At Yeovilton in Somerset you can wander around a test Concorde, walk underneath the wings - the complexity is astounding.
They route you through the museum so that you see a number of supersonic fighters and development aircraft - the FD1, for instance, which was the first to 1000mph. All of these are pretty small. Then you see Concorde. In that context it's gobsmackingly huge, and you're just left wondering how they got something that big to go so fast.
There's another prototype at Duxford, near Cambridge, but it's parked outside with other airliners and it doesn't look as impressive (actually it's a bit smaller than the production ones anyway). Inside there's a photo from the early tests with a row of engineers sitting sideways at consoles, all dressed in space suits. In the floor there's a big evacuation hatch, with notices saying words to the effect of "don't ever use this in flight if the plane isn't going down anyway."
If I'm using a dial-up a simple ad-blocking hosts file [everythingisnt.com] turns most pages from long annoying downloads to snappy content-only page views AND I get to keep the non-ad graphics.
When I've tried this, I get a messy display with frames filled with IE's error messages for a 404. I've though about also implementing a server that would hand back a 1x1 white PNG for any request for a URL ending in "png", "gif","jpg", "jpeg", and an empty HTML document for any URL ending in "htm", or "html", and so on. Has anyone tried this already?
If you use brick or stone, it'll stay up as long as someone lives in it, but not much longer. My home town has 18th century housing that used to be slums and has been successfully revived, and a friend lived in a 15th century ex-blacksmith's shop (but used to have bad problems with damp because of the stream running under what became the larder). OTOH my primary school was well-build out of stone in the early 19th century: it was in good condition when it went out of use in about 1980 but is now a ruin.
Even wood construction can last: Queens' College in Cambridge was badly built in the 15th century, and because they consistently backed the wrong side in various wars, they could never afford to fix it. It's still standing.
I rather like these: a SIM-sized micro-controller running Java (hence capable of acting as a Web server). There is an ethernet pinout, but the easiest way to play with them^W^W^Wprototype is to put them on a daughterboard. You can telnet into them and download code by FTP. The bare microcontroller costs £40 ($50) for the 512kb version.
Actually, it's more like France depends on suppliers in the region for the majority their oil supply, and destabilization in the region could easily result in an economically devastating energy crisis.
Same goes for Russia and China.
No, that's not the reason for the citizens to oppose the war, although it may be a motivation for the governments. The opposition to war is a popular movement.
Conversely, in Europe many people see the actions of the USA as being motivated by preserving the oil supply. It is interesting that the pressure on Iraq seems to have followed the failed coup in Venezuala, though I wouldn't go so far as to be sure of a causal relationship.
what does one call one hundred thousand frenchmen with their hands up? the french military.
There's a lot of jokes round on Slashdot about the French being cowards, and they've only started in the last few weeks. Look guys, you're being conned. The French and Germans aren't afraid of Iraq, they simply have a different political and moral view of the problem. You don't have to agree with them to understand this, so why parrot this low-grade propaganda from TV comics?
Yes, but RAND is 128 bits! Even if the SIM didn't have defences against multiple requests (which many do), that's 3.4e28 triplets to record. It isn't going to happen.
More realistically, if an operator is using the COMP128 encryption algorithm, given physical access to the SIM, the secret key Ki could be cracked in which case you could make up the triplets. That's a real problem, but it's not peculiar to WLAN - it would allow cloning of generic SIMs for GSM use. The problem is that COMP128 was intended as an illustrative algorithm, not intended for production use. Wise operators either don't use it, or are replacing SIMs using it.
It's not a problem. If you use 802.1x with EAP-SIM, you get mutual authentication from a standard SIM, but you need two or three exchanges of information. USIMs (for UMTS) can do mutual authentication in one pass, so there's lower latency - but it's not appreciably more secure in the WLAN context.
Someone mentioned that the authentication information for EAP is passed in the clear. EAP-SIM is not vulnerable to replay attacks because it's a challenge and response method. In normal GSM authentication, the network decides on a random challenge RAND. The network and the SIM calculate a signed response SRES and a session key Kc. The user equipment sends back SRES and the network uses it to authenticate the SIM. This leaves Kc as a shared secret at each end. EAP-SIM uses the same triplet, and uses the multiple passes for mutual authentication (theres an Internet Draft for it at http://www.ietf.org). EAP-SIM can also supply the accumulated Kc's to be used as a session key for WEP. Ok, WEP has known problems, but because you can force re-authentication periodically you can avoid a black-hat accumulating enough packets to crack your session.
