I tried to do the math. I don't have all the numbers, but I can still do a reasonable approximation. Assuming 8k*4k at 24bits per pixel and 100 frames per second you get 8*4*24*100Mbit/s=76.8Gbit/s. So it should be quite feasible to push a single uncompressed 4k stream over 100Gbit/s. There may very well be other issues such as what sort of hardware you need to process it, and maybe you need multiple streams over the same wire.
why couldn't NASA guarantee an annuity to their families shouldn't they return home?
I don't think it would have been so detrimental for NASA's balance sheet...
I agree, that's what NASA should have done. But even if they didn't guarantee it beforehand, they might still be able to provide the funds after the fact. Is there any documentation on what happened in those (three?) cases where NASA missions did result in fatalities?
Why do you even need a different set of packages installed? It is supposed to be possible to have a different UI per user. Why can't they just make the choice at login time work well enough, that they don't feel the need to make different distributions?
A few things break if you use a different desktop environment than the one the display manager came from. For example switch user and log out and shut down options tend to break. I don't know why, because both KDE and Gnome support it, so how come it doesn't work when you mix the two?
"reaction between aluminium and water" means what it says.
But since it only said that the water acted as fuel, the aluminium must play a different role in the reaction. That's why I think it gives the impression the aluminium is a catalyst in the reaction.
You know as clearly stated in the article and the summary.
The summary gives the impression that aluminium acts as catalyst in a chemical reaction that produce bubbles of hydrogen by consuming water as fuel. But we know that cannot be true, as that would imply they are extracting energy from an endothermic reaction.
More likely it is actually consuming aluminium as fuel and using water as oxidant. But that is certainly not clearly stated in the summary.
BS -- the ad revenue is a result of publishing news good enough to entice users to read the articles.
I was being a bit sarcastic. Though I do believe that news media are trying to attract readers to boring articles through the use of sensationalistic headlines. Additionally, I have heard from at least one reliable source, that if the actual content on a page was of poor quality, then users making it to the page were more likely to click on the ads.
But of course I don't think news media are entitled to getting attention on those articles, that are of no interest to the readers. And if we can get to a situation, where the exposure a page gets is proportional with the quality of the content, then that is a huge step in the right direction.
a TV viewer who changes channels because a show is boring. Boring content, no ad revenue.
It doesn't work exactly that way for webpages. For some users, the fastest way away from a boring page is clicking on one of the ads on the page. Sure, that may take them to another even more boring page, but the publisher of the first boring page made some money. TV is different, a boring TV show does not give more exposure to the ads on that channel.
So, there are multiple factors affecting the revenue of a news media. I hope better articles does improve the revenue. But as long as there are media who think there are easier ways to improve revenue than by improving quality, then we will hear stories like this one.
The main problem with GPS is people who try to program them while they're driving
Some GPSes try to prevent that, but introduces new problem by doing so. They will detect that the car is moving and disable some of the functions on the GPS. If you try to do things safely by having the person in the passenger seat update the GPS, then it will still refuse. So suddenly the driver is forced to quickly find a place he can stop the car, such that the passenger can update the GPS. That's certainly not improving security.
Yes, because I didn't find anything of interest during the skimming.
But users who don't find anything of interest in the article are supposed to click on the ads, which the news site put on the page. Every time a user doesn't go to the article because it isn't interesting, the news site is losing ad revenue. I don't know if they think they were entitled to that ad revenue in the first place, but I'm sure they can find a way to argue, that they were.
Are their other products as reliable as Hamachi? Hamachi is known to make parts of the Internet inaccessible. From what I have read on various websites, this problem will be there as soon as the software is installed. Even if it looks as the software is not currently running, the component, which breaks your internet connection is allegedly still active. And if you are not careful, that part of the software may remain on the computer after attempting to uninstall the package.
You have a separate "supervisor" board that moderates among the computers.
And then that board becomes a single point of failure.
In a case like that, you only need 3 for Damned Good Redundancy
3 computers and a supervisor? That's already 4 components.
