So right now it's nearly ten times more expensive to watch something over the net. Not to mention how it's not entirely a good use of broadcast resources.
Why wouldn't you click on the lock? We are talking about security, right security guy?
I did click the lock. I didn't run as admin. I ran Osiris. I took regular backups. All these things were a hassle, and it still would have ruined my day if my account had gotten hacked.
Security isn't about what paranoid people can do to lock down their machines. It's about what everyone else does. It's about the default. My dad (a history professor), my sister (a film person), and probably even my roommate (math/physics/cs) don't click the lock. They also don't make regular backups. They definitely don't run Osiris. They all run as admin, because that's the default.
I owned a Mac for 3 years, and my family has had a Mac for the past for 15-odd years.
I had thought that you only needed a root-level password to change the firewall settings if you had clicked the lock icon. I'm not sure about this, because I always clicked the lock icon. I sold my Mac last year and am running Linux now, so I can't check it; it also might be different under Tiger.
Anyway, the firewall isn't the point. An attacker with access to your account can steal or destroy your data (FileVault doesn't protect you at all here). He can serve ads to your desktop. He can run an IRC zombiebot, a spambot, whatever (the OS X firewall doesn't block outgoing connections unless you manually edit ipfw config files as root, and anyway, who would block outgoing SMTP?). He can steal your email password, your bank password, your PayPal password, your SSN and personal info, your credit card number. He can backdoor your.bashrc, your preferences files, your folder actions, your applescripts, your mail filter rules, probably plenty of other things. If you're admin, he can also backdoor your applications, and he can keylog your password and escalate to root. If you're not admin, he can still probably escalate by a local root attack. Even if he can't escalate and install a rootkit, he can arrange that all these changes are invisible to you, if not to other users.
On any widely-deployed desktop OS, current or past, Free or proprietary, you are thoroughly owned if an experienced attacker has access to your account. This is one of the biggest and most important open problems in computer security, and it will probably be open for another decade.
Yes it does. If I reboot and arbtrary code was running with my account privilages, all applications are still intact. I can use a different user account, copy my files over, delete my account, and remake it, copy the files back.. Yeah its a PITA, but it beats getting PWND.
This works... assuming that they haven't escalated, either by a local kernel exploit or by keylogging your password, and on a Mac, additionally assuming you aren't running as an "admin" user (the default user type, which is short of root but can modify applications, services, firewall settings,...), and assuming they didn't backdoor any of your files. But in practice, it's easier to reformat and reinstall than to verify the first of these; the second is almost always true on a Mac; and the third is hard to verify at all on any platform.
You could, of course, be running TripWire or Osiris or something equivalent. Which is itself a pain, but if you get hacked, it makes it easier to verify at least that you haven't been rooted, and possibly that your setting haven't been backdoored.
...Macs being set up with a user level account as opposed to Windows default admin account are much less liable to being actually exploited.
I'm sick and tired of this line. It doesn't matter that Macs or Linux have a user-level account by default, unless you're on a locked-down multi-user machine. And even then it doesn't matter much.
Attackers don't need root on your machine for the vast majority of exploits. They can steal all your data, install spambots and adservers on your machine, listen from IRC and attack other computers all they like with a user-level account. They might not be able to put in a rootkit, but that doesn't help you unless other users are looking at your account to make sure it hasn't been compromised.
Furthermore, the account you get on OS X might as well be root: the default user is an admin, who can install and modify applications without even invoking sudo. He just can't modify the kernel, darn. Furthermore, it's very common for OS X, Windows and Linux to have local root exploits. A bunch of Linux compute servers in our CS department got compromised this way: someone broke into a user account (no idea how it was compromised) and escalated to root. And obviously we patch, but not as often as you might like, because people have long-running computations on these servers so they can't be restarted every week.
Even in the absence of local root exploits, you can get root by keylogging (gtk)sudo. Even if sudo implemented some kind of armored pathway from the keyboard driver, you could hack it by putting up a fake dialog. Even if that were prevented (by some kind of private system-wide image or something), I wouldn't trust the update manager to be Shatter-resistant.
For home users, no widely deployed desktop operating system has any significant measure of security once someone has compromised the main user account, and none ever has. Microsoft's red/green and other virtualization solutions might fix this eventually, or at least alleviate the problem, but don't pretend that Linux or OS X is in any better a position than Windows.
And yes, I am a computer security expert. Or at least, I'm studying to become one.
Yeah, and the weird thing is, the boat guys don't say they want to use only direct solar, but rather that they want to use only renewable energy sources. They're going to use hydrogen for their "around the world in 80 days" thing. So why can't they use wind, too? Because it's been done before, I guess.
Swipe card + smart card is not two-factor authentication.
The most reasonable two-factor authentication that I know of is a single, unique password for your smart card, which maybe changes occasionally and maybe doesn't. The smart card then does all the authentication to the server. If the card is designed properly, nobody can get the private key off it by hacking your computer (they need physical access to the card, and a well-equipped electronics lab), and if they steal the card but don't have the lab, they can't authenticate without your password.
RSA's SecureID model 520 is even better in this respect, because the attacker can't hope to get your password by hacking your computer, but it's more expensive than a smart card. I'd also worry about oil or wear on the keys giving away the PIN up to permutation. The other SecureIDs are equivalent to a smart card in terms of threat modeling.
