Now we know that the draft is obsolete and we have to page a huge bundle to d/l the PDF. What do we gain from that? Is this really operational costs? Why can IETF and W3C publish electronic versions free of charges and ISO can't? I'd rather have an OASIS semi-standard than an ISO standard that most can't afford to see.
I choose not to download most of my music, but rather rip it myself in lossless format.
Rip it from what? A CD? Do you know that CDs have crap sample rate? A mp3 riped from a DAT tape will have more samples than a CD. I don't know if it's audible, I don't care. I don't need good sound as long as all I find is crap music...
I publish my personal addr in clear text everywhere because I can setup a mailserver to deal with the spam but my university addr on the otherhand I really don't want to end up on the web. They force us to use a crappy webmail and they can't filter spam properly. An email can easily sit for a few days in the mail queue before it gets delivered! If you don't fear to publish your uni email, I guess that people at Waterloo know their shit and I congratulate them. This might be a new criterion to know if a potential uni is worth it: do faculty obfuscate their email addrs?
I think it is convenient to let people reach me by clicking on the mailto: link. It's not like obfuscating my email would suddenly stop the flow of spam and for that I have a really effective setup. So my approach it to know how to deal with the spam and not to care about the harvesters. Recently I received and email for a really interesting job proposal in Silicon Valley and I'm taking the plane on Friday for and on-site interview. Imagine if my clever scheme of email obfuscation was too cleaver for the recruiter. My setup is really simple: graylistd and spamoracle. Apt-get install both and read the doc, you can instantly filter out 95% of the stuff. There is no spam problem, I receive a lot more junk snail mail than I receive junk email. Don't try to hide, learn how to defend yourself instead.
You might like to know that Daniel Brandt founded Google Watch back in the old days to protest against page rank. Yes, Google Watch was originally just against how Google didn't give mr Brandt a good page rank. Now he added some bits about privacy but I think anyone should visit Google Watch now to see how childish Daniel Brandt is. And using Google to do datamining is against the acceptable use policy anyway.
The kind of crap job you can get won't help you to learn anything and will just show you that coding in the real world is working in a cyber sweatshop. No one care if you have an item on your resume that says that your hacked html and javascript for some random company website. And the random company won't pay someone to be with you and teach you the important things about programming that you won't learn in school.
Instead you should join a free software project that you like. Ideally something that you use yourself. Once you've contributed something significant other project members will take time to explain anything you want to know and before that they will tell you what you should read and how you can learn the skills required to implement your desired feature. If your resume says that you improved the pathfinding code in Battle for Wesnoth a future employer will be able to look at the code and see how you work. You won't have anything to show if you waste your summer re-indenting java code. By joining a free software project you will learn how to work with other people, you don't learn this in school. If you go for a company they'll put on something self contained and irelevant so you never bother more than one person.
But, if you go for a company you might find out early that you don't want to do this for the rest of your life. Its better to find this out now than after you graduate. It doesn't mean that you can't hack code, There was this taxi driver who contributed to KDE in his spare time, He made pretty good stuff. I can't recall his name... You can also start your own startup which is probably as painfull but will pay a lot more if you succeed. Working in a university is much better but it pay less and you'll have a hard time to do it without a degree. Universities _really_ want to believe that the degrees they sell are important.
Do a partime job that pays well, that way you'll have more free time to hack. Look for ultra unionized place like your municipality. The people who but the grass in city parks really earn a lot of money. You will meet a lot of lazy people, don't ever be tempted to do as they do. Laziness is the little death that brings total oblivion. Oh, and type something like this as root
There is plenty of posts summing up the situation properly but lets develop. For industrial purpose, those are great but so are other less perfect imitations of the naturally occurring gems. For jewels on the other hand, those are completely missing the point. Anyone who is into gems worshiping is obviously lacking rational thinking. When it became evident that diamonds were not rare, diamond producers united under the name "De Beers" to cut the supply in order to jack up the price. That wasn't too successful until the major add campain "diamonds are forever".
Now all the people who are stupid enough to worship gems think that there is something special with the particular gem called "diamond". No matter what you sell and how good it is at imitating diamonds, it won't have this "something special" and it can't have it because that "something special" is purely fictional.
You can't apply a technological solution to a social problem.
