Okay, yay Firefly and all that. But the science? I'll be very interested to hear how interplanetary travel, which takes a matter of days, almost invariably results in passing within a couple hundred feet of another ship headed the opposite direction at a few feet per second relative velocity....very small solar system? With a couple hundred planets?
As a matter of fact, the whole show occurred in a single large solar system with lots of inhabitable moons: here's a list and here's an official map.
True, the passing in different directions (if they really were different directions) at small relative velocities was a bit unrealistic. We suspend belief for the purposes of plot, lest we bore a prime time TV audience with why being interdicted by a military vessel requires hours of burn time.
- Each of the GTLD servers ([a-m].gtld-servers.net) are delegating to ns[12].seizedservers.com
- Comcast's national opt-out DNS (75.75.75.75) has changed the delegation.
- OpenDNS.com's free filtering DNS (208.67.222.123) still delegates to ns5[12].domaincontrol.com, for about the next 3200 seconds (53 minutes) when its cache of the NS records expires.
If you look at financial reports for companies that are having increases in earnings you find that these corporations are either (a) hoarding cash, (b) using extra cash for acquisitions, or (c) instituting share buyback programs...
Do you actually observe the economy and research these things, or do you just get your talking points from Glenn Beck?
Excellent question. Did you?:)
My employer (a public company in the $5-10B market cap range) is most definitely increasing earnings, and hiring more workers. Oh, they also are debt-free, profitable and "(a)" sitting on a pile of cash, but that happens to work as protection against "(b)" being bought out and thus losing the workers they currently have.
No, I didn't expect you to research my particular employer, but, the grandness of your assertions aren't protected simply by accusing G.P. of lack of research.
Might as well save the money that a lawyer would charge to cut and paste this document.
On the flip side:
A. This is results in very asymmetric lawyer costs. The recipient is going to have to spend lawyer time to defend against it that the sender didn't just to send it.
B. By not spending time on a decent lawyer to ensure the takedown is unique and covers the case law for their own jurisdiction, Commodore may have unwittingly given up any legitimate rights they might have had in this dispute.
C. Lawyers are truly valuable at convincing clients to not start legal disputes. By not vetting this by a lawyer, they may started a snowball of subsequent legal costs that could've been avoided entirely if/when they lose. A neat trick used by some defendants, when they're sure to recover most of their defense costs in the end, is to drag out the legal dispute just to teach the other side a lesson.
If only the Mozilla Foundation had the balls to include an ad blocker which dealt with Google Adwords
Do I detect a non-user of AdBlock Plus? It's been featured on the Privacy & Security page of addons.mozilla.org for ages now, and occasionally featured on the front-page as well.
Yes, it works just fine with Google text-based ads, too. I haven't seen them in months.
Is open hardware really that big a problem? It's not like opening a Fab is cheap.
The hardware behind Apertus is actually Elphel. They make "open source" cameras based on existing chips. The video codec is performed by an FPGA (loaded with GPL-licensed firmware made by Elphel).
Additionally, Silverlight is plain broke in some aspects that make it less useful for developers, not just users.
This week I learned Silverlight on IE8 (remember, that's its same-vendor browser), after receiving cookies from a webserver, completely fails to include those cookies in an HTTP POST request. What... the... <expletitive>?
However, I figured out through trial and error, that you can actually double back on buttons you've activated and activate buttons that are non-adjacent to active ones by drawing in the blank space in between buttons. This should be a criteria for a strong graphical pattern lock
I also noticed this, shortly after I got the idea to use an unlock pattern. Once you noticed those two aspects (ability to draw between buttons, and harmlessly slide over already-activated buttons), the permutations multiply.
With those in mind, here is how unique a randomized unlock pattern can be:
4 dots = 1624 permutations (as weak as a 3 number password!)
