Gold is produced by a zillion miners all over the world at a more or less long term stable labor cost
Gold can be repurposed / recycled / remanufactured pretty much infinitely
Gold at least fundamentally has a long term "drain" to the market in industrial processes and electronic connectors, etc, and a medium term "drain" as in give a girl a piece of gold jewelry and it "probably" won't be melted down for a lifetime or at least a little while anyway. So the market has both a source and a drain (no gate, so its not a FET (sorry)) and its got both short liquid traders and long term non-liquid owners. Those combined make a stable long term market.
Lego is the opposite of all of those characteristics of gold. For example, nothing stopping Lego Inc from buying short futures on the price of the classic millennium falcon, and shipping a million $50 made-in-china clones imploding the price, making serious bank off the futures and selling new identical sets to all the suckers.
He is correct that lego from an inflation standpoint is an adequate stand in for any other generic commodity. It is, fundamentally, a refined petroleum product. Made out of oil, shipped by oil... So on a long term basis should track oil, more or less. The imaginary govt propaganda inflation numbers don't count energy prices in order to keep the figures low... no great surprise that an oil surrogate product is rising in price faster than the propaganda inflation number. For a very small time investor its a pretty good commodity oil surrogate, can anyone think of a better one? Better as in a more "pure" surrogate or higher weight/volume cost density?
I started looking into local community colleges and universities, and much to my dismay, they offer neither nighttime or online courses for computer science.
Why does it have to be so nearby? My online CS degree was like 50 miles away. Made for a long drive at finals time for the proctored exams, but its only about 3 times per year. They had procedures if you're too far away, but visiting campus provided an interesting excuse to meet the profs etc. Most non-CS classes were written essay exams (no problemo, sit down and scribble for an hour), but most CS classes were large project (exhausting endless hours). Also if your local state U 2-year college doesn't offer 4th-year compilers class or whatever, that doesn't mean a local prof won't proctor your online state-U exam. I have even been "proctored" by a secretary/receptionist. Policies might have changed over the last decade or so, but this is all how it used to be.
Also most local community state-U might not offer 4th year systems analysis class, but they offer psychology of human relations or Calc I or WTF-101 and most major U are all hybrid anyway so as long as you can handle the upper level classes remote, you can take public speaking in person at the "2-year" community-U probably without even filling out transfer paperwork. Research this carefully, of course.
One HUGE flashing light warning from a guy who's survived it, is you'll see advertising copy about 10 different curricula offered, or sub-majors, or whatever, like IT/MIS and networking and web design and software engineering and embedded and classical CS, and a small local might even offer all of the required classes DURING THE DAY but at night they only offer, say, web design, or they only offer compilers at night one semester every 3 years. That was me in 2001, running like hell from a small in-person local to a "nearby" mostly online degree.
Yes yes Livia. The conspiracy theory is she was all scheming to kill, well, pretty much everyone except her son. To the point of utter ridiculousness. And the series kinda bought into it, which was a shame, although dramatic. Otherwise a more or less historically accurate show.
Space 1999 was good when I was a kid, but when I re-watched it as an adult I found it terrible -- the show needed better writing
We could list that kind of series all day. The original battlestar galactica... Buck Rogers... The A team... Frankly the bottom 25% of Star Trek TOS episodes (space hippies? spocks brain?). Seemed like pretty good stuff at the time, but seeing it again via the internet, ugh, I can't believe how much of my life was wasted watching that junk.
Some TV ages pretty well. "World at War" by the BBC, better than any documentary made by the cable networks in the last couple decades. Maybe the best documentary ever made (and yes I am considering the Ken Burns series, although his Civil War might make a good 2nd place).
I might be the only/.er to have ever watched any of I, Claudius. But man what a unhistorical hatchet job to livia (olivia?) or whatever her name was who was portrayed as a mass murderess although no one else historically thinks so (other than a couple conspiracy theory cranks).
They're not all that bad. I've had excellent results with linux compatible hardware. If someone posts "works fine under debian squeeze linux just apt-get install firmware-nonfree first" it inevitably works. Or at least I've not been burned yet.
Another example, those strange TV tuner USB dongles that people use with SDR software using the rtl-whatever-it-is driver and software... if there's 100 reviews explaining exactly how they configured it and the tuning range of the device, invariably they're correct and it did just work.
Bad tech reviews are invariably short and honest (doesn't work under linux) or long strangely public displays of general inability like a discussion of how they couldn't figure out how to burn a Ubuntu.iso file therefore this network card is useless (wtf?)
TLDR : for simple facts, my experience is good reviews are almost always correct.
but would only calculate the star rating based on purchasers' reviews.
