Note this requires an attacker to already have access to the config.db, i.e. one must have physical access to the machine and already be logged in as a privileged user or owner of the config.db.
Or have network access to the machine and a way to copy config.db off of it.
Unlike say... using the OS X keychain facility or the Window Protected Storage facilities for storing information in such a way that it requires authentication to get the data out.
As a domain admin, I can pull data from any dropbox account for any user on my network just by grabbing their config.db.
I can't change their network password without them noticing a change, which would prevent me from gaining access to their dropbox config if it was stored securely, but I can steal their dropbox credentials since it is essentially storing the password in plan text, except... its not even a password that becomes useless if changed, its nothing more than a unique ID that tells dropbox what users to sync with. Its just a unique username that once known can be used at will forever, no authentication required.
Its like using your social security number for authentication.
Well, my router has defaulted to NOT respond to pings in the default configuration for years.
Good for you, of course, that doesn't actually accomplish anything useful. If someone wants to flood you, not responding to PINGs isn't going to stop them, and all you've done is make it more difficult to find out if your host isn't responding without having nmap handy, which will probably figure it out regardless of what you've set your firewall up to drop. Turning off ICMP just shows a general lack of understanding of the problems your attempt to fix. Turning off ICMP broadcast responses iis another story, but just dropping icmp ping responses outright is silly in general, breaks a bunch of crap (or at least make it sit there waitting for a time out, unless you only block echo related packets, in which case the other ICMP packets can be abused equally as well).
There's no good reason to have ping (and hence traceroute) enabled.
No one worth mentioning has used ICMP echo or trace requests for traceroute functionality in god knows how many years. ICMP trace requests can only hold something like 8 hops anyway (could be wrong about the exact number, been years since I bothered looking at it since its unused). Most traceroute's now days use a tcp connect or udp packet with a TTL of 1 to start with, send a few packets (multiple so you can detect multipath), then get the TTL expired message back from the first hop, and increase the TTL to 2 and send the next couple of packets, rinse repeat until you get to your destination giving you a response. The only way to stop these is to block ICMP TTL, which causes other problems, and shouldn't be done.
If you want to play nicely on the Internet, you shouldn't be outright blocking ICMP, that just shows why people shouldn't be playing with things they clearly don't understand the functionality of. If you want to rate limit ICMP responses in order to deal with DoS attacks, sure I get that, but flat out dropping all ICMP is just stupid and you deserve the shitty network responses you get because of it.
The IP Google got in their travels is going to internal to the wifi network, almost certainly using common non-routable address space... and shared by every other dinky little home wifi router/nat/gateway device sold as well as all of those people who use private address space within the organization. Its almost certainly useless for geolocation in almost every case. Remember, they weren't broadcasting, only listening, so they'd have no way of seeing your external interface address. In order to get that data, they'd need to send a packet outbound, through your network, to one of their servers in order to see what address it appeared to come from. That would have been a very clear criminal violation. They didn't do that. They just listened. Any charges/lawsuits against them because of their listening are just for the sake of suing Google in order to make some lawyers money, the people suing are too stupid to realize that broadcasting in clear to everyone near you is a stupid idea, equivalent to announcing all your conversations in your home via loud speakers that broadcast it down the block attached to the outside of your home.
Any MAC addresses picked up by Google are also worthless. The MAC address doesn't leave the local subnet with IPv4. It would be up to your browser to find and send that information to them in order for it to be useful. I'm not aware of a way to get the MAC address of a machine via javascript, so that rules it out as useful. If we were talking IPv6, the mac address would be marginally useful... maybe. Default implementations as a general rule just use the MAC for that part of the address, but that will certainly change in the future once people start using this sort of thing to their advantage as unique identifiers.
So basically, nothing useful in what you mentioned was gained from Googles roaming around. What THEY got o
Yea, except it doesn't take them very long to know the EXACT position of your upstream routers, at which point they can use that data to increase the accuracy of their reports.
