You know... I honestly wish they succeed and annoy the hell out of everyone by shutting down websites everywhere. To hell with being social! That way, whoever wants to pirate anything can just go 100% dark underground where they can't be found. Things will be a lot simpler.
Regardless of which language or platform you use, a common bottleneck for web applications is the database resource. Most developers don't take large scalability into consideration when building the service architecture.
If you plan to scale large in the future, I recommend you stop thinking of the database as the main source for all queries in your system. The basic idea is that costly and complex queries/searches can be given to an external scalable service. Take for instance, the Solr project (http://lucene.apache.org/solr/) which is a third party indexing tool that can be easily integrated with any other platform.
You can design your system's database with the basic table relationships with primary keys, foreign keys and the occasional index. Any more complex table relationship, queries and searches can be delegated to this external indexing service. It will index whatever data you give it, in whatever manner you need, and return a list of results for you to easily find primary keys for direct access to your system objects. Think of it as your own personal Google indexing service... Solr is an Apache open source implementation.
Once you understand this concept, you can keep you application's internal database very lean and simple, with just enough indexes and primary keys to get instant access to entities.
[post edit] The only way I see this making any sense is if they mean that "changing your password will discard your current private/public keys and a new pair is created". That actually means your files locked with the old private key will, in fact, become unrecoverable.
But that just seems..... stupid.
They are using public/private key encryption, which seems fine. Initially, I was curious as to how they would manage private keys. And this article -- kinda -- gives us an answer.
They are storing both private and public keys on their servers... but the private key is encrypted with my password, which they don't know. Even though they have the private key, it's protected and they can't use it to decrypt my files. That's all good. Standard. The password of my password.
However, I still can't wrap my head around the password change issue. They claim that changing my password will "re-encrypt" my private key, leaving my files still locked by the same key.... How exactly does that make my files "unrecoverable" ?
Unless they are using my "encrypted private key" to lock my files in the first place... which by itself is stupid and defeats the purpose.
If they have my private key "re-encrypted" with a new password -- and assuming I know my new password -- I should still be able decrypt the private key and unlock the files.
If I understood this correctly, Lastpass.com uses the exact same approach and is managing fine allowing users to change their passwords.
Did anyone figure this out? I can't quite grasp what the issue is here.
I'm happy to agree with you, and it makes sense to refuse the vaccine on arguments that actually make sense... But when people say "I won't take the shot 'cause Jesus told me not to".. that's just not helping anyone. I can't imagine what other ludicrous and dangerous behavior these people may be allowed if they continue to care for sick people.
"I feel like in my personal faith walk, I have felt instructed not to get a flu vaccination, but it's also the whole matter of the right to choose what I put in my body"
I absolutely agree that you have the personal right to refuse a flu vaccine. Please, go along and exercise that right far away from patients who need medical care by professional people... you know... the ones that put their "beliefs" away from science.
I would imagine this to work more like a physical version of the Google Authenticator (http://code.google.com/p/google-authenticator/). It won't replace your password, but it adds a tremendous ammount of security, since you can enable online services to be accessed by YOU alone using ONLY authorized machines.
This wouldn't be your ONLY source of authentication. But it could certainly be used as multifactor authentication (much like Google Authenticator is used today).
Like other people already said before me, Hotmail NEVER accepted passwords longer than 16 characters. It would simply truncate it in silence. This is really a crap security policy and is notoriously known to be one of the worst security practices ever for password storage.
Giving everyone awareness of the max password length, sounds to me like they REALLY want people to stop thinking of Hotmail is the place to be... I mean, think about it... technically, all this does is it makes Hotmail sound outdated and insecure.
This might just be one more step they are taking towards forcing users to migrate to their new Outlook.com mail service.
Creating laws specific to the technology at hand seems like a complete nonsense to me. Today we use cookies in plain text headers of HTTP. Who knows what's going to be used as a standard in the future! If they use something else other than cookies, then it's OK to be tracked according to this law?
"and the user has a good understanding of what cookies are and how they are used"
That just means anyone without some sort of official academic degree on (like computer science or any IT course) can legally claim in court he has no knowledge of what cookies are or how they are used. If you're not an expert on the technology used, you have no obligation to assess anything about how it works.
I like to have backups online -- I have them on a couple of services. Since they are just backups, I find it convenient to encrypt all files before uploading (gnupg style).
Sorry to hear about your situation, but you must be certain that death is an inevitable part of life. It is certainly sad that some people may go away earlier than expected, and we have this notion that a person may somewhat "live a while longer" as we keep their memories alive with us. After a loved one dies, mourning certainly is an important period to help us get over this fact.
No matter how many pictures, videos or journals you make of a person while he/she is alive, nothing will replace the fact that this person is really gone. Fading memories are part of an essential process where we leave them behind and move on with our lives. We will certainly remember and honor our loved ones at their best and most marking moments. But holding on to so many specific details about their lives takes an incredible unnatural effort. The longer we try, the more difficult it becomes to remember specific details. And this is natural! The more we strongly hold on to a person after he/she is gone, the more difficult it will become to keep living.