TopCoder and other competitions are as much about the coaches and the effort people put into training as they are about intelligence. The people who do really well on these competetions train very hard, specifically for computer science contests, and the University of Warsaw people have a really, really good coach.
I think that America does poorly on TopCoder not because we have poor students (although America's educational system could be better), but rather because Americans aren't as interested in it. I don't know who the other two Americans are, but I expect that several of my friends and I would have a good shot at Las Vegas if we studied a few hours a week as an extracurricular, particularly if we had a coach as good as the Polish guy.
I'm not just spouting this, either. TopCoder is very similar to the math olympiads and the Putnam (which I have first-hand experience with), so much so that the same people often do well at both (Reid Barton, Po-Ru and Po-Shen Loh won multiple gold, gold and silver respectively at the IMO).
When anyone trys to access your page from one of those ISP, redirect them to a page explaining that the ISP is holding back bandwidth to this site so your expierence may be slower than it should be.
This would be far too heavy-handed on Google's part: they'd be replacing a small annoyance (pages loading slower by a couple hundred milliseconds) with a large annoyance (redirect/advertising pages). A much more reasonable solution is to wait for ISPs to implement this crap, then have a link on their affected pages saying "Why is Google so slow?" which, like your redirect idea, show up only for customers of evil ISPs. The linked page can have all the necessary blame and links to competitors.
Google wins in this situation only if they can make the ISPs the bad guys. Redirects are not the way to do this. They also need customers to have some effective option against the ISPs: either a competitor in the area, which there often isn't, or bitter and repeated complaining, or lobbying Congress.
"Safe" languages usually have ways to subvert their safety guarantees. Haskell, for instance, has functions which subvert the type system (their names begin with "unsafe"). If that's not enough (and it often isn't, particularly for writing windowing toolkits and such), you can use the foreign function interface with C. This produces some unsafe code, but the vast majority of the application is still safe.
The point of using something like Haskell, though, is that you can't write a buffer overflow without trying really hard. You can't write something like that recent X vulnerability either: a function can't be treated as a boolean. And, because the language is designed by "teachers of pure mathematics," it can figure out almost all the types in your program for you (although certain of them are documented by convention, to make your code more readable).
Haskell goes a step further than most other languages by requiring that functions do not have side effects. In a mathematical sense, nothing you write in Haskell can have a side effect; instead, what your program does is compute one big action. In a more practical sense, the type of a function which, say, opens a file is not "string -> file" but rather "string -> IO file", indicating that the operation performs IO.
Haskell's type system has a significant disadvantage in that it makes procedural code different from functional code and can sometimes make designs difficult, but it also has an enormous advantage: programmers can add new features (such as software transactional memory) to the language in a completely safe way, because interfaces specify not only what a function returns, but what kind of actions it does. You can't do this in C, because the side effects of everything you do (stack manipulation, even) will turn the program into a train wreck on transaction retries.
Haskell also has a powerful object system, which is fundamentally different from OO. Instead of dynamic method dispatch, the type checker figures out what type an object is statically, and then runs different code (which is automatically generated from the class definitions) for different object types. This limits the amount by which objects and their descendents can be mixed in a program, but also increases speed and allows other useful tricks.
Yeah, more or less agreement here, although I found some bugs and things requiring fiddling. I installed the upgrade on two machines, my laptop and my desktop.
Worked out of the box: - Laptop integrated video. - Sound. - Sleep and hibernate. Dapper is the first non-Windows OS I've tried that could do both of these; previous Linux versions I'd tried lost data on sleep. Better updating when waking up (eg, laptop doesn't think it's still plugged in after waking up). - CPU frequency scaling. - Most Toshiba magic buttons: power, lid, mute, sleep, hibernate, external, brightness, wireless, keypad. - Trackpad scrollwheel emulation. - Network drivers, wireless and wired. - Boot splash. Totally unneccessary, I know, but pretty. - Update notifications. Aptful shiny. - All that Gnome shiny we know and love. - USB, firewire, automounting.
Required fiddlement: - Networking system doesn't autodetect which interface might have link, requiring "sudo ifup eth1" to bring up secondary (wired) interface. - Installer didn't work first time around on my laptop. - Braille terminal installed by default, adds unneccessary carping in system logs. - Different version of Unison synchronizer in apt; the old version should still be there since it's stable and requires same version. - Desktop (nVidia) binary video drivers. - "Human" theme is hella ugly.
Still not working: - All them weird video codecs. WMV, RM, etc. - Toshiba trackpad-off control, screen lock, media controls, processor frequency, probably a few other ones. Haven't really tried to get these working.
Bugs: - Two screensaver pref panels. Sometimes they interfere wrt display sleep. - Icon cacheing bug in menus. - Occasional dumb package dependencies. - PS1='\[\e]2;...\]' cursor bug in bash/terminal emulator/something.
Sorry for the extra reply, but remember that silencing often increases temperature, and high temperature causes component failures. Because my machine runs extremely cool -- CPU core temp stays under 40C even under load, and the hard drive has a fan directly on it -- I expect it to last longer than if I cut the fans.
Not unless you go silent with the rest of your system. Spending more to get silence is very much worth it for some folks. I spent as much on silencing my personal computer as I did on parts and most of it will be reusable when I upgrade.