5 dots = 7152 permutations (much better, but not by far)
6 dots = 26016 permutations (at least as strong as a 4-digit bank card PIN)
7 dots = 140704 permutations (about as strong as a 5-digit bank card PIN)
As a bonus, choosing more dots reduces the ability for a smudge attack to succeed. But only if you choose a pseudo-random one. Don't kid yourself, one that you come up on your own is biased in favor of a like-minded (i.e. homo sapien) attacker.
To help, here's a quick bit of shell code to easily generate a strong unlock code for an Android phone. It numbers the dots like a telephone: top-left button is 1, top-middle is 2, top-right is 3,...etc. Just draw the dots in the pattern indicated.
This is just grandstanding by a politician running for office. Neither Amazon nor Apple are headquartered in Connecticut, which makes the appropriate action for this state AG to make a filing to the FTC.
Except, of course, filing with the FTC just doesn't sound as exciting to voters.
If you never get a credit card or loan of any type, you will not have a credit history.
This will be very bad later, when you need to apply for credit or a loan, you will be denied, or require a cosigner, and pay a much higher interest rate..
Bullshit. I bought a house without a credit history, without a cosigner, with lower interest rate than anyone else I know. I merely had to prove my identity, my steady income, my steady bill-paying history, and have a 20% down payment documented in a bank account.
While my loan broker had a smaller choice of banks to choose from, the ones available were falling over themselves to offer me a 15-year loan. (This is no fault of the banks, but a no-credit 30 year loan according to Fannie Mae's post-bubble rules would've been unfeasible. I didn't want a 30-year anyways.)
What law did he break? What was he accused of? Why was he detained? What right do they have to ask such questions?
Welcome to law enforcement procedures. Of course you're allowed to have an opinion. But, say, your legally allowable opinion on your neighbor's yard maintenance might be a motive for why your neighbor is dead, for example. And 12 hour interviews are completely allowed. You just need to know your rights and how to use them; for instance, explicitly saying you invoke your right to remain silent until you have a lawyer present.
Now, is it reasonable for the FBI to suspect Jacob Appelbaum is involved in the wikileak and put him in the box for 3 hours? THAT's another question...
No, I'm not kidding. Remember brewing is the alcohol-creation step before distillation.
The fact that this is freeze-distilled still makes it beer: unlike normal (boiling) distillation, you keep the wash, not the distillate. (How they avoid making it taste like ass is another question.)
China isn't the first nation to grapple with HIV in blood transfusions. The United States' blood transfusion industry lobbied in the 1980s to suppress the issue over concerns about their reputation and revenue, and succeeded to some degree.
In this case, China's communist government is probably being lobbied, too -- and as an easily corrupted system with great powers, we see instances like this.
Certificates don't ensure you're talking to anyone in particular, other than someone who has managed to get their hands on the certificate, which, based on prevalance of rooting and etc., could be quite a range of people.
Certificates are public information. Oh, did you really mean, private key?
Certs reliably encrypt traffic between the two endpoints. That's the entire usefulness to the two endusers.
Nope. Bulk ciphers are what encrypt traffic between two endpoints. Did you really mean certs provide key exchange?
HOWEVER: An entire deceptive financial ecosystem was created when the browser manufacturers put those "scare the heck out of the user" dialogs in there; that meant that ecommerce types *HAD* to get certs that would not raise those warnings -- meaning, buying a bag of bits from someone else, a bag you could have made yourself for free, for all the good it would do you, instead purchased for $50 (or many more) dollars.
It's all based upon one key falsehood: The idea that a cert "assures" you that you're talking to someone in particular.
Wow, you like, have no idea what root trust provides, do you? If your private key is secured properly, it provides reasonable proof that the entity at the server end is related to the domain owner.
Yup, there's problems with the human-level implementation. Like, oh, govenments "leaning" on CAs to provide them with an intermediate certficate. Or, yes, private key security.
