RES: And that requires a greater food base which can't be more insolation, but the additive effect of
super-abundant carbon dioxide would certainly have this effect. One of the problems that people
have always suggested about these high levels of oxygen at various times in the past, is that this is
comparable to what you have in an oxygen tent in a hospital. And what about wildfires? What they
forget is that the reason for this high oxygen is that there is also a high carbon dioxide level. We are
talking about carbon dioxide levels 6 to 10 times the present carbon dioxide level. And that is more
than enough to essentially combat wildfires.
This raises the question of climate change. It should be conveyed and understood that we are in a phase of “icehouse earth” that is abnormally cool for the planet. While this phase has lasted the entirety of human civilization and would have drastic consequences for many species should it end, it must be understood that temperatures and CO2 levels have normally been far higher, and the industrial contribution is relatively tiny.
“We find that CO2 emissions [during the Cretaceous] resulting from super-plume tectonics could have produced atmospheric CO2 levels from 3.7 to 14.7 times the modern pre-industrial value of 285 ppm.”
http://adsabs.harvard.edu/abs/...
Until the past two centuries, the concentrations of CO2... had never exceeded about 280 ppm... Current concentrations of CO2 are about 390 ppm...
http://www.acs.org/content/acs...
“We are talking about carbon dioxide levels 6 to 10 times the present carbon dioxide level. When you have high amounts of carbon dioxide in an atmosphere up to a certain limit, which is considerably higher than it is now, the result is green plants grow very much better... And it is precisely at this time that the recovery from the first dinosaur extinction takes place. When the super plumes come and carbon dioxide increases, and the oxygen correspondingly increases as a result of photosynthesis... And yet the super plumes did not last forever and they started to die at the end of Cretaceous.... In any event, large dinosaurs really required to be living in an oxygen tent. An atmosphere in the neighborhood of 35 percent oxygen would be considerably more compatible with large dinosaurs than one in the neighborhood of 28. And so this suggested to me that this was perhaps a significant reason for the first dinosaur extinction, and probably one of the major factors in the second, the terminal dinosaur extinction, other than the birds. It also neatly tied together all of the really bizarre features about the Cretaceous... The Cretaceous is clearly a green house period as opposed to the present ice house that we have... 72 percent of the world's petroleum supply comes from Cretaceous rocks. Well, the rich carbon dioxide of course provides for a much greater biogenic diversity... [The Cretaceous supported] 8 or 9 tropic levels, which cannot be supported today.”
http://www.ucl.ac.uk/.../sloan...
“The earth is currently in an icehouse stage, as ice sheets are present on both poles and glacial periods have occurred at regular intervals over the past million years... Earth is more commonly placed in a greenhouse state throughout the epochs, and the Earth has been in this state for approximately 80% of the past 500 million years... Permanent ice is actually a rare phenomenon in the history of the Earth, occurring only during the 20% of the time that the planet is under an icehouse effect.”
https://en.wikipedia.org/wiki/...
This raises the question of climate change. It should be conveyed and understood that we are in a phase of âoeicehouse earthâ that is abnormally cool for the planet. While this phase has lasted the entirety of human civilization and would have drastic consequences for many species should it end, it must be understood that temperatures and CO2 levels have normally been far higher.
âoeWe find that CO2 emissions [during the Cretaceous] resulting from super-plume tectonics could have produced atmospheric CO2 levels from 3.7 to 14.7 times the modern pre-industrial value of 285 ppm.â
http://adsabs.harvard.edu/abs/...
âoeWe are talking about carbon dioxide levels 6 to 10 times the present carbon dioxide level. When you have high amounts of carbon dioxide in an atmosphere up to a certain limit, which is considerably higher than it is now, the result is green plants grow very much better... And it is precisely at this time that the recovery from the first dinosaur extinction takes place. When the super plumes come and carbon dioxide increases, and the oxygen correspondingly increases as a result of photosynthesis... And yet the super plumes did not last forever and they started to die at the end of Cretaceous.... In any event, large dinosaurs really required to be living in an oxygen tent. An atmosphere in the neighborhood of 35 percent oxygen would be considerably more compatible with large dinosaurs than one in the neighborhood of 28. And so this suggested to me that this was perhaps a significant reason for the first dinosaur extinction, and probably one of the major factors in the second, the terminal dinosaur extinction, other than the birds. It also neatly tied together all of the really bizarre features about the Cretaceous... The Cretaceous is clearly a green house period as opposed to the present ice house that we have... Well, the rich carbon dioxide of course provides for a much greater biogenic diversity.â
http://www.ucl.ac.uk/.../sloan...
