That part is not true. ICANN owns the address space, and their agreements state they can take some or all of it back if it isn't being used. The company I work for lost all of our/19 because they discovered we lied and had no intention of even using the space.
The big legacy assignments predate those agreements. It is much less clear legally whether ICANN and/or the RIRs have the right to reclaim legacy space than with more recent assignments.
There is also the question of how much legal power ICANN has over IP addresses in the first place. Is there actually any law that you should route traffic for an IP address to the organsation that ICANN says owns it? Is there any law preventing the teir 1 providers from collectively telling ICANN to go fuck themselves and setting up their own body to decide who has the right to advertise IPv4 addresses on their networks and hence the internet? I'm not aware of any.
And there isn't much point, reclaiming those blocks would have just slightly delayed the end of cheap and easy IPv4. Since the widespread adoption of IPv6 is highly dependent on the end of cheap and easy IPv4 I doubt reclaiming those blocks would have made much difference in the end.
If the price to buy or lease IPv4 addresses rises people will reevaluate what applications really need a public IPv4 address and what applications can manage with IPv6 and/or private/shared IPv4.
Windows vista and android 3.x introduced support for server name indication which allows mulitiple https sites to be hosted behind the same IP address. With windows XP and android 2.x in decline more people will find it acceptable to host their https sites on shared IPs. Already some hosting providers are offering SNI based shared https hosting. If IPv4 addresses become too expensive I would expect hosting providers to introduce SNI reverse load balancers to allow v6 only customer servers/vms to serve v4 only clients.
The big access providers who long dragged their heels on IPv6 are looking at it seriously. Usually in conjunction with a mechanism to provide access to servers on the IPv4 internet without giving every end user a public IPv4 address such as DS-LITE, NAT64/464XLAT or traditional CGN. This will mean an increase in the proportion of users who can access IPv6 only resources and possiblly also a freeing up of IPv4 IPs.
So IPv4 addresses are likely to be a pretty volatile asset. They will probablly peak higher than their current price (lets be honest the current price of about $10/IP* is peanuts) but they may also drop off a cliff as the IPv6 transition progresses.
Also there is provision in the RIR rules for permanently transferring address blocks to another organision (a sale) subject to restrictions at some RIRs that address use must be justified (which can make selling the bigger blocks problematic, few if any organisations would be able to swing a believable justification for a/8). I'm not sure there are any similar provisions for temporary transfers (a lease) of IPs only. Of course IPs can be tempoerrally allocated to customers but that really only works if your organsiation wants to be in the ISP or hosting buisness.
Some things are probably just harder to classify correctly than others.
And as a general rule given a correctly exposed scene (no sensor saturation) darker things are harder than lighter things. To judge 3D shapes from a 2D image we (both humans and computers) rely on the fact that surfaces at different angles to the light source have different apparent shades but the darker the object is the less light will be reflected and therefore the smaller your "signal" (difference in the light reflected by points on the object at different angles) is.
A few years ago, when I was compiling all software for my personal workstation myself (LFS) as a learning experience, I actually did that. C++ was too big a hassle for too litle gain. After a while during a reinstall I disabled g++ and only installed programs written in C or other languages. It was no big deal actually, opensource C++ projects feel huge and sloppy compared to the rest.
Was it really only "a few years" or are you forgetting how long it has been (easy to do)? was this machine a fully functional workstation (including stuff like web browsers and if so which web browser)? or was it just a toy/special purpose box?
A few years ago gcc itself switched from C to C++ https://lwn.net/Articles/54245... . Both of the two main web rendering engines (geko and webkit) are C++. One of the two main desktop widget sets is C++.
I agree C++ has it's problems, templates look good in microbenchmarks but can easilly blow up code size. Memory requirements for linking large C++ projects can be horrific but the fact remains C++ is far more widely used and supported than any other object-orientated native-compiled language. It's position may not be quite as important as C but it's not far off.
