You could have a bomb triggered by the target's RFID passing by!
There was actually a company that did exactly that as part of a security assessment of RFID passports (they used a flashbang rather than a full-scale bomb). They found that US passports worked really well as remote bomb detonators. "We're from the government, we're here to help you^H^H^Hthe terrorists".
In fact, the graphs are pretty much meaningless as a measure of either complexity or security. The Unix philosophy is to pile a large amount of functionality into a single call (the infinite flexibility of ioctl() being a good example) while the Windows philosophy is to have lots of special-case functions for different applications. Trying to compare "security" based on call-graph complexity is meaningless. To take one extreme example, I've seen a COM interface that was handled via a single function, DoIt(). In theory I could claim that this was vastly more secure than the Unix alternative, because the call graph is a single straight line from A to B. Now, would you say that DCOM is more secure than a Unix equivalent?
Well, it is and it isn't. The cost of filing as a limited liability corporation (LLC) isn't all that bad. Our lawyer (who has handled wills and other family matters) will do it for somewhere between $300 and $500.
It's a *hell* of a lot cheaper than that.
Your lawyer was price gouging.
The reason why it's cheaper for shell corporations is that they're exactly that, pre-generated cookie-cutter shells. Getting an existing, operating business switched over requires considerable legal work, and is therefore rather more expensive.
At the end of the day, this captcha is displayed on the screen as a colorful harder-to-read mumbo-jumbo, just like jpeg captchas, so all a bot has to do is use a html renderer to turn it into a regular image that can be processed. So the added complication is linking one of the existing captcha decoders and the gecko engine for example, maybe a half day's work. Not exactly uncrackable...
Exactly. It's just a really inefficient way to encode an uncompressed bitmap image. If you can encode it, the bad guys can decode it.
(Not to mention the fact that any well-organized attacker will be going at these things with a Internet cafe full of minimum-wage humans in some third-world country, so it doesn't matter how you fiddle the encoding. This looks like an example of what happens when you don't understand your problem space).
>Unfortunately, the trial version is crippled so that you can't save to.doc format . . .
Actually it does let you save to.doc format, but only for the first week of the 30-day trial, which is a bit of a pain if you're dithering a bit with the evaluation. If the SoftMaker folks make this change in response to comments here then it shows that they're pretty responsive to customer demands.
Does anyone know how this compares to 602Software's 602 PC Suite, which sells for $39.95? (Yeah I know, Windows only, blah blah, what I mean is how well does it work as a direct drop-in replacement for MS Word?).
>Does this black metal have any special properties aside from being black?
Massively increased surface area due to the nanostructures, imagine what this could do to your generic copper heatsink! The after-market price of Northwoods would double overnight.
It's purely a money-making scam by Verisign (and other CAs). The only thing high-assurance about "high-assurance" certs is the assurance that you'll be charged more money for them. See the Defcon talk Phishing Tips and Techniques - Tackle, Rigging, and How and When to Phish for a discussion of why "high-assurance" certs are worthless except to the companies issuing them.
This is probably going to get modded down as flamebait, but I'll say it anyway... I've been following some of the threads involving Joerg Schilling and while he definitely has some user interface bugs, some of the other people involved aren't any better. The whole thing comes across as kiddies squabbling over who took whose toy at lunchtime in the playground, with inanities like sniping over missing 'References' headers in mail messages. I can certainly see his point of view (having to include special-case checks for distros that do broken things with his tools, leading to lots of extra support work for him), although there are probably better ways to handle it than the ones he employed. The "problems" though seem more like religious sects arguing over minor differences in dogma than any solid reason for dropping the tools - it leaves a rather poor impression of the whole community.
I was just about to post some tongue-in-cheek comments about MAOIs... firstly you really don't want to try and "treat" this with a MAOI, these things are used as a last resort if everything else fails because they interact with virtually anything else you take (including food) in ways ranging from slightly problematic through to fatal. Since MAOI's can have permanent effects on brain functions (i.e. the effects don't go away once you stop taking the medication), it's also something you have to be pretty desperate to consider taking. Finally, as the article says, I'm somewhat sceptical about MAOA causing this, more likely it was coincidence that the elevated levels were found in the subjects.
>The most common form of sending new passwords today is via email. >I'll pass on any discussion about how secure this is, it's too >common to ignore. But the better alternative is via SMS to your >phone.
