Indeed. Maybe I'm getting old, or just like trying to be thoughtful about how I treat my fellow human beings of whatever gender/etc, or maybe just as a British English speaker... (a) using this "SJW" term as some sort of demonisation seems unhelpful and (b) some of the comments in this story have been rank with small-minded "I'm all right Jack" selfishness. I wonder how many of those making those remarks have ever been on the wrong end of a despised (minority) grouping for any significant time?
I don't think someone should be *forced* to change a random file extension that is has a mildly-unpleasant association for some (possibly the same as SJW has for others BTW, think about it: what if Apple''s/Oracle's/Microsoft's new trendy file type had a.sjw extension), but I don't see that anyone was forced to to anything. Out of courtesy a shorter extension was selected which still has a decent mnemonic value and instantly saves a byte in many cases which is even better.
The bods in white coats said: burning oil (etc) may be bad news and furthermore it may be bad if you don't change your business strategy in the light of that soon.
It seems evident that the first part was true.
It is clear also that Exxon also chose not to alter its business model but instead to try to spread FUD.
The second is poor long-term business and poor ethics, and may well bite us all in the rear.
So as it happens the bods in white coats were right then and the trust of the summary is right now.
You seem to be trying to skip the caveats in the statement and ignore tha Exxon clearly failed to change direction when given the (basically correct) warning.
Please read the actual words written. It helps. Just assuming that you are not here to start fires.
The key word for a start is "might" as in "might become critical".
There are at least two levels of indirection and conditional/probability in that statement. Failing to read them is failing to understand the meaning entirely.
Which part of "five to ten years before the need for hard decisions regarding changes in energy strategies might become critical" did you actually fail to read rather than having fun baiting flames?
That talks of taking decisions, not how long it would take the bad effects from failing to take those decisions to show up.
That statement could yet be entirely right and Exxon wilfully doomed us all circa 1982, but the statement doesn't have to be read that strongly either.
Because I wanted the bank staff (and I raised it to a fairly high level) to understand and accept that the 'security questions' could never reasonably used the way that the bank expected, and having gained that insight (and the firestorm of complaint in social media at the time) the bank fixed the issue reasonably well.
It's not perfect, but the current system works reasonably well.
So, argument and persuasion rather than just whining seemed to be winning.
Hmm, yes, when I was putting together security for an online financial system (eg worth stealing credentials for) many years ago, (7) was nagging at me and I might have made do with an upgrade in hash mechanism at next login after a policy change, but yours is nice and/or in combination.
Rgds
Damon
PS. (4) is also an interesting rule-of-thumb, thank you!
I had a huge argument about this stuff about my bank and whether a fat middle aged bloke should have a favourite colour (and the entropy in the choices anyway) and was explicitly allowed to put rubbish in all the fields and the bank indeed replaced it all with 2FA soon after.
Strange, I get depressed when spending prolonged periods at, or communicating with, HR departments. This 'H' radiation is clearly bad and can tunnel over telephone links too.
LaTeX is astonishingly versatile (as evidenced by the underlying TeX \primes demo macro for example) and I spent way too much time 'coding' in it to make my thesis look pretty for example.
And plenty of non-imperative computer languages still require skills of scope and data design etc etc, from Prolog through SML to any of the functional languages, never mind the JS/HTML/DOM/CSS nexus.
I already gave up flying years ago, and in particular was tired of US surly behaviour towards flying foreigners long before 9/11. Even if it hadn't invented the TSA the USA lost my tourism and in-person business dollars long back.
But in any case, yes, I don't feel the need to give out difficult-to-replace-and-repudiate identifiers, especially those to do with money, to others willy-nilly. Cash still works well for many things. Yes, and I used to be CTO of a credit-card company.. %-P
Also, specifically, credit cards are quite expensive for the merchants, especially for small transactions. Debit cards less so but the risks are higher for the customer.
Yes, I also designed the hardware target of that code, wire-wrapping the first unit, and writing the 'OS' in a mixture of C and asm.
The asm equivalent was accidentally starting my NMI routine with "push hl; push de" and ending it with "pop hl, pop de". That anything worked at all was a minor miracle, and it did for months before I noticed.
A stray ; 30 years ago in some C took me a week to find, replacing the intended body of a loop with an empty block IIRC. I have ever since tried always to { } statement blocks so that it is easy to tell what was intended...