You're paranoid about (and it's possibly Proper Paranoia®) that any site may have weak private key security, especially against, erm, "hackers". Fine, the mom'n'pop websites should probably leave their SSL handling to a professional webhost since they're just as like have bungled the security if they did it on their own. Generally, though, you can reasonably trust private key security with organizations that are likely to have professional network security staff.
I'm well assured every time someone in my organization (a network appliance manufacturer) needs to help a customer with an SSL/TLS related issue and the customer meticulously coughs up all the information needed except the private key.
Happy shall he be, that taketh and dasheth thy little ones against the stones
This is an ancient Israeli wish for bitter revenge against invaders. Here is more context (in alternate translation):
8 People of Babylon, you will be destroyed.
The people who pay you back for what you did to us will be happy.
9 They will grab your babies and throw them against the rocks.
2. The definitions refers to our the sun. Not the star which the planet orbits but 'the sun'. That makes it sound like extrasolar planets are not planets either.
Given that we don't have much information about extrasolar planets yet, making up such definitions is bad science in general, not just bad astronomy.
We aught to survey another system by probe before determining whether our local definitions apply to other systems. Especially, for example, rules for small objects determined by politics.
Slashdot Mirror
Okay, yay Firefly and all that. But the science? I'll be very interested to hear how interplanetary travel, which takes a matter of days, almost invariably results in passing within a couple hundred feet of another ship headed the opposite direction at a few feet per second relative velocity. ...very small solar system? With a couple hundred planets?
As a matter of fact, the whole show occurred in a single large solar system with lots of inhabitable moons: here's a list and here's an official map.
True, the passing in different directions (if they really were different directions) at small relative velocities was a bit unrealistic. We suspend belief for the purposes of plot, lest we bore a prime time TV audience with why being interdicted by a military vessel requires hours of burn time.
The DNS is slowly rolling over. For example:
- Each of the GTLD servers ([a-m].gtld-servers.net) are delegating to ns[12].seizedservers.com
- Comcast's national opt-out DNS (75.75.75.75) has changed the delegation.
- OpenDNS.com's free filtering DNS (208.67.222.123) still delegates to ns5[12].domaincontrol.com, for about the next 3200 seconds (53 minutes) when its cache of the NS records expires.
I look forward to reading this exact same story, except with details, in less than a month.
I anticipate reading this exact same story, except with less details, yet again in a year. I coin this the secondary Slashdot effect.
I keep telling people 11 is not a prime, but they won't listen.
Even if you mean in base 2, we aren't going to listen to you either.
At stake: whether all federal employees can be forced to undergo open-ended background checks
Really? I don't see that in the questions being answered by the supreme court.
If you look at financial reports for companies that are having increases in earnings you find that these corporations are either (a) hoarding cash, (b) using extra cash for acquisitions, or (c) instituting share buyback programs...
Do you actually observe the economy and research these things, or do you just get your talking points from Glenn Beck?
Excellent question. Did you? :)
My employer (a public company in the $5-10B market cap range) is most definitely increasing earnings, and hiring more workers. Oh, they also are debt-free, profitable and "(a)" sitting on a pile of cash, but that happens to work as protection against "(b)" being bought out and thus losing the workers they currently have.
No, I didn't expect you to research my particular employer, but, the grandness of your assertions aren't protected simply by accusing G.P. of lack of research.
Might as well save the money that a lawyer would charge to cut and paste this document.
On the flip side:
A. This is results in very asymmetric lawyer costs. The recipient is going to have to spend lawyer time to defend against it that the sender didn't just to send it.
B. By not spending time on a decent lawyer to ensure the takedown is unique and covers the case law for their own jurisdiction, Commodore may have unwittingly given up any legitimate rights they might have had in this dispute.
C. Lawyers are truly valuable at convincing clients to not start legal disputes. By not vetting this by a lawyer, they may started a snowball of subsequent legal costs that could've been avoided entirely if/when they lose. A neat trick used by some defendants, when they're sure to recover most of their defense costs in the end, is to drag out the legal dispute just to teach the other side a lesson.