This has been independently reinvented a number of times by different people. After about the tenth time the banks finally caught on, and it's now fairly common in Europe and Australasia.
"struggling Creative"? Creative are the master of the frivolous lawsuit (and any other dodgy legal and quasi-legal means they can get away with, for example buying up anyone with a technology that threatens them and then shutting them down) to destroy their competition. A more appropriate angle would be "Creative up to its old tricks again in attack on Apple".
If I've got 5-10 minutes, I use a simple exercise of getting them to sketch out a program for a humanoid robot to set the table, i.e. to carry cutlery and food from the kitchen to the dining table. Before they begin, they consider it a trivial task. After about 5-10 minutes, they accept that even this "trivial" task is close to impossible. Here's an example: First, you have to get the thing to walk from the kitchen to the table. So you have to teach it to walk. Then you have to teach it to avoid obstacles. I tell them that their robot has just crushed the cat (it's not a chair or table, which was their understanding of an obstacle). So they modify it to avoid small furry objects... and kill the dog, which is large and furry. So they modify it again, and find that it's frozen in front of a throw rug, which is small and furry. So they modify it again, and find that it's been halted by a sleeping cat. Then you throw in exception conditions, e.g. a fire, or even just the phone ringing so the robot has to clear the way for someone to get the phone... it's fairly easy to demonstrate that even the apparently most trivial task is in fact incredibly complex once you have take all the different conditions into account, and depending on how much time you have (and how long they take to convince) you can keep throwing hurdles at them almost indefinitely.
What the replies here (and I think the presentation to some extent) have missed is that SMM isn't ring 0, it's ring -1. In SMM you can do things that the processor hardware normally prevents, like creating invalid/illogical page table entries. Since SMM bypasses any hardware-enforced checks, you can set the processor up to do... surprising things. This security risk was AFAIK first discussed in http://www.amazon.com/gp/product/0387953876/sr=8-1 /qid=1144813279/ref=sr_1_1/102-2091912-1657751?_en coding=UTF8
Exactly, I think this frasmotic misuse of anispeptic jargon should boil the diff gain into the clippers of anyone caught in its compunctuous pericombobulations.
The reason why Vista won't have antivirus capabilities is because of antitrust concerns. Allchin can't admit this in public because it's an issue for the lawyers, but that's the long and the short of it. MS people will tell you this off the record, they just can't say it in public.
My apologies for shooting down this great opportunity for MS-bashing, but I think I'm still leaving at least some opportunity for armchair lawyers to leap up and claim that that's just a smokescreen and the real reason is [insert conspiracy theory here].
>Sure, except that for a car you need this thing called a licence. And to get this licence you >need training. Usually from a licence school (driver training) but can be your parents etc. And >then you need to pass a written and a practical test. > >Now if we could only licence computer users....
It's still not quite enough. With cars, those who still don't get it eventually autodarwinate and are removed from the road. With computers, they just stick around forever.
>In summary, all Beta had going for it was video quality, but couldn't back it up with features worth a damn.
Actually it could be argued that Beta didn't even have video quality going for it. In the initial market, the US, the quality of NTSC video is so poor that you could barely tell the difference between the initial Beta and VHS recordings. By the time Sony got their act together, the VHS side had also made some advances, and the quality difference didn't really exist any more. (In the PAL market it was more noticeable, but by then Beta was already set on its downhill spiral).
I think one of the reasons for the persistent legend that Beta was higher-quality was that a lot of the advertising at the time pushed this factor really hard, because there was nothing else to push - early-generation Beta was, as you point out, inferior to early-generation VHS in almost ever aspect. Because of this the marketing guys concentrated on "Beta is better quality" even though almost no-one could see it with an NTSC signal. It's a bit like the photocopier company that ran a series of ads proclaiming how quick their service guys would be on-site when their copiers broke down, which was a lot of smoke and mirrors to disguise the fact that their copiers broke down ten times more often than anyone else's.
Does anyone know what this player did that pissed Hollywood off so much? I can't see anything there that other players don't do as well. Or are they trying to make an example of Samsung for some reason?
... it's a way of spiking DRM. If the UK government can be scared into requiring that Windows Vista not be fully DRM-enabled (by whatever means necessary), then that's a good thing. Waving the four horsemen (porn, pedophiles, drug dealers, terrorists) at them is a good way of achieving this - the horsemen have been used for years to justify restrictive computer laws, now (for once) they're being used to try and combat restrictions.
