> One would tend to think that a checksum/hash code would be sufficient. > You need a fingerprint, not a copy of the act.
That might be correct for examination of files. However, we're talking about ISPs here. It is not very far fetched that an ISP would try to match TCP/IP packets. That would require a fingerprint of a part of the image (impossible to produce without the original image).
My point is that an "ad hoc" database won't be useful without the original images. Sooner or later a user will come up with a new (incompatible) usage mode. Without the original images, the database can not support it.
The statement "Each company will set its own procedures on how it uses the database" just asks for it.
> It's annoying when one monitor's 9300K differs from another's.
Certainly it is.
However, there is a way around it: color management. For it to work, you use a special device (photo spectrometer) that reads back the colors that your monitors produce. Then, the color LUTs (look-up tables) of the graphics card are modified, to account for all differences from the theoretical ideal.
This, of course, requires individual LUTs for each monitor. It escapes my knowledge if the Matrox card has this feature. My dual-head ATI Radeon does, however.
Another hurdle to take is the broken Windows color-management support. It is not possible to assign different color profiles (with their integrated LUTs) to different monitors, when they are driven by the same card. There are two ways around it, and again it escapes my knowledge if the Matrox card provides an easy work-around. The work-around for my ATI card needs a tiny manual interaction after every boot.
Matrox is known to be a good choice for graphics artists. Their name always stood for slow but high quality graphics. I assume they have color-management addressed, better than many competing manufacturers.
A photo spectrometer for calibrating and profiling your displays costs between 70 and 200 dollars, depending on model and quality. Unless you buy golden audio cables for your HiFi, you will probably use it only once. Afterwards you can sell it on ebay or share it among a group of friends, to minimize the cost.
> Well, as far as video goes I'm more than happy with Media Player Classic. > It's basicly a WMP6.4(!) clone but able to play DVDs+++. No skinning, in > fact 99.9% of the time I use it is in fullscreen playback with no UI at > all. Haven't seen any feature in WMP7-10 that would make me change back.
I too use MPC, and there are features that made me change _to_ it.
In MPC, I can correct distorted aspect ratios that some internet files come with. Right-click in the video window, select context menu "video" and then "stretch to window". Now resize the window to fit.
In MPC, I can boost the audio volume for my crappy desktop speakers to keep up with livingroom noise. Prefs -> Audio Decoder, select "Normalize" and then "Boost" to about 1/3 of max.
And last not least, MPC doesnt download codecs, nor contact media databases, nor update DRM online licences, nor anything else along these tracks. When I play a file, I play it locally on my machine.
> I just wish Google Earth was available for MacOS or Linux.
Google Earth works fine in MS VirtualPC, using the OpenGL software compatibility mode. It's a little bit less snappy, but definately usable.
I see no reason why it shouldn't work in VMware WorkStation, which is available for Linux. Also, earlier versions of VirtualPC are available for MacOS.
Get the 30 day trial of VMware Workstation, and give it a try!
> I tend to be very strict about cookies, which unfortunately means that I > am forced to endlessly click through "do you want this cookie?"
A simple solution to this problem can be seen in Opera. Opera allows you to "accept all cookies" "from all sources", but then "silently delete all new cookies on close".
That is, web sites with cookies work fine throughout the browsing session. There is not a single annoying dialog, not even when sites request permanent cookies (Opera pretends to store it permanently).
Whenever you want to break the trackable session, close the browser and re-open it. I think this is a lot easier than having an advanced cookie manager (while there exists one for Opera, the only use I ever made from it was to verify that the "silently delete new cookies" actually works as advertised).
> It's very easy to detect cheating in a swarm. If a client reports that it's uploaded ten megabytes, > but the remainder of the swarm has only downloaded one megabyte, there's obviously > something askew.
While your approach might solve the problem of reporting inflated stats to gain a better reputation in the eyes of the tracker, it opens up another hole:
Clients can deliberately destroy the reputation of other well-behaving clients. They can simply lie to the tracker about how much data other clients have uploaded to them, tricking the tracker into thinking that those other clients are lying. Those other clients then end up banned.
