One of the benefits and drawbacks of running lean is the mixture burns hotter. This produces more NOx, not less. I'm not sure what the article is going on about.
Indeed, the article is funny, especially the bit about If engines ran leaner — burnt more air and less fuel — they would produce significantly smaller NOx emissions..
Guess what you get when you "burn" air (... or at least the nitrogen contained therein...):
It doesn't really end up working quite as slowly as you imply. Typically I see the $4 discounted used copies of a brand spanking new game within a couple of days.
I'll risk a guess, and suppose that in these cases the original buyer probably just did a quick copy for himself before he sold the game. Hence my conditional "...unless piracy was also involved...". If used-games outlets are used "honestly", there will be substantial delays until new titles will be available, and my original reasoning will apply.
You forgot to mention that the second buyer usually only gets the game way after it came out (unless piracy was also involved...). That is, first user has to buy game, play it, get bored with it and resell it.
So not only does the second player get a slightly wrinkled manual, but also he gets a game which is no longer hip. So it's normal that he saves some money on it. No need to "punish" him additionally by crippling the game.
APNIC networks are rife with spammers and bots. Our logs are full of APNIC addresses who try to brute ssh password, or try to find vulnerabilities in Web applications.
So why does APNIC not confiscate these lowlifes' addresses, and hand them out to honest customers? If they're reactive enough in doing so, the addresses might actually not yet be "burned" (on blacklists), and still usable...
If your concern is the frightening warnings popped up by browsers, why don't you get a free certificate from startssl.com?
Startssl.com is recognized by all major browsers, checks your identity by a mail and phone callback, and issues as many "simple" certificates as you need. "Simple" meaning no wildcard, and no subject-alt-name. These are valid for one year
If you do need more advanced stuff (wildcard, subject-alt-name), you can have StartSSL do a more "thorough" id check. For this, upload a scan of two government-issued id documents, and send them $49.90 . They'll perform another phone check, and you're ready for "Class 2" certificates, which are valid for two years. You can still get as many as you want during validity of your id check (1 year).
You can't get cheaper than that (except for CaCert, but unfortunately CaCert is not recognized by the browsers by default).
I don't recall reading anything in the constitution that forbids "stringing up politicians" so isn't it then left up to the states?
Correct, but he posted his diatribe on the internet, which spans statelines, thus bringing the crime into the realm of "interstate commerce" (RTFA... they actually did mention interstate commerce!), and hence it becomes a case for the Feds.
Now, go, and hand in your tinfoil hat. Any self-respecting tinfoil hat wearer should know that thanks to the "Commerce Clause", there is nothing left up to the states.
Hackers would still need to breach the security of the server where the plaintext passwords would be stored. It's not as if facebook gave shell accounts with which users could just peruse/etc/passwd...
Does every disease work the same way with every bodily fluid?
No. Case in point, HIV: high virus content in blood and sperm, low content in spit. And spit actually kills it. That's why a blowjob is so much safer than other kinds of sex, even without a (weird tasting) rubber...
Apparently, you can even give a blowjob right after going to the dentist, without any risk to either of you (but it might not be very comfortable, obviously...)
To understand if there is even a problem you first need to check the key usage/EKUs of these certs to see in what context the certificates are allowed to be used.
Do browsers check these key usage/EKUs? If not, these certificates could still be used for nefarious purposes, even if such usage is against some paper document somewhere...
And if yes, I'd think EFF would have raised less of a fuss...
In order for 'mail' to work, somebody had to set up your DNS with a "search path" of "hq.internal.mydomain.com". Why can't whatever software is connecting to 'mail' also append the search path to the hostname used for checking the certificate?
PHP generates the public key, sends it with the javascript in the form, all the form data is encrypted by the browser itself before sending it to the host.
And how do you protect against a man-in-the-middle changing the public key while it is being sent from PHP to the browser? Or against same middleman just adding some more javascript to the page which copies the sensitive form fields into new fields which will be transmitted in the clear (like happened in Tunisia with facebook...)?
A certification is a statement of opinion. (And furthermore, it is a statement by a complete stranger who has no relationship with you and owes you jack shit.)
The same can be said about passports and other government id papers. Does the border guard personally know the guy who issued you your passport? No? But yet he trusts it.
I don't understand why the likes of Firefox / OpenSSL / GnuPG and other vested interests in the open source movement aren't pushing for a free model for certification which cuts the CAs out of the loop, at least for some kinds of certs.
Indeed. Especially since there is a free CA around: CaCERT.
Yes, they failed an audit. But the only reason why they failed it was that they were doing it honestly. Many other CAs which are currently accepted in Firefox would fail the same kind of audit, but they are smart enough not to submit to one.
Slashdot Mirror
... Amazon To Let Libraries Kindle Books
One of the benefits and drawbacks of running lean is the mixture burns hotter. This produces more NOx, not less. I'm not sure what the article is going on about.
Indeed, the article is funny, especially the bit about If engines ran leaner — burnt more air and less fuel — they would produce significantly smaller NOx emissions..
Guess what you get when you "burn" air (... or at least the nitrogen contained therein...):
NoX!
It doesn't really end up working quite as slowly as you imply. Typically I see the $4 discounted used copies of a brand spanking new game within a couple of days.
I'll risk a guess, and suppose that in these cases the original buyer probably just did a quick copy for himself before he sold the game. Hence my conditional "...unless piracy was also involved...". If used-games outlets are used "honestly", there will be substantial delays until new titles will be available, and my original reasoning will apply.
