I'm with you. I am entirely serious when I say the slashdot M1 system, and the fact that some people think it's working are more of a source of amusement to me.
It's not that the most of the moderators are shit, either - I'm sure that's not the case.
I believe it's because the whole M1 system is fundamentally fucked up. The most boring of points go from Score 1 to Score 5 immediately due to people looking at pages that are 30 seconds old, and moderating them. Then the "Underrateds" hit and drive things back down. Things see-saw back and forth until the article reaches the bottom of the front page.
Metamoderating properly is annoying and takes a lot of time, I'd can't imagine many people actually bother to get some context first, then read the entire comment before deciding whether the moderation is fair or not.
When I get mod points, the first thing I do is look for five places where I'll get away with it, and use the most ironic moderation for the comment at hand. I get through M2 no worries, because people don't bother checking context or reading posts, and piss myself laughing while doing it.
I can't believe at one time I used to spend my mod points carefully and for the good of slashdot. It's a waste of time and not worth taking seriously. Slashdot is a big joke. That doesn't stop me coming here, there's good disucussions to be had. And teh funay. Anything to do with the actual editorial and website is pretty crappy, and totally braindead in parts.
Cranking an engine over by hand isn't ignition either. Ignition is the firing of the spark plugs. There is no such thing as manual ignition, unless someone's stolen your distributor cap, and you've got really fast hands.
Based on nothing more than folk lore and a profit motive.
And, um, a motive to keep my valvetrain lubricated with good, clean oil. Good advice from the mechanic, if you ask me. You can change it every 10,000kms (+-7500 miles) and your engine will be fine, for some time.
Change it every 5000-7500 kms, and it'll last longer. Proven fact with Japanese engines especially.
This is what I don't understand: You won't be able to lob one of these toward someone without them noticing it. In a combat situation, they'll probably treat the object as if it were a grenade. They'd have evaded it, hidded from it or secured it before the camera has had the chance to "stablise".
At any price, this invention measures pretty high on my WTF-ometer.
Well, I wouldn't go so far as to call them idiots; to this day many of them are still friends
And they did develop some neat stuff. It's just they don't seem to have ever looked under the hood, taken Computer Science (then again, neither have I), or otherwise gained a basic understanding of what the OS does, or is supposed to do.
In many ways it's fair enough, too. They get the job done after all. They just could do better.
In my experience, Linux devs are smug geeks who think they're hardcore because they build the apps they use from the source. The last Linux dev I worked with was a goddamn fucking incompetent muppet*. What's your point?
Okay, I admit I took advantage of/.'s bias when saying what I thought. I knew the generalisation would stir a few people up. That's half the problem with generalisations, and half the fun.
Nero is probably a bad example - it talks to hardware in a way that most apps don't. But come to think of it, I don't think I had to reboot the last time I installed Nero.
It wasn't actually my question anyway, and I'd have no idea, I don't use it. Since the question was posed, I assumed it was necessary. The point I'm trying to make is: "Restarting often is ingrained in Windows users."
And as for 'every single installer would restart the computer', I'll grant you that some installers insist on a restart for seemingly arbitrary reasons, but 'every single' one? Not even close.
Sorry I didn't make it clear, I was still talking about _our_ products. Not every single installer for Windows applications. Most still ask to restart unnecessarily, however. And in ways that tend to imply that it is necessary.
Sorry, still angry about that fucking over-confident smug arrogant twat...
Don't worry, I see your point completely. They're everywhere. I made a generalisation even I knew didn't hold water, I'm really just trying to see how far I can go before I get modded down, I suppose.
This restart manager just seems like such a hack, doesn't it?
You reckon _that's_ a hack? Wait for the soon-to-be unveiled Floppy Disk Manager.
It's a new innovation from Microsoft that monitors the floppy drives in your computer to see if there's actually a disk in them. Then, later on when you get a list of volumes ('My Computer' in =XP) we're able to avoid the delay of trying to read a floppy when there actually isn't one in the drive!
