My bad. I know in theory they shouldn't, but I thought the article was saying they were not properly handling equal hashes; especially since one link talked about collision avoidance. Reading about it some more that isn't correct; thanks for the clarification, please mod my post down.
In theory, could you submit a legitimate value for key 1. That value then is the one that gets validated. Could you then submit a second value with key 2 that hash's to the same value as key 1 overwriting the data for key 1 in the data structure. Since the application isn't expecting a get/post value with key 2 the data never gets validated. When the value for key 1 is retreived, the hashes have collided the the data for key 2 is retreived.
Thinking about PHP, the collision would occur before the script executes, so validation should get key2's value and thus validation should value. It might not be the best failure mode, but validation should catch the error. Is that a good assumption and is that true for all the implementations? I think this is theoretical, but I can't convince myself to ignore the possibility either.
It might help if they didn't still use Emergency Broadcast System during the required weekly tests. If that's the name they use, I don't think its that outrageous to still call it that.
I think you bring up some really good points about fees that cell phone companies charge, but I think this is an easy case where you say the cell phone companies are not allowed to charge for these messages and that they by default go to all numbers although I could see allowing an opt-out list (i.e. we have cell phones on most of our vehicles to let them report location, speed etc to us, and the cell phones are in enclosure where the driver can't get to them, so the message notification could get annoying for the drivers).
Overall I really think this is a good idea. Luckily we have pretty good tornado sirens where I live, but I've been at the pool on a beautiful day with the kids before only to have the tornado sirens go off and within 20 minutes there be a really bad storm. I've also really complained about the lack of traffic information; one day they closed S.R. 161 but they just had a police officer there directing you to not go on the on ramp without any explanation. They closed it as it was very icy and cars (including the salt trucks) were merely sliding off of it. My daughter's day care was on the corner of 161, so I wanted to know why the road was closed, for how far, expected open time etc. Another time this would have been useful was when a firetruck overturned in front of my apartment complex. It was just south of the entrance, so Columbus police were directing residents to approach if from the north while Blendon officers (who were there as a courtesy as its outside their jurisdiction although they share the department whose firetruck overturned) were threatening to arrest people who tried to approach from the North or who got out to tell them CPD was directing them there and did they have an ETA when they could go home (several of my neighbors were arrested and the situation didn't get better until wifes complained to CPD who used a parking lot to go around the accident and relieved Blendon).
Showing an ID is very different from giving them an address.
I recently got a landline and I was not required to show any form of ID. This was around February of this year (2010) in Columbus, OH from AT&T.
You may not be using intel's compiler, but in the scientific community I knew people who wear by it and those same people spend a lot of money on hardware (adding hundreds of nodes to clusters annually).
Has anyone used any of the services that let you put your music into the online distribution channels without a label? Can anyone recommend one?
I can google just like anyone else, so I'm not looking for a list so much as recommendations.
Thanks,
Bill
Thank you!
My daughter used to love playing with toys traditionally associated with boys. A big part of this is that her mother used to frequently (6-7 days a week, 8+ hours) watch her male cousin who is only a year older. My daughter's ALWAYS had a girly girl component interested in jewelry, make-up, fashion etc, but her favorite toys were toys car/trucks, trains, playing in the dirt, and worms (although the girly girl portion hates bugs, but worms some how are okay) etc.
Then during Kindergarden it changed. I first had the evidence needed when she tried throwing her toy cars away saying they were boy toys. I asked her why she was crying and she said because said girl can't play with cars. I of course called the teacher and when she insisted she wasn't sexist, I called the prinipal and said explicitly I'm not calling her a sexist, I AM saying that she made an impression on my daughter that she wasn't allowed to play with certain toys because they were for boys. All the principal would do was insist the teacher wasn't sexist. Frankly, if the teacher was, at least then I could understand the problem. If she isn't why is my request that she be more careful about what she says (this wasn't the first sexist problem; I'm a single dad and the teacher kept telling my daughter have your mom buy you a new back pack because I don't like this one even after I wrote her numerous notes saying I'm a single dad and day-to-day purchases and care are my responsibility) and sit down and tell my daughter it was just a misunderstanding and she can play with things like cars if she wants to.