If you want to handle t arbitrary node failures, then you need at least 3t+1 nodes in total. Whether you call the nodes for computers or supervisor boards doesn't change that fact. If you have t failures among 3t or fewer total nodes, then the failures can happen in a way that cause the functional units to receive so inconsistent information, that they are unable to do anything meaningful. It is a case of byzantine agreement.
Any system designed to handle failures of one third or more components is making assumptions about how the failed components behave. If the failed components behave differently than the assumption, it takes even fewer failures to break the entire system.
What is not clear from the article, is how independent these computers are. E.g. what would happen if the upgrade fails partially, with the main computer trying to take over the craft, while the backup computer is still on the original program.
That's always a risk if you have two computers for redundancy. To completely solve that problem, you need four computers. But the algorithms for coordinating in such a scenario are complicated. So it might be safer to rely on systems being able to use the proper computer, with just two present. If you had a 3 out of 4 setup with the four computers running identical software, it only takes one software bug to bring down the system.
they have made mistakes in updating from Earth to Mars before.
Sounds like it was not just a software update gone wrong but rather some mechanical problem which they were trying to work around. It was nothing like the usual bricking problem, where a firmware update overwrites code which is needed to perform future firmware updates.
The rovers have several mechanisms to make it safer to update firmware remotely. But ultimately a combination of multiple unfortunate events can still lead to the loss of a rover. And one of those events may have been human error. From the description it sounds like mechanical problems with the solar panel, combined with two cases of human error in coordination of updates, another case of human error trying to correct the previous human errors, an unfortunate condition triggering a latent problem introduced by previous errors, and finally ending up in a position causing the battery to overheat, and loss of power being the ultimate reason it was impossible to adjust the previous mistakes.
They can charge a premium for a business plan which offers official support for servers, and generally grants an unfiltered connection with a static IP. Why cut yourself out of that mark up?
This is Google. When did Google ever enter a market with the intention to do something similar to the rest of the industry? Is Google even offering a business plan at a higher price? If they are not, then the argument does not apply to Google. And they already stated this is an experiment just to see what can develop as a result of sufficient bandwidth being available at home, they did not start the project because they wanted to be an ISP. With that in mind why would Google want to put such restrictions on the customers? If they truly want this experiment to lead to new ways of using the net, then putting restrictions in the contract just because the rest of the industry is doing it is defeating the purpose.
Though the project is an experiment it doesn't mean the prices are necessarily set so low that it is going to be a net loss for Google. I'd hope they are at least aiming for a break even. If they are building a network that no ISP could replicate and make money of, then whatever comes out of the experiment is not worth all that much to anybody (except from the few people that got cheap Internet connectivity).
It sounds like the way this works, the server will need to know what the password is in order to produce the combined sequence. Doesn't that make it weaker than ordinary passwords? And if you repeatedly get the same random sequence, over time you'll learn that as well. OTOH if you get different random sequences, then it would be possible to extract the original sequence. Did I miss something here?
I would prefer all of the guilty people go free over convicting one innocent.
That's just another way of saying you don't want anybody to go to jail ever regardless of what the evidence shows. Because you can never be 100% sure the person is guilty.
I think "beyond reasonable doubt" is interpreted as ~75% of guilty convictions are sound.
If that is indeed true, then the system is seriously screwed up. The question is "just" another case of deciding the cost of a false negative vs. a false positive. If you want one of them to be at 0% you'll have to accept the other going to 100%. But as long as you accept that both probabilities will be above 0%, then you can decide how you want to balance them.
However it doesn't stop there. Even if you have decided how you want those two ratios to look compared to each other, there is still room for improvement. Putting more effort into finding and evaluating evidence can in fact drive down both the risk of false positives and the risk of false negatives. And an uncertainty that causes an incorrect outcome in anything close to 25% of cases doesn't sound acceptable.
Is it possible to get a correct outcome in more than 99% of cases? I don't know, but it sounds like a goal worth striving for. However the percentage of cases with an incorrect outcome is only the correct measure if you consider the cost of a false negative and a false positive to be the same. Most people don't.
So could it be that the 75% figure you have been told perhaps meant something else. I can think of three other interpretations of that number, every one of which would be more sensible than the exact wording you used.
