In my experience--based solely on the people I know that play WoW, not necessarily on the stories you read online--the likelihood of Wow at least *interfering* with your social life is pretty high. You might decide not to go out with some friends one night because you're just so close to leveling up or completing a quest. That might sound like a really minor problem, but it adds up. The probability of it interfering increasing significantly if you are a member of a raiding guild. Since raiders are the people mentioned in the blurb, I think the OP's point was valid. He didn't even seem to be criticizing all WoW players, just those who rush out to "beat" the expansion quicker than anyone else.
Remember, there are exceptions to every rule. Some people that use cocaine do so without any noticeable negative side effects on their lives. A lot of the time, however, there are very bad, very noticeable side effects socially, physically, and financially. I know that's an over the top example, but I think the same is true of WoW. You might be an exception, and if so, that's great. But just because you continue to thrive despite playing WoW doesn't mean others are as lucky. Something to keep in mind, that's all...
Last year I gave the government 3000 extra which could have stayed as a cushion in a bank account or have been invested rather than getting it back with no interest.
Given the state of the markets, overpaying the IRS might be the safest thing to do with your money.
Tax payers should be able to log into their IRS account and see what they owe throughout the year based on what their earnings are and how much has been taken out of their paychecks already.
Yes, they should definitely be able to do that. Two problems. First, relatively few people would use that feature enough to justify the cost of building it. Second, the IRS will never put a system like that in place on their own, because they make money from keeping people in the dark. The IRS is given a giant interest-free loan from the American people every year. If I were them, I wouldn't advertise it either...
I never took issue with the algorithms in my reply. In fact, I said exactly what you did about the "combining" step being the most difficult part, albeit in a less verbose way. Defaults in cryptography APIs allow inexperienced (in terms of security) programmers to blindly implement things and hope it "just works". Common use cases are great, but they can get you into trouble too...
I think this is similar to the programming books that say, "Look how easy it is to create a real C program! Just one line of code!" Yeah, it technically compiles and runs, but it doesn't do much of anything. This is a fairly common problem with crypto libraries in my experience: making things seem simpler than they should be in return for the "wow factor" of two-line examples, like the one provided.
This library seems to be making a big deal about "secure defaults", but I think trying to provide defaults of any kind is a really bad idea. Cryptography is something that should be thought out on a case-by-case basis. Providing defaults of any kind can lead to misuse of otherwise safe algorithms. The safest gun is still dangerous in the hands of an inexperienced person.
It works out to less than $7 per month--less than what most people are paying to "rent" Netflix or "rent" cable TV. You can find free "open source" equivalents of both Netflix (most public libraries have a selection of videos) and cable TV (over the air). Somehow/.'ers are appalled at paying for software, but think nothing of buying electronics or other toys.
You can find free "open source" equivalents of both Internet access and telephone service. Most public libraries have a computer terminal with highly restricted and monitored Internet connections, as opposed to those rental connections people have in their homes. Most people you need to talk to are living in the roughly same state/region/country as you, so you can forgo expensive telephone rental service and simply walk to their homes and talk in person. That's free, except for those shoes you're renting. You could "drive" there, but that's too expensive and requires renting gasoline. Most cities offer some form of municipal transport system that will get you within a few miles of their home for a small fee, but renting a bus pass is expensive.
In all seriousness, I think you are just confused between "renting something" and "paying for a service" (there's a difference). Netflix, cable TV, and Internet service are services you pay for, like electricity service, not things you rent, like an apartment, a rental car, or now Microsoft Office software.
I'm not opposed to paying for things that are useful to me, and even though I'm one of those commie/. users, I pay for software that provides genuine value. You heard me correctly, I primarily run Ubuntu with Open Office, the GIMP, Firefox, and *shockingly* some commercial software I paid good money for. On my Windows machine, I have a legal, store bought, genuine copy of CS3 (read: not cheap). On my main machine running Ubuntu, I have JungleDisk combined with Amazon S3 service. Paying for software isn't the issue. If my employer wants me to bring my work home with me, I would tell them to pay for a copy of Office for me, simple (well, actually I would tell them to shove it, but this is hypothetical). I'm not a Linux or open source zealot, but I like to think I am a smart consumer. If something that is free will do everything I need to do on a regular basis as a home user, why would I pay for Office?
My only concern about this is the limited lifespan of flash drives. What if my server is read/writing large quantities of data constantly? How long will it take for parts of the flash drive to become unusable under that level of usage? Is this still a problem with newer solid state drives? Has there been some breakthrough in this area making something like this viable?
