the 220 you have in your house is normally 3 phase 110 which means only 110v drop between any pair of connections making it slightly safer.
Wrong.
US houses are fed with +110V, -110V and neutral. The + and - are 180 degrees out of phase (the term normally used is "split phase"). There is 220V between the two sides.
Actually you're wrong. The gp is mostly correct except that houses in the US are normally two phase, not three. Most industrial and businesses are three phase, though.
What makes you wrong is that there is no + and - assigned to the hot wires in AC because it alternates back and forth between +110 and -110 at a rate of 60 times per second (in the US). You are correct that the two hots will be 180 degrees out of phase which means that while one hot is +110 the other is -110 and vice-versa allowing 220v between the two sides and 110 between either side and neutral (which is tied to ground) when both are at peak voltage.
You must have never been audited before. Audits cost time and money and you have to prove every little thing you claimed on your tax returns. It's meant to catch cheaters but it very often times also catches out people who are simply not prepared for one and even if you manage to get through one without getting whacked with interest or penalties you still spent quite a significant amount of time and money to do so.
Perhaps I came across to harsh in my criticism. I did not mean to imply that this is a bad move by Wikipedia, it is certainly a good idea and probably something they should have done a long time ago. What I am criticising is the arrogance of claiming that they have solved the censorship issue. They have not by a long shot.
No, removal of http means that someone can no longer connect directly to http on the Wikipedia servers (or more precisely they will be redirected to https). It does not prevent a 3rd party MITM (eg: nation states) from accepting http connections and proxying them to Wikipedia via https. It is the latter that I refer to not the former.
When China provides not only the browser, but the entire OS that the majority of people there run, don't you think they can insert their own trusted CA into the mix? How hard is it for a country to require users to access essential government services online, and oh look, they might just have their own trusted CA that you have to accept. If the certs are only presented to connections in their own country it becomes that much harder for security researchers to detect. There are so many ways to pull this off it's ridiculous, and countries that can't can still use one of the other methods I outlined.
The web client will reuse the connection to the server, and to a 3rd-party observer it will all look like one massive blob of data so that all they could really get out of it is the content length of the whole thing, which due to gzip compression (which is enabled for Wikipedia, I checked), caching of resources, etc, means it will vary considerably from one fetch of a given page to the next.
If that isn't enough, http servers and TLS ciphers themselves actively hide the length of the content they transmit with techniques such as padding and adding additional random bytes to the beginning or end of a HTTPS transmission.
All up, I'd say this vector would be pretty much impossible to exploit.
The only reason this is working for now is because the censoring governments haven't implemented a workaround for it yet. There are various ways they can still censor Wikipedia:
They can use their own CA (don't even think that a country like China doesn't have access to be able to generate certs for any hostnames they want from a trusted CA) to generate a wikipedia.com cert and proxy wikipedia traffic through their own servers censoring it in the process.
They can proxy traffic from http to https and locally block the https traffic so the people in their country are foced to use the http version which is censored.
They can block Wikipedia alltogether by various different means.
For future reference call around to various wreckers in the area and see how much they'll charge to sell you a used engine and drop it in for you. You will probably be surprised just how cheaply you can get it fixed, and if you're uncomfortable with a repair done by a wrecker with used parts, it's still worth it so you can at least turn around and sell it for a lot more than the $250 Pick-N-Pull will give you.
Yes it's easy to replace a tyrod, but it's not free. You need to take the car in for an alignment afterwards, especially if you just put new tires on, unless you want to wreck the tires early.
The alternator? Really? Those are easy to replace, you just get one from a wrecker and drop it in. If you're not up to that ask the wrecker to do it for you, most will do it on the cheap.
Yep, you go to a wrecker (one that pulls the parts for you) and ask them how much to drop an engine in. Generally they will sell you the used engine and can drop it in for you cheap. Leave your mechanic out of it, he'll overcharge you for those types of repairs. It's the way to go if your alternative is to junk the car, at least you're getting it back on the road that way and you can sell it off you're not comfortable keeping it after that.