Please, don't understand me wrong. Unfortunately, that's how life goes on. It's hard, but inevitable.
I hope you make the best or your time together. And my suggestion is "stop trying to record every detail of her life and spent more time with her as a family". Your own memories of this time together should be well enough to help you get over the hard period when she's gone. In the future, when you look back, anything else will just make you seem like "the guy behind the camera".
JUST WAKE UP AN HOUR EARLIER!
Ok, people! Let's shift hour work hours so we can all get here earlier and go home while it's still bright. If everyone saves one hour of electricity every for the whole summer, that's a very super savings for the whole country! Horray! But wait... everyone's lazy to do that... so let's force the whole country to change their clocks ahead one hour. Better yet... we'll chose a different day to start doing this every year. I'll bet the IT guys will love the idea. Very easy to implement!
That's all DST was made for. Wake up earlier, go home earlier, and save on electricity bills everywhere. If people would just quit being lazy, we wouldn't have to keep doing this every damn year. Another, sensible alternative is to fix a freaking start/finish date for this thing and ONLY change it when we notice the planet's axis just moved a few degrees.
As a Brazilian, born and raised here, I can say this is one of the few things I'm proud of in my country. Ever since they implemented the electronic voting process, things have never been more efficient.
It may seem a bit "too open" by using open source code for this type of procedure, but I've seen articles explaining the entire process. Rest assured, the "open-sourceness" of this idea is the least of their concerns. The entire process is controlled and verified by multiple agents and doubled checked for fraud. All political parties are allowed to point representatives that personally follow the whole process of gathering disks, transmitting data and adding up all the votes in one central server. As far as the people are concerned, the whole thing is very transparent and does not rely entirely on computer encryption, but also on human verification and validation. Any data transmitted is done via a secure government Intranet, and never via public Internet (as one may wonder). The source code of the operating system is maintained and updated by the government under strict security policies.
As far as I can tell, this beats the hell out of any bag of paper ballots. Any ellection here takes at most a few hours to get the results to the people. We usually know the results of it on the same day we vote, just in time for the evening news.
Slashdot Mirror
apt-get install love && apt-get purge war
You know... I honestly wish they succeed and annoy the hell out of everyone by shutting down websites everywhere. To hell with being social! That way, whoever wants to pirate anything can just go 100% dark underground where they can't be found. Things will be a lot simpler.
If only that was enough to stop illegal activities....
Regardless of which language or platform you use, a common bottleneck for web applications is the database resource. Most developers don't take large scalability into consideration when building the service architecture. If you plan to scale large in the future, I recommend you stop thinking of the database as the main source for all queries in your system. The basic idea is that costly and complex queries/searches can be given to an external scalable service. Take for instance, the Solr project (http://lucene.apache.org/solr/) which is a third party indexing tool that can be easily integrated with any other platform. You can design your system's database with the basic table relationships with primary keys, foreign keys and the occasional index. Any more complex table relationship, queries and searches can be delegated to this external indexing service. It will index whatever data you give it, in whatever manner you need, and return a list of results for you to easily find primary keys for direct access to your system objects. Think of it as your own personal Google indexing service... Solr is an Apache open source implementation. Once you understand this concept, you can keep you application's internal database very lean and simple, with just enough indexes and primary keys to get instant access to entities.
CAKE! Everybody loves cake!
[post edit] The only way I see this making any sense is if they mean that "changing your password will discard your current private/public keys and a new pair is created". That actually means your files locked with the old private key will, in fact, become unrecoverable. But that just seems..... stupid.
They are storing both private and public keys on their servers... but the private key is encrypted with my password, which they don't know. Even though they have the private key, it's protected and they can't use it to decrypt my files. That's all good. Standard. The password of my password.
However, I still can't wrap my head around the password change issue. They claim that changing my password will "re-encrypt" my private key, leaving my files still locked by the same key.... How exactly does that make my files "unrecoverable" ?
Unless they are using my "encrypted private key" to lock my files in the first place... which by itself is stupid and defeats the purpose.
If they have my private key "re-encrypted" with a new password -- and assuming I know my new password -- I should still be able decrypt the private key and unlock the files.
If I understood this correctly, Lastpass.com uses the exact same approach and is managing fine allowing users to change their passwords.
Did anyone figure this out? I can't quite grasp what the issue is here.
I'm happy to agree with you, and it makes sense to refuse the vaccine on arguments that actually make sense... But when people say "I won't take the shot 'cause Jesus told me not to" .. that's just not helping anyone. I can't imagine what other ludicrous and dangerous behavior these people may be allowed if they continue to care for sick people.