So why should I have to reboot when I install something like Nero? Or anything besides the kernel or hardware for that matter?
Having worked with several Windows developers (the worst of the pseudo-techies), I couldn't begin to tell you how dearly they hold their restarts and drive defrags.
Ever single installer would restart the computer, no matter how trivial the package installed is, even if it's just a bunch of PDFs. I've argued till I'm blue in the face with someone who insisted that you really need to restart to register all the files you copy on, DLLs or not.
Then there's defragging. Not only would all the devs defrag their own drives every week, they'd pretend they could notice a difference. It's the first thing our helpdesk would tell you to do if there were problems. Second, reinstall the OS.
Why do you have to reboot when you install something as simple as Nero? Two reasons. In my experience, Windows devs are pseudo-technical. They know a there's 1024 b's in a k, but not why. Second reason, that's what they're used to. They probably had to restart a half dozen times to install their click-and-drool development environment, and it becomes par for the course.
AND, because you actually FIX 50% of windows problems by restarting, why not?
Mark my words, Vista will be just as bumpy a ride as XP was. You'll be restarting it often enough, matey.
Exactly. Will any exiting installers call the restart mis-manager? Probably not, because they don't know about it. You'll probably still get msgboxes telling you you must restart, with a single "OK" button on it, and not be able to click anywhere else.
And of course there's the case of the restart mis-manager thinking it's clear to restart a service, when it isn't.
When we did it, we kept our lines (2xBRI, giving four voice channels), and set up an Asterisk box. The goal was for me to learn it so we could support it, and replace our aging PABX in the end.
It took a while, and we did take a while sorting out echoes and other niggly problems, but it's all go now. It can scale as much as we can afford; Digium hardware is still a ripoff at the moment. Now we're building SIP into our applications, getting remote DDI access, doing all sorts of things with our phones.
We don't really use VOIP except for me & the bosses to use the business lines from anywhere on the net (where it's fast enough, and not already flooded). We've messed around with a few providers, but it hasn't worked out well enough for us to dial permanently through VOIP. As a replacement for an ordinary PABX, I think Asterisk is great.
Whoops, I thought you were the person I replied to in the first place. You're right, you didn't say that at all.
Sorry about that.
I would have thought that each different MD5sum had an equal probability, but that's only based on a hunch. I have actually read the MD5 spec and implementation, but I'm not that at all good at statistics and all the formulae in those docs. So I wouldn't call myself a crypographer by any means, so I won't dispute that some checksums just won't be hit by anything, and you'll spend forever if you try to brute force it.
I find it a little surprising, but I've been wrong and surprised before. Sometimes it really hurt.
Perhaps true, but that's not what matters. You were saying we now practically have a way of turning an MD5sum back into a cleartext password, and we don't.
I'm not willing to try and generate every unique hash, because that's not the point.
Now, the attacker can rely on the fact that if he can assure the real and bogus ISOs hash to the same value up to some point in the data stream and they are bit-for-bit identical after that point in the data stream, then the final hashes will be the same.
Don't you mean "to the same STATE up the some point in the data stream"?
We might be at the same hash output, but aren't there still many more bits of "state" in the engine that all have to be the same too?
Honestly, I can't remember, but I've got a hunch this is true.
You don't seem to understand... Having the MD5 hash of a piece of software and the ability to generate a collision for that hash will logically lead to more code which can take any dll/exe, inject malicous code along with whatever other random garbage characters are needed to produce the collision. Yes, the sizes will be different but even that can be fudged given the sophistication of today's hackers.
You don't seem to read the article. We don't yet have the ability to create a plaintext that will map to a predetermined hash value.
While we might discover that "Donald Duck" has the same hash as "a", we don't get to choose either. We can't say "gimme a plaintext that hashes to this: 0x4faed...", all we can do so far is say "find two plaintexts that will give us the same hash"
Not that this doesn't mean this is a very serious matter. My take on the situation is: "Oh. Shit."