I can see a few ways informatoin could leak in a dual stack situation involving a VPN that would not happen if everything was IPv4 only
1: The users local connectivity is dual stack (or v6 only) but the VPN is IPv4 only. The result is IPv4 goes via the VPN but IPv6 doesn't. The user thinks the VPN is hiding the origin of their traffic but it isn't hiding the origin of all of it. With a bit of extra work it may also be possible for a website or an attacker in the network to tie the direct v6 address(es) to the VPN v4 address. 2: IPv6 traffic does go via the VPN but addresses are generated in such a way that the users MAC address is revealed (for example the user has a network behind the VPN and that network uses MAC based IP autoconfiguration). This MAC address can later be tied 3: The machine has an IPv6 address from the local ISP. Even if routing tables or firewall configurations are such that this address won't be used for making connections an application could still mistakenly send it as part of a payload. The same could in principle happen with IPv4 but it's much less likely due to pervasive use of NAT.
Is your personal webpage involved in such activities?
That's the problem. That isn't an easy question to answer.
What does "associated with commerical activities" mean? does running adverts or having a donate button to help pay for hosting count? does posting links to your activities on commercial sites that runs adverts like youtube, facebook and twitter count even if none of the money from those adverts comes to me? does saying you are looking for work on a blog count?
If something like this goes through expect broad interpretations of "commerical" to be used as a stick if someone doesn't like you and/or wants to take over your domain.
To be fair, Rockstar (surely because of a gun Sony pointed at their head, but still-)
It seems far moe likely to me it was rockstar/take 2's own doing. The release plan they went for means the hardcore fans will have ended up buying the game THREE TIMES.
Your carrier can easilly find out what sites you are connecting to and what IPs/ports you are using to do it (and if they are using CGN how those IP/port combinations may through their nat). They can easilly pass that information on to the site operator. For unencrypted protocols they can trivilly inject additional headers. For encrypted protocols they can't inject headers as easilly but they could easilly arrange with the site owner to pass the information over another channel.
Your only real defense is to use a VPN to hide the details of the mobile carrier from the target site and vice-versa. Yes this does mean additional cost and likely performance degredation.
Accelerated aging tests are far from perfect. So in a fast changing buisness there will always be the risk of a flaw that slips past testing but becomes apparent once the product has been out in the wild for a while.
When WD bought out hitatchi's HDD buisness (which got renamed to HGST in the process) the regulators wouldn't allow them to keep the 3.5 inch drive part of the buisness as that would reduce the number of players to two. So that part of the buisness was sold to Toshiba (who already made 2.5 inch drives). http://www.anandtech.com/show/...
I would also note that having the same corporate overlord does not nessacerally imply having the same quality or lack thereof.
Samsung owns Seagate.
You got that backwards, Seagate bought samsung's HDD buisness.
The vehicle would be registered and taxed based on its weight and displacement
Dunno what it's like in other places but here in the UK (which the OP mentioned) vehicles over a certain age (think it's 40 years now, it used to be 25, then for a long time the date was frozen) are counted as "historic vehicles" and don't pay any road tax at all. Afaict most ex-military vehicles run by enthusiasts fall into that category.
Even the simplified formula of "leap year every 4 years"
That should have said
Even the simplified formula of "leap year every 4 years" works for 1901 to 2099 which is from before the introduction of computers to beyond what most system designers would consider to be a reasonable system life.
Leap years and leap seconds are handled very differently.
The rules for leap years are according to a forumula that has been fixed for hundreds of years. Computers typically handle them as part of their conversion from internal "time elapsed since epoch" data formats to "human" date formats and otherwise don't care much about them. Even the simplified formula of "leap year every 4 years"
Leap seconds OTOH cannot be predicted in advance so you cannot realiablly convert "time elapsed since epoch including leap seconds" to "time elapsed since epoch excluding leap seconds" or "human datetime" for future datetimes and to do it for past datetimes requires an up to date list of leap seconds.
Then there is the problem that "time elapsed since epoch excluding leap seconds" which is a common way to represent time (presumablly due to the difficulty in converting "time elapsed since the epoch including leap seconds" to "human datetime" simply cannot correctly represent the times arround a leap second.
