It's GPL 2 or later as per the source code files. It is also distributed with the GPL2.1 and LGPL2.1 license files, though I could not find any actual files in the source that use the LGPL.
The authoritative source for the version is the headers in the source code files.
Note that the FAQ on their website links to the GPL 3 but this is not authoritative, what is in the source code header files is what counts.
- 15 to 10 years ago, you had to be careful when installing drives, or RAM. You could almost slice your hand on a cheap case that had unfinished and sharp edges.
I have a scar on the back of my thumb from when I used to work in a computer repair shop and my hand slipped when trying to crack loose a particularly stubborn screw one time.
- Beige Only. You can pick any color, as long as it is beige.
What's wrong with beige? It matches my beige keyboard, beige monitor, beige speakers and beige mouse;-)
If you RTFA and listen to the embedded video Dr. Chu actually refers to concreting all the roads. While this would certainly work (most freeways in the US are concrete) I would think that this would be cost prohibitive. I don't think there would be a problem with a rough ride as I've never noticed the ride being "rough" when driving on the freeway, though, and the costs may be offset in the long run by the lower cost of maintenance (since concrete lasts way longer than asphalt).
As far as other materials go... I wonder if it may actually be possible to use plastics? I believe that they can be made any color wished and it is possible to make them to satisfy the hardness requirement of the road surface. That said, plastics would probably be even more expensive than concrete.
You would have to add the pigment to the actual road material for it to be at all practical.
That's not a bad idea. Add the pigment (or a bleaching agent) to the top layer of tar when re-paving the roads. Don't bother with roads until they need to be re-paved (which needs to happen every few years anyways) and don't bother with roofs until they need to be repainted, then you mitigate the impact of "all that extra paint" that everyone seems to think this will require.
The idea is when you need to repaint your roof paint it white... and here's a tax break for doing so::grin::. When the roads need to be repaved, pave them white. Sooner than you think, you will have all white roads and all white roofs.
Wayyyyyy different than gambling. Gambling is random and even worse, the end results (risk/reward profiles) are heavily skewed toward your competitor (the house). Stock price moves are determined by the market. Just a bunch of buyers and sellers agreeing on the price - but it isn't random, like gambling.
That's only true for some forms of gambling. The most widespread form of online gambling that I'm aware of is poker in which the house does not "compete" with the players, rather the house takes a fixed percentage from each pot and the players compete against each other. The house is simply charging a fixed fee to offset the expenses involved in hosting the gambling event plus a bit of profit (since they are, after all, a for profit business). How different is this to a brokerage firm charging a fee to buy and sell your stocks for you?
In sports betting, while the better does bet against the "house", that bet is offset by bets placed by other people so that the house is again, simply facilitating the gambling by setting the odds so that bets placed on all sides of the event cancel themselves out and the house ends up with a percentage which pays the costs of facilitating the gambling plus some profit.
Also, of interest to point out is that in most online poker sites you can actually make money without ever spending any of your own (indeed without ever even sending any money to the site). Look up the term freeroll to understand how this is possible.
people> You know... the constitution and all that... that says that goverment is elected by the people,... people> Y'know, the constitution... govm't> What about the constitution? people> Well, it says you're not supposed to do the things you're just doing. So... people> Because the constitution... govm't> ...I don't care about the constituion. Go shove it.
This is New Zealand, what constitution? The govt wants to do something here they just pass a resolution in parliament.
You're referring to an update of the article dated December 31st. My post above was dated December 30th and was fully correct as of the date of posting.
They've been able to create a trusted but phony certificate authority root certificate
Correction... it's not a *root* certificate, it's a CA certificate which is chained off the vulnerable CA's root. That said the distinction is mostly meaningless as the certificate can be used to sign an unlimited number of certificates for any domain name anyways.
MD5 has to go. The PKI infrastructure already supports SHA-2, which is considered better; MD5 is only there for legacy certs. So an upgrade doesn't require end-user browser changes; it can all be done by CAs and web sites.