It was always the case that two values could collide to the same hash. You'd be a fool to think otherwise, there's only so many possibilities of hash output, but infinite possibilities of input. Therefore, for each hash value, there are an infinite number of plaintexts that will collide.
Even at the design stage it was known there'd be collisions. They just thought they'd be near impossible to determine. Now it's not even difficult.
Slashdot Mirror
Whiskey. Tango. Foxtrot.
It's not that the most of the moderators are shit, either - I'm sure that's not the case.
I believe it's because the whole M1 system is fundamentally fucked up. The most boring of points go from Score 1 to Score 5 immediately due to people looking at pages that are 30 seconds old, and moderating them. Then the "Underrateds" hit and drive things back down. Things see-saw back and forth until the article reaches the bottom of the front page.
Metamoderating properly is annoying and takes a lot of time, I'd can't imagine many people actually bother to get some context first, then read the entire comment before deciding whether the moderation is fair or not.
When I get mod points, the first thing I do is look for five places where I'll get away with it, and use the most ironic moderation for the comment at hand. I get through M2 no worries, because people don't bother checking context or reading posts, and piss myself laughing while doing it.
I can't believe at one time I used to spend my mod points carefully and for the good of slashdot. It's a waste of time and not worth taking seriously. Slashdot is a big joke. That doesn't stop me coming here, there's good disucussions to be had. And teh funay. Anything to do with the actual editorial and website is pretty crappy, and totally braindead in parts.
Hehe, of course it's all in jest.
Thanks. I L'd O L.
Cranking an engine over by hand isn't ignition either. Ignition is the firing of the spark plugs. There is no such thing as manual ignition, unless someone's stolen your distributor cap, and you've got really fast hands.
And, um, a motive to keep my valvetrain lubricated with good, clean oil. Good advice from the mechanic, if you ask me. You can change it every 10,000kms (+-7500 miles) and your engine will be fine, for some time.
Change it every 5000-7500 kms, and it'll last longer. Proven fact with Japanese engines especially.
Never mind, it's only a Honda...
Well now, like me, you're 30, and the paper is edited by thirteen year-olds.
This is what I don't understand: You won't be able to lob one of these toward someone without them noticing it. In a combat situation, they'll probably treat the object as if it were a grenade. They'd have evaded it, hidded from it or secured it before the camera has had the chance to "stablise".
At any price, this invention measures pretty high on my WTF-ometer.
"...I think it works quite well..." -CmdrTaco on Slashdot M1 in the FAQ.
"(+5, Funny OMG LOL)" -Me, on same.
Wha?? This guy has _proven_ to us that HE CAN'T BE TRUSTED. You want him to work in the security departement.
And they did develop some neat stuff. It's just they don't seem to have ever looked under the hood, taken Computer Science (then again, neither have I), or otherwise gained a basic understanding of what the OS does, or is supposed to do.
In many ways it's fair enough, too. They get the job done after all. They just could do better.
Okay, I admit I took advantage of
Nero is probably a bad example - it talks to hardware in a way that most apps don't. But come to think of it, I don't think I had to reboot the last time I installed Nero.
It wasn't actually my question anyway, and I'd have no idea, I don't use it. Since the question was posed, I assumed it was necessary. The point I'm trying to make is: "Restarting often is ingrained in Windows users."
And as for 'every single installer would restart the computer', I'll grant you that some installers insist on a restart for seemingly arbitrary reasons, but 'every single' one? Not even close.
Sorry I didn't make it clear, I was still talking about _our_ products. Not every single installer for Windows applications. Most still ask to restart unnecessarily, however. And in ways that tend to imply that it is necessary.
Sorry, still angry about that fucking over-confident smug arrogant twat...
Don't worry, I see your point completely. They're everywhere. I made a generalisation even I knew didn't hold water, I'm really just trying to see how far I can go before I get modded down, I suppose.
