It is NEVER free. Someone somewhere is paying for it.
Correct. In the case of tax payer funded education systems (much like our 4k-12 public school systems), the cost is being incurred by the tax payers and by future tax payers.
The trade off though is that a well educated populous allows for more advances in technology and innovation. Those advances in turn create new market segments, new career opportunities, and new revenue sources, all of which grow the economy.
The end result of which is that the minor cost of tax funded education programs is more than covered through the economic gains of the nation as a whole.
As the old saying goes, "A rising tide rises all boats".
Interesting, on my home PC, just upgraded to Windows 10 and Edge, I disabled Flash. Youtube works fine playing HTML 5 videos, but clicking on videos in Facebook opens up the modal interface and the "get Flash!" logo shows up.
Opening facebook with Chrome or Firefox, both of which have the FF add-on, videos play fine.
I just chatted with Carlson Wireless about their Rural Connection platform (http://www.carlsonwireless.com/ruralconnect/).
~$6k for a base station that hosts up to 10 clients (1 client included w/ the base station). Not exactly cheap, but if you can get 5-9 other folks to join you on it, a 1-time $700 investment and then dirt cheap payments (depending on what you can get for an up stream provider) monthly.
Each channel maxes out at ~1.5Mbps, so even if you fully load the base station, you're still no where close to saturating a business Cable line. Heck, even with average distribution a 6Mbps DSL line will cover most usage.
My farm has no access. Too far from the switch for DSL, no cable companies want to run that far for 4 or 5 houses, cell coverage is 3G when it comes in, and Satellite, in addition to being horrible, has all sorts of issues with VPNs.
Basically I have either WiMAX or WiFAR to choose from for something that isn't bandwidth capped or packing huge latency. WiMAX is an option, lower install, higher monthly payment. But I'm at almost max range from the closest provider.
So at this point, I'm very tempted to start my own ISP, fire up a base station in town where DSL/Cable/Fiber are available, and resell services to my neighbors. For a $10k buy-in, it's something that can be done on a whim. I doubt it would be profitable, but if the monthly loss is ~$100 and I get a solid 1.5Mbps connection out of it, I'd consider that a wash.
Platte River wasn't hired by any layer of government!
They were hired by the office of the Secretary of State, who is in fact a "layer of the government". Now, it could be that they just posted a job ad on Dice and got some random Joe-Schmoe provider, but odds are they went through a bid process in order to use federal funds which would have necessitated an RFP with reqs on security. And in the DC area, there are tons of entirely privately owned entities that have federal classified clearances, not just private sector background checks. That is a huge boon for contracting firms when they have employees with clearance that they can bring into sensitive locations at the drop of a hat.
Wrong. Removing the classification designator on a document is in itself a felony.
Correct, but I didn't say "removing the classification designator". I said "removing the classification" or "de-classifying". The law says you can't do so for political reasons, but let's face it, 90%+ of all classifications are for political reasons. And 100% of public declassifications are for political reasons. The rules are lip service that take a back seat to the political realities of our government.
As for your heart warming story about the Marine who was guilty of multiple abject failures
No objections here. I merely use it as an anecdote to show that security and spillage have always been politically managed, not logically managed.
If you look at what Clinton did, there may be violations of the executive orders on classified information management. I can't say for sure because there is a crap-ton of unknowns that impact exactly how the legality of the situation stacks up. It may have been dumb, it may have been genius, it may have been a bit of both with a couple minor mistakes made along the way.
But coming after her over it now is purely a political move. The application of the rules has always been inconsistent. And that inconsistency has virtually always been about political agendas.
Maybe there will be a smoking gun, but after 7 Benghazi investigations and millions wasted there, I'm fully expecting the house GOP to blow another couple million investigating this.
The Bush administration had a similar off-network email system. And we never saw anyone there get prosecuted.
Condoleezza Rice "occasionally used" her department email system, but I haven't seen any claims that she wasn't using the private system as well.
Colin Powel used a personal email server, and he didn't retain any of the emails, they're all gone, so we don't even know if he had any classified materials, nor do we have any of the documentation on his involvement in the pre-Iraq invasion justification that was likely in his email.
