Flip flops are a good indication that once in office a politician will be "for" whatever his handlers/lobbyists/campaign contributors are "for," without regard to any popular opinion or rationality.
Journals should pick (randomly and secretly) another group of researchers to replicate all studies during the peer review process. Pick two or three groups to be safe. Studies that can't be replicated shouldn't even be published, at least not in the top tier of journals. Only the experimental configuration and the null hypothesis should be sent to the independent groups, and none of the raw data or interpreted results from the study. Experimental designs that don't make sense should be rejected by either the journal and the replicator groups. Poor experimental design is automatically detected if more than one independent group tries to replicate the experiment and some support the null hypothesis and some reject it.
Well, in the real world, people of nearly all ages have sex with each other. When they do, certain biological processes happen. Those processes have been extensively studied by science and medicine and there are practical benefits to understanding things like hormonal changes during puberty, pregnancy, infectious diseases, sexual psychology and physiology, birth control, etc.
The conservative advice about sex should be applied to cars: Close your eyes while your parents are driving and don't ask questions. You'll do fine when you turn 16 and get your license and sit in the drivers seat for the very first time. You can even start studying automotive mechanics once you get your license, if you feel like it, but people will probably look at you strangely.
In terms of genocide we're having pretty good luck slaughtering Islamic people recently. I believe there are rumblings of yet another Muslim Axis of Evil deserving of our bombs?
The so-called progressive leaders you list were simply the oldest forms of conservatives; despots and monarchists. Progressive leaders have historically empowered the common people, not subjugated them. Just because a despot dresses despotism up in fancy language does not mean you should confuse the language with the reality. Post-enlightenment conservatives who upheld the ideals of the enlightenment could truly be called progressives. The founding fathers of the U.S. had progressive tendencies, but even they had to compromise(!) on slavery and apparently didn't really think womens' suffrage was a great idea. Therefore any conservative adhering to the popular political ideals before the Civil Rights, Women's Rights, and Gay Rights movements can hardly be called a progressive. There are conservatives today actively voting to abolish medical treatment for women and to eliminate affirmative action for the poor and to refuse legal marriage to gays.
Who wants to discredit scientific education in the classroom? Conservatives. Who wants to ban certain books in schools? Conservatives.
Pollster: "Do you believe that the government should fund a $500 million grant to a group of military-industrialists to drop bombs in the middle east to determine the impact our 'wars' have on the World's opinion of the United States?" Everyone: "KILL THE TERRISTS!!!"
TCP has SACK to handle moderate link layer packet loss, and at a certain point link layer packet loss is the link layer's fault and up to the link layer to solve via its own retransmission/forward error correction methods.
He could also have been hit by a bus walking to church instead of going to a casino, probably with higher probability than losing $500,000 in his situation. It's relatively easy to cause unlucky events to be of the unavoidable kind instead of the avoidable (gambling irresponsibly) kind.
This is largely why I am part of that complacent mass. I have a job, a home, a bright looking future. I think there's lots of problems with the world that should be fixed, but I sure as hell am not going to risk losing what I have.
Don't worry; when the jack-booted thugs do finally come for what you have earned you can stop being complacent. I'm sure they'll be reasonable.
Having to manage an inconsistent password policy is just a pain. I'm used to generating long passphrases for everything so trying to guess which random restrictions a website has on length and allowed characters is more of a problem for me than the actual security.
Precisely. If you're not storing only salted hashes of passwords you're failing it. It should be roughly as computationally infeasible for you to find password collisions as it would be for an attacker to find them when they (inevitably) steal your/etc/shadow.
Basically what you've discovered is that there's no way to enforce invalid-password timeouts without introducing gaping DDoS vulnerabilities. Even if you make every IP wait 1 second for authentication attackers will just spoof connections from that single IP to DoS the user behind it. Strong cryptography at hardware speed is the only way to go.
Who else knows your simple encryption algorithm, or they key? If you just run MD5 on your password it's no use; an attacker will just run MD5 on all their dictionary words and try them as your password.
Always assume the attacker knows all your methods and algorithms and only your keys are secret.
The proper way to mount a dictionary attack is to start with an example database of stolen/cracked passwords to generate a good statistical model for most passwords and then write a generator that will enumerate all possible passwords but in an order such that the password spaces containing the majority of passwords are enumerated first. This may mean running a pure dictionary attack in parallel with a grammar for generating short English-looking passphrases, and once that's complete shift to going back over the english passphrases substituting alternating case, 1337 replacement, symbol alternatives to spaces, etc. while also beginning a brute force against shorter random passwords from the set of common ASCII characters, and sometime during that process beginning another parallel generation of all passwords using the full 8-bit character set. I don't know the exact breakdown of people's passwords but I'm guessing that is at least a reasonable order to search the possible spaces in. Obviously replace English with the assumed first language of the victim, and if necessary use the proper subset of unicode or a different ASCII codepage for passwords.