If 75% of cases where the person on trial is guilty also ends with the person being found guilty, then that might actually be a system working out the way we want it to. If that is the case, then there is still the question of how large a percentage of the cases where the person is innocent ends with the person being found guilty. You cannot judge the 75% without knowing the other answer. If the other answer is a lot less than 1% of innocent people being found guilty, then the system sounds reasonably well.
The 75% could also be the probability of the person being guilty that is required before the court will find the person to be guilty. Whether that threshold is right can be discussed. But where you put the threshold is in no way related to how often the court reaches the correct conclusion. If in the majority of the cases the evidence can say with 99% probability whether the person is guilty or not, then changing the 75% threshold is only going to affect a very small fraction of cases.
It could also have meant that 75% of the cases where the court reaches an incorrect decision, it let a guilty person go free (and in the other 25% an innocent person is convicted). But talking about this percentage is not very meaningful if you don't know how large a percentage of cases where the court reaches the correct outcome.
The last interpretation may sound like we'd rather let three guilty person go three than convict one innocent, though it doesn't translate exactly to that.
it's better for the guilty to go free than the innocent to wrongly lose their freedom.
It's a reasonable principle, but it may be a bit too simplistic. So you'd rather let one guilty go free than have one innocent person convicted. What if it was not just one guilty you had to let go free, but say two, would you still say it was better? How many guilty would have to go free, before it was better to let one innocent person get convicted?
If the number you answer is high enough, then the logical consequence is to let everybody go free regardless of evidence.
Is it always better to let one guilty go free, than take away one innocent persons freedom? If you let a likely serial killer go free, he might murder another innocent person. So the choice might be between an innocent person losing his freedom or another innocent person losing her life. That makes the choice look less clear.
I don't say I have the answers to what is right and what is wrong, but I do have some of the questions.
If you don't control that border router, then even if everything else is compromised, the data can't leave undetected.
You should research how covert channels work, before you pretend to know about it.
By slightly, you mean impossibly more tricky if the router isn't compromised.
No, you are wrong. That is not what I mean. I already explained how it could be done, I don't understand how you can misread that as it being impossible.
The bit is either there, or it isn't there. You can't hide that fact if you have properly setup your equipment and laid out your network with that in mind.
You are making the assumption that the receiving end at some hop of the communication know what value that bit is supposed to have. If you assume, this hop know what every bit it receives should have been, then there is no point in sending the bits in the first place, because the receiver already knows, and can pass it on without receiving it first. So your assumption is clearly wrong.
Communication protocols have lots of fields that the sender can initialize however it please. Some of those fields are specifically supposed to be random. No amount of inspecting such packets can reveal if the bits are actually random.
Anyone with the capability of analyzing and reverse-engineering thousands of ICs would need deep pockets
No need to look at thousands of ICs. Looking at a few of the most interesting targets is still going to be valuable.
A hacking group won't have the resources, even a well-funded one. You're talking about several hundred highly trained engineers from a dozen different disciplines working for years on the project
I know one person who using just off the shelf equipment was able to read the ROM from a microcontroller in his sparetime. All it took was a cheap microscope and a webcam.
There still has to be some method of communicating the information back, and they can't compromise the entire communications chain, which is what would be required.
Covert channels can be very hard to detect. You don't need to compromise the entire chain. You just need to piggyback on a legitimate communication for hops between compromised equipment. For example VPN hardware could piggyback on legitimate connections by using some encrypted data instead of random values for sending packets over the Internet. A compromised router anywhere on the path the VPN connection takes could pick out the data. Now the data is on a router on the public Internet. There are plenty of ways to get the data from there. First of all the attacker could very well have a legitimate connection going through that router, now it just needs a covert channel to send data from that router.
Sending data from the router without risk of being noticed is slightly more tricky. The question is, would you take the risk of modifying packets in the hope that nobody is actually comparing the packets going into the router and out of the router? If you modified the IPID field of every packet going through the router, that would produce a feasible covert channel. It would not be immediately detected, but would be visible if you carefully inspected the traffic. Notice that it would not be sufficient to look at the traffic through the router in a lab before deployment, because the router wouldn't be sending any covert data until instructed to do so.