The way to solve the problem with De Beers is to quite this stupid worshiping of gems, if you acknowledge that gems mean something by offering one, either a diamond or some other. you do nothing to solve the problem. Others point that offering your SO something that cost a bundle is a way to prove that you are dedicated to the relation. Personally I would recommend that you find a SO that is not lacking rational thinking but maybe you are that desperate and you really want to continue with your current one. In that case you are probably better of offering stocks, gold bullions (not jewels), collectable paintings or anything that has real value, that is tradeable and that isn't purely emotional.
But maybe I fail to understand the gems worshipers. Why do they want gems?
So what would you have me and the rest of the "general population" do?
This is going to be hard but the only solution is an aggressive boycott of anything in relation with spam. You don't buy from spammers, or so you think. Last time you bought a generic medication, did you check that its provider was never involved in a spam campain? The other step in a massive boycott is education. But don't worry, it's going to be easier to educate people once the floodgates are open. Personally I couldn't care less about spamhaus. I don't believe in lists. Power corrupt and history shows that lists admins can't handle that kind of power. My personal setup is gray-listing + bayasian training and I have really good results. But a technical solution can't solve the problem. Only education can and that's where the general population come into play.
In the spirit of the article, regarding noticing patterns where there really aren't any, it's been my perception with XMMS that it tends to pick "pairs" of songs. That is, for any given track it plays at random, the chance of the next "random" track being from the same artist seems to be significantly higher.
Lets use the same logic as the birthday paradox. Suppose you have two albums of each artists, with 15 songs per albums. The probability that an artist don't have consecutive songs is
2000/2000 * 1998/2000 * 1996/2000 *... * 1942/2000 = 0.644
= reduce(lambda x, y:x*y, [x/2000.0 for x in range(1942, 2002, 2)])
That is, we have to skip a place on the playlist. You'll admit that this probability is kind of low, now you have to combine all your artists. With 2000 and 30 songs per artists you have 67 artists. The probability that non of them has consecutive songs is 0.664^67= 0.000000000000164.
To sum up, it is almost impossible not to have twice the same artist for all the artists and you should expect 36% of the artists to have consecutive songs. XMMS shuffle the list properly, exactly how it is suggested by Knuth. It is just that you playing in a shuffled order can't be that random.
Bug 21 in the XMMS Bugzilla, it was fixed in November 2002 by Håvard Kvålen. Not my patch but the general idea was kept. Ain't it a nice world we live in?
A long time ago I was dissatisfied by the lack of random in XMMS so I jumped to the source to see what I could do. I think this was my first contribution to a free software project. Anyway, here is what I found: XMMS keeps two copies of the playlist, one that is in the order you set and one that is "shuffled". This has to be clear, all the tracks in the play list are there exactly once in the shuffled playlist.
I can't recall when the shuffled playlist was reshuffled but in was not that often, maybe only when you added or removed tracks. So if you like Smoke on Water but that Ballroom Blitz is just two song after that, too bad, you'll always get Ballroom Blitz soon after you double click on Smoke on Water. Technically speaking, the shuffling was perfect, the random generator was properly seeded and they divided in the right way to prevent loosing entropy. The lack of reshuffling was entirely responsible to the perceived lack of randomness.
So my patch was just that: trigger reshuffling a lot more often. As far as I know this patch was never merged but my copy of XMMS did have the proper random behavior. I don't know if it's the same problem with the iPod. That's something I like with free software: you can fix it!
I can remember about 100 digits but remembering digits of pi for calculations is pointless. No way you are going to require more than 4 digits if you only have pen an paper. In fact, I never used recalled digits for calculations. I either use the pi button on a calculator or the pi keyword in a symbolic algebra system. You should try to remember digits of pi for a noble goal, not for mere calculations. I do it to pick up chicks! OK I don't but one chick did tell me "remembering pi is pointless, you do it just to impress chicks". Yes that was in a math dept...
You can't apply a technological solution to a social problem. Resellers will sell certs to anyone and no one even bother to have their certs signed anymore. Even my uni don't have a signed cert. You see messages like "if you browsers say that the certificate authority isn't knowned just click accept" and people just do that. Do anyone even understand what that message mean? I mean anyone not in CS and even then I'm not sure that most people grasp how the trust is supposed to go from Verisign down to your browser. Frankly I don't see what SSL _can_ protect. Unless anyone can understand how it works, the passing of certificates is doomed to be useles.
