What's more, there are a lot of other data-loss scenarios for which RAID won't help you at all: namely, anything that either destroys the pc as a unit or anything that causes your machine to actively destroy data.
To name a few:
* disasters, natural or otherwise, that fry, crush or soak the pc as a whole. (Lightening, earthquake, broken water pipe.)
* Theft or confiscation of your computer. (Sure, you can argue with the DEA that your drug dealing roommate never used your computer, and you might win and get your hardware back. On the other hand, if your roommate manages to pawn it first, you're out of luck.)
* Any trojan, virus, hacker, or dumb friend who deletes your files or screws up your file systems or partitions tables. Sure, in the case of a dumb friend (or a dumb you), you may be able to recover if you discover it soon enough. . . but in that case hardware RAID is likely to make it far MORE of a pain in the ass than it otherwise would have been.
Sure, they're probably all less likely to happen to most home pcs than the failure of a single hard drive. But they're not so unlikely as to be worth ignoring, if you care about your data.
In choosing between RAID, and buying a couple spare drives in portable enclosures and keeping a weekly backup in your desk at work, the later seems quite a lot more attractive to me. Of course both is an even better solution. (Both, with an identical spare RAID card in your desk at work is best of all...)
shit ya yo. fucking titties fucking uppah claas fukin titties yo. grammuh only dare to keeps the fucking lower class down yo!
Me shud B a fucking cee Eee OOh dat a fuckin' coperashun.
fuck yo!
cuz speelin dont be making you any smartur.fuck.
If you ever need a demonstration that black vernacular has a detailed and robust grammatical structure, just mention ebonics in a room full of middle class white guys.
Without a doubt, one of them will start spewing nonsense like the above.
You need only ask, "why is it so immediately obvious that *this* is not genuine black english?"
- Munpfazy (wonders if Ambonese Malay speakers break into spontaneous, badly constructed parodies when local linguists mention the word, "Bandanese")
step 6: email your gpg private and public key to yourself
for future use
Erm, doesn't this link your identity to the disclosure? Making
steps 1-3 pointless.
I imagine what the parent meant was that you email both keys to the one-time-use email address created for this purpose. That way you can retrieve it later given only the password associated with that address. (And, hopefully, the passphrase used when creating the gpg key...)
As a general rule, though, emailing your private keys to mail servers which you *expect* to give away your account information to outside parties in the near future is a rather sketchy strategy. Personally, I'd opt for a small flash drive hidden in a safe place instead.
>Information consists precisely in distinguishing signal >from noise. In the case of Wikipedia the signal is >important knowledge and the noise is ads and trivia.
But an encyclopedia is, by design, dominated by noise. The number of articles which will interest any particular user is insignificant compared to the whole.
To me, an article on a star wars character is almost exactly as useful as a list of antelope genera; that is to say, it isn't at all useful, except for the vague possibility it will some day be used to settle a bar room debate.
You can certainly argue that a taxonomic classification system to which scholars have devoted their lives and which (hopefully) reflects at least some underlying truth about the world itself is more important in some absolute sense than a collection of fictional facts cooked up by a couple screenplay writers in an afternoon. I wouldn't disagree. Still, they're both noise to me.
Trivial may decrease the signal to noise ratio of an encyclopedia; however, since that ratio is already vanishingly small, who cares? There are only two reasons to avoid trivia: it increases the cost of production and storage, and it bloats indices and makes it harder to find marginally more useful material. In the case of Wikipedia, neither applies.
Certainly scientific and numerical computing packages are nice - but unless you already have a deal with the vendors trying to negotiate cheap licenses can be complicated.
A free (if resource intensive) option that I'd love to see on our university system would be the possibility of running a virtualized private host, eg. with User Mode Linux, Vserver, or even just BSD jails.
That way those who want to do so could mess around with anything they desire without much risk to the host. Give people the freedom to mess with things, and chances are some of them will find interesting things to do.
Having root access on a dedicated server is really nice, and it can be difficult for the average university student to manage on their own. (Sure, dynamic host name forwarding and so on have made running a server from home fairly cheap, but for many students living in a tiny room with only a laptop it isn't really feasible to run your own machine without first having a good reason for it.)
Of course capping network access, disk space, cpu time, etc are all perfectly reasonable things to do in such a situation - and it might be a good idea to regularly scan for things like badly configured mail servers. You'd have to think carefully about how to assign either IPs or NAT port forwarding, but assuming only a few hundreds of students take you up on it, it shouldn't be impossible to come up with something both useful and unlikely to piss off the university brass.
Setting it up as an opt-in service would probably cut down on administrative headaches. Only the few percent of students who would take advantage of the service would be likely to ask for it.
Finally, one other random idea: set up a couple of individual machines for non-grant-funded personal computation projects. Let students apply for time, perhaps with mini-proposals conducted through some existing undergrad research program. There are probably plenty of senior thesis projects that could make good use of even modest computational resources.
I'm sure paying $11 for a novel actually *is* a good deal - but it sounds crazy for me. As someone who is both poor and lucky enough to live in a town with many large, extensive used books stores, paying more than $3 for a book seems excessive. (Well, maybe $7 for a lovely hard-back first edition...) For $24 a month I can get more books than I could possibly read in a month, and a small pizza too.
In many ways I'm an ideal e-book consumer. I read one or two novels a week, I work in a cleanroom where paper is forbidden and often have hour-long blocks of down-time, and I sleep several hours less per day than my partner and quite enjoy reading in bed with the lights out. I read more ebooks than anyone I know, and am considering getting one of these new Sony readers (and perhaps tearing it apart to add a back-light), but I've yet to purchase a single commercially distributed book.