Interesting point.
Interesting point.
Interesting point.
You forgot to mention that the second buyer usually only gets the game way after it came out (unless piracy was also involved...). That is, first user has to buy game, play it, get bored with it and resell it.
So not only does the second player get a slightly wrinkled manual, but also he gets a game which is no longer hip. So it's normal that he saves some money on it. No need to "punish" him additionally by crippling the game.
So why does APNIC not confiscate these lowlifes' addresses, and hand them out to honest customers? If they're reactive enough in doing so, the addresses might actually not yet be "burned" (on blacklists), and still usable...
Not a new concept, mShell for Symbian
... or just N900's Maemo, for that matter. Not only can you write shell scripts, but also C or Java programs, and compile them on the phone itself.
Startssl.com is recognized by all major browsers, checks your identity by a mail and phone callback, and issues as many "simple" certificates as you need. "Simple" meaning no wildcard, and no subject-alt-name. These are valid for one year
If you do need more advanced stuff (wildcard, subject-alt-name), you can have StartSSL do a more "thorough" id check. For this, upload a scan of two government-issued id documents, and send them $49.90 . They'll perform another phone check, and you're ready for "Class 2" certificates, which are valid for two years. You can still get as many as you want during validity of your id check (1 year).
You can't get cheaper than that (except for CaCert, but unfortunately CaCert is not recognized by the browsers by default).
I don't recall reading anything in the constitution that forbids "stringing up politicians" so isn't it then left up to the states?
Correct, but he posted his diatribe on the internet, which spans statelines, thus bringing the crime into the realm of "interstate commerce" (RTFA... they actually did mention interstate commerce!), and hence it becomes a case for the Feds.
Now, go, and hand in your tinfoil hat. Any self-respecting tinfoil hat wearer should know that thanks to the "Commerce Clause", there is nothing left up to the states.
As a seller on eBay I've been raped.
Why didn't you ask for cash when you "delivered the merchandise"... :-)
Death? On which planet is there a death penalty on refusing to do jury duty?
But then wouldn't it be more likely that he brought an infected mosquito somewhere in his baggage?
Exactly. It can happen with cockroaches, so why not with mosquitoes?
You forgot the whipped cream ;-)
... but how do you get any whipped cream, if it doesn't turn you on?
Luxembourg slowly started complying... by first publishing account details about French politicians! Always be careful what you ask for!
Hackers would still need to breach the security of the server where the plaintext passwords would be stored. It's not as if facebook gave shell accounts with which users could just peruse /etc/passwd...
So Foy gave the virus to his student and his wife? Huh?
First possible answer: why the homophobic "Huh?"
Second possible answer: Foy gave the virus to his wife who gave it to his student...
Does every disease work the same way with every bodily fluid?
No. Case in point, HIV: high virus content in blood and sperm, low content in spit. And spit actually kills it. That's why a blowjob is so much safer than other kinds of sex, even without a (weird tasting) rubber...
Apparently, you can even give a blowjob right after going to the dentist, without any risk to either of you (but it might not be very comfortable, obviously...)
To understand if there is even a problem you first need to check the key usage/EKUs of these certs to see in what context the certificates are allowed to be used.
Do browsers check these key usage/EKUs? If not, these certificates could still be used for nefarious purposes, even if such usage is against some paper document somewhere...
And if yes, I'd think EFF would have raised less of a fuss...
In order for 'mail' to work, somebody had to set up your DNS with a "search path" of "hq.internal.mydomain.com". Why can't whatever software is connecting to 'mail' also append the search path to the hostname used for checking the certificate?
PHP generates the public key, sends it with the javascript in the form, all the form data is encrypted by the browser itself before sending it to the host.
And how do you protect against a man-in-the-middle changing the public key while it is being sent from PHP to the browser? Or against same middleman just adding some more javascript to the page which copies the sensitive form fields into new fields which will be transmitted in the clear (like happened in Tunisia with facebook...)?
you crawl https on mail.nonlocalhost.com, and discover it claims to be domain "mail", and present a cert for domain "main".
That host doesn't listen on port 443 (https), and on port 993 (imaps), it uses a self-signed certificate for *.mail.dreamhost.com
Still very goofy, but not quite as bad as a certificate for mail signed by a "legitimate" CA.
A certification is a statement of opinion. (And furthermore, it is a statement by a complete stranger who has no relationship with you and owes you jack shit.)
The same can be said about passports and other government id papers. Does the border guard personally know the guy who issued you your passport? No? But yet he trusts it.
I don't understand why the likes of Firefox / OpenSSL / GnuPG and other vested interests in the open source movement aren't pushing for a free model for certification which cuts the CAs out of the loop, at least for some kinds of certs.
Indeed. Especially since there is a free CA around: CaCERT.
Yes, they failed an audit. But the only reason why they failed it was that they were doing it honestly. Many other CAs which are currently accepted in Firefox would fail the same kind of audit, but they are smart enough not to submit to one.
if you need to carry a (probably rather icky) towel around with you?
Well, when it gets that icky, just get a new towel...
A naturist company worth its salt should have plenty of fresh towels available.
You don't have to be worried about a naked man pulling a gun on you.
I know about a man who could pull this stunt. I won't post a link though, indeed whenever I post that link, I get modded down...