When it comes to cycling the gearing will be tuned to the particular rider. Watch a cycling competition and you will see riders travelling at the same speed with very different foot speed. This is particularly noticeable on the mountain stages, are you a low force high rpm rider or a high force low rpm rider.
Their choice of gear combination while riding does not mean they have different gears installed on their bikes, it just means they changed into a different gear while riding. I strongly suspect that the vast majority of pro riders are running with the same gear ranges (there aren't that many combos). That said, they could easily offer a variety of standard cassettes, or even mix-and-match gears to choose from... those things are very easy to change out. Offering standard sets would mean that all competitors would be using the same quality and weight of products, and they could still easily offer a range of options, especially in the major events.
The assertion (by BMG/RHM) is that Cox has not fulfilled the requirements for safe harbor, which include terminating the accounts of repeat offenders.
Alledged repeat offenders.
How many times a year do we read about big media companies using automated systems that fire off buttloads of false DMCA takedowns? BMG are not (and should never be) judge,jury and executioner.
FWIW, the previous story made it clear that Cox has called them out on exactly that grounds, as well as a bunch of other claims/country-claims. One of their main claims is that BMG had spammed them with way too many notices that had lacked proper evidence and such. Cox had notified BMG of that a bunch of times and tried to work with them, and they would not stop sending the automated and often unjustified notices, so Cox stopped listening to any of their reports.
IMO, that's the real story, and makes both sides make more sense. This has almost nothing to do with the end user. Neither Cox nor BMG want to take the time to do the proper paperwork and research to determine if these red flags are detecting actual cases of infringement. BMG is automatically spamming all possible claims; Cox is automatically sending them all to/dev/null; Neither of those are very helpful.
This will likely be settled out of court with some agreement that either BMG will do a little more work, or they'll pay Cox to do it, and then Cox will accept the vast majority of the claims. I'd almost be willing to wager money on that one, if I cared enough to follow this further.
I think this is a great point, and I think it's very easy to solve for competitions. Just issue everyone involved identical equipment. Depending on the sport, one could draw a line regarding various pieces of the equipment (ex. the shorts and jerseys used in soccer probably don't matter all that much; the ball is already shared, so that's already equalized; shoes... there are standards right now, but they don't issue standard equipment for each game). For curling and baseball, the brooms and bats should, IMO, just be issued per-event so everyone has the same pool of brooms/bats to choose from (if there is any difference at all in sizes... otherwise, just all identical models). For cycling, are we racing bikes, or people? This isn't a horse race. Just give everyone the same model bike, or at least have a small list of approved ones. They have put in many restrictions in this area already, but for how much money is involved in the big races, the race presenters should just buy and supply bikes for everyone - problem solved IMO.
... more expensive to install, but costs next to nothing to maintain.
Because Lithium Ion batters never wear out or need replaced? Where did all these come from? Oh yeah, they're used. FWIW, I don't think they're a bad idea, but I wouldn't use them as a one-or-the-other in place of a generator... at least not at this time.
The problem with what you're saying is that you're blaming the complexity/difficulty and saying it's not possible. That's just plain wrong. It's certainly possible. Is it feasible? Even if it was feasible, if they did it, would it be a good thing?
I suspect this is pretty much a bait and switch type of situation - lure people along thinking they'll have the entire android ecosystem available, and then just give up on that project as they slowly get the top NNN apps to move over to native apps. They don't want really want this to work, and there would be a lot of work in keeping it functional and secure and updated... it's just not worth it to them.
That does not mean that those other two people were assigned those SSN's. It just means that they (or someone posing as them) used that SSN in association with their names at some point for something that reached a credit reporting place. Within the SSA, I'm fairly certain it's a one-to-one lookup (lookup one SSN, you get one name back).
It does speak to the fact that using SSN for this purpose (credit checks and tracking) is pretty weak, though there isn't a whole lot of other options.
They may be asking for your number, but social security, will only say, if the number is in use. Any number will work. The number is not an identifier, except for claiming claiming benefits.
This is a bit misleading. What question are you asking and to whom? If you ask the SSNVS, it will verify the name and SSN match, so you can't just use any name with any SSN and have it pass that test.
