The difference between the normal adult recommended max dosing on the package and toxic overdose is only a factor of two. That's for an average weight adult and not a skinny little 110-lb woman. Normal pediatric dosing is up to 105mg/kg/day (up to 5-doses a day at 10mg/kg) but the overdose threshold is only 150mg/kg/day. A 100-lb 12 year old taking the recommended dose is getting 72 mg/kg/day or about 1/2 the toxic dose. Forget letting your cat or dog eat the pill you accidentally dropped on the floor. Too often people don't know the difference between tsp and tbs or think its safe to double up on the dose.
Yeah, I would call that ridiculously easy to overdose.
So that's why Johnson & Johnson McNeil is so happy. They can claim those products were not really intended for human consumption. Of course they also claim acetaminophen is perfectly safe and doesn't cause long term liver damage in humans.
Did nobody point out that most snakes prefer live prey. Especially TREE snakes that generally don't scour the ground looking for food? Sounds like they'll end up killing other animals like birds, but wait aren't they trying to kill the snakes to save the birds?
Given that the US govt holds a pretty small percentage of the IPv4 allocations, converting them won't do much to prevent exhaustion. In fact, you'll find that large chunks of DOD are moving towards NAT and using rfc private addresses (example would be NMCI using 10. numbers). Lets face it, we have way too many problems as a result of govt agencies using publicly routeable addresses.
I would much rather see the industry take the lead and financial burden of working out the kinks with IPv6. Besides, don't you realize that IPv6 addresses make perfect cookies?
Speaking of google, you do realize that Google Maps already has routing options based on whether you're walking, biking, or taking public transit? I'm not sure how good their maps are or their coverage areas though. They probably don't have an iPhone app either.
I think much of it has to do with lessening chaffing, wearing a material that will let your sweat evaporate vs just absorb it, not as a fashion statement
Bingo. That's why I wear bike shorts. Good sweat wicking without seams or folded fabric prevents crotch rot and chaffing. For really long rides (>60-miles), having the thin gel pad is really nice. Of course I'm reasonably fit and don't look too bad in them. I personally don't find the really heavy-set guys or girls in spandex t all that pleasant to look at. But on the positive side, they are out there exercising trying to improve themselves instead of being couch potatoes.
When I participate in a race and see a really large woman struggling to finish, I recognize that she probably put out more effort and guts than the guy who won the race in half the time.
This does suggest a way those willing to take direct action could hurt the xxAAs efforts. DDoS attacks are just a nuisance, but theft of sensitive data drives a wedge between the xxAAs and the ISPs they need to co-operate with them.
It's a fine line though. Some politician could easily spin this so that it appears that evil pirates are hacking into systems and exposing the personal data of innocent folks. Of course more legislation would be needed to go after these evil-doers.
Just wondering if the customers have any grounds for suing the ISP. Did their contract have terms that even allowed them to share the info with this legal firm? Would inspection of the traffic flows to generate the data provided to the law firm constitute invasion of privacy or illegal wiretapping?
The guy was on a motorcycle, he probably wasn't aware that the cops were behind him...
I do agree that the plain-clothes cop shouldn't have been involved. MD likes to run plainclothes, unmarked cars on 95 and the BW parkway, profiling for drug cars. They then call ahead for a regular cruiser to pull them over for some other charge (invented or not).
You can clearly see the camera view dipping downwards as he periodically looks at his side mirrors the whole time. He damn well knew he was being followed by three cop cars.
Lots of body roll usually implies going too fast. You yourself said you were driving too fast. Where the heck do they put chicanes in a 50 mph zone anyway?
I got pulled over by a young cop on a power trip for driving too fast through a chicane designed to slow people down. I was probably doing half the speed limit (25 in a 50 zone), and it was about 10:30 at night in a deserted part of town.
Yeah, I had a lot of body roll (older car), so perhaps it looked dangerous. The cop basically had a shout at me, while his co-cop stood there and said nothing, and then drove off to harass someone else.
Where's the good cop in that? The guy doing the shouting was clearly an asshole, but the other policeman who just stood there was also culpable. If your 'good cops' are sitting passively by while bad cops abuse their good name, they're not really good cops are they?
Wait. You were driving like a moron and you're upset that all you got was a warning? Would you have been happier if he calmly gave you a road-side sobriety test and then wrote you a reckless driving ticket?