If you ask me, the biggest problem with drm-crippled book and audio distribution is that it eliminates the used market. I don't have any sentimental attachment to physical artifacts - but when they they cost 1/5 as much as their digitized counterparts and simultaneously come with more freedom to use them however I wish and some nice cover art, it would be crazy to switch to the digital version.
I hope that in the next decade or two vendors who have accumulated a vast library of what would be out of print e-books they'll begin offering them at a price comparable to the used paper.
I've been contemplating doing something similar, except I expected to use TightVNC, since I'd never heard of UltraVNC's java viewer before. Many thanks for the suggestion.
Only problem is that the presentations are often hosted on a laptop connected to some random NAT wireless access point that I don't control. I've been meaning to put together something so that presenters can seamlessly ssh-tunnel to one of our servers to which the vnc clients can then connect, but haven't had a chance yet. Have you come up with another solution to the same problem?
I've got no problem with friends and family members using passive, religiously charged euphemisms when discussing death. If people find it easier to talk about their sister having "passed," that's fine by me.
But when it comes to journalism (or the slashdot equivalent), it comes off as silly at best and offensive at worst.
Rob Levin didn't pass. He didn't "Pass", pass on, nor pass away. He DIED, and he was KILLED. This isn't just death, but death in a horrible, violent, disturbing way.
Getting your head smashed in by an automobile and living for painful hours in a hospital critical care ward isn't gentle. It's horrible, and cruel, and ugly. Using gentle words to describe it doesn't make it any less so. It does us all a disservice by belittling the tragedy of what has actually happened.
That assumes you either need no corrections, or you annotate using a UV pen. And, that you are able to carry a stack of papers around the subway without creasing and wrinkling them.
There are only two good reasons to print a document: * you want to scribble on it. * you want to carry it somewhere that its likely to get lost or damaged or where an electronic reader is inappropriate.
In either case, this paper is unlikely to be useful.
Personally, I'd much rather see the Xerox R&D folks working on light weight, high-contrast electronic readers with robust note-taking features.
There is no problem with mice. The problem is touch screens. From the parent post,
"Now that laptops (and obviously tablets) have integrated touch technology, the new challenge for south paws is to use a stylus. .."
But, if you ask me, scroll bars are more or less impossible to use anyway. Give me a rocker button or an equivalent stylus gesture any day. A device that requires dragging scroll bars around with a stylus is broken, no matter which hand you want to use.
Yup. Hams have been doing it for decades. (Well, most of us have just been talking about it - since actually doing it requires rather expensive gear and jammers troublesome enough to be worth the effort.) I can only imagine governments have been doing it for a lot longer than that.
But jumping from its use as forensic tool to something which could be used for authentication / spoofing detection on cheap networking gear is far from trivial. It's hard to imagine most wifi users paying to add the necessary gear to their access points. No matter how wonderful your pattern matching algorithm maybe, you still need a sensitive front end and a very fast sample rate to get the data in the first place. It's hard to imagine a scenario where the hardware needed to identify tiny perturbations on a signal wouldn't be a lot more expensive than the hardware needed to detect the signal itself.
Even as a forensic tool, the low cost of computer networking gear leaves an obvious out for savvy hackers: just load up on $5 wireless cards whenever you see them on sale, and throw each away after every successful use. It's a whole lot easier for most people to swap out networking hardware than to replace amateur radio transmitters. You could still use it to distinguish in real time between a particular legitimate user and an outsider, but that doesn't buy you very much unless it's cheap and robust enough to leave running at all times on every access point.
If you're referring to using the speaker hooked up to the out port as a microphone, that would be useless as it's hooked to a dac, not an adc.
True enough for a conventional sound card, but there may be scenarios where it would work.
For example, some mid-level consumer sound cards us the same hardware jacks for for mic and line-in as for multi channel output. That suggests that at least one (and if you're lucky, possibly all) of the potential output jacks can be connected to an adc via software. If you happened run into a user with their "mic" jack connected to a headphone, there's a chance you could pull it off.
Likewise, some expensive multi-track cards include software controlled hardware patching. I don't know whether there are any cards that allow you to sample the line-out *after* the final amplifier, but they may exist.
Of course it still sounds far, far harder to do than simply moving on to someone with an actual microphone.
The privacy implications are that maybe you don't want this government knowing that you listen to NPR
But that's not by any means a trivial concern. It's right up there with giving the government a list of the books you take out from the library or bookstore. The only difference is that here you presumably have to enable and agree to the service, although I suspect google will manage to package it with enough useful features that many people would be willing to try it.
Now, telling the US government what I watch and listen to freaks me out. Sure, there are mechanisms by which they could find out anyway - but they all require much more effort and premeditation. This database, on the other hand, could be mined years after the fact with almost no effort. It doesn't seem implausible that someone will get turned down for a security clearance because the FBI discovers they often listen to Pacifica Radio or Al Jazeera. (Telling corporations what I watch is just as bad if you ask me- but I suspect only us tin foil hat types care about that.)
But, there are a lot of people in the world much worse off than me. What happens when the Chinese government demands a list of IP addresses who test positive for shortwave Voice of Tibet broadcasts, or when Iran insists on adding the audio from "obscene" films to the local version of the index?
Also, it's worth noting that given either evil intentions or sloppy design, four bits could easily be enough information to land someone in jail: "You say you were at home asleep at the time the crime was committed - but this google log says twenty minutes later someone began talking a normal speaking volume and continued doing so for over an hour. Our expert witness will testify that this particular hash is almost always associated with a conversation between at least two people. .."