âoeThe earth is currently in an icehouse stage, as ice sheets are present on both poles and glacial periods have occurred at regular intervals over the past million years... Earth is more commonly placed in a greenhouse state throughout the epochs, and the Earth has been in this state for approximately 80% of the past 500 million years... Permanent ice is actually a rare phenomenon in the history of the Earth, occurring only during the 20% of the time that the planet is under an icehouse effect.â
https://en.wikipedia.org/wiki/...
Weak passwords are even more vulnerable with a fast hashing algorithm. Hashed password storage should use bcrypt, which is intentionally slow, and makes dictionary attacks less practical.
Dear Theo, the Pi allows easier and cheaper access to SLC storage, and there is less fiddling with internal/external boot devices. It's an older instruction set on a slower cpu, but everybody has one. Pretty please would you port?
What is to stop an application from opening a socket to a trojan server, downloading a binary, writing it, chmod 700, then executing it?
Google might not recognize that malware for what it is until far, far too late.
And since the majority of Android devices are vulnerable to towelroot, that binary owns the phone.
A mass install of a popular app with such stealth malware could see thousands upon thousands of phones suddenly compromised, and there is nothing that Google can do.
I don't like being tracked, so I randomize my MAC with Pry-Fi. If you would be so kind to tell us who you work for, we can all enable the "Go to war!" mode to flood you with bogus MACs. Game?
It is a user's great hope, and the carriers' and oems' great dread, that SuperSU is about to find itself installed on a vast new segment of the Android market. Here's hoping!
You can easily run create as many ORACLE_SIDs as you want in one ORACLE_HOME. Just export the environment variable for a new SID, login to sqlplus, CREATE DATABASE, then run CATALOG.SQL and CATPROC.SQL.
The problem with multiple ORACLE_SIDs is precisely the problem with VMs: the kernel is duplicated within each instance, which is a waste of RAM and storage.
I don't have enough instances to justify the new multitenant, but the idea behind it is the same as nspawn/Docker or Solaris Zones. There is only one kernel, and one set of OS binaries. Containers are rolled into the OS, which means that you can fit more "userland" on the system because you are only running one "kernel."
IDK if Microsoft has been doing this. Kudos if they have.
I do agree, it was a mistake. I bought the phone because Cyanogenmod's website said that it was compatible, and I didn't thoroughly research it. I'm now running Alliance, and pondering a hardware service that can unlock the bootloader for $80.
I need Verizon because we have repeaters for it at work. I hate those people, and I'm on an mvno.
The Spice electrical circuit simulation software was developed in FORTRAN on several platforms (including VAX VMS) in the 1970s. I managed to compile it for Linux and Windows years ago, and I host the source and binaries on a laptop in my basement.
This specific version is in many circuits textbooks - newer versions are not compatible with the syntax of this release. I see a fair amount of traffic for it. I should probably spend some time on a nicer HTML5 download page.
I'd like to fix my mediaserver and stagefright. I'd run Cyanogenmod, but Verzion prevents me from using an unsigned kernel.
If I follow these instructions for my Samsung phone, can I pull the mediaserver and stagefright libraries out of the resulting.zip and load them in place of the existing binaries, can I have a running system that closes the exploits? I can likely use the nm utility on the resulting.so and check that all the symbols in the old libraries exist in the new.
The build process appears to pull from both aosp and cyanogenmod, and I understand that aosp Kitkat has been retroactively patched.
The wiki says that North Korea generates all of their weapons plutonium from this design, but unfortunately not go into any detail on how the plutonium is removed and purified.
I had never heard of Magnox before - it's quite interesting that non-enriched, direct ore uranium can be used as fuel. I had imagined that only a liquid salt thorium reactor could accomplish this, but it does appear that fuel reprocessing costs for Magnox are much higher.
I know that Towelroot was originally disclosed by PinkyPie, but that Geohot developed the full Android exploit. The remainder of your post is news to me. I wasn't aware that Sunshine was even out at that point (as they don't support Samsung).
Convey to us that those who gather intelligence will respect the doctrine of the fruit of the poison tree, and refrain from using tainted evidence in building criminal cases against citizens outside of dire threats.
https://en.m.wikipedia.org/wik...
xterm brags that they have the most faithful emulation of the DEC vt100/220/320/420/520 state machines of any implementation on the market.
In summary, none of the other terminal emulators emulates "most" of xterm. Instead, they implement the most commonly-used control sequences, and there are differences between them.
I have Cygwin on my office Windows PC, and when I have to work with a VAX or otherwise use a complete and faithful terminal emulation, I use xterm.
