While this is not allowed by many websites or by UNIX crypt passwords, Diceware makes for very good passwords that are easy to type and remember.
Basically, you take a list of words indexed by all possible rolls of 5 dice, 11111 through 66666. You roll 5 dice and pick a word, and repeat to desired password length, eg
cleft cam synod lacy yr
Sure, your password is longer this way, but you can memorize it easily and type it quite fast as it is a series of English words.
For my secure passwords, like PGP keys or banking, I use diceware, 7 words. This is some 85-90 bits of entropy and pretty much unbreakable for the forseeable future. For account passwords I use 3-4 words, which is enough that a database thief will break someone else's login first. For crypt shell accounts, I use mixed-case alphanumerics (similarly, about 48 bits of entropy). This adds up to under 10 good passwords to remember, and I don't change them often (no good changing a PGP password anyway, and I only change shell passwords occasionally).
For most websites (/.), I use a family of very weak passwords (a couple random words and symbols, but varies little from account to account), as I don't care much if you hack here and post in my name.
All these are in a heavily backed-up text file in case I forget them, encrypted with my PGP key.
While I agree with your point, OpenBSD's numbers are a bit skewed. For one thing, there has been one remote root compromise, not none.
Second, that "standard install" has most of the features turned off... No Apache, etc... I don't even know if SSHD is on by default. I mean, they could have zero remote root compromises if their standard install didn't include network drivers.
I know that OpenBSD can't possible comb every line of apache and all the other contrib software ten times over, but this would be a problem for the Debian folks too.
... you can't set the spam prefs until after you create an account, they start on, and changes take 90 days to take effect. But they say, we don't spam, you got this because you agreed to it. Bastards.
I'm considering building a server off the Nano-ITX, depending on price. Something the size of a small book to sit in a corner or on my desk, serving files over SSH with all that crypto acceleration. It will be a really cool platform... when it comes out.
Nano-ITX was annonced only a month and a half ago, and hasn't been released yet. So at least wait until the end of the year when they get it out before suggesting building beowulf clusters out of it.
This may be perceived as a stupid question, but what is to stop man-in-the-middle attacks against biometric authentication?
This is for checkout lanes. The wire is controlled by the grocery store; if you're going to insert a man in the middle, you have enough access to rob the place bare.
Unfortunately, you have been trolled. He lied at least about the following things:
Although VB can be compiled, it cannot be used for kernel programming.
The version numbers he cites were never concurrently in use.
That Linux does not support journaling, SMP, or memory protection is simply a lie. Memory protection has been around since the beginning; SMP is what SCO is suing over; journaling is present both in Ext3 and ReiserFS (a very nice filesystem, I use it on my laptop). It should also be noted that Windows 98 does not protect its memory.
Kernel panics cannot be caused by applications "crashing," and if an app we to cause a panic, you probably wouldn't know which one it was.
And of course the performance he cites is BS too. You might as well try help the guy whose new dual G5 takes 20 minutes to copy a 17 megabyte file, and meanwhile, Netscape won't work.
That is not an article claimed to be factual. It's opinion. It's counterpoint.
Second, this statement is not entirely false. There are local root exploits for Linux. They're less important than the remote ones, but there are more of them. They get patched more quickly, but it is still strongly advised not to give random people shell accounts for this very reason.
The virus doesn't attack people. It attacks bacteria. You can't just jump species from a bacterium to a human. And it's based on an existing virus, so it's not like it's entirely new either...
No, i meant that the cost of the drive can make tape more expensive than HD, not that it can make it cheaper than CDs. The no-disk-swapping thing is obvious.
Close! The way to compart the hardware is to use the compiler recommended by the Manufacturer for each product. Intel, for performance, would reccomend their own compiler while IBM, who contributed the G5 code generator to the GCC project, would recommend theirs (in this case, GCC.)
IBM's compiler is not GCC. Their C compiler for the PPC 970 beats the pants off of GCC, running some of the SPEC benchmarks several times faster (FPint). This is largely because IBM's optimizations for PPC processors got rejected from GCC for being too platform-specific.
I would like to see an official SPEC matchup between a dual G5 with the IBM compiler and a new dual Xeon with Intel's.
