Fix caller id...by throwing it out. Replace it with the *authoritative* origination number that the system already carries for billing purposes (like when you call a 900 number).
FAT was, I believe without direct evidence, based on the HDOS (Heathkit DOS) GRT file system. It works nearly identically, and was invented by J. Gordon Letwin for Heathkit. Letwin was hired away from Heathkit by Microsoft as one of their first dozen employees.
Under the legal environment of the time, it was reasonable for Letwin to take the concepts that he invented with him, but to re-implement them for his new employer without copying any of the (Copyrighted) 8080 assembly language.
I suspect their interest in him did not originate from Cryptocat, but instead from his support for WikiLeaks (including at one time having a WikiLeaks mirror).
But it never had that "Indiana Jones under the truck" or "Indiana Jones hates snakes" or "Its just a thin mint" moment or line that we will be thinking about and/or repeating....
"I had a date".
Okay, it's not that quotable. But it is the line that makes you realize that this story is, in a very real sense, a tragedy.
So, a proprietary optical disk drive will be cheaper to manufacture than the $20 (retail) DVD writer that I can buy at Fry's?
I don't believe a bit of it.
Not only that, but when salt is done correctly you don't care if the attacker has the salt.
The steps:
* Salt every password with a different salt value.
* Store the salt with the hashes.
* If an attacker gets your user file he has to brute force each password separately, instead of using a rainbow table.
What if the data is encoded in the starting sequence numbers of TCP/IP streams? Sure it's low bandwidth, but a keylogger doesn't need much. And I'm sure there are other possibilities.
(1) the term `protected computer' has the meaning given such term in section 1030(e)(2) of title 18, United States Code; and
(2) the term `peer-to-peer file sharing program' means computer software that allows the computer on which such software is installed--
(A) to designate files available for transmission to another computer;
(B) to transmit files directly to another computer; and
(C) to request the transmission of files from another computer.
Since nearly everyone using a P2P program does not "transmit files directly to another computer" this law has very limited application. Those internet routers have saved us!
Most machines are on switches these days. This limits the number of places that a simple sniff will see your packets to:
a) people near your insecure wireless network.
b) people on the same machine
c) people at your ISP
d) people working at the backbone networks
e) people working at the server's ISP
f) people on the same machine as the server
If you are worried about a, b, and f then you have issues that SSL will not solve.
For c through e ARP tricks are no real hurdle. These guys probably do that just as easily as they do sniffing. Anyone else has to do ARP tricks just to give their sniffer a look at your packets.
No, the real hierarchy is:
1. SSL with cert signed by a trusted certificate authority.
2. SSL with cert signed by the current public certificate authorities.
3. SSL with self-signed cert
3. (again) Plain HTTP
They key point is that both number 3's are equally easy for script kiddies to compromise.
> gas, clutch out, clutch in, brake...gas, clutch out, clutch in, brake... Still more satisfying than driving an auto.
Should be: on brake, clutch in, out of 3rd, clutch out, blip throttle, clutch in, in to 2nd, blip throttle, clutch out, off brake, gas, turn in, accelerate through apex. Still the fastest and smoothest way through a slow corner.:-)
Assume that a company has a Yellow Pages (TM) advertisement, that also includes an advertisement for Sony televisions. Further assume that Sony pays them for the extra plug.
Can they sue to prevent other companies from publishing their address and phone number, rather than directing people to the YP advertisement?
And, off topic, can't Slashdot proofread their articles? Try this: He cited the site of the website. Due to the high resolution background, it was quite a sight.
I can compress any prime number, given sufficient compute time.
2 => 1 3 => 2 5 => 3 7 => 4
See? 2 is the 1st prime, 3 is the second. Just make sure you haven't missed any as you get to larger primes. As a tradeoff, the compression factor eventually gets very high.
Of course the government and the newspapers lie. But in a democracy, they're not the same lies.
- Steve Jackson
Of course, nowdays you need to substitute "democracy with a free press".
Just think: you're a gang leader and suspect that someone in your organization is a narc. You have all of their cell phone numbers, because that's how you communicate, so you call up Locatecell and get the logs. The one who has the local PD in their logs gets a pair of cement shoes for Christmas.
And if our loving government makes the obvious change (allowing access to certain records to be blocked), then the one with records are not buyable gets the "special" gift.
So, a real solution needs either fakeable cell phone records (expensive for low enforcement) or restricted access to all cell phone records.
Back in the late 80's I worked on a computer addon that sat in an external case. It had (for the day) massive processing power. Which means it was about as powerful as the first PalmPilot ever shipped.
It had ONE front panel button: reset.
With four functions:
Press: reset. Press and hold: reset and clear memory. Press twice: reset and enter setup mode. Press twice and hold: reset, clear memory and enter setup mode.
Unfortunately, the company folded and I don't know if there are any records out there.
Slashdot Mirror
There have been 7 Captain Marvel's, of which 3 have been female. It seems that only one, Carol Danvers, is human (or at least began as human).
Fix caller id...by throwing it out. Replace it with the *authoritative* origination number that the system already carries for billing purposes (like when you call a 900 number).
FAT was, I believe without direct evidence, based on the HDOS (Heathkit DOS) GRT file system. It works nearly identically, and was invented by J. Gordon Letwin for Heathkit. Letwin was hired away from Heathkit by Microsoft as one of their first dozen employees. Under the legal environment of the time, it was reasonable for Letwin to take the concepts that he invented with him, but to re-implement them for his new employer without copying any of the (Copyrighted) 8080 assembly language.
