right now, at this moment, we are plowing through space we haven't plowed through in 237 million years. what the hell are we hitting?
There couldn't possibly be anything static lurking around in that part of space, the gravity would pull it towards the centre of the galaxy. so, whatever was there would have to be moving around the galaxy at the same pace. It is of course not entirely impossible that there are objects in a non-circular orbit, but if there was we wouldn't be meeting it at the same spot every time, and I could imagine that the trajectory of such an object would be quite irregular due to the gravity of other objects it would meet on its way.
NP-hard problems can all be solved with sufficient application of computing power
There is no requirement for the problem to have a solution. Even if there is no way to test if an input is in a set L, it may still be the case that L is hard. In order for L to be NP-hard, there has to be a polynomial time algorithm that can reduce any NP problem to L. If you take L to be the halting question, then such a reduction is trivial. Just simulate the nondeterministic TM with all possible choices for the nondeterministic parts until you find the one that makes it halt and accept. If no such choices exist, the simulation will run for ever. Hence, it will halt iff the input for the reduction was in the NP set that we were interested in.
NP-complete is by definition the intersection between NP and NP-hard. There are for sure NP-hard problems, which are not in NP, so you are right that the sets are not identical. I believe the halting problem is NP-hard, but it certainly isn't NP-complete.
They can be. I had a four year extended warranty on a Compaq I bought in 2003. At a point where the warranty would have expired I send it to repairs, where the screen and battery were replaced, and a few other minor details were repaired as well. Later before the extended warranty expired I send it to repairs again, with roughly the same things being broken again. At that point they didn't repair it, but I got a refund of what an equivalent machine would have cost at that time. That refund was about twice as much as the extended warranty had cost in the first place, but of course far less than the original cost of the machine.
I ended up spending the refund buying a cheap unbranded laptop, which in most respects was better than the Compaq I used to have, and I didn't even spend the full refund. I used that unbranded laptop for about three years before finally buying a new laptop.
According to Richard Dawkins they are right about one thing. I don't recall how far into this video he says it. But don't worry, the video is worth watching in entirety.
I don't believe it either. Compiler optimizations can make the browser faster, but it won't make it any less sluggish.
To me the browser feels sluggish when operations randomly take much longer than usual. This can be due to memory usage and swapping. But I have found on my newest laptop I have enough memory that this doesn't become a problem, and rather the browser will occasionally hang for seconds, and maybe even a minute, just burning CPU cycles. To make it stop being sluggish in those cases, it is not enough to cut CPU usage by a constant factor. You have to improve the algorithms to lower the worst case complexity.
Another problem is that when flash crashes (which it does frequently), firefox will hang waiting for it to be completely dead. This shouldn't happen. Firefox should just go on responding to the user and everything not directly related to flash should keep working while flash can go astray on its own in the background.
Maybe it is. Maybe they decided that with a bit more development, the Ipod could be turned into a PDA. And later they may have decided, that for a PDA it would be a good idea to have data connectivity wherever you go. At the time it could very well be that the cellphone network was the best way to get data connectivity wherever you go. So, it may have made sense to put a sim card in a PDA at the time. Then they may have thought that customers didn't want to buy two separate contracts from the phone companies to have one for their PDA and one for their phone, so they decided to put a phone in the PDA as well.
All of this is pure speculation. I have no way of knowing if this is actually how it happened. But creating a PDA with a phone added as an after thought wouldn't have been unlikely.
Thanks, that is indeed the one I had in mind. I misremembered the source. If I accidentally caused somebody to look up what else Neil deGrasse Tyson had to say about UFO sightings, I'd say no harm was done that way.
I had briefly wondered if xkcd might have been the source before writing my post, so I looked it up and found a different view on the drake equation. It didn't occur to me that he had gotten inspiration from the drake equation more than once.
They should be many, many documents just like this one, all mutually contradictory.
Somebody did an equation to estimate the number of such reports to be expected. It was similar to the drake equation except it was estimating how many false UFO reports to expect given the size of Earth's population. Unfortunately I don't remember who did it. It may have been Neil deGrasse Tyson.
Remember though the reasoning for that - rejecting immediately allows for a reasonably high-speed dictionary attack to harvest the email addresses in the organisation.
This is a terrible reasoning. Yes, it does increase the resource usage for dictionary attacks a bit. However, it increases the resource usage for the server even more. In addition it causes innocent bystanders to be flooded with bouncing messages.
