Your reply suggests you don't seem to have the foggiest idea how SSL actually works.
SSL (or TLS/Transport Layer Security) is negotiated between the web browser client and the source server before *any* HTTP activity occurs. In the briefest of summary, the client connects and says "I want an SSL conversation" (this is why SSL/https:// generally runs on a different port to regular http://), the server sends its public-key decryptable identity, the client optionally checks the certificate against the necessary CRL's, client and server exchange a few session keys and *then* if all has gone well, the browser client sends a "GET/blahblah HTTP/1.x" request over the now-encrypted channel.
Unless you can fool the client browser into thinking that it's actually connected the the source site via SSL (eg: https://give-us-all-your-money.some-bank.com) you're not even going to see the username/password prompt to be able to enter your username and password.
Intermediate proxies will generally accept a CONNECT command (to the source server) from a web browser client and then send/receive byte-for-byte data (without decoding/understanding it) until the source server or web browser client disconnect.
If you want to be able to capture identity information over an SSL connection then you have no choice but to decrypt the data stream, which you'll find very difficult to do without the certificate secret(s) and session keys.
It might be easier to be a man-in-the-middle to the ISP/EAP's "known" proxy server, intercept CONNECT's to known SSL sites and issue HTTP/302 redirects to your own non-SSL version of the sites. But you risk a half-intelligent user noticing the absence of the SSL Padlock in their browser UI, or intelligent browsers complaining about the security breach (getting redirected from SSL to non-SSL). Would be considerably easier, though.
Regardless of the temperature rise, how is melting *all* of the world's ice in Antarctica and general land mass going to cause sea levels to rise substantially? One figure I saw reported this week was a 10 metre sea level rise. (Countdown to global catastrophe)
So snow and ice covers around 6% of the planet overall and would have to be on average 116 metres thick (assuming 100% compaction, which it isn't becuase ice is full of air) to achieve a 10 metre sea level rise - does that sound right to you? Melting the entire Arctic ice mass will have no effect whatsoever because its weight is already supported by the water it floats in, so it can be ignored - people do seem to forget that.
Media hype, anyone?
Yes, higher temperatures will probably accelerate evaporation and increase the rain cycle. But who *really* knows? It's all theory and conjecture - people need to stop treating it as fact.
But global warming theory is just that: a theory. Hard, reliable and (what we today might call) accurate scientific measurements to support such a theory don't exist much prior to early 1900's, and yet graphs "demonstrating" global warming often cite data recorded long before that. Either that or they cite the limited period of 1950-1980 and try to extrapolate century-spanning trends from that.
One should wonder why the number of qualified people actually pushing global warming (ie: not greenies, media, politicians nor commercial interests, but actual scientific researchers) is a relatively small minority in the scientific community.
It is rare that you see any notable scientists or environmentalists get "front page" or "leading story" media coverage when criticizing the global warming theory. David Suzuki? David Bellamy? The closest he got to front page was page 84 (see "Global warming? It's a load of rubbish says Professor David Bellamy", Sunday Mail, Jul 18, 2004).
One global warming advocate (he's even been termed a "global warming super-salesman") who gets a lot media coverage over the years, even being a scientific adviser to US Congress on the issue, is Dr. Stephen Schneider. He was one of the people pushing "the coming ice age" and the "global cooling" theory 40 years ago of which Thangodin complained about above. In one of his more down-to-earth moments, even Dr. Schneider did not fully endorse global warming:
U.S. to blame for Africa's drought? Dr. Stephen Schnieder, Stanford University's outspoken global-warming advocate, admitted at a press conference at the Buenos Aires U.N. meeting, that no "reputable" scientist could say for certain that climate change due to human activity has yet occurred. No reputable scientist can yet say for certain that human activity causes global warming.
This was only 2002. And from the same article it seems that the journalist himself has hit the nail on the head:
But it doesn't matter what is true - what matters is what people
believe to be true.
I encourage people to go find their own facts and form their own opinions about global warming instead of accepting whatever media reports as The Gospel Truth.
I might remind you that only a few hundred years ago England had mediteranian temperature levels and was growing grapes and olives.
But of course, we are "suffering" from Global Warming.:)
Your computer asks the Evil Access Point (EAP) to validate the cert, the attacker transmits that request directly to the bankofslashdot.com. A certified session is created.
Bzzt, no: The client computer validates the cert itself, using the locally-stored CA Certificates.
