Well, if they wrote a paper and submitted it to Phys Rev, you can rest assured they considered this (and it will be checked by many other physicists).
The abstract in the linked paper says the result they got differs by 3.2 standard deviations from the prediction given by the Standard Model. That's not conclusive, but it's significant. Surely they (or someone else) will keep looking in other data (from LHC, for example) to see if they can increase confidence.
Whats hard? No one would ever notice really, with a GUI the issue is moot unless you care about it.
Or until they hit "sort by name".
Ermm... why do you think sorting has anything to do with case sensitivity of the filesystem?
"A" and "a" are two different files in a case-sensitive filesystem, and two names for the same file in a case-insensitive filesystem. That's the difference. Any method used for sorting file names in one system can be done exactly the same way in the other.
The interview was given by a juror, who actually read the email and came to the conclusion I repeated above.
What I'm saying -- what the juror is saying -- is that a lot of people with bad information are speculating and getting the facts wrong. He has all the facts, so we shouldn't discard his opinion based on speculation.
Yeah, but you'd think that the juror, who actually read the email (and not just an ambiguous second hand account of it) would have a better idea of what actually happened, don't you think?:)
Well, it's my bad, but if you had read the interview, you would have seen that the accounts created were for router administrators, not users, as I wrongly wrote above.
If Terry Childs really thought the only person authorized to receive the information was the mayor
Did you even read the interview? During normal work (before all the confusion), he was asked to create some user accounts. He did it and send an email with the created usernames/passwords to his boss and a copy to his boss's boss.
So, no, he didn't really think the only person authorized to receive access information was the mayor. That's just the excuse he used later for not wanting yo give up control of the system.
Well, if you want to split hairs, at least split them to the end...
Eventually, of course, the universe will run out of mass for you to make tape out of, but the machine is still a proper Turing machine.
How is this "still a proper Turing machine"? There are programs that would work on a theoretical Turing machine (with arbitrary amount of tape), but would run out of memory in your scheme.
The OP point stands: we will never actually be able to build a real Turing machine[1]. Still, computers are very good approximations (for programs that require up to a certain amount of memory).
The expiration of copyright has never guaranteed you access or rights to the use of primary sources.
That's true, but nobody said anything about primary sources.
The thing is: if I own a book, when the copyright expires I can legally copy the book and distribute the copies as I wish. Things have been this way for a very long time.
Now, since the DMCA, I can't legally make copies of whatever is protected by DRM even when the copyright expires. Even if I'm technically able to break the encryption, the DMCA states it's illegal to circumvent any copy protection.
You have to remember that most computing models today are equivalent to Turing Machines for a very good reason: all variants we can think of are either too limited (non-Turing-complete) or far too powerful to be possible to actually exist.
All computation models beyond Turing Machines we can think of (see here for a few examples) look too powerful to be realizable in the physical world. For example, computers that can represent any real number with infinite precision -- these are stronger than Turing Machines -- are thought to be impossible to build according to the laws of physics.
So, one possibility is that the human mind belongs to a computational model that is stronger than a Turing Machine but weaker than anything else we can imagine (yet). The alternative is that the human mind is just a (maybe probabilistic) TM, but far too complex for us to realize it (yet).
(Quantum Computers, by the way, can be simulated by Turing Machines, so the computational models are equivalent. The simulation is just not very efficient.)
So the idea here is apparently that the energy itself can be transmitted instantly, but you can't actually transmit information this way. Just energy.
No, energy can't be transmitted instantly. From the abstract:
Protocols of quantum energy teleportation (QET) (...) enable the transportation of energy from a subsystem of a many-body quantum system to a distant subsystem by local operations and classical communication through ground-state entanglement. We prove two energy-entanglement inequalities for a minimal QET model. [my emphasis]
So, you apparently still need the classical channel in order to know what measurement to perform in the receiving end, just like in good old quantum teleportation.
If the public key is public, I can stick it in another femtocell.