Its only been since her mom got her an EEE-pc for Christmas this year (First grade) that I've really seen a change. Suddenly she's interested in computers and asking me how our wireless internet works. If I'm on the computer, she asks if I'm fixing it and if so how. Or she found the astronomy program and she's wanting to look at stars. Or she used to be REALLY into biology since she saw her uncle gut a fish, and she's asking to look up things on what the insides of animals look like. I don't think I would have bought a first grader a laptop, but its brought my daughter back.
I know of several photographers who operate this way.
I first encountered this with my daughter's day care. Once a year they bring in a professional photographer who send home permission slips a head of time explaining they will be there to take pictures and the procedures for ordering copies. About 2 weeks after the pictures are taken, they show back up for two days with the prints for a package. You can either custom order, buy part of what they have, or if you buy the whole package (about $100) they also mail you a cdrom with the pictures and a letter explicitly assigning the copyright of the pictures to you (in case you try to get prints later and they give you a hard time). I was primarily impressed since I've always seen where school pictures where an order a head thing (and I had just done my daughter's through her school that way and they were horrible) so I really liked the idea of seeing before I bought. Second of all I was impressed that they were very upfront about the cd and the copyright assignment that would come with it.
The second place I know of where this is possible are the photography places in most Sears. My daughter's mom worked at one and their procedure was to take the pictures and then help you order prints (charging WAY too much for them). Then when you came to pick them up they would offer you "specials" which were basically the same print options you saw before but discounted (they figured you already spent the money you were budgeting up front, so now they try to offer you a deal to get the impulse buy). The one option they added was a cd of the images with a copyright assignment.
Finally, when my former co-worker got married the photographer explained the great lengths she went to keep backups of the pictures so that him not receiving an electronic copy was not a big deal. He countered how with things like digital pictures frames, wanting to share the pictures online, and the fact she could go out of business all made him not receiving the digital copies a big deal to him. After a bit of discussion in which the photographer was assured he would respect her copyright they came to an agreement that all prints would be order through her but he would get unlimited rights to digital copies. All-in-all not a bad deal and it only upped the price by about $100.
I'll concede my sister couldn't find a photographer willing to make the same deal (she's in a small town) but there are at least some of photographers willing to work this way. I know my daughter's mom dislikes the idea because she has an art degree and getting paid per unit time makes her a craftsman not an artist, but working at sears has diminished her ego enough to accept it. (She doesn't get the concept of a day job).
What the parent said isn't completely true. CPA's have a lot of protection, even if you do get in trouble. The reason CPA's demand protection is becuase they can't be sure that what you are giving them is truely everything. At least that's how my mom, a CPA, explained it to me.
There have been people found before who should have contracted the disease who didn't. Basically they receptor that's needed isn't there or is damaged. I saw it on tv two years or so ago.
I didn't RTFA, but I know with our red hat enterprises boxes, I've started firewalling them on the local level. We're beind a departmental firewall, but this way if there's ever a worm for linux etc, its one more thing they have to by-pass. Is it possible, sure, but it took two lines to do and so I figured it was worth the effort.
As I said in a comment above, our departmental firewall also allows all outgoing traffic unless it meets some conditions, part 25 not from our mail server being one of them.
Maybe the comment is from a company whom we might not like all their suggestions, but this one is very valid. I'm a student worker for a department at a large univeristy, and I know our firewall it setup so outgoing requests are allowed unless they meet certain criteria (one being port25 not from our mail server), so they idea isn't new, and therefore we don't have a fear of them trying to collect any sort of royalties. So we have nothing to loose from this its a good idea and the more publicity it gets the better. So what's your problem?
First of all, very few doctors use pagers these days. Back in the day of car phones, sure my dad had a pager. But when they switched to cell phones, the big question was why do we need pagers when we have cell phones.
The problem with blocking cell phones in theatures etc. comes first of all with parents (I would have serious problems controling myself if I found out my ex was trying to call me about my daughter, and I was unable to get the call due to ajmming), but also what about people like doctrs. In my home town (fairly small) there are three pathologists. Each specializes in a different area. So one if on call and goes in, but is unsure, so he calls the one who has an interst in that area of pathology. It works out well. So basically by blocking it, you are effectively keeping them from providing proper treatment.