To go a step further, most of the layout of TWCs network is already public knowledge. For instance I already know the location of every CMTS within 100 miles of me, that in and of itself is almost enough to tell me where you are too there level of accuracy, not quite, but pretty close. Once I know the location of your CMTS, the only time I care about is the difference between communicating with your CMTS and you, and that'll tell me roughly how far from the CMTS you are. I don't care what path it takes to get to the CMTS, I know where the CMTS IS, everything before that point is irrelevant to me, and you're connected to exactly one CMTS and I know where it is.
Just because there is PLENTY of address space doesn't mean it resolved the actual issue thats causing us to run out of address space.
Routing table growth.
If you broke everyone done into the smallest possible subnets that were needed, rather than what can be routed globally, you'd see a more than slight change in the sudden availability of address space.
Routing table growth will still require that IPv6 addresses be summarized and broadcast as blocks of roughly the same size as now, until all of the worlds routers have many gigs of ram to handle knowing about smaller prefixes, you won't be doing anything different with IPv6 address space than you were with IPv4.
Its not difficult, I actually created just such a setup due to a bug in the code I was using to access a FAT based SD card attached to a Arudino. Mine was not intentional, but the effect was the same. The FAT structure stayed intact perfectly, the data itself was completely mangled by whatever was written last.
Funny thing is, I'd not attempt to do something like this intentionally, it seems rather hard to manage, yet I can say without a doubt that an off by 1 error in my code caused practically the exact same result unintentionally.
Because entering 'mail' in my client is far less annoying than mail.hq.internal.mydomain.com, and it has the added benefit that if I make an image that talks to mail rather than mail.hq.internal.mydomain.com it can be deployed at any other site and still function correctly. So an image made on hq.internal.mydomain.com also works on nyc.internal.mydomain.com and lax.internal.mydomain.com without any additional work.
The funny part about your post is that you think PGP doesn't suffer from the exact same set of problems, AND a whole bunch of others that make it absolutely useless to normal people who don't want to be bothered with the fact that it was designed and meant to be used by a bunch of geeks trading keys.
You can't get through life if you trust no one, you'll die of starvation in your home. I have no urge to personally meet all the people I communicate with regularly in order to exchange keys, nor do I have any need/want to force hundreds of thousands of people using my websites to come visit me in person so we can exchange keys in order to do secure communications.
For that reason alone, CAs aren't going any where. I'm guessing you don't use any public key servers for PGP either since they are essentially accomplishing the same function as a CA without the actual identity verification part.
Yea, its uber tricky... if your using an OS that wasn't actually designed for enterprise use.
I freaking hate defending MS, but in a domain/active directory setup, running your own internal CA is painless. The CA cert is automatically pushed to all machines in the domain so the domain can function properly anyway so every windows machine is covered by default. Cert expired? no biggy, republish, click click click, entire domain updates within 24 hours, small offices within minutes.
Users don't need to know anything about CAs or certs, the OS and servers do their job and take care of all that for you.
Unix machines aren't as nicely integrated into ActiveDirectory so you have to manage those some other way, but if your a company of any size at all, you've already got a way to manage your unix boxes don't you?
Running your own CA is only an issue if you don't know what you're doing, i.e. not an admin, just someone who plays one for their local business who doesn't know any better. If you have a clue, its not particularly difficult.
Of course, the fun flip side to that is... I can and have issued a fully trusted cert sites outside our network in order to snoop on encrypted traffic via an SSL bouncer, and since the cert is signed by our internal CA, everyone validates it just fine.
Yea, because this job is going to be just filled with applicatants who are 'serious naturists' rather than a bunch of socially inept geeks (male) who think it would be awesome to work at a nude office which testosterone has blinded them from realizing that its going to be full of people EXACTLY LIKE THEM.