If said system is under your desk, and you get a good, quiet PSU (like the Seasonic), you probably won't be able to hear it. If it's on your desk, it's probably SFF, and so this ATX supply isn't going to help.
If you're in audio production or whatever, you might actually need your computer to be entirely silent. In this case, you'll need to dump the hard drive or at least put it in one of those foam boxes. You'll also need to make sure all your components are well-constructed so that the caps and inductors don't vibrate in the dc-dc converters and such. Either of these can be much louder than the fan.
Not being in audio production, I want a quiet computer but I don't want to spend enough or sacrifice enough performance to make it silent. A reasonably low-power CPU with a Zalman HSF, a midline video card with another Zalman fan, rubber grommeting on the hard drive, and quiet case fans makes my system very quiet most of the time (the shoddy northbridge fan still makes a fair amount of noise; it will have to go when I have time to replace it with a passive HS). That said, I can hear the fans if the room is quiet and the system is under load, and I can hear the hard drive if it's seeking.
I have a Seasonic PSU, and it seems better in almost every way. The Seasonic's fan is very quiet, its construction is excellent, the efficiency is very high, it provides more peak power, and it costs less than this silly thing. I assume that it's also lighter, due to having a sanely-sized heat sink.
Now, while this PSU is "totally silent", the power supply is assumed to have at least a minimal fan by just about every ATX system designer. As another poster mentioned, if yours doesn't have a fan, you're going to have to either choose very low-power components, or put in/ramp up other fans to compensate. So unless you're going to put this on some teeny underpowered VIA or Pentium-M-based system, you're going to make up in noise anyway.
Unfortunately, that isn't possible. The patent office can grant a temporary monopoly on the production of a given good, but they can't create magnetic monopolies.
<rimshot>
Re:Yup as long as Dell isn't doing it
on
OSx86 Cracked Again
·
· Score: 3, Insightful
This is not quite true. Assuming he actually wouldn't have bought the Lamborghini, which is pretty reasonable for most people, he definitely isn't actually hurting the manufacturer. However, he probably would have bought some other car instead, so he is hurting Ford, or Toyota, or Honda, or whatever company.
Therefore, your argument does not apply particularly well in the software world or in the music world. Suppose someone pirates Windows, but he would have run Linux otherwise. That person isn't particularly hurting the Linux community unless he would have contributed. He's also not hurting Microsoft if he wouldn't have bought Windows anyway. Similarly, with music, inferior music generally does not come at lower prices, so pirates of Good Band X certainly wouldn't have bought Less-Good Band Y.
The reason that piracy usually does hurt software (and arguably music) companies is that while the pirates wouldn't have bought all the stuff they pirated, they probably would have bought some of it. Most of the ones that say they wouldn't are lying, plain and simple. Therefore, if the extra press created by more copies of the pirated stuff floating around isn't enough to cancel the lost sales (and it isn't if everyone pirates everything), then the companies lose money.
In this case, it's unclear. If you buy OS X and run it illegally on a Dell laptop or something, Apple doesn't get the margin on the sales of whatever Mac you would have bought, but they do get the margin on OS X, which is nearly the full price you paid. Depending on the margins and on the number of people who would have actually bought the Mac, Apple may be better off here. However, Apple is certainly not making money if you copy OS X and run it illegally, unless you decide that you love it but want better the driver support you'd get with a real Mac.
Interesting. It will be cool to see how this develops. Personally, I wrote a paper (not published, for a class) analyzing this defense mechanism in peer-to-peer networks, that is, defending against worms which are aware of the overlay topology and can use it to their advantage. It came to quite different conclusions: unless the time to verify a signature is much less than the time to infect (which the Microsoft paper stated, but using strong assumptions like an 84MB virtual machine sitting around pinned to main memory on every host), the defenders usually lose. Variance is high, depending on how early in the attack a host is hit and how well-connected it is, but on average 70-80% of vulnerable machines in the overlay are infected for a reasonable set of parameters.
This paper also accounts for a factor that the Microsoft paper doesn't: it explicitly models diversity in vulnerabilities. The conclusion is that diversity helps the defenders, but with the forwarding model that Microsoft described, it doesn't help them by much because invulnerable hosts will not forward the SCA. Forwarding it always will open the network to denial-of-service attacks, but a happy medium (that is, to flood the SCA out to some distance before verifying it) does well and additionally gives the attacker a time edge. However, even with this time edge, the attacker is at a disadvantage particularly in a low-diameter overlay such as a Chord or Pastry network.
And, of course, this ignores the cost of implementing the defenses: every application needing protection must be instrumented, must run both on the honeypots and on the virtual machines. Honeypots need to have configurations with a distribution matching real systems, which makes them proportionally more expensive per service. Hosts must run even disabled services, or they won't be able to forward SCAs. Polymorphic worms may defeat the system anyway.
My conclusions: it's probably easier to write more secure software in the first place than to build and depend on this defense mechanism for peer-to-peer systems. Who knows for non-peer-to-peer systems?
Sorry, but you're mistaken. Jews don't write out or say G-d's titles outside of a prayer (or religious teaching) context. Take a look http://www.jewfaq.org/name.htm
Ah, you're right. I concede this point. But note that it is not because because of the commandment, but rather because the Name might be defaced or erased later.
