Maybe things have changed since then? I would be surprised if the German government and its subcontractors have seriously been able to compromise Skype through man-in-the-middle attacks, but would not be surprised if a single end-point were compromised.
Obviously the evolutionary time-scale for biological change is too long for this to be related to the Flynn effect, but I wonder if there isn't some other link between the two.
A more "out there" hypothesis might include something like Sheldrake's morphogenetic field, only at a global level -- i.e., that as human beings perform more and more such IQ tests, then through some unexplained mechanism, other human beings might potentially become better at doing them. This is reminiscent of David Brin's Practice Effect.
Some of the issues raised in this are things I have blogged about, here and more recently here.
Modern television is by many to be considered solely a form of entertainment -- a mechanism for television channels to deliver their true product to customers, i.e., consumer attention for advertisers. I feel however that it has a different meaning, where we can use the TV shows that someone professes to enjoy as a kind of Socratic mirror, in which is reflected the true intentions, ideals, likes and fears of the viewer.
So, what are we to make of the current plethora of television shows which grace our TV screens (or Bit Torrent trackers?) Can we learn something about our Western culture (I am confining myself to the current "Rex Artis" or cultural hegemony of the USA and its satellites in Australia, UK, New Zealand and even Canada) by identifying the themes which rise to the surface?
This class of CAPTCHA is not always going to work first time, every time. It depends upon the subjective opinion or skill of the user. In my view, the ultimate CAPTCHA has been released:
I fully concur with the above comment, and strongly recommend adoption of the ISO27001 series of standard (there is also ISO27002, 3, with more to come.)
I've written a paper on how to approach this, available here (PDF.)
I was disappointed by the title, since it hints at security convergence -- but completely fails to explore the space where my company is active, which is integrating physical security monitoring (alarm systems, environmental controls, UPS monitoring) with data security controls (IDS, network autodiscovery, scanning at Layer 2, 3 and 4), etc.
And good encryption is an envelope which only the intended recipient can open, while poorly implemented encryption means that your government might be opening the envelope and reading the contents without your knowledge.
I was discussing this with a colleague, who insisted it could be done by combining streaming protocols with a swarming protocol like BitTorrent. I was skeptical, and pointed to the lack of success of multicast protocols as indicative that the technology to stream to large numbers of consumers already existed, but wasn't supported by the ISPs or by client software.
After thinking about it, I realized he was right. Multicasting will never work due to apathy of the ISPs, so it will have to be built into the application. Take a HD stream, and introduce a fixed delay that would be acceptable to consumers -- such as 10 minutes. Begin a swarming protocol like BitTorrent, but with a statistical weighting so that packets near the beginning of the stream earn a higher priority than those near the end (of the 10 minute window.)
In theory (according to some back of the envelope queueing theory calculations), it should be possible to ensure that 97% of the packets are there within 10 minutes with an average swarm size and typical xDSL bandwidth -- and if you're running a lossy protocol based on UDP, it won't matter too much about the occasional artefact occurring in the stream if the client player interpolates well.
The benefits of this approach for media providers is if they use a signing system with closed source client (both for Windows and Linux), then they could introduce non-skippable adverts and limited DRM, whilst also saving hugely on bandwidth by leveraging from BitTorrent's advantages.
I hereby release the above idea into the Public Domain, but retain the right to be credited as its originator (unless someone can demonstrate prior art.)
This is an amazing first novel for a woman writer, with believable characters and interesting approach to world deconstruction. To really appreciate it, you should be somewhat familiar with the works of English 19th Century fiction, including Thomas Hardy, the Brontes, and especially Jane Austen. In some ways it's a cross between Jane Austen and Tolkien, but with a little Pratchett-esque humour.
Once you've finished it, and if you've acquired a taste for historical fiction with an SF&F spin, then check out Neal Stephenson's Quicksilver (first volume of the excellent Baroque Cycle trilogy.) It's got everything from cryptography, alchemy, monadism, pirates, hangings, torture through to sword fights, exciting chases and doomed love stories in world-wide adventure. Great stuff!
For those of us who aren't quite ready to disappear "off grid", you can make a positive contribution to your own (and your childrens') future by working to reduce your Carbon Emissions. If you are a home owner, start by looking at Solar Collectors, improving insulation, better economy vehicles, etc.
I seem to be missing a feature I expect -- I want to tell eBay that I should be notified via email whenever a new auction starts that matches some search criteria I specify. How can they not offer this capability, or do I have to use a third party scraper to do it?
http://cq.cx/proxmarkii.pl provides a nice article on how one Canadian guy designed a small hardware solution for cloning RFID tags. It should be very clear that RFID is NOT secure -- it's actually more likely to be insecure, in spite of the vendors who are offering tin-foil hats for their RFID cards.
Without bothering to RTFA, it seems to me that they're not really talking about a library of known attacks like Nessus or EEye, but rather are discussing something like an automated tool that generates hundreds of thousands or even millions of potential attack vectors, similar to Spike or Scratch. For a nice roundup of Fuzzing links, check here. Note that Mu security is already listed.
N.B. mu is a nice Japanese Zen word which means emptiness of mind, or literally "nothing."