True--let's assume for the purposes of my bad joke that the summary actually said, "If and only if you play FreeCell, there's an interesting paragraph about its inventor." I laughed harder the first time:-(
If you play FreeCell, there's a interesting paragraph about its inventor.
Inaccurate! The interesting paragraph about the inventor of FreeCell is present in my copy of the article, despite the fact that I do not play FreeCell./badjoke
I don't trust cable locks. Besides, cable locks won't help me secure my the USB drive and other electronics that might wander off. The solution I imagine is a lockable, ventilated metal box that would sit under the monitor and house most of the electronics. First, get a new job. Seriously, outside of a retail break room, I haven't heard of a sketchier work environment. Second, you need to be realistic about your expectations. If you're worried about someone stealing your property while you go on a coffee break, a cable lock attached to a strongbox would be fine for you. If you're worried about your property getting stolen during the 16 hours you are not at your desk, you're going to be disappointed. In that amount of time, anything you could come up with can be broken--heck, most bank vaults could be broken in that time. If you're looking for a deterrent, a cable lock attached to a strongbox is still the way to go. If you leave personal belongings at your desk and don't trust your co-workers or cleaning crew, you're going to get burned. Bring your personal stuff home, and use work equipment for... well, work.
I wish I had some mod points to give you, because you are 100% right. I guess the person who modded you flamebait was an engineer with a massive ego;-)
Re:"not designed with the American consumer in min
on
Hacking the XO Laptop
·
· Score: 3, Funny
Nope, he included affordable in his list of criteria.
I'm aware that UPnP is designed to forward ports at the request of a machine inside the network, but the article made it sound like the admin password might be reset using the exploit. Perhaps it was the lack of coffee that made me read it that way. I'll read it again after a couple cups:-)
That argument is based on the ostrich strategy: keep your head in the sand and you can't possible be blamed for anything. It's just not smart to rely on that. Who knows, a judge may find that you were criminally negligent by providing an open AP that was used in some crime. There's no good reason to take that risk. Setting aside the legal responsibilities for a moment, why would you even want to take the chance of being caught up in an investigation involving your unsecured AP? That's just asking for trouble. You wouldn't leave a loaded gun lying around for anyone to use or a running car unattended for anyone to drive off with, so why would you leave an access point unprotected?
Spammers and phishers aren't what I would be concerned about. I would be more concerned with someone connecting to my network and downloading/hosting child porn, which could get me (1) in serious trouble with the law and (2) an (unjustified) label as a child porn kingpin. It's just irresponsible and foolish to leave an AP open.
Some good points for both sides were brought up here, but in the end I don't see why people wouldn't want to err on the side of caution. Also, I don't know why in the world you are using WEP when WPA is so common and easy to use. And yes, "securing" (not really) your AP with WEP is just not smart and truly is the worst of both worlds. WPA would still keep your bandwidth available while using a short passphrase. In fact, it's easier than WEP. Why aren't you using it?
It opens ports on your router that are open on your computer. The ports are clearly already open, but they need to be opened again by the router. For example, my local Wal-Mart* is open in that is isn't "out of business", but it must be opened every morning (and "closed" into its original open state every night) anyway, so people can walk in and buy stuff. So in that regard, my local Wal-Mart* was opened twice, just like opening open ports. It's all very complicated, having to do with the lowest levels of TCP/IP, kernel code, and lasers. Yes, lasers.
The portforwarding rule attack was given as an example as this is probably one of the things that cannot be used right away by script kiddies and it is sufficient enough to prove a point.
The fact that ports can be forwarded to a given host is not the real point of this article. More serious would be someone resetting the admin password, allowing the attacker to do things like set the DHCP-assigned primary DNS server to a malicious one, just as an example. Given how often phishing attacks succeed, this seems like a legitimate threat. Notice that in this case the clients could be as hardened as can be, and they would still (unless a static DNS was manually entered) use the DNS server provided by the compromised router.