Theoretically, it would be possible to setup a re-encrypting SSL transproxy to launch a man-in-the-middle attack for sniffing and stealing client information (passwords, PINs, account details, etc.). The *only* way that could work, however, is if the transproxy had the Certificate Secrets for every SSL site the client is likely to visit - which means the source sites (banks, etc) would have to have been compromised so these Certificate Secrets could be stolen. Alternatively, you could steal the CA Master Secrets and dynamically sign the certificates you send back to the client yourself. These are both highly unlikely, and they are precisely the reasons why Certificates expire and also why CRL (Certificate Revocation) exists.
I wonder how many gumbies have disabled CRL checks in their browser?:)
Total control from BIOS level up.
Kripman IP KVM Switch gives users total control from preboot stage such as the BIOS-level CMOS setting up to the GUI applications and daily maintenance routines such as power cycling of your remote computers/servers. And all these could be nicely done on your admin desk using only an ordinary web-based interface.
Ever tried to use Windows Search/"Find Files and Folders" to find text in even simple Unicode.txt files? It doesn't work, although commandline FIND works every time.
No amount of complaining to Microsoft has seen this condition change since Windows NT 4.
Thank goodness Futaba had the wisdom to have two seperate processors, with Windows CE only used for setup and not for actual control.
I fly model aircraft. Model aircraft can crash. Crashing models can hit, injure or even kill people. Could you imagine the consequences if Windows CE was running the control system and bluescreened? (Impossible, I know.) I shudder at the thought of someone releasing a single-CPU controller running Windows CE.
Caps Lock isn't an issue at the logon prompt. Because you're security conscious and have disabled "remember last username" across your network, you have to type your username in anyways and would notice something like that, right?
IE does not have automatic updates, nor does it automatically download content.
You're right of course, that "Tools/Options/Advanced/Browsing/Automatically check for Internet Explorer updates" doohickey-thingy-wotsit which has been sitting these since about version 4.0 is just for show.
If anything, you're probably refering to the windows update application, which has NOTHING todo with IE.
Yes, which is why using Firefox with the User-Agent extension let's you use the Windows Update site flawlessly... NOT!
The main issue with Li-Polys (and to a lesser extent, Li-Ions) is that once they get above a certain temperature (around 150 degrees-C, I think) they start an exothermic reaction and go into thermal runaway. In minor cases this causes the cell to swell and stop working, but in extreme cases it can actually get to a high enough temperature that the Lithium ignites and the cell explodes.
If you pay attention to the manufacturer's discharge ratings, carefully inspect cells after a "prang" and allow cells to cool before recharging then you shouldn't have any problems.
Anything can be dangerous when abused and mistreated. It is also possible to blow-up lead-acid batteries if they're not charged correctly (eg: in a poorly-ventilated area with a spark igniting the hydrogen efflux Car Talk).
I have been using Li-Poly batteries in electric aircraft for a while now, even a "hot liner" glider which pulls around 65-amps through a geared-down Astro-05. I haven't had any blow-up yet, but I have heard of the occasional one doing so. The only one's I've seen so far have been postings to the internet where people have forced them to blow-up by overcharging them causing a thermal runaway (eg: BANG! (5.1MB)). I've blown-up the occasional Ni-Cd and Ni-MH cell over the years by overcharging them, too.
Oh well, I guess FUD has moved into the battery world too.
If it were me, I'd dump the lead-acid cells and use Li-Poly (Lithium Polymer). Sure they're more expensive but they're much, much lighter due to their greater power density (hence a lot easier to pedal when you're not using the batteries). Just make sure you use a real Li-Poly charger otherwise they could go bang.
Neat device, shame about the page author. Did anyone else notice that the mu in uFR-II was consistently rendered with an image instead of using µ?
And before the other/. grammar-nazi's get onto me about using uFR-II - have you tried posting an article to/. using µ?:)
I recently purchased a Dell Inspiron which gives me nearly six hours use between charges. This does weigh-in at about 3.7kg, though.
If you want long battery life then you're going to have to accept something a little heavier. There's a limiting factor called power density, which is a measure of Ah/g (or Wh/g) you can extract from a power cell. This is improving with newer cell technologies like Li-Poly (Lithium Polymer), but Li-Po's have some interesting charging requirements which make me *not* want to have one charging in my laptop while it's sitting on my lap.:)
Slashdot Mirror
From the article: "... and they do not refer details of that material to the AFP within a reasonable time."
