Obviously you don't want to swap onto Flash, if your machine can hold enough RAM for your application (and if it can't, you still want to store things in sequential files rather than random access paging, but that's not a problem for operating systems and software storage.) Lots of machines are limited to 1GB RAM, and anything with much more than that probably has a big fan. That isn't going to be enough if you want 8 tracks of music for 3-4 hours of rehearsal, even if you FLAC everything, so at some point you're going to need to use a disk drive or lots of flash. On the other hand, if you're getting into that quantity and quality of music studio, you can afford to have a machine with a long cable in another room, or a sound-deadening box to hold a laptop drive. Your choice as to whether to run audio/video/keyboard cables or gig-ether.
Speed's less of an issue than you'd think with CF, at least if you're doing FLAC or other compression - Uncompressed stereo 1xCDROM is about 150KB/sec, and small cheap CF seems to mostly be 8X write speed, and high-end camera large CFs seems to be 32X, so that's lots of tracks. If you're desperate, and using CF-to-IDE interfaces like this system, you could even do RAID on your CFs:-)
If your digital camera can do that automatically, that's cool. I don't know what resolution you're doing that at - if you're using 100KB/picture, that's about 200MB for a 2000-mile trip, so it's feasible these days. (And if your resolution is much higher, you'd probably download to a laptop or something.)
Another way to do this is to use your basic $29 webcam and connect it to a laptop. That gives you a bit more flexibility on frame rate and storage (assuming you've got a 12VDC adapter for your laptop, of course), and there's a fair amount of webcam software that can let you control that.
So when are we going to start seeing webcams as standard hood ornaments?
Their blurbs say they've got lots of wireless around, but wireless is pretty short-range stuff - I'd guess that it's in the academic buildings and eating areas, but that doesn't mean that they've also installed much wireless coverage in the already-wired dorms.
If you want the aroma and the taste, get a glass of wine and set it within reach of your computer. Duh... And here in California we apparently take our wine more seriously than France Telecom does.
The glass of wine I've got on my desk right now is just Two Buck Chuck cabernet, but it's good enough for an average dinner or for reading Slashdot in the evening. Some websites really need coffee instead.
And the author of the press release had probably cranked up the volume on/dev/marijuana a bit too recently before noticing he had an article deadline.
If you've got a fast machine with a high-end GaM3Rz GPU, you've probably got an older machine lying around which was your former cutting-edge game platform. So fire it up with X Windows, and let your apps run on your fast machine where you've got the GPU, assuming you've got some kind of Unix OS on the fast machine (Linux, *bsd, etc.) (This trick is unlikely to work if you're running Windows on the fast machine - most of the solutions like VNC, Carbon Copy, etc. are likely to require you to be running the video screen. If your fast machine is running Unix and the slow one is running Windows, that's ok - you can use VNC on both, or run Cygwin X Windows on the slow machine, or just use ssh to run text sessions on the fast machine.)
Alternatively, if you've got a PCI video card around, put it in your fast machine as a second monitor.
One of my friends discovered at least _two_ of the Mersenne primes.
I don't know about impressing chicks, but I used to run GIMPS on my work laptop, and that did impress one of my customers:-) I had to turn the stuff off when I was running demos for them, and even though I'm no longer working on that account, I occasionally bump into them and they've commented on it years later...
It's probably a lot harder for them to collect evidence on the spam and verify that it violates YOU-CAN-SPAM. Since there was well-defined crime here, it's probably just fine that they go after him for it.
Theoretically the people whose identity was stolen should be able to sue him for fraud / defamation of character / etc., but it's not likely that he's got huge quantities of money around if he's paid Earthlink any of the $16M civil judgement they got.
Yes, they fixed those bugs after they got spanked hard enough. They've gotten better about lots of things, and they've hired a bunch of professionals, but usually the major bugs aren't put in there by professionals, they're put in there by undersupervised amateurs who didn't call in the professionals. That's a harder process to fix. And it's not surprising that L2TP was more secure from the beginning - it's mostly from Cisco, who *do* take crypto seriously.
One of the major causes of some of those bugs was trying to retain backwards compatibility with older broken applications, in this case password handlers, and the need to do that is as endemic as the weaknesses in previous systems of theirs. Another major example of clueless encryption use was the various worthless encryption things they built into Word and Excel - people have run entire businesses that provide cracking services for MS Office docs that customers forget the password for.
