NTSB and NHSTA have all the accident data at their disposal. Most of it says that intersection crossing rank very high in driver-error accidents. The problem is that this is still dwarfed by alcohol related deaths. If they were serious about accident prevention, they'd require breathalyzers in cars. Instead they push the industry for expensive research and vehicle add-ons that may or may not make a significant reduction in the fatalities/mile rate.
The hashes are salted. Who cares about a breach with salted hashes?
If they aren't sure of the extent of the compromise, reading salted hashes (assuming they were) might only be part of the problem. Could be they were intercepting passwords on the fly.
Junk mail is what has traditionally kept the USPS afloat.
Yes and no. The statistic is a few years old, but in 2010 roughly 2/3rds of the mail delivered was bulk mail with First-Class Mail bringing in $34 billion while mail termed “Advertising” brought in $17.3 billion.
Lysander Spooner already demonstrated that private mail carriers can do a better job for less money, back in the mid 1800s. It's even more true today.
-jcr
Were you aware that a large portion of the rural delivery routes are contracted out now? They aren't actual Postal employees, which has some interesting legal quirks about handing the mail off to a non-govt entity, but it is significantly cheaper since they don't have to pay benefits.
Hate replying to myself, but thought I should also point out that 6-day rural delivery is still required under one of the USPS Appropriation bills. http://www.fas.org/sgp/crs/misc/R41024.pdf "The U.S. Postal Service’s Financial Condition:Overview and Issues for Congress ".
You are part of the reason home delivery is so expensive. If you don't want to drive miles to a mailbox cluster, the USPS doesn't want to drive those miles to deliver a bulk mail envelope that only earned them 25 cents.
Then perhaps the Post Office should raise the cost of bulk mail? 99% of the customers don't want it anyway. Truth is that bulk mail volumes have been declining and are partly responsible for their financial crises. Overpaid postal employees with extravagant benefits are the main reason though.
Face it, we don't get any mail anymore that can't wait a day. Bills and junk mail are the norm. It makes a huge amount of sense to deliver non-priority packages every other day. It would cut the manpower needed for delivery almost in half. Combine that with community / street mailboxes and then that makes some real savings.
I agree. Reducing rural delivery to Mon/Wed/Friday would have a significant impact on the delivery cost. Express and overnight mail should still be delivered though, otherwise those services become pointless. I live in an area with community boxes, usually at the entrance to the community. They are not convenient because instead of getting a package dropped at your door, you get a slip telling you to go to the post office to pick it up.
I went a long time without mail service to my house and used just a PO Box, partly due to a move and not trusting that stuff would not disappear out of the street side box. I ended up having to have a mail service again because some stupid businesses, rebates notably, refuse to deal with a PO box. Some retail places won't tell you how they ship when you order and then get all indignant when they realize you can't ship UPS to a PO box.
Actually, I find cloud print to be very convenient. I print to my home printer while I'm at work and printers at work (my office and remote offices) from home, I have printed to my mom's printer and my father-in-law's printer from another state (easier than sending them a document and helping them print it). It's also zero setup when I get a new computer... as soon as I'm logged into Chrome I can print and it just works. No fiddling with drivers because that was already done once.
So how long before you start getting spam sent to your printer? Or we discover printer firmware has bugs and sending it "special" print jobs gives an attacker a foothold into your local network?
I wonder it Google has a long range plan to get all printers Google-Cloud-Printing enabled, and then have your device auto-selecting the closest printer (not necessarily your own) based on your geo location? I still shudder at the privacy issues.
I'd hardly call the first two movies "recent". X-Men Origins: Wolverine Worldwide gross - $373,062,864; Domestic $179,883,157. How is that a flop?
Because those numbers are gross ticket sales, of which roughly 50% actually makes it back to the movie studio. The production budget is just the cost to make the film, not including advertising. There is some residual income from merchandising, character licensing, and later from Netflix and the like. So ultimately they did make some money, but is certainly wasn't the blockbuster it was supposed to be.