Open WiFi access points are a security nightmare regardless of exploits like this, so the same basic advice still holds: open WiFi access points should be isolated from your "trusted" network. Security vulnerabilities aside, open access points are a legal nightmare waiting to happen (child pornography, phishers, DDoS attacks, intrusion, etc.) In other words, avoid them. Regarding your specific question about this UPnP exploit and open APs, the open AP could be potentially used as a phishing goldmine, especially in high-traffic areas. Since the exploit is not limited to port forwarding (in fact almost anything could be done to the router's configuration), users could potentially be tricked into doing all sorts of things (via DNS spoofs, packet manipulation, etc.) The only difference in the case of an open AP is the scope of the damage, as more users will likely connect to an open vs. closed network. Obviously that attack really only makes sense for non-encrypted sites, since this is exactly the type of thing SSL is designed to prevent.
Don't mistake statistics for racism, and please, don't you dare call me a racist. Black voters generally sway more towards black politicians. That's called a fact, not racism. My post was based on that fact that other states, ones with larger black populations, would likely favor Obama more than the results in NH may indicate. You should show more care when thinking about labeling someone a racist. And I must applaud you for posting under AC. That shows a lot of courage.
Slashdot Mirror
Not a shoe?
Not a chair?
Oh right, this is Dell, not Microsoft.
In my experience--based solely on the people I know that play WoW, not necessarily on the stories you read online--the likelihood of Wow at least *interfering* with your social life is pretty high. You might decide not to go out with some friends one night because you're just so close to leveling up or completing a quest. That might sound like a really minor problem, but it adds up. The probability of it interfering increasing significantly if you are a member of a raiding guild. Since raiders are the people mentioned in the blurb, I think the OP's point was valid. He didn't even seem to be criticizing all WoW players, just those who rush out to "beat" the expansion quicker than anyone else.
Remember, there are exceptions to every rule. Some people that use cocaine do so without any noticeable negative side effects on their lives. A lot of the time, however, there are very bad, very noticeable side effects socially, physically, and financially. I know that's an over the top example, but I think the same is true of WoW. You might be an exception, and if so, that's great. But just because you continue to thrive despite playing WoW doesn't mean others are as lucky. Something to keep in mind, that's all...
Don't you mean java.lang.Exception?
Given the state of the markets, overpaying the IRS might be the safest thing to do with your money.
Yes, they should definitely be able to do that. Two problems. First, relatively few people would use that feature enough to justify the cost of building it. Second, the IRS will never put a system like that in place on their own, because they make money from keeping people in the dark. The IRS is given a giant interest-free loan from the American people every year. If I were them, I wouldn't advertise it either...
I never took issue with the algorithms in my reply. In fact, I said exactly what you did about the "combining" step being the most difficult part, albeit in a less verbose way. Defaults in cryptography APIs allow inexperienced (in terms of security) programmers to blindly implement things and hope it "just works". Common use cases are great, but they can get you into trouble too...
I think this is similar to the programming books that say, "Look how easy it is to create a real C program! Just one line of code!" Yeah, it technically compiles and runs, but it doesn't do much of anything. This is a fairly common problem with crypto libraries in my experience: making things seem simpler than they should be in return for the "wow factor" of two-line examples, like the one provided.
This library seems to be making a big deal about "secure defaults", but I think trying to provide defaults of any kind is a really bad idea. Cryptography is something that should be thought out on a case-by-case basis. Providing defaults of any kind can lead to misuse of otherwise safe algorithms. The safest gun is still dangerous in the hands of an inexperienced person.
You can find free "open source" equivalents of both Internet access and telephone service. Most public libraries have a computer terminal with highly restricted and monitored Internet connections, as opposed to those rental connections people have in their homes. Most people you need to talk to are living in the roughly same state/region/country as you, so you can forgo expensive telephone rental service and simply walk to their homes and talk in person. That's free, except for those shoes you're renting. You could "drive" there, but that's too expensive and requires renting gasoline. Most cities offer some form of municipal transport system that will get you within a few miles of their home for a small fee, but renting a bus pass is expensive.
In all seriousness, I think you are just confused between "renting something" and "paying for a service" (there's a difference). Netflix, cable TV, and Internet service are services you pay for, like electricity service, not things you rent, like an apartment, a rental car, or now Microsoft Office software.
I'm not opposed to paying for things that are useful to me, and even though I'm one of those commie /. users, I pay for software that provides genuine value. You heard me correctly, I primarily run Ubuntu with Open Office, the GIMP, Firefox, and *shockingly* some commercial software I paid good money for. On my Windows machine, I have a legal, store bought, genuine copy of CS3 (read: not cheap). On my main machine running Ubuntu, I have JungleDisk combined with Amazon S3 service. Paying for software isn't the issue. If my employer wants me to bring my work home with me, I would tell them to pay for a copy of Office for me, simple (well, actually I would tell them to shove it, but this is hypothetical). I'm not a Linux or open source zealot, but I like to think I am a smart consumer. If something that is free will do everything I need to do on a regular basis as a home user, why would I pay for Office?