Unless they could aim absolutely perfectly its unlikely they could hit Mars with the Space Shuttle, it doesn't typically carry the fuel supply to manage the guidance changes required along the way, especially if you plan on using any gravity assists to get there in a reasonable time without going splat when you get there. It certainly couldnt' carry humans to Mars without major reconfiguration.
they're be the usual whining about how Gimp is supposedly unintuitive (i.e., it's not set up exactly like Photoshop),
The fact that it isn't setup exactly like photoshop has little to do with it. Photoshop Elements isnt' like Photoshop, but I have no problem using it. MS Paint isn't setup like photoshop, but its usable. Lots of other image editors 'arent setup like photoshop' but they are all usable. GIMP is just a fucking mess and it'll remain that way until you guys get over your denial and the devs make it not suck. Just complaining about the whiners who don't like it isn't going to do anything productive. Hell, now days the UI isn't the biggest killer. Its usable, yes still utterly revolting.
or how it doesn't support color separation for print (even though most people are just using it for web graphics).
Yes, for those people with real design jobs, not 'making websites in mommies basement', that sort of thing is rather important. Clearly you don't know what professional graphics artists actually do and seem to think making pretty pictures for web pages is makes you a professional graphics artist.
If you're a small company, just starting out, and you're not locked into Photoshop for some reason, there's no reason to start producing files in that format.
No reason at all, except... being able to share those documents with other people who won't use GIMP for any of the reasons above and god knows how many more.
You can deny reality all you want, but its not going to make everyone start using GIMP no matter how much you jump up and down and scream about how awesome it is, for most of us, it doesn't fucking cut it. Accept that, fix that, make a tool that fits the job at hand, then more people can use GIMP. Sit around denying it all the time and GIMP will remain an example of what might have been, but never will be.
The problem is... we get documents from people who have upgraded because they had no choice (a new purchase for a growing company for instance) or because they didn't realize they'd need to save as an older format all the time for people who haven't upgraded.
It turns into a big pain in the ass, and the end result is you usually eventually end up upgrading just to smooth out the workflow, that costs you less money than time wasted trying to get document in the older format.
All because its part of Adobe's plan to sell you new software, not because there is an actual reason for the compatibility issues.
Apple doesn't need stores, they make enough money from the 30% they get from App Store sales that they could probably give iPads away and still come out on top.
And their financial reports have show time after time that the profit made on the App Store is essentially nothing, its not even worth mentioning. It does barely better than break even after you account for all costs, which include distribution of free apps and all the human labor that goes into Apples style of running the show.
The law suits won't start until everyone has all 380k songs. Its more profitable for them to wait to sue you than it is to start now.
You think the RIAA doesn't want you to have music, which is wrong. They want you to have all of their music, multiple times, they just want to make sure they can charge you as many ways as possible, including charging you even if you don't listen to any of their music (ref: tax on writable CDs).
They'll be happy to wait until all the transfers are complete so they can sue each infected person for illegally obtaining and distributing 380k songs at whatever the ridiculous fine per song they have is.
So I guess you don't realize that they already see your click throughs with your name attached to it if you're logged into a Google account eh?
They don't need the +1 button to see what you click, they already know unless you browse with javascript disabled on Googles network of sites, and they know your account unless you always use Google search when you aren't logged in/sending cookies.
The button just gives you a way to confirm and share that confirmation with your contacts, but Google probably knew before you did if you were going to visit the page.
and that Facebook has its own AS number [arin.net]...
Pretty much any multihomed installation with multiple distinct providers is going to have its own AS number, its more or less required if you want multipath routing to work well with multiple upstream providers if you want any control over your routing.
I have my own AS number as my house was once multi-homed.
And describe for me the point of having power in such a village.
Pretty much everything we use power for, that village is more than capable of doing without the need for power.
They aren't going to be watching TV... unlikely they would have a broadcasting infrastructure setup. Ditto for communications.
Refrigeration perhaps, but its unlikely they don't have alternative methods for storing food that simply don't depend on cooling.
Pretty much any reason you can come up with for that village to have power, they probably wouldn't even understand the reason you would want such a thing, let alone why you would want such a thing that required you to install a bunch of magical fake leaves to 'power' it.
