At the end of the day, people got on and made comments they shouldn't have made on the airplane, and other people heard them,
Other people heard them, misconstrued them. It just so happened these people were of Muslim faith and appearance. It escalated, it got out of hand and everyone took precautions.
So wait, you can't talk about airport security at the airport? That's all I talk about on the airlines. After hours of waiting, being stripped of liquids for no reason, having to take of your shoes, it kind of is the elephant in the room.
It seems likely that they were given special attention because of their appearance, accent, culture, et cetera. Personally, I'm not expecting anyone, especially the airline to admit this.
Honestly, being a casual Linux user, sound card support is not the defining factor holding back Linux adoption. While Ubuntu goes a long way to improving the user experience with Linux, even to get it to a 'standard' setup, I needed to use the console no less than 5 times. That's *needed* to, there was no GUI way to do what I was trying to do.
While I personally have no problem doing that, I shudder at the idea of talking someone like my father through it. The day that I can combine Linux stability with ease of use... that will be the year of the Linux desktop. Driver integration and support goes a long way to doing that, and a flushed out menu system will put it over the top.
What does your father do that requires editing configuration files or using a shell interface on Ubuntu 8.10?
Most of the devices that you mentioned don't give you details of the status of the OS (cpu, memory, port utilization, et cetera). This is the kind of relationship you have with a black-box. You can put a bug request in, and maybe even send them logs or core dumps, if the device supports it.
I've only run openwrt or some other open-source firmware for a while now, and I have been happy with performance and the fact that I can see what is going on on the device I own.
My current setup is: OpenWrt White Russian - With X-Wrt Extensions 0.9 Linux 2.4.30 #1 Thu Feb 22 13:58:48 EST 2007 Linksys WRTSL54GS Broadcom BCM947XX
My usage is: 1 Mac, two Linux laptops, one Windows desktop and a Linux server. Moderate bittorrent usage (both Azureus and rtorrent), in addition to frequent outbound ssh connections (X11, rsync, vnc), Citrix and SSL/IPSec VPNs. Absolutely no uPnP or Rendezvous.
I think the biggest issue here, is that police and other criminology people are concerned that if a computer tech stumbles across illegal information on a computer, that since they are not a licensed private investigator, the evidence cannot in any way be used. Even if say, it's for a child-pornography case. "Your evidence was siezed improperly, sorry, but it's excluded, next time do things the right way!"
I guess that we should also make anyone who develops photos get a PI license as well. That's a great way to boost salaries at Walmart.
Engineering, building and maintaining the plant should employ a fair amount of people. Maybe with manufacturing jobs (among others) going overseas, that will be enough for people to change their minds about what they have in their backyards.
The fact that they chose license X instead of Y only means that they didn't want to enforce this particular behavior in the license. It does not mean that they wouldn't like to see bug fixes and feature enhancements flow back into the community, or think that it isn't the right thing for the company to do.
Some of my cow-orkers argue that if they were to fix a bug for a user (in GPL'd code) and deliver a compiled copy of it (as opposed to source to be built by the user) and then lose the code in the future, their license to distribute the code could be in violation of GPLv2 requirement 3 part b.
So you may be trying to read too much into people's license choice. Maybe the fact that the license is more complex and adhering to the rules in it distracts the licensor from the fun of coding.
I don't think that any corn growers are wondering what to do with their product these days, what with ethanol production ramping up everywhere and driving the price up.
One aspect of the IronKey that makes it appealing is the protection from an off-line dictionary attack. Only once you have successfully authenticated with your key does it decrypt the flash drive and present it to the OS. It also will simply stop working with a certain number of authentication attempts failing and is fully potted to allow it to be able to resist physical tampering.
It seems to use a randomly generated key (cryptographically the best thing that you can do) to encrypt the flash memory. This doesn't prevent anything, but ensures that having a weak password will not make an off-line dictionary attack any easier.
Finally, only the authentication protocol has to be ported when this needs to be moved to a new OS or platform.
If you don't have a need for this level of paranoia, then simply say so. If you think that TrueCrypt and BestCrypt with a random thumb-drive are equals to this, do your homework. They seem to have put in a decent amount of time thinking this through. I think that IronKey should be given some credit for their product.
The only practical attack against it is a keylogger. If you wanted to make the device more fragile, but fix this whole you could have six random digits on an LCD on the device that cycle every minute or so (like a SecurID). This could be a pre-fix or a suffix to that is verified by the chip and can't be snooped by having a keylogger. Anyone who implements this, please send me a freebie.