This can be used to attack torrents. All the attacker needs is "lots of" virtual clients, that maintain high bandwidth traffic with the clients under attack. The more traffic they have, the more "lye margin" they generate (to overcome uncertainity tresholds on the tracker). And, the more virtual clients the attacker simulates, the more "votes" he's got to convince the tracker.
When the main seeders of a (young) torrent are banned on the tracker, the torrent becomes non-functional.
Investing bandwidth to silence a torrent might be worth-the-deal for a MPAA-style entity.
So, I'm convinced that your suggestion, as is, increases the overall vulnerability.
> how many overwrites does it take before data is reasonably securely deleted
Overwriting files on modern journaled filesystems is not guaranteed to have any effect at all. It is very likely that the filesystem assigns a different set of sectors for every "overwrite".
A better solution is to delete the file, and then overwrite the "free" sectors. This still requires in-depth knowledge of the filesystem (to discover every and all free sectors), which is why this solution might or might not work.
If you want to be on the safe side, overwrite the whole partition at the blockdevice level (erasing all other files on it as well).
> Can someone much smarter than me tell me how data forensics deals with that????
More often than not, these encryption tools are not watertight. They are incomplete solutions to the problem.
The type of tool you describe, mounts an encrypted disk-image. Dictionary and brute force attacks aside, the disk-image itself is usually impossible to crack.
However, when the image is mounted (legitimately), the password and key material reside on the hosting computer. That is, they reside outside the scope of the encrypted disk-image - for example in the RAM memory, maybe in the swap file on the boot harddisk, or maybe even in regular files (keystroke logger spyware, anyone?).
Some of these unwanted storage locations appear avoidable. For example, when allocating memory for the key, one can request "non-swappable" memory. But even if the developper knew and did this, WinXP hibernation or any laptops' suspend-to-disk sleep mode can still compromise your password and key material. And even the best antivirus software does not guarantee a 100% clean machine.
In addition to these possible leaks of the password/key, there is another big risk. Whenever the disk-image is mounted, the contained files are accessable to the machine. They can be copied out to not-secured areas of the system, without the user knowing. For example, when you open a WORD document, a temporary copy might be created in the Windows "Temp" folder (on the windows harddisk). While you type, undo buffers are created as well, for your changes to be undone if you wish so. If, while the document is open, the memory manager decides to page out your document to the swap file, it ends up on the boot drive as well. When you print the document, a copy of it is rastered and stored in the printer queue (again, on the windows harddisk).
It's obvious - while the files inside the disk-image might be uncrackable, their temporary copies all around the windows harddisk are not. These tools are secure only, when the disk-image is isolated from the producing machine. Ie, you can use them to protect a CD-R backup (where nothing but a 700MB disk-image is burned).
For working with content, I rather recommend a full-disk encryption tool. These encrypt every sector of your physical harddrive (all of them). Whenever the operating system writes a sector, it is encrypted before it makes it to the disk. It doesnt matter if the sector is part of a regular file, a temporary one or even the swap file. If, by definition, there do not exist not-encrypted sectors on your harddrive, there is no way for your harddrive to leak not-encrypted data to attackers.
There are only 2 ways such a system can leak data (dictionary and brute force attacks aside): again, suspend-to-disk sleep modes use to write the RAM content bypassing all drivers (thus bypassing your encryption layer, writing your raw password/key material to disk). And of course, online attacks like viruses and spyware can leak data. As soon as their logs are sent over internet, the secure scope of your harddisk is left and your security is compromised.
Here are a few recommendations for tools that can be used to encrypt whole harddisks:
The latter is a development of mine, email if you are interested.
Also, it is possible to create "VMware" virtual machines that reside on encrypted partitions (eg LoopAES) and run any operating system. With "Venturecom BXP" it is possible to boot a diskless PC with WinXP (from an encrypted server).
> all those pages could hide in the space it takes for just one tab until I need them.
Opera already supports this.
For every workspace open a "new window" instead of a "new tab". Inside of the new window, open all tabs related to a topic. In another window, open those that are related to another topic.
