As far as Portuguese goes, if you can learn to speak one Romance language badly, you can learn to speak them all badly:-) On the other hand, one friend of mine who's travelled to Brazil says it's a really really bad place to go if you're gay.
Friends of mine moved to Argentina a couple of years ago, and have really been liking it. It's much more European than most of Latin America, and while there is still some leftover craziness (some of the military-government years were really vile), and the economy's weird, they like the people and the culture in general.
Haven't got my first one of them yet, but the news reports have been saying that Twitter, Youtube, and ITunes have been getting swamped with Jacko traffic, and spammers have already started firing out scams, probably "Click here to install the video player so you can see Michael Jackson video" etc.
California was going solidly for Obama anyway, so I didn't need to consider voting for him to stop McSame. So I was free to vote third-party; too bad the Libertarians have been taken over by quasi-Republicans, and their allegedly-Libertarian candidate doesn't really even believe in drug legalization (though at least he's strongly gung-ho about privacy and getting government out of non-gay-marriage-related parts of people's lives.) I was tempted to vote for Nader just as a complaint against Barr, but I held my nose and voted for what's left of my party.
Now, if the elections had been between Cheney and Cthulhu, voting for the lesser evil would have been fun!
The whole business that Clear is in is basically extorting bribes from travelers. They're not providing any actual added security by collecting the information, but the TSA folks let them wait in shorter lines and treat them more politely while still randomly searching baggage. The TSA's not even extorting the bribes directly - they're making a wholesale sweetheart deal with a political supporter who gets to extort the bribes retail. Brill, by the way, is one of the founders of CourtTV (aka lots of cop shows.)
Nothing's perfect, but the DNSSEC signature process is mostly out in the open - you can see the public keys for the name servers, and you can check the signatures on the keys for yourself, and you can also get yourself domain names almost anywhere in the world if you don't like a given registrar/registry. So while a government _could_ probably bully a registry into signing a forged certificate for your domain name, it would at least be publicly visible that "your" key had changed.
Also, the government foot-dragging that's delayed DNSSEC deployment and root/com signing for so many years has led to the development of "Trust Anchors", which are a mechanism for getting DNSSEC keys and validation independent of the upper DNS hierarchy, and they provide an extra mechanism for verifying keys.
Some parts of the DNSSEC process invite clean UI connections - setting the keys, running human-oriented query tool, etc. It's far easier if you include registering the key as part of the process of registering the name, of course. But that's not how most people use DNS.
So you type a URL into your browser, and the browser hands it to a a resolver client, and the resolver client does a query. With Vanilla DNS, if the query fails, the client tells the browser it fails, and the browser either gives you some "can't find bad.example.com" message, or all too commonly hands your query off to a search engine which gives you a page of "Bad Examples For Sale!!" With DNSSEC, there's another possibility which your browser designer had not considered, and which your DNS client may or may not have considered, which is that it gets a DNS response back, but the response's signature is bad, or the response doesn't have a signature even though it should. What does the client tell the browser, and what does the browser tell the user? And does the user have a bloody clue what to do about it?
Another popular misbehaviour today is that the DNS server your resolver client talked to couldn't find the domain, so _it_ gave you the IP address of an HTTP server that responds to URL requests with queries for Bad Examples. This is an annoying behaviour if you're using a browser, but it's much more annoying if you weren't doing HTTP at all - you were trying to send email or telnet/ssh or connect to an IRC server or doing HTTPS on Port 443 or doing HTTP but on Port 8080, etc., and in most of those cases the DNS service's http server doesn't have those other services. Also, you might have been checking the IP address because you got mail from random-junk-dadfsadfdsaf.com, and your mail handler is trying to find out whether it exists (if not, it's guaranteed to be spam.) Will DNSSEC force ISPs to stop using that kind of DNS service/server? Or will you get even more incomprehensible responses, like a bad DNSSEC signature on the original query getting replaced by a valid signature on a DNS response from misbehaving-DNS-service.com's http server?