If xterm had tabs, I would never use anything else. Since it doesn't, I use gnome-terminal under Cygwin. The xterm maintainer has interesting things to say about gnome-terminal:
A more recent GNOME Terminal uses the VTE widget. I observed version 1.4.0.4 in late 2001, which mentioned it in the credits (although VTE 0.1's ChangeLog mentions no date before February 2002). It does not implement a complete vt102: it was missing several features which can be demonstrated in vttest)...
...so I use gnome-terminal under Windows for most everything, except when I need extremely high-fidelity.
p.s. I will say that our production floor relies on the Reflections commercial telnet client. They like the old version so much that I had to wrap it in stunnel - there were too many objections to the new(er) ssh versions. I really don't like Reflections myself.
Can someone please explain to me why LD_LIBRARY_PATH does not point first to a/data/lib directory, where an app-store had a chance of patching a flaw in/system?
I am updating vlcplayer at least once every three months - why did Google decide to carve the stagefright libraries into/system stone with no hope of updating?
At least this bug does not impact me - I rooted and torched stock because of the SOP bug, and Chrome just on principle.
The job of security is to fully understand the risk, penalty, and consequence of system compromises, and then to suggest the proper tools to manage this risk.
Some people work with data that involves enormous consequences should it be compromised. These people are likely not on Linux if they understand the issues properly.
Slashdot Mirror
Sloan specifically mentions the question of fire.
“We find that CO2 emissions [during the Cretaceous] resulting from super-plume tectonics could have produced atmospheric CO2 levels from 3.7 to 14.7 times the modern pre-industrial value of 285 ppm.” http://adsabs.harvard.edu/abs/...
Until the past two centuries, the concentrations of CO2 ... had never exceeded about 280 ppm... Current concentrations of CO2 are about 390 ppm...
http://www.acs.org/content/acs...
“We are talking about carbon dioxide levels 6 to 10 times the present carbon dioxide level. When you have high amounts of carbon dioxide in an atmosphere up to a certain limit, which is considerably higher than it is now, the result is green plants grow very much better... And it is precisely at this time that the recovery from the first dinosaur extinction takes place. When the super plumes come and carbon dioxide increases, and the oxygen correspondingly increases as a result of photosynthesis... And yet the super plumes did not last forever and they started to die at the end of Cretaceous.... In any event, large dinosaurs really required to be living in an oxygen tent. An atmosphere in the neighborhood of 35 percent oxygen would be considerably more compatible with large dinosaurs than one in the neighborhood of 28. And so this suggested to me that this was perhaps a significant reason for the first dinosaur extinction, and probably one of the major factors in the second, the terminal dinosaur extinction, other than the birds. It also neatly tied together all of the really bizarre features about the Cretaceous... The Cretaceous is clearly a green house period as opposed to the present ice house that we have... 72 percent of the world's petroleum supply comes from Cretaceous rocks. Well, the rich carbon dioxide of course provides for a much greater biogenic diversity... [The Cretaceous supported] 8 or 9 tropic levels, which cannot be supported today.” http://www.ucl.ac.uk/.../sloan...
“The earth is currently in an icehouse stage, as ice sheets are present on both poles and glacial periods have occurred at regular intervals over the past million years... Earth is more commonly placed in a greenhouse state throughout the epochs, and the Earth has been in this state for approximately 80% of the past 500 million years... Permanent ice is actually a rare phenomenon in the history of the Earth, occurring only during the 20% of the time that the planet is under an icehouse effect.” https://en.wikipedia.org/wiki/...
No, it "only leads to other errors".
Funny, I haven't heard of any showstopper bugs in OpenBSD libc - not this year, not ever. And it's ubiquitous, since I'm running it on my phone.
This bug, after ghost, would be a good opportunity to take a step back for a serious assessment of what must be removed for a secure system.
Here is a script that I use to pass sensitive content from outside email. I should probably redo it to use keypairs on both sides.