The testcase is also anything but simple, to test the code you have to inject fake leap seconds, but for a correct test leap seconds can only be injected at specific times (NTP for example increases it's update rate around possible leap seconds) so either you can only run the test at specific times or your entire test environment needs to run on "fake time". This is a big problem if your tests need to interact with a system outside the test environment in a way that depends on time within the test environment being in sync with time outside the test environment.
Come to think of it though, if you are working in uint space (that is, unsigned ints), than you *can't* have approached from below zero.
but then if you are working in integer space (signed or unsigned) then you can't really approach at all.for the idea of "approach" to make sense you need to be working in a space (e.g. the rational numbers) where you can get arbiterally close to something without getting there.
"alpha[beta", "alpha!beta", "alpha£beta" and "alpha\.beta" (the latter proposed by someone further down as a "soloution", clearly without testing it) seem to give much the same results (the little variation I did see was easilly within what could be explained by google's normal non-determinism), giving back mostly pages where the word alpha was followed by the word beta with any random punctuation or sometimes nothing at all in between
Searching for python "[" or c "{" gives many results that don't contain the symbol in question at all and even when the results do contain the symbol the search result doesn't highlight the text around it.
I conclude that google is simply unable to search for symbols and ignores them in it's searches, if you have evidence to the contary please post it.
git has it's own problems, in particular it has no good way to answer the.question "what code was in branch x of repo y at datetime x". Theres the reflog but that is considered more a disaster recovery feature than a proper history tracking feature.
Some CPUs simply don't support generating floating point exceptions. Even where they are supported the details are likely to vary between platforms. In C programs you have to explicitly turn them on and libaray code may break if you do unless you turn them off before the library calls. Finaly a signal fundamentally means the CPU did a software interrupt that was handled by the kernel and passed back up to the program, it's a fundamentally expensive operation.
If you know your code will only be used on one platform*, you don't use library functions or you know the ones you use are fpe-safe and you know the case that will trigger the signal is really highly exceptional it might be worth considering, otherwise don't do it.
* And I REALLY mean one platform, for example vfpv2 supports them, vfpv3 made them an optional feature and in practice I've never come across a vfpv3 implementation that supported them.
LMOL because digital signatures are secure *eye roll* - you should be well aware that nothing digital is secure.
Nothing is 100% secure. Some things are more secure than others.
Pen and ink signatures can be copied by a fraudster with sufficient skill at least to a level where a casual person would not notice. In many cases only the last page of a document is signed so earlier pages could easilly be substituted by a fraudster. I'm sure I also heard of attacks where a page was erased after being signed though I can't seem to find any references right now. There is also the issue of finding a good reference to compare the signature against.
Photocopies, faxes, scans etc of pen and ink signatures are worse. With a real peice of paper it's pretty hard to cut out the signature and paste it onto a different bit of paper without getting noticed. With copying involved it's much easier. A fraudster can get a clean copy of the signature (may involve a little bit of work taking a bad copy and cleaning it up but no particular skill involved), and paste it into a clean document. Since the document and signature are both clean there will be no visible "seam" to indicate the pasting. If grot is considered desirable to hide the digital origins of the document it can be added after the signature is pasted in by printing and rescanning.
I've seen at least one case where someone "signed" a document by pasting their signature into a word document and sending said word document to me. Doing the same thing with pdfs is even more common.
Cryptographic signatures have issues of their own such as verifying that the private key actually belongs to the right person, the risk of the private key being stolen, the risk of poorly generated or inadequate length keys being factored and so-on but compared to scaned/faxed/photocopied copies of paper signatures I would say they are far more secure.
I'd say it's a mashup of the two. Like java it has garbage collection*, like Java it represents strings as immutable classes which require a reallocation for any modification.unlike delphi which classically* uses refcounted strings and will in-place modify strings that have a refcount of 1. It has operator overloading which is something that java does not have and something delphi only added relatively recently*. It has properties like delphi and unlike java. It has user defined value types like . It uses a C/C++ based synatax (like java) rather than a pascal based syntax (like delphi). It has "delegates" which are essentially equivilent to the "method pointers" in Delphi, Java also added something similar but only very recently.