My only concern about this is the limited lifespan of flash drives. What if my server is read/writing large quantities of data constantly? How long will it take for parts of the flash drive to become unusable under that level of usage? Is this still a problem with newer solid state drives? Has there been some breakthrough in this area making something like this viable?
True--let's assume for the purposes of my bad joke that the summary actually said, "If and only if you play FreeCell, there's an interesting paragraph about its inventor." I laughed harder the first time :-(
I disagree. Time for another fork...
Add the following in Preferences window:
[X] Allow resizing of chat input area
I'm impressed. That's better than I can do. Some CAPTCHAs take me five or six tries to get right.
I wish I had some mod points to give you, because you are 100% right. I guess the person who modded you flamebait was an engineer with a massive ego ;-)
Nope, he included affordable in his list of criteria.
Yes, they should be definitely be calling it a "shared source license" instead, since that's what it technically is.
It happens on the Dell Latitude I use for work... the thing is, that laptop is made of plastic, so.... Yeah, maybe I should get that looked at o.O
I'm aware that UPnP is designed to forward ports at the request of a machine inside the network, but the article made it sound like the admin password might be reset using the exploit. Perhaps it was the lack of coffee that made me read it that way. I'll read it again after a couple cups :-)
That argument is based on the ostrich strategy: keep your head in the sand and you can't possible be blamed for anything. It's just not smart to rely on that. Who knows, a judge may find that you were criminally negligent by providing an open AP that was used in some crime. There's no good reason to take that risk. Setting aside the legal responsibilities for a moment, why would you even want to take the chance of being caught up in an investigation involving your unsecured AP? That's just asking for trouble. You wouldn't leave a loaded gun lying around for anyone to use or a running car unattended for anyone to drive off with, so why would you leave an access point unprotected?
Spammers and phishers aren't what I would be concerned about. I would be more concerned with someone connecting to my network and downloading/hosting child porn, which could get me (1) in serious trouble with the law and (2) an (unjustified) label as a child porn kingpin. It's just irresponsible and foolish to leave an AP open.
Some good points for both sides were brought up here, but in the end I don't see why people wouldn't want to err on the side of caution. Also, I don't know why in the world you are using WEP when WPA is so common and easy to use. And yes, "securing" (not really) your AP with WEP is just not smart and truly is the worst of both worlds. WPA would still keep your bandwidth available while using a short passphrase. In fact, it's easier than WEP. Why aren't you using it?
It opens ports on your router that are open on your computer. The ports are clearly already open, but they need to be opened again by the router. For example, my local Wal-Mart* is open in that is isn't "out of business", but it must be opened every morning (and "closed" into its original open state every night) anyway, so people can walk in and buy stuff. So in that regard, my local Wal-Mart* was opened twice, just like opening open ports. It's all very complicated, having to do with the lowest levels of TCP/IP, kernel code, and lasers. Yes, lasers.
:-)
Or maybe it was just a typo
*Excludes 24-hour locations.
Open WiFi access points are a security nightmare regardless of exploits like this, so the same basic advice still holds: open WiFi access points should be isolated from your "trusted" network. Security vulnerabilities aside, open access points are a legal nightmare waiting to happen (child pornography, phishers, DDoS attacks, intrusion, etc.) In other words, avoid them. Regarding your specific question about this UPnP exploit and open APs, the open AP could be potentially used as a phishing goldmine, especially in high-traffic areas. Since the exploit is not limited to port forwarding (in fact almost anything could be done to the router's configuration), users could potentially be tricked into doing all sorts of things (via DNS spoofs, packet manipulation, etc.) The only difference in the case of an open AP is the scope of the damage, as more users will likely connect to an open vs. closed network. Obviously that attack really only makes sense for non-encrypted sites, since this is exactly the type of thing SSL is designed to prevent.
Don't mistake statistics for racism, and please, don't you dare call me a racist. Black voters generally sway more towards black politicians. That's called a fact, not racism. My post was based on that fact that other states, ones with larger black populations, would likely favor Obama more than the results in NH may indicate. You should show more care when thinking about labeling someone a racist. And I must applaud you for posting under AC. That shows a lot of courage.