It is censorship that is Constitutionally illegal in the United States.
Please, don't let little things like facts get in your way. The 1st amendment makes it illegal for the US Govt to suppress free speach, it does NOT prevent private entities from controlling content they publish. Yahoo is not doing anything illegal. It's fundamentally no different than Blockbuster deciding they won't stock X-Rated movies, or when 7-11 decided to stop selling Penthouse magazines, or Craigslist deciding to drop certain adult categories.
Per Tumble at http://www.tumblr.com/docs/en/nsfw
NSFW blogs contain occasional nudity or mature/adult-oriented content.
Adult blogs contain substantial nudity or mature/adult-oriented content.
So yes, if your blog is primarily focused on adult content, then Tumbler will not help you advertise it to the world. Yahoo is trying very hard to shake the notion that Tumbler it is a haven for porn.
Personally, I don't use Tumbler and I don't care to waste my time reading the drivel. (Yes I get the irony that I'm posting on/.)
40 years ago or so, I taught those same remedial classes to freshmen students at a large Midwestern land-grant 4-year university. The only reason my pass rate was higher than 44% was because I felt sorry for the kids. I was then, and am now still considered a good instructor. Most of those students had no business being in college in the first place, and I could tell that few if any would finish regardless of how I graded them. Remember, these are students who were unable to pass the basic requirements coming out of high school. Not representative of the population as a whole. I suspect the "online-edness" of these classes has very little to do with it.
Many colleges have lower scholastic requirements for minorities, particularly State Universities who are pressured to have certain admission rates to maintain their funding. Unfortunately this often results in these remedial classes being filled with students who never should have been accepted into the school to begin with. Not saying anything about any particular race or sex, but if you have lower admission standards for a particular group that usually translates to lower graduation rates for that group.
All MS operating systems since vista prompt before autorunning.
XP ha 'autorun'. Vista and later call it 'autoplay', which by default prompts before automatically executing a program.
Autoplay is still not impervious to attack and ignorant users. AutoPlay still looks for, reads and invokes some commands from the autorun.inf file regardless of the autoplay dialog box selection (depending on device/drive type it still reads the icon and label keywords). If the system hasn't been patched, it is vulnerable to the attack used by Conficker. The autoplay behavior is slightly different for folders or network locations, and things can change depending on how a USB drive presents itself to the OS. Plus, you're counting on users who haven't checked "always do this action" in the autoplay dialog box because they want their games to just work without having to manually run them each time.
Consider that NSA, DOD, and DISA security guidelines require additional registry changes to Vista and Win7 machines to completely neuter autorun/autoplay functionality. It's not as wide-open vulnerable as XP was, but it is still broken and has vulnerabilities.
Seriously? Who hasn't disabled autorun? I remember thinking autorun was a bad idea in 1995 when Windows first included it, and have disabled it on the corporate network for at least... 8 years?
90% of home users? Of course there was also the fiasco that the autorun disable setting still doesn't work t work correctly, requiring a patch and additional registry setting or two to truly kill it.
You're indulging in some 20/20 hindsight here. At the time Windows 95 was released, the only media that supported autorun.inf on insertion was CD-ROMs
I don't think it would have taken any hindsight at all -- floppy based viruses predated CD-ROMs by a long time. If a virus could spread by floppy, why not a CDR?
Autorun.inf features also work just fine and dandy when placed in a folder or a network share. Autorun.inf can do more than just run a specific file, it can alter the right-click options, invoke some dlls, change the icon, etc.
Not really. That security hole was patched over four years ago. What does happen is that when removable media is installed, the user is prompted for what to do; this can include opening the folder to view the files, or running a setup file if one is present.
You should read that article more closely. That fixed a bug where the setting to disable autoruns did not work properyl. It still ran if an autorun file was located on the network or some USB devices as I recall, and even more amusingly you needed to set a registry key to enable the patch to work. The default for XP and 2003 is still to run the autoruns unless specifically disabled by group policy or local settings. Win7 does prompt as you describe.