#!/bin/sh #openssl genrsa -aes256 -out ~/.prv.key 8192
#openssl rsa -in ~/.prv.key -pubout -out ~/.pub.key
PVK=~/.prv.key
PBK=~/.pub.key
SESSION_KEY=$(mktemp -t crypter-session_key-XXXXXX)
case $(basename $0) in
encrypter)
openssl rand -base64 48 -out ${SESSION_KEY}
openssl rsautl -encrypt -pubin -inkey ${PBK} -in ${SESSION_KEY} |
openssl base64
echo ___:
for f
do
openssl enc -aes-256-cbc -salt -a -e -pass file:${SESSION_KEY} -in "${f}"
echo ___:$(basename "${f}")
done;;
decrypter)
TMP=$(mktemp -t crypter-tmp-XXXXXX)
PW=${HOME}/.pas
while read l
do if [[ ${l%%:*} == '___' ]]
then if [[ -s "${SESSION_KEY}" ]]
then f=$(basename "${l#___:}")
openssl aes-256-cbc -salt -a -d \
-pass file:${SESSION_KEY} \
-in ${TMP} -out "${f}"
else openssl base64 -d -in ${TMP} |
openssl rsautl -decrypt -inkey ${PVK} \
-passin file:${PW} -out ${SESSION_KEY}
fi
> ${TMP}
else echo ${l} >> ${TMP}
fi
done
rm ${TMP};;
esac
rm ${SESSION_KEY}
This raises the question of climate change. It should be conveyed and understood that we are in a phase of âoeicehouse earthâ that is abnormally cool for the planet. While this phase has lasted the entirety of human civilization and would have drastic consequences for many species should it end, it must be understood that temperatures and CO2 levels have normally been far higher. âoeWe find that CO2 emissions [during the Cretaceous] resulting from super-plume tectonics could have produced atmospheric CO2 levels from 3.7 to 14.7 times the modern pre-industrial value of 285 ppm.â http://adsabs.harvard.edu/abs/... âoeWe are talking about carbon dioxide levels 6 to 10 times the present carbon dioxide level. When you have high amounts of carbon dioxide in an atmosphere up to a certain limit, which is considerably higher than it is now, the result is green plants grow very much better... And it is precisely at this time that the recovery from the first dinosaur extinction takes place. When the super plumes come and carbon dioxide increases, and the oxygen correspondingly increases as a result of photosynthesis... And yet the super plumes did not last forever and they started to die at the end of Cretaceous.... In any event, large dinosaurs really required to be living in an oxygen tent. An atmosphere in the neighborhood of 35 percent oxygen would be considerably more compatible with large dinosaurs than one in the neighborhood of 28. And so this suggested to me that this was perhaps a significant reason for the first dinosaur extinction, and probably one of the major factors in the second, the terminal dinosaur extinction, other than the birds. It also neatly tied together all of the really bizarre features about the Cretaceous... The Cretaceous is clearly a green house period as opposed to the present ice house that we have... Well, the rich carbon dioxide of course provides for a much greater biogenic diversity.â http://www.ucl.ac.uk/.../sloan... âoeThe earth is currently in an icehouse stage, as ice sheets are present on both poles and glacial periods have occurred at regular intervals over the past million years... Earth is more commonly placed in a greenhouse state throughout the epochs, and the Earth has been in this state for approximately 80% of the past 500 million years... Permanent ice is actually a rare phenomenon in the history of the Earth, occurring only during the 20% of the time that the planet is under an icehouse effect.â https://en.wikipedia.org/wiki/...
Weak passwords are even more vulnerable with a fast hashing algorithm. Hashed password storage should use bcrypt, which is intentionally slow, and makes dictionary attacks less practical.
Dear Theo, the Pi allows easier and cheaper access to SLC storage, and there is less fiddling with internal/external boot devices. It's an older instruction set on a slower cpu, but everybody has one. Pretty please would you port?
What is to stop an application from opening a socket to a trojan server, downloading a binary, writing it, chmod 700, then executing it?
Google might not recognize that malware for what it is until far, far too late.
And since the majority of Android devices are vulnerable to towelroot, that binary owns the phone.
A mass install of a popular app with such stealth malware could see thousands upon thousands of phones suddenly compromised, and there is nothing that Google can do.
I don't like being tracked, so I randomize my MAC with Pry-Fi. If you would be so kind to tell us who you work for, we can all enable the "Go to war!" mode to flood you with bogus MACs. Game?
It is a user's great hope, and the carriers' and oems' great dread, that SuperSU is about to find itself installed on a vast new segment of the Android market. Here's hoping!
We've dealt with non-compete agreements in IT for decades. Let's impose some on the politicians.
Oracle is popular with mission-critical enterprises, who have LARGE checkbooks, HUGE transaction volumes, and cannot afford ONE MINUTE of downtime.
This is not, and has never been, Microsoft's target market.
No one has attempted in quite some time to seriously challenge Oracle in massive transaction volumes.
You will notice that Oracle's top score is on SPARC, and is from nearly three years ago. There is no significant challenge to them on TPC-C.
You can easily run create as many ORACLE_SIDs as you want in one ORACLE_HOME. Just export the environment variable for a new SID, login to sqlplus, CREATE DATABASE, then run CATALOG.SQL and CATPROC.SQL.