BTW, Schlumberger aren't the only company offering "WLAN" SIMs - another company has been unsuccessfully lobbying 3GPP (the 3G industry standardisation body, who deal with WLAN/3G interoperation) with the same idea.
It's well known that the climatic and geostatic system of earth is highly chaotic - just think of Lorenz strange attractors and shallow water disturbanches. All high-level chaos theorists agree that the timespan for stable simulation is just 4 weeks - after that everything goes fucked up. So all this long term climate of continental shift simulation is just a scam.
However the point of strange attractors is that while short-term behaviour is chaotic (short term here would be for intervals of the order of a year), over the long term the behaviour of the system can be described in terms of families of paths in phase space governed by the strange attractors - for instance I can't tell you the temperature for next Christmas day in New York, but I can give limits on what it will be, and how fast it will be changing.
Now if you know something about what causes the strange attractors - for instance the Gulf Stream - you may be able to model the effect of moving an attractor, and so get useful work done.
To give another example - airflow over a wing may be turbulent (i.e. chaotic), but it's still possible to model the aerodynamics to the detail that we need to build an aeroplane.
Here in the UK, we're being encouraged to do returns online.
What put me off using this was that there was no information on how you could prove that you'd submitted a return, or what that return was. Do they actually provide anything for this?
I think he's referring to '', which on my Mac keyboard is an unshifted key to the left of '1'.
The characters I like are ÿ and its upper case equivalent (which for some reason that I can't be bothered to check on isn't previewing in/.) - I've heard they exist in no language. Apparently Dutch has a letter which is hand-written like that, but always printed as 'ij' or 'IJ'. There was a rumour that IBM had introduced them into the PC character set to allow them to sue for breach of copyright at a later date.
Not too sure about a webcam if you actually mean to use it as a server rather than a record and forward device. Some (most?) operators use private addressing for GPRS - also at the moment GPRS is expensive by the megabyte, and I don't know of any network that implements QoS yet. It will be more practical with UMTS (or 3G in general) with SIP, Mobile IPv6, and E.164.arpa.
Hey, at least you can enter your use-name! I use my fourth forename - but most databases in the UK only allow three forenames. There is a special hell reserved for database form designers...
I loved this bit from the description of SimCalc: SimCalc's features include all standard spreadsheet functions as well as advanced features such as formulas, cell formatting, and template support.
One of my friends was a tunnel engineer on the Underground for a number of years. He was once visiting some abandoned stations with a view to using them as storage space, when they found a walled up spiral escalator. Apparently it was a Victorian invention, intended to work in narrow circular shafts. Not too reliable though, which is why nothing came of it.
This isn't going to be a server - it's a desktop machine. As such I'll run a fair amount of stuff, some of it for fun, some to get a job done. It's not practical to skry the source, even it it's available: as you know, there have been a few Trojans imbedded in open source software recently which remained hidden for quite some time.
If your security is that crucial--that you have to allow your Internet browser ask permission to use the INTERNET
I probably wasn't clear on that. I only use IE for a few sites where I have to use it (yep, I've tried altering the UA string on other browsers). I normally use Opera and Netscape, and allow those free access. Given that IE seems responsible for half the security holes on the net, this doesn't seem overly paranoid!
overkill?
you already got a hw firewall. and want to police the the network activities of linux?
No, not overkill. A hardware firewall (and NAT) is almost useless as a defence against something on your system calling out. Also I don't mind trusting Linux per se, but I don't want to place unnecessary trust in applications running under Linux.
The assumption is that you just don't run programs you don't trust
That's fair enough if you are running a locked-down server, but this is a replacement for my desktop machine - which means I'll have a fair number of programs on it (none which I'll specifically distrust). Zone Alarm turns up some odd stuff even with programs I'd be fairly confident about - for instance its just reported that Netscape 7 has asked to be a server (seems to be something to do with DNS in this case, so it may be innocuous).
if you have firewall-config access, a sufficiently malicious program can always reconfigure it anyway (feeding keystrokes to your logged-in-as-root terminal? inserting a trojaned su or sudo binary into your $PATH?)