If you want to slow down somebody scanning for valid addresses, then just delay the responses to the originating IP every time an attempt to send to a nonexisting address is made.
Is it better to setup the cert properly to not give errors, or teach your users to ignore them?
If you want nonstandard certificates, you should setup your own internal CA and add that CA as trusted on the devices where you need it. Devices where you cannot add a CA shouldn't be using SSL to access unqualified hostnames. In those cases get a certificate for the fully qualified hostname, and configure the device to use that.
In fact, Microsoft Exchange "best practices" state you should be using the unqualified server name as one of the SAN entries in the SSL cert.
A widely trusted CA shouldn't issue certificates for unqualified hostnames. It is a bad practice. And if a document calls a bad practice for a best practice, I'll question the validity of said document.
However, I think the main target for criticism should be the SSL clients. When a client access a domain name that is not fully qualified, it should expand it to a fully qualified domain name before validating the certificate. The concatenation of unqualified hostname and DNS search path happens on the client machine. I don't see any good reason for using this concatenation for DNS lookup but not for validating the certificate. Ideally the resulting hostname would be visible to the user. For example for URLs in a browser, I would make the browser implicitly redirect to the fully qualified hostname. In fact such an implicit redirection would be a good idea even for http requests. Using unqualified hostnames has a drawback because the http server may only have the fully qualified version configured, the administrator might not always know about the use of a DNS search path since clients need not be on the same network as the server.
If clients would always use the fully qualified domain name for validating certificates, then there would no longer be a reason to issue certificates with unqualified hostnames.
One question remains, can clients mistake what was intended as an unqualified hostname for a fully qualified hostname. (I don't know if the representation in the certificates use a trailing dot to distinguish the fully qualified hostnames from unqualified hostnames). If the clients cannot tell the difference, this could be a security problem. A heuristic that is used in many places is, that if there is a dot somewhere in the middle of the hostname it is a fully qualified hostname, and otherwise not. However even if there is multiple components separated by dots, you can still append a DNS search path. And a hostname with a single component can be a valid fully qualified hostname. A few TLDs actually have A records for the TLD (all cases I know of will redirect to the administrator for the TLD).
The trick here is to ensure that the insurance companies report any dangerous vehicle incidents for all models to a neutral body that can do data crunching to watch for trends.
Could be made a mandatory feature in the cars. I'm sure you can design an algorithm to monitor all sensory input and decide if there was a dangerous situation. The same sensory input should be fed to two independent systems, one that handles the driving and one that simply logs data and look for dangerous situations.
Either it could automatically phone home with information about the dangerous situation, or it could turn on a light on the dashboard telling the owner that there is a log that needs to be downloaded by a technician. (Maybe the car should refuse to drive if there is such a log and it hasn't been downloaded within say four weeks).
This is just random ideas. Hopefully once such cars gets massproduced, the manufacturers will already have a decent procedure in place, which may differ from my ideas. If they don't have any decent procedure in place, then may laws need to be made.
Airplanes rarely come closer than a few miles distance from any other solid objects, except during takeoff and landing. Roadways are a winding gauntlet of potential collisions; some stationary, some moving. In many cases, these collisions must be avoided with clearances of a few feet.
The distance between the planes is larger. But there is a whole lot of reasons why you need larger distance to get the same amount of risk.
Planes have a much larger volume than cars.
There is huge volume of air around a plane where it causes so much turbulence that another plane getting into that area can lose lift.
If a pair of cars brush each other, you will likely damage the painting. If a pair of planes brush each other, they will likely both crash into the ground and kill everybody on board.
Planes move much faster than cars. At those speeds the distance between two planes can shrink to zero very quickly even if it was large to begin with.
Planes often fly in conditions of low visibility. If you can only see 100m ahead when driving in a car, that may not be a huge risk. If you can only see 100m ahead when flying a plane, you will be in huge danger unless you have other means of knowing where other planes are.
Even if you did have visibility, there are much more angles another plane could come from due to them actually moving in three dimensions compared to cars mostly moving in two.
If the drivers of two cars notice they are on a collision course, they can often avoid the dangerous situation by slamming the brakes. Doing the same on a plane is not particular safe.
I noticed how the sequence NCB occurs 19 times. 18 times out of that it is followed by E. I am wondering if the sequence NCBRTSENCBEINC may have been a mistake or if there is a good reason why NCB in this particular case is followed by a different character.
Is it guaranteed that such a list will be available?