Now it's a moot point as the department heads are now required to use their department network email servers for all government email. Before it was just strongly encouraged, but when Kerry took over the SoS he worked with Congress and the POTUS to get the new policy in place.
I'm talking about the IT company that the FBI has identified as the one that was managing her server/email.
When I was in the military working IT at HQMC in Quantico, VA, I had top secret clearance. I worked in a shop that was 50/50 Marines/Contractors. All of the contractors also had top secret clearance. So yeah, I would expect that Platte River Networks would have a vetted staff with clearance assigned to manage her email server.
which is what at least one email is said to have contained, even though the classification appears to have been removed
If the classification is removed, then it's not an issue. Even if it's post-hoc. Classifications aren't set in stone, they change over time as context changes. So if something that had been compartmentalized was released, part of the response can be to declassify it rather than going on a witch hunt for every random Joe who happened to see it. This is a perfectly legal and normal thing to have happen.
there have been more than a few career federal employees who have lost their jobs, been fined and worse for exactly the kind of spill we're talking about here.
And for each one of those you can point out, there have been thousands more that haven't. Hell, when I was at Quantico, one of the Marines responsible for the databases and associated servers opened a SSH hole in the firewall so he could remote in from home if something went wrong after hours. He rebuilt a server on Linux that was not approved for the classified data the database contained (and hit record uptime on the server too, which is how he got found out). And all he got for it was a stern talking to, and the day he completed his service contract he was hired back to the exact same position for 10 times the base salary.
When I was in Oki we had a similar incident with a site tech who put up a GeoCities page with links inside the network to all of his install packages so when he went on site to various offices he could just pop open his page and get to all of his files. Turns out some intrepid hackers came across the page (shortly after Hackers For Girls took down CNN's website in 1999 I think). The NOC in Quantico detected the intrusion attempts and went ape-shit on the guy. They flew a team out to Okinowa, they had mirrored the guy's hard drive, pulled his entire internet history, all of his emails, everything he had done on the network, and they threw the book at him. He was busted from Cpl to Pvt, any chance of a military career was ruined, and had he made any other mistakes he would have been drummed out on a dishonorable discharge. All that for putting up a geocities site that didn't actually create a security concern other than drawing attention to the network and the content we had available internally.
So yeah, security enforcement is all over the board. But the vast majority of the time it's ignored until someone outside of the agency becomes aware. And at that point it's no longer about security, it's about politics. Which is exactly what's going on here with Clinton.
Don't get me wrong, she's got plenty of skeletons and crap policies that I'm fully on board with giving her shit for, it's just this issue is largely drummed up because it sounds scary.
It's been almost 15 years since I got out of the military and left the DC corridor, but I would venture a guess that YES, her staff, including her IT staff, would have at a minimum secret if not top secret clearance.
Secret/Top Secret aren't typically that big of deal. A background check, some reference calls, and a clear job related need are all that's really required. Everyone in IT had secret or top secret when I was in.
Most of what you're seeing at those access levels isn't super critical. Undercover identities, munitions movements, nuke info, etc... are all covered under very specific security clearances that are much more tightly controlled. For example, the Sec of State would be unlikely to be cleared to know the transportation route, aircraft, or resting places of a nuclear weapon being relocated.
But since the SoS is a cabinet level position, her schedule is technically secret (or top secret). So mentioning that she has a dental exam on Thursday at 4:00pm could be construed as "classified spillage".
The SoS's main job is to play the international gossip game. To manage expectations internationally. That means that having a dedicated server that can be hacked but only has non-classified or selected classified data that was deemed acceptable to have leaked can be a tool.
Basically, there are tons of reasons to hate Clinton. Manufacturing outrage over this is a pretty big stretch IMO.
United States v. Causby. 328 U.S. 256, 261, 66 S. Ct. 1062, 1065, 90 L. Ed. 1206 (1946).
The US military was fly planes at 83' over the ground at Causby's farm. This low altitude effected his chickens and disrupted his farm's production rates. The SCOTUS found that the military was trespassing.