It only really has to be done by CA's. This attack doesn't make an existing web site's certificate any more vulnerable to anything, regardless of how it was signed.
Probably, RapidSSL and FreeSSL's trusted root cert should be pulled from IE and Netscape, and all certs from those sources re-issued using SHA-2 hashes.
That's much more than is necessary. If RapidSSL and FreeSSL starts signing their certificates with sha-1 then there really isn't anything that need be done from the browser end, otherwise browsers could not trust md5-signed chained roots from RapidSSL and FreeSSL (as I'm fairly certain that RapidSSL and FreeSSL does not issue those legitimately anyways).
Very true, in fact there are currently two factors in control of the CA, the certificate validity period (with a resolution of 1 second) and the serial number. The attackers were able to reasonably predict both with RapidSSL due to the fact that they use sequential serial numbers. If the CA were to simply change to random serial numbers then this attack would be foiled.
That said, the best way to deal with this is to simply stop using md5 to sign the certs and use sha-1 instead.
If I understand the CCC's paper correctly, as long as *even one* of the CA certs trusted by the browser uses MD5,
Not quite, but close. It doesn't matter what the CA's cert uses, what matters is the encryption the CA uses to sign *your* cert. The difference here is that everyone need not have to get their browser updated with new root certs to avoid this problem. All that needs to happen is that CA's need to stop signing certs with md5.
If you RTFA you'll note that there is only one known CA that is really vulnerable to this attack, RapidSSL (and also FreeSSL which is part of RapidSSL). This is due to the necessary timing of the validity period and the sequential serial numbers used by the CA.
Also of note is that it doesn't matter what encryption was used to sign the root cert, what matters is the type of encryption that the vulnerable CA uses to sign *your* cert. The CA's certificate could be signed with MD5, SHA1 or anything, really.
So if I get this right, 0.0.0.0 is a valid ip address?
It can be depending on context. If you open a socket with 0.0.0.0 passed as the listening IP address then it generally means that the socket will listen on all IPs that are configured for the computer.
The ultimate weapon for the state in this case is that state can legally declare all gambling debts unenforcable. If they allow cost recovery from VISA or Paypal, the gambling sites may not only find they can't do bussiness in Kentucky but that from VISA's point of view they can't do bussiness at all with VISA.
Most gambling sites won't allow you to go into debt anyways, but require you to maintain a zero or greater balance in your account with them (if it falls to zero you simply are not allowed to gamble on the site until you put more money in the account). So not allowing them to collect gambling debts would be pointless.
As for VISA and MC not allowing them to collect, that's already a problem and there are ways around that (that usually involve setting up a third party overseas payment service, similar to paypal, that can't be directly tied to the gambling site).
The video (tab in the article) shows the various permutations of the clock. The original looked to be a 5x7 light array for each character (but with lights missing where they were not needed for display). I would venture to guess that those were incandescent light bulbs in the array.
The current version appears to be a 7 segment display consisting of a large number of smaller lights forming each segment. I wouldn't know what these smaller light bulbs are but they could still be incandescent.
1. Text messages work when voice calls are dropped for the same reason Morse can get through when SSB voice can't.
At this point it's all data... so why would TXT get thru and not voice? only explanation might be that more data doesn't get thru, or that re-tries make it happen...
but I don't buy the tone-signaling vs. voice argument... it's just bits...
For a few different reasons. One is that text messages use a different channel than voice calls (they are transmitted in the control channel), also text messages use far less bandwidth than a voice call, and finally text messages can be re-transmitted whereas a voice call is basically now or never.
For an illustration of the last two reasons think of shipping a container with something large inside it (say a car), you may only be able to fit two or maybe three cars in a container, and it's very difficult to get another one in once it is full. If you wanted to add a small package, though, that is easy, even if the container is already filled to capacity with cars. To illustrate the last point, it's as if the car has to go out on this container or it won't be shipped at all, but the small package can wait for the next container, or the one after that.