A more stealth method would be to just use the IPID field of packets generated by the router. There is no incoming packet to compare against. But extracting data that way without being visible takes time. You can run a traceroute that happen to pass through the router, then it will need to send three response packets (with the common settings). Each time you run a traceroute passing through that router, you could extract 6 bytes of data.
China would have to be very stupid to leverage such an intelligence asset for peanuts; It's basically a one-shot, and it would cost them billions in telecommunications contracts domestically.
Valid point, however even if it was noticed, it would be hard to prove who was behind.
It didn't. There are still being made movies in 3D, an people are watching them. I'm not so sure about the 3D remakes of the most popular movies from the last two decades. I suppose some people are going to watch them. But I don't see myself going to the cinema to watch a movie, I have seen years ago, just because they now show it in 3D.
New technology has been coming to the movies before, and now we take it for granted. You don't go to the cinema just for the technology, but the experience wouldn't be the same without the technology. What did people say when the industry started making movies with speech, stereo sound, colours, surround sound, digital projection? I am pretty sure all of them have been said to be just about fancy technology and taking focus away from the story. But the critique of those technologies is mostly gone. I expect it to go the same way with 3D movies.
Of course there will always be a minority that criticise the technology. There are still people who criticise all digital sounds and says analogue sound is better.
A representative of a manufacturer told me that their 3D glasses filter UV the same way and have the same effect on polarized light (e.g. minimizing reflections for driving)
I think he was mistaken. I don't think it is physically possible. I am no export on quantum physics, but most likely neither was that representative.
They are comfortable, not very expensive, work in the theater and double as sunglasses.
I'm not so sure about the last part. The polarisation requirement for sunglasses is very different from the requirement for 3D glasses. Is it physically possible to make glasses, that can achieve both? I think the uncertainty principle would work against you. A pair of 3D glasses could be made to do everything a pair of sunglasses would do for you, except from blocking horizontal reflections. The page you link to says: "we do not recommend these 3D glasses for extended outdoor usage"
Or until we have REAL 3D breakthrough where your can walk around a solid appearing image to see it from different perspectives, without glasses.
No pragmatic person will ask for such technology today. There is nothing wrong with researching, but it will take many years before we see any feasible technology for that.
A more reasonable request is more standardized 3D glasses and better quality. There are many people who wear glasses all the time in order to be able to see anything at all. Glasses made for that are more comfortable to wear. Let's have 3D glasses that are as comfortable to wear as ordinary glasses. And let's have 3D glasses suitable for people who need glasses, such that those people don't have to wear two pair of glasses on top of each other in order to watch a 3D move. Fix those two things, and 3D technology will become more popular.
I find 3D equipment for home usage to be less convincing than 3D equipment for the cinema. I still haven't seen any equipment for home usage moving away from active glasses. Produce an LCD with circular polarization for 3D, and I will be much more interested in buying it. Even more so if I can buy a good pair of 3D glasses for it, and use the same good pair of 3D glasses in the cinema.
It seems to me that routing based on header is doing entirely the wrong thing.
But that is something you need to support as long as multiple domains are hosted on the same IP address. Lots of things gets easier if you can have a separate IP address for each domain you want to host. But there has been a shortage of IP addresses.
However there is a solution. You just have to move to IPv6, then you will no longer have a shortage on IP addresses. So what if some people find themselves in a situation where they cannot deploy SPDY on IPv4 (because of limitations in their proxies)? I don't see how that is a bad thing. They can keep using plain HTTP for IPv4 users and SPDY for IPv6 users, where there is no need to host multiple domains on a single IP address.
You might think it is a problem to have this difference between the IPv4 deployment and the IPv6 deployment. It is not a problem, it is a little bit of extra work, but any transitioning is a little bit of extra work. For any domain where you want to have dual stack support, you have to host the IPv4 and IPv6 version of the site on different IP addresses (that's sort of obvious, but needs to be pointed out to make the rest of the argumentation clearer). You can make your two (or more) domains resolve to the same IPv4 address, which is your HTTP proxy, additionally you can make the domains resolve to different IPv6 addresses, which are routed either directly to webservers or through some loadbalancer. You don't need to ever route the IPv6 addresses to the HTTP proxy, it can be routed to a load balancer that only knows TCP and none of the higher levels.