It has nothing to do with construction or lights and everything to do with land use and impact. If a drone is impacting your land use at 100', odds are you can win a trespass case. But you need to be able to prove that it is impacting your land use.
Anything 83' or lower is absolutely your air space. This has been upheld by the SCOTUS. Anything over 500' is absolutely NOT your air space, it is managed by the FAA.
Anything between 83' and 500' is a legal gray area where no hard precedence has been set.
Yeah, it looks like the 2015 model year lots of manufacturers made the jump.
Looking at the EPA site though, Tier 3 regs don't kick in until model year 2017: https://www.dieselnet.com/stan... There's probably more to the story that a quick search isn't turning up.
Go try buying a 2015+ TDI and see if you can run it without a DPF and DEF.. legally.
Good catch, I hadn't seen that the 2015's now include AdBlue. It's a huge step up from the 2007 Diesels that required monthly fillups. At 10k miles at least I'd only have to worry about it with oil changes. Unfortunate, but not a massive impact.
the next generation TDI Golf lost its IRS rear axle
Unless you have one of the mythical Aussie 4 wheel drive Golf TDIs, there isn't a rear axel on the Golf. More correctly, there are two very short axels that so far as I can tell have not been impacted by the addition of DEF.
It does look like they switched from the multilink independent suspension to a solid rear bar and torsion rods. I'm so-so on that. Performance tuning is out the window, but for a daily driver it should be fine, and maintenance is way cheaper.
Not sure on your fuel pump issue or how that would take out the engine. I could see possibly taking out the injectors if you wind up with particulate crap getting rammed into them at 1500 psi. But how are you losing an engine to a fuel pump "explosion"?
At 200 feet, the spread on a horizontal shot is ~100". If this is 9 pellet buck shot with a perfect spread that means you have a bit over 4 feet of air between each of those pellets. The drone is what, 20" wide? Even a perfect shot has better than eve odds of missing at that distance.
Given a vertical shot where gravity is pulling each pellet even further out of the pattern and it would be a miracle to hit anything.
So switch to bird shot. Figure just over 1.5 oz of lead bb shot in a 12 gauge 3" shell, that's ~80 pellets. Significantly more likely to hit, but at 200 feet, the.56 grams of a pellet is moving at roughly 600 fps between air resistance and gravity, which is just over 9 newtons (2 pounds) of kinetic energy hitting the drone.
This is also assuming that the guy is using the largest commonly fielded bird hunting combo. If he's using a 2.5" or 2" shell, the numbers drop even more.
I would be quite surprised if someone pulled off a 200' vertical shot, hit, and did substantial enough damage to take a drone out of the sky. Yeah, commercial drones are wimpy, but not/that/ wimpy.
Actually, I don't benefit. Thanks to the EPA, car makers can't engineer diesels to run with significant reliability.
That's pure BS right there.
I've got an '06 VW Golf TDi that has been running on ULSD since '08 with over 160,000 miles on it. I haven't had a single drive train failure on it.
I've replaced the glow plugs (Wisconsin winters are brutal), the timing belt (at ~100k miles), and regular oil changes at 10k miles. And I still pull 44mpg highway.
No vehicles have required DEF since 2008. It was a short term solution to meet EPA bin requirements in 2007/2008 while still running on low sulfur diesel fuel. Ultra low sulfur diesel, ULSD, does not require DEF to meet EPA requirements.
The EPA hasn't cost any jobs. It increases costs insignificantly, but the quantity of jobs is entirely dependent on demand. The few bucks that EPA regs add to the price of a car do not meaningfully impact demand.
I would ass-u-me that this would mean that over a period of time X, a current generation chip would process Y commands consuming N units of energy.
The new chip would perform 2Y commands over X time while only consuming.8N units of energy.
Or that each command execution would take 80% of the energy of a current gen chip, but that it could complete twice as many of them in the same time period, meaning a net increase of ~60% energy consumption at sustained max load.
Tons of ways to play with the statistics on this one, and the 100% performance improvement and 20% energy efficiency improvement are not mutually exclusive. But the summary doesn't give any context or detail, so without RTFA, it should be considered nothing more than marketing speak.