Every window has a taskbar icon, and can be minimized/maximized - with all its contained tabs.
I use this quite often when I do quick researches on something. I'm used to open multiple google results at once for quicker browsing. Once I'm satisfied, I have a lot of unread tabs left. Closing the workspace window closes all of them at once. How nice!
> You honestly want to tell me that the same person who designed a sophisticated > piece of software like BitTorrent would make such a crappy page like that?
Click on the upper right link "Brams page". His "Current Project" back then already was BitTorrent. No matter how long it took him to complete it, his digital piracy comment was dead on.
All you need is MS-VirtualPC or VMware-Workstation. These emulate a full computer in software.
Setup the virtual computer with the virtual NIC in NAT mode. Install your favourite OS. Setup the browsers, bookmarks, etc. Lock the virtual computers' harddrive with the "SNAPSHOT" function.
Everytime you start the virtual computer, it will come up at this point - fresh and clean. Then you can surf and have the virtual computer infected with spyware and viruses.
The only danger to your real (physical) computer is the fact, that there is an infected machine in your LAN (although separated through NAT).
Once you turn off the virtual machine and revert back to the snapshot, all changes are lost. The cookies, the history, all installed plugins and viruses - they are all gone!
Of course you need to off-load downloaded files before turning off, otherwise they would be lost, too.
This setup is a great tool as well for testing software before installing them on the "real" machine, by the way.
> Finegrprints are easily fakeable, another reason to reject biometrics. If someone else uses your fingerprints..
A welcome side-effect for criminals would be to get a job as music shot clerk to get ahold of lots of finger print samples. You know, the same kind of criminals that used to hire at gas stations in the early 90s, just to grab credit card data of all the drivers who stopped by. If finger print scanning becomes ubiquitious, it will be very easy to get ahold of lots of prints. And this doesnt even require taping them off of bar glasses like in CSI.
> Under the TCPA the user has complete control over which binaries he wants to run.
What is a program? A.EXE binary certainly is a program.
But what about a macro inside a.DOC? It is "executable" content, but it is not a binary. I suppose you dont want to limit WORD to only "open" documents signed by Redhat and Debian?
The same applies to.NET and JAVA files. Are they binary? What about a.sh script?.pl anyone?
Since mixing data and code has become so commonplace, there is no easy way to forbid executing unwanted code. As soon as you allow WORD to execute, unwanted.DOC macros are allowed to execute as well.
Of course, issues like this example can be addressed. Option can be created to lock down WORD. But this will be an open field with lots of holes, because we already start to go away from a binary decision of "execute" vs "deny".
And then there are soooo many file formats. Unless enough time has passed and new file types are invented and established with security in mind (!), we will have a lot of unaddressed issues. Administrators will have to ban apps that users still want to use, or accept insecure setups.
> All Linux biometrics should look for HEAT in > addition to regular biometrics (ie, fingerprint), > so that something like this doesn't happen
That will only make sure that detatched fingers will be kept warm, or be heated before use. The street method would be to either use the finger right after detatching it, or to stick it into the mouth a few minutes before using it. I know this sounds akward, but its low-tech (no tools required) and will work.
Is it only me, or did you as well notice that a hacked computer login is now called "identity theft" as in "credit card fraud" and all the other stuff we use to associate with it?
> The system is really designed to be a point in time quote system. The problem comes when someone > does a deep link, to a quote for example. Chances are if a link is posted on the web (or sent through > email), the page the new visitor sees may be different from the page/price/availability the creator of the link saw.
And how is that a bad thing?
If, on a "London photos" page a link invites to "check flights to London", I would expect to see the current availability and prices instead of the ones a year ago.
Well, actually I would expect the link to not work at all (due to changes of the directory hierarchy on the travel site), or to be a spam trap. So I wouldnt click it anway..
> Just recently I finally heard the difference between a 128 kbit mp3 > and the uncompressed version in a blind test. > > It surprised me to hear the difference because I know that my ears > have been damaged by playing in loud bands.