2. Query the DNS for the IPs for those domains
Most of the interesting stuff is actually not going to be on the naked domains (no pun intended), but rather on subdomains. You can be sure there will be domains for which the list of subdomains will not be made available. As a matter of fact, there may even be cases where a domain is implemented in a way that make it technically impossible to provide a complete list of subdomains.
3. Block IPs
That would be a quite easy target for DoS attacks. Buy xxx domain, point A record at site you don't like. Voilà site is blocked, and somebody did all the hard work for you.
Let's assume the producer has a master in 96kHz 24bits stereo, and you have audio hardware capable of playing that. Which of the following two options for distribution would you prefer?
Master is downsampled to 44.1kHz with the best possible filter to avoid aliasing. Then the samples are scaled and rounded to 16 bits, with a scaling factor carefully computed to give the best possible SNR. And you get this result on an audio CD or using a lossless compression like FLAC.
Alternatively you can choose to get the 96kHz 24 bits stereo sound compressed with a lossy compression (ogg, mp3, or anything you choose) at a bitrate of 1Mbit/s.
Which of the two would you choose? There is no doubt the first of the two options will give the best audio quality if your hardware is somehow limited to 44.1kHz 16 bits. But if your audio hardware can do better than that, I guess the second option will give better audio quality at one third the bitrate.
If you are optimizing for best possible sound quality, you have to know your constraints. Depending on the constraints you will get different result. If your only constraint is the actual hardware from the D/A converter to the speakers you will get a completely different result from when you are constrained to a certain bitrate but can choose audio hardware as you like. You'll get yet another result if you are constrained by cost of the hardware to do the playback.
Nice way to put it. I find it hard to believe that there could be a flaw in handling of uncompressed audio data that could be used to take control over the CD player in the first place. If we are talking about the standard stereo 16 bits per sample audio, then it is unlikely to have a flaw in the code to handle it for too reasons. It is ******* simple. There are no possibility of the code to handle it having forgotten to check for invalid inputs, as every possible combination of the bits is a valid input.
If the flaw is in how the metadata or ECC on the CD is handled, then you can't exploit it by somebody downloading the files from the internet and burning it on a CD. Because this metadata isn't downloaded from the internet in the first place. It is produced after whatever was downloaded has been turned into an uncompressed stream. You'd have to first exploit the computer in order to then exploit the CD burner to produce the malformed CD in the first place.
If OTOH we are not talking about an audio CD, but rather about a data CD with mp3 files, and the CD player in the car can decode mp3s, then it is more likely that there is a vulnerability that could be used to exploit the CD player.
It turns out that the links in the article don't actually take you to the paper. So, where is the paper? The article is too short on detail to find out what this is really about?
I'd say if it was a person who was going to be working with computers as part of his job, it would be ok to ask that question. Only let people who refuse the request have the job, because anybody who accepts is obviously too careless with his credentials, and having him as an employee would be a security risk.
Slashdot Mirror
There couldn't possibly be anything static lurking around in that part of space, the gravity would pull it towards the centre of the galaxy. so, whatever was there would have to be moving around the galaxy at the same pace. It is of course not entirely impossible that there are objects in a non-circular orbit, but if there was we wouldn't be meeting it at the same spot every time, and I could imagine that the trajectory of such an object would be quite irregular due to the gravity of other objects it would meet on its way.
There is no requirement for the problem to have a solution. Even if there is no way to test if an input is in a set L, it may still be the case that L is hard. In order for L to be NP-hard, there has to be a polynomial time algorithm that can reduce any NP problem to L. If you take L to be the halting question, then such a reduction is trivial. Just simulate the nondeterministic TM with all possible choices for the nondeterministic parts until you find the one that makes it halt and accept. If no such choices exist, the simulation will run for ever. Hence, it will halt iff the input for the reduction was in the NP set that we were interested in.
NP-complete is by definition the intersection between NP and NP-hard. There are for sure NP-hard problems, which are not in NP, so you are right that the sets are not identical. I believe the halting problem is NP-hard, but it certainly isn't NP-complete.
I for one think these two cubes do look similar: http://home.comcast.net/~mjmahon/CrateII.jpg http://www.startrek.com/legacy_media/images/200508/tng-142-j25-borg-cube/320x240.jpg
They can be. I had a four year extended warranty on a Compaq I bought in 2003. At a point where the warranty would have expired I send it to repairs, where the screen and battery were replaced, and a few other minor details were repaired as well. Later before the extended warranty expired I send it to repairs again, with roughly the same things being broken again. At that point they didn't repair it, but I got a refund of what an equivalent machine would have cost at that time. That refund was about twice as much as the extended warranty had cost in the first place, but of course far less than the original cost of the machine.