Most of the devs here come from COBOL/Mainframe backgrounds. So capslock is heavily abused, as is 4 letter abbreviations for every word, and excessive use of underscores.
Depending on state and local ordinances, it may also fall under Aerial Trespass, the laws typically used to force telephone/cable/power companies to run their lines under ground or around property lines.
It isn't about the fittest or death risk, it's about being able to procreate and survive.
In your species example of the 4, 6, and 10 mph creature. If the live birth rate of the creature declines as their speed increases (musculature takes energy/hormones away from breeding, high speed movements cause more lost pregnancies, etc...) than the 4mph species may actually be the winner as they will out-bread the 6 and 10mph variants.
Now, throw a 5 mph predator into the mix and the picture may change. If the 4mph variant can still breed fast enough to offset the deaths to the predator and out populate the higher speed variants, then it could still be the winner.
More likely though, the 6mph critter would win out as it is able to out breed the 10mph critter and would suffer significantly less losses than the 4mph critter to 5mph predators.
It all comes down to procreation. Which is the basic of the movie Idiocracy.
This bug is in the JIT optimizer of the 4.6 framework. For apps you are developing, it's absolutely no problem, you just go into the compiler settings and uncheck the 'optimize' setting.
The problem though, is that the 4.6 framework is an in-place replacement for the 4.5 framework, which was an in-place replacement for the 4.0 framework. And the JIT optimizer is on by default. So if you install the 4.6 framework, it could potentially introduce this bug into any application developed targeting the 4.0, 4.5, or 4.6 framework that is already distributed.
Luckily, it appears as though the issue is a combination of a nullable int that has a bug in the boxing/unboxing of it's operator when calling the.hasValue method. So the actual number of places where this will actually pop up is hopefully quite limited.
That said, MS better get this patch deployed ASAP. Or if you are in a critical hurry, the correction has already been committed to the.Net Git repo, so you can brave a build from that.
A co-worker of mine had just finished implementing a new caching system for a legacy app that interfaced between multiple systems and the mainframe to track progress and shipping of pilot production runs. Due to a bug in his code, in a very specific use case, one of the cached systems would not get flushed. This was identified a few days after the production release when the company (a multi-billion dollar food sciences multi-national corporation) received a phone call from a Pastor in BFE, Minnesota asking why we had sent him almost 500 gallons of ice cream. Apparently, his church's address was in the system from some charity event we had sponsored, since the ID and business type didn't flush from the previous transaction, when the pilot plant told the software to print labels for the next order, it pulled the shipping address from the wrong database and the ID just happened to collide.
The cost of shipping the ice cream back for disposal was ridiculous. So the company told the Pastor to have a huge ice cream social.
The responsible developer was not fired, but there were running gags about him being the Ice Cream Man for the next year.
My concern is how to keep someone between your server and the subscriber's MUA from compromising "possession", or how to establish "possession" the first time.
If you follow the same model with account creation, then you already have possession established. If someone compromises your email account, and knows your user account for this site, and knows your security answers, then yeah, you're borked. But if someone has all of that information already, I'm pretty sure you've been borked for a while and in significantly worse ways than someone having your college transcripts.;)
I just use a PRNG. If I need it as a GUID, I request 120 random bits and format them as a type 4 UUID. Is that good enough?
"Good enough" is a question that is best answered by the asker. Security isn't a Boolean implementation. You aren't secure or insecure, you are at some level of security across a very wide range. Storing passwords in clear text is vastly more secure than having no authentication on a system at all, but it is vastly less secure than storing a hashed password. And that is vastly less secure than storing a 1-way hashed password. And even that is meaningless if you don't have a secured communication layer, or if you aren't correctly exchanging public/private keys. etc...
Are you trying to keep script kiddies from spamming your content management site with pictures of dicks, or are you trying to keep banking details, SSNs, and credit histories locked up with controlled access via the internet?
With that said, you're likely more on the 'secure' side using a v4 UUID, assuming the rest of your implementation follows the appropriate patterns.
You don't. It's just a GUID or some other low collision rate hash.
[quote]And what do you send for a password reset?[/quote]
You send them a new UUID in a link. When the link is hit, the UUID resolves back to their account and they are directed to enter a new password, just like a first time user.
