Since the article said the odds of hitting the bug were roughly 1:256, my guess is a programmer casted the return value from memcmp to a char instead of an int.
But you can figure out form the GPS Cords where the person lives. I know my truck spends about 1/3 of it's time at my house, 1/4 of it's time right outside where I work. Google (or several other services) can do the coords to address lookup. I'd say that's pretty personally identifible.
I worked for a company that handled all this mess because they had a tax nexus in all states. There's companies that deal with this whole mess for you, and they keep all of their data up to date with the different tax laws. All you have to do is classify each product in one of about 100,000 categoires and you're set. It was easy for us because everything fell into like 3 categories, but I'd hate to be Amazon having to go through and classify their whole inventory.
Tax law is horribly complex... in some states you pay the selling point's tax rate, some states you pay the recipient's tax rate. And then you fall into crazy tax holidays. In Texas we have a pre-school tax holiday. All school supplies are tax free, along with clothing, and sporting goods (in case your kids are taking baseball for example) except for luxury items like golf equipment. It starts getting crazy when you start asking "Do golf shoes count as clothing, sporting goods, or golf equipment?" The category system helped you get it all figured out.
The last update I remember seeing had an categories for water heaters, based on their power effency and size. My guess is some state gives you a tax break on high efficency water heaters.
Other then huge volume sellers like Amazon that sell a crazy amount of different items, I really don't see the burden of doing it as being very hard. All you have to do is during checkout, hit a database (provided by the tax company) for their correct city/state/zip/in-city info. Match it against quantity, orderitem amount, category, etc, and you're done.
I didn't name any companies here because I'm not promoting any of them, I'm just saying the burden isn't really that high. You just pay the tax company to figure out the taxes for you, and for us it was a minimal cost, once a month we just updated our raw data and we're done.
200A services are actually common where there is electric central heat and electric water heating. It has nothing to do with "New big AC units" They are actually much more efficent then 20 year old ones. I replaced my Mid-80's Outdoor unit with a modern high-efficency unit, and the breaker went from a 50A to a 20A. That's a much lower expected power useage.
And a new service is more like $1500 to have one of the big-chain companies do it, last time I checked.
100A wire is smaller then my pinky, but it costs a few dollars per foot (and you want a 220 plug?, that means you need a black, red and white wire at that size, plus a smaller ground wire)
I googled for what the Chevy Volt takes for a recharger (It's just what jumped to mind, I've seen too many ads for it) A statement on in this page http://gm-volt.com/forum/showthread.php?6307-HOW-TO-ORDER-YOUR-HOME-CHARGING-STATION says it's a 16 Amp, 220V plug. A normal "dryer" plug is a 50Amp, 220v plug. So if you had the ablity to use something as large as a dryer plug, It'd let your car recharge about 3x as fast.
But to do that, you also need a larger electrical service in some cases. Some older houses don't have a very large service, and so you'd end up causing problems (either your main breaker tripping, or worse a fire) if you tried running your dryer, your household heater (or A/C) and charging your car at the same time.
What I acutally ended up doing was borrowing a co-worker's cube and messing with a bunch. Once you solve it a few dozen times, the action gets a lot smoother and it's faster to handle. I know the solutions I was doing were a lot more then 30 moves, but they were very simple to memorize, so I was able to do them quickly. I think I memorized a total of about 8 patterns, this is the site I used. http://peter.stillhq.com/jasmine/rubikscubesolution.html There are a few cases where I have to do the same pattern multiple times, but they are simple, so I learned to do them quickly without much delay.
The best solution for a rubix cube is always less then 20 moves (see http://www.cube20.org/ ) It averages around 18 moves for the best solution. That's 27 seconds to solve on average.
Where this 11 second youtube video shows a guy solving a cube.. in less then 11 seconds. I can do it in about 60 seconds and I'm not very good.
Also, before using computerized solutions, you have to know your whole solution. The manual solutions you can figure out as you go along... you can figure out your next steps while you're manipulating your current step.