One poster said he didn';t want ot hear about how Dell didn't ship a persons company those computers, my question is why would some one be talking? I always try to find a fairly private place ot talk, but I would like it if my phone would vibrate in the theature. I would stop outside to actually talk however. I think that's the true solution.
Lindows isn't giving up. If you look at it, they will continue to operate as Lindows INC in the us, and they are going to continue fighting for the right to Lindows. Eventually going to the state department with the (hopeful) ruling that windows is generic. Grant, IANAL, but they seem to think there is precidence. If true, then maybe they could get the European (sorry I can't remember which countries) ruling that it is illegal for anyone from their country to be able to access lindows.com reversed. In the mean time, they are loosing too much money, and they are loosing out on potential market share. Its not them giving up, its about them trying to ensure they can keep up the fight as long as possible.
One of the phone line's at my parents (I'm a college student) is cheaper because it a "special" dialup line. Basically we agree not ot talk on it, and have to pay extra if we talk on it, vs using it to surf the web. So its actually the inverse of what you are talking about.
West VIrginia is sitll at.1 last time I checked, though they have tried lowering it to.08. ACtually come to think of it, I think it was lowered, or else they woulda lost federal funding. Anyone know?
Violations Reset: Programmable. If the predetermined number of violations occurs during a monitoring period, an early inspection is required within three (3) days. Failure to report will result in immobilization of the vehicle. Violations are quickly identified and reported to the jurisdiction.
Okay so I go to college out of state (though neither my home state or the state of attendance is NM). But if I had to have one of these things, when it malfunctioned parked in the university lot and I didn't know about it until three days laters, I'm just fucked? I mean how am I suppose to get home if the vehicle won't move. What about if I go out of town and it malfunctions?
Slashdot Mirror
My bad. I know in theory they shouldn't, but I thought the article was saying they were not properly handling equal hashes; especially since one link talked about collision avoidance. Reading about it some more that isn't correct; thanks for the clarification, please mod my post down.
Could this be more then a giant DDoS bug?
In theory, could you submit a legitimate value for key 1. That value then is the one that gets validated. Could you then submit a second value with key 2 that hash's to the same value as key 1 overwriting the data for key 1 in the data structure. Since the application isn't expecting a get/post value with key 2 the data never gets validated. When the value for key 1 is retreived, the hashes have collided the the data for key 2 is retreived.
Thinking about PHP, the collision would occur before the script executes, so validation should get key2's value and thus validation should value. It might not be the best failure mode, but validation should catch the error. Is that a good assumption and is that true for all the implementations? I think this is theoretical, but I can't convince myself to ignore the possibility either.
It might help if they didn't still use Emergency Broadcast System during the required weekly tests. If that's the name they use, I don't think its that outrageous to still call it that.
I think you bring up some really good points about fees that cell phone companies charge, but I think this is an easy case where you say the cell phone companies are not allowed to charge for these messages and that they by default go to all numbers although I could see allowing an opt-out list (i.e. we have cell phones on most of our vehicles to let them report location, speed etc to us, and the cell phones are in enclosure where the driver can't get to them, so the message notification could get annoying for the drivers). Overall I really think this is a good idea. Luckily we have pretty good tornado sirens where I live, but I've been at the pool on a beautiful day with the kids before only to have the tornado sirens go off and within 20 minutes there be a really bad storm. I've also really complained about the lack of traffic information; one day they closed S.R. 161 but they just had a police officer there directing you to not go on the on ramp without any explanation. They closed it as it was very icy and cars (including the salt trucks) were merely sliding off of it. My daughter's day care was on the corner of 161, so I wanted to know why the road was closed, for how far, expected open time etc. Another time this would have been useful was when a firetruck overturned in front of my apartment complex. It was just south of the entrance, so Columbus police were directing residents to approach if from the north while Blendon officers (who were there as a courtesy as its outside their jurisdiction although they share the department whose firetruck overturned) were threatening to arrest people who tried to approach from the North or who got out to tell them CPD was directing them there and did they have an ETA when they could go home (several of my neighbors were arrested and the situation didn't get better until wifes complained to CPD who used a parking lot to go around the accident and relieved Blendon).