Slashdot Mirror
It's actually quite possible, see the description of player immunization at http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_c ost.html#revocation, down towards the end of the section.
There was actually a company that did exactly that as part of a security assessment of RFID passports (they used a flashbang rather than a full-scale bomb). They found that US passports worked really well as remote bomb detonators. "We're from the government, we're here to help you^H^H^Hthe terrorists".
In fact, the graphs are pretty much meaningless as a measure of either complexity or security. The Unix philosophy is to pile a large amount of functionality into a single call (the infinite flexibility of ioctl() being a good example) while the Windows philosophy is to have lots of special-case functions for different applications. Trying to compare "security" based on call-graph complexity is meaningless. To take one extreme example, I've seen a COM interface that was handled via a single function, DoIt(). In theory I could claim that this was vastly more secure than the Unix alternative, because the call graph is a single straight line from A to B. Now, would you say that DCOM is more secure than a Unix equivalent?
Exactly. It's just a really inefficient way to encode an uncompressed bitmap image. If you can encode it, the bad guys can decode it.
(Not to mention the fact that any well-organized attacker will be going at these things with a Internet cafe full of minimum-wage humans in some third-world country, so it doesn't matter how you fiddle the encoding. This looks like an example of what happens when you don't understand your problem space).
... here's your free laptop, complete with Windows Vista and an HD-DVD drive. Now try actually *playing* some HD content through it. Muahahahaha!
Love, Bill.
>Unfortunately, the trial version is crippled so that you can't save to .doc format . . .
.doc format, but only for the first week of the 30-day trial, which is a bit of a pain if you're dithering a bit with the evaluation. If the SoftMaker folks make this change in response to comments here then it shows that they're pretty responsive to customer demands.
Actually it does let you save to
Does anyone know how this compares to 602Software's 602 PC Suite, which sells for $39.95? (Yeah I know, Windows only, blah blah, what I mean is how well does it work as a direct drop-in replacement for MS Word?).
It's been quite fun watching it on a live update, every few minutes [click] and the nosedive continues.
>Does this black metal have any special properties aside from being black? Massively increased surface area due to the nanostructures, imagine what this could do to your generic copper heatsink! The after-market price of Northwoods would double overnight.
It's purely a money-making scam by Verisign (and other CAs). The only thing high-assurance about "high-assurance" certs is the assurance that you'll be charged more money for them. See the Defcon talk Phishing Tips and Techniques - Tackle, Rigging, and How and When to Phish for a discussion of why "high-assurance" certs are worthless except to the companies issuing them.
This is probably going to get modded down as flamebait, but I'll say it anyway... I've been following some of the threads involving Joerg Schilling and while he definitely has some user interface bugs, some of the other people involved aren't any better. The whole thing comes across as kiddies squabbling over who took whose toy at lunchtime in the playground, with inanities like sniping over missing 'References' headers in mail messages. I can certainly see his point of view (having to include special-case checks for distros that do broken things with his tools, leading to lots of extra support work for him), although there are probably better ways to handle it than the ones he employed. The "problems" though seem more like religious sects arguing over minor differences in dogma than any solid reason for dropping the tools - it leaves a rather poor impression of the whole community.
I was just about to post some tongue-in-cheek comments about MAOIs... firstly you really don't want to try and "treat" this with a MAOI, these things are used as a last resort if everything else fails because they interact with virtually anything else you take (including food) in ways ranging from slightly problematic through to fatal. Since MAOI's can have permanent effects on brain functions (i.e. the effects don't go away once you stop taking the medication), it's also something you have to be pretty desperate to consider taking. Finally, as the article says, I'm somewhat sceptical about MAOA causing this, more likely it was coincidence that the elevated levels were found in the subjects.
>The most common form of sending new passwords today is via email.
>I'll pass on any discussion about how secure this is, it's too
>common to ignore. But the better alternative is via SMS to your
>phone.
This has been independently reinvented a number of times by different people. After about the tenth time the banks finally caught on, and it's now fairly common in Europe and Australasia.
>I've never heard it called FAKERAID
It's WinRAID, like WinModems, WinPrinters, and other pretend technology.