You surely can stick it into another femtocell, but that will do you no good. This new femtocell can't use this key to communicate, because it doesn't have the corresponding private key.
To give another example: I can get the public key from any bank site and stick it into my own web server. This doesn't mean I can trick people into thinking my web server is the bank's -- I won't be able to decrypt anything they send me!
If you're encrypting stuff with X's public key, then only whoever has X's private key can decrypt it. So, in essence, you're certain you're talking to X and not someone pretending to be X.
So, by displaying the hash of the public key of the device you're talking to, you're effectively showing the true identity of who you're talking to.
I think the OP's idea is that you can use this information to be sure you're connecting to your own femtocell (on which you have fixed the vulnerability) and not you neighbor's (possibly hacked) femtocell.
Kind of wonder why those env variables wouldn't be unset by default for everything, then set only on programs that should need root.
The environment is inherited *at run time*, not during compilation. And the problem was in the code that tried to unset these variables before loading the executable file: it was failing if the environment was corrupt. With the patch, it detects this and aborts.
QT needs a classical channel to set up through. Once entangled entities are separated in 3space that channel is not necessary until decoding and verification. That would provide the proof of whether it worked, and since those results would be sitting and waiting on the classical signal, it would have predated it.
Sigh... That's not true -- that's not how quantum teleportation works. The classical signal is an integral part of teleportation, it's not just necessary for "decoding and verification" (it seems you're confusing this with Bell's Theorem?).
For enlightenment, this is an outline of how you teleport a qubit:
First, the setup:
Start with two maximally entangled qubits (e.g., one of the four Bell states). Call them |a> and |b>
Give one of them (|a>) to Alice and the other (|b>) to Bob. They can then travel as far away from each other as desired.
Now, the teleportation. First Alice does this:
Come up with or receive a qubit |q>. This is the qubit she wants to send to Bob.
She performs some pre-determined unitary transformation in both of her qubits, |a> and |q>. (The unitary transformation depends on the selected entangled qubits in the setup.)
She then measures both qubits. The result is a pair of (classical) bits, "a" and "q". This measurements destroys both |a> and |q>, but does something funny (the "spooky action") to Bob's qubit. But notice that Bob's qubit is still not equal to what Alice wanted to send.
Alice now sends (via any classical channel) the two bits, "a" and "q" to Bob.
To complete the teleportation, Bob does this:
Receive the bits "a" and "q" from Alice.
Depending on these bits, he will apply one of four unitary transformations on his qubit |b>. (These depends on the selected entangled qubits in the setup.)
After this transformation, |b> is equal to the original value of |q>.
Furthermore, the "zero fanout" is a simple and direct consequence of the no-cloning theorem. It doesn't matter how clever your setup is, you'll never be able to make a duplicate of an indeterminate quantum state. This is a consequence of the fact that quantum mechanics is linear.
On one hand, the author himself, who was there for the signing of the contract, states he did not give them an exclusive license on the text, but states he didn't create the covers, toc, or index thus can't give permission to copy that.
That's not what the author stated. He actually wrote:
My contract also states that I have exclusively allowed Apress to publish and reproduce my content.
He then went on about how he "suspects" that you can make a PDF without the cover, TOC and index without infringing any of the publisher's rights.
Tim O'Reilly, who (I'd guess) is very experienced with these kinds of contracts, wrote this in the comments of his post:
I’d be very careful with your assumptions here. “Owning the copyright” doesn’t mean what you seem to think it means. I haven’t seen the language in the APress contract, but I suspect it says something to the effect that you grant them the exclusive right to publish, distribute, and sell (etc.) the book for the duration of the copyright. If this is so, the ONLY thing that you get from still owning the copyright is the ability to reacquire the rights in the event APress goes out of business.
So while we can't know without seeing the author's contract, it's reasonable to assume that what alain94040 wrote above is closer to the truth than what the author "suspects".
Ah, I finally understood what you're complaining about.
