Automotive products to remove water from gas (HEET, etc) are typically 99.9% isopropyl alcohol. It's cheap and readily available. Note some brands are methanol, some are isopropyl, but the container usually specifies. I've been using such products as a cleaner for my nintendo and other products for a long time, with no problems.
Here's an awesome demo from a microcontroller you can buy in bulk for ~$2. The demo is displayed to a VGA monitor, but could also be done to a TV composite or component input. Total cost including keyboard, much greater storage, and a second graphics chip for more computational possibilities could easily hit the target cost including keyboard but not display. Even a small display with any decent resolution would double the cost of the device.
If you have a 40 gig VM image, and you modify 1 bit, your scheme will add 40 gigs. rdiff-backup will add one bit + some small overhead. This is huge win for some users, not so much for others. For servers with large database dumps which are mostly static, it can be a large win.
rdiff-backup makes incremental diffs of individual files, which saves a lot of space for large files which have small changes like database backups, virtual machine images, and large mailspools. On the other hand, the rsync schemes are somewhat more straightforward to deal with if you don't have much space in such files.
WTF!?! (Checks calendar) Sadly not April 1. (Checks DHS website) Yup, DHS seems to be a part of the US government, which is supposed to be bound by the constitution. (Checks constitution) Yup, 4th amendment is still there... Any guesses on how long until the ACLU or EFF has their day in court over this? Hopefully not long, because this is bull. If this "war on terror" crap keeps going on much longer, moving to North Korea or China might be a net increase in my freedoms. How can we possibly be trying to bring "freedom and democracy" to the world when we are so intent on limiting it here?
How much do you make, and how important are these presentations? If he's flying about the world, he's paying large sums of money for the presentation time he has. Even if his time and travel isn't valuable, the people who he's making the presentations to must be, or he wouldn't be making presentations. $500 for a netbook is chump change. Assuming you make any decent salary, you've probably already spent more then that on research for this scheme already. I recommend a MSI Wind(~$500) if money is really that tight, or a Lenovo X61(~$1000) if you've got a little more change. The lowend EEE PC's at ~$300 are a bargain, but in my opinion they have an unusably small screen and keyboard.
You didn't read my comments well. Nationals can teach nationals. Foreigners cannot teach nationals. Also, nationals cannot gather in large groups as a church unless it is state sponsored. There are state sponsored churches and also undergound churches which are sometimes ignored, and sometimes persecuted. Note that most of the information I have about China is really about Bejing specifically, and enforcement of the official rules varies from province to province. Note I was in Bejing about a year ago, and still have contact with people there, and things have not changed there.
I'm using KVM on Linux mostly because as virtualbox still doesn't support 64 bit guests. Virtualbox management infrastructure and guest additions are way better then qemu/KVM, but the lack of 64 bit support on the guest side makes it a no go for me. When checking if 64 bit works yet, I see some recent checkins for 64 bit support and a claim on the forums that 64 bit guests will be in the next release. The other issue I've had is Ubuntu specific. When a new kernel comes out, KVM is included, but virtualbox OSE usually takes a while to catch up.
China blocks access to all religion it does not control. There are state run churches it has control over. There are also non-state run, public churches specifically run for and by foreigners, but you must show your passport at the door to prove you are not a Chinese citizen. It is specifically against the law for any foreigner to teach any Chinese citizen about religion or any type.
It's hard to say. China is split between the older population who has been around long enough to see through the bullshit, and the younger population who has been indoctrinated their whole lives. It is also split between the modern cities and poor peasant population. What would happen in case of a power shift is very difficult to predict. I am fairly sure it would end badly for the poor peasants though. Also, China does not strictly have a dictatorship, they have a corrupt representational democracy who is kept in power through limiting the vote, controlling the media, and through economic means. The main difference between China and the west is that in the west we have open courts and free press. Our governments are as a rule almost as corrupt as China's is, but they are limited somewhat in what they can get away with due to the free press and open courts.