My big concern with mono is that they don't seem to have the resources to maintain it the same level that Java on linux is maintained to. In particular they implemented.nets main gui library windows.forms but then declared it unsupported. They were also very slow in adding properly working support for arm hard float systems.
* AIUI there is now a version of delphi for.net which presumablly uses.net conventions on these things. **Disclaimer: I don't know exactly when delphi added it other than i'm pretty sure it was after the most recent version I used.
PEER - two transit providers who connect to each other (they are peers in the industry)
No,
PEER - two networks who connect to each other to provide themselves and their customers (if any) with access to each other and each others customers (if any). Those networks may or may not be in the buisness of selling transit on the open market. Google, netflix, the BBC and so-on all have plenty of peers.
ISPs who are in the buisness of providing high quality service to their customers (as many smaller providers are) and/or who have to buy transit to reach large parts of the internet (again as many smaller providers are) are motivated to peer as widely as reasonablly possible (obviously there has to be some threshold below which the administative cost of setting up the peering aren't worth it). Content providers are also generally motivated to peer as widely as possible.
On the other hand large monpolistic ISPs see a refusal to peer or deliberately shitty peering as a means to force content providers to become customers.
Which brings us to the root of the problem, the US has let ISPs get far too large through allowing vertical integration of last mile infrastructure with ISP service and through allowing cable companies in different areas to merge into a handful of monoliths. The FCC is trying to paper over the consequences without solving the real problem.
Slashdot Mirror
That part is not true. ICANN owns the address space, and their agreements state they can take some or all of it back if it isn't being used. The company I work for lost all of our /19 because they discovered we lied and had no intention of even using the space.
The big legacy assignments predate those agreements. It is much less clear legally whether ICANN and/or the RIRs have the right to reclaim legacy space than with more recent assignments.
There is also the question of how much legal power ICANN has over IP addresses in the first place. Is there actually any law that you should route traffic for an IP address to the organsation that ICANN says owns it? Is there any law preventing the teir 1 providers from collectively telling ICANN to go fuck themselves and setting up their own body to decide who has the right to advertise IPv4 addresses on their networks and hence the internet? I'm not aware of any.
And there isn't much point, reclaiming those blocks would have just slightly delayed the end of cheap and easy IPv4. Since the widespread adoption of IPv6 is highly dependent on the end of cheap and easy IPv4 I doubt reclaiming those blocks would have made much difference in the end.
If the price to buy or lease IPv4 addresses rises people will reevaluate what applications really need a public IPv4 address and what applications can manage with IPv6 and/or private/shared IPv4.
Windows vista and android 3.x introduced support for server name indication which allows mulitiple https sites to be hosted behind the same IP address. With windows XP and android 2.x in decline more people will find it acceptable to host their https sites on shared IPs. Already some hosting providers are offering SNI based shared https hosting. If IPv4 addresses become too expensive I would expect hosting providers to introduce SNI reverse load balancers to allow v6 only customer servers/vms to serve v4 only clients.
The big access providers who long dragged their heels on IPv6 are looking at it seriously. Usually in conjunction with a mechanism to provide access to servers on the IPv4 internet without giving every end user a public IPv4 address such as DS-LITE, NAT64/464XLAT or traditional CGN. This will mean an increase in the proportion of users who can access IPv6 only resources and possiblly also a freeing up of IPv4 IPs.
So IPv4 addresses are likely to be a pretty volatile asset. They will probablly peak higher than their current price (lets be honest the current price of about $10/IP* is peanuts) but they may also drop off a cliff as the IPv6 transition progresses.
Also there is provision in the RIR rules for permanently transferring address blocks to another organision (a sale) subject to restrictions at some RIRs that address use must be justified (which can make selling the bigger blocks problematic, few if any organisations would be able to swing a believable justification for a /8). I'm not sure there are any similar provisions for temporary transfers (a lease) of IPs only. Of course IPs can be tempoerrally allocated to customers but that really only works if your organsiation wants to be in the ISP or hosting buisness.
* http://ipv4marketgroup.com/bro...
Some things are probably just harder to classify correctly than others.