If I understand correctly, you seem to be suggesting that Firefox should (instead of saying the certificate is invalid) notice that there's an accepted self-signed certificate for that site and say something like "WARNING!!!! The certificate has changed, it's possible you're under attack. Do you want to start using this new certificate and forget the old one? (DO THIS ONLY IF YOU KNOW WHAT YOU'RE DOING)".
The problem is, no matter how much the browser screams when asking the question, 99% of the users simply don't know how to answer that question, so the safest bet is for the browser to assume there's an attack. Otherwise, many users will simply click whatever button will allow them to continue doing whatever they wanted, and so, all browser security becomes ineffective. That's not prejudice against dumb users, that's what really happens, as the study mentioned in the article (and many others) indicate.
If you're in the remaining 1% who DO know what's going on (e.g., you know the site's certificate actually changed), you can always open Firefox's certificate list, remove the old certificate and add the new one. It's not a 1-click step, but at least you don't need to edit any files. And how often do you expect to have to do it anyway?
Go to https://www.newsdesk.umd.edu/ (or any other site with a self-signed certificate) and watch Firefox give the error page.
Click "or you can add an exception..." on the error page.
Click "Add Exception..." (yes, it's a stupid step)
Click "Get Certificate" in the window that pops up (yes, also a stupid step:-)
Make sure "Permanently store this exception" is checked, and click "Confirm Security Exception".
It's done. Now, every time you access the site, Firefox will not ask again, unless the site provides a certificate different than the one you added.
(For the sake of completeness: to remove this exception, go to Firefox preferences, Advanced, Encryption and click "View Certificates". In the "Server" tab, look for the certificate you added and remove it.)
Idea (probably somebody posted this on/. someday already): why not use something along the lines of what SSH is doing - handshake, store the key, bitch when the key changes?
That's a great idea. And it was implemented a long time ago (in Firefox, at least).
When you first access the site and Firefox bitches that the certificate is invalid, you can add the certificate permanently. Then, as long as the certificate remains the same, Firefox will never complain again.
The problem is really in the user interface. If it's too easy to "add certificates permanently", then users will do it without paying attention if that's what they should do (as this story confirms).
I hate Microsoft as much as the next guy (I'm primarily a Linux programmer), but saying Java and C# are practically the same is being blind or unwilling to see the truth.
Java and C# are really very similar in the surface. Microsoft seems to have designed C# to replace Java, so that's hardly surprising. They have literally copied every good idea from Java, but there are many changes and additions to C# (and.NET) that make the languages and VMs very different.
I actually believe that a lot people working with both think they are very similar, but that's because there's a lot of overlap. If you program in Java, you can start programming in C# right away (the syntax is almost the same, you only have to learn differences in the library). The other way around is a lot more difficult -- C# has a lot of features that don't exist in Java.
Take generics for example. In Java, generics are a late addition that didn't modify the JVM; this causes many limitations. In.NET, the runtime knows about generics (you can even inspect them with reflection). More important (at least for me) is the ability to use primitive (i.e. value) types with generics. That way you can use
Dictionary<string,int>
and be assured that it will be as efficient as possible -- no boxing and no castings happening behind the curtains.
Another good feature of C# are delegates, very useful for callbacks of GUIs, for example. Java's inner classes are simply too much of a hassle when you compare them to delegates, specially for simple things.
There are many other features that Java doesn't have (unsigned integral types, using binary logical operators with enums and events are a few that are easy to remember), but this post is too long as it is.
But don't get me wrong, I also think Java has some strengths. For example, it has a lot more libraries around (if you need it, chances are someone else already wrote it), it runs in a lot of systems, and there's no chance of some day someone claiming a patent and forcing you to stop using it (well, technically this risk exists even for Java, but it seems really unlikely).