How long do you think that it would take to run enough CAPTCHAs to get all of the images if there are 10k images? 100k images? 1m? Now compare the amount of CAPTCHAs that can be generated with a large dictionary of words and just a few transformations and no randomness. Now add randomness. Generated CAPTCHAs can't be indexed, pictures can.
Maybe you could combine the two. A mangled question like 'Select two cats with green backgrounds.', 'Select less than two frogs that are wearing hats.' with check boxes to select the correct images. This type of activity would have to be kept simple, but can be automatically generated and should be effective longer. The more thought that has to be done, the less easy it will be to solve with a computer.
Maybe someday we will have to select a game to play, and end up playing solitaire or hearts to be able to register an account.
If the hardware device is any good, it isn't relying on the obscurity of the algorithm as it's security strength. It should be able to stand up to an attack even with a significant (hundreds of thousands) number of known tokens. If that is the case, then you need the seed (IV) of the token you want to impersonate in order to do any damage. That key should be protected like a regular key, and should be resistant to tampering (i.e potted, designed to fail if it is tampered with).
Now most sites that would be doing this will be using SSL with certificates signed by a 'respected' cert provider. If that is the case, the likelihood of getting enough tokens to launch an attack is greatly reduced.
So put away the tin-foil hat. This isn't a MAC address.:-)
As for conscious lock-in, if you don't want a phone with lock-in, you're free to get one. Enjoy paying twice as much for calls and having a per-call fee. Lock-in costs less than stuff without lock-in because it reduces risk. It's a valuable tool and one that, despite the Slashdot crowd's feeling, most consumers have little problem with as a way to get goods more cheaply. As discussed above, a subscription model (including break-out fees) doesn't fit the type of lock-in that we are discussing here. The cost of getting out of a contract can sometimes be less than the cost of the phone itself, which means that the cost isn't above and beyond the cost of the product itself.
Phones are a bad example of lock-in, in my opinion. Microsoft's monopoly and the software industry is the best example of lock-in, hands down. Beyond that, corporate IT is the next best place to find vendors participating in this business strategy.
The way I figure it, you have two sites. OinkA and OinkB. OinkA has the even bits, a UUID and the sha1sums, OinkB has the odd bits, a matching UUID and thesha1sums. Someone writes a very simple merge script.
I can't really agree with you there. A lot of the bands that I listen to (the IDM scene), I will never see in concert. They rarely tour, and it is mostly in Europe anyways.
It is the artists choice as to how they want to make money. If they want to sell CDs for cheap and tour, so be it. If they want to sell their CDs for $1,000 and never tour, they are welcome to. They should be in control of the product that they want to offer. If they choose to screw around with my unwritten contract with them, and offer services that I can't afford or do not want, they don't get my money and support. If they want to use DRM, they won't get my support. If they care that I got a copy of the album from a friend before I purchased it, I will lose a lot of respect for them and they won't get my
My problem with the big labels and RIAA is that they assert too much control over the artists for my taste.
Even though Radiohead did offer the downloads for free, many sites redistributed copies of it (including The Pirate Bay, as well as several private sites I won't mention). So these users had a choice to download it for free legitimately and chose to pirate it. This could be because they didn't know it was available for free, because they prefer downloading through other channels, or for a variety of other reasons.
I purchased the hard-copy and download from them, because they put a lot of effort into their releases, both the music and the presentation. I also purchased Saul William's 'NiggyTardust' album in FLAC (I'm one of those lossless freaks the U2 guy mentioned). I will support any artist that I enjoy and chooses to be liberal and open with their music releasing.
1-2 days? That sounds seriously lagged. Either there are serious bandwidth issues with the seeders, or you aren't using the correct site. It isn't uncommon to see pre-air releases and pilots on Usenet/torrent sites, so sometimes you get it well before it is broadcast. You also have the advantage of getting it from any market, and sometimes (but rarely) schedules in other countries (Canada and Australia come to mind), will lead to releases even a few hours early.
After air in the east coast, I expect it to be available online in 10 minutes. Generally I can have it downloaded in 20 minutes or so, for ~350 MiB episodes. Again, this is a second hand copy. I assume that someone grabs the scene release off of somewhere (Usenet/ftp) and then seeds the torrent.
If they broadcast it through my airwaves, I don't have a problem downloading it. That's my rationalization.:-)
"We've built some interesting applications for Android, but the best applications are not here yet, and that's because they're going to be written by developers," It seems that most of Skyne^WGoogle's code has been written by robots so far. WATCH OUT!
Seriously though, there is at least some overlap for some of those. 4chan was started by a goon, no? We're all one happy family. Except eBaums and whatever the fuck YTMND is.
