Also, who's working on a machine that takes more than a minute to compile something? Either you're building an operating system, or you need a new machine.
Biometric passports are not designed to be read at 25 feet. They are barely readable at 3-4 inches. The RF field has to provide power to the chip, which is not technically possible from very far (without frying a bunch of things around you).
In order to read the passport, you have to authenticate with the chip using information that needs to be read visually from the surface of the passport.
Or did you make enough calls to 911 to make it statiscly relevant? If so you where put on hold while they send out the police to arrest you!
This reminds me... My brother was working on mobile phones some years back. One part of field testing was to call 911 a certain number of times. "Hello, this is so-and-so from big-mobile-phone-company. I'm performing field testing, and will be calling you 49 more times this afternoon. Please don't get upset."
Well, being in Europe, I didn't see any of the ads either. But considering that the game started here at about 1:00 in the morning, I don't think they could've measured any significant brain responses anyway. Zzzzz.
Some ppl here are recommending cvs and other such overkill. If your a novice PHP coder, none of that matters... At this point, you biggest concern should be storage for sake of making frequent backups.
I don't see why version control wouldn't matter for novice programmers. At that stage, there's probably more iteration and trial-and-error than amongst seasoned programmers. Storing the various trials as branches in a repository makes life so much easier than having a dozen directories with the slightly different variants in them.
Setting up a versioned filesystem repository (FSFS) for SVN is a breeze. You can make backups of the repository. I don't think it's overkill at all.
It is always fun to do homework with Wikipedia... Biometric passports don't use RFID tags. Period.
My reference? I work on smart cards, including biometric passports. In this field, no one in their right mind would use RFID tags for passports, or anything requiring security. Ever.
It is sad that the web is full of stuff about RFID security, or the lack of it, and people then make the assumption that anything contactless is RFID, and thus insecure. It it really hard to try to set the facts straight, when the correctness of your facts can be questioned with a bunch of links to FUD. (And damn, even the links you provide yourself prove to contain incorrect or misleading information! Argh.)
I guess I should just give up. It'll give me a warm and fuzzy feeling to know I'm right, after all.
any card that has a contactless interface(ie hold the card near the reader) is an RFID setup
A smart card still needs to be swiped.
A smart card does not have to have contacts. It does not have to be swiped. It can be contactless, and more and more of them are these days. In fact, a single smart card chip can have both methods of communication.
Again, you may argue that it's RFID if it's contactless, but this is confusing as RFID generally refers to RFID tags, which are not smart cards. A contactless interface does not turn smart cards into a RFID (tags).
I've done my homework. Most folks (esp. in the US) seem to use the terms "RFID" and "contactless smart card" interchangeably, while they are totally different beasts. Scheier does that just as well, which doesn't help things. Maybe he even does it deliberately, to gain more publicity. You see, there are tons of news about RFID being broken, but when was the last time you saw that about a smart card?
In fact, the article by The Register you refer to deals with this issue. People are worried because "The contactless chips that will be used in ID cards and passports are amazingly like RFID tags." They both work without contacts, from a distance. But that doesn't make them the same.
I repeat again, the biometric passports and UK identity cards, etc. etc. won't be using RFID tags. They will be using contactless smart cards, which communicate according to ISO/IEC 14443.
So I guess this boils down to terminology, really. The problem is that whenever people see "RFID broken" in the news, they freak, even though it means "RFID tags broken". Maybe you could argue that smart cards use RFID technology for contactless communication, but I think this just fuels the confusion, because then people generalize smart cards to be RFID tags, which is not the case.
I can't think of one thing that my grandmother [...] uses every day that wasn't once a shiny geek toy to someone.
Your statement is so confident that I'm sure you have put a lot of thought into this (or you just don't have much of an imagination). I'm not arguing this way or that, but I think this is really thought provoking.
What are your favourite Shiny Geek Toys of the Past that your grandmother uses? What is Teh Ultimate Shiny Geek Toy of the Past? Could it be the wheel? Or a hammer? Toilet must be on the list (got to have them shiny). Shoes, maybe?
When I was a student I joined a photography club at my technical university. The members were exclusively engineering students. Their "motto", loosely translated, was Photography is the best art form because technique/technology is an essential part of it. People did some pretty neat stuff there.
Of course, the pictures were usually technically excellent and many times incorporated some dark room tricks, but also the subjects were often nerd things. I remember a competition titled Roots, in which most pictures consisted of grandparents and other back to roots things, but one picture by our club member consisted of a nutty professor and some strange formulas with square roots in them. It was pretty hilarious.