And as a general rule given a correctly exposed scene (no sensor saturation) darker things are harder than lighter things. To judge 3D shapes from a 2D image we (both humans and computers) rely on the fact that surfaces at different angles to the light source have different apparent shades but the darker the object is the less light will be reflected and therefore the smaller your "signal" (difference in the light reflected by points on the object at different angles) is.
A few years ago, when I was compiling all software for my personal workstation myself (LFS) as a learning experience, I actually did that. C++ was too big a hassle for too litle gain.
After a while during a reinstall I disabled g++ and only installed programs written in C or other languages. It was no big deal actually, opensource C++ projects feel huge and sloppy compared to the rest.
Was it really only "a few years" or are you forgetting how long it has been (easy to do)? was this machine a fully functional workstation (including stuff like web browsers and if so which web browser)? or was it just a toy/special purpose box?
A few years ago gcc itself switched from C to C++ https://lwn.net/Articles/54245... . Both of the two main web rendering engines (geko and webkit) are C++. One of the two main desktop widget sets is C++.
I agree C++ has it's problems, templates look good in microbenchmarks but can easilly blow up code size. Memory requirements for linking large C++ projects can be horrific but the fact remains C++ is far more widely used and supported than any other object-orientated native-compiled language. It's position may not be quite as important as C but it's not far off.
I can see a few ways informatoin could leak in a dual stack situation involving a VPN that would not happen if everything was IPv4 only
1: The users local connectivity is dual stack (or v6 only) but the VPN is IPv4 only. The result is IPv4 goes via the VPN but IPv6 doesn't. The user thinks the VPN is hiding the origin of their traffic but it isn't hiding the origin of all of it. With a bit of extra work it may also be possible for a website or an attacker in the network to tie the direct v6 address(es) to the VPN v4 address.
2: IPv6 traffic does go via the VPN but addresses are generated in such a way that the users MAC address is revealed (for example the user has a network behind the VPN and that network uses MAC based IP autoconfiguration). This MAC address can later be tied
3: The machine has an IPv6 address from the local ISP. Even if routing tables or firewall configurations are such that this address won't be used for making connections an application could still mistakenly send it as part of a payload. The same could in principle happen with IPv4 but it's much less likely due to pervasive use of NAT.
Is your personal webpage involved in such activities?
That's the problem. That isn't an easy question to answer.
What does "associated with commerical activities" mean? does running adverts or having a donate button to help pay for hosting count? does posting links to your activities on commercial sites that runs adverts like youtube, facebook and twitter count even if none of the money from those adverts comes to me? does saying you are looking for work on a blog count?
If something like this goes through expect broad interpretations of "commerical" to be used as a stick if someone doesn't like you and/or wants to take over your domain.
To be fair, Rockstar (surely because of a gun Sony pointed at their head, but still-)
It seems far moe likely to me it was rockstar/take 2's own doing. The release plan they went for means the hardcore fans will have ended up buying the game THREE TIMES.
No, java is something that people want/need which is supplied with bundled crapware that you have to remember to opt out of.
What TFA doesn't make clear is whether this new yahoo thing will be instead of the ask toolbar bundling or in addition to it.
Actually, it's settled case law: opt outs are illegal. End of argument.
What if your source for this claim? Searching for "opt out illegal" doesn't seem to turn up anything relavent.
It's perfectly possible technically.
Your carrier can easilly find out what sites you are connecting to and what IPs/ports you are using to do it (and if they are using CGN how those IP/port combinations may through their nat). They can easilly pass that information on to the site operator. For unencrypted protocols they can trivilly inject additional headers. For encrypted protocols they can't inject headers as easilly but they could easilly arrange with the site owner to pass the information over another channel.
Your only real defense is to use a VPN to hide the details of the mobile carrier from the target site and vice-versa. Yes this does mean additional cost and likely performance degredation.
Accelerated aging tests are far from perfect. So in a fast changing buisness there will always be the risk of a flaw that slips past testing but becomes apparent once the product has been out in the wild for a while.