You can buy cheap used Xbox 360 games on disc and play them on the Xbox One if they're on the "backwards compatibility list", but they won't play as-is from the disk. The disk is essentially used as DRM or identification that you have that game. The ported game is then downloaded and you can play it. I'm not sure if or how much content it may read from the disk itself.
After all, it's estimated that there are 40,000,000 dupes out there.
This is a misconstrued / misused statistic. The linked page at idanalytics.com says:
More than 20 million Americans have multiple Social Security numbers (SSNs) associated with their name in commercial records according to a new study announced today from ID Analytics, Inc., a leader in consumer risk management. The study also found that rather than serving as a unique identifier, more than 40 million SSNs are associated with multiple people.
[bolded by me] That is also poorly worded. What association are they referring to? I'm VERY confident they do NOT mean the official SSN database. FWIW, one can verify SSN's using the social security system's SSNVS (social security number verification service): https://www.socialsecurity.gov... I suspect they mean that SSN's that show up in external databases, such as employment records, fraud reports, credit checks and reports, etc (anything falling under what they called "commercial records", and what they base their bread and butter business on), and that those end up having multiple names associated with them - which makes sense. since there's probably a LARGE amount of typo's and purposefully incorrect information.
This is quite different than the subject of this article, where two women had the same SSN issued to them by the Social Security administration.
FWIW, if you're wondering if they're ever re-used, they have not been thus far (you take your number with you when you die, so to speak). There are currently about 319 million people in the united states. The SSN format has room for a maximum of 999 million numbers. There are a bunch of exceptions that won't be used: * 100 million of those are reserved for ITIN use (ITIN's start with "9"). * No number group will ever be issued all zeros (ie. 000-nn-nnnn, nnn-00-nnnn, and nnn-nn-0000 are all invalid), which rules out a bunch more. * Area number 666 has never been issued, and probably won't be (ie. 666-nn-nnnn), ruling out another million of them. * Numbers from 987-65-4320 to 987-65-4329 are reserved for advertising use. * Hilda Whitcher's SSN is now invalid (http://www.snopes.com/business/taxes/woolworth.asp)
To date, over 450 million SSNs have been issued, and the SSA notes that it does not reassign SSN's after the number holder's death (https://www.ssa.gov/history/hfaq.html). I don't know where the countdown clock is for running out, but we'll get there eventually (we're over half way there). That's going to make one hell of a y2k, unless they just start re-issuing from the death master file (yes, that's a thing).
- Gears of War 2 and 3 (almost certain candidates for an HD remaster at some point, I guess).
I'm not very familiar with the series, but had been looking at the available console bundles, and the gears of war bundle *appears* to include all of the 360 collection of gears of war: http://www.microsoftstore.com/...
Full game download of original Gears of War remastered in 1080p
Get the entire Xbox 360 Gears of War collection to play for free
They also have the ultimate edition on xbox one as a stand alone game. I don't know if it includes 2 and 3 though. Are these the same?
Then they are lying when they say "backward compatible". A port/recompile isn't the same thing.
You are correct. They have misappropriated the phrase, and others have defended it with the logic that normal users wouldn't understand what it is otherwise. I believe a more accurate term would be "porting", as in, the 360 games are being ported to the xbox one (possibly with the aid of a backward compatibility layer or API).
Who's going to make all the insider trading/leaks, illegal dumping and shredding of disliked health/safety reports? Not to mention...
A robo-ceo would be be ideal for all of these! insider trading/leaks = hack and data breaches illegal dumping and shredding of disliked reports = disk/storage failures
Didn't have the right backups in place? Oh, the CEOBOT cut that from the budget to maximize blah blah blah market speak. Can't blame him for a hardware failure.
"This is a politician telling hundreds of thousands of New Yorkers they are not allowed to play a game they love and share with friends, family, co-workers and players across the country."
... for money. All those hundreds of thousands of New Yorkers are still allowed to play these games with their friends, family, and co-workers, but not while money/gambling are involved.
I'm not saying I agree with banning gambling, or what level of regulation there must be (if any), but it's a stretch to frame it like that, as if Dad is playing against his wife and kids in a friendly game.
I'm also a bit surprised this is a "multibillion-dollar industry". Maybe "surprised" is the wrong word, but wow.