I suspect their interest in him did not originate from Cryptocat, but instead from his support for WikiLeaks (including at one time having a WikiLeaks mirror).
But it never had that "Indiana Jones under the truck" or "Indiana Jones hates snakes" or "Its just a thin mint" moment or line that we will be thinking about and/or repeating....
"I had a date". Okay, it's not that quotable. But it is the line that makes you realize that this story is, in a very real sense, a tragedy.
So, a proprietary optical disk drive will be cheaper to manufacture than the $20 (retail) DVD writer that I can buy at Fry's? I don't believe a bit of it.
But he'd have to build a new dictionary for each new salt value. That's why each password needs to get a unique salt value.
Not only that, but when salt is done correctly you don't care if the attacker has the salt.
The steps:
* Salt every password with a different salt value.
* Store the salt with the hashes.
* If an attacker gets your user file he has to brute force each password separately, instead of using a rainbow table.
What if the data is encoded in the starting sequence numbers of TCP/IP streams? Sure it's low bandwidth, but a keylogger doesn't need much. And I'm sure there are other possibilities.
Larry Niven wrote a story about this "Safe at any Speed". See http://variety-sf.blogspot.com/2007/12/larry-niven-safe-at-any-speed-short.html
40 lbs = 18.14 kg only in a one G gravity field. Pounds are a unit of weight, while Kilograms are a unit of mass.
From the act:
SEC. 4. DEFINITIONS.
As used in this Act--
(1) the term `protected computer' has the meaning given such term in section 1030(e)(2) of title 18, United States Code; and
(2) the term `peer-to-peer file sharing program' means computer software that allows the computer on which such software is installed--
(A) to designate files available for transmission to another computer;
(B) to transmit files directly to another computer; and
(C) to request the transmission of files from another computer.
Since nearly everyone using a P2P program does not "transmit files directly to another computer" this law has very limited application. Those internet routers have saved us!
Most machines are on switches these days. This limits the number of places that a simple sniff will see your packets to:
a) people near your insecure wireless network.
b) people on the same machine
c) people at your ISP
d) people working at the backbone networks
e) people working at the server's ISP
f) people on the same machine as the server
If you are worried about a, b, and f then you have issues that SSL will not solve. For c through e ARP tricks are no real hurdle. These guys probably do that just as easily as they do sniffing. Anyone else has to do ARP tricks just to give their sniffer a look at your packets.
No, the real hierarchy is:
1. SSL with cert signed by a trusted certificate authority.
2. SSL with cert signed by the current public certificate authorities.
3. SSL with self-signed cert
3. (again) Plain HTTP
They key point is that both number 3's are equally easy for script kiddies to compromise.
> gas, clutch out, clutch in, brake...gas, clutch out, clutch in, brake... Still more satisfying than driving an auto.
:-)
Should be: on brake, clutch in, out of 3rd, clutch out, blip throttle, clutch in, in to 2nd, blip throttle, clutch out, off brake, gas, turn in, accelerate through apex. Still the fastest and smoothest way through a slow corner.
I suggest shortening to "qit". Scrabble players would be glad to have one more word that uses a "q" without the following "u".
And I think the solution may be for this judge to talk to the one(s) that have ruled that just linking to copyrighted material is infringement.
Assume that a company has a Yellow Pages (TM) advertisement, that also includes an advertisement for Sony televisions. Further assume that Sony pays them for the extra plug.
Can they sue to prevent other companies from publishing their address and phone number, rather than directing people to the YP advertisement?
And, off topic, can't Slashdot proofread their articles? Try this: He cited the site of the website. Due to the high resolution background, it was quite a sight.
Jet turbine article posting!
I can compress any prime number, given sufficient compute time.
2 => 1
3 => 2
5 => 3
7 => 4
See? 2 is the 1st prime, 3 is the second. Just make sure you haven't missed any as you get to larger primes. As a tradeoff, the compression factor eventually gets very high.
Of course the government and the newspapers lie. But in a democracy, they're not the same lies. - Steve Jackson Of course, nowdays you need to substitute "democracy with a free press".
Probably so they can charge a "per message" surcharge.
Just think: you're a gang leader and suspect that someone in your organization is a narc. You have all of their cell phone numbers, because that's how you communicate, so you call up Locatecell and get the logs. The one who has the local PD in their logs gets a pair of cement shoes for Christmas.
And if our loving government makes the obvious change (allowing access to certain records to be blocked), then the one with records are not buyable gets the "special" gift.
So, a real solution needs either fakeable cell phone records (expensive for low enforcement) or restricted access to all cell phone records.
Back in the late 80's I worked on a computer addon that sat in an external case. It had (for the day) massive processing power. Which means it was about as powerful as the first PalmPilot ever shipped.
It had ONE front panel button: reset.
With four functions:
Press: reset.
Press and hold: reset and clear memory.
Press twice: reset and enter setup mode.
Press twice and hold: reset, clear memory and enter setup mode.
Unfortunately, the company folded and I don't know if there are any records out there.
Or at least that's what they said in 2000. For somewhere around $80k.
In other words, the prototypes are way cool but don't hold your breath. And be cautious about putting a deposit down.