I've gone through 5 packs of CFL in my apt in 5 years and I have nice clean power coming straight off the mains (nice to be buddies with the super) while dad's ancient 48" florescent tubes put up in the mid 80s? Still putting off plenty of that sickly grey light without a bit of trouble.
Ya know I really hate to invoke that "Things ain't what they used to be" meme but when it comes to bulbs? The new ones suuuuck. I'll keep using the CFLs simply because i live in the deep south and the lower heat is worth it to me but I've had so many die that I don't even bother with the warranty, its not worth the bullshit. And before somebody says its might outlets? I got tired of ending up in the dark when I was in the bathroom so I picked up a 75c pack of incandescent and guess what? Even the super cheap shit incandescent bulbs last twice as long. The chips they are using in the ballast base are garbage according to an engineer friend of mine who tinkers with them, but they can get that chip for like 3c a pop....sound familiar?
You can have cheap or long lasting...PICK ONE. And most likely like everything else in this world you quickly won't even get a choice, the expensive ones will be the cheap ones with a few more bells and whistles.
The major issue with CFLs is the power quality of the mass produced China crap that tend to overheat and die prematurely (did you notice the fine print about not mounting them base-up, like most overhear fixtures require?). Regardless of the less than advertised lifespan of a CFL, you're still coming out ahead on the electricity costs and lower maintenance.
RS485, you mean. RS422 has too many wires to make it worthwhile over any significant distance for the sort of network loads we're talking about. Also, you need shielded cable, which can become pretty expensive quickly. A lot of your average loads will really screw with serial comms on switch on. Nowhere near as bad as an industrial VSD. Oh, wait, they're starting to put those into washing machines... Yeah, you need shielding these days.
You've essentially described canbus as used in modern cars. You just run power and data to nodes (such as a head light cluster) and the central computer tells them what to do. It dramatically lowers the amount of cabling needed, and provides much better control of everything (for example in cars, it can turn off the interior lights after 20-minutes to save the battery). The significantly lower power requirements of LEDs means you could put all of your house lighting on a single circuit.
Since LEDs are a metric ass-load more expensive than incandescents, they'll need to last an appropriately metric ass-load longer than incandescents.
That's exactly what they are doing with traffic lights.
Sure, because the major cost for a traffic light is maintenance to change the bulbs. Depending on the number of lights, the city can spend $500-5000 in labor to change out all the bulbs at an intersection. The lower power cost is just an added bonus.
. This in turn means smaller value components required, e.g. the switch from the monster inductors seen on the motherboard (at maybe 1-2MHz switching) in the slide to the tiny chip-scale inductors on the FIVR (at 10's or 100's of MHz).
From the linked pdf - Programmable switching frequency 30MHz to 140MHz
The big problem with bringing 12V on-chip is not Ohm's law. It is silicon's breakdown voltage at 22nm.
From the linked PDF - "90 nm technology for test devices". It looks like it's not on the same silicon as the actual processor, but rather stacked on top..
Slashdot Mirror
Home versions of windows don't support scheduled backups. You might be able to hack something yourself using task scheduler and a batch file though.
NTSB and NHSTA have all the accident data at their disposal. Most of it says that intersection crossing rank very high in driver-error accidents. The problem is that this is still dwarfed by alcohol related deaths. If they were serious about accident prevention, they'd require breathalyzers in cars. Instead they push the industry for expensive research and vehicle add-ons that may or may not make a significant reduction in the fatalities/mile rate.
Let's see... what are the first things we'll see this used for?
1. Automated speeding tickets.
You see this with some rental cars agencies installing GPS locators and adding penalties for out-of-state or exceeding the speed limit.
2. Insurance company logging of all your activity as an excuse to jack your rates up.
Again, some insurance companies are pushing GPS tracking for "rate reduction possibilities"
3. Data subpenaed in lawsuits.
Black box crash info is already being subpena'd in court.