Because of not wanting to promote false gods! It's not a matter of fear. It's just like Mac people not wanting to promote Windows.
Just as writing "Windows sucks" doesn't promote Windows, writing the name of a false god does not promote that god if the context makes it clear that you believe the god to be false.
Because, unlike Chr-stians that like to put up graven images of the "10 commandments" up, I hav actually read them.
While graven, they aren't exactly images. Furthermore, there does not seem to be any danger that we would bow down and worship them.
Of course, perhaps you are just trying to be funny, but I don't see how this falls under the "graven images" commandment (whether you consider that the first or second or what, dunno how you're counting them).
There's one about not using the L-rd's name in vein. And there's another one about not worshipping false gods.
So xtians shouldn't write out of the name of their deity unless it's a holy or sacred context, and non-xtians don't want to use the name of a false deity.
To avoid all this, I don't spell it out. This is consistent with Jewish custom.
First, Christ isn't His Name, it's His title. Jesus is the Name of the Son of God, but He allowed people to utter and write that Name, so I'm not sure where your concern comes from. Second, it is consistent with Jewish custom to write out and say God's titles. That's why they say (and write), "Baruch ata Adonai, elohenu melech ho-olom..." (pardon my spelling). Adonai, meaning Lord, is a title and therefore considered acceptable for writing. And if we can't write or say His titles except for in sacred context, how are we supposed to refer to Him outside of a sacred context? (This distiction is probably overly fine anyway: our whole lives should be acts of worship.) The Name which the Jews do not say is lost (the vowels at least) to history. Even that Name is written down, but in a special script so that they know not to speak it.
To avoid using the Lord's name in vain, don't use it as a curse: that and not to utter the one, specific Name (which we pretty much can't do anyway, but shouldn't attempt) are the two restrictions in Christian and Jewish custom.
Finally, why shouldn't non-Christians refer to the Name of a God they don't believe in? They need something to call Him, and if they don't believe in Him, they have no reason to fear using His name, in vain or otherwise.
And it's not just the media consumers, but the brains of media consumers, which were hardwired by evolution to prefer gossip, political posturing, and photos of pretty girls and cute babies eating ice cream over thoughtful, rational discourse.
So nobody believes in evolution because of evolution. Which to my mind pretty much proves that there's no intelligent designer involved in this process.
Interestingly, a friend of mine used this exact same idea to "prove" that atheism and a belief in evolution are not tenable together. The idea was something like, high-order abstract thinking and reasoning about a deity aren't particularly adaptive, so if you believe in evolution with no deity guiding it, you have to admit that your brain probably isn't very well suited to think about that sort of thing, i.e. you're probably wrong. This doesn't show that evolution and atheism are necessarily false, just that it's unreasonable to believe them together.
I'm Christian, but I'm more scientifically inclined and I don't think his argument holds water (nor does yours). Intelligence has clearly been adaptive, and I see no reason why mid-level thinking capability should not generalize to higher levels once it reaches a certain threshold. But it is an interesting argument, and it's amusing that you brought it up in the opposite direction.
Famous "Troll"s and "Flaimers:" people: Thomas Paine Thomas Jefferson Ben Franklin Karl Marx Dr. Rev. Martin Luther King Martin Luther Ghandi
I can't believe you left out the biggest flamebait of all time: Joan of Arc!
But seriously, a "troll" post in the classic sense is one designed to make the people responding to it look stupid. For instance, in a physics thread, posting something with technical-sounding but totally wrong physics is a troll. Similarly, well-desguised links to goatse.cx are also trolls.
The term has been extended to people who copy-paste the same stupid, false, offtopic things every time a story on a given topic comes up, eg, complaining about one-button mice or 17MB files in every Apple story, or saying that *BSD is dying in every BSD story. Perhaps these should be modded offtopic along with "fr1st ps0t b1tch3s", but they're frequently moderated troll.
Flamebait is an overused mod. It is intended to mod down only obscene and nasty posts ("flames"), and posts designed to attract them. These deserve to be modded down. However, I agree that it's being used too often against controversial statements. The solution is, if you're going to write a controversial statement, make sure it's well-thought-out, doesn't contain false information, and addresses the issue rationally rather than just calling the other side dipshits.
Martin Luther didn't write up a bunch of things calling the Catholics idiots, he addressed specific points that he had problems with, and brought in relevant evidence as to why they were wrong. King was one of the more eloquent speakers of his day; his speeches were brilliant, and were in line with both his beliefs and his actions. Similarly for Franklin; he is considered one of the cleverest diplomats and inventors of all time, and many of his essays are still considered authoritative. Karl Marx thought about his Communist Manifesto for more than 3 minutes, and once again backed it up with facts and evidence. Paine's satire was both funny and relevant, and Jefferson's writings are used as guidelines by judges and lawmakers today.
None of these compare with disguised links to disgusting pornographic images (or ASCII representations of said images), page wideners, stories about Richard Stallman getting raped by various animals, attempts to get idiots to show off their stupidity, or direct or semi-direct copies of false comments which have been posted at least 15,000 times.
Slashdot Mirror
So right now it's nearly ten times more expensive to watch something over the net. Not to mention how it's not entirely a good use of broadcast resources.
That's what multicast is for.
Why wouldn't you click on the lock? We are talking about security, right security guy?