If only the Mozilla Foundation had the balls to include an ad blocker which dealt with Google Adwords
Do I detect a non-user of AdBlock Plus? It's been featured on the Privacy & Security page of addons.mozilla.org for ages now, and occasionally featured on the front-page as well.
Yes, it works just fine with Google text-based ads, too. I haven't seen them in months.
Is open hardware really that big a problem? It's not like opening a Fab is cheap.
The hardware behind Apertus is actually Elphel. They make "open source" cameras based on existing chips. The video codec is performed by an FPGA (loaded with GPL-licensed firmware made by Elphel).
Here is more about the hardware.
#463
Additionally, Silverlight is plain broke in some aspects that make it less useful for developers, not just users.
This week I learned Silverlight on IE8 (remember, that's its same-vendor browser), after receiving cookies from a webserver, completely fails to include those cookies in an HTTP POST request. What... the... <expletitive>?
However, I figured out through trial and error, that you can actually double back on buttons you've activated and activate buttons that are non-adjacent to active ones by drawing in the blank space in between buttons. This should be a criteria for a strong graphical pattern lock
I also noticed this, shortly after I got the idea to use an unlock pattern. Once you noticed those two aspects (ability to draw between buttons, and harmlessly slide over already-activated buttons), the permutations multiply.
With those in mind, here is how unique a randomized unlock pattern can be:
4 dots = 1624 permutations (as weak as a 3 number password!)
5 dots = 7152 permutations (much better, but not by far)
6 dots = 26016 permutations (at least as strong as a 4-digit bank card PIN)
7 dots = 140704 permutations (about as strong as a 5-digit bank card PIN)
As a bonus, choosing more dots reduces the ability for a smudge attack to succeed. But only if you choose a pseudo-random one. Don't kid yourself, one that you come up on your own is biased in favor of a like-minded (i.e. homo sapien) attacker.
To help, here's a quick bit of shell code to easily generate a strong unlock code for an Android phone. It numbers the dots like a telephone: top-left button is 1, top-middle is 2, top-right is 3, ...etc. Just draw the dots in the pattern indicated.
rand -N 9 -M 9 -u | perl -ane '%seen=();%bad=qw(13 2 17 4 19 5 28 5 31 2 37 5 39 6 46 5 64 5 71 4 73 5 79 8 82 5 91 5 93 6 97 8);$last=0;print map {$next=$_+1;$combo=$last.$next;if ($bad{$combo} and not $seen{$bad{$combo}}) {()} else {$seen{$next}=1;$last=$next;$next,"\n"}} @F'
This is just grandstanding by a politician running for office. Neither Amazon nor Apple are headquartered in Connecticut, which makes the appropriate action for this state AG to make a filing to the FTC.
Except, of course, filing with the FTC just doesn't sound as exciting to voters.
If you never get a credit card or loan of any type, you will not have a credit history. This will be very bad later, when you need to apply for credit or a loan, you will be denied, or require a cosigner, and pay a much higher interest rate..
Bullshit. I bought a house without a credit history, without a cosigner, with lower interest rate than anyone else I know. I merely had to prove my identity, my steady income, my steady bill-paying history, and have a 20% down payment documented in a bank account.
While my loan broker had a smaller choice of banks to choose from, the ones available were falling over themselves to offer me a 15-year loan. (This is no fault of the banks, but a no-credit 30 year loan according to Fannie Mae's post-bubble rules would've been unfeasible. I didn't want a 30-year anyways.)
today is privacy Sunday, eh guys?
It's DefCon weekend.
What law did he break? What was he accused of? Why was he detained? What right do they have to ask such questions?
Welcome to law enforcement procedures. Of course you're allowed to have an opinion. But, say, your legally allowable opinion on your neighbor's yard maintenance might be a motive for why your neighbor is dead, for example. And 12 hour interviews are completely allowed. You just need to know your rights and how to use them; for instance, explicitly saying you invoke your right to remain silent until you have a lawyer present.