Apple's initial benchmarks were weird, too, because they compared a machine that would not ship for FOUR months (and I'm being generous here) to a 6-month old DELL unit. Fair would be to ask Dell for a sample of a machine to be released next quarter and test against that.
Yeah, they cheated there.
As it is, the P4, even crippled with HT turned off, BEAT the G5 with its faster bus in all the integer tests. By Apple's own admission.
Yup, though not by much. According to Veritest, though, they ran the tests with and without HT, and without HT was faster. This may be because GCC did not optimize correctly for HT, but then we're back in the compiler argument again.
Apple also installed a single-thread speed-demon malloc library on the Mac and, as far is I can tell, not on the PC, so they are definitely guilty of cheating. But they didn't cheat as much as you say, or more than anyone else cheats on their benchmarks. And in the US, you can say something is the best if you can make it look better than the competition without cheating more than the other guys do.
Back up to a set of hard drives. Seriously. The cost/MB is still the cheapest out there, and it's more flexible, and heck, way faster than tape.
Last time I checked, CDs were about 30 US cents on the gig (ok, say 50c for good CDs). DVD-Rs were about on dollar to the gig. Hard drives were about 80c on the gig for cheap ones. Tape was also about 50 cents on the gig.
The equalizer is the cost of the drive. CD drives are dirt cheap; if you back up to hard drive, the drive is the media; but if you amortize the cost of the tape drive over, say 100 terabytes (not so unreasonable given the durability of tape drives), you bring up your cost to maybe 55 cents on the gig for tape. Granted, if you back up only 10 terabytes, it's no cheaper than hard drives.
So, if you're a large company that makes lots of backups, tape is still cheaper. If you're an individual without too much porn/mp3s, CDs are the way to go; if you're in between, go ahead for hard drives.
No, he meant the one where the tokens are worth 100 times as much, but only 1 out of 100 gets cashed. It would work quite well in theory, but in practice users don't understand randomness, and wouldn't buy it.
The advantage of the UNIX "everything is a stream of bytes" approach is that it's simple. It makes your application much easier to check for security (so long as you don't overrun a buffer) at the expense of making parsing difficult.
There are other approaches to communication that I'd like to see, though. Specifically, a better version of shm, and better approaches for ad-hoc connections to a server. Something like devices which can be programmed by the user (better than named pipes), perhaps.
Keeping your tunes organized in more than one way is one of the few good uses of hard links. All you have to do is hard-link all your mp3s into one directory, then import and organize that directory. Of course, this won't work on a Windows box...
I have a B+ average, and this is because I'm taking hard classes and don't care much about my grades. For instance, I don't cram much for tests, because in the long run I don't learn anything that way. Instead, I spend my time programming, raytracing, maintaining my website, doing outside reading, and Slashdotting.
Now, I don't know if this was true at Yale in W's time, but these days grades are so inflated at most colleges that not getting a B average is pretty disgraceful, something like the bottom 10% of the class. There are plenty of classes here in which it's rare not to get an A. Once upon a time (100 years ago?), there was the concept of a "gentleman's C"; that is, if you didn't like a class, you could stop putting effort into the work and still pass with a C. Today you can usually get a B+ with relatively little effort; you have to be either lazy, inept or extremely unlucky to get worse than a B-. I managed to get a C+ once, and it was a through combination of extreme laziness, unluckiness, and dislike for the class.
Slashdot Mirror
I hear a little pig's blood works wonders.
That was MY joke! And it's a lamb, not a pig!
While this is not allowed by many websites or by UNIX crypt passwords, Diceware makes for very good passwords that are easy to type and remember.
Basically, you take a list of words indexed by all possible rolls of 5 dice, 11111 through 66666. You roll 5 dice and pick a word, and repeat to desired password length, eg
cleft cam synod lacy yr
Sure, your password is longer this way, but you can memorize it easily and type it quite fast as it is a series of English words.