I did click the lock. I didn't run as admin. I ran Osiris. I took regular backups. All these things were a hassle, and it still would have ruined my day if my account had gotten hacked.
Security isn't about what paranoid people can do to lock down their machines. It's about what everyone else does. It's about the default. My dad (a history professor), my sister (a film person), and probably even my roommate (math/physics/cs) don't click the lock. They also don't make regular backups. They definitely don't run Osiris. They all run as admin, because that's the default.
I owned a Mac for 3 years, and my family has had a Mac for the past for 15-odd years.
.bashrc, your preferences files, your folder actions, your applescripts, your mail filter rules, probably plenty of other things. If you're admin, he can also backdoor your applications, and he can keylog your password and escalate to root. If you're not admin, he can still probably escalate by a local root attack. Even if he can't escalate and install a rootkit, he can arrange that all these changes are invisible to you, if not to other users.
I had thought that you only needed a root-level password to change the firewall settings if you had clicked the lock icon. I'm not sure about this, because I always clicked the lock icon. I sold my Mac last year and am running Linux now, so I can't check it; it also might be different under Tiger.
Anyway, the firewall isn't the point. An attacker with access to your account can steal or destroy your data (FileVault doesn't protect you at all here). He can serve ads to your desktop. He can run an IRC zombiebot, a spambot, whatever (the OS X firewall doesn't block outgoing connections unless you manually edit ipfw config files as root, and anyway, who would block outgoing SMTP?). He can steal your email password, your bank password, your PayPal password, your SSN and personal info, your credit card number. He can backdoor your
On any widely-deployed desktop OS, current or past, Free or proprietary, you are thoroughly owned if an experienced attacker has access to your account. This is one of the biggest and most important open problems in computer security, and it will probably be open for another decade.
Yes it does. If I reboot and arbtrary code was running with my account privilages, all applications are still intact. I can use a different user account, copy my files over, delete my account, and remake it, copy the files back.. Yeah its a PITA, but it beats getting PWND.
...), and assuming they didn't backdoor any of your files. But in practice, it's easier to reformat and reinstall than to verify the first of these; the second is almost always true on a Mac; and the third is hard to verify at all on any platform.
This works... assuming that they haven't escalated, either by a local kernel exploit or by keylogging your password, and on a Mac, additionally assuming you aren't running as an "admin" user (the default user type, which is short of root but can modify applications, services, firewall settings,
You could, of course, be running TripWire or Osiris or something equivalent. Which is itself a pain, but if you get hacked, it makes it easier to verify at least that you haven't been rooted, and possibly that your setting haven't been backdoored.
...Macs being set up with a user level account as opposed to Windows default admin account are much less liable to being actually exploited.
I'm sick and tired of this line. It doesn't matter that Macs or Linux have a user-level account by default, unless you're on a locked-down multi-user machine. And even then it doesn't matter much.
Attackers don't need root on your machine for the vast majority of exploits. They can steal all your data, install spambots and adservers on your machine, listen from IRC and attack other computers all they like with a user-level account. They might not be able to put in a rootkit, but that doesn't help you unless other users are looking at your account to make sure it hasn't been compromised.
Furthermore, the account you get on OS X might as well be root: the default user is an admin, who can install and modify applications without even invoking sudo. He just can't modify the kernel, darn. Furthermore, it's very common for OS X, Windows and Linux to have local root exploits. A bunch of Linux compute servers in our CS department got compromised this way: someone broke into a user account (no idea how it was compromised) and escalated to root. And obviously we patch, but not as often as you might like, because people have long-running computations on these servers so they can't be restarted every week.
Even in the absence of local root exploits, you can get root by keylogging (gtk)sudo. Even if sudo implemented some kind of armored pathway from the keyboard driver, you could hack it by putting up a fake dialog. Even if that were prevented (by some kind of private system-wide image or something), I wouldn't trust the update manager to be Shatter-resistant.
For home users, no widely deployed desktop operating system has any significant measure of security once someone has compromised the main user account, and none ever has. Microsoft's red/green and other virtualization solutions might fix this eventually, or at least alleviate the problem, but don't pretend that Linux or OS X is in any better a position than Windows.
And yes, I am a computer security expert. Or at least, I'm studying to become one.
Yeah, and the weird thing is, the boat guys don't say they want to use only direct solar, but rather that they want to use only renewable energy sources. They're going to use hydrogen for their "around the world in 80 days" thing. So why can't they use wind, too? Because it's been done before, I guess.
Swipe card + smart card is not two-factor authentication.
The most reasonable two-factor authentication that I know of is a single, unique password for your smart card, which maybe changes occasionally and maybe doesn't. The smart card then does all the authentication to the server. If the card is designed properly, nobody can get the private key off it by hacking your computer (they need physical access to the card, and a well-equipped electronics lab), and if they steal the card but don't have the lab, they can't authenticate without your password.
RSA's SecureID model 520 is even better in this respect, because the attacker can't hope to get your password by hacking your computer, but it's more expensive than a smart card. I'd also worry about oil or wear on the keys giving away the PIN up to permutation. The other SecureIDs are equivalent to a smart card in terms of threat modeling.
Internet, Schminternet,
Microsoft protocol
Documentation is
Coming too slow.
Hurry it up, for your
Anticompetitive
Tactics sow hatred for
Your CEO.