We have an asshole cop who has learned a neat "trick" near my house; he parks at a 45-degree angle, the wrong way down the wrong side of a cul-de-sac, and watches for people to go past the stop sign, making sure his dashcam can't see the sign or cars. Then, soon as anyone pulls out, he just pulls forward, cites for a fraudulent "failure to fully stop", and fills his ticket quota for the month.
Then by all means then, get your camera and quit whining. You lose the right to complain when your too freaking lazy to do something about it.
The guy was running from the cops, weaving in-out of traffic at high speed and otherwise jeopardizing every other driver on the road. The cop in front might have been simply overly cautious, pulling his weapon if he thought the motorcyclist may try to ram him. It also looks like the cop realized that he didn't identify himself and corrected that right away. Besides, with two cop cars behind him with their lights on it was pretty obvious he was with the cops. If this was an asshat in a car, would you be surprised if the cops stopped him with weapons drawn?
The motorcyclist was a jackass and an idiot. I do think the MD cops were waaayy out of line trying to supress the video though. Instead they should have embraced it, and taken it to court as evidence that this guy should never get a license again.
SIPR is partitioned, although some of the encrypted tunnels do go over unsecured links making them subject to DOS attacks. NIPR is not completely partitioned. It still has connection points to the internet. Despite heavy filtering and monitoring of those connections, its still too easy for intrusions since you simply can't inspect every piece of email or ssl data coming and going through those choke points.
After much back and forth, we figured out that they were passing the key in as ASCII bytes of the minimum key length, effectively using a 64-bit key.
Technically they had a 128-bit key (16 x 8-bit ascii characters). Limiting the key selection to ascii characters 0-F just means they had an artificially small key space. This is only a help if the attacker knows what they did, in which case it would significantly speed up a brute force attack. Essentially the same issue with long passwords that are only lower case characters.
Why does the summary and articles read like a paid advertisement for Ksplice?
Because it's being read by someone who has a juvenile fascination with server uptime ?
Huh? You trolling?
Personally server uptime is a farce and the only people I know who brag about it is the Linux community. Folks in the real world just implement clusters and fault tolerant setups, which give them the ability to actually reach 100% uptime and do maintenance.
I agree. If you truly need 100% uptime, the implement a fault-tolerant setup that allows single server down times. Ksplice is basically a bandaid and I can see how it might be useful, but on the other hand how many vulnerabilities to security or reliability does Ksplice itself introduce?
What is annoying me about these issues is that they are described so poorly that I'm not certain if I have a problem. I run 64-bit Linux but no 32-bit code and there are no local users other than for the services I'm running (http and ssh). So do I need to take the time to do something or can I wait for a normal update?
Short answer - it depends on whether your kernel has the vulnerability. Seriously, Slashdot is the worst place to find out more into about vulnerabilities. At least it did give the CVE which you can use to get more details and determine if you're affected.
You're confusing compile options with kernel code. RedHat didn't include the patch to the code that reintroduced the vulnerability. They do compile with the 32-bit option that is needed to exploit the bug. Given that CentOS blantantly copies the source code and compiles it in the same manner, I'd expect they don't suffer this vulnerability either.
Yeah, it clearly shows that OSS cannot compensate stupidity from the planners, and that it is very easy to put the blame on Linux instead.
My interpretation is that a decision to go OSS was made without properly determining if the needs could be met with OSS. Linux and OpenOffice were certainly not ready for the desktop in 2001 (I won't debate whether they are now). This started with a pet project with a lofty idea of moving them to Linux, expecting that it would lower TCO. It was poorly planned and implemented. The OSS software they chose didn't actually meet their needs.
So the new CIO comes in and decides to stop pouring money down the hole, and implement an industry standard email system and desktop environment. The sad thing is that the users will get to experience another transition that may or may not go as smoothly.
Having RTFA, it looks like they are taking measures to protect the corals from fisherman with the hope that the gesture will generate awareness and sympathy (ie money) towards their plight. It also hints that by establishing a preserve, they hope to increase tourism to offset the financial loss.
A "contract" between a University and a student is not law. The law is all about interpretation, and it is going to take a precedent to be set before one can judge.
Agreed. I think the first business that gets one of these super-sized fines that FCC is proposing will take it to court.