Slashdot Mirror
At the end of the day, people got on and made comments they shouldn't have made on the airplane, and other people heard them,
Other people heard them, misconstrued them. It just so happened these people were of Muslim faith and appearance. It escalated, it got out of hand and everyone took precautions.
So wait, you can't talk about airport security at the airport? That's all I talk about on the airlines. After hours of waiting, being stripped of liquids for no reason, having to take of your shoes, it kind of is the elephant in the room.
It seems likely that they were given special attention because of their appearance, accent, culture, et cetera. Personally, I'm not expecting anyone, especially the airline to admit this.
Honestly, being a casual Linux user, sound card support is not the defining factor holding back Linux adoption. While Ubuntu goes a long way to improving the user experience with Linux, even to get it to a 'standard' setup, I needed to use the console no less than 5 times. That's *needed* to, there was no GUI way to do what I was trying to do.
While I personally have no problem doing that, I shudder at the idea of talking someone like my father through it. The day that I can combine Linux stability with ease of use... that will be the year of the Linux desktop. Driver integration and support goes a long way to doing that, and a flushed out menu system will put it over the top.
What does your father do that requires editing configuration files or using a shell interface on Ubuntu 8.10?
tl;dr
Most of the devices that you mentioned don't give you details of the status of the OS (cpu, memory, port utilization, et cetera). This is the kind of relationship you have with a black-box. You can put a bug request in, and maybe even send them logs or core dumps, if the device supports it.
I've only run openwrt or some other open-source firmware for a while now, and I have been happy with performance and the fact that I can see what is going on on the device I own.
My current setup is:
OpenWrt White Russian - With X-Wrt Extensions 0.9
Linux 2.4.30 #1 Thu Feb 22 13:58:48 EST 2007
Linksys WRTSL54GS
Broadcom BCM947XX
My usage is:
1 Mac, two Linux laptops, one Windows desktop and a Linux server. Moderate bittorrent usage (both Azureus and rtorrent), in addition to frequent outbound ssh connections (X11, rsync, vnc), Citrix and SSL/IPSec VPNs. Absolutely no uPnP or Rendezvous.
I think the biggest issue here, is that police and other criminology people are concerned that if a computer tech stumbles across illegal information on a computer, that since they are not a licensed private investigator, the evidence cannot in any way be used. Even if say, it's for a child-pornography case. "Your evidence was siezed improperly, sorry, but it's excluded, next time do things the right way!"
I guess that we should also make anyone who develops photos get a PI license as well. That's a great way to boost salaries at Walmart.
Engineering, building and maintaining the plant should employ a fair amount of people. Maybe with manufacturing jobs (among others) going overseas, that will be enough for people to change their minds about what they have in their backyards.
The fact that they chose license X instead of Y only means that they didn't want to enforce this particular behavior in the license. It does not mean that they wouldn't like to see bug fixes and feature enhancements flow back into the community, or think that it isn't the right thing for the company to do.
Some of my cow-orkers argue that if they were to fix a bug for a user (in GPL'd code) and deliver a compiled copy of it (as opposed to source to be built by the user) and then lose the code in the future, their license to distribute the code could be in violation of GPLv2 requirement 3 part b.
So you may be trying to read too much into people's license choice. Maybe the fact that the license is more complex and adhering to the rules in it distracts the licensor from the fun of coding.
I don't think that any corn growers are wondering what to do with their product these days, what with ethanol production ramping up everywhere and driving the price up.
Uh, did you RTFA? Brooks is the one that discovered the issue, not the coder.
One aspect of the IronKey that makes it appealing is the protection from an off-line dictionary attack. Only once you have successfully authenticated with your key does it decrypt the flash drive and present it to the OS. It also will simply stop working with a certain number of authentication attempts failing and is fully potted to allow it to be able to resist physical tampering.
It seems to use a randomly generated key (cryptographically the best thing that you can do) to encrypt the flash memory. This doesn't prevent anything, but ensures that having a weak password will not make an off-line dictionary attack any easier.
Finally, only the authentication protocol has to be ported when this needs to be moved to a new OS or platform.
If you don't have a need for this level of paranoia, then simply say so. If you think that TrueCrypt and BestCrypt with a random thumb-drive are equals to this, do your homework. They seem to have put in a decent amount of time thinking this through. I think that IronKey should be given some credit for their product.
The only practical attack against it is a keylogger. If you wanted to make the device more fragile, but fix this whole you could have six random digits on an LCD on the device that cycle every minute or so (like a SecurID). This could be a pre-fix or a suffix to that is verified by the chip and can't be snooped by having a keylogger. Anyone who implements this, please send me a freebie.