First off, in NZ it's called "GST" (Goods and Services Tax), which is similar to what the US calls "Sales Tax" and what other countries call "VAT".
Apple indeed would not pay any GST here because Apple is not the final retailer*. The final retailer would collect the GST from the sales of Apple goods and pay it directly to the IRD. Wholesale sales of the goods from Apple to the end retailer are GST exempt provided that they are sold to a GST registered business for the purpose of resale would would account for pretty much *all* of Apple's sales in NZ.
* As far as I'm aware there are no "Apple stores" in NZ, all of Apple's products are sold through other 3rd-party retailers here. Even if there were an Apple store it likely would not be directly owned by the same Apple NZ corporation that this article references.
This is absolutely the case. Autoplay is a static attribute to the HTML5 video tag and can be set to be ignored by browsers, but there is also a Javascript API for HTML5 video playback and it is trivial to start playback from there. Technically that is not "autoplay", it is just, "play" that happens to be triggered on page load via Javascript.
I think that looser pays is a good idea, but it should be for some definition of "reasonable" legal costs, where reasonable would be along the lines of billable hours at an amount set by law which would be about the billable rate for the average attorney for *one* lawyer during court hours, and for court-defined reasonable amount of time spent out of court, plus other fees along a similar vein. In other words, you can't collect for your dream team, you can only collect what an average lawyer would charge for similar services.
I love the habit in NZ of overtaking on a two-lane road by using the middle of the road and expecting on-coming cars to pull over out of the way.
What part of NZ do you live in? I've never seen that.
The batshit crazy NZ driving rule from about ten-fifteen years ago now, was that traffic turning across oncoming traffic (that would be a left turn in the US) had right of way!!!! It made some kind of sense as it allowed traffic queuing to turn to instead clear the road and not build up...but it was something I never got used to, and am glad they changed.
Not quite, it was that right turns had the right of way over left turns, but did not over traffic going straight (This would be the opposite in the states because we drive on the left side of the road here). it was a batshit rule for sure and I'm glad it changed a few years ago.
Rearview cameras don't show everything, like the person who is about to pass behind you.
Neither does a rear-vision mirror.
Already I am seeing drivers who don't bother to do a shoulder check at all.
And you get this with people driving with rear-vision mirrors as well, with the same results. This is not an argument against the cameras, this is an argument against bad driving habits.
Even worse I'm had a couple rentals where they've been making the rear window so small that using the camera is mandatory to back up at all, making for a dangerous situation when the camera or screen breaks down (or hell, even got water splashed right on the camera by a passing car, had to get out and wipe it off before I could finish backing out as nothing was visible through the water on the lens.)
Now this I agree is bad, but not because of the camera, but because of the poor visibility through the rear window. Having a camera should not be a substitute for poor visibility due to car design, neither is it a substitute for poor driving practices. When a camera is used in conjunction with good driving practices and is not used as an excuse to cut back on visibility through the windows by the car manufacturer, it is an aid to good driving as it allows you to see things from angles you otherwise would not be able to.
A driver will only occasionally turn their head to watch blind spots. They might forget.
That would be extremely bad driving habits. Keep in mind that in most places if you don't check your blindspots when changing lanes during the drivers test it is at least a significant point loss and likely an automatic fail.
Whereas systems like BLIS can be constantly watching the road and blink a light nearby the mirror alerting the driver of the presence of a vehicle in the blind spot. Combine it with sideway pointing sonars and you're almost sure that no driver is every going to accidentally cut somebody up.
This would certainly be helpful, but it should not substitute for good driving habits. Unfortunately it probably will for a lot of people. That said, if such a system were to fail unexpectedly then I would think that the driver of the vehicle would become much more cautious and check (and likely double-check) their blind spots when having to drive when the system is not working so this is certainly not an argument against digital cameras.
Right there are any number of things that can, and do happen to normal mirrors. As long as they're not going to remove the windows and replace them with video monitoring then "video mirrors" are no more or less dangerous than conventional ones. Any decent driver knows how to drive without actually relying on the mirrors anyway, they are supplemental to help out in certain situations, but you can look over your shoulder to see behind you when reversing and check your blind spots when changing lanes.