I'm pretty sure in most of these villages they'd be more concerned with your dark magic than Jersey Shore.
If you're looking for something to power their water pump, the tried, true and CHEAP method is to use a wind mill, which can store excess far more efficiently than a battery.
Solutions for the 'energy' problem are solutions for large industrialized nations with populations that can't support themselves on the land they have available because of bad management and the fact that we like being lazy rather than busting our ass all day just to survive. They provide no real benefit to people who don't live in a completely city which is completely unsustainable on its own.
Their village can survive without energy. Ours can't. They don't have an energy issue. We do.
Yes it can, just because its not in a form thats useful to you doesn't mean it can't do work. The work it did raised the temp of the air around it, which was dissipated to the rest of the environment. Its no longer useful to you, but the energy is still there and is part of the universe and may one day be used by something else productive to you.
Technically, a Catholic is only a Catholic if they believe in church law 100%. Any deviation makes you not a Catholic. The very fact that I think its possible that the Catholic church may have gotten some of it wrong, makes me not a Catholic by definition.
I was raised Catholic, practiced for many years, and I've never met anyone who actually qualified as a by the book Catholic, including pretty much every member of the clergy I've met.
So no, going to the big holidays and being confirmed does not a Catholic make.
Without significant amounts of water in the magma it won't go anywhere worth mentioning.
Volcanos typically form where the crust is splitting apart on its own, allowing it to reach the surface because its got a crack to flow through... OR where water has been brought into magma via subduction causing the pressure to rise abnormally due to steam formation and the lava to be much less viscous.
Note this requires an attacker to already have access to the config.db, i.e. one must have physical access to the machine and already be logged in as a privileged user or owner of the config.db.
Or have network access to the machine and a way to copy config.db off of it.
Unlike say ... using the OS X keychain facility or the Window Protected Storage facilities for storing information in such a way that it requires authentication to get the data out.
As a domain admin, I can pull data from any dropbox account for any user on my network just by grabbing their config.db.
I can't change their network password without them noticing a change, which would prevent me from gaining access to their dropbox config if it was stored securely, but I can steal their dropbox credentials since it is essentially storing the password in plan text, except ... its not even a password that becomes useless if changed, its nothing more than a unique ID that tells dropbox what users to sync with. Its just a unique username that once known can be used at will forever, no authentication required.
Its like using your social security number for authentication.
Well, my router has defaulted to NOT respond to pings in the default configuration for years.
Good for you, of course, that doesn't actually accomplish anything useful. If someone wants to flood you, not responding to PINGs isn't going to stop them, and all you've done is make it more difficult to find out if your host isn't responding without having nmap handy, which will probably figure it out regardless of what you've set your firewall up to drop. Turning off ICMP just shows a general lack of understanding of the problems your attempt to fix. Turning off ICMP broadcast responses iis another story, but just dropping icmp ping responses outright is silly in general, breaks a bunch of crap (or at least make it sit there waitting for a time out, unless you only block echo related packets, in which case the other ICMP packets can be abused equally as well).
There's no good reason to have ping (and hence traceroute) enabled.
No one worth mentioning has used ICMP echo or trace requests for traceroute functionality in god knows how many years. ICMP trace requests can only hold something like 8 hops anyway (could be wrong about the exact number, been years since I bothered looking at it since its unused). Most traceroute's now days use a tcp connect or udp packet with a TTL of 1 to start with, send a few packets (multiple so you can detect multipath), then get the TTL expired message back from the first hop, and increase the TTL to 2 and send the next couple of packets, rinse repeat until you get to your destination giving you a response. The only way to stop these is to block ICMP TTL, which causes other problems, and shouldn't be done.
If you want to play nicely on the Internet, you shouldn't be outright blocking ICMP, that just shows why people shouldn't be playing with things they clearly don't understand the functionality of. If you want to rate limit ICMP responses in order to deal with DoS attacks, sure I get that, but flat out dropping all ICMP is just stupid and you deserve the shitty network responses you get because of it.