"struggling Creative"? Creative are the master of the frivolous lawsuit (and any other dodgy legal and quasi-legal means they can get away with, for example buying up anyone with a technology that threatens them and then shutting them down) to destroy their competition. A more appropriate angle would be "Creative up to its old tricks again in attack on Apple".
If I've got 5-10 minutes, I use a simple exercise of getting them to sketch out a program for a humanoid robot to set the table, i.e. to carry cutlery and food from the kitchen to the dining table. Before they begin, they consider it a trivial task. After about 5-10 minutes, they accept that even this "trivial" task is close to impossible. Here's an example: First, you have to get the thing to walk from the kitchen to the table. So you have to teach it to walk. Then you have to teach it to avoid obstacles. I tell them that their robot has just crushed the cat (it's not a chair or table, which was their understanding of an obstacle). So they modify it to avoid small furry objects... and kill the dog, which is large and furry. So they modify it again, and find that it's frozen in front of a throw rug, which is small and furry. So they modify it again, and find that it's been halted by a sleeping cat. Then you throw in exception conditions, e.g. a fire, or even just the phone ringing so the robot has to clear the way for someone to get the phone... it's fairly easy to demonstrate that even the apparently most trivial task is in fact incredibly complex once you have take all the different conditions into account, and depending on how much time you have (and how long they take to convince) you can keep throwing hurdles at them almost indefinitely.
What the replies here (and I think the presentation to some extent) have missed is that SMM isn't ring 0, it's ring -1. In SMM you can do things that the processor hardware normally prevents, like creating invalid/illogical page table entries. Since SMM bypasses any hardware-enforced checks, you can set the processor up to do... surprising things. This security risk was AFAIK first discussed in http://www.amazon.com/gp/product/0387953876/sr=8-1 /qid=1144813279/ref=sr_1_1/102-2091912-1657751?_en coding=UTF8
Exactly, I think this frasmotic misuse of anispeptic jargon should boil the diff gain into the clippers of anyone caught in its compunctuous pericombobulations.
The reason why Vista won't have antivirus capabilities is because of antitrust concerns. Allchin can't admit this in public because it's an issue for the lawyers, but that's the long and the short of it. MS people will tell you this off the record, they just can't say it in public.
My apologies for shooting down this great opportunity for MS-bashing, but I think I'm still leaving at least some opportunity for armchair lawyers to leap up and claim that that's just a smokescreen and the real reason is [insert conspiracy theory here].
>Sure, except that for a car you need this thing called a licence. And to get this licence you
>need training. Usually from a licence school (driver training) but can be your parents etc. And
>then you need to pass a written and a practical test.
>
>Now if we could only licence computer users....
It's still not quite enough. With cars, those who still don't get it eventually autodarwinate and are removed from the road. With computers, they just stick around forever.
>In summary, all Beta had going for it was video quality, but couldn't back it up with features worth a damn.
Actually it could be argued that Beta didn't even have video quality going for it. In the initial market, the US, the quality of NTSC video is so poor that you could barely tell the difference between the initial Beta and VHS recordings. By the time Sony got their act together, the VHS side had also made some advances, and the quality difference didn't really exist any more. (In the PAL market it was more noticeable, but by then Beta was already set on its downhill spiral).
I think one of the reasons for the persistent legend that Beta was higher-quality was that a lot of the advertising at the time pushed this factor really hard, because there was nothing else to push - early-generation Beta was, as you point out, inferior to early-generation VHS in almost ever aspect. Because of this the marketing guys concentrated on "Beta is better quality" even though almost no-one could see it with an NTSC signal. It's a bit like the photocopier company that ran a series of ads proclaiming how quick their service guys would be on-site when their copiers broke down, which was a lot of smoke and mirrors to disguise the fact that their copiers broke down ten times more often than anyone else's.
Does anyone know what this player did that pissed Hollywood off so much? I can't see anything there that other players don't do as well. Or are they trying to make an example of Samsung for some reason?
... it's a way of spiking DRM. If the UK government can be scared into requiring that Windows Vista not be fully DRM-enabled (by whatever means necessary), then that's a good thing. Waving the four horsemen (porn, pedophiles, drug dealers, terrorists) at them is a good way of achieving this - the horsemen have been used for years to justify restrictive computer laws, now (for once) they're being used to try and combat restrictions.