1. Airplanes are metal tubes. Ever try to make a call in an elevator? A singlewide trailer? It's difficult or impossible.
Calls have been known to work from airplanes just fine. Even though you are so far away the fact that you have a clear line of site to the cell tower (not counting a very thin metal wall) makes the call go through just fine.
2. Even if you could get a signal in a plane, you're several tens of thousand feet up. You can see dozens of cell towers but go into and out of their range very quickly at 600mph. Cell tower networks aren't designed for this.
Close but not quite. You can maintain a connection to a single cell for quite a while (again, think line of site) and the ground-based cellular networks have been known to maintain and switch a call from an airplane just fine. The problem is that the bandwidth you are using for that call gets tied up on all the cells you are in range of which can be in the hundreds from an airplane so you are using up huge amounts of the cellular providers resources just to place your phone call. Basically put, even though you are only communicating to a single selected cell all the other cells within range have to relinquish bandwidth to you or your call will end up stomping all over other calls being made from the ground on the same frequency.
Actually HDDs use +12v for the motors and +5v for the electronics. If you have a 3.5" FDD it only uses 5v. If you don't believe me try swapping the yellow (12v) and red (5v) wires going into the power connector on your HDD some time... here's a hint, the smoke you see coming off the electronics isn't from putting 5v into something that expects 12v (note if you're really dumb enough to do this I won't be held responsible for ruining your HDD).
Slashdot Mirror
Assuming it's gpl v3
Don't make assumptions, check for yourself. See my other post in this thread.
It's GPL 2 or later as per the
source
code
files.
It is also distributed with the
GPL2.1
and
LGPL2.1
license files, though I could not find any actual files in the source that use the LGPL.
The authoritative source for the version is the headers in the source code files.
Note that the
FAQ on their website
links to the
GPL 3
but this is not authoritative, what is in the source code header files is what counts.
- 15 to 10 years ago, you had to be careful when installing drives, or RAM. You could almost slice your hand on a cheap case that had unfinished and sharp edges.
I have a scar on the back of my thumb from when I used to work in a computer repair shop and my hand slipped when trying to crack loose a particularly stubborn screw one time.
- Beige Only. You can pick any color, as long as it is beige.
What's wrong with beige? It matches my beige keyboard, beige monitor, beige speakers and beige mouse ;-)
If you RTFA and listen to the embedded video Dr. Chu actually refers to concreting all the roads. While this would certainly work (most freeways in the US are concrete) I would think that this would be cost prohibitive. I don't think there would be a problem with a rough ride as I've never noticed the ride being "rough" when driving on the freeway, though, and the costs may be offset in the long run by the lower cost of maintenance (since concrete lasts way longer than asphalt).
As far as other materials go ... I wonder if it may actually be possible to use plastics? I believe that they can be made any color wished and it is possible to make them to satisfy the hardness requirement of the road surface. That said, plastics would probably be even more expensive than concrete.
You would have to add the pigment to the actual road material for it to be at all practical.
That's not a bad idea. Add the pigment (or a bleaching agent) to the top layer of tar when re-paving the roads. Don't bother with roads until they need to be re-paved (which needs to happen every few years anyways) and don't bother with roofs until they need to be repainted, then you mitigate the impact of "all that extra paint" that everyone seems to think this will require.
The idea is when you need to repaint your roof paint it white ... and here's a tax break for doing so ::grin::. When the roads need to be repaved, pave them white. Sooner than you think, you will have all white roads and all white roofs.
As in, "Hey baby I'll give you $200 to come back to my place and get it on!". 5 minutes later you're in cuffs.
That has an entirely different meaning when thinking of a dominatrix vs a prostitute. ;-)
Actually my wife and I are lifestylers. A bullwhip is just one of the many toys in our collection.