Oh, I agree, but the solution proposed above isn't a good one. The lines need to be sped up to avoid this scenario, but this needs to be done in a way that does not allow an easy free pass for terrorists to enter the secure area of the airport. You can allow people to pass through with lighter security measures but it needs to be done randomly so that no one can predict if they will be subject to the full security measures or lighter ones. To just let everyone through if the lines get too long is not the solution.
That's a bad idea. All a terrorist would have to do is watch the line and wait for it to get long enough, or know the peak times that they can get in line and just waltze right through with no screening at all.
What they need to do instead is randomly pull passengers from the line and direct them through the fast track line instead so as to ease the load on the line and make it move faster. That way there is still a random chance that any passenger will get fully screened, and if you're not selected to be fast tracked you can't avoid the screening, but it has the effect of speeding up the queue which is drastically needed.
Google is trying to force servers to use STARTTLS encryption for port 25 MX traffic, this is all commendable, but they are giving their users a false sense of security. When gmail does not display the broken padlock it simply means that the first hop to the recipient's MX server supports STARTTLS, but mail is routinely stored in plain text queues on multiple servers, transmitted on in additional hops that are not necessarily encrypted, and even the first hop encryption often times uses self-signed certs or certs signed by non-authoritative CAs, so the message being sent, while being encrypted is still vulnerable to man in the middle attacks.
But Google is giving the impression that if that first hop offers STARTTLS, then the message will be sent securely and encrypted. This will result in people putting all sorts of credit card details and other information in their emails thinking (because Google said so) that the message is secure, when nothing could be farther from the truth.
Google needs to stop this right away, it's going to do way more damage than good. There is only one way to hide the content of an email from prying eyes and that is with properly implemented PGP encryption. There is no way to hide the meta (envelope) data from prying eyes. It is really important that people not be misled on this account.
Slashdot Mirror
Wrong.
US houses are fed with +110V, -110V and neutral. The + and - are 180 degrees out of phase (the term normally used is "split phase"). There is 220V between the two sides.
Actually you're wrong. The gp is mostly correct except that houses in the US are normally two phase, not three. Most industrial and businesses are three phase, though.
What makes you wrong is that there is no + and - assigned to the hot wires in AC because it alternates back and forth between +110 and -110 at a rate of 60 times per second (in the US). You are correct that the two hots will be 180 degrees out of phase which means that while one hot is +110 the other is -110 and vice-versa allowing 220v between the two sides and 110 between either side and neutral (which is tied to ground) when both are at peak voltage.
Your post would normally be modded funny, but in today's climate I think it wouldn't be wrong to mod this insightful.
You must have never been audited before. Audits cost time and money and you have to prove every little thing you claimed on your tax returns. It's meant to catch cheaters but it very often times also catches out people who are simply not prepared for one and even if you manage to get through one without getting whacked with interest or penalties you still spent quite a significant amount of time and money to do so.
Perhaps I came across to harsh in my criticism. I did not mean to imply that this is a bad move by Wikipedia, it is certainly a good idea and probably something they should have done a long time ago. What I am criticising is the arrogance of claiming that they have solved the censorship issue. They have not by a long shot.
No, removal of http means that someone can no longer connect directly to http on the Wikipedia servers (or more precisely they will be redirected to https). It does not prevent a 3rd party MITM (eg: nation states) from accepting http connections and proxying them to Wikipedia via https. It is the latter that I refer to not the former.
When China provides not only the browser, but the entire OS that the majority of people there run, don't you think they can insert their own trusted CA into the mix? How hard is it for a country to require users to access essential government services online, and oh look, they might just have their own trusted CA that you have to accept. If the certs are only presented to connections in their own country it becomes that much harder for security researchers to detect. There are so many ways to pull this off it's ridiculous, and countries that can't can still use one of the other methods I outlined.