Showing an ID is very different from giving them an address. I recently got a landline and I was not required to show any form of ID. This was around February of this year (2010) in Columbus, OH from AT&T.
Slight correction: date of birth is one of the census questions. I have received my census, but see item 7 on the following page for confirmation: http://2010.census.gov/2010census/how/interactive-form.php
You may not be using intel's compiler, but in the scientific community I knew people who wear by it and those same people spend a lot of money on hardware (adding hundreds of nodes to clusters annually).
Has anyone used any of the services that let you put your music into the online distribution channels without a label? Can anyone recommend one? I can google just like anyone else, so I'm not looking for a list so much as recommendations. Thanks, Bill
Thank you! My daughter used to love playing with toys traditionally associated with boys. A big part of this is that her mother used to frequently (6-7 days a week, 8+ hours) watch her male cousin who is only a year older. My daughter's ALWAYS had a girly girl component interested in jewelry, make-up, fashion etc, but her favorite toys were toys car/trucks, trains, playing in the dirt, and worms (although the girly girl portion hates bugs, but worms some how are okay) etc. Then during Kindergarden it changed. I first had the evidence needed when she tried throwing her toy cars away saying they were boy toys. I asked her why she was crying and she said because said girl can't play with cars. I of course called the teacher and when she insisted she wasn't sexist, I called the prinipal and said explicitly I'm not calling her a sexist, I AM saying that she made an impression on my daughter that she wasn't allowed to play with certain toys because they were for boys. All the principal would do was insist the teacher wasn't sexist. Frankly, if the teacher was, at least then I could understand the problem. If she isn't why is my request that she be more careful about what she says (this wasn't the first sexist problem; I'm a single dad and the teacher kept telling my daughter have your mom buy you a new back pack because I don't like this one even after I wrote her numerous notes saying I'm a single dad and day-to-day purchases and care are my responsibility) and sit down and tell my daughter it was just a misunderstanding and she can play with things like cars if she wants to. Its only been since her mom got her an EEE-pc for Christmas this year (First grade) that I've really seen a change. Suddenly she's interested in computers and asking me how our wireless internet works. If I'm on the computer, she asks if I'm fixing it and if so how. Or she found the astronomy program and she's wanting to look at stars. Or she used to be REALLY into biology since she saw her uncle gut a fish, and she's asking to look up things on what the insides of animals look like. I don't think I would have bought a first grader a laptop, but its brought my daughter back.
I know of several photographers who operate this way.
I first encountered this with my daughter's day care. Once a year they bring in a professional photographer who send home permission slips a head of time explaining they will be there to take pictures and the procedures for ordering copies. About 2 weeks after the pictures are taken, they show back up for two days with the prints for a package. You can either custom order, buy part of what they have, or if you buy the whole package (about $100) they also mail you a cdrom with the pictures and a letter explicitly assigning the copyright of the pictures to you (in case you try to get prints later and they give you a hard time). I was primarily impressed since I've always seen where school pictures where an order a head thing (and I had just done my daughter's through her school that way and they were horrible) so I really liked the idea of seeing before I bought. Second of all I was impressed that they were very upfront about the cd and the copyright assignment that would come with it.
The second place I know of where this is possible are the photography places in most Sears. My daughter's mom worked at one and their procedure was to take the pictures and then help you order prints (charging WAY too much for them). Then when you came to pick them up they would offer you "specials" which were basically the same print options you saw before but discounted (they figured you already spent the money you were budgeting up front, so now they try to offer you a deal to get the impulse buy). The one option they added was a cd of the images with a copyright assignment.
Finally, when my former co-worker got married the photographer explained the great lengths she went to keep backups of the pictures so that him not receiving an electronic copy was not a big deal. He countered how with things like digital pictures frames, wanting to share the pictures online, and the fact she could go out of business all made him not receiving the digital copies a big deal to him. After a bit of discussion in which the photographer was assured he would respect her copyright they came to an agreement that all prints would be order through her but he would get unlimited rights to digital copies. All-in-all not a bad deal and it only upped the price by about $100.