As I said above, "None of the factors are absolutely and unequivocally unique, unlike a username on a given system. You can not use a fingerprint as a username due to collisions." I hope you're just trolling:-/
As you said, "If systems required that all passwords be unique, there would be no need for a username".... then lots of people would end up quickly finding out other peoples full credentials (username+password, since you're saying there is no longer a need for a username), assuming you're allowing users to choose their own "password". The moment someone finds a password collision, they could just login with it.
In an ideal world, where you could have some mythical token that is globally unique to you and also impossible to counterfeit, you still need a username (or a system ID, or a login ID, or some unique identifier besides said token). You need it so you can perform one of the most fundamentally important roles of a password - being able to change it and have different passwords for different accounts, yet still retain your unique identification / customer record / whatever.
They may be like usernames, but usernames should be considered "something you are". Most people would argue that, like usernames, fingerprints shouldn't be considered as a auth factor (something you are), because of their inherent insecurity and availability.
Please, before someone argues that "something you are" could be twisted to include X, Y, or Z, that's not helpful. "Something you have" could be twisted to mean the knowledge of the password, but that's not what it means. The common three factors mean: 1. something you know. This is commonly your password. It's a secret. This should NOT be some fact about you - that's an entirely different topic (those "security" questions). 2. something you have. This means some physical thing that you can prove you have and is uniquely yours. This is commonly a RSA Secure ID, or a YubiKey, or FIDO U2F key, etc. 3. something you are. This is commonly some biometric value: finger print, palm print, iris scan, dna, voice ("Hi. My Name Is Werner Brandes. My Voice Is My Passport. Verify Me."), etc.
AFAIK, your username is not considered a factor. It is an identifier that keys into all those other things. None of the factors are absolutely and unequivocally unique, unlike a username on a given system. You can not use a fingerprint as a username due to collisions.
gt and -lt are fine, however -eq instead of = has caused me no small amount of grief. Powershell still uses = for variable assignment but doing a literal compare requires -eq and often times is not obvious that = is causing the problem where -eq is the required operator.
as does bash. and has done forever.
Eh, bash uses both "=" and "-eq" as comparison operators. The first is string based, the latter is numeric.
While I'm sure the following will incite some riots, I personally prefer Perl's handling in this case. For example:
if ($var = getval()) { # if the assignment resulting from getval() is true...
if ($var == getval()) { # numeric comparison of $var and the return of getval()...
if ($var eq getval()) { # string comparison of $var and return of getval()
The first form is, admittedly, and easy place for bugs to creep in, but I still like it, especially when combined with lexical declaration:
while (my $line = getline()) {
Why is this on Slashdot? In case someone have a better idea?
I think the TMTOWTDI -ness of this question is why it's on slashdot, and I enjoy that, even though I haven't seen anything I wasn't aware of yet. I also thought the compute sticks (or cheap knock-offs or chromecast-like devices) would be a very viable option - and I think they'd be better than a RPi for this use case (much easier to buy a bunch of them, and have any NOC monkey pop in a new one).
That said, there's so many ways to handle this, it's crazy. It's pretty impressive how many options there are. Just a handful: 1. purpose built devices, like for digital signage, the NVS, or barco stuff. IE: put a bunch of money into one or two boxes, and have it control them all. 2. handful of semi-powerful PC's with a bunch of video cards in them. Maybe drive 5 displays per each of 4 gpu's for 20 displays per box. IMO, this is the most risky, cause if something happens to that, you'll lose a bunch of displays all at once, and it's homebrew, so you won't have much support, and it's unlikely you'll be able to justify a hot spare that's fully loaded. 3. mini pc per every 2-4 displays. 4. mico pc per each display (RPi, compute stick, or similar). IMO, the worst side effect of this is that it will be difficult to turn several LCD's into one larger image and retain image integrity... that's one feature that all of the above could handle easily. On the other hand, this would be by far the easiest to manage and upkeep (even more-so if you network boot them all and use wifi for networking... once booted, they'll just by refreshing some webpage in most cases).
Personally, I'd go with either #3 or #4. I don't enjoy handing over loads of money for a large single use thing when COTS will do just fine and the extra cash can go back into the company/employees/etc.