Clearly you don't understand the difference between a professional dominatrix and a prostitute who simply dresses up and gives a light spanking.
dominatrix != prostitute as usually there is no actual sex involved, hence prostitution laws do not apply.
Yes, when you can get work done on the flight at a rate of several times that per hour it is very much worth it.
Wayyyyyy different than gambling. Gambling is random and even worse, the end results (risk/reward profiles) are heavily skewed toward your competitor (the house). Stock price moves are determined by the market. Just a bunch of buyers and sellers agreeing on the price - but it isn't random, like gambling.
That's only true for some forms of gambling. The most widespread form of online gambling that I'm aware of is poker in which the house does not "compete" with the players, rather the house takes a fixed percentage from each pot and the players compete against each other. The house is simply charging a fixed fee to offset the expenses involved in hosting the gambling event plus a bit of profit (since they are, after all, a for profit business). How different is this to a brokerage firm charging a fee to buy and sell your stocks for you?
In sports betting, while the better does bet against the "house", that bet is offset by bets placed by other people so that the house is again, simply facilitating the gambling by setting the odds so that bets placed on all sides of the event cancel themselves out and the house ends up with a percentage which pays the costs of facilitating the gambling plus some profit.
Also, of interest to point out is that in most online poker sites you can actually make money without ever spending any of your own (indeed without ever even sending any money to the site). Look up the term freeroll to understand how this is possible.
people> You know... the constitution and all that... that says that goverment is elected by the people, ... ...I don't care about the constituion. Go shove it.
people> Y'know, the constitution...
govm't> What about the constitution?
people> Well, it says you're not supposed to do the things you're just doing. So...
people> Because the constitution...
govm't>
This is New Zealand, what constitution? The govt wants to do something here they just pass a resolution in parliament.
govm't> *explodes*
That's fine by me.
You're referring to an update of the article dated December 31st. My post above was dated December 30th and was fully correct as of the date of posting.
They've been able to create a trusted but phony certificate authority root certificate
Correction ... it's not a *root* certificate, it's a CA certificate which is chained off the vulnerable CA's root. That said the distinction is mostly meaningless as the certificate can be used to sign an unlimited number of certificates for any domain name anyways.
MD5 has to go. The PKI infrastructure already supports SHA-2, which is considered better; MD5 is only there for legacy certs. So an upgrade doesn't require end-user browser changes; it can all be done by CAs and web sites.
It only really has to be done by CA's. This attack doesn't make an existing web site's certificate any more vulnerable to anything, regardless of how it was signed.
Probably, RapidSSL and FreeSSL's trusted root cert should be pulled from IE and Netscape, and all certs from those sources re-issued using SHA-2 hashes.
That's much more than is necessary. If RapidSSL and FreeSSL starts signing their certificates with sha-1 then there really isn't anything that need be done from the browser end, otherwise browsers could not trust md5-signed chained roots from RapidSSL and FreeSSL (as I'm fairly certain that RapidSSL and FreeSSL does not issue those legitimately anyways).
Very true, in fact there are currently two factors in control of the CA, the certificate validity period (with a resolution of 1 second) and the serial number. The attackers were able to reasonably predict both with RapidSSL due to the fact that they use sequential serial numbers. If the CA were to simply change to random serial numbers then this attack would be foiled.
That said, the best way to deal with this is to simply stop using md5 to sign the certs and use sha-1 instead.
If I understand the CCC's paper correctly, as long as *even one* of the CA certs trusted by the browser uses MD5,
Not quite, but close. It doesn't matter what the CA's cert uses, what matters is the encryption the CA uses to sign *your* cert. The difference here is that everyone need not have to get their browser updated with new root certs to avoid this problem. All that needs to happen is that CA's need to stop signing certs with md5.
If you RTFA you'll note that there is only one known CA that is really vulnerable to this attack, RapidSSL (and also FreeSSL which is part of RapidSSL). This is due to the necessary timing of the validity period and the sequential serial numbers used by the CA.