I would say that's incorrect. It should be a trivial matter for the software to be written to REQUIRE the default password to be changed before the machine will actually give out money. Rather like having to immediately change your password when you first login to an account. It's not a difficult concept, and while this is technically a 'lack' of a feature rather than a bug, it's certainly a flaw in design, and a pretty basic one at that.
It is worst than that. There is no visible clue that you switched to password prompt mode and nothing that makes it obvious that you made several attempts. You can just swipe a random plastic card and mess with the keys as long as you want. There should be flashing lights and a loud beep when you enter the magic combo to get the pass prompt. Worst design ever!
A great game is a game that you keep playing no matter how old it is. Think chess and go vs monopoly. Yeah monopoly was kind of popular and a lot of people played it. Many people that I know who played monopoly didn't like chess or go. But it was displaced by other board games. I think they play hive these days. But still, student cafés in universities are still filled with chess and go players.
A great game is a game that you have a hard time not to play. No way that someone has to struggle not to play unreal tournament or x-wings vs tie fighter. Those game died and no matter how you liked playing them, the fact that you don't play anymore must lead you to put then with monopoly in the good-but-dead games. Contrast this with Nethack. A game that will hook phds no matter how hold it is. The addiction to nethack is really bad. I need deliberate effort not to continue my current game and I know that if I do I'll spend at least one straight night on it. Yes it happened that I played a game until I got dizzy by the lack of food but nethack is the only one that I keep playing. I wonder why we keep seeing those top-xx lists, they are always filled with crap. They probably put random games in there just to shock people so they'll submit to/. If your pick doesn't stand the test of time, its probably not that great.
How about captchas that require cultural background knowledge to solve?
Dudley's Dungeon, a Nethack comic strip, does that. Really simple questions like "Which character represents a wand?" are both trivial for nethackers and are almost unsolvable enigma for spammers.
This approach is fine for a website oriented around a common, niche interest but I don't think a general public website should go for something like that. Salting the captchas is easier to implement and it will defeat almost all attempts to defeat them. Something like: enter the number of kids in that picture, plus the number written in this captcha plus five. Any website doing that will be a pain to use though. I think the comment should be bayes checked than a captcha, possibly salted should be sent only when it looks like spam.
Going to the lecture is overrated. Here you can show up only to the exams and some people do. Those who do it are also the bests and everyone know it. When you manage to learn by yourself you can explore a lot more parallel concepts. Heck, thats what the professors tell us: you don't need to come in class if you can learn by yourself. If you can't, feel free to come to the lecture.
A lecture is like a movie, its a bad medium to learn. In a book you can adjust the pace and read faster in the easy parts and re-read five times the hard ones. You can put a bookmark and it will stay there for six months if its what you need before you can tackle that subject again. How come we still do lectures anyway? After 2500 years we haven't found anything better than that? (I assume that lectures started in ancient Greece but I might be wrong)
I'm back from the computational astrobiology summer school in Honolulu and we were lectured by Karen Meech who was on the scientific comity for Deep Impact and in charge of all Earth based observations. Despite the catchy depiction of the mission as a space demolition derby its a perfectly valid way to study stuff out there.
By smaching stuff hard enough they can vaporize matter and use Earth based spectrometers to get a really detailed description of the content. For those not into astronomy, when you split the light from a neon light, you see distinct rays, not a continuous spectrum. You can identify the gas in the tube by just looking at its rays, argon lights are different from neon and so on. When you vaporize any kind of matter you get a spectrum. You can tell whats in the sample by looking at emission or absorbsion rays depending on wether your sample is the light source or a filter. There is a catch, from Earth you can only tell the elements (and sometimes molecules) that have rays in the transparency windows of our atmosphere,
The good side of the Deep Impact kind of missions is that you can study an object on the "cheap". You just send something to be smashed and the science package is already on earth. No need to build a high price mass spectrometer and to find a way to land it without crashing. In the case of Deep Impact, you don't even need to accelerate the impactor, the comet already has all the momentum required to cause vaporization when it hits something on its path. Since Deep Impact was such a success, they figured that smashing old spacecraft was a good way to "recycle" them and rest assured that the space demolition derby is not about to end.
