in the time domain to indicate the desired voltage.
For example, to indicate "one fiftieth" you just leave the signal on for one fiftieth of your chosen time interval.
This is very easy to do accurately using a crystal oscillator and a counter.
Then in the end you use a low pass filter to make the final analogue signal. Cheap and practically errorless.
The other nice thing about OTP is that for a given encrypted message, you can create an OTP that produces any message you want.
So, for example, if the message gets intercepted and the NSA demands you produce the OTP key, you can provide one
that decrypts the message into a recipe for cranberry muffins.
Slashdot Mirror
Gah, what a lot of verbiage. Please let's keep this brief
Here is a typical and realistic scenario instead: You connect to my site, and being the paranoid type you prefer https. You get a self-signed cert. Would you grumpily accept it or would you go to http? I'd imagine the former.
Next, you bring your laptop to a Starbucks, where for all you know some bastard has stuck a hub and plug computer on the router when it was all installed and the proprietor has no idea. You want to use my site again. Would you use http or https?
Consider that with http you are guaranteed to be sniffed without even knowing it. With https you cannot, and if they got fancy and tried MitM the browser would raise a stink.
This scenario faces me all the time. So I'm quite happy with the self signed cert. If I've missed something big, please do tell
Que some security pedant arguing that authentication from third party shysters like these is more important than having an encrypted connection.
Leaving aside the "shyster" bit, without some sort of third-party validation, how would you know that you've actually established a secure connection to the trusted party, rather than some MITM?
When you use unencrypted http, you are subject to MITM with every single connection you do. Plus simple passive sniffing on top of it all. Is that any better?
Here's a very real scenario. Some months back, you connected to some minor site via https and accepted their self-signed certificate. Today, you are at a Starbucks and want to look at that site again. You have two choices:
Which would you choose?
Well I suppose I should look on the bright side.
Since browsers make such a fuss about self-signed certs, all webserver installations default to plain http. They could generate a self-signed cert on install and serve https by default (redirecting http to https), but this is unworkable thanks to browsers treating self-signed worse than unencrypted.
Thanks to this, I can sniff my LAN and haul in gobs of login/password combination (like from slashdot.org, which doesn't support https), since the vast majority of websites use plain http since it takes an effort to use https.
I don't have to get frustrated by the encrypted self-signed connections that I can't even MitM, because invariably they've already used them previously outside my LAN and so any MitM attempt I try will throw up huge screaming warnings in the browser.
So ok, have it your way. Things are actually pretty awesome this way. It should take effort to have encryption, because everybody sets up fancy MitM systems but absolutely nobody sniffs LANs with wireshark.
The MitM vulnerability is only there the first time you connect to a self-signed certificate site. After that you're fine.
With plain http, you are vulnerable every time you connect to the site. They don't even need MitM; they can just sniff the session. This is absolutely terrible.
Folks like me who run small sites use self-signed certs all the time because I don't want to pay the extortion fees of the CA keepers, who seem to dole out certificates without really checking anyway.
Self signed certs are not ideal, but they are definitely better than plain http. All I ask is that the browsers don't make quite such a big fuss about them. They could simply say "This connection is using weak encryption. No bank or large institution would do this. [Ok this time] [Cancel] [Ok forever]" instead of the big fuss that Firefox currently does. That message isn't entirely accurate, but it more or less explains it to a normal user. If it's just some free webmail site (like mine), that's fine.
To put it another way, for your argument to be consistent every plain http connection should start with a big "Warning! This connection is unsecured!" dialog. The way things are now, users think self-signed https connections are less secure than plain http connections which is ridiculous.
And if you have a self-signed certificate, you fail with an F no matter how good everything else is.
So once again it's a site implying that unencrypted plain http is somehow better than an TLS connection that happens to be using an unsigned certificate.
And firefox is still raising these big scary alerts about unsigned certs encouraging people to use unencrypted http instead of https. Just goddamned brilliant.
It's the doorlock equivalent of raising a stink that since you don't have a triple deadbolt, just don't lock the door at all.
Hmmmm I'm a grizzled old developer and I don't entirely agree with you. Grace Hopper got about 30 seconds of coverage when I was at University (but I remember her anyway because of her awesomeness), but throwing a bunch of code at us and asking us to pretend to be compilers (i.e. detecting syntax errors) didn't occur at all. Instead we learned how to actually write compilers. And operating systems. And all that other hardcore stuff that goes along with having a degree in Computer Science rather than being a coding monkey.
I think the GP went to a really crappy college, and actually I'm curious which one it was. Uloi, will you confess :-) ?
The replacement instructions are obviously bogus and will be ignored. What would be smarter would be to subtly modify the bomb recipes so that they simply won't work, or will blow up in the terrorist's face.
If you hack a calculator to cheat on an exam, you deserve that advantage, IMO.
The person who implemented the hack, sure, but what of the thousands afterwards who do nothing more than install it?
The famed Finnish sniper Simo Häyhä (505 kills, over 700 counting his machine gun badassery) preferred plain old iron sights.
What's interesting there is that he preferred it because of the concealment factor. His typical kills were done at 400+ m which is pretty close by modern standards, but he got that close by not lugging around a huge bling-bling scope and having to poke his head up to use it.
As an example, some years ago the corrupt CRTC allowed Rogers to buy out Fido, thereby creating a GSM monopoly. And this was supposed to somebody benefit Canadians? Unbelievable.
Get rid of the bastards. Replace them with almost anything; it couldn't be worse.
Metric thermostats do 0.5C increments. That's 0.9F.