Where's my modpoints when I need them? Parent is dead on. You can read my post history, I love bashing China as much as anyone, and have closer ties to it then most, but the Olympics is a place for athletics and putting aside the normal crap we usually bicker about.
If you only have 20 places you want to go, that's what the bookmarks toolbar is for. It has a "most visited" dropdown by default, and room for at least 15 or so one click launches if you keen the names short.
It doesn't matter too much what you do, just get your heart rate up for at least 30 minutes per day. I recommend getting out of your house, walking/jogging/running/bike riding. If you really can't bear the sunshine, you can try the 5bx program, it was developed by the canadian military for desk bound people who need to be fit. http://www.gettingfitagain.com/5bx.php
As a side note, I joined a gym this year, and am really enjoying use of the machines and classes as well as the childcare to give me the time to do it in the first place. Not all gyms are scary places, there are often local gyms that cater different audiences, and you could probably find one where you would fit in.
If the problem with TeX is in the extension language and not TeX itself, then the answer seems to be to write a better extension framework. luatex seems to be a project well on its way to doing just that, but there's still a lot of work to be done before it's stable and usable.
I assume you're using shared hosting. It's a cheap and easy option, but you give up all control of who is on your server, and what they are doing. I primarily use VPSes for many reasons including this one. It's a great middle ground between colo and shared hosting, where the host is in charge of giving me hardware and network support, and that is all. There are many good VPS providers out there. I personally prefer XEN based hosts to OS level virt like OpenVZ that powers most of the market. http://vpslink.com/xen-vps/ and http://slicehost.com/ are some of the better services I've used, but there's plenty more out there.
No, I mean favoring speed and computational simplicity over error detection. It is often a valid trade off. For example, most filesystems do not validate the stored data at all for size and computational reasons. As hard drives and arrays get bigger, that trade of no longer makes much sense, and most all new filesystems being designed have hash based error detection built in at some level. Good design takes experience. There aren't that many systems like S3 that have been built in the past, and there are many tricky decisions to be made. No system gets it all correct out of the gate.
There's probably information that changes as the packets move around, and they probably wanted to avoid the overhead. I'm guessing it was a deliberate design decision, but it turned out to be the wrong one. It's easy to see that after a failure, but it's hard to design large distributed systems and foresee every possible way things can break, and where the computation overhead is worth it. The number of interactions between servers here makes any small design flaw a big thing.
Please reference the title of this thread. We're way out in the weeds now, and arguing about semantics. Here's how I see it, and you're welcome to disagree. It appears you're defining secure as simply strength, which includes randomness, length, and character set. I'm defining secure as, well, secure, taking in account at minimum both strength and human usability factors. Security == strength + usability. Strength is a subclass of secure.
Length is a subclass of strong.
Randomness is a subclass of strong.
Character set is a subclass of strong. Human usability is a subclass of secure.
Memorability is a subclass of human usability.
Length is a subclass of memorability.
Randomness is a subclass of memorability. There is overlap the characteristics of strength and usability, which is why password policies are hard to get "right".
It's all semantics. I disagree with your assertion that putting secure in the past tense for human usability factors makes sense, but at least you're defining your words. This whole discussion started by saying that a instructor who was making a valid point through using poorly defined terms was being a dick. I think in this thread I have sufficiently made my point, you're welcome to have the last word if you like, but I'm done here.;-)
"Strong and secure" has more variables then simply "long and random". That was the presenters point, and I'm not arguing with it. I'm just saying the rhetorical methods he used to make it are mean-spirited, in an "I'm better-then-you" kind of way. The obvious answer is right, passwords should be as secure as possible, but secure must take into account the ease of use for the human as well as length, character set, and randomness. Once again, I'm not disagreeing with the point the presenter made, just saying the way he made it makes him kind of a jerk.