Another good point about smashing stuff is that is sounds cool. Just look at the comments here on/., people love to smash stuff. The science is hard to understand for the average tax payer but the impact isn't and Nasa is really outreach oriented. Next week a lot of people will talk about the recent smash at work, many more than those who talk about the holy quest from dark matter. Some of those will feel nostalgic and bring their kids star gazing and a new generation of astronomers will be on its way. Missions that are easy to understand keep the public interest high. One smash a year keeps the budget cut away?
On a deeper philosophical ground I realize now that hackers should learn from this effort to present to the public an over simplistic view of what you do. Most of us can't explain to our parents what we do. This is because we try to stay accurate and I think that this is wrong. No one will start coding based on just your job description so a little inaccuracy should be allowed. As Kim Binsted told us, we should always have an elevator pitch version of what we do that anyone can understand; thats how you build contacts and how budgets are allocated.
Back to smashing stuff, I think that this is the best way we have to quickly respond to opportunities: a close-by asteroid, an unexpected comet, an alien spaceship,... and we should build all new spacecrafts to be usefull when we smash them when they run out of fuel. To be usefull all the material should have its emission lines outside of Earth transparency window or at least outsides of windows for interesting stuff like organics. We should of course also launch a bunch of impactors will the sole goal of being smashed.
By the way did you know that they are studying comets and asteroids as the putative primary vector of water and amino acids to Earth? Contrary to the Miller theory, the young earth might not have been such an efficient amino acids synthesizer. On the otherhand we keep finding those in carbonacous meteorites. We have an observation that the formation of chucks of rocks in space for an unknown reason creates the building blocks for life as a byproduct. Don't you think that we should smash a lot more stuff to learn more about it? I do, let the space demolition derby go on!
I never user more than 512Mb of swap. If you have a runaway process, you can let it live but you avoid a lot of trashing. If more than one process start consuming RAM like crazy you, actually want them to die from an out-of-mem error otherwise your whole system will grind to a halt while it spends most of its time unswaping one and the other. At 512Mb you can do a little excess of memory usage but won't go beyond what you can unswap in a time quantum (mostly).
Smarter per-process ressource quotas would probably be better and it would be nice to have a trashiness function according to the disk speed but so far 512Mb sounds like the limit between using the resset button or just taking a coffee break when you see the HD led blinking like a strobe.
It is just easier to try the approach where you consume a lot of RAM first and to re-code if it doesn't work. I work in bioinformatics and we often have huge datasets, I alway try to load the whole thing and to make the computation in RAM. Only when I get and out-of-mem error do I segment the dataset and try a smarter approach. That might explain my choice for 512Mb and the right threshold for other people might be bigger or lower but I'm pretty sure that its bellow 8Gb.
I'm hoping for a dropped wrench in the VAB -- no lives lost, but we lose another shuttle to something mildly spectacular. That would put a thankful end to the program, whereupon we could start spending the money where it counts: Unmanned programs, and launch vehicles that don't suck.
(I used to be a big shuttle fan until I realized how much it was costing us).
Exactly, for the price of a single shuttle mission you can build, launch and operate for at least 90 days no less that 4 Mars rovers.
It is asymmetric public keys that you crack by factorization. More of less, the public key is a huge number and the private key is the factors. With a symmetric cipher you have nothing to factor, in fact, I don't think division even come into play for DES. IIRC you can implement it all with basic bit operations. To speedup cracking a symmetric cipher you can do cryptoanalysis but that requires known clear messages and the encrypted version, lots and lots of them. Yes you are right, RSA isn't safe and you require huge keys with asymmetric schemes. But don't assume that all ciphers are that weak just because of that.
Asymmetric schemes like RSA are a lot easier to crack than 3DES and other symmetric. A solid scheme would use very large (~4096 bits) asymmetric to exchange a symmetric key. If that sounds like SSL, well now you know why.
So far there are speedups that can be done and the attack is faster than a birthday attack. But the such attack still takes longer than what we have left of fuel in our Sun (~5Gy). There might be a faster method soon but I wanted to highlight to parent post that just because you can brute force doesn't mean that cracking is possible. A brute force that requires more energy than what a single main sequence star can provide is to all extent impossible.
Just give us the code under a fine Free Software licence and we'll port the Firefox extentions framework. Oh, and we'll start using Opera once we have the code. It won't happen before that moment, no matter how much hype your marketing dept can pump.