So let's be reasonable. Encrypt when needed, and take reasonable precautions, but don't make yourself a target.
If you only encrypt** that which needs special precautions, then you're making it EXTREMELY easy to target the messages that are important. If you're going to encrypt, encrypt everything. This advice is also good for things like vpn use, proxy use, tor use, etc.
**... or do anything out of the ordinary, like deleting it, or moving it to a different folder, or only downloading those messages, etc.
None of your bullet points are a negative to S/MIME use. The only edge case one is that the NSA may hold all your email because it is encrypted, but: 1. Who cares? I mean, I do from an overall rights issue, and I think it's wrong, but they're not going to leak stuff to my employer or any other trivial things. 2. The more we make them store (ie. if everyone encrypts everything), the less useful and feasible their selective storage becomes. 3. If you're actually worried about that, then your advice to selectively encrypt only when needed is debunked even further.
Acting out of the ordinary can draw attention, as you noted. The answer is to make encryption on many levels the norm for all trivial stuff, from slashdot to txt's to calls to ordering pizza etc. Then, when you do need it for something, it'll look absolutely normal.
While I have not tried the following, I think it may be a pretty swell idea...
* Use S/MIME encryption for your encryption * Setup a filter (could use fetchmail+procmail, or your email client's native filter stuff, or an external process in python/perl/whatever) * On new mail receipt, get copy of email, encrypt the body via S/MIME ("openssl cms"; man cms; don't use the misleadingly named "openssl smime"), and save back to the server in a different folder. * On all your email clients, just check that new folder only.
There may be some fudging necessary either when encrypting or when reading the email, since the emails aren't from you, so the default client behavior of using the FROM address to determine the encryption key will not work. However, you could either alter the from to your own while filtering, and backup the real from to X-From:, and update your client to display the X-From instead of the From... or trick your client into treating the folder as a sent mail folder (sent encrypted emails get encrypted by your own cert and saved to your sent mail folder already... and reading those already works).
While it may take a little bit of a kludge to get it working, once it works, it'd just work. All your emails would be separately stored on whatever IMAP server you like. You'd be able to read them via any client with S/MIME support (assuming you have your private key with you). FYI, there are browser plugins that make S/MIME work with some webmail providers too.
All the other suggested solutions I've seen boil down to: * download to local computer * encrypt it somehow and make encrypted backups Those have many layers of things that are not easily accessible. I'd be more likely to go that route anyway (just fits the way I work already), but encrypting the messages within the IMAP server may be a nice solution for many other users.
Only 75TB? That seems like an awful lot for a home user. A stack of 75 1TB hard drives would be taller than you.
Unlike others, I'll assume you mean 3.5" drives with a 25.4mm height. 75 x 25.4 = 1905mm = 6'3", which is tall, but not taller than all by any means.
Regardless, even if someone used 4tb drives, or 2tb 2.5" drives, it's still an awful lot to manage for a home user, and it should also take into account extras for replacements as you will have failures, and extras for RAID redundancy, and drive cages and cooling and array controllers etc etc etc.
It's very likely the user is uploading full disk images, rather than a de-duplicated per-file backup solution, but that'd just be my guess.
My gaming PC is pretty nice, although it's time to upgrade the graphics card.... EVGA FTW Edition GTX 670 (the ftw editions are factory overclocked) I haven't had ANY issues with any games Yet, but I know that graphics card needs upgrading soon.
That card is (easily) in the top 27 (http://www.videocardbenchmark.net/high_end_gpus.html - the GTX 670, not overclocked, is #27). What would you even upgrade to? Above that, most of the prices are crazy high, though the GTX 970, at $315, may be worth considering, if you happen to get some games that it would help at all, and it's worth that much for a little bit better graphics on those select games. Just curious... why do you think it's time to upgrade?
Slashdot Mirror
When it comes to cycling the gearing will be tuned to the particular rider. Watch a cycling competition and you will see riders travelling at the same speed with very different foot speed. This is particularly noticeable on the mountain stages, are you a low force high rpm rider or a high force low rpm rider.
