"Our calendar would simplify financial calculations and eliminate what we call the 'rip off' factor," explains Hanke. "Determining how much interest accrues on mortgages, bonds, forward rate agreements, swaps and others, day counts are required. Our current calendar is full of anomalies that have led to the establishment of a wide range of conventions that attempt to simplify interest calculations. Our proposed permanent calendar has a predictable 91-day quarterly pattern of two months of 30 days and a third month of 31 days, which does away with the need for artificial day count conventions."
But then they go on to say:
Hanke and Henry deal with those extra âoepiecesâ of days by dropping leap years entirely in favor of an extra week added at the end of December every five or six years. This brings the calendar in sync with the seasonal changes as the Earth circles the sun.
The current GPS encryption scheme is a bit of a joke. The P(Y) code is XORed with a keystream generated by some key that's presumably changed regularly. However, the keystream is clocked at a slower rate than the regular pseudorandom bitstream, so you can lock onto the C/A code first, estimate the offset of the P(Y), and lock on to it or its inverse. From there you can predict what the P(Y) bits are. If you start consistently seeing the inverse of what you expect, then you know that the encryption bit flipped.
Some surveying equipment can actually lock on to the P(Y) code, and there's much grumbling in that community about the government switching over to the new M code.
Let me get this straight... IF you run Apache as a reverse proxy AND you misconfigure your mod_rewrite rules, then people can unintentionally access internal resources? I'm SHOCKED! SHOCKED, I tell you!
That being said, I did RTFM and it's kind of a cute attack. It probably should be patched to protect people from shooting themselves in the foot, but I'm not sure I'd actually call it a vulnerability...
Clear offers unlimited mobile 4G Internet for not much more per month, AND they use the same 4G network as Sprint! (Sprint is a major investor in Clearwire.)
If Clear starts capping usage at 5GB, that'll be the end of their business model (since they advertise themselves as an alternative to cable or DSL).
Google's "Caffeine" update to their search engine actually scrapped MapReduce because they want to do real-time indexing, which is not feasible with a batch system like MapReduce.
IANAL, but AFAIK trademarks only apply to names being actively used in the market. By itself, you couldn't trademark "goodmanj," but if you provided products or services under the name "goodmanj," (and made it clear that it was your trademark), you could.
Err, you're mistaken. The law states that: "Except as provided in subsections (2) and (3) of this section, a person operating a moving motor vehicle while holding a wireless communications device to his or her ear is guilty of a traffic infraction."
Talking on the phone is fine if you don't hold the phone to your ear. So is talking on the phone if the car isn't moving. And there's a bunch of other exemptions.
This makes me glad that I live in Washington State, where *any* checkpoint is illegal under the Washington state constitution. The one exception is CBP, which (I think) argues that they aren't subject to the state's constitution, even when operating well within the state (not just at the border).
Yawn. This robot has nothing on the competitors at this year's AAAI robotic chess competition. Check out a video of them here: http://www.youtube.com/watch?v=OZ0Hx04KFCg. The main difference is that the robot featured in this post uses an instrumented chess board while those at the AAAI competition had to use computer vision and work with a variety of off-the-shelf chess pieces and board.
The first robot shown actually has the same RGB-D sensor that the Microsoft Kinect has and it won't move if there's a hand over the board.
SafeDisc (and older DRM schemes) detected bad sectors on disks, which are hard to duplicate. On the other hand, they've very easy to emulate. This technique sounds very similar, and the fact that they haven't addressed the emulation issue makes me VERY skeptical.
This exists, and it's called Scantegrity. At USENIX Security last week (where the Pac-Man demo was unveiled), there was a paper reporting on their experience deploying Scantegrity in a real binding government election.
GlobalScale Technologies manufactures the SheevaPlug and GuruPlug development kits. Unfortunately, they totally botched the thermal design of the product, leading it to overheat and spontaneously reboot, making it useless for a server or access point.
They finally admitted that they messed up and promised to offer a fix for free. One month later, that promise disappeared from their news page.
Attention GlobalScale Technologies: You can't just pretend that you didn't post that. Either offer the kit for free, post a plausible update to the situation, or be prepared for chargebacks for selling a device that clearly can't meet its specs.
The problem is that these sensors transmit at very low power (since they're battery powered and need to last for years) and they only transmit once every 60 seconds. You'd need a lot of sensors just to pick up one chirp.
It's possible that you could send a strong "re-pairing" signal the sensor to force it to transmit, but that signal drops off even faster.