TopCoder and other competitions are as much about the coaches and the effort people put into training as they are about intelligence. The people who do really well on these competetions train very hard, specifically for computer science contests, and the University of Warsaw people have a really, really good coach.
I think that America does poorly on TopCoder not because we have poor students (although America's educational system could be better), but rather because Americans aren't as interested in it. I don't know who the other two Americans are, but I expect that several of my friends and I would have a good shot at Las Vegas if we studied a few hours a week as an extracurricular, particularly if we had a coach as good as the Polish guy.
I'm not just spouting this, either. TopCoder is very similar to the math olympiads and the Putnam (which I have first-hand experience with), so much so that the same people often do well at both (Reid Barton, Po-Ru and Po-Shen Loh won multiple gold, gold and silver respectively at the IMO).
When anyone trys to access your page from one of those ISP, redirect them to a page explaining that the ISP is holding back bandwidth to this site so your expierence may be slower than it should be.
This would be far too heavy-handed on Google's part: they'd be replacing a small annoyance (pages loading slower by a couple hundred milliseconds) with a large annoyance (redirect/advertising pages). A much more reasonable solution is to wait for ISPs to implement this crap, then have a link on their affected pages saying "Why is Google so slow?" which, like your redirect idea, show up only for customers of evil ISPs. The linked page can have all the necessary blame and links to competitors.
Google wins in this situation only if they can make the ISPs the bad guys. Redirects are not the way to do this. They also need customers to have some effective option against the ISPs: either a competitor in the area, which there often isn't, or bitter and repeated complaining, or lobbying Congress.
I'll bite.
"Safe" languages usually have ways to subvert their safety guarantees. Haskell, for instance, has functions which subvert the type system (their names begin with "unsafe"). If that's not enough (and it often isn't, particularly for writing windowing toolkits and such), you can use the foreign function interface with C. This produces some unsafe code, but the vast majority of the application is still safe.
The point of using something like Haskell, though, is that you can't write a buffer overflow without trying really hard. You can't write something like that recent X vulnerability either: a function can't be treated as a boolean. And, because the language is designed by "teachers of pure mathematics," it can figure out almost all the types in your program for you (although certain of them are documented by convention, to make your code more readable).
Haskell goes a step further than most other languages by requiring that functions do not have side effects. In a mathematical sense, nothing you write in Haskell can have a side effect; instead, what your program does is compute one big action. In a more practical sense, the type of a function which, say, opens a file is not "string -> file" but rather "string -> IO file", indicating that the operation performs IO.
Haskell's type system has a significant disadvantage in that it makes procedural code different from functional code and can sometimes make designs difficult, but it also has an enormous advantage: programmers can add new features (such as software transactional memory) to the language in a completely safe way, because interfaces specify not only what a function returns, but what kind of actions it does. You can't do this in C, because the side effects of everything you do (stack manipulation, even) will turn the program into a train wreck on transaction retries.
Haskell also has a powerful object system, which is fundamentally different from OO. Instead of dynamic method dispatch, the type checker figures out what type an object is statically, and then runs different code (which is automatically generated from the class definitions) for different object types. This limits the amount by which objects and their descendents can be mixed in a program, but also increases speed and allows other useful tricks.
Yeah, more or less agreement here, although I found some bugs and things requiring fiddling. I installed the upgrade on two machines, my laptop and my desktop.
Worked out of the box:
- Laptop integrated video.
- Sound.
- Sleep and hibernate. Dapper is the first non-Windows OS I've tried that could do both of these; previous Linux versions I'd tried lost data on sleep. Better updating when waking up (eg, laptop doesn't think it's still plugged in after waking up).
- CPU frequency scaling.
- Most Toshiba magic buttons: power, lid, mute, sleep, hibernate, external, brightness, wireless, keypad.
- Trackpad scrollwheel emulation.
- Network drivers, wireless and wired.
- Boot splash. Totally unneccessary, I know, but pretty.
- Update notifications. Aptful shiny.
- All that Gnome shiny we know and love.
- USB, firewire, automounting.
Required fiddlement:
- Networking system doesn't autodetect which interface might have link, requiring "sudo ifup eth1" to bring up secondary (wired) interface.
- Installer didn't work first time around on my laptop.
- Braille terminal installed by default, adds unneccessary carping in system logs.
- Different version of Unison synchronizer in apt; the old version should still be there since it's stable and requires same version.
- Desktop (nVidia) binary video drivers.
- "Human" theme is hella ugly.
Still not working:
- All them weird video codecs. WMV, RM, etc.
- Toshiba trackpad-off control, screen lock, media controls, processor frequency, probably a few other ones. Haven't really tried to get these working.
Bugs:
- Two screensaver pref panels. Sometimes they interfere wrt display sleep.
- Icon cacheing bug in menus.
- Occasional dumb package dependencies.
- PS1='\[\e]2;...\]' cursor bug in bash/terminal emulator/something.
They're trying to shoot themselves in the foot, but they're using blanks?
Sorry for the extra reply, but remember that silencing often increases temperature, and high temperature causes component failures. Because my machine runs extremely cool -- CPU core temp stays under 40C even under load, and the hard drive has a fan directly on it -- I expect it to last longer than if I cut the fans.