You reckon _that's_ a hack? Wait for the soon-to-be unveiled Floppy Disk Manager.
It's a new innovation from Microsoft that monitors the floppy drives in your computer to see if there's actually a disk in them. Then, later on when you get a list of volumes ('My Computer' in =XP) we're able to avoid the delay of trying to read a floppy when there actually isn't one in the drive!
Having worked with several Windows developers (the worst of the pseudo-techies), I couldn't begin to tell you how dearly they hold their restarts and drive defrags.
Ever single installer would restart the computer, no matter how trivial the package installed is, even if it's just a bunch of PDFs. I've argued till I'm blue in the face with someone who insisted that you really need to restart to register all the files you copy on, DLLs or not.
Then there's defragging. Not only would all the devs defrag their own drives every week, they'd pretend they could notice a difference. It's the first thing our helpdesk would tell you to do if there were problems. Second, reinstall the OS.
Why do you have to reboot when you install something as simple as Nero? Two reasons. In my experience, Windows devs are pseudo-technical. They know a there's 1024 b's in a k, but not why. Second reason, that's what they're used to. They probably had to restart a half dozen times to install their click-and-drool development environment, and it becomes par for the course.
AND, because you actually FIX 50% of windows problems by restarting, why not? Mark my words, Vista will be just as bumpy a ride as XP was. You'll be restarting it often enough, matey.
Exactly. Will any exiting installers call the restart mis-manager? Probably not, because they don't know about it. You'll probably still get msgboxes telling you you must restart, with a single "OK" button on it, and not be able to click anywhere else. And of course there's the case of the restart mis-manager thinking it's clear to restart a service, when it isn't.
You forgot to say HELO, so my SMTP server would tell to piss off and come back when you're feeling more polite.
When we did it, we kept our lines (2xBRI, giving four voice channels), and set up an Asterisk box. The goal was for me to learn it so we could support it, and replace our aging PABX in the end.
It took a while, and we did take a while sorting out echoes and other niggly problems, but it's all go now. It can scale as much as we can afford; Digium hardware is still a ripoff at the moment. Now we're building SIP into our applications, getting remote DDI access, doing all sorts of things with our phones.
We don't really use VOIP except for me & the bosses to use the business lines from anywhere on the net (where it's fast enough, and not already flooded). We've messed around with a few providers, but it hasn't worked out well enough for us to dial permanently through VOIP. As a replacement for an ordinary PABX, I think Asterisk is great.
Sorry about that.
I would have thought that each different MD5sum had an equal probability, but that's only based on a hunch. I have actually read the MD5 spec and implementation, but I'm not that at all good at statistics and all the formulae in those docs. So I wouldn't call myself a crypographer by any means, so I won't dispute that some checksums just won't be hit by anything, and you'll spend forever if you try to brute force it.
I find it a little surprising, but I've been wrong and surprised before. Sometimes it really hurt.
Cheers, Ben.
Perhaps true, but that's not what matters. You were saying we now practically have a way of turning an MD5sum back into a cleartext password, and we don't.
I'm not willing to try and generate every unique hash, because that's not the point.
What!?! You mean there's some people that _don't_ use MSN?!?!
We might be at the same hash output, but aren't there still many more bits of "state" in the engine that all have to be the same too?
Honestly, I can't remember, but I've got a hunch this is true.
While we might discover that "Donald Duck" has the same hash as "a", we don't get to choose either. We can't say "gimme a plaintext that hashes to this: 0x4faed...", all we can do so far is say "find two plaintexts that will give us the same hash"
Not that this doesn't mean this is a very serious matter. My take on the situation is: "Oh. Shit."
It was always the case that two values could collide to the same hash. You'd be a fool to think otherwise, there's only so many possibilities of hash output, but infinite possibilities of input. Therefore, for each hash value, there are an infinite number of plaintexts that will collide.
Even at the design stage it was known there'd be collisions. They just thought they'd be near impossible to determine. Now it's not even difficult.