Of course there are ways you could avoid the most obvious openings for abuse. For example, writing only aggregate data to disk, adding plausible deniability by creating occasional random spurious positives in the client software, publishing a human readable list of all the target content, etc. But, so far google hasn't mentioned pursuing any of them, and given their track record of complete disregard for user privacy in their other services, it seems unlikely.
I'm just glad that most people are likely to have trouble recognizing that they needn't be worried about google listening to their conversations. Whenever a real but subtle privacy threat sounds to the uninformed like a much more serious threat, it's good news in my book.
I feel the concept is flawed because this competition leads to subpar results. In order to score, everybody tries to dumb down what he sees in the hope his "friend" will do the same.
My anecdotal experience suggests the same. I played several rounds, and in almost every case the winning term was the most general and least informative: "guy," "people," "cake," "cigarette" (for a scene in which one person just happened to be smoking). Hard to believe you could find useful data in a sea of terms like that, unless of course google actually saves all the more specific terms that we guess and uses those for their analysis, and the real time matching is primarily just used to keep users interested. Then again, that's probably not unlikely.
On a barely related topic, I had a somewhat startling experience. The first time I tried it, the third image was from one of my collaborator's websites, and it was a picture that I'm very familiar with: a shot of three guys in red parkas at the South Pole station standing under a crane installing the DASI telescope. I put in a bunch of accurate, very specific search terms. As one might expect, there were no matches. Eventually I was reduced to terms like "crane" and "ice," at which point my partner passed.
Now, I can guarantee that I provided a dozen search terms that ought to map to that image. But, since there are probably only a hundred people in the world who would know what the subject of that picture was, chances are my extremely accurate and useful descriptions will be swamped by terms like "guys" and "red." It's probably a long shot to assume "crane" and "Antarctica" make it into the top ten.
There seems to be a fundamental limit to what is possible with this sort of system: it can only be as good at identifying images as the average person. But, the average person is probably far less good at identifying images than someone who is actually searching for a specific image.
No one (worth mentioning) searches for a "guy" or a "molecule" or a "plant." They search for "Guy Lombardo" or "Sulfur Hexafluoride" or "Sago Palm."
had the same partner several times. I would think that if you had group of people trying he suggests, you would get a partner who is playing your "penis" strategy fairly often - and it would be really obvious right away if they were (first image, you type penis and get a match. If not, then stop playing that way because your partner isn't one of your friends.)
And if you mention it on a slashdot thread and thousands of people read it and all jump over to the site and try it, your chances improve dramatically.
That's assuming no one involved in the project reads this thread and puts in a filter, and that no human looks for odd results in the statistics that they generate. The later is almost certainly untrue. I imagine anyone (at least any reasonably cool person) involved in this project is going to be spending a lot of time knee-deep in the data that this generates. Poisoning their stats is likely to get you little except a slide in talks discussing the "penis problem" and possible remedies. (Not that such is necessary an unpleasant result.)
Not true. Just like in other fields of forensics, you can tell when something has been modified. Therefore, even if the timestamps on the file were altered by the hacker, there are several ways they can still tell when the actual date was. There are alot more tools out there, software and hardware based, that can identify tampering.
Even if you can unambiguously date every file, that only makes a set up harder, not impossible.
Consider the following (rather extreme) thought experiment:
You create a trojan that downloads a bunch of child porn to some out of the way place on the infected computer and then removes itself. You selectively distribute it to individual users, so as to make discovery less likely. Perhaps you make it fairly smart, so that it hunts for directories containing legal porn and hides material there or in an analogously labeled place.
Then, ten months later, you release a very simple trojan that installs itself, looks for child porn using a very general search, and then reports what it finds. Make sure your victim gets it, and also post it to child porn usenet groups and other seemingly incriminating places in order to distribute it as widely as possible.
Then, when it finds the porn on your victim's computer, you go the FBI. Tell them what you found, and give them the source code to your new trojan. They take a close look at your victim's hard drive and find your trojan right where you said it would be, no other backdoors or exploits, and a 10 month old stash of kiddie porn.
I'm no computer forensics expert, but trying to prove that a machine has never been infected by software able to download material and then remove itself seems pretty close to impossible, at least if you don't know exactly what you're looking for. (Sure, there are security policies that would make such an identification possible, but I imagine a large number of home pc users don't employ them.)
If you're lucky enough to find a really tasty exploit in some exisiting software (like an unpatched browser) you might even be able to get by without ever writting anything (except the pornographic images) to the hard drive.
Now, I will readily agree this is a pretty extreme example. But, if it weren't for ethical constraints, I or thousands of other slashdot readers could pull this off, given a few months of work and a suitable victim (a windows user who's lazy about patches and doesn't run a good virus checker). There are plenty of personal grudges out there that would compel someone to go to this much trouble to set up a foe. And, if you are lucky enough to make friends with some organized crime types, you could probably turn a nice profit offering it as a service.
Now, if you really want to go to town and are willing to risk early discovery, you modify the user's software so that it adds a few MB of kiddy porn to every burned CD and DVD and then mounts them with a filter that removes any sign of their existence. Now the FBI finds physical media obviously burned and handled by the victim, containing child porn. Your victim is going to have a tough time explaining that he had no idea that the DVD he burned of legal porn also contained a directory called "young children" full of explicit images.
Fortunately, the US criminal justice system doesn't (well, isn't supposed to) convict people when "the most likely explanation" is that they are guilty.