Their choice of gear combination while riding does not mean they have different gears installed on their bikes, it just means they changed into a different gear while riding. I strongly suspect that the vast majority of pro riders are running with the same gear ranges (there aren't that many combos).
That said, they could easily offer a variety of standard cassettes, or even mix-and-match gears to choose from... those things are very easy to change out. Offering standard sets would mean that all competitors would be using the same quality and weight of products, and they could still easily offer a range of options, especially in the major events.
The assertion (by BMG/RHM) is that Cox has not fulfilled the requirements for safe harbor, which include terminating the accounts of repeat offenders.
Alledged repeat offenders.
How many times a year do we read about big media companies using automated systems that fire off buttloads of false DMCA takedowns?
BMG are not (and should never be) judge,jury and executioner.
FWIW, the previous story made it clear that Cox has called them out on exactly that grounds, as well as a bunch of other claims/country-claims.
One of their main claims is that BMG had spammed them with way too many notices that had lacked proper evidence and such. Cox had notified BMG of that a bunch of times and tried to work with them, and they would not stop sending the automated and often unjustified notices, so Cox stopped listening to any of their reports.
IMO, that's the real story, and makes both sides make more sense. This has almost nothing to do with the end user. Neither Cox nor BMG want to take the time to do the proper paperwork and research to determine if these red flags are detecting actual cases of infringement. BMG is automatically spamming all possible claims; Cox is automatically sending them all to /dev/null; Neither of those are very helpful.
This will likely be settled out of court with some agreement that either BMG will do a little more work, or they'll pay Cox to do it, and then Cox will accept the vast majority of the claims. I'd almost be willing to wager money on that one, if I cared enough to follow this further.
Previous slashdot story: http://yro.slashdot.org/story/...
Cox's response: http://ia801407.us.archive.org...
Their response is actually kinda fun to read.
I think this is a great point, and I think it's very easy to solve for competitions. Just issue everyone involved identical equipment.
Depending on the sport, one could draw a line regarding various pieces of the equipment (ex. the shorts and jerseys used in soccer probably don't matter all that much; the ball is already shared, so that's already equalized; shoes... there are standards right now, but they don't issue standard equipment for each game).
For curling and baseball, the brooms and bats should, IMO, just be issued per-event so everyone has the same pool of brooms/bats to choose from (if there is any difference at all in sizes... otherwise, just all identical models).
For cycling, are we racing bikes, or people? This isn't a horse race. Just give everyone the same model bike, or at least have a small list of approved ones. They have put in many restrictions in this area already, but for how much money is involved in the big races, the race presenters should just buy and supply bikes for everyone - problem solved IMO.
... more expensive to install, but costs next to nothing to maintain.
Because Lithium Ion batters never wear out or need replaced? Where did all these come from? Oh yeah, they're used.
FWIW, I don't think they're a bad idea, but I wouldn't use them as a one-or-the-other in place of a generator... at least not at this time.
The problem with what you're saying is that you're blaming the complexity/difficulty and saying it's not possible. That's just plain wrong. It's certainly possible. Is it feasible? Even if it was feasible, if they did it, would it be a good thing?
I suspect this is pretty much a bait and switch type of situation - lure people along thinking they'll have the entire android ecosystem available, and then just give up on that project as they slowly get the top NNN apps to move over to native apps. They don't want really want this to work, and there would be a lot of work in keeping it functional and secure and updated... it's just not worth it to them.
That does not mean that those other two people were assigned those SSN's. It just means that they (or someone posing as them) used that SSN in association with their names at some point for something that reached a credit reporting place.
Within the SSA, I'm fairly certain it's a one-to-one lookup (lookup one SSN, you get one name back).
It does speak to the fact that using SSN for this purpose (credit checks and tracking) is pretty weak, though there isn't a whole lot of other options.
They may be asking for your number, but social security, will only say, if the number is in use. Any number will work. The number is not an identifier, except for claiming claiming benefits.
This is a bit misleading. What question are you asking and to whom? If you ask the SSNVS, it will verify the name and SSN match, so you can't just use any name with any SSN and have it pass that test.
You can buy cheap used Xbox 360 games on disc and play them on the Xbox One if they're on the "backwards compatibility list", but they won't play as-is from the disk. The disk is essentially used as DRM or identification that you have that game. The ported game is then downloaded and you can play it. I'm not sure if or how much content it may read from the disk itself.