Why not "similar purchasers" reviews? If you've spent as much money on sci fi as I have, I'd probably value your opinion about some random book. On the other hand, if you have not spent much money in that particular genre, indicating a likely lack of knowledge in the field, I'm probably not very interested. Its just one small step beyond the existing personal recommendations system. If I post a review about surface mount soldering stations, you'd best sit up straight and pay close attention, but if I post about lord of the rings you may as well not read it, or at least start laughing now (so, why didn't the eagles just drop the ring in the volcano? (don't answer just trolling)).
Stross's blog said it all a couple days ago. For those living under a rock, he's a pretty good modern sci-fi / horror type author. Disclaimer, probably biased toward him for having similar religious beliefs.
Dumb people don't like feeling dumb, so most 1 star reviews are illiterate trailer trash... and the writing quality clearly reflects it. Ignore.
Hard core fans will rate everything you do as 5 stars. Meaningless. Ignore. So he doesn't like my reviews. Whatever.
A U shaped curve indicates nothing about quality and everything about high impact, also the opposite n shaped curve indicates apathy and low impact.
So.... applied to the article, first, analyze the shape of the "star" curve. Next, toss out any reviews that appear to be written in crayon by illiterates. Toss out any review where everything the author has ever written gets 5 stars. Analyze the remaining reviews by content... "apathy words" in the 3-star column of the histogram are bad news, etc.
Yeah I donno about that. "My time" for the train is like 15 minutes to get aboard and literally 5 minutes to cross the street on the NYC side. "My time" for the airplane is a half hour out to the airport in the middle of nowhere and parking, two hours sitting around for security theater playtime, you can't do what you want on a plane so thats about two hours lost during flight time, and finally a nice $50 hour long cab ride on the NYC side, so that's like 5 hours of "my time" if flying.
As for the restaurant, the amtrak food was "nice" sure not a $200 steak house but no worse than a family restaurant, and the cabin was comfortable enough to sleep in. I had a little sleeper cabin with desk, one entire wall is a giant window, and all that.
Booze? Oh god yes. Some day you should take an observation car out west where the obs car has a bar in the middle of the top floor (the observation area). The west coast trains are double decker two floor and much nicer than the east coast single floor dumpy-trains. None the less booze is booze... Nicotine addicts would have serious issues with Amtrak, but the alkies will be just fine, well lubricated, whatever. Also if you have a cabin unless they're peeking in the windows you can drink or eat whatever you can haul aboard...
The first trains on the new route hit 300 kph (186 mph)
That's the problem with "high speed rail" it means anything over 100 mph even if just for a short segment. Its not going 500 MPH the whole way. Its not even twice as fast as existing USA trains.
I've taken the train between Chicago and Milwaukee many times, if you have a handheld GPS you see it hit 100 MPH for several segments. Also, I took the overnight train from Chicago to NYC for the 2600 hope convention some years ago, it did hit 100 mph at one point.
I will say that 1500 miles is about perfect at "high" china speed, much as 1000 miles is about perfect on USA 80 mph trains. You step aboard before a late dinner, eat a nice relaxing steak dinner watching corn fields roll by, great nights sleep, breakfast time, and here I am in NYC across the street (literally) from the conference. Fun fun fun.
(years ago) I used to get blasted at home from China IP addrs trying various root passwords. Flooding my logs with failures. Since then I only allow key auth from the untrustable internet. I'd never allow password auth over the internet. Copying a key is not a big deal. Or logging into another machine that I know has a key, etc.
On the LAN, if some clown gets infected and port scanning / password scanning, I can literally walk over and physically take care of it.
Something I know, that hasn't been mentioned, is freescale released at least some cores under an at least sorta-free license near a decade ago, so I would think it amusing to make a multi-machine build farm out of a big FPGA (or board full of FPGAs...) At least way back then, there were not many options for running linux on a (official released) FPGA soft core. I would imagine there are more options now if you want to run linux on a (official) soft core.
We just put the password in another file, and use a script to handle it.
Naah just put the password on the command line. What could possibly go wrong?
(Note, just kidding)
At one point I had at work an implementation looking a lot like the Debian development anon-ftp system... Sure, upload whatever you want, but if its more than 5 minutes old and has no valid GPG signature, then it gets wiped. On the other hand if its got a valid GPG sig, trust it and run it. If you're going to put an anon ftp server on the internet you need to partition upload and download so as not to become a warez site. I suppose if there was a buffer overflow in GPG (or the ftp server, or my lame little wrapper script) I would have been pretty well screwed. Also put some sensible limits on it for ddos reduction.