But, does it really seem overwhelmingly more likely that an anonymous guy who used malicious software to gain access to someone's machine without permission and then contacted the cops found child porn there rather than that he both planted and found it?
Sure, the simplest explanation may be that the anonymous hacker is telling the truth. There are a lot of vigilantes out there who would happily commit illegal acts in order to put away people who possess child porn. But there are also a lot of angry people out there who would happily set someone up on a false charge in order to settle a personal grievance.
Since we have only the hacker's word that the suspect is the one who downloaded the material, all the evidence found on the computer or involving communication with the computer is equivalent to the testimony of an anonymous, admitted criminal that the suspect is guilty. That, in itself, had better not be enough to convict someone.
The evidence they convict with is probably more like the actual hard drive full of kiddy porn from the guy's system and chat logs of undercover agents getting child porn from the guy. Hard to argue it was planted if you're sharing it freely.
Unless of course you had some reason to believe that a hacker had installed a rootkit on the guy's pc.
For what it's worth, we've always built room-temperature enclosures to house electronics gear and PCs for the work we do in Antarctica. It's almost always easier and cheaper then trying to insure all your equipment can survive harsh temperatures.
For the odd piece of gear that needs to survive out in the open, we test them thoroughly in a freezer ahead of time. Some things - in particular simple solid state single board gear with no moving parts - seem to do quite well down to -50 C or lower. But, as capacitor values drift and sockets and connectors contract, even some likely candidates fail. Anything with lubricants or precision mechanical parts (drives, fans, etc) are almost certain to cause trouble. Expect your batteries to die and a some read-write storage media to fail.
But, is it really necessary to put a dozen full computers in this environment? It sounds like serious overkill to run a bunch of temperature sensors. If you absolutely need to use PCs, see if you can place them just outside of the cold space and run cables. Or, if that's not possible, put them all in a single, insulated, enclosed space with an active thermostat and some electric heaters. Make sure that when all the PCs are running at full tilt the temperature in the box is slightly below your target, so that you can control it with only a heater.
Better yet, replace the PCs with small readout and control boards. If all you need is to record temperatures to within a few tenths of a degree, building a board that will give you dozens of channels and a straightforward digital interface should be a few day's work for a reasonably competent engineer - and fabbing them may well cost less than a dozen PCs. You can then hand pick parts and packaging that is rated (or tested by you) to low temperatures, or you can build in very small heaters that keep individual parts warm without dumping too much heat into the environment. You may even be able to find such a product off-the-shelf if you hunt around.
If you absolutely must have PCs, see if you can't find a small single-board computer that will do the job. Test several over dozens of thermal cycles in a freezer before deciding to use it, and buy a bunch of extras.
Yes it is just a math/physics problem, but it is by no means simple. Sure, if you make a number of simplifying assumptions about convection in a star, you could get an undergrad astrophysics class to tell you the minimum mass of a star. But in reality, the processes that drive convection in a star are incredibly complex, and not entirely understood.
True enough, but both back-of-the-envelope calculations and the best models give you an answer that's spot on, to within something less than a factor of two. It's not as though there's some great debate within the community about whether the minimum mass for pop-II stars is significantly different from.08 M_sun.
I'm a great fan of observational confirmations, and of giving Hubble time to people doing this sort of work, but it's hard to imagine why anyone who isn't a specialist in stellar modeling looking to test their code to within a few percent would care about this particular result.
It hardly seems like press release material. What's more, dressing up the article to make it seem like some great mystery has been solved is disingenuous.
But, I suppose, "this just in: astronomers have confirmed something that they've been rather confident is true for decades" doesn't sell papers.
I wonder how the big studios deal with marker crossings? (Then again, perhaps they just pay humans to do tedious work.)
Seems like there must be a cheap hardware solution, given enough time and energy.
For example, one could put colored filters on the reflectors. By replacing each dot with a cluster of colored dots and then selectively blackening them you could code each point uniquely. It would take some experimentation to figure out how to get the results you need with consumer gear. Presumably you won't have the resolution you'd need to pick out the individual dots, and it might take some work to identify an unresolved marker in a color image. If cameras are either very cheap or have a very fast and have an externally accessible frame sync, you could either use single color filtered cameras or a chopper wheel with several filters on each camera.
Or you could try to use single-color dots with a range of different colors. It would take some experimentation to see how many unique IDs can be reliably identified. Seems like it could be in the low hundreds though, given the number of unique colors a human can pick out of an image taken with a cheap webcam. Finding suitable reflectors might be a challenge. Perhaps mixing dies with corner reflector granules would work.
If you replace passive targets with LEDs and use very fast cameras, you could conceivably identify the dots by strobing them. If you can run at, say, 8 times the rate you need for motion capture then you've got plenty of bits to work with. Finding cheap consumer gear that will give you low noise images that fast may not be trivial. (Or, you could always do your motion capture work in slow motion, I guess.)
A final option is to add extra cameras. By adding additional nonorthogonal views, it should be possible to unambiguously decipher most crossings. Actually, that might not be very much harder than doing motion capture with a small number of cameras, especially if it doesn't need to happen in real time. Might be harder to align things properly - but you could imagine playing tricks with a rigid grid to try to automate most of that.
I think that is mostly to poison spam filters. If you mark it as junk, you're adding 'regular' words to your filters, which increases the possibilities of false positives, and eventually will make the filter useless.
Certainly possible.