The major weaknesses in SSL today aren't esoteric bugs that only government spies can crack. One of them Microsoft Outlook, which will happily display mail that's "From: security@paypal.com" and let you click on the URL update-your-data-now.this-is-really-from-paypal-tr ust-us.paypal.com without the user interface even hinting that that it's from phishing-site.example.com. Another major weakness is viruses infecting machines, which is occasionally because of bugs in various programs (mostly overflow bugs, which are inexcusable these days, but still there) but often because the UI in Outlook encourages users to send executable attachments around and makes it hard for users to tell that the object they're about to click on isn't what they thought it was but easy to excecute them.
Why do some many of the non-UI attacks keep hitting the MS Filesharing/Netbios/etc. ports 135-139,445, 5000, etc? Because its security still sucks, even after 10+years.
Sorry, but you haven't stopped the smart ass remarks yet:-)
"Security" isn't just something you fix with a bandaid, unlike "Security holes" which can often be fixed that way. Right now if you don't want crackers cracking into your databases, don't let them onto your database server box. SSL is a bit of a step up, because it gives you more granularity about who can do what once they're there, but it's still not the issue here. Storing the *entire* database encrypted with a single key that is known by the object that lets people access data is a bit more than a bandaid -- maybe it's an arm sling, but it's still an external issue.
Real database security is a major redesign - protecting against people who ask nicely is one thing, but designing the database system so that each data item owner's private data is encrypted with their own keys and shared fields are encrypted with shared keys and reading the raw disk instead of using the DBMS interfaces just gets you cyphertext is much more than external patches. Furthermore, it affects the users' interaction with the database, because now they've got to define which items should be visible to which users and manage the keys they use for that access.
Any reasonable demo of this kind of thing will show the access accepted when it's supposed to be accepted and rejected in one or two cases where it's supposed to be rejected - otherwise it's not ready to be a demo. If they really used Single-DES and not Triple-DES, that's a Bad Sign, because it indicates that the people designing the demo are somewhat clueless, but as long as there are multiple options supported that's ok.
A much harder thing to demonstrate is showing that there isn't either a big gaping hole or a subtle nasty hole that lets somebody get in when they should have been rejected. There's also the problem of building a model for authorization that's featureful enough to be useful but not too complicated to use - a demo can easily hide either of those problems.
There has been lots of secure database research over the years - the NCSC's Lavender book, for instance, and lots of work Oracle's done. Hopefully they've taken advantage of the useful parts of it.
Microsoft's past experience with encryption was consistently dreadful - things like PPTP having seven obvious bugs, some of which were password handling and some of which were violations of the one basic rule for RC4 (never encrypt the same stuff twice with the same key.) Hopefully they've gotten better.
Encryption algorithms are hard to design well, but if you've got a good algorithm and understand the conditions for using it, you can use almost anybody's code for it, and most people these days understand that you need to use academically vetted stuff and not just roll your own snake oil. But encryption protocols and other forms of packaging for algorithms can be just as hard, and something as pervasive as Microsoft database programs will be very widely used by people who don't Read The Free Manual, which means that even if they design it very very well there'll still be people who use it for things it wasn't designed to do securely, because they're trying to do a much broader range of things.
This is a harder problem than basic SSL-for-Credit-Card-Numbers, which is trying to let the client enter some bits on an unprotected Windows box hanging off the Internet, pack them in an armored box, and ship them to a usually-almost-as-badly-protected server on a well-advertised Internet connection, and optionally do some validation on whether one or both ends are really the machines Verisign thinks they are. That's a pretty well-solved problem, though it took a while to iron out the design issues early on an iron out all the bugs in the code, but general-purpose solutions to "database security" are pretty hard.
Arrgh. I meant to type "free mapping programs", but apparently my mind wasn't watching my fingers. On the other hand, Yahoo map directions are a lot better now than when they first came out:-)
That would mean that if they buy 20 vans, they can cover them in a year, which isn't too bad. If it costs you $250K/year to run them, that'd be $5M for the whole job, which is peanuts if they've got a real market.
In practice it's not that simple - your site http://www.highways.org/states.cfm?category=FedAid is for highways that get Federal aid, which includes most of the long-haul roads, but not a lot of city streets, which is where most of the buildings are.
On the other hand, if most of the 50 million buildings are in reasonably dense areas (20-200 buildings per mile), that'd be 2.5m - 0.25m miles, so that's still in the ballpark for photographing most of them quickly. (Typical suburban/small-town houses are on lots 50-100 feet wide on both sides of the road, so that's 100-200 per mile, and typical urban blocks are 10 to the mile, so 20 block-sized buildings or many more smaller buildings.