Oh, and: in-depth review article
Don't know why they don't mention this things in the article... MirrorDot
For those wishing to avoid NYT's soul-eating registration, try:
Congress Debates Saving Hubble
Your reply suggests you don't seem to have the foggiest idea how SSL actually works.
/blahblah HTTP/1.x" request over the now-encrypted channel.
SSL (or TLS/Transport Layer Security) is negotiated between the web browser client and the source server before *any* HTTP activity occurs. In the briefest of summary, the client connects and says "I want an SSL conversation" (this is why SSL/https:// generally runs on a different port to regular http://), the server sends its public-key decryptable identity, the client optionally checks the certificate against the necessary CRL's, client and server exchange a few session keys and *then* if all has gone well, the browser client sends a "GET
Unless you can fool the client browser into thinking that it's actually connected the the source site via SSL (eg: https://give-us-all-your-money.some-bank.com) you're not even going to see the username/password prompt to be able to enter your username and password.
Intermediate proxies will generally accept a CONNECT command (to the source server) from a web browser client and then send/receive byte-for-byte data (without decoding/understanding it) until the source server or web browser client disconnect.
If you want to be able to capture identity information over an SSL connection then you have no choice but to decrypt the data stream, which you'll find very difficult to do without the certificate secret(s) and session keys.
It might be easier to be a man-in-the-middle to the ISP/EAP's "known" proxy server, intercept CONNECT's to known SSL sites and issue HTTP/302 redirects to your own non-SSL version of the sites. But you risk a half-intelligent user noticing the absence of the SSL Padlock in their browser UI, or intelligent browsers complaining about the security breach (getting redirected from SSL to non-SSL). Would be considerably easier, though.
Regardless of the temperature rise, how is melting *all* of the world's ice in Antarctica and general land mass going to cause sea levels to rise substantially? One figure I saw reported this week was a 10 metre sea level rise. (Countdown to global catastrophe)
Area of Earth's surface (Area of Earth's Land Surface):
So snow and ice covers around 6% of the planet overall and would have to be on average 116 metres thick (assuming 100% compaction, which it isn't becuase ice is full of air) to achieve a 10 metre sea level rise - does that sound right to you? Melting the entire Arctic ice mass will have no effect whatsoever because its weight is already supported by the water it floats in, so it can be ignored - people do seem to forget that.
Media hype, anyone?
Yes, higher temperatures will probably accelerate evaporation and increase the rain cycle. But who *really* knows? It's all theory and conjecture - people need to stop treating it as fact.
Of course not.
But global warming theory is just that: a theory. Hard, reliable and (what we today might call) accurate scientific measurements to support such a theory don't exist much prior to early 1900's, and yet graphs "demonstrating" global warming often cite data recorded long before that. Either that or they cite the limited period of 1950-1980 and try to extrapolate century-spanning trends from that.
One should wonder why the number of qualified people actually pushing global warming (ie: not greenies, media, politicians nor commercial interests, but actual scientific researchers) is a relatively small minority in the scientific community.
It is rare that you see any notable scientists or environmentalists get "front page" or "leading story" media coverage when criticizing the global warming theory. David Suzuki? David Bellamy? The closest he got to front page was page 84 (see "Global warming? It's a load of rubbish says Professor David Bellamy", Sunday Mail, Jul 18, 2004).
One global warming advocate (he's even been termed a "global warming super-salesman") who gets a lot media coverage over the years, even being a scientific adviser to US Congress on the issue, is Dr. Stephen Schneider. He was one of the people pushing "the coming ice age" and the "global cooling" theory 40 years ago of which Thangodin complained about above. In one of his more down-to-earth moments, even Dr. Schneider did not fully endorse global warming:
This was only 2002. And from the same article it seems that the journalist himself has hit the nail on the head:
I encourage people to go find their own facts and form their own opinions about global warming instead of accepting whatever media reports as The Gospel Truth.
I might remind you that only a few hundred years ago England had mediteranian temperature levels and was growing grapes and olives. But of course, we are "suffering" from Global Warming. :)
Bzzt, no: The client computer validates the cert itself, using the locally-stored CA Certificates.