The combination of time (the UUID can be time boxed), activity (a successful login nullifies the UUID), and possession (control of the account's registered email address), and if you want to get really wild, knowledge of a security question, creates a scenario where there are no good purely technical solutions for the attacker.
An attacker could, in theory, create a colliding GUID for an account they know the name of (but not password), manually enter the UUID link, and set the new password (assuming there is no security question).
But if an attacker manages to consistently generate colliding GUIDs*, they have accomplished something so monumental that they should be heralded as the second coming of Steve Jobs or something.
(*Assuming the coders didn't decide to come up with their own GUID generation algorithm that is easily reverse engineered and seeded)
I am a manager. I have hired people over 50. On my team right now I have 3 people within 3 years of full retirement. One of whom I hired within the last year. I also have two that are within spitting range of 50, one of who I hired less than 6 months ago.
When I'm bringing someone on board in the 40+ category with 20+ years of professional experience, I have drastically different expectations than what I'm looking for in a 24 year old kid who's on his first salary gig out of college.
I'm looking for someone who understands corporate structures, workflow analysis, generalization. I'm looking for someone who says, "When you boil this down, it's an asset management system, and I've worked with half a dozen different vendors and 4 different home grown systems that do the same thing". I want someone who can sit down with users, look at what their doing and not just imagine up a new piece of software, but understand the business process to the point where they can make truly business impacting recommendations with a realistic grasp of what it would take to accomplish. I want someone who will pull the young bucks aside and explain to them the merits of simplicity and maintainability, someone who can do code reviews without being a pretentious dick, someone who can help guide that next generation of developers into the future engineers and architects I need.
People over 50 absolutely have a place in the development arena. But if you're 50 years old and still expect to have the same responsibilities as a 24 year old kid, you will be sorely disappointed.
Slashdot Mirror
It is NEVER free. Someone somewhere is paying for it.
Correct. In the case of tax payer funded education systems (much like our 4k-12 public school systems), the cost is being incurred by the tax payers and by future tax payers.
The trade off though is that a well educated populous allows for more advances in technology and innovation. Those advances in turn create new market segments, new career opportunities, and new revenue sources, all of which grow the economy.
The end result of which is that the minor cost of tax funded education programs is more than covered through the economic gains of the nation as a whole.
As the old saying goes, "A rising tide rises all boats".
-Rick
1.5 Mbps per receiver, up to ~16Mbps max in the US frequencies, ~20 Mbps max in the EU frequencies.
http://www.carlsonwireless.com...
-Rick
Interesting, on my home PC, just upgraded to Windows 10 and Edge, I disabled Flash. Youtube works fine playing HTML 5 videos, but clicking on videos in Facebook opens up the modal interface and the "get Flash!" logo shows up.
Opening facebook with Chrome or Firefox, both of which have the FF add-on, videos play fine.
-Rick
I just chatted with Carlson Wireless about their Rural Connection platform (http://www.carlsonwireless.com/ruralconnect/).
~$6k for a base station that hosts up to 10 clients (1 client included w/ the base station). Not exactly cheap, but if you can get 5-9 other folks to join you on it, a 1-time $700 investment and then dirt cheap payments (depending on what you can get for an up stream provider) monthly.
Each channel maxes out at ~1.5Mbps, so even if you fully load the base station, you're still no where close to saturating a business Cable line. Heck, even with average distribution a 6Mbps DSL line will cover most usage.
My farm has no access. Too far from the switch for DSL, no cable companies want to run that far for 4 or 5 houses, cell coverage is 3G when it comes in, and Satellite, in addition to being horrible, has all sorts of issues with VPNs.
Basically I have either WiMAX or WiFAR to choose from for something that isn't bandwidth capped or packing huge latency. WiMAX is an option, lower install, higher monthly payment. But I'm at almost max range from the closest provider.
So at this point, I'm very tempted to start my own ISP, fire up a base station in town where DSL/Cable/Fiber are available, and resell services to my neighbors. For a $10k buy-in, it's something that can be done on a whim. I doubt it would be profitable, but if the monthly loss is ~$100 and I get a solid 1.5Mbps connection out of it, I'd consider that a wash.