Note I didn't say uncommon, I said narrow. The referenced speaker is "clubbing baby seals" as one of my professors liked to call it. He asked a simple question with an obvious answer, and then reframed the question to make his (non-obvious) answer correct. Some would see it as a good way of getting people to challenge their assumptions, I see it as being a dick and abusing your authority. A much better way to frame the topic is to discuss specific ways that passwords can be attacked and thus more or less secure, ways to make secure passwords that humans can remember, ways to securely manage passwords without simply remembering them, not "do you think passwords should be secure? You're wrong, I'm right. Ha ha ha!" That's clubbing baby seals, and it's a crappy way to interact with your audience. BTW, I work as an security consultant and trainer, and am very acutely aware of what passes for security in most companies and the US government.
Software one time password generators are cool, but smartcards are more secure, more functional, and more convenient for the end user. Smartcards at minimum store a private key and use public key crypto on the card itself for authentication. You can use this in PAM for login and single sign on through local authenticators, LDAP, or Kerberos. You can use it as a RSA ssh key for remote login, as a client side SSL cert, as your credentials for S/MIME, etc.. The largest deployment at the moment is the US military, with their CAC system. Check out http://www.opensc-project.org/ and http://www.linuxnet.com/ for some of the linux oriented projects. Fedora is also leading the charge in the linux world through integration to their directory services and crypto consolidation. However, you can get it to work everywhere with some general geekery.;-)
If they are using the NebuAd services, it IS both deep packet inspection and inserting javascript in all pages. The fact that it uses the information it gathers to give better targeted ads on your DNS redirection (a separate kind of internet breaking evil you should be ashamed of, BTW) is just gravy. You as an employee have only received half the story, and it makes it sound a whole lot better that way. Wikipedia's article on NebuAd will give you some of the real scoop, but it gets worse the more you find out about it.. http://en.wikipedia.org/wiki/NebuAd
Note to moderators: I'm not calling anyone on this forum an ass.. Please read the context before moderating. The ass in question is a security trainer. I know how such people work and think, as I am one.. I might also be an ass, but that's a seperate issue;-)
Slashdot Mirror
Automotive products to remove water from gas (HEET, etc) are typically 99.9% isopropyl alcohol.
It's cheap and readily available.
Note some brands are methanol, some are isopropyl, but the container usually specifies.
I've been using such products as a cleaner for my nintendo and other products for a long time, with no problems.
Here's an awesome demo from a microcontroller you can buy in bulk for ~$2. The demo is displayed to a VGA monitor, but could also be done to a TV composite or component input.
Total cost including keyboard, much greater storage, and a second graphics chip for more computational possibilities could easily hit the target cost including keyboard but not display. Even a small display with any decent resolution would double the cost of the device.
If you have a 40 gig VM image, and you modify 1 bit, your scheme will add 40 gigs.
rdiff-backup will add one bit + some small overhead.
This is huge win for some users, not so much for others.
For servers with large database dumps which are mostly static, it can be a large win.
rdiff-backup makes incremental diffs of individual files, which saves a lot of space for large files which have small changes like database backups, virtual machine images, and large mailspools.
On the other hand, the rsync schemes are somewhat more straightforward to deal with if you don't have much space in such files.
WTF!?!
(Checks calendar) Sadly not April 1.
(Checks DHS website) Yup, DHS seems to be a part of the US government, which is supposed to be bound by the constitution.
(Checks constitution) Yup, 4th amendment is still there...
Any guesses on how long until the ACLU or EFF has their day in court over this? Hopefully not long, because this is bull.
If this "war on terror" crap keeps going on much longer, moving to North Korea or China might be a net increase in my freedoms. How can we possibly be trying to bring "freedom and democracy" to the world when we are so intent on limiting it here?
How much do you make, and how important are these presentations?
If he's flying about the world, he's paying large sums of money for the presentation time he has.
Even if his time and travel isn't valuable, the people who he's making the presentations to must be, or he wouldn't be making presentations.
$500 for a netbook is chump change.
Assuming you make any decent salary, you've probably already spent more then that on research for this scheme already.
I recommend a MSI Wind(~$500) if money is really that tight, or a Lenovo X61(~$1000) if you've got a little more change.
The lowend EEE PC's at ~$300 are a bargain, but in my opinion they have an unusably small screen and keyboard.