Back in the mumblety-70s there was a short story in one of the science fiction pulps called "Stolzfus's Revenge", about an Amish farmer who got annoyed at Russians and English-speakers doing satellite photographs of his farm, so he started plowing messages to them into his field. He started off with simple lines, but eventually worked his way up to fancier looking fonts. Air traffic was getting diverted to not fly over the fields, and eventually a Yankee spy satellite photographed a farm in the Soviet Union which had "Same To You, Buddy" plowed on it.
It's apparently possible to get Intellectual Property Protection for a building's appearance. I think it's trademark protection, but it might be copyright or something. It mostly applies to famous buildings like the Transamerica Pyramid or NYC Chrysler Building - I don't know if anybody's tried it for boring buildings, but if these guys are selling pictures of specific buildings, there might be a case to be made.
My place isn't likely to be visible to these guys - I'm in a condo, and I'm on the side of the building that doesn't face the street, just the next buildings. MapQuest used to have aerial photos, so I've seen pictures of my roof, and probably a picture of my car's roof, but I don't know if any of the free mapping problems still offer that.
That's odd. The parent article says "Enroll", not "Enrole". Does this mean that Slashcode is building the display on the fly, and since the signature was updated the new version is showing?
The current whack-a-mole cycle depends on people tracing spam and sending complaints to abuse@ which never bothers answering, so the spammer can pump out 100K-1M spams before getting caught, or more if they're on dialup. This is something you can automate and keep their numbers under 1000 before getting caught, and as another poster points out, once these moles get whacked, they stay whacked.
Sure, homeopaths are interested in curing causes and not just symptoms, but with a philosophy that's not based on scientific method and filled with bogus quackery as part of its accepted wisdom, it's a hit-or-miss process, and it's not something that patients can trust to deal with cures. Sometimes they get it, as with your nephew and your sister, and when it does happen to work it's usually low-impact non-invasive stuff, and things like allergies are an area where homeopathy is closer to understanding reality than areas like bacterial disease or cancer that it's simply clueless about.
386/25 with 8MB and Netscape 2, Graphics
on
Mozilla's Mini-Me
·
· Score: 1
It really worked just fine, because the software was much less bloated. I think the modem was 14.4kbps by then. I had to run disk compression software to get by with the 300MB disk. The big limitation was that my AT&T graphics card was the 640x400 format, so when everybody's games started requiring 640x480 I couldn't use it, though the monitor itself could do 800x600 just fine.
No, it didn't do Flash, and unfortunately, yes, it did Javascript, and IIRC 2.0 was the version where you couldn't turn it off. Didn't need CSS, because most web page designers mostly understood the HTML philosophy that the reader's browser is what decides how to display things, not the author, and that not everybody has the latest 21" screen on their Palm Pilot.
Text-based software doesn't mean you're limited to CLIs - there was this "vi" thing that came out in ~1980, and curses, and Nethack. I ran X Windows on the 386/33 machines at work, and on the Sun3s, and while it's not as fast as today, it was just fine for handling lots of editor windows and animated clocks and simple graphing applications and interactive maps. It didn't have the horsepower of the HP 9000 workstations which I'd used in the late 80s that had 48MB of video RAM, and it was annoying to use 640x400 graphics when the slower Sun2 had had 1152x900, but you weren't limited to text-mode.
Sure, they can do it, if they're terminally clueless, which for the most part they are. The great thing about providing people with high-speed always-on Internet service is that rather than being passive couch potatoes downloading entertainment material, people can do their own content that's interesting for other people. You have to be a bit careful in asymmetric environments like cable modem, but modern cable modem tools give you the capabilities to do that, and you can further enforce them with packet shapers if you're having problems.
Comcast has been one of the leaders in writing Terms of Service policies that ban anything resembling a server, because they don't want to figure out what really is or is not an abusive traffic hog - better to ban the baby as well as the bathwater because otherwise you need tech support people better than what you get for the wages they want to pay, and you have to arbitrate disputes rather than cutting people off if they don't obey you. It's fun being a quasi-monopoly, after all (:-) Many of the DSL carriers try to follow Comcast's lead, and many of them try to compete by providing actual better service (e.g. Speakeasy and Sonic).
Speed's less of an issue than you'd think with CF, at least if you're doing FLAC or other compression - Uncompressed stereo 1xCDROM is about 150KB/sec, and small cheap CF seems to mostly be 8X write speed, and high-end camera large CFs seems to be 32X, so that's lots of tracks. If you're desperate, and using CF-to-IDE interfaces like this system, you could even do RAID on your CFs :-)
Another way to do this is to use your basic $29 webcam and connect it to a laptop. That gives you a bit more flexibility on frame rate and storage (assuming you've got a 12VDC adapter for your laptop, of course), and there's a fair amount of webcam software that can let you control that.
