Apart from the fact that the numbers just don't add up and you'd have to flow enormous amounts of seawater through the device, there are a couple of other problems:
- Breathing pure oxygen is fine at surface pressure, but it quickly becomes toxic when submerged
- You want the rest of your breathing air (21% oxygen or less, as you descend) to be made up of an inertial gas
- Lungs need to inhale and exhale to get the gas exchange in the alveoli to work, so you need a full lung volume of gas available at any time, not just the amount of oxygen required to run your body
- To get rid of CO2, you either have to release gas into the surrounding water, or scrub the CO2 using something such as soda lime
- Apart from the scrubber, you need to have these additional parts for it all to work:
1) some kind of counter-lung to allow for breathing movement
2) some kind of pressurized gas to increase the amount of gas in your lungs/counter-lung to compensate for the compression of it all at depth and to dilute the O2 content of the breathing gas
So, great idea. You have to lug a full rebreather system with you for it all to work, but luckily you can leave the 2 liter oxygen tank at home and use these fantastic gills instead - until the not-yet-invented next-generation battery powering the extremely powerful "Micro-Compressor" runs out of juice.
The only way this could work out to be something useful would be to hook up a major blood vessel to the device, allowing for gas exchange O2 CO2 between the water flow and the blood through the device, bypassing the lungs altogether. As an alternative, fill the lungs with a liquid (as in liquid breathing) and do the gas exchange between the breathing liquid and the water. Less messy that surgery.
From what I can see the unprotected directory is a *deliberate* setup by perpetrators who compromised a number of merchant sites.
The compromised servers send the CC transaction details to the unprotected site (now suspended by the registrar) for easy retrieval by the perps.
The security breach obviously happened on the individual merchant sites, the leaking unprotected directories on the hackers' drop box is just a symptom.
Somebody check if all merchant sites use a common web shop application?
> A new high tech weapon system demonstrated one of the prime concerns [...]
The GDF-005 is from the 1985, the GDF series's first instalment was the GDF-001 way back in the 50s. So it seems this high tech weapon system is 20+ years old.
> To crack the first pass you have to find a key among 2^64 possibilities. > Then you do the same search for the second pass.
Okay, I understand this argument I think. However, you say you crack the cyphertext in two passes. Now, what I don't get is: how do you know which of the 2^64 results from the first bruteforce run is the right one to feed into the second run? If there is now header, all 2^64 results look like garbage, no? Wouldn't I need to run ALL results through the second round?
Dupes drive the interesting stories off the front page faster
... unless it's a dupe of an interesting story, in which case it is being pushed higher up on the front page if there was at least one other story posted in the meantime.
You still can combine the two; let all mail bypass your greylisting, except those connections that come from a listed server or network.
I played with that idea for a while, but opted for enabling greylisting on a recipient basis rather than by sender. Those recipients who wish to have their incoming mail greylisted know to expect the occasional delay. If it were bound to a blacklist, it would be difficult to explain to my users that some mail, sometimes, may be delayed for an hour, as not everyone is comfortable with the idea of greylisting...
- brute force your way through a long list of possible passwords to find one that matches the hash; everytime you do this, it takes a lot of time and processing power
- or you can go through all possible passwords ONCE and save the resulting hashes; subsequent cracking jobs are very fast, but you wasted a lot of space to store all possible hashes.
thus, if disk space is cheap and you can afford to keep a couple of gigs in pre-computed hashes around, you have a very fast way of cracking weak hashes. a couple of years ago, this was not possible due to hard drives being like 200MB large.
I'd like to hear them (well, the W anyway) answer some of these:
- How many sovereign countries are there in the world?
- How many world religions?
- Earth's circumference? Land surface? the U.S. land surface?
- How long does it take to cross the U.S. by car, east coast to west coast? How many timezones do you traverse? How much do you pay for the gas for this trip?
Have a public debate, randomly draw 10 questions like those out of a pool of 100, and let the candidates answer them.
I don't know any exact answers to any of these questions, but I think it would be very interesting to hear some unprepared guesses from the candidates, orally, with a bit of discussion about how they arrived at their answers.
You'd get to know the guys a lot better than by being inundated by election TV ads and smear campaigns.
For me, living in a small European country where you often hear politicians speaking freely in unscripted debates and interviews, it is really strange that you put up with a president puppet so far removed from the ordinary people. If it's all a staged show, how can you trust a leader?
I also was quite disappointed by the interview. It's pretty pointless to just publish carefully prepared sitting-on-the-fence talk, kind of like newspapers just publishing PR press releases instead of "independent" news (if there is such a thing).
correct me if i'm mistaken here, but as i read the article, the collusion charges *are* in fact about the sale of "real" recording snippets, be they in mp3 format or whatever is en vogue over there.
the article states that the record companies don't have control over the "instrumental" versions, which mostly are polyphonic midi ringtones. the prices for those may be too high also, but for different reasons (well, the same reason but a different set of unscrupulous companies i guess:-)).
it seems that snippets of real recordings (i.e. digital wave samples a la pixmap images as opposed to descriptive interpreted music notations (midi) a la vector images) are popular ringtone choices... in Japan (hey, what happened to that meme anyway?)