The IP Google got in their travels is going to internal to the wifi network, almost certainly using common non-routable address space ... and shared by every other dinky little home wifi router/nat/gateway device sold as well as all of those people who use private address space within the organization. Its almost certainly useless for geolocation in almost every case. Remember, they weren't broadcasting, only listening, so they'd have no way of seeing your external interface address. In order to get that data, they'd need to send a packet outbound, through your network, to one of their servers in order to see what address it appeared to come from. That would have been a very clear criminal violation. They didn't do that. They just listened. Any charges/lawsuits against them because of their listening are just for the sake of suing Google in order to make some lawyers money, the people suing are too stupid to realize that broadcasting in clear to everyone near you is a stupid idea, equivalent to announcing all your conversations in your home via loud speakers that broadcast it down the block attached to the outside of your home.
Any MAC addresses picked up by Google are also worthless. The MAC address doesn't leave the local subnet with IPv4. It would be up to your browser to find and send that information to them in order for it to be useful. I'm not aware of a way to get the MAC address of a machine via javascript, so that rules it out as useful. If we were talking IPv6, the mac address would be marginally useful ... maybe. Default implementations as a general rule just use the MAC for that part of the address, but that will certainly change in the future once people start using this sort of thing to their advantage as unique identifiers.
So basically, nothing useful in what you mentioned was gained from Googles roaming around. What THEY got o
Yea, except it doesn't take them very long to know the EXACT position of your upstream routers, at which point they can use that data to increase the accuracy of their reports.
To go a step further, most of the layout of TWCs network is already public knowledge. For instance I already know the location of every CMTS within 100 miles of me, that in and of itself is almost enough to tell me where you are too there level of accuracy, not quite, but pretty close. Once I know the location of your CMTS, the only time I care about is the difference between communicating with your CMTS and you, and that'll tell me roughly how far from the CMTS you are. I don't care what path it takes to get to the CMTS, I know where the CMTS IS, everything before that point is irrelevant to me, and you're connected to exactly one CMTS and I know where it is.
Just because there is PLENTY of address space doesn't mean it resolved the actual issue thats causing us to run out of address space.
Routing table growth.
If you broke everyone done into the smallest possible subnets that were needed, rather than what can be routed globally, you'd see a more than slight change in the sudden availability of address space.
Routing table growth will still require that IPv6 addresses be summarized and broadcast as blocks of roughly the same size as now, until all of the worlds routers have many gigs of ram to handle knowing about smaller prefixes, you won't be doing anything different with IPv6 address space than you were with IPv4.
Its not difficult, I actually created just such a setup due to a bug in the code I was using to access a FAT based SD card attached to a Arudino. Mine was not intentional, but the effect was the same. The FAT structure stayed intact perfectly, the data itself was completely mangled by whatever was written last.
Funny thing is, I'd not attempt to do something like this intentionally, it seems rather hard to manage, yet I can say without a doubt that an off by 1 error in my code caused practically the exact same result unintentionally.
Because entering 'mail' in my client is far less annoying than mail.hq.internal.mydomain.com, and it has the added benefit that if I make an image that talks to mail rather than mail.hq.internal.mydomain.com it can be deployed at any other site and still function correctly. So an image made on hq.internal.mydomain.com also works on nyc.internal.mydomain.com and lax.internal.mydomain.com without any additional work.
The funny part about your post is that you think PGP doesn't suffer from the exact same set of problems, AND a whole bunch of others that make it absolutely useless to normal people who don't want to be bothered with the fact that it was designed and meant to be used by a bunch of geeks trading keys.
You can't get through life if you trust no one, you'll die of starvation in your home. I have no urge to personally meet all the people I communicate with regularly in order to exchange keys, nor do I have any need/want to force hundreds of thousands of people using my websites to come visit me in person so we can exchange keys in order to do secure communications.