But, it seems to me that if your goal is to generate false positives in spam filters, you could choose much better material: namely, real email. It wouldn't be hard to mine random mailing list archives and put together messages which are clearly recognizable to humans as spam but which are composed entirely of blocks of material taken from real email conversations. That way you get realistic word usage patterns and all the structural cues that make a message seem legitimate.
I'm no expert on how modern adaptive filters work, but I'd imagine that picking out message bodies which contain single words or unbroken 400 word paragraphs in formal prose with no signatures or salutations would be a pretty simple task. Even a dumb, brute-force word count would almost certainly find a difference between the half page of project Gutenberg text I tend to receive and the vast majority of my legitimate correspondence.
Of course, it's entirely possible that spammers are even *less* expert on how such filters work, and that what they're doing is far from optimal.
I repeat, "With a little experimentation, you could probably learn to measure the length of the delay in a keystroke echo using only the user's keystrokes."
My favorite tactic is to record all the messages from the group you most dislike.
Then, you digitize the audio and cut it up into individual phrases and words. You can either reassemble them by hand, or use a sound-board (a midi keyboard with appropriate software works great) to play them in real time. Rearrange the message so that it either says something absolutely opposite their real platform, or (my favorite) try to create an extreme version of their actual platform. The more extreme, the better; if you can arrange to have them call for overt genocide, you're in business.
Then, you phone the message in to your local college radio station, or make a friend there and give them the tapes. Or, if you really want to have fun, call in to a commercial talk radio station - ideally one aligned with the candidate - and try to get your message on air.
Of course, it helps if you happen to get calls with messages from someone immediately recognizable, preferably someone who makes an idiot of himself every time he speaks. It's hard to beat Arnold Schwarzenegger. (Well, Bush would be even better - but I haven't gotten any calls from him. Guess his folks don't bother calling Greens.)
Slashdot Mirror
>Confiscation IS theft.
Fair enough.
Replace my line with, "theft which is legal, illegal, or of debatable legality, carried out by civilians or government employees"
What's more, there are a lot of other data-loss scenarios for which RAID won't help you at all: namely, anything that either destroys the pc as a unit or anything that causes your machine to actively destroy data.
To name a few:
* disasters, natural or otherwise, that fry, crush or soak the pc as a whole. (Lightening, earthquake, broken water pipe.)
* Theft or confiscation of your computer. (Sure, you can argue with the DEA that your drug dealing roommate never used your computer, and you might win and get your hardware back. On the other hand, if your roommate manages to pawn it first, you're out of luck.)
* Any trojan, virus, hacker, or dumb friend who deletes your files or screws up your file systems or partitions tables. Sure, in the case of a dumb friend (or a dumb you), you may be able to recover if you discover it soon enough. . . but in that case hardware RAID is likely to make it far MORE of a pain in the ass than it otherwise would have been.
Sure, they're probably all less likely to happen to most home pcs than the failure of a single hard drive. But they're not so unlikely as to be worth ignoring, if you care about your data.
In choosing between RAID, and buying a couple spare drives in portable enclosures and keeping a weekly backup in your desk at work, the later seems quite a lot more attractive to me. Of course both is an even better solution. (Both, with an identical spare RAID card in your desk at work is best of all...)
If you ever need a demonstration that black vernacular has a detailed and robust grammatical structure, just mention ebonics in a room full of middle class white guys.
Without a doubt, one of them will start spewing nonsense like the above.
You need only ask, "why is it so immediately obvious that *this* is not genuine black english?"
- Munpfazy (wonders if Ambonese Malay speakers break into spontaneous, badly constructed parodies when local linguists mention the word, "Bandanese")
I imagine what the parent meant was that you email both keys to the one-time-use email address created for this purpose. That way you can retrieve it later given only the password associated with that address. (And, hopefully, the passphrase used when creating the gpg key...)
As a general rule, though, emailing your private keys to mail servers which you *expect* to give away your account information to outside parties in the near future is a rather sketchy strategy. Personally, I'd opt for a small flash drive hidden in a safe place instead.
>Information consists precisely in distinguishing signal
>from noise. In the case of Wikipedia the signal is
>important knowledge and the noise is ads and trivia.
But an encyclopedia is, by design, dominated by noise. The number of articles which will interest any particular user is insignificant compared to the whole.
To me, an article on a star wars character is almost exactly as useful as a list of antelope genera; that is to say, it isn't at all useful, except for the vague possibility it will some day be used to settle a bar room debate.
You can certainly argue that a taxonomic classification system to which scholars have devoted their lives and which (hopefully) reflects at least some underlying truth about the world itself is more important in some absolute sense than a collection of fictional facts cooked up by a couple screenplay writers in an afternoon. I wouldn't disagree. Still, they're both noise to me.
Trivial may decrease the signal to noise ratio of an encyclopedia; however, since that ratio is already vanishingly small, who cares? There are only two reasons to avoid trivia: it increases the cost of production and storage, and it bloats indices and makes it harder to find marginally more useful material. In the case of Wikipedia, neither applies.
Certainly scientific and numerical computing packages are nice - but unless you already have a deal with the vendors trying to negotiate cheap licenses can be complicated.
A free (if resource intensive) option that I'd love to see on our university system would be the possibility of running a virtualized private host, eg. with User Mode Linux, Vserver, or even just BSD jails.
That way those who want to do so could mess around with anything they desire without much risk to the host. Give people the freedom to mess with things, and chances are some of them will find interesting things to do.
Having root access on a dedicated server is really nice, and it can be difficult for the average university student to manage on their own. (Sure, dynamic host name forwarding and so on have made running a server from home fairly cheap, but for many students living in a tiny room with only a laptop it isn't really feasible to run your own machine without first having a good reason for it.)