This is not surprising at all. It is very probable that you would not have heard the difference, if your ears werent damaged. (Actually you state that you really didnt hear it before recently)
MP3 encoders contain a psycho-acoustic model of what "we" think that the ear/brain perceives when hearing sound. This model has been created with excessive tests on large groups of humans, man and women, of various races.
Based on this model, the encoder decides which parts of the sound are perceived by the listener, and which parts are not. For example, a loud noise blinds away quiet sounds in a near frequency band.
Going from important sound features down to less important features, the encoder packs information into the MP3 frame, until the bitrate is exhausted. (That is why a 256kbps file has more quality than a 128kbps file)
In your case however, with your damaged ears, the psycho-acoustic model is WRONG. If you cant perceive - say - sounds in a certain frequency band, loud noises in that band wont blind away other sounds nearby. For the "standard" listener it would, for you it wont! Therefore the encoder (wrongly) decides to remove the quiet sounds, although YOU (and only very few more people) would have heard them.
That is what makes people with ear damage the first who notice MP3 artefacts, even at surprisingly high bitrates.
The article sais, pictures were printed on various printers. After 12 months they were examined, and some were found OK while others faded away excessively.
All this was done at normal daylight/temperature - no accelerated tests were made.
I cant see how this can be compared to professionally printed photographs or wedding photos. They surely wont fade within 12 months of normal in-house daylight.
An inkjet picture that doesnt fade noticably within 12 months is remarkable, but not necessarily "better than professionally made photographs".
Slashdot Mirror
> Wouldn't it be fun to make their legs longer?
They did!
> One would tend to think that a checksum/hash code would be sufficient.
> You need a fingerprint, not a copy of the act.
That might be correct for examination of files. However, we're talking about ISPs here. It is not very far fetched that an ISP would try to match TCP/IP packets. That would require a fingerprint of a part of the image (impossible to produce without the original image).
My point is that an "ad hoc" database won't be useful without the original images. Sooner or later a user will come up with a new (incompatible) usage mode. Without the original images, the database can not support it.
The statement "Each company will set its own procedures on how it uses the database" just asks for it.
> It's annoying when one monitor's 9300K differs from another's.
Certainly it is.
However, there is a way around it: color management. For it to work, you use a special device (photo spectrometer) that reads back the colors that your monitors produce. Then, the color LUTs (look-up tables) of the graphics card are modified, to account for all differences from the theoretical ideal.
This, of course, requires individual LUTs for each monitor. It escapes my knowledge if the Matrox card has this feature. My dual-head ATI Radeon does, however.
Another hurdle to take is the broken Windows color-management support. It is not possible to assign different color profiles (with their integrated LUTs) to different monitors, when they are driven by the same card. There are two ways around it, and again it escapes my knowledge if the Matrox card provides an easy work-around. The work-around for my ATI card needs a tiny manual interaction after every boot.
Matrox is known to be a good choice for graphics artists. Their name always stood for slow but high quality graphics. I assume they have color-management addressed, better than many competing manufacturers.
A photo spectrometer for calibrating and profiling your displays costs between 70 and 200 dollars, depending on model and quality. Unless you buy golden audio cables for your HiFi, you will probably use it only once. Afterwards you can sell it on ebay or share it among a group of friends, to minimize the cost.
Marc
This is one of the most useful camera hacks that make kids smile for the photo.
PEZ Flash
Regards, Marc
Using the FP as plug for a picture..
> Well, as far as video goes I'm more than happy with Media Player Classic.
> It's basicly a WMP6.4(!) clone but able to play DVDs+++. No skinning, in
> fact 99.9% of the time I use it is in fullscreen playback with no UI at
> all. Haven't seen any feature in WMP7-10 that would make me change back.
I too use MPC, and there are features that made me change _to_ it.
In MPC, I can correct distorted aspect ratios that some internet files come with. Right-click in the video window, select context menu "video" and then "stretch to window". Now resize the window to fit.
In MPC, I can boost the audio volume for my crappy desktop speakers to keep up with livingroom noise. Prefs -> Audio Decoder, select "Normalize" and then "Boost" to about 1/3 of max.