-Rick
Platte River wasn't hired by any layer of government!
They were hired by the office of the Secretary of State, who is in fact a "layer of the government". Now, it could be that they just posted a job ad on Dice and got some random Joe-Schmoe provider, but odds are they went through a bid process in order to use federal funds which would have necessitated an RFP with reqs on security. And in the DC area, there are tons of entirely privately owned entities that have federal classified clearances, not just private sector background checks. That is a huge boon for contracting firms when they have employees with clearance that they can bring into sensitive locations at the drop of a hat.
Wrong. Removing the classification designator on a document is in itself a felony.
Correct, but I didn't say "removing the classification designator". I said "removing the classification" or "de-classifying". The law says you can't do so for political reasons, but let's face it, 90%+ of all classifications are for political reasons. And 100% of public declassifications are for political reasons. The rules are lip service that take a back seat to the political realities of our government.
As for your heart warming story about the Marine who was guilty of multiple abject failures
No objections here. I merely use it as an anecdote to show that security and spillage have always been politically managed, not logically managed.
If you look at what Clinton did, there may be violations of the executive orders on classified information management. I can't say for sure because there is a crap-ton of unknowns that impact exactly how the legality of the situation stacks up. It may have been dumb, it may have been genius, it may have been a bit of both with a couple minor mistakes made along the way.
But coming after her over it now is purely a political move. The application of the rules has always been inconsistent. And that inconsistency has virtually always been about political agendas.
Maybe there will be a smoking gun, but after 7 Benghazi investigations and millions wasted there, I'm fully expecting the house GOP to blow another couple million investigating this.
The Bush administration had a similar off-network email system. And we never saw anyone there get prosecuted.
Condoleezza Rice "occasionally used" her department email system, but I haven't seen any claims that she wasn't using the private system as well.
Colin Powel used a personal email server, and he didn't retain any of the emails, they're all gone, so we don't even know if he had any classified materials, nor do we have any of the documentation on his involvement in the pre-Iraq invasion justification that was likely in his email.
Now it's a moot point as the department heads are now required to use their department network email servers for all government email. Before it was just strongly encouraged, but when Kerry took over the SoS he worked with Congress and the POTUS to get the new policy in place.
-Rick
When I was in the military working IT at HQMC in Quantico, VA, I had top secret clearance. I worked in a shop that was 50/50 Marines/Contractors. All of the contractors also had top secret clearance. So yeah, I would expect that Platte River Networks would have a vetted staff with clearance assigned to manage her email server.
If the classification is removed, then it's not an issue. Even if it's post-hoc. Classifications aren't set in stone, they change over time as context changes. So if something that had been compartmentalized was released, part of the response can be to declassify it rather than going on a witch hunt for every random Joe who happened to see it. This is a perfectly legal and normal thing to have happen.
there have been more than a few career federal employees who have lost their jobs, been fined and worse for exactly the kind of spill we're talking about here.
And for each one of those you can point out, there have been thousands more that haven't. Hell, when I was at Quantico, one of the Marines responsible for the databases and associated servers opened a SSH hole in the firewall so he could remote in from home if something went wrong after hours. He rebuilt a server on Linux that was not approved for the classified data the database contained (and hit record uptime on the server too, which is how he got found out). And all he got for it was a stern talking to, and the day he completed his service contract he was hired back to the exact same position for 10 times the base salary.
When I was in Oki we had a similar incident with a site tech who put up a GeoCities page with links inside the network to all of his install packages so when he went on site to various offices he could just pop open his page and get to all of his files. Turns out some intrepid hackers came across the page (shortly after Hackers For Girls took down CNN's website in 1999 I think). The NOC in Quantico detected the intrusion attempts and went ape-shit on the guy. They flew a team out to Okinowa, they had mirrored the guy's hard drive, pulled his entire internet history, all of his emails, everything he had done on the network, and they threw the book at him. He was busted from Cpl to Pvt, any chance of a military career was ruined, and had he made any other mistakes he would have been drummed out on a dishonorable discharge. All that for putting up a geocities site that didn't actually create a security concern other than drawing attention to the network and the content we had available internally.