Of course capping network access, disk space, cpu time, etc are all perfectly reasonable things to do in such a situation - and it might be a good idea to regularly scan for things like badly configured mail servers. You'd have to think carefully about how to assign either IPs or NAT port forwarding, but assuming only a few hundreds of students take you up on it, it shouldn't be impossible to come up with something both useful and unlikely to piss off the university brass.
Setting it up as an opt-in service would probably cut down on administrative headaches. Only the few percent of students who would take advantage of the service would be likely to ask for it.
Finally, one other random idea: set up a couple of individual machines for non-grant-funded personal computation projects. Let students apply for time, perhaps with mini-proposals conducted through some existing undergrad research program. There are probably plenty of senior thesis projects that could make good use of even modest computational resources.
I'm sure paying $11 for a novel actually *is* a good deal - but it sounds crazy for me. As someone who is both poor and lucky enough to live in a town with many large, extensive used books stores, paying more than $3 for a book seems excessive. (Well, maybe $7 for a lovely hard-back first edition...) For $24 a month I can get more books than I could possibly read in a month, and a small pizza too.
In many ways I'm an ideal e-book consumer. I read one or two novels a week, I work in a cleanroom where paper is forbidden and often have hour-long blocks of down-time, and I sleep several hours less per day than my partner and quite enjoy reading in bed with the lights out. I read more ebooks than anyone I know, and am considering getting one of these new Sony readers (and perhaps tearing it apart to add a back-light), but I've yet to purchase a single commercially distributed book.
If you ask me, the biggest problem with drm-crippled book and audio distribution is that it eliminates the used market. I don't have any sentimental attachment to physical artifacts - but when they they cost 1/5 as much as their digitized counterparts and simultaneously come with more freedom to use them however I wish and some nice cover art, it would be crazy to switch to the digital version.
I hope that in the next decade or two vendors who have accumulated a vast library of what would be out of print e-books they'll begin offering them at a price comparable to the used paper.
Interesting.
I've been contemplating doing something similar, except I expected to use TightVNC, since I'd never heard of UltraVNC's java viewer before. Many thanks for the suggestion.
Only problem is that the presentations are often hosted on a laptop connected to some random NAT wireless access point that I don't control. I've been meaning to put together something so that presenters can seamlessly ssh-tunnel to one of our servers to which the vnc clients can then connect, but haven't had a chance yet. Have you come up with another solution to the same problem?
I've got no problem with friends and family members using passive, religiously charged euphemisms when discussing death. If people find it easier to talk about their sister having "passed," that's fine by me.
But when it comes to journalism (or the slashdot equivalent), it comes off as silly at best and offensive at worst.
Rob Levin didn't pass. He didn't "Pass", pass on, nor pass away. He DIED, and he was KILLED. This isn't just death, but death in a horrible, violent, disturbing way.
Getting your head smashed in by an automobile and living for painful hours in a hospital critical care ward isn't gentle. It's horrible, and cruel, and ugly. Using gentle words to describe it doesn't make it any less so. It does us all a disservice by belittling the tragedy of what has actually happened.
That assumes you either need no corrections, or you annotate using a UV pen. And, that you are able to carry a stack of papers around the subway without creasing and wrinkling them.
There are only two good reasons to print a document:
* you want to scribble on it.
* you want to carry it somewhere that its likely to get lost or damaged or where an electronic reader is inappropriate.
In either case, this paper is unlikely to be useful.
Personally, I'd much rather see the Xerox R&D folks working on light weight, high-contrast electronic readers with robust note-taking features.
There is no problem with mice. The problem is touch screens. From the parent post,
."
"Now that laptops (and obviously tablets) have integrated touch technology, the new challenge for south paws is to use a stylus. .
But, if you ask me, scroll bars are more or less impossible to use anyway. Give me a rocker button or an equivalent stylus gesture any day. A device that requires dragging scroll bars around with a stylus is broken, no matter which hand you want to use.
Yup. Hams have been doing it for decades. (Well, most of us have just been talking about it - since actually doing it requires rather expensive gear and jammers troublesome enough to be worth the effort.) I can only imagine governments have been doing it for a lot longer than that.
But jumping from its use as forensic tool to something which could be used for authentication / spoofing detection on cheap networking gear is far from trivial. It's hard to imagine most wifi users paying to add the necessary gear to their access points. No matter how wonderful your pattern matching algorithm maybe, you still need a sensitive front end and a very fast sample rate to get the data in the first place. It's hard to imagine a scenario where the hardware needed to identify tiny perturbations on a signal wouldn't be a lot more expensive than the hardware needed to detect the signal itself.
Even as a forensic tool, the low cost of computer networking gear leaves an obvious out for savvy hackers: just load up on $5 wireless cards whenever you see them on sale, and throw each away after every successful use. It's a whole lot easier for most people to swap out networking hardware than to replace amateur radio transmitters. You could still use it to distinguish in real time between a particular legitimate user and an outsider, but that doesn't buy you very much unless it's cheap and robust enough to leave running at all times on every access point.
True enough for a conventional sound card, but there may be scenarios where it would work.
For example, some mid-level consumer sound cards us the same hardware jacks for for mic and line-in as for multi channel output. That suggests that at least one (and if you're lucky, possibly all) of the potential output jacks can be connected to an adc via software. If you happened run into a user with their "mic" jack connected to a headphone, there's a chance you could pull it off.