DNS doesn't take up a lot of network bits - at the beginning of a data flow, you typically look up a DNS name to find the IP address, then start doing things, and even if all you're doing is a small text email or fetching a small text html page, the protocol headers alone are a lot bigger than the DNS query, and usually the data's a lot bigger. Changing to DNSSEC adds a few hundred bytes to that query, but it's almost always a drop in the bucket.
Of course, if you're a big name server, like one of the root or.com authoritative servers, or a big ISP's caching name server, that's different, since almost all your traffic is DNS. But that's not a lot of servers, though the overall load on them will obviously increase for a variety of reasons. On the other hand, if they get rid of DNS name kiting, a lot of the junk traffic will go down.
The flaw is really in DNS - the only authentication field in a DNS request is a 16-bit query id, plus the implicit authentication of a 16-bit port number, and IIRC correctly you could also birthday-attack the query-id. Kaminsky's changes to DNS implementations such as BIND (which was build into djbdns etc. since the beginning) get you a few more bits of protection against an attack, but that just means that DNS is "still pretty weak" as opposed to "really really weak".
And unfortunately, IPv6 DNS is no better - it keeps the same basic header for compatibility, adds some new longer record types, and adds some 128-bit addressing, but the QueryID's still the same old 16 bits.
DNSSEC gets to the root of the problem, with cryptographic signatures on the data. It may be overkill compared to just putting in a 128-bit or 256-bit Query-ID field, but basically it's something that's possible actually get deployed, because it's a set of additional data transported in DNS, not a replacement for DNS's transport protocols. The reasons it wasn't done years ago have a lot to do with the NSA/FBI anti-crypto policies of the 90s, and Verisign's reluctance to do a huge amount of work nobody cares about to protect.com, but we're finally getting the root signed.
That kind of theft couldn't have happened back when I was a student at Cornell, in the mid-late 70s. First of all, there was only one computer used for most campus activities, a mainframe that lived in a data center out by the airport, so nobody could have stolen it:-) (There were some PDP-11s and such in a few engineering departments (though not CS - it was mostly the physics people and maybe a random department in the business or ag school), and the card readers that we used to talk to the mainframe really were DG Novas with 4KB of memory. But none of them would have had payroll or anything like that - that lived on the mainframe.)
But more importantly, we didn't use Social Security Numbers, except for payroll processing for employees. We used Student ID Numbers, which were a 6-digit number that wasn't particularly linked to anything. I don't remember if I had to give my SSN when applying, but probably not.
Don't know if it covers the type you've got or not, or if it's something that you can take when you're already sick, but it's a really good idea as a preventative.
Most of the B vitamins, E, folates, etc. are additives in the bread anyway - you can get them just as easily by taking vitamin pills, and unless the UK interferes with that industry much more than the US does, it'll only cost you a few pence a day for a reasonable-quality generic multivitamin pill. (At least, if you're not allergic to yeasts, which tend to be an ingredient of most of them.) It's not a substitute for a balanced diet, of course, but it'll cover you for a range of nutrients.
On the other hand, just because we use lots of corn in the US doesn't mean we're not also using wheat - a lot of it goes to high-fructose corn syrup as a competitively-subsidized sugar alternative, and corn oils and corn starches are pretty common (I've got friends with corn allergies who are always hassled by these), and most corn-based breads are still half wheat because the texture's more controllable with some gluten in it.
Scene: Group of us sitting around the lab. Mike and I were 30-somethings, Brenda and Padmini were 20-somethings.
Usenet article appears:
Bullwinkle: Hey, Rocky, watch me pull a computer program out of my hat!
emerging-from-hat: 100 PROCEDURE DIVISION...
Bullwinkle: Arrgh!
Rocky: Guess you gotta get a new hat!
Mike and I: [laughter]
Brenda and Padmini:[blank stares]
The scary part wasn't that our younger coworkers didn't recognize C0B0L - they did. They didn't know who Rocky and Bullwinkle were! Arrgh!
(Brenda had grown up American; Padmini at least had _some_ excuse, though she'd been over here since high school...)
The question isn't just whether being attached to this sort of material object is the kind of value a Buddhist would have, but also What Would Odin Do with this kind of phone? Is it a replacement for the ravens Huginn and Muninn ? Can you use the phone with only one eye?