"Run any script you see, as long as its got a valid GPG sig..." is a pretty simple wrapper. Authenticate the code, not the transfer, more or less. Essentially, a crude DRM system... I wish this design/pattern were more "mainstream".
The pass phrase never leaves the client, right, so you'd have to magically protect against trojaned client that lies and pinky swears that it really did check.
Or send the passphrase cleartext to the server for the server to test it. That would be bad. Of course if you had a trustable connection between, then you could safely transfer the passphrase to the server for testing, but then you'd already trust the link so it would be pointless.
The solution is after you set up the trusted link you send the passphrase over the link and have the server verify the phrase and dump the connection if it fails.
There's probably some horrible failure mode where if a server is owned then you're really screwed because now it has your passphrase which is probably your gmail password and xbox password and who knows what else.
So rather than scare people about poor key management, let's scare people about bad passwords -- which is nearly all passwords.
Hey slashdot does anyone have an implementation where the sshd config would look something like:
PubkeyAuthentication yes PasswordAuthentication no any/any PasswordAuthentication yes 10.0.0.0/8
And no, last time I checked openssh could not do that. Either yes or no, no src address filtering.
The closest I could come up with is running two SSH servers on different port numbers and filter at the network level which src addrs can talk to which port.
There's a pretty good argument that the core difference between spacex and the defense contractors is spacex is giving up hope, at a very basic level, of selling ICBMs to dotmil. Once they give up on the dotmil market, certain engineering opportunities open, certain bureaucratic opportunities open... Otherwise the existing ICBM mfgr would simply copy spacex. Why not reduce your costs, increase your profits... if you can...
Example: Flattening your supply chain is a project killer if a congressman has an election-campaign-donating-middleman located in his district.
... market segmentation between commercial and dotmil.
In ye olden days: "Hmm we've got experience building cost is no object ICBMs, and there's a budding, although small and price sensitive commercial market... lets hit it while we can". Worked OK until real commercial competitors arrived.
They can go back to the glory days of ICBM building with the proper congressional bribes. Maybe ICBM launched drone strikes or whatever. They'll never sink as long as.mil is around.
If you demand a bad slashdot car analogy, if no one is building commuter cars, the guys who make Abrams tanks can make fat stacks of cash until Toyota arrives and kicks them out of the market... that doesn't mean the market for tanks is permanently gone or being given to Toyota. Just means the tank company is going back to building tanks, instead of econoboxes or tropical fish aquaria or monitor mounting arms or WTF they temporarily diversified into.
Now if spacex is all a scam to bootstrap into the lucrative ICBM market, then, at that time, we'll have the epic business battle of the century.
If you want another really bad analogy, I'm not sure whos on which side but its like trying to pick a fight between a 4 star restaurant and a fast food hovel. Technically you can stuff your piehole at either facility, but in practice its unlikely either will succeed in putting the other out of business.
"Tape out" is in my dad's generation they used the same tech for photolithography for both PCBs and ICs. In other words a "Draftsman" (which is kind of like a CAD operator, but manual, done by hand) using what looks like black electrical tape stripes on clear mylar sheets. Then a projector blasts UV light thru the marked up sheet onto a photosensitive copper circuit board, or silicon slice, and where the UV hits the plastic polymerizes and is "permanent" and where it doesn't, it washes away. Sorta like a photo negative enlarger but more of a shrinker than an enlarger... which is another mostly dead technology. You'll meet people who rewrite history for laughs who claim the "tape" is magnetic tape of cad drafting or maybe Verilog/VHDL. In the "biz" it means the dev team has ended work and the responsibility is now entirely on the production team (assuming it achieves production level success on the first try, without any design issues ruining yield, LOL)
"Fabless ecosystem" is fru fru talk for you outsource your manufacturing to a company (usually a competitor) you trust to give you reliable access to their best processes, while trusting them not to "pirate" your IP which is your companies only resource. Its a great idea for weird stuff where you can corner the market or R+D or teaching. Strikes me as an idiotic business model for competitive "mainstream" processors or generic commodity chips.
Actually, you know more about calculus than you think you do. In order to write a program, you must understand what the algorithm does that you're using.