Not unless you go silent with the rest of your system. Spending more to get silence is very much worth it for some folks. I spent as much on silencing my personal computer as I did on parts and most of it will be reusable when I upgrade.
If said system is under your desk, and you get a good, quiet PSU (like the Seasonic), you probably won't be able to hear it. If it's on your desk, it's probably SFF, and so this ATX supply isn't going to help.
If you're in audio production or whatever, you might actually need your computer to be entirely silent. In this case, you'll need to dump the hard drive or at least put it in one of those foam boxes. You'll also need to make sure all your components are well-constructed so that the caps and inductors don't vibrate in the dc-dc converters and such. Either of these can be much louder than the fan.
Not being in audio production, I want a quiet computer but I don't want to spend enough or sacrifice enough performance to make it silent. A reasonably low-power CPU with a Zalman HSF, a midline video card with another Zalman fan, rubber grommeting on the hard drive, and quiet case fans makes my system very quiet most of the time (the shoddy northbridge fan still makes a fair amount of noise; it will have to go when I have time to replace it with a passive HS). That said, I can hear the fans if the room is quiet and the system is under load, and I can hear the hard drive if it's seeking.
I have a Seasonic PSU, and it seems better in almost every way. The Seasonic's fan is very quiet, its construction is excellent, the efficiency is very high, it provides more peak power, and it costs less than this silly thing. I assume that it's also lighter, due to having a sanely-sized heat sink.
Now, while this PSU is "totally silent", the power supply is assumed to have at least a minimal fan by just about every ATX system designer. As another poster mentioned, if yours doesn't have a fan, you're going to have to either choose very low-power components, or put in/ramp up other fans to compensate. So unless you're going to put this on some teeny underpowered VIA or Pentium-M-based system, you're going to make up in noise anyway.
I hope they've patented it!
Unfortunately, that isn't possible. The patent office can grant a temporary monopoly on the production of a given good, but they can't create magnetic monopolies.
<rimshot>
This is not quite true. Assuming he actually wouldn't have bought the Lamborghini, which is pretty reasonable for most people, he definitely isn't actually hurting the manufacturer. However, he probably would have bought some other car instead, so he is hurting Ford, or Toyota, or Honda, or whatever company.
Therefore, your argument does not apply particularly well in the software world or in the music world. Suppose someone pirates Windows, but he would have run Linux otherwise. That person isn't particularly hurting the Linux community unless he would have contributed. He's also not hurting Microsoft if he wouldn't have bought Windows anyway. Similarly, with music, inferior music generally does not come at lower prices, so pirates of Good Band X certainly wouldn't have bought Less-Good Band Y.
The reason that piracy usually does hurt software (and arguably music) companies is that while the pirates wouldn't have bought all the stuff they pirated, they probably would have bought some of it. Most of the ones that say they wouldn't are lying, plain and simple. Therefore, if the extra press created by more copies of the pirated stuff floating around isn't enough to cancel the lost sales (and it isn't if everyone pirates everything), then the companies lose money.
In this case, it's unclear. If you buy OS X and run it illegally on a Dell laptop or something, Apple doesn't get the margin on the sales of whatever Mac you would have bought, but they do get the margin on OS X, which is nearly the full price you paid. Depending on the margins and on the number of people who would have actually bought the Mac, Apple may be better off here. However, Apple is certainly not making money if you copy OS X and run it illegally, unless you decide that you love it but want better the driver support you'd get with a real Mac.
Interesting. It will be cool to see how this develops. Personally, I wrote a paper (not published, for a class) analyzing this defense mechanism in peer-to-peer networks, that is, defending against worms which are aware of the overlay topology and can use it to their advantage. It came to quite different conclusions: unless the time to verify a signature is much less than the time to infect (which the Microsoft paper stated, but using strong assumptions like an 84MB virtual machine sitting around pinned to main memory on every host), the defenders usually lose. Variance is high, depending on how early in the attack a host is hit and how well-connected it is, but on average 70-80% of vulnerable machines in the overlay are infected for a reasonable set of parameters.
This paper also accounts for a factor that the Microsoft paper doesn't: it explicitly models diversity in vulnerabilities. The conclusion is that diversity helps the defenders, but with the forwarding model that Microsoft described, it doesn't help them by much because invulnerable hosts will not forward the SCA. Forwarding it always will open the network to denial-of-service attacks, but a happy medium (that is, to flood the SCA out to some distance before verifying it) does well and additionally gives the attacker a time edge. However, even with this time edge, the attacker is at a disadvantage particularly in a low-diameter overlay such as a Chord or Pastry network.
And, of course, this ignores the cost of implementing the defenses: every application needing protection must be instrumented, must run both on the honeypots and on the virtual machines. Honeypots need to have configurations with a distribution matching real systems, which makes them proportionally more expensive per service. Hosts must run even disabled services, or they won't be able to forward SCAs. Polymorphic worms may defeat the system anyway.
My conclusions: it's probably easier to write more secure software in the first place than to build and depend on this defense mechanism for peer-to-peer systems. Who knows for non-peer-to-peer systems?
Or if you're really hardcore about low power consumption, VIA C3.
Or Via C7: 100 milliwatts while idle, and not so bloody slow as a C3. But good luck getting your hands on one.