Likewise, some expensive multi-track cards include software controlled hardware patching. I don't know whether there are any cards that allow you to sample the line-out *after* the final amplifier, but they may exist.
Of course it still sounds far, far harder to do than simply moving on to someone with an actual microphone.
My anecdotal experience suggests the same. I played several rounds, and in almost every case the winning term was the most general and least informative: "guy," "people," "cake," "cigarette" (for a scene in which one person just happened to be smoking). Hard to believe you could find useful data in a sea of terms like that, unless of course google actually saves all the more specific terms that we guess and uses those for their analysis, and the real time matching is primarily just used to keep users interested. Then again, that's probably not unlikely.
On a barely related topic, I had a somewhat startling experience. The first time I tried it, the third image was from one of my collaborator's websites, and it was a picture that I'm very familiar with: a shot of three guys in red parkas at the South Pole station standing under a crane installing the DASI telescope. I put in a bunch of accurate, very specific search terms. As one might expect, there were no matches. Eventually I was reduced to terms like "crane" and "ice," at which point my partner passed.
Now, I can guarantee that I provided a dozen search terms that ought to map to that image. But, since there are probably only a hundred people in the world who would know what the subject of that picture was, chances are my extremely accurate and useful descriptions will be swamped by terms like "guys" and "red." It's probably a long shot to assume "crane" and "Antarctica" make it into the top ten.
There seems to be a fundamental limit to what is possible with this sort of system: it can only be as good at identifying images as the average person. But, the average person is probably far less good at identifying images than someone who is actually searching for a specific image.
No one (worth mentioning) searches for a "guy" or a "molecule" or a "plant." They search for "Guy Lombardo" or "Sulfur Hexafluoride" or "Sago Palm."
And if you mention it on a slashdot thread and thousands of people read it and all jump over to the site and try it, your chances improve dramatically.
That's assuming no one involved in the project reads this thread and puts in a filter, and that no human looks for odd results in the statistics that they generate. The later is almost certainly untrue. I imagine anyone (at least any reasonably cool person) involved in this project is going to be spending a lot of time knee-deep in the data that this generates. Poisoning their stats is likely to get you little except a slide in talks discussing the "penis problem" and possible remedies. (Not that such is necessary an unpleasant result.)
Even if you can unambiguously date every file, that only makes a set up harder, not impossible.
Consider the following (rather extreme) thought experiment:
You create a trojan that downloads a bunch of child porn to some out of the way place on the infected computer and then removes itself. You selectively distribute it to individual users, so as to make discovery less likely. Perhaps you make it fairly smart, so that it hunts for directories containing legal porn and hides material there or in an analogously labeled place.
Then, ten months later, you release a very simple trojan that installs itself, looks for child porn using a very general search, and then reports what it finds. Make sure your victim gets it, and also post it to child porn usenet groups and other seemingly incriminating places in order to distribute it as widely as possible.
Then, when it finds the porn on your victim's computer, you go the FBI. Tell them what you found, and give them the source code to your new trojan. They take a close look at your victim's hard drive and find your trojan right where you said it would be, no other backdoors or exploits, and a 10 month old stash of kiddie porn.
I'm no computer forensics expert, but trying to prove that a machine has never been infected by software able to download material and then remove itself seems pretty close to impossible, at least if you don't know exactly what you're looking for. (Sure, there are security policies that would make such an identification possible, but I imagine a large number of home pc users don't employ them.)
If you're lucky enough to find a really tasty exploit in some exisiting software (like an unpatched browser) you might even be able to get by without ever writting anything (except the pornographic images) to the hard drive.
Now, I will readily agree this is a pretty extreme example. But, if it weren't for ethical constraints, I or thousands of other slashdot readers could pull this off, given a few months of work and a suitable victim (a windows user who's lazy about patches and doesn't run a good virus checker). There are plenty of personal grudges out there that would compel someone to go to this much trouble to set up a foe. And, if you are lucky enough to make friends with some organized crime types, you could probably turn a nice profit offering it as a service.
Now, if you really want to go to town and are willing to risk early discovery, you modify the user's software so that it adds a few MB of kiddy porn to every burned CD and DVD and then mounts them with a filter that removes any sign of their existence. Now the FBI finds physical media obviously burned and handled by the victim, containing child porn. Your victim is going to have a tough time explaining that he had no idea that the DVD he burned of legal porn also contained a directory called "young children" full of explicit images.
Fortunately, the US criminal justice system doesn't (well, isn't supposed to) convict people when "the most likely explanation" is that they are guilty.
But, does it really seem overwhelmingly more likely that an anonymous guy who used malicious software to gain access to someone's machine without permission and then contacted the cops found child porn there rather than that he both planted and found it?
Sure, the simplest explanation may be that the anonymous hacker is telling the truth. There are a lot of vigilantes out there who would happily commit illegal acts in order to put away people who possess child porn. But there are also a lot of angry people out there who would happily set someone up on a false charge in order to settle a personal grievance.
Since we have only the hacker's word that the suspect is the one who downloaded the material, all the evidence found on the computer or involving communication with the computer is equivalent to the testimony of an anonymous, admitted criminal that the suspect is guilty. That, in itself, had better not be enough to convict someone.
Unless of course you had some reason to believe that a hacker had installed a rootkit on the guy's pc.
For what it's worth, we've always built room-temperature enclosures to house electronics gear and PCs for the work we do in Antarctica. It's almost always easier and cheaper then trying to insure all your equipment can survive harsh temperatures.