The complaint looks like rather sloppy work. They listed Zuckerberg's home address as (what I assume is) his dad's office, said that Facebook was incorporated in New York in 2009 (no, just registered as a foreign corporation), and that their principal office is in New York (no, only their registered agent is in New York... their main office is in Palo Alto).
Even if this guy has a case, I wouldn't be surprised if his lawyer screws him over.
I made a poster about this very idea for my elementary school's "invention fair" about 20 years ago. I've probably got the poster around somewhere. Maybe I'll scan it and place it on the Internet as prior art? It certainly had many aspects of today's systems -- LCD glasses synced by IR, individual audio over IR, etc.
What about non-hardware drivers, like anti-virus drivers, virtual devices, etc? Or drivers for generic devices like USB HIDs? And if a manufacturer's certificate gets compromised, what do you do? Require people to update their hardware or face an increased risk of malware? Require people to reflash their hardware? How do you secure the reflash process? What if it crashes in the process? Do you have bricked hardware?
It's even worse than that. You can go down to the local grocery store, buy a $5 Visa/MasterCard gift card, and register it online with ANY details you'd like. This is also why you should not rely on a credit card for age verification.
Not only that, but the last time I looked at credit card protocols, they didn't even have the capability of sending the cardholder's name! Street address? Yes. Zip code? Yes. CVV/CVC? Yes. Name? No.
Want proof? Check out IBM's VisaNet API. There's no way to pass in a customer name. Or you could look at the actual protocol (although it's served off archive.org so it's sllloooowwww and unreliable).
What I imagine might be going on is that some credit card processors provide an API for sending a name, but the name gets dropped once it hits the credit card network. The merchants THINK the name is being verified, but instead any old name is silently accepted.
I've occasionally had games cross over into normal dreams. For example, after playing many hours of Super Mario World, I had a dream where I was in the garage and an earthquake just started. Not liking where this dream was going, I "paused" it and brought up the Super Mario World "Continue/Save/Quit" dialog box. I selected "quit" and everything faded out. Immediately after, I woke up.
Slashdot Mirror
But then they go on to say:
Sounds like they're just shifting the complexity.
Microsoft is now planning to auto-update most IE users.
The current GPS encryption scheme is a bit of a joke. The P(Y) code is XORed with a keystream generated by some key that's presumably changed regularly. However, the keystream is clocked at a slower rate than the regular pseudorandom bitstream, so you can lock onto the C/A code first, estimate the offset of the P(Y), and lock on to it or its inverse. From there you can predict what the P(Y) bits are. If you start consistently seeing the inverse of what you expect, then you know that the encryption bit flipped.
Some surveying equipment can actually lock on to the P(Y) code, and there's much grumbling in that community about the government switching over to the new M code.
Let me get this straight... IF you run Apache as a reverse proxy AND you misconfigure your mod_rewrite rules, then people can unintentionally access internal resources? I'm SHOCKED! SHOCKED, I tell you!
That being said, I did RTFM and it's kind of a cute attack. It probably should be patched to protect people from shooting themselves in the foot, but I'm not sure I'd actually call it a vulnerability...
Clear offers unlimited mobile 4G Internet for not much more per month, AND they use the same 4G network as Sprint! (Sprint is a major investor in Clearwire.)
If Clear starts capping usage at 5GB, that'll be the end of their business model (since they advertise themselves as an alternative to cable or DSL).
High G-forces cut off the brain's oxygen supply, so I suspect you'd die of that long before you'd be crushed to death.
No, the biggest shock in this stor...BUFFERING...
Google's "Caffeine" update to their search engine actually scrapped MapReduce because they want to do real-time indexing, which is not feasible with a batch system like MapReduce.
... won't they be obligated to license the protocol to third parties to avoid the wrath of anti-trust regulators (especially in the EU)?
IANAL, but AFAIK trademarks only apply to names being actively used in the market. By itself, you couldn't trademark "goodmanj," but if you provided products or services under the name "goodmanj," (and made it clear that it was your trademark), you could.
Or at least that's how I understand it.
http://www.smartplanet.com/blog/business-brains/new-algorithm-spots-sarcasm-in-customer-testimonials/7192
Also, you might laugh, but one of the Program Committee Chairs at the conference this was accepted at has a bunch of work on computational humor: http://www.cse.unt.edu/~rada/papers.html
In-Q-Tel, the venture capital arm of the CIA, invested in Keyhole, which Google acquired and renamed Google Earth. All of this is well-documented.