And last not least, MPC doesnt download codecs, nor contact media databases, nor update DRM online licences, nor anything else along these tracks. When I play a file, I play it locally on my machine.
Marc
> I just wish Google Earth was available for MacOS or Linux.
Google Earth works fine in MS VirtualPC, using the OpenGL software compatibility mode. It's a little bit less snappy, but definately usable.
I see no reason why it shouldn't work in VMware WorkStation, which is available for Linux. Also, earlier versions of VirtualPC are available for MacOS.
Get the 30 day trial of VMware Workstation, and give it a try!
Marc
> I tend to be very strict about cookies, which unfortunately means that I
> am forced to endlessly click through "do you want this cookie?"
A simple solution to this problem can be seen in Opera. Opera allows
you to "accept all cookies" "from all sources", but then "silently
delete all new cookies on close".
That is, web sites with cookies work fine throughout the browsing
session. There is not a single annoying dialog, not even when sites
request permanent cookies (Opera pretends to store it permanently).
Whenever you want to break the trackable session, close the browser
and re-open it. I think this is a lot easier than having an advanced
cookie manager (while there exists one for Opera, the only use I ever
made from it was to verify that the "silently delete new cookies"
actually works as advertised).
Marc
> It's very easy to detect cheating in a swarm. If a client reports that it's uploaded ten megabytes,
> but the remainder of the swarm has only downloaded one megabyte, there's obviously
> something askew.
While your approach might solve the problem of reporting inflated stats to gain a better reputation in the eyes of the tracker, it opens up another hole:
Clients can deliberately destroy the reputation of other well-behaving clients. They can simply lie to the tracker about how much data other clients have uploaded to them, tricking the tracker into thinking that those other clients are lying. Those other clients then end up banned.
This can be used to attack torrents. All the attacker needs is "lots of" virtual clients, that maintain high bandwidth traffic with the clients under attack. The more traffic they have, the more "lye margin" they generate (to overcome uncertainity tresholds on the tracker). And, the more virtual clients the attacker simulates, the more "votes" he's got to convince the tracker.
When the main seeders of a (young) torrent are banned on the tracker, the torrent becomes non-functional.
Investing bandwidth to silence a torrent might be worth-the-deal for a MPAA-style entity.
So, I'm convinced that your suggestion, as is, increases the overall vulnerability.
> how many overwrites does it take before data is reasonably securely deleted
Overwriting files on modern journaled filesystems is not guaranteed to have any effect at all. It is very likely that the filesystem assigns a different set of sectors for every "overwrite".
A better solution is to delete the file, and then overwrite the "free" sectors. This still requires in-depth knowledge of the filesystem (to discover every and all free sectors), which is why this solution might or might not work.
If you want to be on the safe side, overwrite the whole partition at the blockdevice level (erasing all other files on it as well).
> Can someone much smarter than me tell me how data forensics deals with that????
More often than not, these encryption tools are not watertight. They are incomplete solutions to the problem.
The type of tool you describe, mounts an encrypted disk-image. Dictionary and brute force attacks aside, the disk-image itself is usually impossible to crack.
However, when the image is mounted (legitimately), the password and key material reside on the hosting computer. That is, they reside outside the scope of the encrypted disk-image - for example in the RAM memory, maybe in the swap file on the boot harddisk, or maybe even in regular files (keystroke logger spyware, anyone?).
Some of these unwanted storage locations appear avoidable. For example, when allocating memory for the key, one can request "non-swappable" memory. But even if the developper knew and did this, WinXP hibernation or any laptops' suspend-to-disk sleep mode can still compromise your password and key material. And even the best antivirus software does not guarantee a 100% clean machine.
In addition to these possible leaks of the password/key, there is another big risk. Whenever the disk-image is mounted, the contained files are accessable to the machine. They can be copied out to not-secured areas of the system, without the user knowing. For example, when you open a WORD document, a temporary copy might be created in the Windows "Temp" folder (on the windows harddisk). While you type, undo buffers are created as well, for your changes to be undone if you wish so. If, while the document is open, the memory manager decides to page out your document to the swap file, it ends up on the boot drive as well. When you print the document, a copy of it is rastered and stored in the printer queue (again, on the windows harddisk).