So in your example, you are using the equivalent of 24.5C, 25C and 25.5C. I tend to use those settings in the same way you use yours.
Reminds of this set of speakers I purchased a while back. It says right on the box, "Now with enhanced MP3 support!".
Maybe it has a muffled high end so you don't hear the squishy mp3 artifacts so much?
A good marketer can turn any weakness into an asset!
I have an HD5970 on my Linux box. It gets a good workout running stuff like XPlane, which really does need a decent video card.
pi is the ratio of a circle's circumference to its diameter.
e is the number such that the value of the derivative of the function f(x) = e^x at the point x = 0 is equal to 1.
Now which number do you think has the better marketing plan?
Mars is (averaged) 4 light-minutes away. (http://casswww.ucsd.edu/public/tutorial/Intro.html)
That 4 light-minutes is quite misleading. That's the average distance from Earth's orbital ellipse to Mars's orbital ellipse. However, what really matters is what phase of the orbit each planet is in. If they happen to be right next to each other at the closest approach, it's 3 light minutes. But if Mars in the opposite part of its orbit (i.e. on the other side of the Sun from Earth), it will be a whole 20 light minutes apart.
In my humble opinion, every ticket that's dismissed at Court should be made known to the police officer, it should be recorded against his record, and it should be made an offence to systemically issue tickets that are dismissed – the offence being a species of barratry.
I agree with that so much it hurts.
Cops are constantly making charges they know won't stick solely as a form of punishment. Plus, they have the incentive of getting a day's pay for just sitting around in court surfing the web on their laptops until the case comes up and gets dismissed. It's disgusting.
It still pisses me off that Fedora Linux does not recognise "Edinburgh" as a capital when selecting the TZ during installation but it does recognise USA state capitals.
That's not a Fedora thing of even a Linux thing. It's due to the organization of the timezone database, which uses cities (not necessarily capitals) to pin down timezone locations.
For example, there is no Ottawa entry even though that is the capital of Canada, but it does have Toronto and Montreal simply because they are much bigger population-wise.
Also, Cardiff has no entry although it is the capital of Wales, and you don't hear the Welsh complaining. Well, maybe they are complaining but who would understand what they're saying?
I am very much in the middle. I have a smart phone on a $10/month pay-as-you-go plan in Canada.
The key thing is that it has WiFi. So if I'm in a typical coffee shop, googling etc is completely free. Plus I can also do VoIP calls then, so I don't even pay any cellphone rates in those places.
Outside of WiFi hotspots, I mostly use it as a "dumb" phone. However, on the rare occasion when I still desperately need to google something, I'll use the $1 data "day pass" option.
As for the GPS, it has very detailed maps already downloaded, so I can use that without any sort of phone data plan.
Some years back I read about a guy cruising around the world, and the hassle of gun regulations discouraged him from carrying arms.
So he built an imitation rocket launcher out of tubing and other plumbing equipment. Whenever a suspicious looking speedboat seemed to be heading his way, he'd haul it out and stand there in his cockpit with it on his shoulder.
On more than one occasion the speedboat in question would do a U-turn and leave...
Beta radiation detectors in general don't have a lot of use in the field because there is always gamma radiation with beta radiation. And small gamma detectors already exist, such as the digital electronic portable dosimeters workers at nuclear plants use. If there is a question about beta dose, these same workers have thermoluminescent dosimeters with beta windows that can be analyzed on-site. If you actually need to survey an area, you can always use a beta-gamma dosimeter, but you would only do that if you were health physics tech.
There is no real use for this device.
FTFA:
Each kind of radioactive material produces different ratios of gamma rays to beta particles, and so from the signal one can tell what it is. A basic use for the detector is to see whether a soil sample, for example, is contaminated with anything radioactive. It could also be used to check whether a given area is worth mining for elements such as uranium.
Their claim is that the beta/gamma ratio (which it detects) is useful. Are you saying it is not?
Python whitespace is conceptually pretty close, probably why I find it repulsive.
Python whitespace in a nutshell: Indent your code as always. Next, don't bother with any brace brackets because you're done.
Why this bothers anybody is utterly beyond me. On the other hand, when I write C these days I sometimes wonder why I have to babysit the compiler by entering a bunch of brace brackets when the indentation is already there showing the code structure plain as a day.
Yeah, you cannot make any kind of a reasonable receiver with just two transistors. Especially not if you want FM. And of course there's no way any manufacturer would include unnecessary parts, especially transistors back in the day when they were expensive.
That said here is the story of a Japanese POW camp AM radio that was cobbled together using a single vacuum tube. That's a basic regenerative receiver, AM only.
"1-bit DAC" is basically PDM (Pulse DensityModulation). Calling it "1-bit" is a confusing marketing term.
It's hard to make an accurate DAC, since the weightings of the inputs have to be perfect powers of two which is hard to pull off. So instead, they use a very high frequency and use an on/off signal in the time domain to indicate the desired voltage. For example, to indicate "one fiftieth" you just leave the signal on for one fiftieth of your chosen time interval. This is very easy to do accurately using a crystal oscillator and a counter.
Then in the end you use a low pass filter to make the final analogue signal. Cheap and practically errorless.
This image hopefully makes it clearer
The other nice thing about OTP is that for a given encrypted message, you can create an OTP that produces any message you want.
So, for example, if the message gets intercepted and the NSA demands you produce the OTP key, you can provide one that decrypts the message into a recipe for cranberry muffins.
The tough new standard? Must contain upper and lower case. Must contain at least one number. Must be EIGHT characters long.
The next logical step would be to mandate that everybody's password must be "Gv7nLXyP".