There was somebody who got busted because they thought his homemade chocolate was hashish. I read it on the internet somewhere a year or two ago, so I don't remember if it was an airport or somewhere else, but they arrested the guy and harassed him for a while before finally deciding it was actually chocolate.
I haven't had any problem doing that in a while, though maybe that's because empty bottles aren't very visible on xrays. It's of course guaranteed that if the TSA thugs want to confiscate it, they'll claim that it's *always* been the rule, everywhere in the country, but usually you can bring them.
I don't remember having any trouble finding bathrooms at CdG - and since I do remember finding the pub there, and having several hours of waiting on some trips, I probably did need to find one. Was the problem on the international side of the customs inspectors?
On the average, I'm not flying with a new laptop, and unless I'm on a short-haul flight like San Jose - LA, I'm likely to need to plug in my computer while I'm waiting at the airport. I can bring many hours worth of data with me, but only an hour or two of electricity, and while it's sometimes convenient to use Google Maps at the airport instead of before leaving, I'd much rather have an airport that had decent electric sockets instead of being one of the couple of people sitting on the floor near the vacuum cleaner socket. San Jose finally installed lots of power strips near most of the seating - yay!
Of course, bathrooms and coffee are usually the higher priorities.
Back in the mid-90s, when the web server business hadn't quite been invented, and PCs were still about 4U size but not rack mounted, I did a consulting gig out at Novell, whose primary business in those days was Netware networking. Their test lab was maybe half a Walmart large, with Metro shelves with PCs on them, including keyboards and monitors. There were about 500 PCs, and the network was probably running on Thinwire, but might have been upgraded to 10baseT by then? They were able to segment off groups of 10-100 servers for smaller tests if they needed to, or patch the whole room together.
Where do you draw the line? Neanderthals were pretty close to modern humans, and as far as we can tell, they were mostly "other tribes we're competing/fighting with", which were the typical target of cannibalism in most human societies that practiced it regularly (as opposed to starvation situations like the Donner Party or that airplane crash.) They may look a little funny, but they're basically the neighbors, not just wildlife.
There are other reasons for it - some of the South Pacific islanders in Vanuatu have explained their motivation for cannibalism as "people are tasty", and that's pretty much why some Africans eat our near cousins like chimps and bonobos, which are about 98% like us. And there are occasional societies that practice it for magical reasons (it's currently a bad time to be albino in some parts of Africa, although the practitioners-of-traditional-medicine don't tend to actually eat the victims.) And we're certainly close enough cousins that eating undercooked apes and even monkeys is a really bad idea - seems to be where AIDS and a few other diseases have gotten to human populations from.
That's not to say that chimps are peace-loving hippies themselves - one of the more vicious things I've seen on TV nature channels was a gang of half a dozen chimps hunting and killing a monkey.
If you look at the CDC Research, the major cause of death wasn't actually cytokine storms, but secondary bacterial infections, such as pneumonia, which could be extra-fatal because the immune system was busy dealing with the flu. These days, we have antibiotics which can actually treat those bacterial infections, and there are also vaccines for pneumonia which may be helpful.
Also, another major reason that so many young healthy people died was because the propagation vector was US soldiers returning from World War I, crammed together in crowded barracks and getting shipped around the world and around the US, so they were the major people significantly exposed (along with people who interacted with them.) The current epidemic has different social patterns - travel is much more broadly available than it was then, though the specific crowding and degree of exposure is probably less.
Sure, it's not what I'd drink here in San Francisco weather, but Budweiser comes from St. Louis Missouri (though it's also bottled other places, like next to Newark NJ airport.) If you've ever been through a midwestern summer, and you've been out mowing your lawn in 100-degree weather with 99% humidity, a cold Budweiser is *exactly* the right thing to drink, and even an oilcan of Foster's works ok. Save the Guinness for more civilized conditions....
Slashdot Mirror
As far as Portuguese goes, if you can learn to speak one Romance language badly, you can learn to speak them all badly :-) On the other hand, one friend of mine who's travelled to Brazil says it's a really really bad place to go if you're gay.