No theres three
WD/HGST
Samsung/Seagate
Toshiba
When WD bought out hitatchi's HDD buisness (which got renamed to HGST in the process) the regulators wouldn't allow them to keep the 3.5 inch drive part of the buisness as that would reduce the number of players to two. So that part of the buisness was sold to Toshiba (who already made 2.5 inch drives). http://www.anandtech.com/show/...
I would also note that having the same corporate overlord does not nessacerally imply having the same quality or lack thereof.
Samsung owns Seagate.
You got that backwards, Seagate bought samsung's HDD buisness.
2. Why does ANYBODY still use ........... UTF-16?
Programmers use it because the programming environments they work in use it. Notably Windows, .net and Java.
the mind-numbingly stupid
I wouldn't call it stupid. It was a way to add support for more characters to existing 16 bit unicode systems with minimal breakage.
The vehicle would be registered and taxed based on its weight and displacement
Dunno what it's like in other places but here in the UK (which the OP mentioned) vehicles over a certain age (think it's 40 years now, it used to be 25, then for a long time the date was frozen) are counted as "historic vehicles" and don't pay any road tax at all. Afaict most ex-military vehicles run by enthusiasts fall into that category.
Even the simplified formula of "leap year every 4 years"
That should have said
Even the simplified formula of "leap year every 4 years" works for 1901 to 2099 which is from before the introduction of computers to beyond what most system designers would consider to be a reasonable system life.
Leap years and leap seconds are handled very differently.
The rules for leap years are according to a forumula that has been fixed for hundreds of years. Computers typically handle them as part of their conversion from internal "time elapsed since epoch" data formats to "human" date formats and otherwise don't care much about them. Even the simplified formula of "leap year every 4 years"
Leap seconds OTOH cannot be predicted in advance so you cannot realiablly convert "time elapsed since epoch including leap seconds" to "time elapsed since epoch excluding leap seconds" or "human datetime" for future datetimes and to do it for past datetimes requires an up to date list of leap seconds.
Then there is the problem that "time elapsed since epoch excluding leap seconds" which is a common way to represent time (presumablly due to the difficulty in converting "time elapsed since the epoch including leap seconds" to "human datetime" simply cannot correctly represent the times arround a leap second.
The testcase is also anything but simple, to test the code you have to inject fake leap seconds, but for a correct test leap seconds can only be injected at specific times (NTP for example increases it's update rate around possible leap seconds) so either you can only run the test at specific times or your entire test environment needs to run on "fake time". This is a big problem if your tests need to interact with a system outside the test environment in a way that depends on time within the test environment being in sync with time outside the test environment.
Come to think of it though, if you are working in uint space (that is, unsigned ints), than you *can't* have approached from below zero.
but then if you are working in integer space (signed or unsigned) then you can't really approach at all.for the idea of "approach" to make sense you need to be working in a space (e.g. the rational numbers) where you can get arbiterally close to something without getting there.
Punctuation outside quoted strings has some meaning but google often ignores the documented meanings because it thinks it knows better.
Punctuation and other non-letter characters inside quoted strings seem to be completely ignored.
I call BS
"alpha[beta", "alpha!beta", "alpha£beta" and "alpha\.beta" (the latter proposed by someone further down as a "soloution", clearly without testing it) seem to give much the same results (the little variation I did see was easilly within what could be explained by google's normal non-determinism), giving back mostly pages where the word alpha was followed by the word beta with any random punctuation or sometimes nothing at all in between
Searching for python "[" or c "{" gives many results that don't contain the symbol in question at all and even when the results do contain the symbol the search result doesn't highlight the text around it.
I conclude that google is simply unable to search for symbols and ignores them in it's searches, if you have evidence to the contary please post it.
git has it's own problems, in particular it has no good way to answer the.question "what code was in branch x of repo y at datetime x". Theres the reflog but that is considered more a disaster recovery feature than a proper history tracking feature.
The limit of 1/x as x -> 0 is infinity if I remember correctly.
Only if you approach from the positive side. If you approach it from the negative side then you get a limit of minus infinity.
IEEE 754 gets arround this by having positive and negative zero but that often seems like a cure worse than the disease.
It's generally a bad idea.