But anyway, there is no such thing as an encryption scheme that cannot be cracked. It is just a matter on how much time it will take to crack it. Encryption will always be crackable, we are just playing with the fact it would take 512 or so years to crack a particular scheme with the actual technology.
Are you really that clueless? I would not take 512 years to bruteforce a 320 bit key, it would take simply longer than the current age of the universe. Assuming of course that you are required to put a single computer per square centimeter of our planet surface (including oceans) and that you can't use more than one planet. The math is simple: the surface is about 5.1e18 cm^3 and there is about 4.0065e38 keys to try before you get your answer.
With limits on the speed of light you can only do so many operations per second but lets assume all your boxen are 100GHz custom built and that they can try a key per cycle. You'd need about 1.069d11 years to crack the key. Now do your homework and check how old the universe is.
Here is how I computed it: (let ((keys (* 1.1774 (sqrt (expt 2d0 320))))
(boxen (* 510065600.0 (expt 1000 2) (expt 100 2)))
(cycles (* 100 1d9)))
(/ keys boxen cycles 3600 24 365))
Play with the params and see how excesivly secure a 512 bit key would be.
Slashdot Mirror
Now we know that the draft is obsolete and we have to page a huge bundle to d/l the PDF. What do we gain from that? Is this really operational costs? Why can IETF and W3C publish electronic versions free of charges and ISO can't? I'd rather have an OASIS semi-standard than an ISO standard that most can't afford to see.
I publish my personal addr in clear text everywhere because I can setup a mailserver to deal with the spam but my university addr on the otherhand I really don't want to end up on the web. They force us to use a crappy webmail and they can't filter spam properly. An email can easily sit for a few days in the mail queue before it gets delivered! If you don't fear to publish your uni email, I guess that people at Waterloo know their shit and I congratulate them. This might be a new criterion to know if a potential uni is worth it: do faculty obfuscate their email addrs?
I think it is convenient to let people reach me by clicking on the mailto: link. It's not like obfuscating my email would suddenly stop the flow of spam and for that I have a really effective setup. So my approach it to know how to deal with the spam and not to care about the harvesters. Recently I received and email for a really interesting job proposal in Silicon Valley and I'm taking the plane on Friday for and on-site interview. Imagine if my clever scheme of email obfuscation was too cleaver for the recruiter. My setup is really simple: graylistd and spamoracle. Apt-get install both and read the doc, you can instantly filter out 95% of the stuff. There is no spam problem, I receive a lot more junk snail mail than I receive junk email. Don't try to hide, learn how to defend yourself instead.
You might like to know that Daniel Brandt founded Google Watch back in the old days to protest against page rank. Yes, Google Watch was originally just against how Google didn't give mr Brandt a good page rank. Now he added some bits about privacy but I think anyone should visit Google Watch now to see how childish Daniel Brandt is. And using Google to do datamining is against the acceptable use policy anyway.
The kind of crap job you can get won't help you to learn anything and will just show you that coding in the real world is working in a cyber sweatshop. No one care if you have an item on your resume that says that your hacked html and javascript for some random company website. And the random company won't pay someone to be with you and teach you the important things about programming that you won't learn in school.
/etc/hosts
Instead you should join a free software project that you like. Ideally something that you use yourself. Once you've contributed something significant other project members will take time to explain anything you want to know and before that they will tell you what you should read and how you can learn the skills required to implement your desired feature. If your resume says that you improved the pathfinding code in Battle for Wesnoth a future employer will be able to look at the code and see how you work. You won't have anything to show if you waste your summer re-indenting java code. By joining a free software project you will learn how to work with other people, you don't learn this in school. If you go for a company they'll put on something self contained and irelevant so you never bother more than one person.
But, if you go for a company you might find out early that you don't want to do this for the rest of your life. Its better to find this out now than after you graduate. It doesn't mean that you can't hack code, There was this taxi driver who contributed to KDE in his spare time, He made pretty good stuff. I can't recall his name... You can also start your own startup which is probably as painfull but will pay a lot more if you succeed. Working in a university is much better but it pay less and you'll have a hard time to do it without a degree. Universities _really_ want to believe that the degrees they sell are important.