If something truly fishy was going on, it wouldn't be this well-known.
Err, you're mistaken. The law states that: "Except as provided in subsections (2) and (3) of this section, a person operating a moving motor vehicle while holding a wireless communications device to his or her ear is guilty of a traffic infraction."
Talking on the phone is fine if you don't hold the phone to your ear. So is talking on the phone if the car isn't moving. And there's a bunch of other exemptions.
Distracted driving is still illegal, though.
This makes me glad that I live in Washington State, where *any* checkpoint is illegal under the Washington state constitution. The one exception is CBP, which (I think) argues that they aren't subject to the state's constitution, even when operating well within the state (not just at the border).
Yawn. This robot has nothing on the competitors at this year's AAAI robotic chess competition. Check out a video of them here: http://www.youtube.com/watch?v=OZ0Hx04KFCg. The main difference is that the robot featured in this post uses an instrumented chess board while those at the AAAI competition had to use computer vision and work with a variety of off-the-shelf chess pieces and board.
The first robot shown actually has the same RGB-D sensor that the Microsoft Kinect has and it won't move if there's a hand over the board.
SafeDisc (and older DRM schemes) detected bad sectors on disks, which are hard to duplicate. On the other hand, they've very easy to emulate. This technique sounds very similar, and the fact that they haven't addressed the emulation issue makes me VERY skeptical.
The Department of Ecology says otherwise. Seattle Public Utilities even has a whole site devoted to helping people use rain water.
This exists, and it's called Scantegrity. At USENIX Security last week (where the Pac-Man demo was unveiled), there was a paper reporting on their experience deploying Scantegrity in a real binding government election.
GlobalScale Technologies manufactures the SheevaPlug and GuruPlug development kits. Unfortunately, they totally botched the thermal design of the product, leading it to overheat and spontaneously reboot, making it useless for a server or access point.
They finally admitted that they messed up and promised to offer a fix for free. One month later, that promise disappeared from their news page.
Attention GlobalScale Technologies: You can't just pretend that you didn't post that. Either offer the kit for free, post a plausible update to the situation, or be prepared for chargebacks for selling a device that clearly can't meet its specs.
The problem is that these sensors transmit at very low power (since they're battery powered and need to last for years) and they only transmit once every 60 seconds. You'd need a lot of sensors just to pick up one chirp.
It's possible that you could send a strong "re-pairing" signal the sensor to force it to transmit, but that signal drops off even faster.
The complaint looks like rather sloppy work. They listed Zuckerberg's home address as (what I assume is) his dad's office, said that Facebook was incorporated in New York in 2009 (no, just registered as a foreign corporation), and that their principal office is in New York (no, only their registered agent is in New York... their main office is in Palo Alto).
Even if this guy has a case, I wouldn't be surprised if his lawyer screws him over.
I made a poster about this very idea for my elementary school's "invention fair" about 20 years ago. I've probably got the poster around somewhere. Maybe I'll scan it and place it on the Internet as prior art? It certainly had many aspects of today's systems -- LCD glasses synced by IR, individual audio over IR, etc.
What about non-hardware drivers, like anti-virus drivers, virtual devices, etc? Or drivers for generic devices like USB HIDs? And if a manufacturer's certificate gets compromised, what do you do? Require people to update their hardware or face an increased risk of malware? Require people to reflash their hardware? How do you secure the reflash process? What if it crashes in the process? Do you have bricked hardware?
It's even worse than that. You can go down to the local grocery store, buy a $5 Visa/MasterCard gift card, and register it online with ANY details you'd like. This is also why you should not rely on a credit card for age verification.
Not only that, but the last time I looked at credit card protocols, they didn't even have the capability of sending the cardholder's name! Street address? Yes. Zip code? Yes. CVV/CVC? Yes. Name? No.
Want proof? Check out IBM's VisaNet API. There's no way to pass in a customer name. Or you could look at the actual protocol (although it's served off archive.org so it's sllloooowwww and unreliable).
What I imagine might be going on is that some credit card processors provide an API for sending a name, but the name gets dropped once it hits the credit card network. The merchants THINK the name is being verified, but instead any old name is silently accepted.
I've occasionally had games cross over into normal dreams. For example, after playing many hours of Super Mario World, I had a dream where I was in the garage and an earthquake just started. Not liking where this dream was going, I "paused" it and brought up the Super Mario World "Continue/Save/Quit" dialog box. I selected "quit" and everything faded out. Immediately after, I woke up.