AFAIK, if you get with MS and get with their licensing program, you have to buy an MS OS for every computer you install, and the OS agreement with MS says you can upgrade (or downgrade) it whenever you want. You still have to buy the OS from your PC manufacturer. That way when MS come out with Win7, you don't have to buy new licenses for everyone, all you have to do is buy a MS OS.
I've recently researched this for my company, and if you're buying individual MS Office licenses (or windows cals + exchange cals + sharepoint cals), you're crazy. Get with MS, they have a yearly agreement you make with them. Once a year, you count how many employees you have, you write MS a big check, and you're done with it. You could hire 1000 new employees, and you can install whatever you want, no charge. They could work for 3 months, you could fire them, and you don't pay for them. Only after the 1 year agreement is over, you have to sign a new contract, and pay the fees again. It's cheaper and easier to maintain then keeping track of them one at a time. You also get free upgrades whenever a new version comes out, so it's simple on that front. It also has some accounting advantages (Is a one-year license a capital expense? Will you save money by it not being a capital expense? Consult your local accounting department/tax advisor, you might save 20% or so. It's also fewer things for accounting to keep track of.)
http://www.microsoft.com/licensing/contact-us.aspx
United States
Call (800) 426-9400 M-F, 6 AM - 5:30 PM Pacific, or find an authorized reseller.
Canada
Call the Microsoft Resource Centre at (877) 568-2495
YEESH. I sound like a MS guy. I promise I'm not.
My guess is that the issues are more about the software requiring bug-specific behaviors. I had an opportunity to speak with one of the OS people a long time ago, they said that "Long Ago" Lotus 1-2-3 had a nasty habit of writing to files after Lotus told the OS to close the file handle. In the older versions of the OS, the OS didn't check to see if you were writing to a closed file handle, and wrote to the closed file. Then you update to the latest version of DOS, and all the sudden it breaks Lotus because now the OS cleans up after itself and correctly returns an error when you try writing to the closed file handle (which is probably ignored by Lotus, causing the save file to be corrupted somehow). Now who do you blame? MS for not getting the API right in the first place, or Lotus 1-2-3 for writing to the closed file handle, or MS fixing a bug? From what I remember, MS ended up adding code to detect that the application was Lotus and switching into a quirks kind of mode. Having to write fixes for all these crappy applications is why Windows is a POS.
More towards the issues with drivers. A friend of mine's printer driver broke with XP SP2. We found out that how the printer driver worked was it has a service that hosted an application that spoke to the printer, and the driver spoke to the local application via TCP. MS firewall blocked it (cause open ports can expose vulnerabilities). I blame the printer company for writing a crappy 50meg printer driver that requires a network connection to print locally, not MS.
I think it makes more sense from a business point of view. You're pricing based on the number of users verses the number of servers. You know that for every employee/managers/client/whatever that you need a cal. 50 empoyees? You just need 50 CAL's and you're covered. It also lets the vendor charge more money to bigger companies then small companies.
Assuming that a CAL gets assigned to a person, it's a fixed cost per employee to a company, just like the empoyee's salary. As you can afford to pay more employee's salaries (20k/year min), you should also be able to afford more CAL's(~$200-one time cost). I tend to like this model a bit more then the per processor or per installation licensing, becaue it means the cost for a small company is a lot lower.
I like the M$ provides both per-processor and CAL licensing, that way you can choose which model makes the most sense (or is cheapest) to your business.
I went to my bank's atm to pull out some money right a few weeks after getting my atm card. I forgot the pin, so I walked inside, and without any proof of ID, I got my pin change, and in the process saw the teller's pin to the machine that sets the pin number for CC's, and the manager's PIN because he had to reset the teller's pin, plus a sheet that had all the info I needed to fake to be the manager to get the manager's pin reset.
This makes me afraid of what someone who is good at social engeneering could do, but he would be caught on a lot of cameras if he did what I did.