Unfortunately, the algorithms I used on my TI-81 were more like, "crude text adventure parser" (stereotypical DnD dungeon) "parametric equation of a side view of a boob" (boys will be boys) and in later years when I had a HP-48 I wrote a pretty decent 68hc11 simulator using an array as memory and variables as the registers. Welcome to state machines! The '48 had pretty good hex math capabilities and I never implemented the whole instruction set, but I certainly had the basic load, store, add, branch type stuff and a crude debugger UI that could show contents of registers and memory and single step etc. My microcontroller instuctor was somewhat impressed. Also in high school I did learn a fair amount of trig on my own as I finally got a working 3d cube render-er which was a pretty stereotypical 80s home computer BASIC challenge. Basically you store the 3-d cube as an array of the corners coordinates and then plot them ignoring the Z coord, then execute a transform on all the points (there are several ways to implement this), replot, run the transform, replot, you end up with a little controllable rotating cube. Without double (triple?) buffering the flashing as it redraws is almost unbearable and you have to have a strategy to depend with floating point rounding (like not rotating the existing cube by 1 degree each time, you rotate a unit cube by a continuously varying angle (like 41 degrees X rotation this time, 42 the next etc). Its quite slow on a TI-81 but watchable and interesting from a demo-scene perspective.
I learned calc in my senior year of HS anyway, but it was much more despite having a graphing calc than because I had a graphing calc.
So this is what kids do with their "valuable educational math tools" instead of whatever curriculum the PR firm releases. Its more or less the college prep kids equivalent of when the shop kids make bongs in class instead of birdfeeders.
Wow its even bigger than I thought. Not something/.ers often hear. Interesting that no one disputes my memory that the south is geologically active and the north isn't, but there's endless squabbling about "taller than the USA" being accurate or not. I still stand by my claim that Japan is huge and an earthquake on the lower geologically active part is simply not relevant to the more or less inert north. There exists a meme and thou shall not dispute it.
Its almost exactly like a foreigner hearing about a hurricane devastating New Orleans and calling his relative in Minnesota to see if he survived the dreaded storm.
From a realism perspective, it sounds like a compare and contrast with Arma (dayz) would have been more productive than compare and contrast with something its really far away from like Quake.
There is no completely safe lower limit of ionizing radiation. It's a risk benefit situation.
Actually no, you need to talk to a telecom EE about signal to noise ratios or a statistician or a nuke industry guy about banana equivalent dose.
Depending on who's fishy numbers you use, the BED of a ctscan varies a heck of a lot but is probably around a quarter million bananas depending on your bananas and your scanner. You're wise from a dosage perspective to not ctscan people for fun, but its not a terrifying risk nor certain death, its merely about ten extra lifetimes of eating bananas, depending on how many bananas you eat, no big deal as long as you don't do it annually for a lifetime or something.
On the other hand natural background in an airliner at altitude is about a dozen bananas per hour. This is below the long term lower noise boundary for an occasional traveler, but starting to be a signal above the noise for a typical airline pilot. Your total average natural background, again depending on who's fishy numbers, is surprisingly high at about 2 BED per hour. This makes concern about "no such thing as a lower limit" dosages under 50 BED per day or under 20 kilobananas per year extremely fishy to even discuss.
Given a decent scintillation detector or an old fashioned geiger I can detect precisely one individual atomic decay. We live, naturally, in a sea of radiation that's immense orders of magnitudes higher than the minimum we can measure, with a remarkably high standard deviation, making "no lower bound" nonsense to discuss from a noise perspective.
I'm not bothering to look up what radiation these scanners use, merely pointing out that comparing watts is not what you want to be doing.
I'm no tinfoil hatter, and there's a lot more to safety than merely peak power, and there are serious differences in primary input power vs output power aka efficiency, but there's a pretty obvious argument where if you quote the giant machine thats wired to a wall socket 30 amp 440 3-phase ckt as being 4 orders of magnitude lower power than a cellphone that runs for days off a tiny little battery, something is wrong with the numbers beyond simple comparison of wattage.
Also uW/cm figures start approaching the radio-telescope and cosmic background radiation range, like someone accidentally gave you a noise level instead of a signal level figure. Unless you cheat and use lots of attenuators, its kinda hard to make an intentional radiator at that low of a level. A couple microwatts per cm equivalent is a pretty well tempest shielded faraday cage device, for example. I used to have access to a cage like that along with an array of spectrum analyzers, standardized antennas/horns, etc. I'm sure the cheapie dell I'm in front of here emits more interference than double digit uW per cm of surface, for example.
Slashdot Mirror
"These things are gold," Jeff says.
A huge mistake in that comparison.
Gold is produced by a zillion miners all over the world at a more or less long term stable labor cost
Gold can be repurposed / recycled / remanufactured pretty much infinitely
Gold at least fundamentally has a long term "drain" to the market in industrial processes and electronic connectors, etc, and a medium term "drain" as in give a girl a piece of gold jewelry and it "probably" won't be melted down for a lifetime or at least a little while anyway. So the market has both a source and a drain (no gate, so its not a FET (sorry)) and its got both short liquid traders and long term non-liquid owners. Those combined make a stable long term market.