I'm sure you've seen the nonsense English generators that construct simple sentences with random dictionary words matching the parts of speech. Given that you used perfect grammar it is not as hard as you might imagine to generate the particular example you quoted. Normal English text has close to 1 bit of entropy per letter and so your passphrase might have about 60 bits of entropy. That's within the realm of large distributed attacks or dedicated attackers, comparable to RC5-64 that was cracked a few years ago. Assuming an attacker performs the search by running a brute force attack, dictionary attack, and a grammar-derived passphrase attack in parallel it would only take about 3 times as long (roughly 1.5 extra bits of entropy) to find a password of a given strength regardless of the method it was generated with.
Good luck with about half of the websites out there that have a ridiculously short limit on passwords. Some are as low as 8 or 6 (!) characters. There's no way to consistently use secure passphrases with all the shoddy web development out there. The solution is to use a password manager and generate secure passwords as long as the site will accept and protect them all with a secure master passphrase.
However, he was crappy at delivering basic calculating products and service to customers because his head was lost in the future.
I think it's primarily because he was not a metallurgist, mechanic, mass producer, computer scientist, and mathematician all rolled into one. Maybe if you had combined Edison, Ford, Ada Byron, and Babbage into one (wo)man the Steampunk revolution would have happened in style.
Since I don't have a traction motor in my car I don't want 100 kW of electricity but if I replaced my transmission with a big enough alternator I could definitely produce 100 kW of electricity.
I'm not sure why your generator had to be "large" in order to produce 50 kW but my guess is that it's entirely for reliability and cost. No need for an aluminum block or heads, headers, vvt, or other performance parts for a higher power to weight ratio. Drill some holes in a chunk of iron and slap a crankshaft, camshaft, pistons, and some valves in it and it'll do for a stationary generator. The alternator itself is probably going to be almost as big as the internal combustion engine. Your generator could probably run continuously longer than my car has been on the road.
In an effort to be more Christ-like I have told my two-year-old son not to play in the street (first with a clever picture-book I illustrated and left lying in his room and later by sending another clever toddler into his room to tell him not to run in the street, but that if he did and managed to return he would be forgiven) but I make no physical attempts to stop him from doing so. If he survives to the age of 18 I'll reward him with a well-endowed trust fund but otherwise he'll just get cremated.
Furthermore, (both for full disclosure as well as establishing a credibility baseline for this particular argument), I do fall into the category of someone who keeps to a fairly literal translation of the Bible where appropriate (poetry is poetry, parables are parables, literal-truth is literal-truth, and complicated-realities-explained-in-a-way-which-convey-their-truthful-essence-without-leading-people-into-confusing-irrelevant-technical-details-beyond-even-modern-science are complicated-realities-explained-in-a-way-which-convey-their-truthful-essence-without-leading-people-into-confusing-irrelevant-technical-details-beyond-even-modern-science).
Thank goodness I have the New International XML Version of the Bible with its convenient <parable>, <poetry>, <literal-truth>, and <complicated-reality-explained-in-a-way-which-conveys-its-truthful-essence-without-leading-people-into-confusing-irrelevant-technical-details-beyond-even-modern-science> tags, although I do wish they had abbreviated the last one in some way.
Well, just the other day I was talking with one of my Brothers in Faith about how the other people in my office would be tortured for eternity by noodley appendages for not believing in the Flying Spaghetti Monster, and a few of our coworkers took offense. But I can't imagine why; it's the truth and nothing they do can possibly change it and so they should just accept it and live with the choices they made. The FSM is forgiving, and if they'd like to repent and give up their false gods and return to the fold there's nothing stopping them. Casual conversation about religion should be totally allowed at work, in courts, etc. and I don't know why most of you hell-bound heathens get uptight about it.
I wouldn't let anyone who believed in ID near signal processing code. How can you simultaneously understand information theory and believe in ID? Isn't 90% of it based on abuse and misrepresentation of information theory?
Slashdot Mirror
Flip flops are a good indication that once in office a politician will be "for" whatever his handlers/lobbyists/campaign contributors are "for," without regard to any popular opinion or rationality.