Parent is wrong. The entire point of the news article is that if the algo has been cracked, that means that I can create a stream with a target sum, without having to brute force it. They probably found a mathmatical weakness that really reduces the size of the search space.
And in reply to my own post... a side issue. There's some series they chop up, so the video for the English and Japanese are diffrent. If I want the origonal uncut Japanese I have to buy one set, and if I want the dubbed version (a friend of mine hates watching subs because he can't read that fast) I have to buy another ENTIRE SET! ARRGH!
Fansubbers go through and put subtitles on anime captured from Japanese TV. Usually the group captures it off of TV, then someone will translate it, pass it off to someone else for checking, then the subtitles are timed, then encoded, and finally distributed via newgroups or bittorrent. Most groups try to do a whole series, and most series are usually 26+ episodes long. IMHO the translations are better then the commercial ones, and sometimes the only way you can get the uncut series.
Most of these groups do these translations weekly, and often they have half the series translated and their release dates are only a few weeks after their showing on TV in Japan. The commercial translations are only available at least a year or two after it's been out in Japan. Inu Yasha, which is very popular on Cartoon Network, was on its 3rd or 4th season in Japan before they started showing it here in the US.
From what I understand, you're missing the point of Kenosis... the entire DNS thing is for reverse compatability.
I can use Kenosis to get the.torrent file, OR I can use DNS to resolve the ip to get the file, either way I can download the.torrent file.
if the Kenosis DNS is taken down, we can still use Kenosis to get the torrent files, or at least that's what I understand.
Well it was enough to move a tetonic plate 80 feet, that means an entire part of the earth's crust shifted 80 feet. If you think about basic physics, for every action there is an equal reaction. We're on a spinning ball, part of the surface of the ball shifts to one side. Suddenly the rate at which the ball is spinning has changed. Makes sense to me to have an effect on the length of a day
It says something in there about a digital ID being readable by law enforcement with a scanner? What kind of ID is this? Is it Radio based or flash based? I really don't want people walking around and aiming a scanner at me, and all the sudden the billboard I'm walking next to says "Hey Joe, I know you're 28, male, and live in the suburbs, and here's the most effective adversting for you!"
The first thing I thought about is something like Redhat is distributed via Bittorrent. What happens if someone replaces - say gcc and login to do the old "my special login has a backdoor, and my gcc detects when I'm compiling login, and puts the exploit it, and my gcc detects when gcc is compiling, and puts the exploit into gcc" trick, and then hops onto the torrent network, (perhaps with some special mods so they will distribute the "hacked" sections more often) and then start distributing the exploit. Thoughts?
You would even know the IP address of the guy that downloaded the chunk with the exploit, and then he would start distributing the hacked version. Now I'll admit it's a bit far fetched, but I also never underestimate the power of REALLY determined people.
I also realize it would be tricky keeping it small enough, and getting it to recompress and... But still, someone might figure it out. And with how big the Linux community is, if it's possible, someone will do it.
Kunnis
(my first./ post)
Wire thickness is what gives it the rating on how many amps it can carry. The insulation on the wire gives it the rating the number of volts it can carry.
(I appolgize, I might have my #6 and #8 mixed up in my head, so I might have it wrong, and I'm going to error on the safe side)
Most wire you buy can take up to 600v, so this isn't a problem for this mod.
When you're dealing with a 400w power supply on a computer, 400w/120v ~= 4 amps. 4amps can be carried very easily on 16 gage wire (thiner then a "old fashoned" pencil led") but between the Inverter and the battery, you have 400w/12v ~= 40amps. To safely carry 40 amps, you need #6 wire, which is about as thick as a printer cable, but it's usually stiffer.
this is why UPS'es usually use 48volt layouts, because they can transfer more power with the same cost in cables.
The numbers I used are the conservitive numbers recomended by the national electric code, and that thick of wire you could run indefinatly. #6 wire is what electric house heaters run on. (but they run at 240v, or up to ~16,000W)
Kunnis
Slashdot Mirror
Since the article said the odds of hitting the bug were roughly 1:256, my guess is a programmer casted the return value from memcmp to a char instead of an int.