4. NSA will be all over it. Reporters will be plowing into palm trees all over the place.
Remember the lawsuit against the FBI for using OnStar to eavesdrop and track "suspects"
6. Law enforcement can remotely turn off your car... a few months later criminals will have the same ability...
Already doable via OnStar https://www.onstar.com/web/portal/securityexplore
The hashes are salted. Who cares about a breach with salted hashes?
If they aren't sure of the extent of the compromise, reading salted hashes (assuming they were) might only be part of the problem. Could be they were intercepting passwords on the fly.
Junk mail is what has traditionally kept the USPS afloat.
Yes and no. The statistic is a few years old, but in 2010 roughly 2/3rds of the mail delivered was bulk mail with First-Class Mail bringing in $34 billion while mail termed “Advertising” brought in $17.3 billion.
Interesting fact. The USPS has 1/3 the number of Post Offices that it had in 1900, primarily because the introduces rural delivery and people weren't forced to have a PO box.
http://about.usps.com/who-we-are/postal-history/pieces-of-mail-since-1789.htm
Lysander Spooner already demonstrated that private mail carriers can do a better job for less money, back in the mid 1800s. It's even more true today.
-jcr
Were you aware that a large portion of the rural delivery routes are contracted out now? They aren't actual Postal employees, which has some interesting legal quirks about handing the mail off to a non-govt entity, but it is significantly cheaper since they don't have to pay benefits.
Hate replying to myself, but thought I should also point out that 6-day rural delivery is still required under one of the USPS Appropriation bills.
http://www.fas.org/sgp/crs/misc/R41024.pdf "The U.S. Postal Service’s Financial Condition:Overview and Issues for Congress ".
You are part of the reason home delivery is so expensive. If you don't want to drive miles to a mailbox cluster, the USPS doesn't want to drive those miles to deliver a bulk mail envelope that only earned them 25 cents.
Then perhaps the Post Office should raise the cost of bulk mail? 99% of the customers don't want it anyway. Truth is that bulk mail volumes have been declining and are partly responsible for their financial crises. Overpaid postal employees with extravagant benefits are the main reason though.
Face it, we don't get any mail anymore that can't wait a day. Bills and junk mail are the norm. It makes a huge amount of sense to deliver non-priority packages every other day. It would cut the manpower needed for delivery almost in half. Combine that with community / street mailboxes and then that makes some real savings.
I agree. Reducing rural delivery to Mon/Wed/Friday would have a significant impact on the delivery cost. Express and overnight mail should still be delivered though, otherwise those services become pointless. I live in an area with community boxes, usually at the entrance to the community. They are not convenient because instead of getting a package dropped at your door, you get a slip telling you to go to the post office to pick it up.
I went a long time without mail service to my house and used just a PO Box, partly due to a move and not trusting that stuff would not disappear out of the street side box. I ended up having to have a mail service again because some stupid businesses, rebates notably, refuse to deal with a PO box. Some retail places won't tell you how they ship when you order and then get all indignant when they realize you can't ship UPS to a PO box.
Actually, I find cloud print to be very convenient. I print to my home printer while I'm at work and printers at work (my office and remote offices) from home, I have printed to my mom's printer and my father-in-law's printer from another state (easier than sending them a document and helping them print it). It's also zero setup when I get a new computer... as soon as I'm logged into Chrome I can print and it just works. No fiddling with drivers because that was already done once.
So how long before you start getting spam sent to your printer? Or we discover printer firmware has bugs and sending it "special" print jobs gives an attacker a foothold into your local network?
Google supported existing open APIs instead of pulling a Microsoft and inventing their own for everything and dropping support for open APIs?
Whats next to be replaced by some Google specific protocol for Google users? SMTP?