For my secure passwords, like PGP keys or banking, I use diceware, 7 words. This is some 85-90 bits of entropy and pretty much unbreakable for the forseeable future. For account passwords I use 3-4 words, which is enough that a database thief will break someone else's login first. For crypt shell accounts, I use mixed-case alphanumerics (similarly, about 48 bits of entropy). This adds up to under 10 good passwords to remember, and I don't change them often (no good changing a PGP password anyway, and I only change shell passwords occasionally).
For most websites (/.), I use a family of very weak passwords (a couple random words and symbols, but varies little from account to account), as I don't care much if you hack here and post in my name.
All these are in a heavily backed-up text file in case I forget them, encrypted with my PGP key.
While I agree with your point, OpenBSD's numbers are a bit skewed. For one thing, there has been one remote root compromise, not none.
Second, that "standard install" has most of the features turned off... No Apache, etc... I don't even know if SSHD is on by default. I mean, they could have zero remote root compromises if their standard install didn't include network drivers.
I know that OpenBSD can't possible comb every line of apache and all the other contrib software ten times over, but this would be a problem for the Debian folks too.
The human body is not porn. The penis is not porn. ads do not become porn just by being about the penis - even with pictures.
Anyone who thinks that a picture of a penis is porn is thinking like a child. Grow up.
And what about those spams inviting you to cum look at HOT SLUTS TIGHT ANAL FUCKED WITH 8-INCH COCKS?
Furthermore, ads with pictures of penises, while not porn, are certainly indecent. Being naked in public isn't porn, but it's still illegal...
... you can't set the spam prefs until after you create an account, they start on, and changes take 90 days to take effect. But they say, we don't spam, you got this because you agreed to it. Bastards.
I'm considering building a server off the Nano-ITX, depending on price. Something the size of a small book to sit in a corner or on my desk, serving files over SSH with all that crypto acceleration. It will be a really cool platform... when it comes out.
Nano-ITX was annonced only a month and a half ago, and hasn't been released yet. So at least wait until the end of the year when they get it out before suggesting building beowulf clusters out of it.
This may be perceived as a stupid question, but what is to stop man-in-the-middle attacks against biometric authentication?
This is for checkout lanes. The wire is controlled by the grocery store; if you're going to insert a man in the middle, you have enough access to rob the place bare.
Unfortunately, you have been trolled. He lied at least about the following things:
Although VB can be compiled, it cannot be used for kernel programming.
The version numbers he cites were never concurrently in use.
That Linux does not support journaling, SMP, or memory protection is simply a lie. Memory protection has been around since the beginning; SMP is what SCO is suing over; journaling is present both in Ext3 and ReiserFS (a very nice filesystem, I use it on my laptop). It should also be noted that Windows 98 does not protect its memory.
Kernel panics cannot be caused by applications "crashing," and if an app we to cause a panic, you probably wouldn't know which one it was.
And of course the performance he cites is BS too. You might as well try help the guy whose new dual G5 takes 20 minutes to copy a 17 megabyte file, and meanwhile, Netscape won't work.
I recently saw a movie where the head surgeon made all the operation on little children with brain tumors.
Well, I certainly wouldn't want a foot surgeon to operate on them...
But I feel it's just like a car: most people don't understand the inner workings - but they wouldn't buy one on which the hood is sealed.
Yeah, that would play havoc with the air intake...
That is not an article claimed to be factual. It's opinion. It's counterpoint.
Second, this statement is not entirely false. There are local root exploits for Linux. They're less important than the remote ones, but there are more of them. They get patched more quickly, but it is still strongly advised not to give random people shell accounts for this very reason.
The virus doesn't attack people. It attacks bacteria. You can't just jump species from a bacterium to a human. And it's based on an existing virus, so it's not like it's entirely new either...
How can Wal-Mart include an RFID tag in music downloads?! How will they be able to track me?
Don't worry... your IP address, WalMart Valued Customer Number, and credit card number should be enough.
Everybody knows that memory doesn't grow on trees.
That's the idea. Don't you still use CDRs?
No, he's asserting that it's sometimes a bad thing. Which it is, sometimes. Like when your debt is skyrocketing. Like now.
No, i meant that the cost of the drive can make tape more expensive than HD, not that it can make it cheaper than CDs. The no-disk-swapping thing is obvious.