But you can figure out form the GPS Cords where the person lives. I know my truck spends about 1/3 of it's time at my house, 1/4 of it's time right outside where I work. Google (or several other services) can do the coords to address lookup. I'd say that's pretty personally identifible.
I worked for a company that handled all this mess because they had a tax nexus in all states. There's companies that deal with this whole mess for you, and they keep all of their data up to date with the different tax laws. All you have to do is classify each product in one of about 100,000 categoires and you're set. It was easy for us because everything fell into like 3 categories, but I'd hate to be Amazon having to go through and classify their whole inventory. Tax law is horribly complex... in some states you pay the selling point's tax rate, some states you pay the recipient's tax rate. And then you fall into crazy tax holidays. In Texas we have a pre-school tax holiday. All school supplies are tax free, along with clothing, and sporting goods (in case your kids are taking baseball for example) except for luxury items like golf equipment. It starts getting crazy when you start asking "Do golf shoes count as clothing, sporting goods, or golf equipment?" The category system helped you get it all figured out. The last update I remember seeing had an categories for water heaters, based on their power effency and size. My guess is some state gives you a tax break on high efficency water heaters. Other then huge volume sellers like Amazon that sell a crazy amount of different items, I really don't see the burden of doing it as being very hard. All you have to do is during checkout, hit a database (provided by the tax company) for their correct city/state/zip/in-city info. Match it against quantity, orderitem amount, category, etc, and you're done. I didn't name any companies here because I'm not promoting any of them, I'm just saying the burden isn't really that high. You just pay the tax company to figure out the taxes for you, and for us it was a minimal cost, once a month we just updated our raw data and we're done.
200A services are actually common where there is electric central heat and electric water heating. It has nothing to do with "New big AC units" They are actually much more efficent then 20 year old ones. I replaced my Mid-80's Outdoor unit with a modern high-efficency unit, and the breaker went from a 50A to a 20A. That's a much lower expected power useage.
And a new service is more like $1500 to have one of the big-chain companies do it, last time I checked.
100A wire is smaller then my pinky, but it costs a few dollars per foot (and you want a 220 plug?, that means you need a black, red and white wire at that size, plus a smaller ground wire)
I googled for what the Chevy Volt takes for a recharger (It's just what jumped to mind, I've seen too many ads for it) A statement on in this page http://gm-volt.com/forum/showthread.php?6307-HOW-TO-ORDER-YOUR-HOME-CHARGING-STATION says it's a 16 Amp, 220V plug. A normal "dryer" plug is a 50Amp, 220v plug. So if you had the ablity to use something as large as a dryer plug, It'd let your car recharge about 3x as fast. But to do that, you also need a larger electrical service in some cases. Some older houses don't have a very large service, and so you'd end up causing problems (either your main breaker tripping, or worse a fire) if you tried running your dryer, your household heater (or A/C) and charging your car at the same time.
What I acutally ended up doing was borrowing a co-worker's cube and messing with a bunch. Once you solve it a few dozen times, the action gets a lot smoother and it's faster to handle. I know the solutions I was doing were a lot more then 30 moves, but they were very simple to memorize, so I was able to do them quickly. I think I memorized a total of about 8 patterns, this is the site I used. http://peter.stillhq.com/jasmine/rubikscubesolution.html There are a few cases where I have to do the same pattern multiple times, but they are simple, so I learned to do them quickly without much delay.
The best solution for a rubix cube is always less then 20 moves (see http://www.cube20.org/ ) It averages around 18 moves for the best solution. That's 27 seconds to solve on average. Where this 11 second youtube video shows a guy solving a cube.. in less then 11 seconds. I can do it in about 60 seconds and I'm not very good. Also, before using computerized solutions, you have to know your whole solution. The manual solutions you can figure out as you go along... you can figure out your next steps while you're manipulating your current step.