Lego is the opposite of all of those characteristics of gold. For example, nothing stopping Lego Inc from buying short futures on the price of the classic millennium falcon, and shipping a million $50 made-in-china clones imploding the price, making serious bank off the futures and selling new identical sets to all the suckers.
He is correct that lego from an inflation standpoint is an adequate stand in for any other generic commodity. It is, fundamentally, a refined petroleum product. Made out of oil, shipped by oil... So on a long term basis should track oil, more or less. The imaginary govt propaganda inflation numbers don't count energy prices in order to keep the figures low... no great surprise that an oil surrogate product is rising in price faster than the propaganda inflation number. For a very small time investor its a pretty good commodity oil surrogate, can anyone think of a better one? Better as in a more "pure" surrogate or higher weight/volume cost density?
I started looking into local community colleges and universities, and much to my dismay, they offer neither nighttime or online courses for computer science.
Why does it have to be so nearby? My online CS degree was like 50 miles away. Made for a long drive at finals time for the proctored exams, but its only about 3 times per year. They had procedures if you're too far away, but visiting campus provided an interesting excuse to meet the profs etc. Most non-CS classes were written essay exams (no problemo, sit down and scribble for an hour), but most CS classes were large project (exhausting endless hours). Also if your local state U 2-year college doesn't offer 4th-year compilers class or whatever, that doesn't mean a local prof won't proctor your online state-U exam. I have even been "proctored" by a secretary/receptionist. Policies might have changed over the last decade or so, but this is all how it used to be.
Also most local community state-U might not offer 4th year systems analysis class, but they offer psychology of human relations or Calc I or WTF-101 and most major U are all hybrid anyway so as long as you can handle the upper level classes remote, you can take public speaking in person at the "2-year" community-U probably without even filling out transfer paperwork. Research this carefully, of course.
One HUGE flashing light warning from a guy who's survived it, is you'll see advertising copy about 10 different curricula offered, or sub-majors, or whatever, like IT/MIS and networking and web design and software engineering and embedded and classical CS, and a small local might even offer all of the required classes DURING THE DAY but at night they only offer, say, web design, or they only offer compilers at night one semester every 3 years. That was me in 2001, running like hell from a small in-person local to a "nearby" mostly online degree.
Yes yes Livia. The conspiracy theory is she was all scheming to kill, well, pretty much everyone except her son. To the point of utter ridiculousness. And the series kinda bought into it, which was a shame, although dramatic. Otherwise a more or less historically accurate show.
Space 1999 was good when I was a kid, but when I re-watched it as an adult I found it terrible -- the show needed better writing
We could list that kind of series all day. The original battlestar galactica... Buck Rogers... The A team... Frankly the bottom 25% of Star Trek TOS episodes (space hippies? spocks brain?). Seemed like pretty good stuff at the time, but seeing it again via the internet, ugh, I can't believe how much of my life was wasted watching that junk.
Some TV ages pretty well. "World at War" by the BBC, better than any documentary made by the cable networks in the last couple decades. Maybe the best documentary ever made (and yes I am considering the Ken Burns series, although his Civil War might make a good 2nd place).
I might be the only /.er to have ever watched any of I, Claudius. But man what a unhistorical hatchet job to livia (olivia?) or whatever her name was who was portrayed as a mass murderess although no one else historically thinks so (other than a couple conspiracy theory cranks).
Honestly I put less faith in the good reviews
They're not all that bad. I've had excellent results with linux compatible hardware. If someone posts "works fine under debian squeeze linux just apt-get install firmware-nonfree first" it inevitably works. Or at least I've not been burned yet.
Another example, those strange TV tuner USB dongles that people use with SDR software using the rtl-whatever-it-is driver and software... if there's 100 reviews explaining exactly how they configured it and the tuning range of the device, invariably they're correct and it did just work.
Bad tech reviews are invariably short and honest (doesn't work under linux) or long strangely public displays of general inability like a discussion of how they couldn't figure out how to burn a Ubuntu .iso file therefore this network card is useless (wtf?)
TLDR : for simple facts, my experience is good reviews are almost always correct.
but would only calculate the star rating based on purchasers' reviews.
Why not "similar purchasers" reviews? If you've spent as much money on sci fi as I have, I'd probably value your opinion about some random book. On the other hand, if you have not spent much money in that particular genre, indicating a likely lack of knowledge in the field, I'm probably not very interested. Its just one small step beyond the existing personal recommendations system. If I post a review about surface mount soldering stations, you'd best sit up straight and pay close attention, but if I post about lord of the rings you may as well not read it, or at least start laughing now (so, why didn't the eagles just drop the ring in the volcano? (don't answer just trolling)).