Close! The way to compart the hardware is to use the compiler recommended by the Manufacturer for each product. Intel, for performance, would reccomend their own compiler while IBM, who contributed the G5 code generator to the GCC project, would recommend theirs (in this case, GCC.)
IBM's compiler is not GCC. Their C compiler for the PPC 970 beats the pants off of GCC, running some of the SPEC benchmarks several times faster (FP int). This is largely because IBM's optimizations for PPC processors got rejected from GCC for being too platform-specific.
I would like to see an official SPEC matchup between a dual G5 with the IBM compiler and a new dual Xeon with Intel's.
Apple's initial benchmarks were weird, too, because they compared a machine that would not ship for FOUR months (and I'm being generous here) to a 6-month old DELL unit. Fair would be to ask Dell for a sample of a machine to be released next quarter and test against that.
Yeah, they cheated there.
As it is, the P4, even crippled with HT turned off, BEAT the G5 with its faster bus in all the integer tests. By Apple's own admission.
Yup, though not by much. According to Veritest, though, they ran the tests with and without HT, and without HT was faster. This may be because GCC did not optimize correctly for HT, but then we're back in the compiler argument again.
Apple also installed a single-thread speed-demon malloc library on the Mac and, as far is I can tell, not on the PC, so they are definitely guilty of cheating. But they didn't cheat as much as you say, or more than anyone else cheats on their benchmarks. And in the US, you can say something is the best if you can make it look better than the competition without cheating more than the other guys do.
Back up to a set of hard drives. Seriously. The cost/MB is still the cheapest out there, and it's more flexible, and heck, way faster than tape.
Last time I checked, CDs were about 30 US cents on the gig (ok, say 50c for good CDs). DVD-Rs were about on dollar to the gig. Hard drives were about 80c on the gig for cheap ones. Tape was also about 50 cents on the gig.
The equalizer is the cost of the drive. CD drives are dirt cheap; if you back up to hard drive, the drive is the media; but if you amortize the cost of the tape drive over, say 100 terabytes (not so unreasonable given the durability of tape drives), you bring up your cost to maybe 55 cents on the gig for tape. Granted, if you back up only 10 terabytes, it's no cheaper than hard drives.
So, if you're a large company that makes lots of backups, tape is still cheaper. If you're an individual without too much porn/mp3s, CDs are the way to go; if you're in between, go ahead for hard drives.
No, he meant the one where the tokens are worth 100 times as much, but only 1 out of 100 gets cashed. It would work quite well in theory, but in practice users don't understand randomness, and wouldn't buy it.
... but not in this context. The modifiers only apply to that story.
The advantage of the UNIX "everything is a stream of bytes" approach is that it's simple. It makes your application much easier to check for security (so long as you don't overrun a buffer) at the expense of making parsing difficult.
There are other approaches to communication that I'd like to see, though. Specifically, a better version of shm, and better approaches for ad-hoc connections to a server. Something like devices which can be programmed by the user (better than named pipes), perhaps.
Why, then, are you assuming he's a guy?
Yeah, no undo is really obnoxious.
Keeping your tunes organized in more than one way is one of the few good uses of hard links. All you have to do is hard-link all your mp3s into one directory, then import and organize that directory. Of course, this won't work on a Windows box...
And how well did YOU do at Harvard?
I have a B+ average, and this is because I'm taking hard classes and don't care much about my grades. For instance, I don't cram much for tests, because in the long run I don't learn anything that way. Instead, I spend my time programming, raytracing, maintaining my website, doing outside reading, and Slashdotting.
Now, I don't know if this was true at Yale in W's time, but these days grades are so inflated at most colleges that not getting a B average is pretty disgraceful, something like the bottom 10% of the class. There are plenty of classes here in which it's rare not to get an A. Once upon a time (100 years ago?), there was the concept of a "gentleman's C"; that is, if you didn't like a class, you could stop putting effort into the work and still pass with a C. Today you can usually get a B+ with relatively little effort; you have to be either lazy, inept or extremely unlucky to get worse than a B-. I managed to get a C+ once, and it was a through combination of extreme laziness, unluckiness, and dislike for the class.