Theoretically, it would be possible to setup a re-encrypting SSL transproxy to launch a man-in-the-middle attack for sniffing and stealing client information (passwords, PINs, account details, etc.). The *only* way that could work, however, is if the transproxy had the Certificate Secrets for every SSL site the client is likely to visit - which means the source sites (banks, etc) would have to have been compromised so these Certificate Secrets could be stolen. Alternatively, you could steal the CA Master Secrets and dynamically sign the certificates you send back to the client yourself. These are both highly unlikely, and they are precisely the reasons why Certificates expire and also why CRL (Certificate Revocation) exists.
I wonder how many gumbies have disabled CRL checks in their browser? :)
There's plenty of manufacturers out there making KVM's with over-the-wire remote control (mainly for Data Centers and such).
For example:
How much are you prepared to pay?
Ever tried to use Windows Search/"Find Files and Folders" to find text in even simple Unicode .txt files? It doesn't work, although commandline FIND works every time.
No amount of complaining to Microsoft has seen this condition change since Windows NT 4.
I only sleep a couple of hours per night and I'm a beanstalk.
Maybe I'm the exception to "the rule."
After reading the Futaba speil at 14MZ...
Thank goodness Futaba had the wisdom to have two seperate processors, with Windows CE only used for setup and not for actual control.
I fly model aircraft. Model aircraft can crash. Crashing models can hit, injure or even kill people. Could you imagine the consequences if Windows CE was running the control system and bluescreened? (Impossible, I know.) I shudder at the thought of someone releasing a single-CPU controller running Windows CE.
Trusted Reviews has been /.'d already, so try this:
Google cacheCaps Lock isn't an issue at the logon prompt. Because you're security conscious and have disabled "remember last username" across your network, you have to type your username in anyways and would notice something like that, right?
The RFB protocol (which VNC uses) has specified ServerCutText and ClientCutText messages since protocol version 3.3:
:)
The RFB Protocol, v3.3
You just need to find server and client implementations that actually support it.
You're right of course, that "Tools/Options/Advanced/Browsing/Automatically check for Internet Explorer updates" doohickey-thingy-wotsit which has been sitting these since about version 4.0 is just for show.
Yes, which is why using Firefox with the User-Agent extension let's you use the Windows Update site flawlessly... NOT!
The main issue with Li-Polys (and to a lesser extent, Li-Ions) is that once they get above a certain temperature (around 150 degrees-C, I think) they start an exothermic reaction and go into thermal runaway. In minor cases this causes the cell to swell and stop working, but in extreme cases it can actually get to a high enough temperature that the Lithium ignites and the cell explodes.
If you pay attention to the manufacturer's discharge ratings, carefully inspect cells after a "prang" and allow cells to cool before recharging then you shouldn't have any problems.
Anything can be dangerous when abused and mistreated. It is also possible to blow-up lead-acid batteries if they're not charged correctly (eg: in a poorly-ventilated area with a spark igniting the hydrogen efflux Car Talk).
I have been using Li-Poly batteries in electric aircraft for a while now, even a "hot liner" glider which pulls around 65-amps through a geared-down Astro-05. I haven't had any blow-up yet, but I have heard of the occasional one doing so. The only one's I've seen so far have been postings to the internet where people have forced them to blow-up by overcharging them causing a thermal runaway (eg: BANG! (5.1MB)). I've blown-up the occasional Ni-Cd and Ni-MH cell over the years by overcharging them, too.
Oh well, I guess FUD has moved into the battery world too.If it were me, I'd dump the lead-acid cells and use Li-Poly (Lithium Polymer).
Sure they're more expensive but they're much, much lighter due to their greater power density (hence a lot easier to pedal when you're not using the batteries).
Just make sure you use a real Li-Poly charger otherwise they could go bang.
Does it end every response in ", ay?"
This was on /. six months ago.
Neat device, shame about the page author. Did anyone else notice that the mu in uFR-II was consistently rendered with an image instead of using µ?
And before the other /. grammar-nazi's get onto me about using uFR-II - have you tried posting an article to /. using µ? :)
BSOD's in Windows 2000 are not unheard of, particularly with third-party Bluetooth drivers (I speak from experience).
I recently purchased a Dell Inspiron which gives me nearly six hours use between charges. This does weigh-in at about 3.7kg, though.
:)
If you want long battery life then you're going to have to accept something a little heavier. There's a limiting factor called power density, which is a measure of Ah/g (or Wh/g) you can extract from a power cell. This is improving with newer cell technologies like Li-Poly (Lithium Polymer), but Li-Po's have some interesting charging requirements which make me *not* want to have one charging in my laptop while it's sitting on my lap.