After all, it's estimated that there are 40,000,000 dupes out there.
This is a misconstrued / misused statistic.
The linked page at idanalytics.com says:
More than 20 million Americans have multiple Social Security numbers (SSNs) associated with their name in commercial records according to a new study announced today from ID Analytics, Inc., a leader in consumer risk management. The study also found that rather than serving as a unique identifier, more than 40 million SSNs are associated with multiple people.
[bolded by me]
That is also poorly worded. What association are they referring to? I'm VERY confident they do NOT mean the official SSN database. FWIW, one can verify SSN's using the social security system's SSNVS (social security number verification service): https://www.socialsecurity.gov...
I suspect they mean that SSN's that show up in external databases, such as employment records, fraud reports, credit checks and reports, etc (anything falling under what they called "commercial records", and what they base their bread and butter business on), and that those end up having multiple names associated with them - which makes sense. since there's probably a LARGE amount of typo's and purposefully incorrect information.
This is quite different than the subject of this article, where two women had the same SSN issued to them by the Social Security administration.
FWIW, if you're wondering if they're ever re-used, they have not been thus far (you take your number with you when you die, so to speak). There are currently about 319 million people in the united states. The SSN format has room for a maximum of 999 million numbers. There are a bunch of exceptions that won't be used:
* 100 million of those are reserved for ITIN use (ITIN's start with "9").
* No number group will ever be issued all zeros (ie. 000-nn-nnnn, nnn-00-nnnn, and nnn-nn-0000 are all invalid), which rules out a bunch more.
* Area number 666 has never been issued, and probably won't be (ie. 666-nn-nnnn), ruling out another million of them.
* Numbers from 987-65-4320 to 987-65-4329 are reserved for advertising use.
* Hilda Whitcher's SSN is now invalid (http://www.snopes.com/business/taxes/woolworth.asp)
To date, over 450 million SSNs have been issued, and the SSA notes that it does not reassign SSN's after the number holder's death (https://www.ssa.gov/history/hfaq.html). I don't know where the countdown clock is for running out, but we'll get there eventually (we're over half way there). That's going to make one hell of a y2k, unless they just start re-issuing from the death master file (yes, that's a thing).
- Gears of War 2 and 3 (almost certain candidates for an HD remaster at some point, I guess).
I'm not very familiar with the series, but had been looking at the available console bundles, and the gears of war bundle *appears* to include all of the 360 collection of gears of war:
http://www.microsoftstore.com/...
They also have the ultimate edition on xbox one as a stand alone game. I don't know if it includes 2 and 3 though.
Are these the same?
Then they are lying when they say "backward compatible". A port/recompile isn't the same thing.
You are correct. They have misappropriated the phrase, and others have defended it with the logic that normal users wouldn't understand what it is otherwise. I believe a more accurate term would be "porting", as in, the 360 games are being ported to the xbox one (possibly with the aid of a backward compatibility layer or API).
Who's going to make all the insider trading/leaks, illegal dumping and shredding of disliked health/safety reports? Not to mention...
A robo-ceo would be be ideal for all of these!
insider trading/leaks = hack and data breaches
illegal dumping and shredding of disliked reports = disk/storage failures
Didn't have the right backups in place? Oh, the CEOBOT cut that from the budget to maximize blah blah blah market speak. Can't blame him for a hardware failure.
From the summary:
"This is a politician telling hundreds of thousands of New Yorkers they are not allowed to play a game they love and share with friends, family, co-workers and players across the country."
All those hundreds of thousands of New Yorkers are still allowed to play these games with their friends, family, and co-workers, but not while money/gambling are involved.
I'm not saying I agree with banning gambling, or what level of regulation there must be (if any), but it's a stretch to frame it like that, as if Dad is playing against his wife and kids in a friendly game.
I'm also a bit surprised this is a "multibillion-dollar industry". Maybe "surprised" is the wrong word, but wow.
They're all usernames.
Wrong.
A username is a way to uniquely identify you. ...