Friends of mine moved to Argentina a couple of years ago, and have really been liking it. It's much more European than most of Latin America, and while there is still some leftover craziness (some of the military-government years were really vile), and the economy's weird, they like the people and the culture in general.
Hey, almost any car GPS is going to be plugged in; I assume that if the Freerunner is an open phone, it probably uses some fairly standard power plug.
Of course, if you meant that the battery life using a car battery is about 1 hour, that's a more serious problem... :-)
Haven't got my first one of them yet, but the news reports have been saying that Twitter, Youtube, and ITunes have been getting swamped with Jacko traffic, and spammers have already started firing out scams, probably "Click here to install the video player so you can see Michael Jackson video" etc.
California was going solidly for Obama anyway, so I didn't need to consider voting for him to stop McSame. So I was free to vote third-party; too bad the Libertarians have been taken over by quasi-Republicans, and their allegedly-Libertarian candidate doesn't really even believe in drug legalization (though at least he's strongly gung-ho about privacy and getting government out of non-gay-marriage-related parts of people's lives.) I was tempted to vote for Nader just as a complaint against Barr, but I held my nose and voted for what's left of my party.
Now, if the elections had been between Cheney and Cthulhu, voting for the lesser evil would have been fun!
The whole business that Clear is in is basically extorting bribes from travelers. They're not providing any actual added security by collecting the information, but the TSA folks let them wait in shorter lines and treat them more politely while still randomly searching baggage. The TSA's not even extorting the bribes directly - they're making a wholesale sweetheart deal with a political supporter who gets to extort the bribes retail. Brill, by the way, is one of the founders of CourtTV (aka lots of cop shows.)
It's informative and on-topic.
Nothing's perfect, but the DNSSEC signature process is mostly out in the open - you can see the public keys for the name servers, and you can check the signatures on the keys for yourself, and you can also get yourself domain names almost anywhere in the world if you don't like a given registrar/registry. So while a government _could_ probably bully a registry into signing a forged certificate for your domain name, it would at least be publicly visible that "your" key had changed.
Also, the government foot-dragging that's delayed DNSSEC deployment and root/com signing for so many years has led to the development of "Trust Anchors", which are a mechanism for getting DNSSEC keys and validation independent of the upper DNS hierarchy, and they provide an extra mechanism for verifying keys.
Some parts of the DNSSEC process invite clean UI connections - setting the keys, running human-oriented query tool, etc. It's far easier if you include registering the key as part of the process of registering the name, of course. But that's not how most people use DNS.
So you type a URL into your browser, and the browser hands it to a a resolver client, and the resolver client does a query. With Vanilla DNS, if the query fails, the client tells the browser it fails, and the browser either gives you some "can't find bad.example.com" message, or all too commonly hands your query off to a search engine which gives you a page of "Bad Examples For Sale!!" With DNSSEC, there's another possibility which your browser designer had not considered, and which your DNS client may or may not have considered, which is that it gets a DNS response back, but the response's signature is bad, or the response doesn't have a signature even though it should. What does the client tell the browser, and what does the browser tell the user? And does the user have a bloody clue what to do about it?
Another popular misbehaviour today is that the DNS server your resolver client talked to couldn't find the domain, so _it_ gave you the IP address of an HTTP server that responds to URL requests with queries for Bad Examples. This is an annoying behaviour if you're using a browser, but it's much more annoying if you weren't doing HTTP at all - you were trying to send email or telnet/ssh or connect to an IRC server or doing HTTPS on Port 443 or doing HTTP but on Port 8080, etc., and in most of those cases the DNS service's http server doesn't have those other services. Also, you might have been checking the IP address because you got mail from random-junk-dadfsadfdsaf.com, and your mail handler is trying to find out whether it exists (if not, it's guaranteed to be spam.) Will DNSSEC force ISPs to stop using that kind of DNS service/server? Or will you get even more incomprehensible responses, like a bad DNSSEC signature on the original query getting replaced by a valid signature on a DNS response from misbehaving-DNS-service.com's http server?