It's obvious - while the files inside the disk-image might be uncrackable, their temporary copies all around the windows harddisk are not. These tools are secure only, when the disk-image is isolated from the producing machine. Ie, you can use them to protect a CD-R backup (where nothing but a 700MB disk-image is burned).
For working with content, I rather recommend a full-disk encryption tool. These encrypt every sector of your physical harddrive (all of them). Whenever the operating system writes a sector, it is encrypted before it makes it to the disk. It doesnt matter if the sector is part of a regular file, a temporary one or even the swap file. If, by definition, there do not exist not-encrypted sectors on your harddrive, there is no way for your harddrive to leak not-encrypted data to attackers.
There are only 2 ways such a system can leak data (dictionary and brute force attacks aside): again, suspend-to-disk sleep modes use to write the RAM content bypassing all drivers (thus bypassing your encryption layer, writing your raw password/key material to disk). And of course, online attacks like viruses and spyware can leak data. As soon as their logs are sent over internet, the secure scope of your harddisk is left and your security is compromised.
Here are a few recommendations for tools that can be used to encrypt whole harddisks:
Securstar DriveCrypt Plus Pack (WinXP)
EncryptionPlus (Win2k + WinXP)
SecMBR (DOS,Win9x)
The latter is a development of mine, email if you are interested.
Also, it is possible to create "VMware" virtual machines that reside on encrypted partitions (eg LoopAES) and run any operating system. With "Venturecom BXP" it is possible to boot a diskless PC with WinXP (from an encrypted server).
Marc
> all those pages could hide in the space it takes for just one tab until I need them.
Opera already supports this.
For every workspace open a "new window" instead of a "new tab". Inside of the new window, open all tabs related to a topic. In another window, open those that are related to another topic.
Every window has a taskbar icon, and can be minimized/maximized - with all its contained tabs.
I use this quite often when I do quick researches on something. I'm used to open multiple google results at once for quicker browsing. Once I'm satisfied, I have a lot of unread tabs left. Closing the workspace window closes all of them at once. How nice!
> US mobile phones
Can you read me now?
> ... or would you pay $7000 to get the answer in one hour?
What if I spend the $7000 hour fixing bugs of the software that doesnt scale as expected?
Honestly, which real-world problems are solved in this manner anyway? Except for cryptography I fail to come up with any.
> You honestly want to tell me that the same person who designed a sophisticated
> piece of software like BitTorrent would make such a crappy page like that?
Click on the upper right link "Brams page". His "Current Project" back then
already was BitTorrent. No matter how long it took him to complete it, his
digital piracy comment was dead on.
Safe surfing is easy.
All you need is MS-VirtualPC or VMware-Workstation. These emulate a full computer in software.
Setup the virtual computer with the virtual NIC in NAT mode. Install your favourite OS. Setup the browsers, bookmarks, etc. Lock the virtual computers' harddrive with the "SNAPSHOT" function.
Everytime you start the virtual computer, it will come up at this point - fresh and clean. Then you can surf and have the virtual computer infected with spyware and viruses.
The only danger to your real (physical) computer is the fact, that there is an infected machine in your LAN (although separated through NAT).
Once you turn off the virtual machine and revert back to the snapshot, all changes are lost. The cookies, the history, all installed plugins and viruses - they are all gone!
Of course you need to off-load downloaded files before turning off, otherwise they would be lost, too.
This setup is a great tool as well for testing software before installing them on the "real" machine, by the way.
Marc
> I can tell you that a rum and COKE is not hard to come by. Funny, I thought Coke was an American company?
When I was in Cuba, I was served "TuKola" all the time. It came in red cans,
similar to Coke, but it wasnt Coke.
> Finegrprints are easily fakeable, another reason to reject biometrics. If someone else uses your fingerprints..