How long do you think that it would take to run enough CAPTCHAs to get all of the images if there are 10k images? 100k images? 1m? Now compare the amount of CAPTCHAs that can be generated with a large dictionary of words and just a few transformations and no randomness. Now add randomness. Generated CAPTCHAs can't be indexed, pictures can.
Maybe you could combine the two. A mangled question like 'Select two cats with green backgrounds.', 'Select less than two frogs that are wearing hats.' with check boxes to select the correct images. This type of activity would have to be kept simple, but can be automatically generated and should be effective longer. The more thought that has to be done, the less easy it will be to solve with a computer.
Maybe someday we will have to select a game to play, and end up playing solitaire or hearts to be able to register an account.
Man you are stupid. Broadband is teh intarweb.
That's fucking great. :-) Mod parent up.
If the hardware device is any good, it isn't relying on the obscurity of the algorithm as it's security strength. It should be able to stand up to an attack even with a significant (hundreds of thousands) number of known tokens. If that is the case, then you need the seed (IV) of the token you want to impersonate in order to do any damage. That key should be protected like a regular key, and should be resistant to tampering (i.e potted, designed to fail if it is tampered with).
:-)
Now most sites that would be doing this will be using SSL with certificates signed by a 'respected' cert provider. If that is the case, the likelihood of getting enough tokens to launch an attack is greatly reduced.
So put away the tin-foil hat. This isn't a MAC address.
:-) Mod parent up.
Phones are a bad example of lock-in, in my opinion. Microsoft's monopoly and the software industry is the best example of lock-in, hands down. Beyond that, corporate IT is the next best place to find vendors participating in this business strategy.
The way I figure it, you have two sites. OinkA and OinkB. OinkA has the even bits, a UUID and the sha1sums, OinkB has the odd bits, a matching UUID and thesha1sums. Someone writes a very simple merge script.
i can has a loophole?
I can't really agree with you there. A lot of the bands that I listen to (the IDM scene), I will never see in concert. They rarely tour, and it is mostly in Europe anyways.
It is the artists choice as to how they want to make money. If they want to sell CDs for cheap and tour, so be it. If they want to sell their CDs for $1,000 and never tour, they are welcome to. They should be in control of the product that they want to offer. If they choose to screw around with my unwritten contract with them, and offer services that I can't afford or do not want, they don't get my money and support. If they want to use DRM, they won't get my support. If they care that I got a copy of the album from a friend before I purchased it, I will lose a lot of respect for them and they won't get my
My problem with the big labels and RIAA is that they assert too much control over the artists for my taste.
Even though Radiohead did offer the downloads for free, many sites redistributed copies of it (including The Pirate Bay, as well as several private sites I won't mention). So these users had a choice to download it for free legitimately and chose to pirate it. This could be because they didn't know it was available for free, because they prefer downloading through other channels, or for a variety of other reasons.
I purchased the hard-copy and download from them, because they put a lot of effort into their releases, both the music and the presentation. I also purchased Saul William's 'NiggyTardust' album in FLAC (I'm one of those lossless freaks the U2 guy mentioned). I will support any artist that I enjoy and chooses to be liberal and open with their music releasing.
1-2 days? That sounds seriously lagged. Either there are serious bandwidth issues with the seeders, or you aren't using the correct site. It isn't uncommon to see pre-air releases and pilots on Usenet/torrent sites, so sometimes you get it well before it is broadcast. You also have the advantage of getting it from any market, and sometimes (but rarely) schedules in other countries (Canada and Australia come to mind), will lead to releases even a few hours early.
:-)
After air in the east coast, I expect it to be available online in 10 minutes. Generally I can have it downloaded in 20 minutes or so, for ~350 MiB episodes. Again, this is a second hand copy. I assume that someone grabs the scene release off of somewhere (Usenet/ftp) and then seeds the torrent.
If they broadcast it through my airwaves, I don't have a problem downloading it. That's my rationalization.
I just wanted to mention that Niggytardust, the new album by Saul Williams (produced by Trent Reznor) is available online. There are two options:
1) Pay nothing. (192kbps mp3)
2) Pay $5. (192kbps mp3, 320kbps mp3 or FLAC)
http://niggytardust.com/
I got the FLAC, haven't listened to it yet.
Thanks, but refusing to follow the link. I just don't care what it is. I read about it on Encyclopedia Dramatica, and it sounds lame.
Anonymous,
Do you have sauce for that? Or at least a name.
Seriously though, there is at least some overlap for some of those. 4chan was started by a goon, no? We're all one happy family. Except eBaums and whatever the fuck YTMND is.
kthxbye
Actually, the GP was doing you a favor. You probably don't want to visit http://4chan.org./