Stross's blog said it all a couple days ago. For those living under a rock, he's a pretty good modern sci-fi / horror type author. Disclaimer, probably biased toward him for having similar religious beliefs.
http://www.antipope.org/charlie/blog-static/2012/12/understanding-reviewers.html
TLDR poorly done summary interpretation:
Dumb people don't like feeling dumb, so most 1 star reviews are illiterate trailer trash... and the writing quality clearly reflects it. Ignore.
Hard core fans will rate everything you do as 5 stars. Meaningless. Ignore. So he doesn't like my reviews. Whatever.
A U shaped curve indicates nothing about quality and everything about high impact, also the opposite n shaped curve indicates apathy and low impact.
So.... applied to the article, first, analyze the shape of the "star" curve. Next, toss out any reviews that appear to be written in crayon by illiterates. Toss out any review where everything the author has ever written gets 5 stars. Analyze the remaining reviews by content... "apathy words" in the 3-star column of the histogram are bad news, etc.
Yeah I donno about that. "My time" for the train is like 15 minutes to get aboard and literally 5 minutes to cross the street on the NYC side. "My time" for the airplane is a half hour out to the airport in the middle of nowhere and parking, two hours sitting around for security theater playtime, you can't do what you want on a plane so thats about two hours lost during flight time, and finally a nice $50 hour long cab ride on the NYC side, so that's like 5 hours of "my time" if flying.
As for the restaurant, the amtrak food was "nice" sure not a $200 steak house but no worse than a family restaurant, and the cabin was comfortable enough to sleep in. I had a little sleeper cabin with desk, one entire wall is a giant window, and all that.
Booze? Oh god yes. Some day you should take an observation car out west where the obs car has a bar in the middle of the top floor (the observation area). The west coast trains are double decker two floor and much nicer than the east coast single floor dumpy-trains. None the less booze is booze... Nicotine addicts would have serious issues with Amtrak, but the alkies will be just fine, well lubricated, whatever. Also if you have a cabin unless they're peeking in the windows you can drink or eat whatever you can haul aboard...
Its all marketing
The first trains on the new route hit 300 kph (186 mph)
That's the problem with "high speed rail" it means anything over 100 mph even if just for a short segment. Its not going 500 MPH the whole way. Its not even twice as fast as existing USA trains.
I've taken the train between Chicago and Milwaukee many times, if you have a handheld GPS you see it hit 100 MPH for several segments. Also, I took the overnight train from Chicago to NYC for the 2600 hope convention some years ago, it did hit 100 mph at one point.
I will say that 1500 miles is about perfect at "high" china speed, much as 1000 miles is about perfect on USA 80 mph trains. You step aboard before a late dinner, eat a nice relaxing steak dinner watching corn fields roll by, great nights sleep, breakfast time, and here I am in NYC across the street (literally) from the conference. Fun fun fun.
(years ago) I used to get blasted at home from China IP addrs trying various root passwords. Flooding my logs with failures. Since then I only allow key auth from the untrustable internet. I'd never allow password auth over the internet. Copying a key is not a big deal. Or logging into another machine that I know has a key, etc.
On the LAN, if some clown gets infected and port scanning / password scanning, I can literally walk over and physically take care of it.
besides the obvious "because we can" that is ?
You'll have to ask them for sure.
Something I know, that hasn't been mentioned, is freescale released at least some cores under an at least sorta-free license near a decade ago, so I would think it amusing to make a multi-machine build farm out of a big FPGA (or board full of FPGAs...) At least way back then, there were not many options for running linux on a (official released) FPGA soft core. I would imagine there are more options now if you want to run linux on a (official) soft core.
We just put the password in another file, and use a script to handle it.
Naah just put the password on the command line. What could possibly go wrong?
(Note, just kidding)
At one point I had at work an implementation looking a lot like the Debian development anon-ftp system... Sure, upload whatever you want, but if its more than 5 minutes old and has no valid GPG signature, then it gets wiped. On the other hand if its got a valid GPG sig, trust it and run it. If you're going to put an anon ftp server on the internet you need to partition upload and download so as not to become a warez site. I suppose if there was a buffer overflow in GPG (or the ftp server, or my lame little wrapper script) I would have been pretty well screwed. Also put some sensible limits on it for ddos reduction.
"Run any script you see, as long as its got a valid GPG sig..." is a pretty simple wrapper. Authenticate the code, not the transfer, more or less. Essentially, a crude DRM system... I wish this design/pattern were more "mainstream".