"I feel like in my personal faith walk, I have felt instructed not to get a flu vaccination, but it's also the whole matter of the right to choose what I put in my body"
I absolutely agree that you have the personal right to refuse a flu vaccine. Please, go along and exercise that right far away from patients who need medical care by professional people... you know... the ones that put their "beliefs" away from science.
Next, they will try to make it illegal for you to hang up before listening to what they have to offer.
I'm learning to love XFCE more and more everyday.
... a whole new meaning to the culture of voodoo by obsessed ex-girlfriends.
I would imagine this to work more like a physical version of the Google Authenticator (http://code.google.com/p/google-authenticator/). It won't replace your password, but it adds a tremendous ammount of security, since you can enable online services to be accessed by YOU alone using ONLY authorized machines.
This wouldn't be your ONLY source of authentication. But it could certainly be used as multifactor authentication (much like Google Authenticator is used today).
Except a printer will *not* ask for any documents or do a background check to see if you are allowed to own a gun.
Like other people already said before me, Hotmail NEVER accepted passwords longer than 16 characters. It would simply truncate it in silence. This is really a crap security policy and is notoriously known to be one of the worst security practices ever for password storage. Giving everyone awareness of the max password length, sounds to me like they REALLY want people to stop thinking of Hotmail is the place to be... I mean, think about it... technically, all this does is it makes Hotmail sound outdated and insecure. This might just be one more step they are taking towards forcing users to migrate to their new Outlook.com mail service.
Creating laws specific to the technology at hand seems like a complete nonsense to me. Today we use cookies in plain text headers of HTTP. Who knows what's going to be used as a standard in the future! If they use something else other than cookies, then it's OK to be tracked according to this law?
"and the user has a good understanding of what cookies are and how they are used" That just means anyone without some sort of official academic degree on (like computer science or any IT course) can legally claim in court he has no knowledge of what cookies are or how they are used. If you're not an expert on the technology used, you have no obligation to assess anything about how it works.
"Less eye candy" .... you see, for me that just means "Less GUI annoyances".
I like to have backups online -- I have them on a couple of services. Since they are just backups, I find it convenient to encrypt all files before uploading (gnupg style).
Sorry to hear about your situation, but you must be certain that death is an inevitable part of life. It is certainly sad that some people may go away earlier than expected, and we have this notion that a person may somewhat "live a while longer" as we keep their memories alive with us. After a loved one dies, mourning certainly is an important period to help us get over this fact. No matter how many pictures, videos or journals you make of a person while he/she is alive, nothing will replace the fact that this person is really gone. Fading memories are part of an essential process where we leave them behind and move on with our lives. We will certainly remember and honor our loved ones at their best and most marking moments. But holding on to so many specific details about their lives takes an incredible unnatural effort. The longer we try, the more difficult it becomes to remember specific details. And this is natural! The more we strongly hold on to a person after he/she is gone, the more difficult it will become to keep living. Please, don't understand me wrong. Unfortunately, that's how life goes on. It's hard, but inevitable. I hope you make the best or your time together. And my suggestion is "stop trying to record every detail of her life and spent more time with her as a family". Your own memories of this time together should be well enough to help you get over the hard period when she's gone. In the future, when you look back, anything else will just make you seem like "the guy behind the camera".
Some large coprs have already used .NET to create solutions and integreate with MS products. So... legacy's already settled.
JUST WAKE UP AN HOUR EARLIER! Ok, people! Let's shift hour work hours so we can all get here earlier and go home while it's still bright. If everyone saves one hour of electricity every for the whole summer, that's a very super savings for the whole country! Horray! But wait... everyone's lazy to do that... so let's force the whole country to change their clocks ahead one hour. Better yet... we'll chose a different day to start doing this every year. I'll bet the IT guys will love the idea. Very easy to implement! That's all DST was made for. Wake up earlier, go home earlier, and save on electricity bills everywhere. If people would just quit being lazy, we wouldn't have to keep doing this every damn year. Another, sensible alternative is to fix a freaking start/finish date for this thing and ONLY change it when we notice the planet's axis just moved a few degrees.
As a Brazilian, born and raised here, I can say this is one of the few things I'm proud of in my country. Ever since they implemented the electronic voting process, things have never been more efficient. It may seem a bit "too open" by using open source code for this type of procedure, but I've seen articles explaining the entire process. Rest assured, the "open-sourceness" of this idea is the least of their concerns. The entire process is controlled and verified by multiple agents and doubled checked for fraud. All political parties are allowed to point representatives that personally follow the whole process of gathering disks, transmitting data and adding up all the votes in one central server. As far as the people are concerned, the whole thing is very transparent and does not rely entirely on computer encryption, but also on human verification and validation. Any data transmitted is done via a secure government Intranet, and never via public Internet (as one may wonder). The source code of the operating system is maintained and updated by the government under strict security policies. As far as I can tell, this beats the hell out of any bag of paper ballots. Any ellection here takes at most a few hours to get the results to the people. We usually know the results of it on the same day we vote, just in time for the evening news.
period