The web client will reuse the connection to the server, and to a 3rd-party observer it will all look like one massive blob of data so that all they could really get out of it is the content length of the whole thing, which due to gzip compression (which is enabled for Wikipedia, I checked), caching of resources, etc, means it will vary considerably from one fetch of a given page to the next.
If that isn't enough, http servers and TLS ciphers themselves actively hide the length of the content they transmit with techniques such as padding and adding additional random bytes to the beginning or end of a HTTPS transmission.
All up, I'd say this vector would be pretty much impossible to exploit.
The only reason this is working for now is because the censoring governments haven't implemented a workaround for it yet. There are various ways they can still censor Wikipedia:
They can use their own CA (don't even think that a country like China doesn't have access to be able to generate certs for any hostnames they want from a trusted CA) to generate a wikipedia.com cert and proxy wikipedia traffic through their own servers censoring it in the process.
They can proxy traffic from http to https and locally block the https traffic so the people in their country are foced to use the http version which is censored.
They can block Wikipedia alltogether by various different means.
For future reference call around to various wreckers in the area and see how much they'll charge to sell you a used engine and drop it in for you. You will probably be surprised just how cheaply you can get it fixed, and if you're uncomfortable with a repair done by a wrecker with used parts, it's still worth it so you can at least turn around and sell it for a lot more than the $250 Pick-N-Pull will give you.
Yes it's easy to replace a tyrod, but it's not free. You need to take the car in for an alignment afterwards, especially if you just put new tires on, unless you want to wreck the tires early.
The alternator? Really? Those are easy to replace, you just get one from a wrecker and drop it in. If you're not up to that ask the wrecker to do it for you, most will do it on the cheap.
Yep, you go to a wrecker (one that pulls the parts for you) and ask them how much to drop an engine in. Generally they will sell you the used engine and can drop it in for you cheap. Leave your mechanic out of it, he'll overcharge you for those types of repairs. It's the way to go if your alternative is to junk the car, at least you're getting it back on the road that way and you can sell it off you're not comfortable keeping it after that.
For a politician to commit to anything more than ten years in the future is meaningless. They likely won't be around to be held accountable.
First off, in NZ it's called "GST" (Goods and Services Tax), which is similar to what the US calls "Sales Tax" and what other countries call "VAT".
Apple indeed would not pay any GST here because Apple is not the final retailer*. The final retailer would collect the GST from the sales of Apple goods and pay it directly to the IRD. Wholesale sales of the goods from Apple to the end retailer are GST exempt provided that they are sold to a GST registered business for the purpose of resale would would account for pretty much *all* of Apple's sales in NZ.
* As far as I'm aware there are no "Apple stores" in NZ, all of Apple's products are sold through other 3rd-party retailers here. Even if there were an Apple store it likely would not be directly owned by the same Apple NZ corporation that this article references.
Yep, with an Indian accent.
This is absolutely the case. Autoplay is a static attribute to the HTML5 video tag and can be set to be ignored by browsers, but there is also a Javascript API for HTML5 video playback and it is trivial to start playback from there. Technically that is not "autoplay", it is just, "play" that happens to be triggered on page load via Javascript.
He probably did it based on his experience of the failure rate of the HPs.
I think that looser pays is a good idea, but it should be for some definition of "reasonable" legal costs, where reasonable would be along the lines of billable hours at an amount set by law which would be about the billable rate for the average attorney for *one* lawyer during court hours, and for court-defined reasonable amount of time spent out of court, plus other fees along a similar vein. In other words, you can't collect for your dream team, you can only collect what an average lawyer would charge for similar services.
I love the habit in NZ of overtaking on a two-lane road by using the middle of the road and expecting on-coming cars to pull over out of the way.
What part of NZ do you live in? I've never seen that.
The batshit crazy NZ driving rule from about ten-fifteen years ago now, was that traffic turning across oncoming traffic (that would be a left turn in the US) had right of way!!!! It made some kind of sense as it allowed traffic queuing to turn to instead clear the road and not build up...but it was something I never got used to, and am glad they changed.
Not quite, it was that right turns had the right of way over left turns, but did not over traffic going straight (This would be the opposite in the states because we drive on the left side of the road here). it was a batshit rule for sure and I'm glad it changed a few years ago.