Its a mess. In more detail.
The pass phrase never leaves the client, right, so you'd have to magically protect against trojaned client that lies and pinky swears that it really did check.
Or send the passphrase cleartext to the server for the server to test it. That would be bad. Of course if you had a trustable connection between, then you could safely transfer the passphrase to the server for testing, but then you'd already trust the link so it would be pointless.
The solution is after you set up the trusted link you send the passphrase over the link and have the server verify the phrase and dump the connection if it fails.
There's probably some horrible failure mode where if a server is owned then you're really screwed because now it has your passphrase which is probably your gmail password and xbox password and who knows what else.
Kerberos does it (somewhat) better.
So rather than scare people about poor key management, let's scare people about bad passwords -- which is nearly all passwords.
Hey slashdot does anyone have an implementation where the sshd config would look something like:
PubkeyAuthentication yes
PasswordAuthentication no any/any
PasswordAuthentication yes 10.0.0.0/8
And no, last time I checked openssh could not do that. Either yes or no, no src address filtering.
The closest I could come up with is running two SSH servers on different port numbers and filter at the network level which src addrs can talk to which port.
Would have been a lot funnier if they did
cat somekey > ~/.ssh/authorized_keys
rather than
cat somekey >> ~/.ssh/authorized_keys
I suppose that is one way to "solve" the problem.
What do you use to log in from one machine into another, telnet? Or instead of scp you ftp stuff?
Also I have several boxes where the only way I can run "X" GUI stuff (at home, my mythtv backends) is via SSH X11 forwarding.
There's a pretty good argument that the core difference between spacex and the defense contractors is spacex is giving up hope, at a very basic level, of selling ICBMs to dotmil. Once they give up on the dotmil market, certain engineering opportunities open, certain bureaucratic opportunities open... Otherwise the existing ICBM mfgr would simply copy spacex. Why not reduce your costs, increase your profits... if you can...
Example: Flattening your supply chain is a project killer if a congressman has an election-campaign-donating-middleman located in his district.
Their only hope of survival is ...
... market segmentation between commercial and dotmil.
In ye olden days: "Hmm we've got experience building cost is no object ICBMs, and there's a budding, although small and price sensitive commercial market... lets hit it while we can". Worked OK until real commercial competitors arrived.
They can go back to the glory days of ICBM building with the proper congressional bribes. Maybe ICBM launched drone strikes or whatever. They'll never sink as long as .mil is around.
If you demand a bad slashdot car analogy, if no one is building commuter cars, the guys who make Abrams tanks can make fat stacks of cash until Toyota arrives and kicks them out of the market... that doesn't mean the market for tanks is permanently gone or being given to Toyota. Just means the tank company is going back to building tanks, instead of econoboxes or tropical fish aquaria or monitor mounting arms or WTF they temporarily diversified into.
Now if spacex is all a scam to bootstrap into the lucrative ICBM market, then, at that time, we'll have the epic business battle of the century.
If you want another really bad analogy, I'm not sure whos on which side but its like trying to pick a fight between a 4 star restaurant and a fast food hovel. Technically you can stuff your piehole at either facility, but in practice its unlikely either will succeed in putting the other out of business.
"Tape out" is in my dad's generation they used the same tech for photolithography for both PCBs and ICs. In other words a "Draftsman" (which is kind of like a CAD operator, but manual, done by hand) using what looks like black electrical tape stripes on clear mylar sheets. Then a projector blasts UV light thru the marked up sheet onto a photosensitive copper circuit board, or silicon slice, and where the UV hits the plastic polymerizes and is "permanent" and where it doesn't, it washes away. Sorta like a photo negative enlarger but more of a shrinker than an enlarger... which is another mostly dead technology. You'll meet people who rewrite history for laughs who claim the "tape" is magnetic tape of cad drafting or maybe Verilog/VHDL. In the "biz" it means the dev team has ended work and the responsibility is now entirely on the production team (assuming it achieves production level success on the first try, without any design issues ruining yield, LOL)
"Fabless ecosystem" is fru fru talk for you outsource your manufacturing to a company (usually a competitor) you trust to give you reliable access to their best processes, while trusting them not to "pirate" your IP which is your companies only resource. Its a great idea for weird stuff where you can corner the market or R+D or teaching. Strikes me as an idiotic business model for competitive "mainstream" processors or generic commodity chips.
Actually, you know more about calculus than you think you do. In order to write a program, you must understand what the algorithm does that you're using.