No they didn't Go read the fucking article and do some homework. They WROTE THEIR OWN API! They are also telling developers how to write drivers for existing printers to support receiving the print jobs, instead of actually using existing protocols like IPP. https://developers.google.com/cloud-print/docs/receiveJobs https://developers.google.com/cloud-print/docs/proxyinterfaces
I wonder it Google has a long range plan to get all printers Google-Cloud-Printing enabled, and then have your device auto-selecting the closest printer (not necessarily your own) based on your geo location? I still shudder at the privacy issues.
I'd hardly call the first two movies "recent". X-Men Origins: Wolverine Worldwide gross - $373,062,864; Domestic $179,883,157. How is that a flop?
Because those numbers are gross ticket sales, of which roughly 50% actually makes it back to the movie studio. The production budget is just the cost to make the film, not including advertising. There is some residual income from merchandising, character licensing, and later from Netflix and the like. So ultimately they did make some money, but is certainly wasn't the blockbuster it was supposed to be.
It is censorship that is Constitutionally illegal in the United States.
Please, don't let little things like facts get in your way. The 1st amendment makes it illegal for the US Govt to suppress free speach, it does NOT prevent private entities from controlling content they publish. Yahoo is not doing anything illegal. It's fundamentally no different than Blockbuster deciding they won't stock X-Rated movies, or when 7-11 decided to stop selling Penthouse magazines, or Craigslist deciding to drop certain adult categories.
Don't like it? Then take your business elsewhere.
Per Tumble at http://www.tumblr.com/docs/en/nsfw
NSFW blogs contain occasional nudity or mature/adult-oriented content.
Adult blogs contain substantial nudity or mature/adult-oriented content.
So yes, if your blog is primarily focused on adult content, then Tumbler will not help you advertise it to the world. Yahoo is trying very hard to shake the notion that Tumbler it is a haven for porn.
Personally, I don't use Tumbler and I don't care to waste my time reading the drivel. (Yes I get the irony that I'm posting on /.)
40 years ago or so, I taught those same remedial classes to freshmen students at a large Midwestern land-grant 4-year university. The only reason my pass rate was higher than 44% was because I felt sorry for the kids. I was then, and am now still considered a good instructor. Most of those students had no business being in college in the first place, and I could tell that few if any would finish regardless of how I graded them. Remember, these are students who were unable to pass the basic requirements coming out of high school. Not representative of the population as a whole.
I suspect the "online-edness" of these classes has very little to do with it.
Many colleges have lower scholastic requirements for minorities, particularly State Universities who are pressured to have certain admission rates to maintain their funding. Unfortunately this often results in these remedial classes being filled with students who never should have been accepted into the school to begin with. Not saying anything about any particular race or sex, but if you have lower admission standards for a particular group that usually translates to lower graduation rates for that group.
This article covers some of the technical issues and attack vectors still present in AutoPlay (of which autorun functionality is now a subset).
https://media.blackhat.com/bh-dc-11/Larimer/BlackHat_DC_2011_Larimer_Vulnerabiliters%20w-removeable%20storage-Slides.pdf
All MS operating systems since vista prompt before autorunning.
XP ha 'autorun'. Vista and later call it 'autoplay', which by default prompts before automatically executing a program.
Autoplay is still not impervious to attack and ignorant users. AutoPlay still looks for, reads and invokes some commands from the autorun.inf file regardless of the autoplay dialog box selection (depending on device/drive type it still reads the icon and label keywords). If the system hasn't been patched, it is vulnerable to the attack used by Conficker. The autoplay behavior is slightly different for folders or network locations, and things can change depending on how a USB drive presents itself to the OS. Plus, you're counting on users who haven't checked "always do this action" in the autoplay dialog box because they want their games to just work without having to manually run them each time.
Consider that NSA, DOD, and DISA security guidelines require additional registry changes to Vista and Win7 machines to completely neuter autorun/autoplay functionality. It's not as wide-open vulnerable as XP was, but it is still broken and has vulnerabilities.