Actually, they did say what the GP said two items above the one you quoted:
Internet broadcast (non-subscription, not title-by-title) -- Since this market is still developing, no royalties will be payable for internet broadcast services (non-subscription, not title-by-title) during the initial term of the license (which runs through December 31, 2010) and then shall not exceed the over-the-air free broadcast TV encoding fee during the renewal term.
Slashdot Mirror
Well, if they wrote a paper and submitted it to Phys Rev, you can rest assured they considered this (and it will be checked by many other physicists).
The abstract in the linked paper says the result they got differs by 3.2 standard deviations from the prediction given by the Standard Model. That's not conclusive, but it's significant. Surely they (or someone else) will keep looking in other data (from LHC, for example) to see if they can increase confidence.
Whats hard? No one would ever notice really, with a GUI the issue is moot unless you care about it.
Or until they hit "sort by name".
Ermm... why do you think sorting has anything to do with case sensitivity of the filesystem?
"A" and "a" are two different files in a case-sensitive filesystem, and two names for the same file in a case-insensitive filesystem. That's the difference. Any method used for sorting file names in one system can be done exactly the same way in the other.
All of them what? What employer claims?
The interview was given by a juror, who actually read the email and came to the conclusion I repeated above.
What I'm saying -- what the juror is saying -- is that a lot of people with bad information are speculating and getting the facts wrong. He has all the facts, so we shouldn't discard his opinion based on speculation.
Yeah, but you'd think that the juror, who actually read the email (and not just an ambiguous second hand account of it) would have a better idea of what actually happened, don't you think? :)
Well, it's my bad, but if you had read the interview, you would have seen that the accounts created were for router administrators, not users, as I wrongly wrote above.
If Terry Childs really thought the only person authorized to receive the information was the mayor
Did you even read the interview? During normal work (before all the confusion), he was asked to create some user accounts. He did it and send an email with the created usernames/passwords to his boss and a copy to his boss's boss.
So, no, he didn't really think the only person authorized to receive access information was the mayor. That's just the excuse he used later for not wanting yo give up control of the system.
I agree.
People shouldn't bee so quick to dismiss the Invisible Pink Unicorn, either. Just because you can't see her, it doesn't mean she doesn't exist.
Well, if you want to split hairs, at least split them to the end...
Eventually, of course, the universe will run out of mass for you to make tape out of, but the machine is still a proper Turing machine.
How is this "still a proper Turing machine"? There are programs that would work on a theoretical Turing machine (with arbitrary amount of tape), but would run out of memory in your scheme.
The OP point stands: we will never actually be able to build a real Turing machine[1]. Still, computers are very good approximations (for programs that require up to a certain amount of memory).
[1] Assuming the universe is actually expanding and that the theory of relativity is right (a good discussion can be found here: http://www.scottaaronson.com/democritus/lec20.html)
The expiration of copyright has never guaranteed you access or rights to the use of primary sources.
That's true, but nobody said anything about primary sources.
The thing is: if I own a book, when the copyright expires I can legally copy the book and distribute the copies as I wish. Things have been this way for a very long time.
Now, since the DMCA, I can't legally make copies of whatever is protected by DRM even when the copyright expires . Even if I'm technically able to break the encryption, the DMCA states it's illegal to circumvent any copy protection.
Maybe he means you'll save the energy the compiler would spend to optimize a multiply into a bit shift :-)
You have to remember that most computing models today are equivalent to Turing Machines for a very good reason: all variants we can think of are either too limited (non-Turing-complete) or far too powerful to be possible to actually exist.
All computation models beyond Turing Machines we can think of (see here for a few examples) look too powerful to be realizable in the physical world. For example, computers that can represent any real number with infinite precision -- these are stronger than Turing Machines -- are thought to be impossible to build according to the laws of physics.
So, one possibility is that the human mind belongs to a computational model that is stronger than a Turing Machine but weaker than anything else we can imagine (yet). The alternative is that the human mind is just a (maybe probabilistic) TM, but far too complex for us to realize it (yet).