Unfortunately, the algorithms I used on my TI-81 were more like, "crude text adventure parser" (stereotypical DnD dungeon) "parametric equation of a side view of a boob" (boys will be boys) and in later years when I had a HP-48 I wrote a pretty decent 68hc11 simulator using an array as memory and variables as the registers. Welcome to state machines! The '48 had pretty good hex math capabilities and I never implemented the whole instruction set, but I certainly had the basic load, store, add, branch type stuff and a crude debugger UI that could show contents of registers and memory and single step etc. My microcontroller instuctor was somewhat impressed. Also in high school I did learn a fair amount of trig on my own as I finally got a working 3d cube render-er which was a pretty stereotypical 80s home computer BASIC challenge. Basically you store the 3-d cube as an array of the corners coordinates and then plot them ignoring the Z coord, then execute a transform on all the points (there are several ways to implement this), replot, run the transform, replot, you end up with a little controllable rotating cube. Without double (triple?) buffering the flashing as it redraws is almost unbearable and you have to have a strategy to depend with floating point rounding (like not rotating the existing cube by 1 degree each time, you rotate a unit cube by a continuously varying angle (like 41 degrees X rotation this time, 42 the next etc). Its quite slow on a TI-81 but watchable and interesting from a demo-scene perspective.
I learned calc in my senior year of HS anyway, but it was much more despite having a graphing calc than because I had a graphing calc.
So this is what kids do with their "valuable educational math tools" instead of whatever curriculum the PR firm releases. Its more or less the college prep kids equivalent of when the shop kids make bongs in class instead of birdfeeders.
AKA I'm a CPAN programmer not a Perl programmer. Works for me! Wake me when another language has the depth of CPAN. I might switch, then. Maybe.
Wow its even bigger than I thought. Not something /.ers often hear. Interesting that no one disputes my memory that the south is geologically active and the north isn't, but there's endless squabbling about "taller than the USA" being accurate or not. I still stand by my claim that Japan is huge and an earthquake on the lower geologically active part is simply not relevant to the more or less inert north. There exists a meme and thou shall not dispute it.
Its almost exactly like a foreigner hearing about a hurricane devastating New Orleans and calling his relative in Minnesota to see if he survived the dreaded storm.
From a realism perspective, it sounds like a compare and contrast with Arma (dayz) would have been more productive than compare and contrast with something its really far away from like Quake.
There is no completely safe lower limit of ionizing radiation. It's a risk benefit situation.
Actually no, you need to talk to a telecom EE about signal to noise ratios or a statistician or a nuke industry guy about banana equivalent dose.
Depending on who's fishy numbers you use, the BED of a ctscan varies a heck of a lot but is probably around a quarter million bananas depending on your bananas and your scanner. You're wise from a dosage perspective to not ctscan people for fun, but its not a terrifying risk nor certain death, its merely about ten extra lifetimes of eating bananas, depending on how many bananas you eat, no big deal as long as you don't do it annually for a lifetime or something.
On the other hand natural background in an airliner at altitude is about a dozen bananas per hour. This is below the long term lower noise boundary for an occasional traveler, but starting to be a signal above the noise for a typical airline pilot. Your total average natural background, again depending on who's fishy numbers, is surprisingly high at about 2 BED per hour. This makes concern about "no such thing as a lower limit" dosages under 50 BED per day or under 20 kilobananas per year extremely fishy to even discuss.
Given a decent scintillation detector or an old fashioned geiger I can detect precisely one individual atomic decay. We live, naturally, in a sea of radiation that's immense orders of magnitudes higher than the minimum we can measure, with a remarkably high standard deviation, making "no lower bound" nonsense to discuss from a noise perspective.
I'm not bothering to look up what radiation these scanners use, merely pointing out that comparing watts is not what you want to be doing.
I'm no tinfoil hatter, and there's a lot more to safety than merely peak power, and there are serious differences in primary input power vs output power aka efficiency, but there's a pretty obvious argument where if you quote the giant machine thats wired to a wall socket 30 amp 440 3-phase ckt as being 4 orders of magnitude lower power than a cellphone that runs for days off a tiny little battery, something is wrong with the numbers beyond simple comparison of wattage.
Also uW/cm figures start approaching the radio-telescope and cosmic background radiation range, like someone accidentally gave you a noise level instead of a signal level figure. Unless you cheat and use lots of attenuators, its kinda hard to make an intentional radiator at that low of a level. A couple microwatts per cm equivalent is a pretty well tempest shielded faraday cage device, for example. I used to have access to a cage like that along with an array of spectrum analyzers, standardized antennas/horns, etc. I'm sure the cheapie dell I'm in front of here emits more interference than double digit uW per cm of surface, for example.