So when are we going to start seeing webcams as standard hood ornaments?
Their blurbs say they've got lots of wireless around, but wireless is pretty short-range stuff - I'd guess that it's in the academic buildings and eating areas, but that doesn't mean that they've also installed much wireless coverage in the already-wired dorms.
The glass of wine I've got on my desk right now is just Two Buck Chuck cabernet, but it's good enough for an average dinner or for reading Slashdot in the evening. Some websites really need coffee instead.
And the author of the press release had probably cranked up the volume on /dev/marijuana a bit too recently before noticing he had an article deadline.
Rats! Somebody made the obvious joke before I did, so I'm having to pull out a second-string obvious joke in response :-)
You hit the Umber Hulk -more-
His pixels shimmer gracefully -more-
The Umber Hulk hits -more-
You die -more-
You leave a good-looking corpse
Alternatively, if you've got a PCI video card around, put it in your fast machine as a second monitor.
But no - it's just hardware that does housecleaning... :-(
I don't know about impressing chicks, but I used to run GIMPS on my work laptop, and that did impress one of my customers :-) I had to turn the stuff off when I was running demos for them, and even though I'm no longer working on that account, I occasionally bump into them and they've commented on it years later...
Theoretically the people whose identity was stolen should be able to sue him for fraud / defamation of character / etc., but it's not likely that he's got huge quantities of money around if he's paid Earthlink any of the $16M civil judgement they got.
One of the major causes of some of those bugs was trying to retain backwards compatibility with older broken applications, in this case password handlers, and the need to do that is as endemic as the weaknesses in previous systems of theirs. Another major example of clueless encryption use was the various worthless encryption things they built into Word and Excel - people have run entire businesses that provide cracking services for MS Office docs that customers forget the password for.
The major weaknesses in SSL today aren't esoteric bugs that only government spies can crack. One of them Microsoft Outlook, which will happily display mail that's "From: security@paypal.com" and let you click on the URL update-your-data-now.this-is-really-from-paypal-tr ust-us.paypal.com without the user interface even hinting that that it's from phishing-site.example.com. Another major weakness is viruses infecting machines, which is occasionally because of bugs in various programs (mostly overflow bugs, which are inexcusable these days, but still there) but often because the UI in Outlook encourages users to send executable attachments around and makes it hard for users to tell that the object they're about to click on isn't what they thought it was but easy to excecute them.
Why do some many of the non-UI attacks keep hitting the MS Filesharing/Netbios/etc. ports 135-139,445, 5000, etc? Because its security still sucks, even after 10+years.
"Security" isn't just something you fix with a bandaid, unlike "Security holes" which can often be fixed that way. Right now if you don't want crackers cracking into your databases, don't let them onto your database server box. SSL is a bit of a step up, because it gives you more granularity about who can do what once they're there, but it's still not the issue here. Storing the *entire* database encrypted with a single key that is known by the object that lets people access data is a bit more than a bandaid -- maybe it's an arm sling, but it's still an external issue.
Real database security is a major redesign - protecting against people who ask nicely is one thing, but designing the database system so that each data item owner's private data is encrypted with their own keys and shared fields are encrypted with shared keys and reading the raw disk instead of using the DBMS interfaces just gets you cyphertext is much more than external patches. Furthermore, it affects the users' interaction with the database, because now they've got to define which items should be visible to which users and manage the keys they use for that access.
A much harder thing to demonstrate is showing that there isn't either a big gaping hole or a subtle nasty hole that lets somebody get in when they should have been rejected. There's also the problem of building a model for authorization that's featureful enough to be useful but not too complicated to use - a demo can easily hide either of those problems.
There has been lots of secure database research over the years - the NCSC's Lavender book, for instance, and lots of work Oracle's done. Hopefully they've taken advantage of the useful parts of it.
Encryption algorithms are hard to design well, but if you've got a good algorithm and understand the conditions for using it, you can use almost anybody's code for it, and most people these days understand that you need to use academically vetted stuff and not just roll your own snake oil. But encryption protocols and other forms of packaging for algorithms can be just as hard, and something as pervasive as Microsoft database programs will be very widely used by people who don't Read The Free Manual, which means that even if they design it very very well there'll still be people who use it for things it wasn't designed to do securely, because they're trying to do a much broader range of things.