Do a partime job that pays well, that way you'll have more free time to hack. Look for ultra unionized place like your municipality. The people who but the grass in city parks really earn a lot of money. You will meet a lot of lazy people, don't ever be tempted to do as they do. Laziness is the little death that brings total oblivion. Oh, and type something like this as root
echo "127.0.0.1 slashdot.org" >>
There is plenty of posts summing up the situation properly but lets develop. For industrial purpose, those are great but so are other less perfect imitations of the naturally occurring gems. For jewels on the other hand, those are completely missing the point. Anyone who is into gems worshiping is obviously lacking rational thinking. When it became evident that diamonds were not rare, diamond producers united under the name "De Beers" to cut the supply in order to jack up the price. That wasn't too successful until the major add campain "diamonds are forever".
Now all the people who are stupid enough to worship gems think that there is something special with the particular gem called "diamond". No matter what you sell and how good it is at imitating diamonds, it won't have this "something special" and it can't have it because that "something special" is purely fictional.
You can't apply a technological solution to a social problem.
The way to solve the problem with De Beers is to quite this stupid worshiping of gems, if you acknowledge that gems mean something by offering one, either a diamond or some other. you do nothing to solve the problem. Others point that offering your SO something that cost a bundle is a way to prove that you are dedicated to the relation. Personally I would recommend that you find a SO that is not lacking rational thinking but maybe you are that desperate and you really want to continue with your current one. In that case you are probably better of offering stocks, gold bullions (not jewels), collectable paintings or anything that has real value, that is tradeable and that isn't purely emotional.
But maybe I fail to understand the gems worshipers. Why do they want gems?
2000/2000 * 1998/2000 * 1996/2000 *
= reduce(lambda x, y:x*y, [x/2000.0 for x in range(1942, 2002, 2)])
That is, we have to skip a place on the playlist. You'll admit that this probability is kind of low, now you have to combine all your artists. With 2000 and 30 songs per artists you have 67 artists. The probability that non of them has consecutive songs is 0.664^67= 0.000000000000164.
To sum up, it is almost impossible not to have twice the same artist for all the artists and you should expect 36% of the artists to have consecutive songs. XMMS shuffle the list properly, exactly how it is suggested by Knuth. It is just that you playing in a shuffled order can't be that random.
Bug 21 in the XMMS Bugzilla, it was fixed in November 2002 by Håvard Kvålen. Not my patch but the general idea was kept. Ain't it a nice world we live in?
A long time ago I was dissatisfied by the lack of random in XMMS so I jumped to the source to see what I could do. I think this was my first contribution to a free software project. Anyway, here is what I found: XMMS keeps two copies of the playlist, one that is in the order you set and one that is "shuffled". This has to be clear, all the tracks in the play list are there exactly once in the shuffled playlist.
I can't recall when the shuffled playlist was reshuffled but in was not that often, maybe only when you added or removed tracks. So if you like Smoke on Water but that Ballroom Blitz is just two song after that, too bad, you'll always get Ballroom Blitz soon after you double click on Smoke on Water. Technically speaking, the shuffling was perfect, the random generator was properly seeded and they divided in the right way to prevent loosing entropy. The lack of reshuffling was entirely responsible to the perceived lack of randomness.
So my patch was just that: trigger reshuffling a lot more often. As far as I know this patch was never merged but my copy of XMMS did have the proper random behavior. I don't know if it's the same problem with the iPod. That's something I like with free software: you can fix it!
I can remember about 100 digits but remembering digits of pi for calculations is pointless. No way you are going to require more than 4 digits if you only have pen an paper. In fact, I never used recalled digits for calculations. I either use the pi button on a calculator or the pi keyword in a symbolic algebra system. You should try to remember digits of pi for a noble goal, not for mere calculations. I do it to pick up chicks! OK I don't but one chick did tell me "remembering pi is pointless, you do it just to impress chicks". Yes that was in a math dept...
You can't apply a technological solution to a social problem. Resellers will sell certs to anyone and no one even bother to have their certs signed anymore. Even my uni don't have a signed cert. You see messages like "if you browsers say that the certificate authority isn't knowned just click accept" and people just do that. Do anyone even understand what that message mean? I mean anyone not in CS and even then I'm not sure that most people grasp how the trust is supposed to go from Verisign down to your browser. Frankly I don't see what SSL _can_ protect. Unless anyone can understand how it works, the passing of certificates is doomed to be useles.