As I said above, "None of the factors are absolutely and unequivocally unique, unlike a username on a given system. You can not use a fingerprint as a username due to collisions." :-/
I hope you're just trolling
As you said, "If systems required that all passwords be unique, there would be no need for a username".... then lots of people would end up quickly finding out other peoples full credentials (username+password, since you're saying there is no longer a need for a username), assuming you're allowing users to choose their own "password". The moment someone finds a password collision, they could just login with it.
In an ideal world, where you could have some mythical token that is globally unique to you and also impossible to counterfeit, you still need a username (or a system ID, or a login ID, or some unique identifier besides said token). You need it so you can perform one of the most fundamentally important roles of a password - being able to change it and have different passwords for different accounts, yet still retain your unique identification / customer record / whatever.
Ugh... where's the "edit" button for my "clicked past the preview too quickly" nature?
I meant to start that with:
They may be like usernames, but usernames should NOT be considered "something you are".
They may be like usernames, but usernames should be considered "something you are".
Most people would argue that, like usernames, fingerprints shouldn't be considered as a auth factor (something you are), because of their inherent insecurity and availability.
Please, before someone argues that "something you are" could be twisted to include X, Y, or Z, that's not helpful. "Something you have" could be twisted to mean the knowledge of the password, but that's not what it means. The common three factors mean:
1. something you know. This is commonly your password. It's a secret. This should NOT be some fact about you - that's an entirely different topic (those "security" questions).
2. something you have. This means some physical thing that you can prove you have and is uniquely yours. This is commonly a RSA Secure ID, or a YubiKey, or FIDO U2F key, etc.
3. something you are. This is commonly some biometric value: finger print, palm print, iris scan, dna, voice ("Hi. My Name Is Werner Brandes. My Voice Is My Passport. Verify Me."), etc.
AFAIK, your username is not considered a factor. It is an identifier that keys into all those other things. None of the factors are absolutely and unequivocally unique, unlike a username on a given system. You can not use a fingerprint as a username due to collisions.
gt and -lt are fine, however -eq instead of = has caused me no small amount of grief. Powershell still uses = for variable assignment but doing a literal compare requires -eq and often times is not obvious that = is causing the problem where -eq is the required operator.
as does bash. and has done forever.
Eh, bash uses both "=" and "-eq" as comparison operators. The first is string based, the latter is numeric.
While I'm sure the following will incite some riots, I personally prefer Perl's handling in this case. For example: ... ...
if ($var = getval()) { # if the assignment resulting from getval() is true
if ($var == getval()) { # numeric comparison of $var and the return of getval()
if ($var eq getval()) { # string comparison of $var and return of getval()
The first form is, admittedly, and easy place for bugs to creep in, but I still like it, especially when combined with lexical declaration:
while (my $line = getline()) {
Why is this on Slashdot? In case someone have a better idea?
I think the TMTOWTDI -ness of this question is why it's on slashdot, and I enjoy that, even though I haven't seen anything I wasn't aware of yet.
I also thought the compute sticks (or cheap knock-offs or chromecast-like devices) would be a very viable option - and I think they'd be better than a RPi for this use case (much easier to buy a bunch of them, and have any NOC monkey pop in a new one).
That said, there's so many ways to handle this, it's crazy. It's pretty impressive how many options there are. Just a handful:
1. purpose built devices, like for digital signage, the NVS, or barco stuff. IE: put a bunch of money into one or two boxes, and have it control them all.
2. handful of semi-powerful PC's with a bunch of video cards in them. Maybe drive 5 displays per each of 4 gpu's for 20 displays per box. IMO, this is the most risky, cause if something happens to that, you'll lose a bunch of displays all at once, and it's homebrew, so you won't have much support, and it's unlikely you'll be able to justify a hot spare that's fully loaded.
3. mini pc per every 2-4 displays.
4. mico pc per each display (RPi, compute stick, or similar). IMO, the worst side effect of this is that it will be difficult to turn several LCD's into one larger image and retain image integrity... that's one feature that all of the above could handle easily. On the other hand, this would be by far the easiest to manage and upkeep (even more-so if you network boot them all and use wifi for networking... once booted, they'll just by refreshing some webpage in most cases).
Personally, I'd go with either #3 or #4. I don't enjoy handing over loads of money for a large single use thing when COTS will do just fine and the extra cash can go back into the company/employees/etc.