Oh, oh! Poe's law!
So Joe McCarthy was really just an epic troll, and most people failed to pick up on that?
Journals should pick (randomly and secretly) another group of researchers to replicate all studies during the peer review process. Pick two or three groups to be safe. Studies that can't be replicated shouldn't even be published, at least not in the top tier of journals. Only the experimental configuration and the null hypothesis should be sent to the independent groups, and none of the raw data or interpreted results from the study. Experimental designs that don't make sense should be rejected by either the journal and the replicator groups. Poor experimental design is automatically detected if more than one independent group tries to replicate the experiment and some support the null hypothesis and some reject it.
It is, after all, news media's job to include an elementary education in each news broadcast so that you can understand it.
Well, in the real world, people of nearly all ages have sex with each other. When they do, certain biological processes happen. Those processes have been extensively studied by science and medicine and there are practical benefits to understanding things like hormonal changes during puberty, pregnancy, infectious diseases, sexual psychology and physiology, birth control, etc.
The conservative advice about sex should be applied to cars: Close your eyes while your parents are driving and don't ask questions. You'll do fine when you turn 16 and get your license and sit in the drivers seat for the very first time. You can even start studying automotive mechanics once you get your license, if you feel like it, but people will probably look at you strangely.
In terms of genocide we're having pretty good luck slaughtering Islamic people recently. I believe there are rumblings of yet another Muslim Axis of Evil deserving of our bombs?
The so-called progressive leaders you list were simply the oldest forms of conservatives; despots and monarchists. Progressive leaders have historically empowered the common people, not subjugated them. Just because a despot dresses despotism up in fancy language does not mean you should confuse the language with the reality. Post-enlightenment conservatives who upheld the ideals of the enlightenment could truly be called progressives. The founding fathers of the U.S. had progressive tendencies, but even they had to compromise(!) on slavery and apparently didn't really think womens' suffrage was a great idea. Therefore any conservative adhering to the popular political ideals before the Civil Rights, Women's Rights, and Gay Rights movements can hardly be called a progressive. There are conservatives today actively voting to abolish medical treatment for women and to eliminate affirmative action for the poor and to refuse legal marriage to gays.
Who wants to discredit scientific education in the classroom? Conservatives. Who wants to ban certain books in schools? Conservatives.
Pollster: "Do you believe that the government should fund a $500 million grant to a group of military-industrialists to drop bombs in the middle east to determine the impact our 'wars' have on the World's opinion of the United States?"
Everyone: "KILL THE TERRISTS!!!"
TCP has SACK to handle moderate link layer packet loss, and at a certain point link layer packet loss is the link layer's fault and up to the link layer to solve via its own retransmission/forward error correction methods.
Maybe we could call it b.slashdot.org.
Let's turn off accounts and all just post as Anonymous Cowards, too.
He could also have been hit by a bus walking to church instead of going to a casino, probably with higher probability than losing $500,000 in his situation. It's relatively easy to cause unlucky events to be of the unavoidable kind instead of the avoidable (gambling irresponsibly) kind.
This is largely why I am part of that complacent mass. I have a job, a home, a bright looking future. I think there's lots of problems with the world that should be fixed, but I sure as hell am not going to risk losing what I have.
Don't worry; when the jack-booted thugs do finally come for what you have earned you can stop being complacent. I'm sure they'll be reasonable.
In other news, 80% of enterprise users deemed completely worthless.
Having to manage an inconsistent password policy is just a pain. I'm used to generating long passphrases for everything so trying to guess which random restrictions a website has on length and allowed characters is more of a problem for me than the actual security.
Precisely. If you're not storing only salted hashes of passwords you're failing it. It should be roughly as computationally infeasible for you to find password collisions as it would be for an attacker to find them when they (inevitably) steal your /etc/shadow.
Basically what you've discovered is that there's no way to enforce invalid-password timeouts without introducing gaping DDoS vulnerabilities. Even if you make every IP wait 1 second for authentication attackers will just spoof connections from that single IP to DoS the user behind it. Strong cryptography at hardware speed is the only way to go.
Who else knows your simple encryption algorithm, or they key? If you just run MD5 on your password it's no use; an attacker will just run MD5 on all their dictionary words and try them as your password.
Always assume the attacker knows all your methods and algorithms and only your keys are secret.