For that reason alone, CAs aren't going any where. I'm guessing you don't use any public key servers for PGP either since they are essentially accomplishing the same function as a CA without the actual identity verification part.
Yea, its uber tricky ... if your using an OS that wasn't actually designed for enterprise use.
I freaking hate defending MS, but in a domain/active directory setup, running your own internal CA is painless. The CA cert is automatically pushed to all machines in the domain so the domain can function properly anyway so every windows machine is covered by default. Cert expired? no biggy, republish, click click click, entire domain updates within 24 hours, small offices within minutes.
Users don't need to know anything about CAs or certs, the OS and servers do their job and take care of all that for you.
Unix machines aren't as nicely integrated into ActiveDirectory so you have to manage those some other way, but if your a company of any size at all, you've already got a way to manage your unix boxes don't you?
Running your own CA is only an issue if you don't know what you're doing, i.e. not an admin, just someone who plays one for their local business who doesn't know any better. If you have a clue, its not particularly difficult.
Of course, the fun flip side to that is ... I can and have issued a fully trusted cert sites outside our network in order to snoop on encrypted traffic via an SSL bouncer, and since the cert is signed by our internal CA, everyone validates it just fine.
Regardless of what they say, naturalists don't do what they do so they can look at other naked people.
They do what they do so other people will look at them.
Anything else they claim is simply a lie, denial, or an attempt to distract you from the truth.
Yea, because this job is going to be just filled with applicatants who are 'serious naturists' rather than a bunch of socially inept geeks (male) who think it would be awesome to work at a nude office which testosterone has blinded them from realizing that its going to be full of people EXACTLY LIKE THEM.
Unless they could aim absolutely perfectly its unlikely they could hit Mars with the Space Shuttle, it doesn't typically carry the fuel supply to manage the guidance changes required along the way, especially if you plan on using any gravity assists to get there in a reasonable time without going splat when you get there. It certainly couldnt' carry humans to Mars without major reconfiguration.
they're be the usual whining about how Gimp is supposedly unintuitive (i.e., it's not set up exactly like Photoshop),
The fact that it isn't setup exactly like photoshop has little to do with it. Photoshop Elements isnt' like Photoshop, but I have no problem using it. MS Paint isn't setup like photoshop, but its usable. Lots of other image editors 'arent setup like photoshop' but they are all usable. GIMP is just a fucking mess and it'll remain that way until you guys get over your denial and the devs make it not suck. Just complaining about the whiners who don't like it isn't going to do anything productive. Hell, now days the UI isn't the biggest killer. Its usable, yes still utterly revolting.
or how it doesn't support color separation for print (even though most people are just using it for web graphics).
Yes, for those people with real design jobs, not 'making websites in mommies basement', that sort of thing is rather important. Clearly you don't know what professional graphics artists actually do and seem to think making pretty pictures for web pages is makes you a professional graphics artist.
If you're a small company, just starting out, and you're not locked into Photoshop for some reason, there's no reason to start producing files in that format.
No reason at all, except ... being able to share those documents with other people who won't use GIMP for any of the reasons above and god knows how many more.
You can deny reality all you want, but its not going to make everyone start using GIMP no matter how much you jump up and down and scream about how awesome it is, for most of us, it doesn't fucking cut it. Accept that, fix that, make a tool that fits the job at hand, then more people can use GIMP. Sit around denying it all the time and GIMP will remain an example of what might have been, but never will be.
The problem is ... we get documents from people who have upgraded because they had no choice (a new purchase for a growing company for instance) or because they didn't realize they'd need to save as an older format all the time for people who haven't upgraded.
It turns into a big pain in the ass, and the end result is you usually eventually end up upgrading just to smooth out the workflow, that costs you less money than time wasted trying to get document in the older format.
All because its part of Adobe's plan to sell you new software, not because there is an actual reason for the compatibility issues.
Apple doesn't need stores, they make enough money from the 30% they get from App Store sales that they could probably give iPads away and still come out on top.