Some CPUs simply don't support generating floating point exceptions. Even where they are supported the details are likely to vary between platforms. In C programs you have to explicitly turn them on and libaray code may break if you do unless you turn them off before the library calls. Finaly a signal fundamentally means the CPU did a software interrupt that was handled by the kernel and passed back up to the program, it's a fundamentally expensive operation.
If you know your code will only be used on one platform*, you don't use library functions or you know the ones you use are fpe-safe and you know the case that will trigger the signal is really highly exceptional it might be worth considering, otherwise don't do it.
* And I REALLY mean one platform, for example vfpv2 supports them, vfpv3 made them an optional feature and in practice I've never come across a vfpv3 implementation that supported them.
LMOL because digital signatures are secure *eye roll* - you should be well aware that nothing digital is secure.
Nothing is 100% secure. Some things are more secure than others.
Pen and ink signatures can be copied by a fraudster with sufficient skill at least to a level where a casual person would not notice. In many cases only the last page of a document is signed so earlier pages could easilly be substituted by a fraudster. I'm sure I also heard of attacks where a page was erased after being signed though I can't seem to find any references right now. There is also the issue of finding a good reference to compare the signature against.
Photocopies, faxes, scans etc of pen and ink signatures are worse. With a real peice of paper it's pretty hard to cut out the signature and paste it onto a different bit of paper without getting noticed. With copying involved it's much easier. A fraudster can get a clean copy of the signature (may involve a little bit of work taking a bad copy and cleaning it up but no particular skill involved), and paste it into a clean document. Since the document and signature are both clean there will be no visible "seam" to indicate the pasting. If grot is considered desirable to hide the digital origins of the document it can be added after the signature is pasted in by printing and rescanning.
I've seen at least one case where someone "signed" a document by pasting their signature into a word document and sending said word document to me. Doing the same thing with pdfs is even more common.
Cryptographic signatures have issues of their own such as verifying that the private key actually belongs to the right person, the risk of the private key being stolen, the risk of poorly generated or inadequate length keys being factored and so-on but compared to scaned/faxed/photocopied copies of paper signatures I would say they are far more secure.
I'd say it's a mashup of the two. Like java it has garbage collection*, like Java it represents strings as immutable classes which require a reallocation for any modification.unlike delphi which classically* uses refcounted strings and will in-place modify strings that have a refcount of 1. It has operator overloading which is something that java does not have and something delphi only added relatively recently*. It has properties like delphi and unlike java. It has user defined value types like . It uses a C/C++ based synatax (like java) rather than a pascal based syntax (like delphi). It has "delegates" which are essentially equivilent to the "method pointers" in Delphi, Java also added something similar but only very recently.
My big concern with mono is that they don't seem to have the resources to maintain it the same level that Java on linux is maintained to. In particular they implemented .nets main gui library windows.forms but then declared it unsupported. They were also very slow in adding properly working support for arm hard float systems.
* AIUI there is now a version of delphi for .net which presumablly uses .net conventions on these things.
**Disclaimer: I don't know exactly when delphi added it other than i'm pretty sure it was after the most recent version I used.
PEER - two transit providers who connect to each other (they are peers in the industry)
No,
PEER - two networks who connect to each other to provide themselves and their customers (if any) with access to each other and each others customers (if any). Those networks may or may not be in the buisness of selling transit on the open market. Google, netflix, the BBC and so-on all have plenty of peers.
ISPs who are in the buisness of providing high quality service to their customers (as many smaller providers are) and/or who have to buy transit to reach large parts of the internet (again as many smaller providers are) are motivated to peer as widely as reasonablly possible (obviously there has to be some threshold below which the administative cost of setting up the peering aren't worth it). Content providers are also generally motivated to peer as widely as possible.
On the other hand large monpolistic ISPs see a refusal to peer or deliberately shitty peering as a means to force content providers to become customers.
Which brings us to the root of the problem, the US has let ISPs get far too large through allowing vertical integration of last mile infrastructure with ISP service and through allowing cable companies in different areas to merge into a handful of monoliths. The FCC is trying to paper over the consequences without solving the real problem.