The proper way to mount a dictionary attack is to start with an example database of stolen/cracked passwords to generate a good statistical model for most passwords and then write a generator that will enumerate all possible passwords but in an order such that the password spaces containing the majority of passwords are enumerated first. This may mean running a pure dictionary attack in parallel with a grammar for generating short English-looking passphrases, and once that's complete shift to going back over the english passphrases substituting alternating case, 1337 replacement, symbol alternatives to spaces, etc. while also beginning a brute force against shorter random passwords from the set of common ASCII characters, and sometime during that process beginning another parallel generation of all passwords using the full 8-bit character set. I don't know the exact breakdown of people's passwords but I'm guessing that is at least a reasonable order to search the possible spaces in. Obviously replace English with the assumed first language of the victim, and if necessary use the proper subset of unicode or a different ASCII codepage for passwords.
I'm sure you've seen the nonsense English generators that construct simple sentences with random dictionary words matching the parts of speech. Given that you used perfect grammar it is not as hard as you might imagine to generate the particular example you quoted. Normal English text has close to 1 bit of entropy per letter and so your passphrase might have about 60 bits of entropy. That's within the realm of large distributed attacks or dedicated attackers, comparable to RC5-64 that was cracked a few years ago. Assuming an attacker performs the search by running a brute force attack, dictionary attack, and a grammar-derived passphrase attack in parallel it would only take about 3 times as long (roughly 1.5 extra bits of entropy) to find a password of a given strength regardless of the method it was generated with.
Good luck with about half of the websites out there that have a ridiculously short limit on passwords. Some are as low as 8 or 6 (!) characters. There's no way to consistently use secure passphrases with all the shoddy web development out there. The solution is to use a password manager and generate secure passwords as long as the site will accept and protect them all with a secure master passphrase.
However, he was crappy at delivering basic calculating products and service to customers because his head was lost in the future.
I think it's primarily because he was not a metallurgist, mechanic, mass producer, computer scientist, and mathematician all rolled into one. Maybe if you had combined Edison, Ford, Ada Byron, and Babbage into one (wo)man the Steampunk revolution would have happened in style.
Since I don't have a traction motor in my car I don't want 100 kW of electricity but if I replaced my transmission with a big enough alternator I could definitely produce 100 kW of electricity.
I'm not sure why your generator had to be "large" in order to produce 50 kW but my guess is that it's entirely for reliability and cost. No need for an aluminum block or heads, headers, vvt, or other performance parts for a higher power to weight ratio. Drill some holes in a chunk of iron and slap a crankshaft, camshaft, pistons, and some valves in it and it'll do for a stationary generator. The alternator itself is probably going to be almost as big as the internal combustion engine. Your generator could probably run continuously longer than my car has been on the road.
In an effort to be more Christ-like I have told my two-year-old son not to play in the street (first with a clever picture-book I illustrated and left lying in his room and later by sending another clever toddler into his room to tell him not to run in the street, but that if he did and managed to return he would be forgiven) but I make no physical attempts to stop him from doing so. If he survives to the age of 18 I'll reward him with a well-endowed trust fund but otherwise he'll just get cremated.
Furthermore, (both for full disclosure as well as establishing a credibility baseline for this particular argument), I do fall into the category of someone who keeps to a fairly literal translation of the Bible where appropriate (poetry is poetry, parables are parables, literal-truth is literal-truth, and complicated-realities-explained-in-a-way-which-convey-their-truthful-essence-without-leading-people-into-confusing-irrelevant-technical-details-beyond-even-modern-science are complicated-realities-explained-in-a-way-which-convey-their-truthful-essence-without-leading-people-into-confusing-irrelevant-technical-details-beyond-even-modern-science).
Thank goodness I have the New International XML Version of the Bible with its convenient <parable>, <poetry>, <literal-truth>, and <complicated-reality-explained-in-a-way-which-conveys-its-truthful-essence-without-leading-people-into-confusing-irrelevant-technical-details-beyond-even-modern-science> tags, although I do wish they had abbreviated the last one in some way.
Well, just the other day I was talking with one of my Brothers in Faith about how the other people in my office would be tortured for eternity by noodley appendages for not believing in the Flying Spaghetti Monster, and a few of our coworkers took offense. But I can't imagine why; it's the truth and nothing they do can possibly change it and so they should just accept it and live with the choices they made. The FSM is forgiving, and if they'd like to repent and give up their false gods and return to the fold there's nothing stopping them. Casual conversation about religion should be totally allowed at work, in courts, etc. and I don't know why most of you hell-bound heathens get uptight about it.
I wouldn't let anyone who believed in ID near signal processing code. How can you simultaneously understand information theory and believe in ID? Isn't 90% of it based on abuse and misrepresentation of information theory?