DNS doesn't take up a lot of network bits - at the beginning of a data flow, you typically look up a DNS name to find the IP address, then start doing things, and even if all you're doing is a small text email or fetching a small text html page, the protocol headers alone are a lot bigger than the DNS query, and usually the data's a lot bigger. Changing to DNSSEC adds a few hundred bytes to that query, but it's almost always a drop in the bucket.
Of course, if you're a big name server, like one of the root or .com authoritative servers, or a big ISP's caching name server, that's different, since almost all your traffic is DNS. But that's not a lot of servers, though the overall load on them will obviously increase for a variety of reasons. On the other hand, if they get rid of DNS name kiting, a lot of the junk traffic will go down.
The flaw is really in DNS - the only authentication field in a DNS request is a 16-bit query id, plus the implicit authentication of a 16-bit port number, and IIRC correctly you could also birthday-attack the query-id. Kaminsky's changes to DNS implementations such as BIND (which was build into djbdns etc. since the beginning) get you a few more bits of protection against an attack, but that just means that DNS is "still pretty weak" as opposed to "really really weak".
And unfortunately, IPv6 DNS is no better - it keeps the same basic header for compatibility, adds some new longer record types, and adds some 128-bit addressing, but the QueryID's still the same old 16 bits.
DNSSEC gets to the root of the problem, with cryptographic signatures on the data. It may be overkill compared to just putting in a 128-bit or 256-bit Query-ID field, but basically it's something that's possible actually get deployed, because it's a set of additional data transported in DNS, not a replacement for DNS's transport protocols. The reasons it wasn't done years ago have a lot to do with the NSA/FBI anti-crypto policies of the 90s, and Verisign's reluctance to do a huge amount of work nobody cares about to protect .com, but we're finally getting the root signed.
That kind of theft couldn't have happened back when I was a student at Cornell, in the mid-late 70s. First of all, there was only one computer used for most campus activities, a mainframe that lived in a data center out by the airport, so nobody could have stolen it :-) (There were some PDP-11s and such in a few engineering departments (though not CS - it was mostly the physics people and maybe a random department in the business or ag school), and the card readers that we used to talk to the mainframe really were DG Novas with 4KB of memory. But none of them would have had payroll or anything like that - that lived on the mainframe.)
But more importantly, we didn't use Social Security Numbers, except for payroll processing for employees. We used Student ID Numbers, which were a 6-digit number that wasn't particularly linked to anything. I don't remember if I had to give my SSN when applying, but probably not.
Don't know if it covers the type you've got or not, or if it's something that you can take when you're already sick, but it's a really good idea as a preventative.
Most of the B vitamins, E, folates, etc. are additives in the bread anyway - you can get them just as easily by taking vitamin pills, and unless the UK interferes with that industry much more than the US does, it'll only cost you a few pence a day for a reasonable-quality generic multivitamin pill. (At least, if you're not allergic to yeasts, which tend to be an ingredient of most of them.) It's not a substitute for a balanced diet, of course, but it'll cover you for a range of nutrients.
On the other hand, just because we use lots of corn in the US doesn't mean we're not also using wheat - a lot of it goes to high-fructose corn syrup as a competitively-subsidized sugar alternative, and corn oils and corn starches are pretty common (I've got friends with corn allergies who are always hassled by these), and most corn-based breads are still half wheat because the texture's more controllable with some gluten in it.
Scene: Group of us sitting around the lab. Mike and I were 30-somethings, Brenda and Padmini were 20-somethings.
Usenet article appears:
Bullwinkle: Hey, Rocky, watch me pull a computer program out of my hat!
emerging-from-hat: 100 PROCEDURE DIVISION...
Bullwinkle: Arrgh!
Rocky: Guess you gotta get a new hat!
Mike and I: [laughter]
Brenda and Padmini: [blank stares]
The scary part wasn't that our younger coworkers didn't recognize C0B0L - they did.
They didn't know who Rocky and Bullwinkle were! Arrgh!
(Brenda had grown up American; Padmini at least had _some_ excuse, though she'd been over here since high school...)
The question isn't just whether being attached to this sort of material object is the kind of value a Buddhist would have, but also What Would Odin Do with this kind of phone? Is it a replacement for the ravens Huginn and Muninn ? Can you use the phone with only one eye?