If you are looking for a nice, free and easy way to install MySQL for Windows, then I strongly recommend XAMPP. I used it for installing my Open Source Information Asset Register, the Database of Managed Objects.
Currently, there are hundreds of thousands, if not millions, of potentially vulnerable Windows systems connected to broadband connections, due to vulnerabilities like the WMF issue. Although we haven't seen any widely-deployed worms or other mobile exploits so far (maybe they exist, but are well hidden), many in the security community see this as a ticking time bomb, contributing to the already massive zombie armies.
How does Microsoft intend to address the security issues in the legacy base which will one day cause problems for even the best-maintained sites? For example, massive DDOS attacks, extortion, spam relays, etc.
Note that the following are not options, for a variety of reasons: 1) Upgrade -- many people don't see a security problem as a driver for upgrading; 2) Online updates -- only very recent systems including automatic updates, while older systems are used by people who can't manage this themselves; 3) Ignore -- this problem isn't going to go away. It can only get worse as more systems are infected. 4) Education -- too expensive, and affects Microsoft's reputational risk
Suggestions: 1) Offer a wildly-popular game or free download which fixes the bug as a side effect (disclosed of course); 2) Develop an "official" worm, which fixes the problem -- and release it into the wild. 3) Pay a bounty for grass-roots volunteers to fix them.
What's really funny about this is that "gung ho" is not actually English -- it was in fact borrowed from the Chinese, "kung ho", which is an abbreviation for the Chinese Industrial Cooperative Society, whose long name was abbreviated to those Mandarin Chinese words. Its meaning is work, peace and harmony.
It's not based in England, it's based in Ireland, and the priests are certainly Catholic. It's absolutely hilarious -- my favourite episode is when he loses a bet with another priest, and as a forfeit, has to kick the Bishop in the crown jewels....
Slashdot Mirror
I would have to take issue with your statement.
According to this: http://www.ossir.org/windows/supports/2005/2005-11-07/EADS-CCR_Fabrice_Skype.pdf
Skype seems to use AES for the VOIP payload, and RC4 for signaling packets.
Naturally, although AES is an excellent algorithm, it will fail if the implementation is weak, especially in the key handling.
I agree that the code is largely obfuscated, and without open source, it would be a nightmare to expect to rely on its security.
However, there was an "independent" review of Skype, which I understand was able to review the source code.
See: http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf for what appears to be the definitie analysis (as of 2005.)
Maybe things have changed since then? I would be surprised if the German government and its subcontractors have seriously been able to compromise Skype through man-in-the-middle attacks, but would not be surprised if a single end-point were compromised.
Obviously the evolutionary time-scale for biological change is too long for this to be related to the Flynn effect, but I wonder if there isn't some other link between the two.
A more "out there" hypothesis might include something like Sheldrake's morphogenetic field, only at a global level -- i.e., that as human beings perform more and more such IQ tests, then through some unexplained mechanism, other human beings might potentially become better at doing them. This is reminiscent of David Brin's Practice Effect.
Some of the issues raised in this are things I have blogged about, here and more recently here.
Modern television is by many to be considered solely a form of entertainment -- a mechanism for television channels to deliver their true product to customers, i.e., consumer attention for advertisers. I feel however that it has a different meaning, where we can use the TV shows that someone professes to enjoy as a kind of Socratic mirror, in which is reflected the true intentions, ideals, likes and fears of the viewer.
So, what are we to make of the current plethora of television shows which grace our TV screens (or Bit Torrent trackers?) Can we learn something about our Western culture (I am confining myself to the current "Rex Artis" or cultural hegemony of the USA and its satellites in Australia, UK, New Zealand and even Canada) by identifying the themes which rise to the surface?
If you're looking for a ticketing system with worklogs and project planning, check out:
http://outreach.sourceforge.net/
It's not actively maintained at present, but we would do so if enough companies signed up for support.
On a related note, we are about to release another tool, which has a powerful work-flow engine:
http://bflow.sourceforge.net/
The Web site is incomplete, and the software will be released next month. Check it out.
TorrentSpy need to simply place (for performance reasons, of course) a NAT device in front of their servers.
Imagine the prosecution's face when they read 100 Gb of logs all originating from 10.0.0.1.
This class of CAPTCHA is not always going to work first time, every time. It depends upon the subjective opinion or skill of the user. In my view, the ultimate CAPTCHA has been released:
www.hotcaptcha.com
I've written a paper on how to approach this, available here (PDF.)
I was disappointed by the title, since it hints at security convergence -- but completely fails to explore the space where my company is active, which is integrating physical security monitoring (alarm systems, environmental controls, UPS monitoring) with data security controls (IDS, network autodiscovery, scanning at Layer 2, 3 and 4), etc.
And good encryption is an envelope which only the intended recipient can open, while poorly implemented encryption means that your government might be opening the envelope and reading the contents without your knowledge.
I was discussing this with a colleague, who insisted it could be done by combining streaming protocols with a swarming protocol like BitTorrent. I was skeptical, and pointed to the lack of success of multicast protocols as indicative that the technology to stream to large numbers of consumers already existed, but wasn't supported by the ISPs or by client software.