Now, is it reasonable for the FBI to suspect Jacob Appelbaum is involved in the wikileak and put him in the box for 3 hours? THAT's another question...
There, fixed it for you.
No, I'm not kidding. Remember brewing is the alcohol-creation step before distillation.
The fact that this is freeze-distilled still makes it beer: unlike normal (boiling) distillation, you keep the wash, not the distillate. (How they avoid making it taste like ass is another question.)
And sometimes, it's about Politics in Health.
China isn't the first nation to grapple with HIV in blood transfusions. The United States' blood transfusion industry lobbied in the 1980s to suppress the issue over concerns about their reputation and revenue, and succeeded to some degree.
In this case, China's communist government is probably being lobbied, too -- and as an easily corrupted system with great powers, we see instances like this.
Fortunately, there are also top-level politicians trying to turn it it around.
Certificates don't ensure you're talking to anyone in particular, other than someone who has managed to get their hands on the certificate, which, based on prevalance of rooting and etc., could be quite a range of people.
Certificates are public information. Oh, did you really mean, private key?
Certs reliably encrypt traffic between the two endpoints. That's the entire usefulness to the two endusers.
Nope. Bulk ciphers are what encrypt traffic between two endpoints. Did you really mean certs provide key exchange?
HOWEVER: An entire deceptive financial ecosystem was created when the browser manufacturers put those "scare the heck out of the user" dialogs in there; that meant that ecommerce types *HAD* to get certs that would not raise those warnings -- meaning, buying a bag of bits from someone else, a bag you could have made yourself for free, for all the good it would do you, instead purchased for $50 (or many more) dollars.
It's all based upon one key falsehood: The idea that a cert "assures" you that you're talking to someone in particular.
Wow, you like, have no idea what root trust provides, do you? If your private key is secured properly, it provides reasonable proof that the entity at the server end is related to the domain owner.
Yup, there's problems with the human-level implementation. Like, oh, govenments "leaning" on CAs to provide them with an intermediate certficate. Or, yes, private key security.
You're paranoid about (and it's possibly Proper Paranoia®) that any site may have weak private key security, especially against, erm, "hackers". Fine, the mom'n'pop websites should probably leave their SSL handling to a professional webhost since they're just as like have bungled the security if they did it on their own. Generally, though, you can reasonably trust private key security with organizations that are likely to have professional network security staff.
I'm well assured every time someone in my organization (a network appliance manufacturer) needs to help a customer with an SSL/TLS related issue and the customer meticulously coughs up all the information needed except the private key.
monitored
Since when did Slashdot turn into a competitor of CNN and Fox News?
May 26th will now be known as "Face-Palm Day".
Or "May Fool's Day".
Just one day after Towel Day, too.
Step 1: Install Wireshark
Step 1.5: Install HttpFox (Firefox on any OS) or HttpWatch (IE or FF on Windows).
For HTTP traffic, both will supplement WireShark by giving you a clear browser-level picture of what data your browser is sending and receiving.
For HTTPS (or other SSL/TLS tunneled protocol spoken by your browser), it's also the practical way to get a cleartext version of the communication.
Happy shall he be, that taketh and dasheth thy little ones against the stones
This is an ancient Israeli wish for bitter revenge against invaders. Here is more context (in alternate translation):
8 People of Babylon, you will be destroyed.
The people who pay you back for what you did to us will be happy.
9 They will grab your babies and throw them against the rocks.
2. The definitions refers to our the sun. Not the star which the planet orbits but 'the sun'. That makes it sound like extrasolar planets are not planets either.
Given that we don't have much information about extrasolar planets yet, making up such definitions is bad science in general, not just bad astronomy.
We aught to survey another system by probe before determining whether our local definitions apply to other systems. Especially, for example, rules for small objects determined by politics.