IPv4 support doesn't have to be a design goal in a new protocol designed today. Before a new standard can be agreed upon another continent or two will have run out of IPv4 addresses. There may still be other arguments against SPDY.
By chaining the hash's the way you have the potential for a collision attack is the sum of the parts.
At least that statement is easily falsifiable. Even if a collision happened in the innermost hash, then that value is going to be concatenated with the salt and password before being hashed again. Thus the combined hash can only collide if the outermost did. That means in terms of collision resistance the combination is at least as secure as the outermost hash. And the outermost hash is supposed to be one which has had sufficient review to be expected to be collision resistant.
Chaining may actually increase the chances of a collision, but at least chaining the same hash doesn't combine the weaknesses of two hashs.
The entire point of the construction is to shield you against most of the possible vulnerabilities in the innermost hash. The outermost hash is supposed to be one which is believed to be collision resistant, and the only reason you didn't use that one alone is that you feel it is too fast.
Proving the combination is collision resistant is the easy part. The hard part is to prove that given a hash you cannot compute the password without computing the entire input to the outermost hash.
He comes off as more interested in demonstrating how l33t he is
Then he failed. Anybody can make extreme statements without proof.
Slashdot Mirror
I tried to do the math. I don't have all the numbers, but I can still do a reasonable approximation. Assuming 8k*4k at 24bits per pixel and 100 frames per second you get 8*4*24*100Mbit/s=76.8Gbit/s. So it should be quite feasible to push a single uncompressed 4k stream over 100Gbit/s. There may very well be other issues such as what sort of hardware you need to process it, and maybe you need multiple streams over the same wire.
I agree, that's what NASA should have done. But even if they didn't guarantee it beforehand, they might still be able to provide the funds after the fact. Is there any documentation on what happened in those (three?) cases where NASA missions did result in fatalities?
Why do you even need a different set of packages installed? It is supposed to be possible to have a different UI per user. Why can't they just make the choice at login time work well enough, that they don't feel the need to make different distributions?
A few things break if you use a different desktop environment than the one the display manager came from. For example switch user and log out and shut down options tend to break. I don't know why, because both KDE and Gnome support it, so how come it doesn't work when you mix the two?
But since it only said that the water acted as fuel, the aluminium must play a different role in the reaction. That's why I think it gives the impression the aluminium is a catalyst in the reaction.
The summary gives the impression that aluminium acts as catalyst in a chemical reaction that produce bubbles of hydrogen by consuming water as fuel. But we know that cannot be true, as that would imply they are extracting energy from an endothermic reaction.
More likely it is actually consuming aluminium as fuel and using water as oxidant. But that is certainly not clearly stated in the summary.
I was being a bit sarcastic. Though I do believe that news media are trying to attract readers to boring articles through the use of sensationalistic headlines. Additionally, I have heard from at least one reliable source, that if the actual content on a page was of poor quality, then users making it to the page were more likely to click on the ads.
But of course I don't think news media are entitled to getting attention on those articles, that are of no interest to the readers. And if we can get to a situation, where the exposure a page gets is proportional with the quality of the content, then that is a huge step in the right direction.
It doesn't work exactly that way for webpages. For some users, the fastest way away from a boring page is clicking on one of the ads on the page. Sure, that may take them to another even more boring page, but the publisher of the first boring page made some money. TV is different, a boring TV show does not give more exposure to the ads on that channel.
So, there are multiple factors affecting the revenue of a news media. I hope better articles does improve the revenue. But as long as there are media who think there are easier ways to improve revenue than by improving quality, then we will hear stories like this one.
Some GPSes try to prevent that, but introduces new problem by doing so. They will detect that the car is moving and disable some of the functions on the GPS. If you try to do things safely by having the person in the passenger seat update the GPS, then it will still refuse. So suddenly the driver is forced to quickly find a place he can stop the car, such that the passenger can update the GPS. That's certainly not improving security.
But users who don't find anything of interest in the article are supposed to click on the ads, which the news site put on the page. Every time a user doesn't go to the article because it isn't interesting, the news site is losing ad revenue. I don't know if they think they were entitled to that ad revenue in the first place, but I'm sure they can find a way to argue, that they were.