You didn't read my comments well.
Nationals can teach nationals.
Foreigners cannot teach nationals.
Also, nationals cannot gather in large groups as a church unless it is state sponsored.
There are state sponsored churches and also undergound churches which are sometimes ignored, and sometimes persecuted.
Note that most of the information I have about China is really about Bejing specifically, and enforcement of the official rules varies from province to province.
Note I was in Bejing about a year ago, and still have contact with people there, and things have not changed there.
I'm using KVM on Linux mostly because as virtualbox still doesn't support 64 bit guests.
Virtualbox management infrastructure and guest additions are way better then qemu/KVM, but the lack of 64 bit support on the guest side makes it a no go for me.
When checking if 64 bit works yet, I see some recent checkins for 64 bit support and a claim on the forums that 64 bit guests will be in the next release.
The other issue I've had is Ubuntu specific. When a new kernel comes out, KVM is included, but virtualbox OSE usually takes a while to catch up.
China blocks access to all religion it does not control.
There are state run churches it has control over.
There are also non-state run, public churches specifically run for and by foreigners, but you must show your passport at the door to prove you are not a Chinese citizen.
It is specifically against the law for any foreigner to teach any Chinese citizen about religion or any type.
It's hard to say.
China is split between the older population who has been around long enough to see through the bullshit, and the younger population who has been indoctrinated their whole lives.
It is also split between the modern cities and poor peasant population.
What would happen in case of a power shift is very difficult to predict. I am fairly sure it would end badly for the poor peasants though.
Also, China does not strictly have a dictatorship, they have a corrupt representational democracy who is kept in power through limiting the vote, controlling the media, and through economic means.
The main difference between China and the west is that in the west we have open courts and free press. Our governments are as a rule almost as corrupt as China's is, but they are limited somewhat in what they can get away with due to the free press and open courts.
Where's my modpoints when I need them?
Parent is dead on.
You can read my post history, I love bashing China as much as anyone, and have closer ties to it then most, but the Olympics is a place for athletics and putting aside the normal crap we usually bicker about.
If you only have 20 places you want to go, that's what the bookmarks toolbar is for. It has a "most visited" dropdown by default, and room for at least 15 or so one click launches if you keen the names short.
It doesn't matter too much what you do, just get your heart rate up for at least 30 minutes per day.
I recommend getting out of your house, walking/jogging/running/bike riding.
If you really can't bear the sunshine, you can try the 5bx program, it was developed by the canadian military for desk bound people who need to be fit.
http://www.gettingfitagain.com/5bx.php
As a side note, I joined a gym this year, and am really enjoying use of the machines and classes as well as the childcare to give me the time to do it in the first place.
Not all gyms are scary places, there are often local gyms that cater different audiences, and you could probably find one where you would fit in.
If the problem with TeX is in the extension language and not TeX itself, then the answer seems to be to write a better extension framework.
luatex seems to be a project well on its way to doing just that, but there's still a lot of work to be done before it's stable and usable.
Steve Jobs =~ Linus?
Linus has described his role in Linux development as a CVS with taste.
I guess the only question is who at Microsoft has taste?
I assume you're using shared hosting. It's a cheap and easy option, but you give up all control of who is on your server, and what they are doing.
I primarily use VPSes for many reasons including this one. It's a great middle ground between colo and shared hosting, where the host is in charge of giving me hardware and network support, and that is all.
There are many good VPS providers out there. I personally prefer XEN based hosts to OS level virt like OpenVZ that powers most of the market.
http://vpslink.com/xen-vps/ and http://slicehost.com/ are some of the better services I've used, but there's plenty more out there.
No, I mean favoring speed and computational simplicity over error detection.
It is often a valid trade off. For example, most filesystems do not validate the stored data at all for size and computational reasons. As hard drives and arrays get bigger, that trade of no longer makes much sense, and most all new filesystems being designed have hash based error detection built in at some level.
Good design takes experience. There aren't that many systems like S3 that have been built in the past, and there are many tricky decisions to be made. No system gets it all correct out of the gate.