AFAIK, if you get with MS and get with their licensing program, you have to buy an MS OS for every computer you install, and the OS agreement with MS says you can upgrade (or downgrade) it whenever you want. You still have to buy the OS from your PC manufacturer. That way when MS come out with Win7, you don't have to buy new licenses for everyone, all you have to do is buy a MS OS. I've recently researched this for my company, and if you're buying individual MS Office licenses (or windows cals + exchange cals + sharepoint cals), you're crazy. Get with MS, they have a yearly agreement you make with them. Once a year, you count how many employees you have, you write MS a big check, and you're done with it. You could hire 1000 new employees, and you can install whatever you want, no charge. They could work for 3 months, you could fire them, and you don't pay for them. Only after the 1 year agreement is over, you have to sign a new contract, and pay the fees again. It's cheaper and easier to maintain then keeping track of them one at a time. You also get free upgrades whenever a new version comes out, so it's simple on that front. It also has some accounting advantages (Is a one-year license a capital expense? Will you save money by it not being a capital expense? Consult your local accounting department/tax advisor, you might save 20% or so. It's also fewer things for accounting to keep track of.) http://www.microsoft.com/licensing/contact-us.aspx United States Call (800) 426-9400 M-F, 6 AM - 5:30 PM Pacific, or find an authorized reseller. Canada Call the Microsoft Resource Centre at (877) 568-2495 YEESH. I sound like a MS guy. I promise I'm not.
My guess is that the issues are more about the software requiring bug-specific behaviors. I had an opportunity to speak with one of the OS people a long time ago, they said that "Long Ago" Lotus 1-2-3 had a nasty habit of writing to files after Lotus told the OS to close the file handle. In the older versions of the OS, the OS didn't check to see if you were writing to a closed file handle, and wrote to the closed file. Then you update to the latest version of DOS, and all the sudden it breaks Lotus because now the OS cleans up after itself and correctly returns an error when you try writing to the closed file handle (which is probably ignored by Lotus, causing the save file to be corrupted somehow). Now who do you blame? MS for not getting the API right in the first place, or Lotus 1-2-3 for writing to the closed file handle, or MS fixing a bug? From what I remember, MS ended up adding code to detect that the application was Lotus and switching into a quirks kind of mode. Having to write fixes for all these crappy applications is why Windows is a POS. More towards the issues with drivers. A friend of mine's printer driver broke with XP SP2. We found out that how the printer driver worked was it has a service that hosted an application that spoke to the printer, and the driver spoke to the local application via TCP. MS firewall blocked it (cause open ports can expose vulnerabilities). I blame the printer company for writing a crappy 50meg printer driver that requires a network connection to print locally, not MS.
I think it makes more sense from a business point of view. You're pricing based on the number of users verses the number of servers. You know that for every employee/managers/client/whatever that you need a cal. 50 empoyees? You just need 50 CAL's and you're covered. It also lets the vendor charge more money to bigger companies then small companies. Assuming that a CAL gets assigned to a person, it's a fixed cost per employee to a company, just like the empoyee's salary. As you can afford to pay more employee's salaries (20k/year min), you should also be able to afford more CAL's(~$200-one time cost). I tend to like this model a bit more then the per processor or per installation licensing, becaue it means the cost for a small company is a lot lower. I like the M$ provides both per-processor and CAL licensing, that way you can choose which model makes the most sense (or is cheapest) to your business.
I went to my bank's atm to pull out some money right a few weeks after getting my atm card. I forgot the pin, so I walked inside, and without any proof of ID, I got my pin change, and in the process saw the teller's pin to the machine that sets the pin number for CC's, and the manager's PIN because he had to reset the teller's pin, plus a sheet that had all the info I needed to fake to be the manager to get the manager's pin reset. This makes me afraid of what someone who is good at social engeneering could do, but he would be caught on a lot of cameras if he did what I did.
I mis-read the article... But that is still a major weakness. The algo is 2**11 times weaker now, but isn't the end of the world.