And their financial reports have show time after time that the profit made on the App Store is essentially nothing, its not even worth mentioning. It does barely better than break even after you account for all costs, which include distribution of free apps and all the human labor that goes into Apples style of running the show.
Parametrized queries in ASP is really pretty much the same as ASP.NET pages, do it all the time myself.
The law suits won't start until everyone has all 380k songs. Its more profitable for them to wait to sue you than it is to start now.
You think the RIAA doesn't want you to have music, which is wrong. They want you to have all of their music, multiple times, they just want to make sure they can charge you as many ways as possible, including charging you even if you don't listen to any of their music (ref: tax on writable CDs).
They'll be happy to wait until all the transfers are complete so they can sue each infected person for illegally obtaining and distributing 380k songs at whatever the ridiculous fine per song they have is.
Right ... because they don't do ANYTHING to honor black history month ...
http://searchengineland.com/martin-luther-king-day-logos-from-google-others-33703
Nope, never have they done anything ...
So I guess you don't realize that they already see your click throughs with your name attached to it if you're logged into a Google account eh?
They don't need the +1 button to see what you click, they already know unless you browse with javascript disabled on Googles network of sites, and they know your account unless you always use Google search when you aren't logged in/sending cookies.
The button just gives you a way to confirm and share that confirmation with your contacts, but Google probably knew before you did if you were going to visit the page.
and that Facebook has its own AS number [arin.net]...
Pretty much any multihomed installation with multiple distinct providers is going to have its own AS number, its more or less required if you want multipath routing to work well with multiple upstream providers if you want any control over your routing.
I have my own AS number as my house was once multi-homed.
And describe for me the point of having power in such a village.
Pretty much everything we use power for, that village is more than capable of doing without the need for power.
They aren't going to be watching TV ... unlikely they would have a broadcasting infrastructure setup. Ditto for communications.
Refrigeration perhaps, but its unlikely they don't have alternative methods for storing food that simply don't depend on cooling.
Pretty much any reason you can come up with for that village to have power, they probably wouldn't even understand the reason you would want such a thing, let alone why you would want such a thing that required you to install a bunch of magical fake leaves to 'power' it.
I'm pretty sure in most of these villages they'd be more concerned with your dark magic than Jersey Shore.
If you're looking for something to power their water pump, the tried, true and CHEAP method is to use a wind mill, which can store excess far more efficiently than a battery.
Solutions for the 'energy' problem are solutions for large industrialized nations with populations that can't support themselves on the land they have available because of bad management and the fact that we like being lazy rather than busting our ass all day just to survive. They provide no real benefit to people who don't live in a completely city which is completely unsustainable on its own.
Their village can survive without energy. Ours can't. They don't have an energy issue. We do.
Yes it can, just because its not in a form thats useful to you doesn't mean it can't do work. The work it did raised the temp of the air around it, which was dissipated to the rest of the environment. Its no longer useful to you, but the energy is still there and is part of the universe and may one day be used by something else productive to you.
Technically, a Catholic is only a Catholic if they believe in church law 100%. Any deviation makes you not a Catholic. The very fact that I think its possible that the Catholic church may have gotten some of it wrong, makes me not a Catholic by definition.
I was raised Catholic, practiced for many years, and I've never met anyone who actually qualified as a by the book Catholic, including pretty much every member of the clergy I've met.
So no, going to the big holidays and being confirmed does not a Catholic make.
IR camera's can detect heat flows but a heat flow that randomly appears lasts for 5 seconds and disappears is unusual.
Otherwise known as a draft from an open window ...
Without significant amounts of water in the magma it won't go anywhere worth mentioning.
Volcanos typically form where the crust is splitting apart on its own, allowing it to reach the surface because its got a crack to flow through ... OR where water has been brought into magma via subduction causing the pressure to rise abnormally due to steam formation and the lava to be much less viscous.
Not really, several species can change gender if the population is thrown too far off.
One of the things that Jurassic Park got right was ... Life WILL find a way to go on, maybe not every species, but Life will succeed.