It's a lot better than it used to be... also with CSS stuff. While we still don't have perfect compatibility between all browsers, and probably never will, you can get working results across different clients with less hassle and headache than a couple of years ago.
Or perhaps, I just got used to it and only use a well-supported subset of code without realizing it... uh. must check. bbl.
i once had a server box running with almost 1 year uptime (350 days i think), my first one that got that far. i had "focus follows mouse" on my workstation enabled and wanted to shut down the workstation. just before i typed "shutdown" and hit enter, i must have moved the mouse a bit and the cursor got over the terminal window where i was still logged into said server as root.
In the June edition of;login: (the Usenix Association's magazine), there is an article by Adam Butler (of CAcert) describing the project and shedding some light on the process of getting a CA root certificate included into various browsers:
Quote from the article:
"In true Microsoft style, Redmond adopted a new metric for determining whether a CA's root certificate is to be included with its browser/OS/kitchen-sink product: In order for a CA's root certificate to be accepted - I swear I'm not making this up - Redmond said CA must pay a WebTrust-licensed member of the American Institute of Certified Public Accountants up to $250,000 for an initial evaluation/inspection, plus additional tens of thousands of dollars in fees on a periodic "follow-up" basis.
The makers of the Opera Web browser did not respond to email queries regarding their inclusion policies/requirements; however, a Bermuda-based CA representative stated in the netscape.public.mozilla.crypto newsgroup that "as of [his] last contact in 2003, Opera wanted cash to add a CA [root certificate]. They did not appear to have a standards policy.".
He goes on to describe the process of getting the root cert, hopefully, included into the Mozilla project through a Bugzilla feature enhancement request. From what I read from the article, the discussion about this is still going on.
no, as i read it, they say applications developed for THEIR engine will run on linux with opengl and on windows with direct x. from the article:
> The development of a Multi-Platform 3D Graphics > Rendering Engine and the creation of a hardware > accelerated Ignalum Linux OS based on OpenGL > allows applications/games developed for the engine > to run using OpenGL or DirectX
What the customer wants and what he needs are different things too.. as illustrated here (no idea where it came originally from, if you have the proper credits, please post them)
i disagree. i think a virus attaches itself to executables to spread, it's not executable in itself... just as a virus relies on regular cells for propagation.
Slashdot Mirror
Apart from the fact that the numbers just don't add up and you'd have to flow enormous amounts of seawater through the device, there are a couple of other problems:
- Breathing pure oxygen is fine at surface pressure, but it quickly becomes toxic when submerged
- You want the rest of your breathing air (21% oxygen or less, as you descend) to be made up of an inertial gas
- Lungs need to inhale and exhale to get the gas exchange in the alveoli to work, so you need a full lung volume of gas available at any time, not just the amount of oxygen required to run your body
- To get rid of CO2, you either have to release gas into the surrounding water, or scrub the CO2 using something such as soda lime
- Apart from the scrubber, you need to have these additional parts for it all to work:
1) some kind of counter-lung to allow for breathing movement
2) some kind of pressurized gas to increase the amount of gas in your lungs/counter-lung to compensate for the compression of it all at depth and to dilute the O2 content of the breathing gas
So, great idea. You have to lug a full rebreather system with you for it all to work, but luckily you can leave the 2 liter oxygen tank at home and use these fantastic gills instead - until the not-yet-invented next-generation battery powering the extremely powerful "Micro-Compressor" runs out of juice.
The only way this could work out to be something useful would be to hook up a major blood vessel to the device, allowing for gas exchange O2 CO2 between the water flow and the blood through the device, bypassing the lungs altogether. As an alternative, fill the lungs with a liquid (as in liquid breathing) and do the gas exchange between the breathing liquid and the water. Less messy that surgery.
From what I can see the unprotected directory is a *deliberate* setup by perpetrators who compromised a number of merchant sites.
The compromised servers send the CC transaction details to the unprotected site (now suspended by the registrar) for easy retrieval by the perps.
The security breach obviously happened on the individual merchant sites, the leaking unprotected directories on the hackers' drop box is just a symptom.
Somebody check if all merchant sites use a common web shop application?
> A new high tech weapon system demonstrated one of the prime concerns [...]
The GDF-005 is from the 1985, the GDF series's first instalment was the GDF-001 way back in the 50s.
So it seems this high tech weapon system is 20+ years old.
> To crack the first pass you have to find a key among 2^64 possibilities.
:-)
> Then you do the same search for the second pass.
Okay, I understand this argument I think. However, you say you crack the
cyphertext in two passes. Now, what I don't get is: how do you know which of
the 2^64 results from the first bruteforce run is the right one to feed
into the second run? If there is now header, all 2^64 results look like
garbage, no? Wouldn't I need to run ALL results through the second round?
Please enlighten me
stray
I find your comment strangely poetic. Is it okay with you if I include the last sentence into my quotes database?