Seriously? Who hasn't disabled autorun? I remember thinking autorun was a bad idea in 1995 when Windows first included it, and have disabled it on the corporate network for at least... 8 years?
90% of home users? Of course there was also the fiasco that the autorun disable setting still doesn't work t work correctly, requiring a patch and additional registry setting or two to truly kill it.
I don't think it would have taken any hindsight at all -- floppy based viruses predated CD-ROMs by a long time. If a virus could spread by floppy, why not a CDR?
Autorun.inf features also work just fine and dandy when placed in a folder or a network share. Autorun.inf can do more than just run a specific file, it can alter the right-click options, invoke some dlls, change the icon, etc.
Not really. That security hole was patched over four years ago. What does happen is that when removable media is installed, the user is prompted for what to do; this can include opening the folder to view the files, or running a setup file if one is present.
You should read that article more closely. That fixed a bug where the setting to disable autoruns did not work properyl. It still ran if an autorun file was located on the network or some USB devices as I recall, and even more amusingly you needed to set a registry key to enable the patch to work. The default for XP and 2003 is still to run the autoruns unless specifically disabled by group policy or local settings. Win7 does prompt as you describe.
I've gone through 5 packs of CFL in my apt in 5 years and I have nice clean power coming straight off the mains (nice to be buddies with the super) while dad's ancient 48" florescent tubes put up in the mid 80s? Still putting off plenty of that sickly grey light without a bit of trouble.
Ya know I really hate to invoke that "Things ain't what they used to be" meme but when it comes to bulbs? The new ones suuuuck. I'll keep using the CFLs simply because i live in the deep south and the lower heat is worth it to me but I've had so many die that I don't even bother with the warranty, its not worth the bullshit. And before somebody says its might outlets? I got tired of ending up in the dark when I was in the bathroom so I picked up a 75c pack of incandescent and guess what? Even the super cheap shit incandescent bulbs last twice as long. The chips they are using in the ballast base are garbage according to an engineer friend of mine who tinkers with them, but they can get that chip for like 3c a pop....sound familiar?
You can have cheap or long lasting...PICK ONE. And most likely like everything else in this world you quickly won't even get a choice, the expensive ones will be the cheap ones with a few more bells and whistles.
The major issue with CFLs is the power quality of the mass produced China crap that tend to overheat and die prematurely (did you notice the fine print about not mounting them base-up, like most overhear fixtures require?). Regardless of the less than advertised lifespan of a CFL, you're still coming out ahead on the electricity costs and lower maintenance.
RS485, you mean. RS422 has too many wires to make it worthwhile over any significant distance for the sort of network loads we're talking about. Also, you need shielded cable, which can become pretty expensive quickly. A lot of your average loads will really screw with serial comms on switch on. Nowhere near as bad as an industrial VSD. Oh, wait, they're starting to put those into washing machines... Yeah, you need shielding these days.
You've essentially described canbus as used in modern cars. You just run power and data to nodes (such as a head light cluster) and the central computer tells them what to do. It dramatically lowers the amount of cabling needed, and provides much better control of everything (for example in cars, it can turn off the interior lights after 20-minutes to save the battery). The significantly lower power requirements of LEDs means you could put all of your house lighting on a single circuit.
That's exactly what they are doing with traffic lights.
Sure, because the major cost for a traffic light is maintenance to change the bulbs. Depending on the number of lights, the city can spend $500-5000 in labor to change out all the bulbs at an intersection. The lower power cost is just an added bonus.
. This in turn means smaller value components required, e.g. the switch from the monster inductors seen on the motherboard (at maybe 1-2MHz switching) in the slide to the tiny chip-scale inductors on the FIVR (at 10's or 100's of MHz).
From the linked pdf - Programmable switching frequency 30MHz to 140MHz
The big problem with bringing 12V on-chip is not Ohm's law. It is silicon's breakdown voltage at 22nm.
From the linked PDF - "90 nm technology for test devices". It looks like it's not on the same silicon as the actual processor, but rather stacked on top..