There was somebody who got busted because they thought his homemade chocolate was hashish. I read it on the internet somewhere a year or two ago, so I don't remember if it was an airport or somewhere else, but they arrested the guy and harassed him for a while before finally deciding it was actually chocolate.
I haven't had any problem doing that in a while, though maybe that's because empty bottles aren't very visible on xrays. It's of course guaranteed that if the TSA thugs want to confiscate it, they'll claim that it's *always* been the rule, everywhere in the country, but usually you can bring them.
I don't remember having any trouble finding bathrooms at CdG - and since I do remember finding the pub there, and having several hours of waiting on some trips, I probably did need to find one. Was the problem on the international side of the customs inspectors?
On the average, I'm not flying with a new laptop, and unless I'm on a short-haul flight like San Jose - LA, I'm likely to need to plug in my computer while I'm waiting at the airport. I can bring many hours worth of data with me, but only an hour or two of electricity, and while it's sometimes convenient to use Google Maps at the airport instead of before leaving, I'd much rather have an airport that had decent electric sockets instead of being one of the couple of people sitting on the floor near the vacuum cleaner socket. San Jose finally installed lots of power strips near most of the seating - yay!
Of course, bathrooms and coffee are usually the higher priorities.
Back in the mid-90s, when the web server business hadn't quite been invented, and PCs were still about 4U size but not rack mounted, I did a consulting gig out at Novell, whose primary business in those days was Netware networking. Their test lab was maybe half a Walmart large, with Metro shelves with PCs on them, including keyboards and monitors. There were about 500 PCs, and the network was probably running on Thinwire, but might have been upgraded to 10baseT by then? They were able to segment off groups of 10-100 servers for smaller tests if they needed to, or patch the whole room together.
Somebody had to say it, and I'd already contributed one actually constructive post to the parent thread, so might as well...
wrote about doing that in a href="http://www.wired.com/gadgets/mods/news/2006/06/71087">a 2006 Wired article. She talked about some of the previous researchers' work (who have written up stuff in bmezine), and had them implant magnets in her fingers as well.
Where do you draw the line? Neanderthals were pretty close to modern humans, and as far as we can tell, they were mostly "other tribes we're competing/fighting with", which were the typical target of cannibalism in most human societies that practiced it regularly (as opposed to starvation situations like the Donner Party or that airplane crash.) They may look a little funny, but they're basically the neighbors, not just wildlife.
There are other reasons for it - some of the South Pacific islanders in Vanuatu have explained their motivation for cannibalism as "people are tasty", and that's pretty much why some Africans eat our near cousins like chimps and bonobos, which are about 98% like us. And there are occasional societies that practice it for magical reasons (it's currently a bad time to be albino in some parts of Africa, although the practitioners-of-traditional-medicine don't tend to actually eat the victims.) And we're certainly close enough cousins that eating undercooked apes and even monkeys is a really bad idea - seems to be where AIDS and a few other diseases have gotten to human populations from.
That's not to say that chimps are peace-loving hippies themselves - one of the more vicious things I've seen on TV nature channels was a gang of half a dozen chimps hunting and killing a monkey.
If you look at the CDC Research, the major cause of death wasn't actually cytokine storms, but secondary bacterial infections, such as pneumonia, which could be extra-fatal because the immune system was busy dealing with the flu. These days, we have antibiotics which can actually treat those bacterial infections, and there are also vaccines for pneumonia which may be helpful.
Also, another major reason that so many young healthy people died was because the propagation vector was US soldiers returning from World War I, crammed together in crowded barracks and getting shipped around the world and around the US, so they were the major people significantly exposed (along with people who interacted with them.) The current epidemic has different social patterns - travel is much more broadly available than it was then, though the specific crowding and degree of exposure is probably less.
Sure, it's not what I'd drink here in San Francisco weather, but Budweiser comes from St. Louis Missouri (though it's also bottled other places, like next to Newark NJ airport.) If you've ever been through a midwestern summer, and you've been out mowing your lawn in 100-degree weather with 99% humidity, a cold Budweiser is *exactly* the right thing to drink, and even an oilcan of Foster's works ok. Save the Guinness for more civilized conditions....