Parent is wrong. The entire point of the news article is that if the algo has been cracked, that means that I can create a stream with a target sum, without having to brute force it. They probably found a mathmatical weakness that really reduces the size of the search space.
And in reply to my own post... a side issue. There's some series they chop up, so the video for the English and Japanese are diffrent. If I want the origonal uncut Japanese I have to buy one set, and if I want the dubbed version (a friend of mine hates watching subs because he can't read that fast) I have to buy another ENTIRE SET! ARRGH!
Fansubbers go through and put subtitles on anime captured from Japanese TV. Usually the group captures it off of TV, then someone will translate it, pass it off to someone else for checking, then the subtitles are timed, then encoded, and finally distributed via newgroups or bittorrent. Most groups try to do a whole series, and most series are usually 26+ episodes long. IMHO the translations are better then the commercial ones, and sometimes the only way you can get the uncut series. Most of these groups do these translations weekly, and often they have half the series translated and their release dates are only a few weeks after their showing on TV in Japan. The commercial translations are only available at least a year or two after it's been out in Japan. Inu Yasha, which is very popular on Cartoon Network, was on its 3rd or 4th season in Japan before they started showing it here in the US.
From what I understand, you're missing the point of Kenosis... the entire DNS thing is for reverse compatability. I can use Kenosis to get the .torrent file, OR I can use DNS to resolve the ip to get the file, either way I can download the .torrent file.
if the Kenosis DNS is taken down, we can still use Kenosis to get the torrent files, or at least that's what I understand.
Well it was enough to move a tetonic plate 80 feet, that means an entire part of the earth's crust shifted 80 feet. If you think about basic physics, for every action there is an equal reaction. We're on a spinning ball, part of the surface of the ball shifts to one side. Suddenly the rate at which the ball is spinning has changed. Makes sense to me to have an effect on the length of a day
It says something in there about a digital ID being readable by law enforcement with a scanner? What kind of ID is this? Is it Radio based or flash based? I really don't want people walking around and aiming a scanner at me, and all the sudden the billboard I'm walking next to says "Hey Joe, I know you're 28, male, and live in the suburbs, and here's the most effective adversting for you!"
The first thing I thought about is something like Redhat is distributed via Bittorrent. What happens if someone replaces - say gcc and login to do the old "my special login has a backdoor, and my gcc detects when I'm compiling login, and puts the exploit it, and my gcc detects when gcc is compiling, and puts the exploit into gcc" trick, and then hops onto the torrent network, (perhaps with some special mods so they will distribute the "hacked" sections more often) and then start distributing the exploit. Thoughts? You would even know the IP address of the guy that downloaded the chunk with the exploit, and then he would start distributing the hacked version. Now I'll admit it's a bit far fetched, but I also never underestimate the power of REALLY determined people. I also realize it would be tricky keeping it small enough, and getting it to recompress and... But still, someone might figure it out. And with how big the Linux community is, if it's possible, someone will do it. Kunnis
(my first ./ post)
Wire thickness is what gives it the rating on how many amps it can carry. The insulation on the wire gives it the rating the number of volts it can carry.
(I appolgize, I might have my #6 and #8 mixed up in my head, so I might have it wrong, and I'm going to error on the safe side)
Most wire you buy can take up to 600v, so this isn't a problem for this mod.
When you're dealing with a 400w power supply on a computer, 400w/120v ~= 4 amps. 4amps can be carried very easily on 16 gage wire (thiner then a "old fashoned" pencil led") but between the Inverter and the battery, you have 400w/12v ~= 40amps. To safely carry 40 amps, you need #6 wire, which is about as thick as a printer cable, but it's usually stiffer.
this is why UPS'es usually use 48volt layouts, because they can transfer more power with the same cost in cables.
The numbers I used are the conservitive numbers recomended by the national electric code, and that thick of wire you could run indefinatly. #6 wire is what electric house heaters run on. (but they run at 240v, or up to ~16,000W)
Kunnis