(Quantum Computers, by the way, can be simulated by Turing Machines, so the computational models are equivalent. The simulation is just not very efficient.)
So the idea here is apparently that the energy itself can be transmitted instantly, but you can't actually transmit information this way. Just energy.
No, energy can't be transmitted instantly. From the abstract:
Protocols of quantum energy teleportation (QET) (...) enable the transportation of energy from a subsystem of a many-body quantum system to a distant subsystem by local operations and classical communication through ground-state entanglement. We prove two energy-entanglement inequalities for a minimal QET model. [my emphasis]
So, you apparently still need the classical channel in order to know what measurement to perform in the receiving end, just like in good old quantum teleportation.
Agreed. I just mentioned that in some sense the OP's post was not completely bogus.
If the public key is public, I can stick it in another femtocell.
You surely can stick it into another femtocell, but that will do you no good. This new femtocell can't use this key to communicate, because it doesn't have the corresponding private key.
To give another example: I can get the public key from any bank site and stick it into my own web server. This doesn't mean I can trick people into thinking my web server is the bank's -- I won't be able to decrypt anything they send me!
If you're encrypting stuff with X's public key, then only whoever has X's private key can decrypt it. So, in essence, you're certain you're talking to X and not someone pretending to be X.
So, by displaying the hash of the public key of the device you're talking to, you're effectively showing the true identity of who you're talking to.
I think the OP's idea is that you can use this information to be sure you're connecting to your own femtocell (on which you have fixed the vulnerability) and not you neighbor's (possibly hacked) femtocell.
Kind of wonder why those env variables wouldn't be unset by default for everything, then set only on programs that should need root.
The environment is inherited *at run time*, not during compilation. And the problem was in the code that tried to unset these variables before loading the executable file: it was failing if the environment was corrupt. With the patch, it detects this and aborts.
QT needs a classical channel to set up through. Once entangled entities are separated in 3space that channel is not necessary until decoding and verification. That would provide the proof of whether it worked, and since those results would be sitting and waiting on the classical signal, it would have predated it.
Sigh... That's not true -- that's not how quantum teleportation works. The classical signal is an integral part of teleportation, it's not just necessary for "decoding and verification" (it seems you're confusing this with Bell's Theorem?).
For enlightenment, this is an outline of how you teleport a qubit:
First, the setup:
Now, the teleportation. First Alice does this:
To complete the teleportation, Bob does this:
Furthermore, the "zero fanout" is a simple and direct consequence of the no-cloning theorem. It doesn't matter how clever your setup is, you'll never be able to make a duplicate of an indeterminate quantum state. This is a consequence of the fact that quantum mechanics is linear.
On one hand, the author himself, who was there for the signing of the contract, states he did not give them an exclusive license on the text, but states he didn't create the covers, toc, or index thus can't give permission to copy that.
That's not what the author stated. He actually wrote:
My contract also states that I have exclusively allowed Apress to publish and reproduce my content.
He then went on about how he "suspects" that you can make a PDF without the cover, TOC and index without infringing any of the publisher's rights.
Tim O'Reilly, who (I'd guess) is very experienced with these kinds of contracts, wrote this in the comments of his post:
I’d be very careful with your assumptions here. “Owning the copyright” doesn’t mean what you seem to think it means. I haven’t seen the language in the APress contract, but I suspect it says something to the effect that you grant them the exclusive right to publish, distribute, and sell (etc.) the book for the duration of the copyright. If this is so, the ONLY thing that you get from still owning the copyright is the ability to reacquire the rights in the event APress goes out of business.
So while we can't know without seeing the author's contract, it's reasonable to assume that what alain94040 wrote above is closer to the truth than what the author "suspects".
Actually, 1 electron volt is closer to 10^(-19) Joules, so
14 TeV = 2.2 x 10^(-6) J
(When in doubt, ask google! :-))
There's an excellent video on YouTube of Ed Farhi explaining it in some detail: Why Physicists Need the Large Hadron Collider
Basically, if all they find is the Higgs boson, that will be a huge disappointment. (Unfortunately, that's the expected outcome.)