Sorry, but you're mistaken. Jews don't write out or say G-d's titles outside of a prayer (or religious teaching) context. Take a look http://www.jewfaq.org/name.htm
Ah, you're right. I concede this point. But note that it is not because because of the commandment, but rather because the Name might be defaced or erased later.
Because of not wanting to promote false gods! It's not a matter of fear. It's just like Mac people not wanting to promote Windows.
Just as writing "Windows sucks" doesn't promote Windows, writing the name of a false god does not promote that god if the context makes it clear that you believe the god to be false.
Because, unlike Chr-stians that like to put up graven images of the "10 commandments" up, I hav actually read them.
While graven, they aren't exactly images. Furthermore, there does not seem to be any danger that we would bow down and worship them.
Of course, perhaps you are just trying to be funny, but I don't see how this falls under the "graven images" commandment (whether you consider that the first or second or what, dunno how you're counting them).
There's one about not using the L-rd's name in vein. And there's another one about not worshipping false gods.
So xtians shouldn't write out of the name of their deity unless it's a holy or sacred context, and non-xtians don't want to use the name of a false deity.
To avoid all this, I don't spell it out. This is consistent with Jewish custom.
First, Christ isn't His Name, it's His title. Jesus is the Name of the Son of God, but He allowed people to utter and write that Name, so I'm not sure where your concern comes from. Second, it is consistent with Jewish custom to write out and say God's titles. That's why they say (and write), "Baruch ata Adonai, elohenu melech ho-olom..." (pardon my spelling). Adonai, meaning Lord, is a title and therefore considered acceptable for writing. And if we can't write or say His titles except for in sacred context, how are we supposed to refer to Him outside of a sacred context? (This distiction is probably overly fine anyway: our whole lives should be acts of worship.) The Name which the Jews do not say is lost (the vowels at least) to history. Even that Name is written down, but in a special script so that they know not to speak it.
To avoid using the Lord's name in vain, don't use it as a curse: that and not to utter the one, specific Name (which we pretty much can't do anyway, but shouldn't attempt) are the two restrictions in Christian and Jewish custom.
Finally, why shouldn't non-Christians refer to the Name of a God they don't believe in? They need something to call Him, and if they don't believe in Him, they have no reason to fear using His name, in vain or otherwise.
Out of curiosity, why do you not write out the word "Christian"?
And it's not just the media consumers, but the brains of media consumers, which were hardwired by evolution to prefer gossip, political posturing, and photos of pretty girls and cute babies eating ice cream over thoughtful, rational discourse.
So nobody believes in evolution because of evolution. Which to my mind pretty much proves that there's no intelligent designer involved in this process.
Interestingly, a friend of mine used this exact same idea to "prove" that atheism and a belief in evolution are not tenable together. The idea was something like, high-order abstract thinking and reasoning about a deity aren't particularly adaptive, so if you believe in evolution with no deity guiding it, you have to admit that your brain probably isn't very well suited to think about that sort of thing, i.e. you're probably wrong. This doesn't show that evolution and atheism are necessarily false, just that it's unreasonable to believe them together.
I'm Christian, but I'm more scientifically inclined and I don't think his argument holds water (nor does yours). Intelligence has clearly been adaptive, and I see no reason why mid-level thinking capability should not generalize to higher levels once it reaches a certain threshold. But it is an interesting argument, and it's amusing that you brought it up in the opposite direction.
Famous "Troll"s and "Flaimers:" people:
Thomas Paine
Thomas Jefferson
Ben Franklin
Karl Marx
Dr. Rev. Martin Luther King
Martin Luther
Ghandi
I can't believe you left out the biggest flamebait of all time: Joan of Arc!
But seriously, a "troll" post in the classic sense is one designed to make the people responding to it look stupid. For instance, in a physics thread, posting something with technical-sounding but totally wrong physics is a troll. Similarly, well-desguised links to goatse.cx are also trolls.
The term has been extended to people who copy-paste the same stupid, false, offtopic things every time a story on a given topic comes up, eg, complaining about one-button mice or 17MB files in every Apple story, or saying that *BSD is dying in every BSD story. Perhaps these should be modded offtopic along with "fr1st ps0t b1tch3s", but they're frequently moderated troll.
Flamebait is an overused mod. It is intended to mod down only obscene and nasty posts ("flames"), and posts designed to attract them. These deserve to be modded down. However, I agree that it's being used too often against controversial statements. The solution is, if you're going to write a controversial statement, make sure it's well-thought-out, doesn't contain false information, and addresses the issue rationally rather than just calling the other side dipshits.
Martin Luther didn't write up a bunch of things calling the Catholics idiots, he addressed specific points that he had problems with, and brought in relevant evidence as to why they were wrong. King was one of the more eloquent speakers of his day; his speeches were brilliant, and were in line with both his beliefs and his actions. Similarly for Franklin; he is considered one of the cleverest diplomats and inventors of all time, and many of his essays are still considered authoritative. Karl Marx thought about his Communist Manifesto for more than 3 minutes, and once again backed it up with facts and evidence. Paine's satire was both funny and relevant, and Jefferson's writings are used as guidelines by judges and lawmakers today.
None of these compare with disguised links to disgusting pornographic images (or ASCII representations of said images), page wideners, stories about Richard Stallman getting raped by various animals, attempts to get idiots to show off their stupidity, or direct or semi-direct copies of false comments which have been posted at least 15,000 times.