Are their other products as reliable as Hamachi? Hamachi is known to make parts of the Internet inaccessible. From what I have read on various websites, this problem will be there as soon as the software is installed. Even if it looks as the software is not currently running, the component, which breaks your internet connection is allegedly still active. And if you are not careful, that part of the software may remain on the computer after attempting to uninstall the package.
And then that board becomes a single point of failure.
3 computers and a supervisor? That's already 4 components.
If you want to handle t arbitrary node failures, then you need at least 3t+1 nodes in total. Whether you call the nodes for computers or supervisor boards doesn't change that fact. If you have t failures among 3t or fewer total nodes, then the failures can happen in a way that cause the functional units to receive so inconsistent information, that they are unable to do anything meaningful. It is a case of byzantine agreement.
Any system designed to handle failures of one third or more components is making assumptions about how the failed components behave. If the failed components behave differently than the assumption, it takes even fewer failures to break the entire system.
That's always a risk if you have two computers for redundancy. To completely solve that problem, you need four computers. But the algorithms for coordinating in such a scenario are complicated. So it might be safer to rely on systems being able to use the proper computer, with just two present. If you had a 3 out of 4 setup with the four computers running identical software, it only takes one software bug to bring down the system.
Sounds like it was not just a software update gone wrong but rather some mechanical problem which they were trying to work around. It was nothing like the usual bricking problem, where a firmware update overwrites code which is needed to perform future firmware updates.
The rovers have several mechanisms to make it safer to update firmware remotely. But ultimately a combination of multiple unfortunate events can still lead to the loss of a rover. And one of those events may have been human error. From the description it sounds like mechanical problems with the solar panel, combined with two cases of human error in coordination of updates, another case of human error trying to correct the previous human errors, an unfortunate condition triggering a latent problem introduced by previous errors, and finally ending up in a position causing the battery to overheat, and loss of power being the ultimate reason it was impossible to adjust the previous mistakes.
This is Google. When did Google ever enter a market with the intention to do something similar to the rest of the industry? Is Google even offering a business plan at a higher price? If they are not, then the argument does not apply to Google. And they already stated this is an experiment just to see what can develop as a result of sufficient bandwidth being available at home, they did not start the project because they wanted to be an ISP. With that in mind why would Google want to put such restrictions on the customers? If they truly want this experiment to lead to new ways of using the net, then putting restrictions in the contract just because the rest of the industry is doing it is defeating the purpose.
Though the project is an experiment it doesn't mean the prices are necessarily set so low that it is going to be a net loss for Google. I'd hope they are at least aiming for a break even. If they are building a network that no ISP could replicate and make money of, then whatever comes out of the experiment is not worth all that much to anybody (except from the few people that got cheap Internet connectivity).
It sounds like the way this works, the server will need to know what the password is in order to produce the combined sequence. Doesn't that make it weaker than ordinary passwords? And if you repeatedly get the same random sequence, over time you'll learn that as well. OTOH if you get different random sequences, then it would be possible to extract the original sequence. Did I miss something here?
That's just another way of saying you don't want anybody to go to jail ever regardless of what the evidence shows. Because you can never be 100% sure the person is guilty.
If that is indeed true, then the system is seriously screwed up. The question is "just" another case of deciding the cost of a false negative vs. a false positive. If you want one of them to be at 0% you'll have to accept the other going to 100%. But as long as you accept that both probabilities will be above 0%, then you can decide how you want to balance them.
However it doesn't stop there. Even if you have decided how you want those two ratios to look compared to each other, there is still room for improvement. Putting more effort into finding and evaluating evidence can in fact drive down both the risk of false positives and the risk of false negatives. And an uncertainty that causes an incorrect outcome in anything close to 25% of cases doesn't sound acceptable.
Is it possible to get a correct outcome in more than 99% of cases? I don't know, but it sounds like a goal worth striving for. However the percentage of cases with an incorrect outcome is only the correct measure if you consider the cost of a false negative and a false positive to be the same. Most people don't.
So could it be that the 75% figure you have been told perhaps meant something else. I can think of three other interpretations of that number, every one of which would be more sensible than the exact wording you used.