Ah, I finally understood what you're complaining about.
If I understand correctly, you seem to be suggesting that Firefox should (instead of saying the certificate is invalid) notice that there's an accepted self-signed certificate for that site and say something like "WARNING!!!! The certificate has changed, it's possible you're under attack. Do you want to start using this new certificate and forget the old one? (DO THIS ONLY IF YOU KNOW WHAT YOU'RE DOING)".
The problem is, no matter how much the browser screams when asking the question, 99% of the users simply don't know how to answer that question, so the safest bet is for the browser to assume there's an attack. Otherwise, many users will simply click whatever button will allow them to continue doing whatever they wanted, and so, all browser security becomes ineffective. That's not prejudice against dumb users, that's what really happens, as the study mentioned in the article (and many others) indicate.
If you're in the remaining 1% who DO know what's going on (e.g., you know the site's certificate actually changed), you can always open Firefox's certificate list, remove the old certificate and add the new one. It's not a 1-click step, but at least you don't need to edit any files. And how often do you expect to have to do it anyway?
That's not true, try it yourself:
It's done. Now, every time you access the site, Firefox will not ask again, unless the site provides a certificate different than the one you added.
(For the sake of completeness: to remove this exception, go to Firefox preferences, Advanced, Encryption and click "View Certificates". In the "Server" tab, look for the certificate you added and remove it.)
Idea (probably somebody posted this on /. someday already): why not use something along the lines of what SSH is doing - handshake, store the key, bitch when the key changes?
That's a great idea. And it was implemented a long time ago (in Firefox, at least).
When you first access the site and Firefox bitches that the certificate is invalid, you can add the certificate permanently. Then, as long as the certificate remains the same, Firefox will never complain again.
The problem is really in the user interface. If it's too easy to "add certificates permanently", then users will do it without paying attention if that's what they should do (as this story confirms).
I hate Microsoft as much as the next guy (I'm primarily a Linux programmer), but saying Java and C# are practically the same is being blind or unwilling to see the truth.
Java and C# are really very similar in the surface. Microsoft seems to have designed C# to replace Java, so that's hardly surprising. They have literally copied every good idea from Java, but there are many changes and additions to C# (and .NET) that make the languages and VMs very different.
I actually believe that a lot people working with both think they are very similar, but that's because there's a lot of overlap. If you program in Java, you can start programming in C# right away (the syntax is almost the same, you only have to learn differences in the library). The other way around is a lot more difficult -- C# has a lot of features that don't exist in Java.
Take generics for example. In Java, generics are a late addition that didn't modify the JVM; this causes many limitations. In .NET, the runtime knows about generics (you can even inspect them with reflection). More important (at least for me) is the ability to use primitive (i.e. value) types with generics. That way you can use
Dictionary<string,int>
and be assured that it will be as efficient as possible -- no boxing and no castings happening behind the curtains.
Another good feature of C# are delegates, very useful for callbacks of GUIs, for example. Java's inner classes are simply too much of a hassle when you compare them to delegates, specially for simple things.
There are many other features that Java doesn't have (unsigned integral types, using binary logical operators with enums and events are a few that are easy to remember), but this post is too long as it is.
But don't get me wrong, I also think Java has some strengths. For example, it has a lot more libraries around (if you need it, chances are someone else already wrote it), it runs in a lot of systems, and there's no chance of some day someone claiming a patent and forcing you to stop using it (well, technically this risk exists even for Java, but it seems really unlikely).
Actually, they did say what the GP said two items above the one you quoted:
Internet broadcast (non-subscription, not title-by-title) -- Since this market is still developing, no royalties will be payable for internet broadcast services (non-subscription, not title-by-title) during the initial term of the license (which runs through December 31, 2010) and then shall not exceed the over-the-air free broadcast TV encoding fee during the renewal term.
(My emphasis)