So let's be reasonable. Encrypt when needed, and take reasonable precautions, but don't make yourself a target.
If you only encrypt** that which needs special precautions, then you're making it EXTREMELY easy to target the messages that are important.
If you're going to encrypt, encrypt everything. This advice is also good for things like vpn use, proxy use, tor use, etc.
** ... or do anything out of the ordinary, like deleting it, or moving it to a different folder, or only downloading those messages, etc.
None of your bullet points are a negative to S/MIME use. The only edge case one is that the NSA may hold all your email because it is encrypted, but:
1. Who cares? I mean, I do from an overall rights issue, and I think it's wrong, but they're not going to leak stuff to my employer or any other trivial things.
2. The more we make them store (ie. if everyone encrypts everything), the less useful and feasible their selective storage becomes.
3. If you're actually worried about that, then your advice to selectively encrypt only when needed is debunked even further.
Acting out of the ordinary can draw attention, as you noted. The answer is to make encryption on many levels the norm for all trivial stuff, from slashdot to txt's to calls to ordering pizza etc. Then, when you do need it for something, it'll look absolutely normal.
While I have not tried the following, I think it may be a pretty swell idea...
* Use S/MIME encryption for your encryption
* Setup a filter (could use fetchmail+procmail, or your email client's native filter stuff, or an external process in python/perl/whatever)
* On new mail receipt, get copy of email, encrypt the body via S/MIME ("openssl cms"; man cms; don't use the misleadingly named "openssl smime"), and save back to the server in a different folder.
* On all your email clients, just check that new folder only.
There may be some fudging necessary either when encrypting or when reading the email, since the emails aren't from you, so the default client behavior of using the FROM address to determine the encryption key will not work. However, you could either alter the from to your own while filtering, and backup the real from to X-From:, and update your client to display the X-From instead of the From... or trick your client into treating the folder as a sent mail folder (sent encrypted emails get encrypted by your own cert and saved to your sent mail folder already... and reading those already works).
While it may take a little bit of a kludge to get it working, once it works, it'd just work. All your emails would be separately stored on whatever IMAP server you like. You'd be able to read them via any client with S/MIME support (assuming you have your private key with you). FYI, there are browser plugins that make S/MIME work with some webmail providers too.
All the other suggested solutions I've seen boil down to:
* download to local computer
* encrypt it somehow and make encrypted backups
Those have many layers of things that are not easily accessible. I'd be more likely to go that route anyway (just fits the way I work already), but encrypting the messages within the IMAP server may be a nice solution for many other users.
Did anyone RTFA (or watch the clip showing the "desk/chair" in it)?
Did they just glue the mouse down? How's it attached?
Only 75TB? That seems like an awful lot for a home user. A stack of 75 1TB hard drives would be taller than you.
Unlike others, I'll assume you mean 3.5" drives with a 25.4mm height.
75 x 25.4 = 1905mm = 6'3", which is tall, but not taller than all by any means.
Regardless, even if someone used 4tb drives, or 2tb 2.5" drives, it's still an awful lot to manage for a home user, and it should also take into account extras for replacements as you will have failures, and extras for RAID redundancy, and drive cages and cooling and array controllers etc etc etc.
It's very likely the user is uploading full disk images, rather than a de-duplicated per-file backup solution, but that'd just be my guess.
If sudo is set up, you can still use sudo even as root. No issues, no errors.
This is only true if sudo is configured to allow that. None of my servers allow that.
All key exchange algorithms are vulnerable.
And all absolutes are false.
My gaming PC is pretty nice, although it's time to upgrade the graphics card. ...
EVGA FTW Edition GTX 670 (the ftw editions are factory overclocked)
I haven't had ANY issues with any games Yet, but I know that graphics card needs upgrading soon.
That card is (easily) in the top 27 (http://www.videocardbenchmark.net/high_end_gpus.html - the GTX 670, not overclocked, is #27).
What would you even upgrade to? Above that, most of the prices are crazy high, though the GTX 970, at $315, may be worth considering, if you happen to get some games that it would help at all, and it's worth that much for a little bit better graphics on those select games. Just curious... why do you think it's time to upgrade?