Also of note is that it doesn't matter what encryption was used to sign the root cert, what matters is the type of encryption that the vulnerable CA uses to sign *your* cert. The CA's certificate could be signed with MD5, SHA1 or anything, really.
So if I get this right, 0.0.0.0 is a valid ip address?
It can be depending on context. If you open a socket with 0.0.0.0 passed as the listening IP address then it generally means that the socket will listen on all IPs that are configured for the computer.
The ultimate weapon for the state in this case is that state can legally declare all gambling debts unenforcable. If they allow cost recovery from VISA or Paypal, the gambling sites may not only find they can't do bussiness in Kentucky but that from VISA's point of view they can't do bussiness at all with VISA.
Most gambling sites won't allow you to go into debt anyways, but require you to maintain a zero or greater balance in your account with them (if it falls to zero you simply are not allowed to gamble on the site until you put more money in the account). So not allowing them to collect gambling debts would be pointless.
As for VISA and MC not allowing them to collect, that's already a problem and there are ways around that (that usually involve setting up a third party overseas payment service, similar to paypal, that can't be directly tied to the gambling site).
The video (tab in the article) shows the various permutations of the clock. The original looked to be a 5x7 light array for each character (but with lights missing where they were not needed for display). I would venture to guess that those were incandescent light bulbs in the array.
The current version appears to be a 7 segment display consisting of a large number of smaller lights forming each segment. I wouldn't know what these smaller light bulbs are but they could still be incandescent.
Not that I know of but there's a video tab in the article where you can see the clock running (not live, though).
1. Text messages work when voice calls are dropped for the same reason Morse can get through when SSB voice can't.
At this point it's all data... so why would TXT get thru and not voice? only explanation might be that more data doesn't get thru, or that re-tries make it happen...
but I don't buy the tone-signaling vs. voice argument... it's just bits...
For a few different reasons. One is that text messages use a different channel than voice calls (they are transmitted in the control channel), also text messages use far less bandwidth than a voice call, and finally text messages can be re-transmitted whereas a voice call is basically now or never.
For an illustration of the last two reasons think of shipping a container with something large inside it (say a car), you may only be able to fit two or maybe three cars in a container, and it's very difficult to get another one in once it is full. If you wanted to add a small package, though, that is easy, even if the container is already filled to capacity with cars. To illustrate the last point, it's as if the car has to go out on this container or it won't be shipped at all, but the small package can wait for the next container, or the one after that.
1. Airplanes are metal tubes. Ever try to make a call in an elevator? A singlewide trailer? It's difficult or impossible.
Calls have been known to work from airplanes just fine. Even though you are so far away the fact that you have a clear line of site to the cell tower (not counting a very thin metal wall) makes the call go through just fine.
2. Even if you could get a signal in a plane, you're several tens of thousand feet up. You can see dozens of cell towers but go into and out of their range very quickly at 600mph. Cell tower networks aren't designed for this.
Close but not quite. You can maintain a connection to a single cell for quite a while (again, think line of site) and the ground-based cellular networks have been known to maintain and switch a call from an airplane just fine. The problem is that the bandwidth you are using for that call gets tied up on all the cells you are in range of which can be in the hundreds from an airplane so you are using up huge amounts of the cellular providers resources just to place your phone call. Basically put, even though you are only communicating to a single selected cell all the other cells within range have to relinquish bandwidth to you or your call will end up stomping all over other calls being made from the ground on the same frequency.
Disks are already 12 VDC only
Actually HDDs use +12v for the motors and +5v for the electronics. If you have a 3.5" FDD it only uses 5v. If you don't believe me try swapping the yellow (12v) and red (5v) wires going into the power connector on your HDD some time ... here's a hint, the smoke you see coming off the electronics isn't from putting 5v into something that expects 12v (note if you're really dumb enough to do this I won't be held responsible for ruining your HDD).