Also I strongly echo the "make sure that you're editing what you're running/debugging" comment elsewhere. Still horribly easy to get that one wrong in lots of different ways...
All those numbers are better than they could have been a few years ago. Try doing it with lead-acid batteries, less clever charging strategies, and older heavier less efficient PV cells and tell me how that works.
Thus it is progress. Incremental progress is still progress. 'Maturity' is still progress.
4) We examined the TOR traffic and tried to minimize the abusive bits. In our case, we found that most of the TOR web browsing looked non-abusive. However, the majority of the SSH and RDP traffic looked abusive. So, we asked the TOR admin to limit those protocols.
I am interested to understand what level of inspection you could and did perform to decide "abusiveness". Especially for the secure traffic.
I used to run a SPARC box with 4MB (yes, mega) as my gateway/firewall machine when I was one of the few ISPs in the UK with (a) a live 'Internet' connection and (b) any sort of firewall.
I called the machine 'lemon' (http://www.exnet.com/NTP/ARC/ARC.html lemon.exnet.com) because it was (as a safety measure) pretty much incapable of running a compiler in that space, but it ran a mail proxy and firewall (http://www.exnet.com/ExFilter/V1.1.3-manual.html which I wrote to make sure I understoof what was going on) just fine.
Slashdot Mirror
+1
Indeed. Maybe I'm getting old, or just like trying to be thoughtful about how I treat my fellow human beings of whatever gender/etc, or maybe just as a British English speaker... (a) using this "SJW" term as some sort of demonisation seems unhelpful and (b) some of the comments in this story have been rank with small-minded "I'm all right Jack" selfishness. I wonder how many of those making those remarks have ever been on the wrong end of a despised (minority) grouping for any significant time?
I don't think someone should be *forced* to change a random file extension that is has a mildly-unpleasant association for some (possibly the same as SJW has for others BTW, think about it: what if Apple''s/Oracle's/Microsoft's new trendy file type had a .sjw extension), but I don't see that anyone was forced to to anything. Out of courtesy a shorter extension was selected which still has a decent mnemonic value and instantly saves a byte in many cases which is even better.
Rgds
Damon
In the UK no nuke plants load-follow, AFAIK, even though Sizewell B at least theoretically can.
Even in France I think that there is only a mean of ~25% load-following available (more for plants with more-recently-loaded fuel).
Rgds
Damon
Life is not binary.
The bods in white coats said: burning oil (etc) may be bad news and furthermore it may be bad if you don't change your business strategy in the light of that soon.
It seems evident that the first part was true.
It is clear also that Exxon also chose not to alter its business model but instead to try to spread FUD.
The second is poor long-term business and poor ethics, and may well bite us all in the rear.
So as it happens the bods in white coats were right then and the trust of the summary is right now.
You seem to be trying to skip the caveats in the statement and ignore tha Exxon clearly failed to change direction when given the (basically correct) warning.
Damon
Please read the actual words written. It helps. Just assuming that you are not here to start fires.
The key word for a start is "might" as in "might become critical".
There are at least two levels of indirection and conditional/probability in that statement. Failing to read them is failing to understand the meaning entirely.
Damon
Which part of "five to ten years before the need for hard decisions regarding changes in energy strategies might become critical" did you actually fail to read rather than having fun baiting flames?
That talks of taking decisions, not how long it would take the bad effects from failing to take those decisions to show up.
That statement could yet be entirely right and Exxon wilfully doomed us all circa 1982, but the statement doesn't have to be read that strongly either.
Rgds
Damon
Because I wanted the bank staff (and I raised it to a fairly high level) to understand and accept that the 'security questions' could never reasonably used the way that the bank expected, and having gained that insight (and the firestorm of complaint in social media at the time) the bank fixed the issue reasonably well.
It's not perfect, but the current system works reasonably well.
So, argument and persuasion rather than just whining seemed to be winning.
Rgds
Damon
Hmm, yes, when I was putting together security for an online financial system (eg worth stealing credentials for) many years ago, (7) was nagging at me and I might have made do with an upgrade in hash mechanism at next login after a policy change, but yours is nice and/or in combination.
Rgds
Damon
PS. (4) is also an interesting rule-of-thumb, thank you!