After thinking about it, I realized he was right. Multicasting will never work due to apathy of the ISPs, so it will have to be built into the application. Take a HD stream, and introduce a fixed delay that would be acceptable to consumers -- such as 10 minutes. Begin a swarming protocol like BitTorrent, but with a statistical weighting so that packets near the beginning of the stream earn a higher priority than those near the end (of the 10 minute window.)
In theory (according to some back of the envelope queueing theory calculations), it should be possible to ensure that 97% of the packets are there within 10 minutes with an average swarm size and typical xDSL bandwidth -- and if you're running a lossy protocol based on UDP, it won't matter too much about the occasional artefact occurring in the stream if the client player interpolates well.
The benefits of this approach for media providers is if they use a signing system with closed source client (both for Windows and Linux), then they could introduce non-skippable adverts and limited DRM, whilst also saving hugely on bandwidth by leveraging from BitTorrent's advantages.
I hereby release the above idea into the Public Domain, but retain the right to be credited as its originator (unless someone can demonstrate prior art.)
This is an amazing first novel for a woman writer, with believable characters and interesting approach to world deconstruction. To really appreciate it, you should be somewhat familiar with the works of English 19th Century fiction, including Thomas Hardy, the Brontes, and especially Jane Austen. In some ways it's a cross between Jane Austen and Tolkien, but with a little Pratchett-esque humour.
Once you've finished it, and if you've acquired a taste for historical fiction with an SF&F spin, then check out Neal Stephenson's Quicksilver (first volume of the excellent Baroque Cycle trilogy.) It's got everything from cryptography, alchemy, monadism, pirates, hangings, torture through to sword fights, exciting chases and doomed love stories in world-wide adventure. Great stuff!
For those of us who aren't quite ready to disappear "off grid", you can make a positive contribution to your own (and your childrens') future by working to reduce your Carbon Emissions. If you are a home owner, start by looking at Solar Collectors, improving insulation, better economy vehicles, etc.
I seem to be missing a feature I expect -- I want to tell eBay that I should be notified via email whenever a new auction starts that matches some search criteria I specify. How can they not offer this capability, or do I have to use a third party scraper to do it?
http://cq.cx/proxmarkii.pl provides a nice article on how one Canadian guy designed a small hardware solution for cloning RFID tags. It should be very clear that RFID is NOT secure -- it's actually more likely to be insecure, in spite of the vendors who are offering tin-foil hats for their RFID cards.
N.B. mu is a nice Japanese Zen word which means emptiness of mind, or literally "nothing."
"Grade inflation", where assigned grades creep higher and higher,
is a concern for teachers. What's the logical limit of grade inflation?
F - Student appears to be a multicellular organism.
D - Student has mastered many autonomic bodily functions.
C - Student can operate a writing instrument without harming self or others.
B - Student is able to form a complete sentence, on the second or third try.
A - Student has marginal to excellent understanding of the course material.
If you are looking for a nice, free and easy way to install MySQL for Windows, then I strongly recommend XAMPP. I used it for installing my Open Source Information Asset Register, the Database of Managed Objects.
Oh, you mean this.
I met the guy who developed Stoned, down in New Zealand. Good times, good times.
Mod parent as funny +1, with another +1 for the BSG reference.
I recently found a great source of pills that help you to forget, but I can't remember where I got them. :-(
Damn I wish I hadn't already posted in this thread -- my mod points would be rating this as "Funny -- Damn Funny!"
Currently, there are hundreds of thousands, if not millions, of potentially vulnerable Windows systems connected to broadband connections, due to vulnerabilities like the WMF issue. Although we haven't seen any widely-deployed worms or other mobile exploits so far (maybe they exist, but are well hidden), many in the security community see this as a ticking time bomb, contributing to the already massive zombie armies.
How does Microsoft intend to address the security issues in the legacy base which will one day cause problems for even the best-maintained sites? For example, massive DDOS attacks, extortion, spam relays, etc.
Note that the following are not options, for a variety of reasons:
1) Upgrade -- many people don't see a security problem as a driver for upgrading;
2) Online updates -- only very recent systems including automatic updates, while older systems are used by people who can't manage this themselves;
3) Ignore -- this problem isn't going to go away. It can only get worse as more systems are infected.
4) Education -- too expensive, and affects Microsoft's reputational risk
Suggestions:
1) Offer a wildly-popular game or free download which fixes the bug as a side effect (disclosed of course);
2) Develop an "official" worm, which fixes the problem -- and release it into the wild.
3) Pay a bounty for grass-roots volunteers to fix them.
What's really funny about this is that "gung ho" is not actually English -- it was in fact borrowed from the Chinese, "kung ho", which is an abbreviation for the Chinese Industrial Cooperative Society, whose long name was abbreviated to those Mandarin Chinese words. Its meaning is work, peace and harmony.
True, that particular detail had escaped me. :-)
The episode where all the Priests were lost in the lingerie section was also fantastic.
It's not based in England, it's based in Ireland, and the priests are certainly Catholic. It's absolutely hilarious -- my favourite episode is when he loses a bet with another priest, and as a forfeit, has to kick the Bishop in the crown jewels....