A welcome side-effect for criminals would be to get a job as music shot clerk to get ahold of lots of finger print samples. You know, the same kind of criminals that used to hire at gas stations in the early 90s, just to grab credit card data of all the drivers who stopped by. If finger print scanning becomes ubiquitious, it will be very easy to get ahold of lots of prints. And this doesnt even require taping them off of bar glasses like in CSI.
> Under the TCPA the user has complete control over which binaries he wants to run.
.EXE binary certainly is a program.
.DOC? It is "executable" content, but it is not a binary. I suppose you dont want to limit WORD to only "open" documents signed by Redhat and Debian?
.NET and JAVA files. Are they binary? What about a .sh script? .pl anyone?
.DOC macros are allowed to execute as well.
What is a program? A
But what about a macro inside a
The same applies to
Since mixing data and code has become so commonplace, there is no easy way to forbid executing unwanted code. As soon as you allow WORD to execute, unwanted
Of course, issues like this example can be addressed. Option can be created to lock down WORD. But this will be an open field with lots of holes, because we already start to go away from a binary decision of "execute" vs "deny".
And then there are soooo many file formats. Unless enough time has passed and new file types are invented and established with security in mind (!), we will have a lot of unaddressed issues. Administrators will have to ban apps that users still want to use, or accept insecure setups.
Marc
> All Linux biometrics should look for HEAT in
> addition to regular biometrics (ie, fingerprint),
> so that something like this doesn't happen
That will only make sure that detatched fingers will be kept warm, or be heated before use. The street method would be to either use the finger right after detatching it, or to stick it into the mouth a few minutes before using it. I know this sounds akward, but its low-tech (no tools required) and will work.
Is it only me, or did you as well notice that a hacked computer login is now called "identity theft" as in "credit card fraud" and all the other stuff we use to associate with it?
> The system is really designed to be a point in time quote system. The problem comes when someone
> does a deep link, to a quote for example. Chances are if a link is posted on the web (or sent through
> email), the page the new visitor sees may be different from the page/price/availability the creator of the link saw.
And how is that a bad thing?
If, on a "London photos" page a link invites to "check flights to London", I would expect to see
the current availability and prices instead of the ones a year ago.
Well, actually I would expect the link to not work at all (due to changes of the directory hierarchy
on the travel site), or to be a spam trap. So I wouldnt click it anway..
> Just recently I finally heard the difference between a 128 kbit mp3
> and the uncompressed version in a blind test.
>
> It surprised me to hear the difference because I know that my ears
> have been damaged by playing in loud bands.
This is not surprising at all. It is very probable that you would not
have heard the difference, if your ears werent damaged. (Actually you
state that you really didnt hear it before recently)
MP3 encoders contain a psycho-acoustic model of what "we" think that
the ear/brain perceives when hearing sound. This model has been created
with excessive tests on large groups of humans, man and women, of various
races.
Based on this model, the encoder decides which parts of the sound are
perceived by the listener, and which parts are not. For example, a loud
noise blinds away quiet sounds in a near frequency band.
Going from important sound features down to less important features, the
encoder packs information into the MP3 frame, until the bitrate is exhausted.
(That is why a 256kbps file has more quality than a 128kbps file)
In your case however, with your damaged ears, the psycho-acoustic model
is WRONG. If you cant perceive - say - sounds in a certain frequency band,
loud noises in that band wont blind away other sounds nearby. For the
"standard" listener it would, for you it wont! Therefore the encoder
(wrongly) decides to remove the quiet sounds, although YOU (and only very
few more people) would have heard them.
That is what makes people with ear damage the first who notice MP3 artefacts,
even at surprisingly high bitrates.
Marc
> Strange, the cash in my pocket doesn't have my address on it.
Well, that is what YOU think.
The article sais, pictures were printed on various printers. After 12 months
they were examined, and some were found OK while others faded away excessively.
All this was done at normal daylight/temperature - no accelerated tests were
made.
I cant see how this can be compared to professionally printed photographs or
wedding photos. They surely wont fade within 12 months of normal in-house
daylight.
An inkjet picture that doesnt fade noticably within 12 months is remarkable,
but not necessarily "better than professionally made photographs".