It is worst than that. There is no visible clue that you switched to password prompt mode and nothing that makes it obvious that you made several attempts. You can just swipe a random plastic card and mess with the keys as long as you want. There should be flashing lights and a loud beep when you enter the magic combo to get the pass prompt. Worst design ever!
A great game is a game that you keep playing no matter how old it
/. If your pick
is. Think chess and go vs monopoly. Yeah monopoly was kind of
popular and a lot of people played it. Many people that I know
who played monopoly didn't like chess or go. But it was
displaced by other board games. I think they play hive these
days. But still, student cafés in universities are still filled
with chess and go players.
A great game is a game that you have a hard time not to play. No
way that someone has to struggle not to play unreal tournament or
x-wings vs tie fighter. Those game died and no matter how you
liked playing them, the fact that you don't play anymore must
lead you to put then with monopoly in the good-but-dead games.
Contrast this with Nethack. A game that will hook
phds no matter how hold it is. The addiction to nethack is
really bad. I need deliberate effort not to continue my current
game and I know that if I do I'll spend at least one straight
night on it. Yes it happened that I played a game until I got
dizzy by the lack of food but nethack is the only one that I keep
playing. I wonder why we keep seeing those top-xx lists, they
are always filled with crap. They probably put random games in
there just to shock people so they'll submit to
doesn't stand the test of time, its probably not that great.
Dudley's Dungeon, a Nethack comic strip, does that. Really simple questions like "Which character represents a wand?" are both trivial for nethackers and are almost unsolvable enigma for spammers.
This approach is fine for a website oriented around a common, niche interest but I don't think a general public website should go for something like that. Salting the captchas is easier to implement and it will defeat almost all attempts to defeat them. Something like: enter the number of kids in that picture, plus the number written in this captcha plus five. Any website doing that will be a pain to use though. I think the comment should be bayes checked than a captcha, possibly salted should be sent only when it looks like spam.
Going to the lecture is overrated. Here you can show up only to the exams and some people do. Those who do it are also the bests and everyone know it. When you manage to learn by yourself you can explore a lot more parallel concepts. Heck, thats what the professors tell us: you don't need to come in class if you can learn by yourself. If you can't, feel free to come to the lecture.
A lecture is like a movie, its a bad medium to learn. In a book you can adjust the pace and read faster in the easy parts and re-read five times the hard ones. You can put a bookmark and it will stay there for six months if its what you need before you can tackle that subject again. How come we still do lectures anyway? After 2500 years we haven't found anything better than that? (I assume that lectures started in ancient Greece but I might be wrong)
I'm back from the computational astrobiology summer school in Honolulu and we were lectured by Karen Meech who was on the scientific comity for Deep Impact and in charge of all Earth based observations. Despite the catchy depiction of the mission as a space demolition derby its a perfectly valid way to study stuff out there.
/., people love to smash stuff. The science is hard to understand for the average tax payer but the impact isn't and Nasa is really outreach oriented. Next week a lot of people will talk about the recent smash at work, many more than those who talk about the holy quest from dark matter. Some of those will feel nostalgic and bring their kids star gazing and a new generation of astronomers will be on its way. Missions that are easy to understand keep the public interest high. One smash a year keeps the budget cut away?
... and we should build all new spacecrafts to be usefull when we smash them when they run out of fuel. To be usefull all the material should have its emission lines outside of Earth transparency window or at least outsides of windows for interesting stuff like organics. We should of course also launch a bunch of impactors will the sole goal of being smashed.
By smaching stuff hard enough they can vaporize matter and use Earth based spectrometers to get a really detailed description of the content. For those not into astronomy, when you split the light from a neon light, you see distinct rays, not a continuous spectrum. You can identify the gas in the tube by just looking at its rays, argon lights are different from neon and so on. When you vaporize any kind of matter you get a spectrum. You can tell whats in the sample by looking at emission or absorbsion rays depending on wether your sample is the light source or a filter. There is a catch, from Earth you can only tell the elements (and sometimes molecules) that have rays in the transparency windows of our atmosphere,
The good side of the Deep Impact kind of missions is that you can study an object on the "cheap". You just send something to be smashed and the science package is already on earth. No need to build a high price mass spectrometer and to find a way to land it without crashing. In the case of Deep Impact, you don't even need to accelerate the impactor, the comet already has all the momentum required to cause vaporization when it hits something on its path. Since Deep Impact was such a success, they figured that smashing old spacecraft was a good way to "recycle" them and rest assured that the space demolition derby is not about to end.