For the odd piece of gear that needs to survive out in the open, we test them thoroughly in a freezer ahead of time. Some things - in particular simple solid state single board gear with no moving parts - seem to do quite well down to -50 C or lower. But, as capacitor values drift and sockets and connectors contract, even some likely candidates fail. Anything with lubricants or precision mechanical parts (drives, fans, etc) are almost certain to cause trouble. Expect your batteries to die and a some read-write storage media to fail.
But, is it really necessary to put a dozen full computers in this environment? It sounds like serious overkill to run a bunch of temperature sensors. If you absolutely need to use PCs, see if you can place them just outside of the cold space and run cables. Or, if that's not possible, put them all in a single, insulated, enclosed space with an active thermostat and some electric heaters. Make sure that when all the PCs are running at full tilt the temperature in the box is slightly below your target, so that you can control it with only a heater.
Better yet, replace the PCs with small readout and control boards. If all you need is to record temperatures to within a few tenths of a degree, building a board that will give you dozens of channels and a straightforward digital interface should be a few day's work for a reasonably competent engineer - and fabbing them may well cost less than a dozen PCs. You can then hand pick parts and packaging that is rated (or tested by you) to low temperatures, or you can build in very small heaters that keep individual parts warm without dumping too much heat into the environment. You may even be able to find such a product off-the-shelf if you hunt around.
If you absolutely must have PCs, see if you can't find a small single-board computer that will do the job. Test several over dozens of thermal cycles in a freezer before deciding to use it, and buy a bunch of extras.
True enough, but both back-of-the-envelope calculations and the best models give you an answer that's spot on, to within something less than a factor of two. It's not as though there's some great debate within the community about whether the minimum mass for pop-II stars is significantly different from
I'm a great fan of observational confirmations, and of giving Hubble time to people doing this sort of work, but it's hard to imagine why anyone who isn't a specialist in stellar modeling looking to test their code to within a few percent would care about this particular result.
It hardly seems like press release material. What's more, dressing up the article to make it seem like some great mystery has been solved is disingenuous.
But, I suppose, "this just in: astronomers have confirmed something that they've been rather confident is true for decades" doesn't sell papers.
Interesting.
I wonder how the big studios deal with marker crossings? (Then again, perhaps they just pay humans to do tedious work.)
Seems like there must be a cheap hardware solution, given enough time and energy.
For example, one could put colored filters on the reflectors. By replacing each dot with a cluster of colored dots and then selectively blackening them you could code each point uniquely. It would take some experimentation to figure out how to get the results you need with consumer gear. Presumably you won't have the resolution you'd need to pick out the individual dots, and it might take some work to identify an unresolved marker in a color image. If cameras are either very cheap or have a very fast and have an externally accessible frame sync, you could either use single color filtered cameras or a chopper wheel with several filters on each camera.
Or you could try to use single-color dots with a range of different colors. It would take some experimentation to see how many unique IDs can be reliably identified. Seems like it could be in the low hundreds though, given the number of unique colors a human can pick out of an image taken with a cheap webcam. Finding suitable reflectors might be a challenge. Perhaps mixing dies with corner reflector granules would work.
If you replace passive targets with LEDs and use very fast cameras, you could conceivably identify the dots by strobing them. If you can run at, say, 8 times the rate you need for motion capture then you've got plenty of bits to work with. Finding cheap consumer gear that will give you low noise images that fast may not be trivial. (Or, you could always do your motion capture work in slow motion, I guess.)
A final option is to add extra cameras. By adding additional nonorthogonal views, it should be possible to unambiguously decipher most crossings. Actually, that might not be very much harder than doing motion capture with a small number of cameras, especially if it doesn't need to happen in real time. Might be harder to align things properly - but you could imagine playing tricks with a rigid grid to try to automate most of that.
Certainly possible.
But, it seems to me that if your goal is to generate false positives in spam filters, you could choose much better material: namely, real email. It wouldn't be hard to mine random mailing list archives and put together messages which are clearly recognizable to humans as spam but which are composed entirely of blocks of material taken from real email conversations. That way you get realistic word usage patterns and all the structural cues that make a message seem legitimate.
I'm no expert on how modern adaptive filters work, but I'd imagine that picking out message bodies which contain single words or unbroken 400 word paragraphs in formal prose with no signatures or salutations would be a pretty simple task. Even a dumb, brute-force word count would almost certainly find a difference between the half page of project Gutenberg text I tend to receive and the vast majority of my legitimate correspondence.
Of course, it's entirely possible that spammers are even *less* expert on how such filters work, and that what they're doing is far from optimal.
I repeat, "With a little experimentation, you could probably learn to measure the length of the delay in a keystroke echo using only the user's keystrokes."
My favorite tactic is to record all the messages from the group you most dislike.
Then, you digitize the audio and cut it up into individual phrases and words. You can either reassemble them by hand, or use a sound-board (a midi keyboard with appropriate software works great) to play them in real time. Rearrange the message so that it either says something absolutely opposite their real platform, or (my favorite) try to create an extreme version of their actual platform. The more extreme, the better; if you can arrange to have them call for overt genocide, you're in business.
Then, you phone the message in to your local college radio station, or make a friend there and give them the tapes. Or, if you really want to have fun, call in to a commercial talk radio station - ideally one aligned with the candidate - and try to get your message on air.
Of course, it helps if you happen to get calls with messages from someone immediately recognizable, preferably someone who makes an idiot of himself every time he speaks. It's hard to beat Arnold Schwarzenegger. (Well, Bush would be even better - but I haven't gotten any calls from him. Guess his folks don't bother calling Greens.)