Rearview cameras don't show everything, like the person who is about to pass behind you.
Neither does a rear-vision mirror.
Already I am seeing drivers who don't bother to do a shoulder check at all.
And you get this with people driving with rear-vision mirrors as well, with the same results. This is not an argument against the cameras, this is an argument against bad driving habits.
Even worse I'm had a couple rentals where they've been making the rear window so small that using the camera is mandatory to back up at all, making for a dangerous situation when the camera or screen breaks down (or hell, even got water splashed right on the camera by a passing car, had to get out and wipe it off before I could finish backing out as nothing was visible through the water on the lens.)
Now this I agree is bad, but not because of the camera, but because of the poor visibility through the rear window. Having a camera should not be a substitute for poor visibility due to car design, neither is it a substitute for poor driving practices. When a camera is used in conjunction with good driving practices and is not used as an excuse to cut back on visibility through the windows by the car manufacturer, it is an aid to good driving as it allows you to see things from angles you otherwise would not be able to.
A driver will only occasionally turn their head to watch blind spots. They might forget.
That would be extremely bad driving habits. Keep in mind that in most places if you don't check your blindspots when changing lanes during the drivers test it is at least a significant point loss and likely an automatic fail.
Whereas systems like BLIS can be constantly watching the road and blink a light nearby the mirror alerting the driver of the presence of a vehicle in the blind spot.
Combine it with sideway pointing sonars and you're almost sure that no driver is every going to accidentally cut somebody up.
This would certainly be helpful, but it should not substitute for good driving habits. Unfortunately it probably will for a lot of people. That said, if such a system were to fail unexpectedly then I would think that the driver of the vehicle would become much more cautious and check (and likely double-check) their blind spots when having to drive when the system is not working so this is certainly not an argument against digital cameras.
Right there are any number of things that can, and do happen to normal mirrors. As long as they're not going to remove the windows and replace them with video monitoring then "video mirrors" are no more or less dangerous than conventional ones. Any decent driver knows how to drive without actually relying on the mirrors anyway, they are supplemental to help out in certain situations, but you can look over your shoulder to see behind you when reversing and check your blind spots when changing lanes.
Oh, I agree, but the solution proposed above isn't a good one. The lines need to be sped up to avoid this scenario, but this needs to be done in a way that does not allow an easy free pass for terrorists to enter the secure area of the airport. You can allow people to pass through with lighter security measures but it needs to be done randomly so that no one can predict if they will be subject to the full security measures or lighter ones. To just let everyone through if the lines get too long is not the solution.
That's a bad idea. All a terrorist would have to do is watch the line and wait for it to get long enough, or know the peak times that they can get in line and just waltze right through with no screening at all.
What they need to do instead is randomly pull passengers from the line and direct them through the fast track line instead so as to ease the load on the line and make it move faster. That way there is still a random chance that any passenger will get fully screened, and if you're not selected to be fast tracked you can't avoid the screening, but it has the effect of speeding up the queue which is drastically needed.
Google is trying to force servers to use STARTTLS encryption for port 25 MX traffic, this is all commendable, but they are giving their users a false sense of security. When gmail does not display the broken padlock it simply means that the first hop to the recipient's MX server supports STARTTLS, but mail is routinely stored in plain text queues on multiple servers, transmitted on in additional hops that are not necessarily encrypted, and even the first hop encryption often times uses self-signed certs or certs signed by non-authoritative CAs, so the message being sent, while being encrypted is still vulnerable to man in the middle attacks.
But Google is giving the impression that if that first hop offers STARTTLS, then the message will be sent securely and encrypted. This will result in people putting all sorts of credit card details and other information in their emails thinking (because Google said so) that the message is secure, when nothing could be farther from the truth.
Google needs to stop this right away, it's going to do way more damage than good. There is only one way to hide the content of an email from prying eyes and that is with properly implemented PGP encryption. There is no way to hide the meta (envelope) data from prying eyes. It is really important that people not be misled on this account.