Another good point about smashing stuff is that is sounds cool. Just look at the comments here on
On a deeper philosophical ground I realize now that hackers should learn from this effort to present to the public an over simplistic view of what you do. Most of us can't explain to our parents what we do. This is because we try to stay accurate and I think that this is wrong. No one will start coding based on just your job description so a little inaccuracy should be allowed. As Kim Binsted told us, we should always have an elevator pitch version of what we do that anyone can understand; thats how you build contacts and how budgets are allocated.
Back to smashing stuff, I think that this is the best way we have to quickly respond to opportunities: a close-by asteroid, an unexpected comet, an alien spaceship,
By the way did you know that they are studying comets and asteroids as the putative primary vector of water and amino acids to Earth? Contrary to the Miller theory, the young earth might not have been such an efficient amino acids synthesizer. On the otherhand we keep finding those in carbonacous meteorites. We have an observation that the formation of chucks of rocks in space for an unknown reason creates the building blocks for life as a byproduct. Don't you think that we should smash a lot more stuff to learn more about it? I do, let the space demolition derby go on!
I never user more than 512Mb of swap. If you have a runaway process, you can let it live but you avoid a lot of trashing. If more than one process start consuming RAM like crazy you, actually want them to die from an out-of-mem error otherwise your whole system will grind to a halt while it spends most of its time unswaping one and the other. At 512Mb you can do a little excess of memory usage but won't go beyond what you can unswap in a time quantum (mostly).
Smarter per-process ressource quotas would probably be better and it would be nice to have a trashiness function according to the disk speed but so far 512Mb sounds like the limit between using the resset button or just taking a coffee break when you see the HD led blinking like a strobe.
It is just easier to try the approach where you consume a lot of RAM first and to re-code if it doesn't work. I work in bioinformatics and we often have huge datasets, I alway try to load the whole thing and to make the computation in RAM. Only when I get and out-of-mem error do I segment the dataset and try a smarter approach. That might explain my choice for 512Mb and the right threshold for other people might be bigger or lower but I'm pretty sure that its bellow 8Gb.
It is asymmetric public keys that you crack by factorization. More of less, the public key is a huge number and the private key is the factors. With a symmetric cipher you have nothing to factor, in fact, I don't think division even come into play for DES. IIRC you can implement it all with basic bit operations. To speedup cracking a symmetric cipher you can do cryptoanalysis but that requires known clear messages and the encrypted version, lots and lots of them. Yes you are right, RSA isn't safe and you require huge keys with asymmetric schemes. But don't assume that all ciphers are that weak just because of that.
Asymmetric schemes like RSA are a lot easier to crack than 3DES and other symmetric. A solid scheme would use very large (~4096 bits) asymmetric to exchange a symmetric key. If that sounds like SSL, well now you know why.
So far there are speedups that can be done and the attack is faster than a birthday attack. But the such attack still takes longer than what we have left of fuel in our Sun (~5Gy). There might be a faster method soon but I wanted to highlight to parent post that just because you can brute force doesn't mean that cracking is possible. A brute force that requires more energy than what a single main sequence star can provide is to all extent impossible.
Just give us the code under a fine Free Software licence and we'll port the Firefox extentions framework. Oh, and we'll start using Opera once we have the code. It won't happen before that moment, no matter how much hype your marketing dept can pump.
Are you really that clueless? I would not take 512 years to bruteforce a 320 bit key, it would take simply longer than the current age of the universe. Assuming of course that you are required to put a single computer per square centimeter of our planet surface (including oceans) and that you can't use more than one planet. The math is simple: the surface is about 5.1e18 cm^3 and there is about 4.0065e38 keys to try before you get your answer.
With limits on the speed of light you can only do so many operations per second but lets assume all your boxen are 100GHz custom built and that they can try a key per cycle. You'd need about 1.069d11 years to crack the key. Now do your homework and check how old the universe is.
Here is how I computed it:
(let ((keys (* 1.1774 (sqrt (expt 2d0 320))))
(boxen (* 510065600.0 (expt 1000 2) (expt 100 2)))
(cycles (* 100 1d9)))
(/ keys boxen cycles 3600 24 365))
Play with the params and see how excesivly secure a 512 bit key would be.