The problem with multiple ORACLE_SIDs is precisely the problem with VMs: the kernel is duplicated within each instance, which is a waste of RAM and storage.
I don't have enough instances to justify the new multitenant, but the idea behind it is the same as nspawn/Docker or Solaris Zones. There is only one kernel, and one set of OS binaries. Containers are rolled into the OS, which means that you can fit more "userland" on the system because you are only running one "kernel."
IDK if Microsoft has been doing this. Kudos if they have.
I do agree, it was a mistake. I bought the phone because Cyanogenmod's website said that it was compatible, and I didn't thoroughly research it. I'm now running Alliance, and pondering a hardware service that can unlock the bootloader for $80.
I need Verizon because we have repeaters for it at work. I hate those people, and I'm on an mvno.
The Spice electrical circuit simulation software was developed in FORTRAN on several platforms (including VAX VMS) in the 1970s. I managed to compile it for Linux and Windows years ago, and I host the source and binaries on a laptop in my basement.
This specific version is in many circuits textbooks - newer versions are not compatible with the syntax of this release. I see a fair amount of traffic for it. I should probably spend some time on a nicer HTML5 download page.
I'd like to fix my mediaserver and stagefright. I'd run Cyanogenmod, but Verzion prevents me from using an unsigned kernel.
If I follow these instructions for my Samsung phone, can I pull the mediaserver and stagefright libraries out of the resulting .zip and load them in place of the existing binaries, can I have a running system that closes the exploits? I can likely use the nm utility on the resulting .so and check that all the symbols in the old libraries exist in the new.
The build process appears to pull from both aosp and cyanogenmod, and I understand that aosp Kitkat has been retroactively patched.
The wiki says that North Korea generates all of their weapons plutonium from this design, but unfortunately not go into any detail on how the plutonium is removed and purified.
I had never heard of Magnox before - it's quite interesting that non-enriched, direct ore uranium can be used as fuel. I had imagined that only a liquid salt thorium reactor could accomplish this, but it does appear that fuel reprocessing costs for Magnox are much higher.
If btrfs has so many issues, I wonder why Docker doesn't have a deployment on Illumos. or SmartOS.
I would think that Docker enthusiasm would be damped by a beta filesystem and (the lack of) verifiable security in package content.
I know that Towelroot was originally disclosed by PinkyPie, but that Geohot developed the full Android exploit. The remainder of your post is news to me. I wasn't aware that Sunshine was even out at that point (as they don't support Samsung).
...for without you, I wouldn't have root on my phone - Verizon would have taken it from me. I'd buy your car any day.
Make it rain!
Convey to us that those who gather intelligence will respect the doctrine of the fruit of the poison tree, and refrain from using tainted evidence in building criminal cases against citizens outside of dire threats. https://en.m.wikipedia.org/wik...
This is for Elliptic Curve ciphers (EC), not Error Correcting Code (ECC).
It should be possible to remove these ciphers from your TLS configuration. If you consider the current best practice for Apache:
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
Then removing Elliptic Curve should be as simple as:
SSLCipherSuite DH+AESGCM:DH+AES256:DH+AES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
That doesn't seem too difficult, and there is some opinion that this is actually an improvement on security.
xterm brags that they have the most faithful emulation of the DEC vt100/220/320/420/520 state machines of any implementation on the market.
I have Cygwin on my office Windows PC, and when I have to work with a VAX or otherwise use a complete and faithful terminal emulation, I use xterm.
If xterm had tabs, I would never use anything else. Since it doesn't, I use gnome-terminal under Cygwin. The xterm maintainer has interesting things to say about gnome-terminal:
...so I use gnome-terminal under Windows for most everything, except when I need extremely high-fidelity.
p.s. I will say that our production floor relies on the Reflections commercial telnet client. They like the old version so much that I had to wrap it in stunnel - there were too many objections to the new(er) ssh versions. I really don't like Reflections myself.
Can someone please explain to me why LD_LIBRARY_PATH does not point first to a /data/lib directory, where an app-store had a chance of patching a flaw in /system?
I am updating vlcplayer at least once every three months - why did Google decide to carve the stagefright libraries into /system stone with no hope of updating?
At least this bug does not impact me - I rooted and torched stock because of the SOP bug, and Chrome just on principle.
The job of security is to fully understand the risk, penalty, and consequence of system compromises, and then to suggest the proper tools to manage this risk.
Some people work with data that involves enormous consequences should it be compromised. These people are likely not on Linux if they understand the issues properly.