It is still just facts. Weather statistics, like the temperature and wether the sun is shining or not is one of the most important components for anyone in meteorology, still doesn't mean no one else can tell about the weather yesterday they read about or saw.
Yeah, but you didn't buy a ticket from the corporation organizing the wonder of weather to see it, did you? Be sure the check the EULA next time you go see a game of baseball! I'll bet it says "You are granted a non-exclusive license to enjoy the game yadda yadda but the ownership and rights to the results remain the sole property of blah blah blaa.";-)
I think the concept of television networks is a clunker of an idea waaay past its time. I suggest that in this age of the Internet, we should all be watching on-demand content provided directly by the content makers that's financed by micropayments paid by the consumers, and we receive our "signal" via high-speed Internet connections to the content providers.
I agree, and everyone is talking about the convergence of networks, etc. but divergence is what I see. I mean, if we used all the money spent on all variants of DVB (satellite, cable, terrestial, mobile) on enhancing the on-demand video broadcasting on the Internet instead, who knows what we could have. Or could have had, to be more precise.
I'll bet its our digital restrictions management friends at works here again.
To say that the post was lacking substance would be an understatement.
You see, Bob said all this and more in a TV interview, which, according to the interview, can't be viewed because your favourite OS is an outdated clunker that won't be able to adequately handle the coming of "video internet".
Maybe the interview is available for download in a few years when the new video oriented operating systems he mentions have taken hold.
Moreover, I thought Einstein was referring to the uncertainties of the quantum theory (i.e. Schrödinger's cat) when he said, "God does not play dice", meaning that he didn't accept it. Anyone care to enlighten me?
Having participated in the Common Criteria evaluation of a product, I'll have to comment on this.
Once an attacker has physical access, all bets are off.
This is not entirely true. It really depends on the type of system we are talking about. Smart cards exist for the specific purpose of being tamper resistant devices, i.e. can withstand physical attacks to a certain extent. Usually the Common Criteria evaluation of a smart card operating system covers many aspects related to physical attacks.
As per the grandparent's claim that the Common Criteria is worthless: It depends on the Protection Profile (PP) and the Target of Evaluation (TOE). Usually, the higher the EAL (Evaluation Assurance Level), the smaller the target of evaluation. It is very costly and laborous to achieve high EALs for broad targets of evaluation.
In the case of a general purpose operating system, it would be interesting to get hold of the PP and the TOE, and to see what is actually evaluated. In any case, there will be a specification of the environment in which the evaluation holds, and surely for any general purpose OS the physical access must be restricted.
Does this E-thing (Slashdotted) gSave KMe of KThese gStupid KNaming Konventions KGnome and gKDE are using or have inspired for apps? It's gSimply KNOT gAmusing or Klever. Or eWill eThis eBring eMe eJust enother ennoying eConvention?
In short, they all suggest writing readable code is more important than commenting spaghetti, but there are also good points on commenting. (Can't be bothered to copy-paste them here, though, see for yourself.)
Slashdot Mirror
You've obviously never run Gentoo.
And here I thought I'd be doing them a favor, saving bandwidth and all, by blocking ads. I guess no good deed goes unpunished.
This reminds me... My brother was working on mobile phones some years back. One part of field testing was to call 911 a certain number of times. "Hello, this is so-and-so from big-mobile-phone-company. I'm performing field testing, and will be calling you 49 more times this afternoon. Please don't get upset."
Well, being in Europe, I didn't see any of the ads either. But considering that the game started here at about 1:00 in the morning, I don't think they could've measured any significant brain responses anyway. Zzzzz.
I don't see why version control wouldn't matter for novice programmers. At that stage, there's probably more iteration and trial-and-error than amongst seasoned programmers. Storing the various trials as branches in a repository makes life so much easier than having a dozen directories with the slightly different variants in them.
Setting up a versioned filesystem repository (FSFS) for SVN is a breeze. You can make backups of the repository. I don't think it's overkill at all.
My reference? I work on smart cards, including biometric passports. In this field, no one in their right mind would use RFID tags for passports, or anything requiring security. Ever.
It is sad that the web is full of stuff about RFID security, or the lack of it, and people then make the assumption that anything contactless is RFID, and thus insecure. It it really hard to try to set the facts straight, when the correctness of your facts can be questioned with a bunch of links to FUD. (And damn, even the links you provide yourself prove to contain incorrect or misleading information! Argh.)
I guess I should just give up. It'll give me a warm and fuzzy feeling to know I'm right, after all.
A smart card does not have to have contacts. It does not have to be swiped. It can be contactless, and more and more of them are these days. In fact, a single smart card chip can have both methods of communication.