I ended up spending the refund buying a cheap unbranded laptop, which in most respects was better than the Compaq I used to have, and I didn't even spend the full refund. I used that unbranded laptop for about three years before finally buying a new laptop.
According to Richard Dawkins they are right about one thing. I don't recall how far into this video he says it. But don't worry, the video is worth watching in entirety.
I don't believe it either. Compiler optimizations can make the browser faster, but it won't make it any less sluggish.
To me the browser feels sluggish when operations randomly take much longer than usual. This can be due to memory usage and swapping. But I have found on my newest laptop I have enough memory that this doesn't become a problem, and rather the browser will occasionally hang for seconds, and maybe even a minute, just burning CPU cycles. To make it stop being sluggish in those cases, it is not enough to cut CPU usage by a constant factor. You have to improve the algorithms to lower the worst case complexity.
Another problem is that when flash crashes (which it does frequently), firefox will hang waiting for it to be completely dead. This shouldn't happen. Firefox should just go on responding to the user and everything not directly related to flash should keep working while flash can go astray on its own in the background.
Maybe it is. Maybe they decided that with a bit more development, the Ipod could be turned into a PDA. And later they may have decided, that for a PDA it would be a good idea to have data connectivity wherever you go. At the time it could very well be that the cellphone network was the best way to get data connectivity wherever you go. So, it may have made sense to put a sim card in a PDA at the time. Then they may have thought that customers didn't want to buy two separate contracts from the phone companies to have one for their PDA and one for their phone, so they decided to put a phone in the PDA as well.
All of this is pure speculation. I have no way of knowing if this is actually how it happened. But creating a PDA with a phone added as an after thought wouldn't have been unlikely.
That's because in France we have 10 fingers! Not in the US?
Most places, not necessarily in the deep South.
Was that a reference to Man from the south?
Thanks, that is indeed the one I had in mind. I misremembered the source. If I accidentally caused somebody to look up what else Neil deGrasse Tyson had to say about UFO sightings, I'd say no harm was done that way.
I had briefly wondered if xkcd might have been the source before writing my post, so I looked it up and found a different view on the drake equation. It didn't occur to me that he had gotten inspiration from the drake equation more than once.
Somebody did an equation to estimate the number of such reports to be expected. It was similar to the drake equation except it was estimating how many false UFO reports to expect given the size of Earth's population. Unfortunately I don't remember who did it. It may have been Neil deGrasse Tyson.
This is a terrible reasoning. Yes, it does increase the resource usage for dictionary attacks a bit. However, it increases the resource usage for the server even more. In addition it causes innocent bystanders to be flooded with bouncing messages.
If you want to slow down somebody scanning for valid addresses, then just delay the responses to the originating IP every time an attempt to send to a nonexisting address is made.
If you want nonstandard certificates, you should setup your own internal CA and add that CA as trusted on the devices where you need it. Devices where you cannot add a CA shouldn't be using SSL to access unqualified hostnames. In those cases get a certificate for the fully qualified hostname, and configure the device to use that.
A widely trusted CA shouldn't issue certificates for unqualified hostnames. It is a bad practice. And if a document calls a bad practice for a best practice, I'll question the validity of said document.
However, I think the main target for criticism should be the SSL clients. When a client access a domain name that is not fully qualified, it should expand it to a fully qualified domain name before validating the certificate. The concatenation of unqualified hostname and DNS search path happens on the client machine. I don't see any good reason for using this concatenation for DNS lookup but not for validating the certificate. Ideally the resulting hostname would be visible to the user. For example for URLs in a browser, I would make the browser implicitly redirect to the fully qualified hostname. In fact such an implicit redirection would be a good idea even for http requests. Using unqualified hostnames has a drawback because the http server may only have the fully qualified version configured, the administrator might not always know about the use of a DNS search path since clients need not be on the same network as the server.
If clients would always use the fully qualified domain name for validating certificates, then there would no longer be a reason to issue certificates with unqualified hostnames.
One question remains, can clients mistake what was intended as an unqualified hostname for a fully qualified hostname. (I don't know if the representation in the certificates use a trailing dot to distinguish the fully qualified hostnames from unqualified hostnames). If the clients cannot tell the difference, this could be a security problem. A heuristic that is used in many places is, that if there is a dot somewhere in the middle of the hostname it is a fully qualified hostname, and otherwise not. However even if there is multiple components separated by dots, you can still append a DNS search path. And a hostname with a single component can be a valid fully qualified hostname. A few TLDs actually have A records for the TLD (all cases I know of will redirect to the administrator for the TLD).