I'll concede my sister couldn't find a photographer willing to make the same deal (she's in a small town) but there are at least some of photographers willing to work this way. I know my daughter's mom dislikes the idea because she has an art degree and getting paid per unit time makes her a craftsman not an artist, but working at sears has diminished her ego enough to accept it. (She doesn't get the concept of a day job).
What the parent said isn't completely true. CPA's have a lot of protection, even if you do get in trouble. The reason CPA's demand protection is becuase they can't be sure that what you are giving them is truely everything. At least that's how my mom, a CPA, explained it to me.
There have been people found before who should have contracted the disease who didn't. Basically they receptor that's needed isn't there or is damaged. I saw it on tv two years or so ago.
I didn't RTFA, but I know with our red hat enterprises boxes, I've started firewalling them on the local level. We're beind a departmental firewall, but this way if there's ever a worm for linux etc, its one more thing they have to by-pass. Is it possible, sure, but it took two lines to do and so I figured it was worth the effort. As I said in a comment above, our departmental firewall also allows all outgoing traffic unless it meets some conditions, part 25 not from our mail server being one of them.
Maybe the comment is from a company whom we might not like all their suggestions, but this one is very valid. I'm a student worker for a department at a large univeristy, and I know our firewall it setup so outgoing requests are allowed unless they meet certain criteria (one being port25 not from our mail server), so they idea isn't new, and therefore we don't have a fear of them trying to collect any sort of royalties. So we have nothing to loose from this its a good idea and the more publicity it gets the better. So what's your problem?
First of all, very few doctors use pagers these days. Back in the day of car phones, sure my dad had a pager. But when they switched to cell phones, the big question was why do we need pagers when we have cell phones.
The problem with blocking cell phones in theatures etc. comes first of all with parents (I would have serious problems controling myself if I found out my ex was trying to call me about my daughter, and I was unable to get the call due to ajmming), but also what about people like doctrs. In my home town (fairly small) there are three pathologists. Each specializes in a different area. So one if on call and goes in, but is unsure, so he calls the one who has an interst in that area of pathology. It works out well. So basically by blocking it, you are effectively keeping them from providing proper treatment.
One poster said he didn';t want ot hear about how Dell didn't ship a persons company those computers, my question is why would some one be talking? I always try to find a fairly private place ot talk, but I would like it if my phone would vibrate in the theature. I would stop outside to actually talk however. I think that's the true solution.
Lindows isn't giving up. If you look at it, they will continue to operate as Lindows INC in the us, and they are going to continue fighting for the right to Lindows. Eventually going to the state department with the (hopeful) ruling that windows is generic. Grant, IANAL, but they seem to think there is precidence. If true, then maybe they could get the European (sorry I can't remember which countries) ruling that it is illegal for anyone from their country to be able to access lindows.com reversed. In the mean time, they are loosing too much money, and they are loosing out on potential market share. Its not them giving up, its about them trying to ensure they can keep up the fight as long as possible.
One of the phone line's at my parents (I'm a college student) is cheaper because it a "special" dialup line. Basically we agree not ot talk on it, and have to pay extra if we talk on it, vs using it to surf the web. So its actually the inverse of what you are talking about.
West VIrginia is sitll at .1 last time I checked, though they have tried lowering it to .08. ACtually come to think of it, I think it was lowered, or else they woulda lost federal funding. Anyone know?
Violations Reset: Programmable. If the predetermined number of violations occurs during a monitoring period, an early inspection is required within three (3) days. Failure to report will result in immobilization of the vehicle. Violations are quickly identified and reported to the jurisdiction.
Okay so I go to college out of state (though neither my home state or the state of attendance is NM). But if I had to have one of these things, when it malfunctioned parked in the university lot and I didn't know about it until three days laters, I'm just fucked? I mean how am I suppose to get home if the vehicle won't move. What about if I go out of town and it malfunctions?