If 75% of cases where the person on trial is guilty also ends with the person being found guilty, then that might actually be a system working out the way we want it to. If that is the case, then there is still the question of how large a percentage of the cases where the person is innocent ends with the person being found guilty. You cannot judge the 75% without knowing the other answer. If the other answer is a lot less than 1% of innocent people being found guilty, then the system sounds reasonably well.
The 75% could also be the probability of the person being guilty that is required before the court will find the person to be guilty. Whether that threshold is right can be discussed. But where you put the threshold is in no way related to how often the court reaches the correct conclusion. If in the majority of the cases the evidence can say with 99% probability whether the person is guilty or not, then changing the 75% threshold is only going to affect a very small fraction of cases.
It could also have meant that 75% of the cases where the court reaches an incorrect decision, it let a guilty person go free (and in the other 25% an innocent person is convicted). But talking about this percentage is not very meaningful if you don't know how large a percentage of cases where the court reaches the correct outcome.
The last interpretation may sound like we'd rather let three guilty person go three than convict one innocent, though it doesn't translate exactly to that.
It's a reasonable principle, but it may be a bit too simplistic. So you'd rather let one guilty go free than have one innocent person convicted. What if it was not just one guilty you had to let go free, but say two, would you still say it was better? How many guilty would have to go free, before it was better to let one innocent person get convicted?
If the number you answer is high enough, then the logical consequence is to let everybody go free regardless of evidence.
Is it always better to let one guilty go free, than take away one innocent persons freedom? If you let a likely serial killer go free, he might murder another innocent person. So the choice might be between an innocent person losing his freedom or another innocent person losing her life. That makes the choice look less clear.
I don't say I have the answers to what is right and what is wrong, but I do have some of the questions.
You should research how covert channels work, before you pretend to know about it.
No, you are wrong. That is not what I mean. I already explained how it could be done, I don't understand how you can misread that as it being impossible.
You are making the assumption that the receiving end at some hop of the communication know what value that bit is supposed to have. If you assume, this hop know what every bit it receives should have been, then there is no point in sending the bits in the first place, because the receiver already knows, and can pass it on without receiving it first. So your assumption is clearly wrong.
Communication protocols have lots of fields that the sender can initialize however it please. Some of those fields are specifically supposed to be random. No amount of inspecting such packets can reveal if the bits are actually random.
No need to look at thousands of ICs. Looking at a few of the most interesting targets is still going to be valuable.
I know one person who using just off the shelf equipment was able to read the ROM from a microcontroller in his sparetime. All it took was a cheap microscope and a webcam.
Covert channels can be very hard to detect. You don't need to compromise the entire chain. You just need to piggyback on a legitimate communication for hops between compromised equipment. For example VPN hardware could piggyback on legitimate connections by using some encrypted data instead of random values for sending packets over the Internet. A compromised router anywhere on the path the VPN connection takes could pick out the data. Now the data is on a router on the public Internet. There are plenty of ways to get the data from there. First of all the attacker could very well have a legitimate connection going through that router, now it just needs a covert channel to send data from that router.
Sending data from the router without risk of being noticed is slightly more tricky. The question is, would you take the risk of modifying packets in the hope that nobody is actually comparing the packets going into the router and out of the router? If you modified the IPID field of every packet going through the router, that would produce a feasible covert channel. It would not be immediately detected, but would be visible if you carefully inspected the traffic. Notice that it would not be sufficient to look at the traffic through the router in a lab before deployment, because the router wouldn't be sending any covert data until instructed to do so.
A more stealth method would be to just use the IPID field of packets generated by the router. There is no incoming packet to compare against. But extracting data that way without being visible takes time. You can run a traceroute that happen to pass through the router, then it will need to send three response packets (with the common settings). Each time you run a traceroute passing through that router, you could extract 6 bytes of data.
Valid point, however even if it was noticed, it would be hard to prove who was behind.
It didn't. There are still being made movies in 3D, an people are watching them. I'm not so sure about the 3D remakes of the most popular movies from the last two decades. I suppose some people are going to watch them. But I don't see myself going to the cinema to watch a movie, I have seen years ago, just because they now show it in 3D.