Well I'm sort of assuming I'll exercise reasonable care in not leaving root access that easily available
and presumably the idea is that if a solution is fundamentally flawed, it's not worth implementing in the first place.
For my own desktop use, I'm more inclined to go for the ssh approach - accept some limits in security to allow it to be used more situations.
Using a separate user ID is a good point - I'll just have to make sure it can't read outside it's own area (chroot should do).
Yup, exactly why I'm changing over. I actually like Win2k for my desktop (of course the One True OS is EPOC!), but I'm not going to put up with call-home - and I can't rely on an application like Zone Alarm if the OS itself can't be trusted.
Slashdot Mirror
What about the ship in "Golden the ship was, oh, oh, oh" - a million miles across?
They route you through the museum so that you see a number of supersonic fighters and development aircraft - the FD1, for instance, which was the first to 1000mph. All of these are pretty small. Then you see Concorde. In that context it's gobsmackingly huge, and you're just left wondering how they got something that big to go so fast.
There's another prototype at Duxford, near Cambridge, but it's parked outside with other airliners and it doesn't look as impressive (actually it's a bit smaller than the production ones anyway). Inside there's a photo from the early tests with a row of engineers sitting sideways at consoles, all dressed in space suits. In the floor there's a big evacuation hatch, with notices saying words to the effect of "don't ever use this in flight if the plane isn't going down anyway."
When I've tried this, I get a messy display with frames filled with IE's error messages for a 404. I've though about also implementing a server that would hand back a 1x1 white PNG for any request for a URL ending in "png", "gif","jpg", "jpeg", and an empty HTML document for any URL ending in "htm", or "html", and so on. Has anyone tried this already?
Text is downloadable in PDF from http://www.un.org/Docs/scres/2002/sc2002.htm. Have fun.
Even wood construction can last: Queens' College in Cambridge was badly built in the 15th century, and because they consistently backed the wrong side in various wars, they could never afford to fix it. It's still standing.
I rather like these: a SIM-sized micro-controller running Java (hence capable of acting as a Web server). There is an ethernet pinout, but the easiest way to play with them^W^W^Wprototype is to put them on a daughterboard. You can telnet into them and download code by FTP. The bare microcontroller costs £40 ($50) for the 512kb version.
No, that's not the reason for the citizens to oppose the war, although it may be a motivation for the governments. The opposition to war is a popular movement.
Conversely, in Europe many people see the actions of the USA as being motivated by preserving the oil supply. It is interesting that the pressure on Iraq seems to have followed the failed coup in Venezuala, though I wouldn't go so far as to be sure of a causal relationship.
40k feet isn't very high for a SAM. The U2 flies at 55k-70k max, which didn't help Gary Powers in the 60's.
There's a lot of jokes round on Slashdot about the French being cowards, and they've only started in the last few weeks. Look guys, you're being conned. The French and Germans aren't afraid of Iraq, they simply have a different political and moral view of the problem. You don't have to agree with them to understand this, so why parrot this low-grade propaganda from TV comics?
Yes, but RAND is 128 bits! Even if the SIM didn't have defences against multiple requests (which many do), that's 3.4e28 triplets to record. It isn't going to happen.
More realistically, if an operator is using the COMP128 encryption algorithm, given physical access to the SIM, the secret key Ki could be cracked in which case you could make up the triplets. That's a real problem, but it's not peculiar to WLAN - it would allow cloning of generic SIMs for GSM use. The problem is that COMP128 was intended as an illustrative algorithm, not intended for production use. Wise operators either don't use it, or are replacing SIMs using it.
Someone mentioned that the authentication information for EAP is passed in the clear. EAP-SIM is not vulnerable to replay attacks because it's a challenge and response method. In normal GSM authentication, the network decides on a random challenge RAND. The network and the SIM calculate a signed response SRES and a session key Kc. The user equipment sends back SRES and the network uses it to authenticate the SIM. This leaves Kc as a shared secret at each end. EAP-SIM uses the same triplet, and uses the multiple passes for mutual authentication (theres an Internet Draft for it at http://www.ietf.org). EAP-SIM can also supply the accumulated Kc's to be used as a session key for WEP. Ok, WEP has known problems, but because you can force re-authentication periodically you can avoid a black-hat accumulating enough packets to crack your session.