This is a harder problem than basic SSL-for-Credit-Card-Numbers, which is trying to let the client enter some bits on an unprotected Windows box hanging off the Internet, pack them in an armored box, and ship them to a usually-almost-as-badly-protected server on a well-advertised Internet connection, and optionally do some validation on whether one or both ends are really the machines Verisign thinks they are. That's a pretty well-solved problem, though it took a while to iron out the design issues early on an iron out all the bugs in the code, but general-purpose solutions to "database security" are pretty hard.
Arrgh. I meant to type "free mapping programs", but apparently my mind wasn't watching my fingers. On the other hand, Yahoo map directions are a lot better now than when they first came out :-)
In practice it's not that simple - your site http://www.highways.org/states.cfm?category=FedAid is for highways that get Federal aid, which includes most of the long-haul roads, but not a lot of city streets, which is where most of the buildings are.
On the other hand, if most of the 50 million buildings are in reasonably dense areas (20-200 buildings per mile), that'd be 2.5m - 0.25m miles, so that's still in the ballpark for photographing most of them quickly. (Typical suburban /small-town houses are on lots 50-100 feet wide on both sides of the road, so that's 100-200 per mile, and typical urban blocks are 10 to the mile, so 20 block-sized buildings or many more smaller buildings.
Back in the mumblety-70s there was a short story in one of the science fiction pulps called "Stolzfus's Revenge", about an Amish farmer who got annoyed at Russians and English-speakers doing satellite photographs of his farm, so he started plowing messages to them into his field. He started off with simple lines, but eventually worked his way up to fancier looking fonts. Air traffic was getting diverted to not fly over the fields, and eventually a Yankee spy satellite photographed a farm in the Soviet Union which had "Same To You, Buddy" plowed on it.
My place isn't likely to be visible to these guys - I'm in a condo, and I'm on the side of the building that doesn't face the street, just the next buildings. MapQuest used to have aerial photos, so I've seen pictures of my roof, and probably a picture of my car's roof, but I don't know if any of the free mapping problems still offer that.
Does this mean that Slashcode is building the display on the fly, and since the signature was updated the new version is showing?
Or does it stand for "Can't Route Stuff"? Or ....
The current whack-a-mole cycle depends on people tracing spam and sending complaints to abuse@ which never bothers answering, so the spammer can pump out 100K-1M spams before getting caught, or more if they're on dialup. This is something you can automate and keep their numbers under 1000 before getting caught, and as another poster points out, once these moles get whacked, they stay whacked.
On the other hand, the new Cisco router costs 10,000 times as much and is almost 100,000 times as fast, so perhaps the Cisco *is* a better deal!
Sure, homeopaths are interested in curing causes and not just symptoms, but with a philosophy that's not based on scientific method and filled with bogus quackery as part of its accepted wisdom, it's a hit-or-miss process, and it's not something that patients can trust to deal with cures. Sometimes they get it, as with your nephew and your sister, and when it does happen to work it's usually low-impact non-invasive stuff, and things like allergies are an area where homeopathy is closer to understanding reality than areas like bacterial disease or cancer that it's simply clueless about.
No, it didn't do Flash, and unfortunately, yes, it did Javascript, and IIRC 2.0 was the version where you couldn't turn it off. Didn't need CSS, because most web page designers mostly understood the HTML philosophy that the reader's browser is what decides how to display things, not the author, and that not everybody has the latest 21" screen on their Palm Pilot.
Text-based software doesn't mean you're limited to CLIs - there was this "vi" thing that came out in ~1980, and curses, and Nethack. I ran X Windows on the 386/33 machines at work, and on the Sun3s, and while it's not as fast as today, it was just fine for handling lots of editor windows and animated clocks and simple graphing applications and interactive maps. It didn't have the horsepower of the HP 9000 workstations which I'd used in the late 80s that had 48MB of video RAM, and it was annoying to use 640x400 graphics when the slower Sun2 had had 1152x900, but you weren't limited to text-mode.
Comcast has been one of the leaders in writing Terms of Service policies that ban anything resembling a server, because they don't want to figure out what really is or is not an abusive traffic hog - better to ban the baby as well as the bathwater because otherwise you need tech support people better than what you get for the wages they want to pay, and you have to arbitrate disputes rather than cutting people off if they don't obey you. It's fun being a quasi-monopoly, after all (:-) Many of the DSL carriers try to follow Comcast's lead, and many of them try to compete by providing actual better service (e.g. Speakeasy and Sonic).