Could be made a mandatory feature in the cars. I'm sure you can design an algorithm to monitor all sensory input and decide if there was a dangerous situation. The same sensory input should be fed to two independent systems, one that handles the driving and one that simply logs data and look for dangerous situations.
Either it could automatically phone home with information about the dangerous situation, or it could turn on a light on the dashboard telling the owner that there is a log that needs to be downloaded by a technician. (Maybe the car should refuse to drive if there is such a log and it hasn't been downloaded within say four weeks).
This is just random ideas. Hopefully once such cars gets massproduced, the manufacturers will already have a decent procedure in place, which may differ from my ideas. If they don't have any decent procedure in place, then may laws need to be made.
The distance between the planes is larger. But there is a whole lot of reasons why you need larger distance to get the same amount of risk.
I noticed how the sequence NCB occurs 19 times. 18 times out of that it is followed by E. I am wondering if the sequence NCBRTSENCBEINC may have been a mistake or if there is a good reason why NCB in this particular case is followed by a different character.
Not everybody think that upgrade was a good idea. http://www.youtube.com/watch?v=pQHX-SjgQvQ
1. Get a list of all .xxx domains
Is it guaranteed that such a list will be available?
2. Query the DNS for the IPs for those domains
Most of the interesting stuff is actually not going to be on the naked domains (no pun intended), but rather on subdomains. You can be sure there will be domains for which the list of subdomains will not be made available. As a matter of fact, there may even be cases where a domain is implemented in a way that make it technically impossible to provide a complete list of subdomains.
3. Block IPs
That would be a quite easy target for DoS attacks. Buy xxx domain, point A record at site you don't like. Voilà site is blocked, and somebody did all the hard work for you.
Anybody else noticed that this price per IP address would put the value of the complete set of usable IPv4 addresses at 42 billion?
Let's assume the producer has a master in 96kHz 24bits stereo, and you have audio hardware capable of playing that. Which of the following two options for distribution would you prefer?
Master is downsampled to 44.1kHz with the best possible filter to avoid aliasing. Then the samples are scaled and rounded to 16 bits, with a scaling factor carefully computed to give the best possible SNR. And you get this result on an audio CD or using a lossless compression like FLAC.
Alternatively you can choose to get the 96kHz 24 bits stereo sound compressed with a lossy compression (ogg, mp3, or anything you choose) at a bitrate of 1Mbit/s.
Which of the two would you choose? There is no doubt the first of the two options will give the best audio quality if your hardware is somehow limited to 44.1kHz 16 bits. But if your audio hardware can do better than that, I guess the second option will give better audio quality at one third the bitrate.
If you are optimizing for best possible sound quality, you have to know your constraints. Depending on the constraints you will get different result. If your only constraint is the actual hardware from the D/A converter to the speakers you will get a completely different result from when you are constrained to a certain bitrate but can choose audio hardware as you like. You'll get yet another result if you are constrained by cost of the hardware to do the playback.
Nice way to put it. I find it hard to believe that there could be a flaw in handling of uncompressed audio data that could be used to take control over the CD player in the first place. If we are talking about the standard stereo 16 bits per sample audio, then it is unlikely to have a flaw in the code to handle it for too reasons. It is ******* simple. There are no possibility of the code to handle it having forgotten to check for invalid inputs, as every possible combination of the bits is a valid input.
If the flaw is in how the metadata or ECC on the CD is handled, then you can't exploit it by somebody downloading the files from the internet and burning it on a CD. Because this metadata isn't downloaded from the internet in the first place. It is produced after whatever was downloaded has been turned into an uncompressed stream. You'd have to first exploit the computer in order to then exploit the CD burner to produce the malformed CD in the first place.
If OTOH we are not talking about an audio CD, but rather about a data CD with mp3 files, and the CD player in the car can decode mp3s, then it is more likely that there is a vulnerability that could be used to exploit the CD player.
It turns out that the links in the article don't actually take you to the paper. So, where is the paper? The article is too short on detail to find out what this is really about?
What you are saying implies the police was doing terrorism.
I'd say if it was a person who was going to be working with computers as part of his job, it would be ok to ask that question. Only let people who refuse the request have the job, because anybody who accepts is obviously too careless with his credentials, and having him as an employee would be a security risk.