Again, you may argue that it's RFID if it's contactless, but this is confusing as RFID generally refers to RFID tags, which are not smart cards. A contactless interface does not turn smart cards into a RFID (tags).
In fact, the article by The Register you refer to deals with this issue. People are worried because "The contactless chips that will be used in ID cards and passports are amazingly like RFID tags." They both work without contacts, from a distance. But that doesn't make them the same.
I repeat again, the biometric passports and UK identity cards, etc. etc. won't be using RFID tags. They will be using contactless smart cards, which communicate according to ISO/IEC 14443.
So I guess this boils down to terminology, really. The problem is that whenever people see "RFID broken" in the news, they freak, even though it means "RFID tags broken". Maybe you could argue that smart cards use RFID technology for contactless communication, but I think this just fuels the confusion, because then people generalize smart cards to be RFID tags, which is not the case.
I knew this was coming the second I saw the headline.
Biometric passports and most other applications that need secure tokens utilize smart cards.
RFID tags are not the same as smart cards. The difference is huge. Please do your homework.
Besides inventory tracking, we usually don't. It is just confusion and FUD.
Your statement is so confident that I'm sure you have put a lot of thought into this (or you just don't have much of an imagination). I'm not arguing this way or that, but I think this is really thought provoking.
What are your favourite Shiny Geek Toys of the Past that your grandmother uses? What is Teh Ultimate Shiny Geek Toy of the Past? Could it be the wheel? Or a hammer? Toilet must be on the list (got to have them shiny). Shoes, maybe?
Other ideas?
Today they will think so. In a few days, when the /. traffic declines, they might reconsider.
When I was a student I joined a photography club at my technical university. The members were exclusively engineering students. Their "motto", loosely translated, was Photography is the best art form because technique/technology is an essential part of it. People did some pretty neat stuff there.
Of course, the pictures were usually technically excellent and many times incorporated some dark room tricks, but also the subjects were often nerd things. I remember a competition titled Roots, in which most pictures consisted of grandparents and other back to roots things, but one picture by our club member consisted of a nutty professor and some strange formulas with square roots in them. It was pretty hilarious.
Keyboards, on the other hand, rarely or hardly ever.
Yeah, but you didn't buy a ticket from the corporation organizing the wonder of weather to see it, did you? Be sure the check the EULA next time you go see a game of baseball! I'll bet it says "You are granted a non-exclusive license to enjoy the game yadda yadda but the ownership and rights to the results remain the sole property of blah blah blaa." ;-)
I agree, and everyone is talking about the convergence of networks, etc. but divergence is what I see. I mean, if we used all the money spent on all variants of DVB (satellite, cable, terrestial, mobile) on enhancing the on-demand video broadcasting on the Internet instead, who knows what we could have. Or could have had, to be more precise.
I'll bet its our digital restrictions management friends at works here again.
Maybe the interview is available for download in a few years when the new video oriented operating systems he mentions have taken hold.
Moreover, I thought Einstein was referring to the uncertainties of the quantum theory (i.e. Schrödinger's cat) when he said, "God does not play dice", meaning that he didn't accept it. Anyone care to enlighten me?
Yeah, I know, the dead and not dead at the same time feeling really sucks. Somebody open the box!
You can join the effort!
Not small enough? Some earlier models have been around for years.
(Sorry for being a Nokia fanboy. I'm sure other phone manufacturers have small models with XHTML browsers as well.)
This is not entirely true. It really depends on the type of system we are talking about. Smart cards exist for the specific purpose of being tamper resistant devices, i.e. can withstand physical attacks to a certain extent. Usually the Common Criteria evaluation of a smart card operating system covers many aspects related to physical attacks.
As per the grandparent's claim that the Common Criteria is worthless: It depends on the Protection Profile (PP) and the Target of Evaluation (TOE). Usually, the higher the EAL (Evaluation Assurance Level), the smaller the target of evaluation. It is very costly and laborous to achieve high EALs for broad targets of evaluation.
In the case of a general purpose operating system, it would be interesting to get hold of the PP and the TOE, and to see what is actually evaluated. In any case, there will be a specification of the environment in which the evaluation holds, and surely for any general purpose OS the physical access must be restricted.
Does this E-thing (Slashdotted) gSave KMe of KThese gStupid KNaming Konventions KGnome and gKDE are using or have inspired for apps? It's gSimply KNOT gAmusing or Klever. Or eWill eThis eBring eMe eJust enother ennoying eConvention?
In short, they all suggest writing readable code is more important than commenting spaghetti, but there are also good points on commenting. (Can't be bothered to copy-paste them here, though, see for yourself.)
Is that a word???