> He might pour 40's on the lawn for his dead
> fellow-god homies, but he don't cry.
hm, it looks i can't disconfirm that English is not my first language :-)
That's a good story. Some gnome should mod it up.
I have the vague feeling that this would be funny if I were old-school enough to know what you are talking about.
Anyone able to confirm or disconfirm this theory?
but please be nice with that furlong47 guy and don't mess with his account!
Hm, why did I never try this before :-) ?
echo -n "trustno1" | md5sum
5fcfd41e547a12215b173ff47fdd3739
Google for it, nice vector there.
Disturbing, to say the least.
> If I worked on a Ford assembly line I would sound
> like an idiot saying "we designed the new Mustang > for this certain demographic."
Exactly, I second this. Even if it wasn't the assembly line, I'd want to keep it a bit more modest.
You still can combine the two; let all mail bypass your greylisting, except those connections that come from a listed server or network.
I played with that idea for a while, but opted for enabling greylisting on a recipient basis rather than by sender. Those recipients who wish to have their incoming mail greylisted know to expect the occasional delay. If it were bound to a blacklist, it would be difficult to explain to my users that some mail, sometimes, may be delayed for an hour, as not everyone is comfortable with the idea of greylisting...
Come on, someone mod this guy up.
it's all about a time/space trade-off:
- you have a password hash you want to crack
you can either:
- brute force your way through a long list of possible passwords to find one that matches the hash; everytime you do this, it takes a lot of time and processing power
- or you can go through all possible passwords ONCE and save the resulting hashes; subsequent cracking jobs are very fast, but you wasted a lot of space to store all possible hashes.
thus, if disk space is cheap and you can afford to keep a couple of gigs in pre-computed hashes around, you have a very fast way of cracking weak hashes. a couple of years ago, this was not possible due to hard drives being like 200MB large.
I'd like to hear them (well, the W anyway) answer some of these:
- How many sovereign countries are there in the world?
- How many world religions?
- Earth's circumference? Land surface? the U.S. land surface?
- How long does it take to cross the U.S. by car, east coast to west coast? How many timezones do you traverse? How much do you pay for the gas for this trip?
Have a public debate, randomly draw 10 questions like those out of a pool of 100, and let the candidates answer them.
I don't know any exact answers to any of these questions, but I think it would be very interesting to hear some unprepared guesses from the candidates, orally, with a bit of discussion about how they arrived at their answers.
You'd get to know the guys a lot better than by being inundated by election TV ads and smear campaigns.
I'd mod you up for that if I had the points.
For me, living in a small European country where you often hear politicians speaking freely in unscripted debates and interviews, it is really strange that you put up with a president puppet so far removed from the ordinary people. If it's all a staged show, how can you trust a leader?
I also was quite disappointed by the interview. It's pretty pointless to just publish carefully prepared sitting-on-the-fence talk, kind of like newspapers just publishing PR press releases instead of "independent" news (if there is such a thing).
correct me if i'm mistaken here, but as i read the article, the collusion charges *are* in fact about the sale of "real" recording snippets, be they in mp3 format or whatever is en vogue over there.
:-)).
the article states that the record companies don't have control over the "instrumental" versions, which mostly are polyphonic midi ringtones. the prices for those may be too high also, but for different reasons (well, the same reason but a different set of unscrupulous companies i guess
it seems that snippets of real recordings (i.e. digital wave samples a la pixmap images as opposed to descriptive interpreted music notations (midi) a la vector images) are popular ringtone choices... in Japan (hey, what happened to that meme anyway?)
It's a lot better than it used to be... also with CSS stuff. While we still don't have perfect compatibility between all browsers, and probably never will, you can get working results across different clients with less hassle and headache than a couple of years ago.
Or perhaps, I just got used to it and only use a well-supported subset of code without realizing it... uh. must check. bbl.
i once had a server box running with almost 1 year uptime (350 days i think), my first one that got that far. i had "focus follows mouse" on my workstation enabled and wanted to shut down the workstation. just before i typed "shutdown" and hit enter, i must have moved the mouse a bit and the cursor got over the terminal window where i was still logged into said server as root.
i prefer click-to-focus now.
Quote from the article:
He goes on to describe the process of getting the root cert, hopefully, included into the Mozilla project through a Bugzilla feature enhancement request. From what I read from the article, the discussion about this is still going on.
i installed fc2 and the nvidia driver installed itself just fine. i suspect this was only broken in the test releases.
any other experience reports?
no, as i read it, they say applications developed for THEIR engine will run on linux with opengl and on windows with direct x. from the article:
> The development of a Multi-Platform 3D Graphics
> Rendering Engine and the creation of a hardware
> accelerated Ignalum Linux OS based on OpenGL
> allows applications/games developed for the engine
> to run using OpenGL or DirectX
or do i miss their point?
What the customer wants and what he needs are different things too.. as illustrated here (no idea where it came originally from, if you have the proper credits, please post them)
i disagree. i think a virus attaches itself to executables to spread, it's not executable in itself... just as a virus relies on regular cells for propagation.