I had a huge argument about this stuff about my bank and whether a fat middle aged bloke should have a favourite colour (and the entropy in the choices anyway) and was explicitly allowed to put rubbish in all the fields and the bank indeed replaced it all with 2FA soon after.
So sometimes there are choices.
Rgds
Damon
Security questions IMHO *lower* overall security for a number of reasons and I refuse to use them.
2FA is a good idea.
Rgds
Damon
Strange, I get depressed when spending prolonged periods at, or communicating with, HR departments. This 'H' radiation is clearly bad and can tunnel over telephone links too.
Rgds
Damon
LaTeX is astonishingly versatile (as evidenced by the underlying TeX \primes demo macro for example) and I spent way too much time 'coding' in it to make my thesis look pretty for example.
And plenty of non-imperative computer languages still require skills of scope and data design etc etc, from Prolog through SML to any of the functional languages, never mind the JS/HTML/DOM/CSS nexus.
So I think you protest too much.
Rgds
Damon
I already gave up flying years ago, and in particular was tired of US surly behaviour towards flying foreigners long before 9/11. Even if it hadn't invented the TSA the USA lost my tourism and in-person business dollars long back.
But in any case, yes, I don't feel the need to give out difficult-to-replace-and-repudiate identifiers, especially those to do with money, to others willy-nilly. Cash still works well for many things. Yes, and I used to be CTO of a credit-card company.. %-P
Also, specifically, credit cards are quite expensive for the merchants, especially for small transactions. Debit cards less so but the risks are higher for the customer.
Rgds
Damon
Banks care all about reputation (nominally) and normal retail cares all about minimising costs.
Thus data breaches, hacked PIN entry pads, etc, are generally a retail phenomenon.
Rgds
Damon
And you're not paying (heavily) for cash advances on a credit card?
Rgds
Damon
And you think that a retail outlet handles your credentials more securely than a bank/ATM?
Rgds
Damon
Why the snark?
Yes, I also designed the hardware target of that code, wire-wrapping the first unit, and writing the 'OS' in a mixture of C and asm.
The asm equivalent was accidentally starting my NMI routine with "push hl; push de" and ending it with "pop hl, pop de". That anything worked at all was a minor miracle, and it did for months before I noticed.
Rgds
Damon
A stray ; 30 years ago in some C took me a week to find, replacing the intended body of a loop with an empty block IIRC. I have ever since tried always to { } statement blocks so that it is easy to tell what was intended...
Also I strongly echo the "make sure that you're editing what you're running/debugging" comment elsewhere. Still horribly easy to get that one wrong in lots of different ways...
Rgds
Damon
All those numbers are better than they could have been a few years ago. Try doing it with lead-acid batteries, less clever charging strategies, and older heavier less efficient PV cells and tell me how that works.
Thus it is progress. Incremental progress is still progress. 'Maturity' is still progress.
Rgds
Damon
Thanks, very interesting. I imagined that it might be a little like that. Certainly I can see how scanning for vulnerabilities can stand out!
Rgds
Damon
Thanks!
Damon
Indeed, this seems a key advantage to me and something I tried to get a small European telco to look at years ago. Great that it's finally happening.
(It's going to make some simple security filtering by source IP a little harder...)
Rgds
Damon
4) We examined the TOR traffic and tried to minimize the abusive bits. In our case, we found that most of the TOR web browsing looked non-abusive. However, the majority of the SSH and RDP traffic looked abusive. So, we asked the TOR admin to limit those protocols.
I am interested to understand what level of inspection you could and did perform to decide "abusiveness". Especially for the secure traffic.
Rgds
Damon
Surely the trailing wire back to the exchange was a bigger problem?
Rgds
Damon
I used to run a SPARC box with 4MB (yes, mega) as my gateway/firewall machine when I was one of the few ISPs in the UK with (a) a live 'Internet' connection and (b) any sort of firewall.
I called the machine 'lemon' (http://www.exnet.com/NTP/ARC/ARC.html lemon.exnet.com) because it was (as a safety measure) pretty much incapable of running a compiler in that space, but it ran a mail proxy and firewall (http://www.exnet.com/ExFilter/V1.1.3-manual.html which I wrote to make sure I understoof what was going on) just fine.
Rgds
Damon