BTW, Schlumberger aren't the only company offering "WLAN" SIMs - another company has been unsuccessfully lobbying 3GPP (the 3G industry standardisation body, who deal with WLAN/3G interoperation) with the same idea.
If it isn't EPOC, it's not a real OS.
Now if you know something about what causes the strange attractors - for instance the Gulf Stream - you may be able to model the effect of moving an attractor, and so get useful work done.
To give another example - airflow over a wing may be turbulent (i.e. chaotic), but it's still possible to model the aerodynamics to the detail that we need to build an aeroplane.
> all brought down routinely by 5 line scripts :(
Two thousand pounds of education
Drops to a ten-rupee jezail.
(R Kipling, "Frontier arithmetic")
The characters I like are ÿ and its upper case equivalent (which for some reason that I can't be bothered to check on isn't previewing in /.) - I've heard they exist in no language. Apparently Dutch has a letter which is hand-written like that, but always printed as 'ij' or 'IJ'. There was a rumour that IBM had introduced them into the PC character set to allow them to sue for breach of copyright at a later date.
Not too sure about a webcam if you actually mean to use it as a server rather than a record and forward device. Some (most?) operators use private addressing for GPRS - also at the moment GPRS is expensive by the megabyte, and I don't know of any network that implements QoS yet. It will be more practical with UMTS (or 3G in general) with SIP, Mobile IPv6, and E.164.arpa.
Hey, at least you can enter your use-name! I use my fourth forename - but most databases in the UK only allow three forenames. There is a special hell reserved for database form designers...
One of my friends was a tunnel engineer on the Underground for a number of years. He was once visiting some abandoned stations with a view to using them as storage space, when they found a walled up spiral escalator. Apparently it was a Victorian invention, intended to work in narrow circular shafts. Not too reliable though, which is why nothing came of it.
This isn't going to be a server - it's a desktop machine. As such I'll run a fair amount of stuff, some of it for fun, some to get a job done. It's not practical to skry the source, even it it's available: as you know, there have been a few Trojans imbedded in open source software recently which remained hidden for quite some time.
If your security is that crucial--that you have to allow your Internet browser ask permission to use the INTERNET
I probably wasn't clear on that. I only use IE for a few sites where I have to use it (yep, I've tried altering the UA string on other browsers). I normally use Opera and Netscape, and allow those free access. Given that IE seems responsible for half the security holes on the net, this doesn't seem overly paranoid!
No, not overkill. A hardware firewall (and NAT) is almost useless as a defence against something on your system calling out. Also I don't mind trusting Linux per se, but I don't want to place unnecessary trust in applications running under Linux.
That's fair enough if you are running a locked-down server, but this is a replacement for my desktop machine - which means I'll have a fair number of programs on it (none which I'll specifically distrust). Zone Alarm turns up some odd stuff even with programs I'd be fairly confident about - for instance its just reported that Netscape 7 has asked to be a server (seems to be something to do with DNS in this case, so it may be innocuous).
if you have firewall-config access, a sufficiently malicious program can always reconfigure it anyway (feeding keystrokes to your logged-in-as-root terminal? inserting a trojaned su or sudo binary into your $PATH?)
Well I'm sort of assuming I'll exercise reasonable care in not leaving root access that easily available
and presumably the idea is that if a solution is fundamentally flawed, it's not worth implementing in the first place.
For my own desktop use, I'm more inclined to go for the ssh approach - accept some limits in security to allow it to be used more situations.
Using a separate user ID is a good point - I'll just have to make sure it can't read outside it's own area (chroot should do).
Yup, exactly why I'm changing over. I actually like Win2k for my desktop (of course the One True OS is EPOC!), but I'm not going to put up with call-home - and I can't rely on an application like Zone Alarm if the OS itself can't be trusted.
Hmm, this looks like just the job. I'll have a fiddle with the snapshot and see if I get anywhere.