Slashdot Mirror
It takes >4 grams/day to overdose. It's far from "ridiculously easy". You can have 8 extra-strength Tylenol in a day and still be okay. /pharmicist
http://www.drugs.com/acetaminophen.html
The difference between the normal adult recommended max dosing on the package and toxic overdose is only a factor of two. That's for an average weight adult and not a skinny little 110-lb woman. Normal pediatric dosing is up to 105mg/kg/day (up to 5-doses a day at 10mg/kg) but the overdose threshold is only 150mg/kg/day. A 100-lb 12 year old taking the recommended dose is getting 72 mg/kg/day or about 1/2 the toxic dose. Forget letting your cat or dog eat the pill you accidentally dropped on the floor. Too often people don't know the difference between tsp and tbs or think its safe to double up on the dose.
Yeah, I would call that ridiculously easy to overdose.
So that's why Johnson & Johnson McNeil is so happy. They can claim those products were not really intended for human consumption. Of course they also claim acetaminophen is perfectly safe and doesn't cause long term liver damage in humans.
Did nobody point out that most snakes prefer live prey. Especially TREE snakes that generally don't scour the ground looking for food? Sounds like they'll end up killing other animals like birds, but wait aren't they trying to kill the snakes to save the birds?
Given that the US govt holds a pretty small percentage of the IPv4 allocations, converting them won't do much to prevent exhaustion. In fact, you'll find that large chunks of DOD are moving towards NAT and using rfc private addresses (example would be NMCI using 10. numbers). Lets face it, we have way too many problems as a result of govt agencies using publicly routeable addresses.
I would much rather see the industry take the lead and financial burden of working out the kinks with IPv6. Besides, don't you realize that IPv6 addresses make perfect cookies?
Speaking of google, you do realize that Google Maps already has routing options based on whether you're walking, biking, or taking public transit? I'm not sure how good their maps are or their coverage areas though. They probably don't have an iPhone app either.
I think much of it has to do with lessening chaffing, wearing a material that will let your sweat evaporate vs just absorb it, not as a fashion statement
Bingo. That's why I wear bike shorts. Good sweat wicking without seams or folded fabric prevents crotch rot and chaffing. For really long rides (>60-miles), having the thin gel pad is really nice. Of course I'm reasonably fit and don't look too bad in them. I personally don't find the really heavy-set guys or girls in spandex t all that pleasant to look at. But on the positive side, they are out there exercising trying to improve themselves instead of being couch potatoes.
When I participate in a race and see a really large woman struggling to finish, I recognize that she probably put out more effort and guts than the guy who won the race in half the time.
This does suggest a way those willing to take direct action could hurt the xxAAs efforts. DDoS attacks are just a nuisance, but theft of sensitive data drives a wedge between the xxAAs and the ISPs they need to co-operate with them.
It's a fine line though. Some politician could easily spin this so that it appears that evil pirates are hacking into systems and exposing the personal data of innocent folks. Of course more legislation would be needed to go after these evil-doers.
Just wondering if the customers have any grounds for suing the ISP. Did their contract have terms that even allowed them to share the info with this legal firm? Would inspection of the traffic flows to generate the data provided to the law firm constitute invasion of privacy or illegal wiretapping?
The guy was on a motorcycle, he probably wasn't aware that the cops were behind him ...
I do agree that the plain-clothes cop shouldn't have been involved. MD likes to run plainclothes, unmarked cars on 95 and the BW parkway, profiling for drug cars. They then call ahead for a regular cruiser to pull them over for some other charge (invented or not).
You can clearly see the camera view dipping downwards as he periodically looks at his side mirrors the whole time. He damn well knew he was being followed by three cop cars.
Lots of body roll usually implies going too fast. You yourself said you were driving too fast. Where the heck do they put chicanes in a 50 mph zone anyway?
I got pulled over by a young cop on a power trip for driving too fast through a chicane designed to slow people down. I was probably doing half the speed limit (25 in a 50 zone), and it was about 10:30 at night in a deserted part of town.
Yeah, I had a lot of body roll (older car), so perhaps it looked dangerous. The cop basically had a shout at me, while his co-cop stood there and said nothing, and then drove off to harass someone else.
Where's the good cop in that? The guy doing the shouting was clearly an asshole, but the other policeman who just stood there was also culpable. If your 'good cops' are sitting passively by while bad cops abuse their good name, they're not really good cops are they?
Wait. You were driving like a moron and you're upset that all you got was a warning? Would you have been happier if he calmly gave you a road-side sobriety test and then wrote you a reckless driving ticket?
yellow speed sign are recommended speed. the ones you see at sharp corners.
Yes, and the cops like to write reckless driving tickets for exceeding the "safe" driving speed, instead of exceeding the max posted speed limit.