New technology has been coming to the movies before, and now we take it for granted. You don't go to the cinema just for the technology, but the experience wouldn't be the same without the technology. What did people say when the industry started making movies with speech, stereo sound, colours, surround sound, digital projection? I am pretty sure all of them have been said to be just about fancy technology and taking focus away from the story. But the critique of those technologies is mostly gone. I expect it to go the same way with 3D movies.
Of course there will always be a minority that criticise the technology. There are still people who criticise all digital sounds and says analogue sound is better.
A representative of a manufacturer told me that their 3D glasses filter UV the same way and have the same effect on polarized light (e.g. minimizing reflections for driving)
I think he was mistaken. I don't think it is physically possible. I am no export on quantum physics, but most likely neither was that representative.
I'm not so sure about the last part. The polarisation requirement for sunglasses is very different from the requirement for 3D glasses. Is it physically possible to make glasses, that can achieve both? I think the uncertainty principle would work against you. A pair of 3D glasses could be made to do everything a pair of sunglasses would do for you, except from blocking horizontal reflections. The page you link to says: "we do not recommend these 3D glasses for extended outdoor usage"
No pragmatic person will ask for such technology today. There is nothing wrong with researching, but it will take many years before we see any feasible technology for that.
A more reasonable request is more standardized 3D glasses and better quality. There are many people who wear glasses all the time in order to be able to see anything at all. Glasses made for that are more comfortable to wear. Let's have 3D glasses that are as comfortable to wear as ordinary glasses. And let's have 3D glasses suitable for people who need glasses, such that those people don't have to wear two pair of glasses on top of each other in order to watch a 3D move. Fix those two things, and 3D technology will become more popular.
I find 3D equipment for home usage to be less convincing than 3D equipment for the cinema. I still haven't seen any equipment for home usage moving away from active glasses. Produce an LCD with circular polarization for 3D, and I will be much more interested in buying it. Even more so if I can buy a good pair of 3D glasses for it, and use the same good pair of 3D glasses in the cinema.
But that is something you need to support as long as multiple domains are hosted on the same IP address. Lots of things gets easier if you can have a separate IP address for each domain you want to host. But there has been a shortage of IP addresses.
However there is a solution. You just have to move to IPv6, then you will no longer have a shortage on IP addresses. So what if some people find themselves in a situation where they cannot deploy SPDY on IPv4 (because of limitations in their proxies)? I don't see how that is a bad thing. They can keep using plain HTTP for IPv4 users and SPDY for IPv6 users, where there is no need to host multiple domains on a single IP address.
You might think it is a problem to have this difference between the IPv4 deployment and the IPv6 deployment. It is not a problem, it is a little bit of extra work, but any transitioning is a little bit of extra work. For any domain where you want to have dual stack support, you have to host the IPv4 and IPv6 version of the site on different IP addresses (that's sort of obvious, but needs to be pointed out to make the rest of the argumentation clearer). You can make your two (or more) domains resolve to the same IPv4 address, which is your HTTP proxy, additionally you can make the domains resolve to different IPv6 addresses, which are routed either directly to webservers or through some loadbalancer. You don't need to ever route the IPv6 addresses to the HTTP proxy, it can be routed to a load balancer that only knows TCP and none of the higher levels.
IPv4 support doesn't have to be a design goal in a new protocol designed today. Before a new standard can be agreed upon another continent or two will have run out of IPv4 addresses. There may still be other arguments against SPDY.
At least that statement is easily falsifiable. Even if a collision happened in the innermost hash, then that value is going to be concatenated with the salt and password before being hashed again. Thus the combined hash can only collide if the outermost did. That means in terms of collision resistance the combination is at least as secure as the outermost hash. And the outermost hash is supposed to be one which has had sufficient review to be expected to be collision resistant.
The entire point of the construction is to shield you against most of the possible vulnerabilities in the innermost hash. The outermost hash is supposed to be one which is believed to be collision resistant, and the only reason you didn't use that one alone is that you feel it is too fast.
Proving the combination is collision resistant is the easy part. The hard part is to prove that given a hash you cannot compute the password without computing the entire input to the outermost hash.
Then he failed. Anybody can make extreme statements without proof.