There's probably information that changes as the packets move around, and they probably wanted to avoid the overhead. I'm guessing it was a deliberate design decision, but it turned out to be the wrong one. It's easy to see that after a failure, but it's hard to design large distributed systems and foresee every possible way things can break, and where the computation overhead is worth it. The number of interactions between servers here makes any small design flaw a big thing.
All versions of IE on XP do not support it. Nor does IE 6 on Vista.
That's at least 50% of web surfers right there.
Please reference the title of this thread. We're way out in the weeds now, and arguing about semantics.
Here's how I see it, and you're welcome to disagree.
It appears you're defining secure as simply strength, which includes randomness, length, and character set.
I'm defining secure as, well, secure, taking in account at minimum both strength and human usability factors.
Security == strength + usability.
Strength is a subclass of secure.
Length is a subclass of strong.
Randomness is a subclass of strong.
Character set is a subclass of strong.
Human usability is a subclass of secure.
Memorability is a subclass of human usability.
Length is a subclass of memorability.
Randomness is a subclass of memorability.
There is overlap the characteristics of strength and usability, which is why password policies are hard to get "right".
It's all semantics. I disagree with your assertion that putting secure in the past tense for human usability factors makes sense, but at least you're defining your words. ;-)
This whole discussion started by saying that a instructor who was making a valid point through using poorly defined terms was being a dick.
I think in this thread I have sufficiently made my point, you're welcome to have the last word if you like, but I'm done here.
"Strong and secure" has more variables then simply "long and random". That was the presenters point, and I'm not arguing with it. I'm just saying the rhetorical methods he used to make it are mean-spirited, in an "I'm better-then-you" kind of way.
The obvious answer is right, passwords should be as secure as possible, but secure must take into account the ease of use for the human as well as length, character set, and randomness.
Once again, I'm not disagreeing with the point the presenter made, just saying the way he made it makes him kind of a jerk.
Note I didn't say uncommon, I said narrow. The referenced speaker is "clubbing baby seals" as one of my professors liked to call it. He asked a simple question with an obvious answer, and then reframed the question to make his (non-obvious) answer correct. Some would see it as a good way of getting people to challenge their assumptions, I see it as being a dick and abusing your authority.
A much better way to frame the topic is to discuss specific ways that passwords can be attacked and thus more or less secure, ways to make secure passwords that humans can remember, ways to securely manage passwords without simply remembering them, not "do you think passwords should be secure? You're wrong, I'm right. Ha ha ha!" That's clubbing baby seals, and it's a crappy way to interact with your audience.
BTW, I work as an security consultant and trainer, and am very acutely aware of what passes for security in most companies and the US government.
Software one time password generators are cool, but smartcards are more secure, more functional, and more convenient for the end user. ;-)
Smartcards at minimum store a private key and use public key crypto on the card itself for authentication. You can use this in PAM for login and single sign on through local authenticators, LDAP, or Kerberos. You can use it as a RSA ssh key for remote login, as a client side SSL cert, as your credentials for S/MIME, etc..
The largest deployment at the moment is the US military, with their CAC system.
Check out http://www.opensc-project.org/ and http://www.linuxnet.com/ for some of the linux oriented projects. Fedora is also leading the charge in the linux world through integration to their directory services and crypto consolidation. However, you can get it to work everywhere with some general geekery.
If they are using the NebuAd services, it IS both deep packet inspection and inserting javascript in all pages.
The fact that it uses the information it gathers to give better targeted ads on your DNS redirection (a separate kind of internet breaking evil you should be ashamed of, BTW) is just gravy.
You as an employee have only received half the story, and it makes it sound a whole lot better that way.
Wikipedia's article on NebuAd will give you some of the real scoop, but it gets worse the more you find out about it..
http://en.wikipedia.org/wiki/NebuAd
Note to moderators: I'm not calling anyone on this forum an ass.. Please read the context before moderating. The ass in question is a security trainer. I know how such people work and think, as I am one.. I might also be an ass, but that's a seperate issue ;-)