We have an asshole cop who has learned a neat "trick" near my house; he parks at a 45-degree angle, the wrong way down the wrong side of a cul-de-sac, and watches for people to go past the stop sign, making sure his dashcam can't see the sign or cars. Then, soon as anyone pulls out, he just pulls forward, cites for a fraudulent "failure to fully stop", and fills his ticket quota for the month.
Then by all means then, get your camera and quit whining. You lose the right to complain when your too freaking lazy to do something about it.
The guy was running from the cops, weaving in-out of traffic at high speed and otherwise jeopardizing every other driver on the road. The cop in front might have been simply overly cautious, pulling his weapon if he thought the motorcyclist may try to ram him. It also looks like the cop realized that he didn't identify himself and corrected that right away. Besides, with two cop cars behind him with their lights on it was pretty obvious he was with the cops. If this was an asshat in a car, would you be surprised if the cops stopped him with weapons drawn?
The motorcyclist was a jackass and an idiot. I do think the MD cops were waaayy out of line trying to supress the video though. Instead they should have embraced it, and taken it to court as evidence that this guy should never get a license again.
All of those things go away when you are air-gapped.
Until you get clueless users moving files back-n-forth by sneaking in thumb drives. Go ask the DOD why they banned thumb drives.
SIPR is partitioned, although some of the encrypted tunnels do go over unsecured links making them subject to DOS attacks. NIPR is not completely partitioned. It still has connection points to the internet. Despite heavy filtering and monitoring of those connections, its still too easy for intrusions since you simply can't inspect every piece of email or ssl data coming and going through those choke points.
After much back and forth, we figured out that they were passing the key in as ASCII bytes of the minimum key length, effectively using a 64-bit key.
Technically they had a 128-bit key (16 x 8-bit ascii characters). Limiting the key selection to ascii characters 0-F just means they had an artificially small key space. This is only a help if the attacker knows what they did, in which case it would significantly speed up a brute force attack. Essentially the same issue with long passwords that are only lower case characters.
Why does the summary and articles read like a paid advertisement for Ksplice?
Because it's being read by someone who has a juvenile fascination with server uptime ?
Huh? You trolling?
Personally server uptime is a farce and the only people I know who brag about it is the Linux community. Folks in the real world just implement clusters and fault tolerant setups, which give them the ability to actually reach 100% uptime and do maintenance.
I agree. If you truly need 100% uptime, the implement a fault-tolerant setup that allows single server down times. Ksplice is basically a bandaid and I can see how it might be useful, but on the other hand how many vulnerabilities to security or reliability does Ksplice itself introduce?
What is annoying me about these issues is that they are described so poorly that I'm not certain if I have a problem. I run 64-bit Linux but no 32-bit code and there are no local users other than for the services I'm running (http and ssh). So do I need to take the time to do something or can I wait for a normal update?
Short answer - it depends on whether your kernel has the vulnerability. Seriously, Slashdot is the worst place to find out more into about vulnerabilities. At least it did give the CVE which you can use to get more details and determine if you're affected.
You mean like http://www.truecrypt.org/ already does?
Why does the summary and articles read like a paid advertisement for Ksplice?
You're confusing compile options with kernel code. RedHat didn't include the patch to the code that reintroduced the vulnerability. They do compile with the 32-bit option that is needed to exploit the bug. Given that CentOS blantantly copies the source code and compiles it in the same manner, I'd expect they don't suffer this vulnerability either.
Yeah, it clearly shows that OSS cannot compensate stupidity from the planners, and that it is very easy to put the blame on Linux instead.
My interpretation is that a decision to go OSS was made without properly determining if the needs could be met with OSS. Linux and OpenOffice were certainly not ready for the desktop in 2001 (I won't debate whether they are now). This started with a pet project with a lofty idea of moving them to Linux, expecting that it would lower TCO. It was poorly planned and implemented. The OSS software they chose didn't actually meet their needs.
So the new CIO comes in and decides to stop pouring money down the hole, and implement an industry standard email system and desktop environment. The sad thing is that the users will get to experience another transition that may or may not go as smoothly.
Having RTFA, it looks like they are taking measures to protect the corals from fisherman with the hope that the gesture will generate awareness and sympathy (ie money) towards their plight. It also hints that by establishing a preserve, they hope to increase tourism to offset the financial loss.
A "contract" between a University and a student is not law. The law is all about interpretation, and it is going to take a precedent to be set before one can judge.
Agreed. I think the first business that gets one of these super-sized fines that FCC is proposing will take it to court.
Right now, it's all up in the air.
Was that pun intentional?