So yeah, security enforcement is all over the board. But the vast majority of the time it's ignored until someone outside of the agency becomes aware. And at that point it's no longer about security, it's about politics. Which is exactly what's going on here with Clinton.
Don't get me wrong, she's got plenty of skeletons and crap policies that I'm fully on board with giving her shit for, it's just this issue is largely drummed up because it sounds scary.
-Rick
It's been almost 15 years since I got out of the military and left the DC corridor, but I would venture a guess that YES, her staff, including her IT staff, would have at a minimum secret if not top secret clearance.
Secret/Top Secret aren't typically that big of deal. A background check, some reference calls, and a clear job related need are all that's really required. Everyone in IT had secret or top secret when I was in.
Most of what you're seeing at those access levels isn't super critical. Undercover identities, munitions movements, nuke info, etc... are all covered under very specific security clearances that are much more tightly controlled. For example, the Sec of State would be unlikely to be cleared to know the transportation route, aircraft, or resting places of a nuclear weapon being relocated.
But since the SoS is a cabinet level position, her schedule is technically secret (or top secret). So mentioning that she has a dental exam on Thursday at 4:00pm could be construed as "classified spillage".
The SoS's main job is to play the international gossip game. To manage expectations internationally. That means that having a dedicated server that can be hacked but only has non-classified or selected classified data that was deemed acceptable to have leaked can be a tool.
Basically, there are tons of reasons to hate Clinton. Manufacturing outrage over this is a pretty big stretch IMO.
-Rick
No, that is not what the 83' is about.
United States v. Causby. 328 U.S. 256, 261, 66 S. Ct. 1062, 1065, 90 L. Ed. 1206 (1946).
The US military was fly planes at 83' over the ground at Causby's farm. This low altitude effected his chickens and disrupted his farm's production rates. The SCOTUS found that the military was trespassing.
It has nothing to do with construction or lights and everything to do with land use and impact. If a drone is impacting your land use at 100', odds are you can win a trespass case. But you need to be able to prove that it is impacting your land use.
-Rick
Anything 83' or lower is absolutely your air space. This has been upheld by the SCOTUS. Anything over 500' is absolutely NOT your air space, it is managed by the FAA.
Anything between 83' and 500' is a legal gray area where no hard precedence has been set.
-Rick
Yeah, it looks like the 2015 model year lots of manufacturers made the jump.
Looking at the EPA site though, Tier 3 regs don't kick in until model year 2017: https://www.dieselnet.com/stan...
There's probably more to the story that a quick search isn't turning up.
-Rick
Good catch, I hadn't seen that the 2015's now include AdBlue. It's a huge step up from the 2007 Diesels that required monthly fillups. At 10k miles at least I'd only have to worry about it with oil changes. Unfortunate, but not a massive impact.
Unless you have one of the mythical Aussie 4 wheel drive Golf TDIs, there isn't a rear axel on the Golf. More correctly, there are two very short axels that so far as I can tell have not been impacted by the addition of DEF.
It does look like they switched from the multilink independent suspension to a solid rear bar and torsion rods. I'm so-so on that. Performance tuning is out the window, but for a daily driver it should be fine, and maintenance is way cheaper.
Not sure on your fuel pump issue or how that would take out the engine. I could see possibly taking out the injectors if you wind up with particulate crap getting rammed into them at 1500 psi. But how are you losing an engine to a fuel pump "explosion"?
-Rick
At 200 feet, the spread on a horizontal shot is ~100". If this is 9 pellet buck shot with a perfect spread that means you have a bit over 4 feet of air between each of those pellets. The drone is what, 20" wide? Even a perfect shot has better than eve odds of missing at that distance.
Given a vertical shot where gravity is pulling each pellet even further out of the pattern and it would be a miracle to hit anything.
So switch to bird shot. Figure just over 1.5 oz of lead bb shot in a 12 gauge 3" shell, that's ~80 pellets. Significantly more likely to hit, but at 200 feet, the .56 grams of a pellet is moving at roughly 600 fps between air resistance and gravity, which is just over 9 newtons (2 pounds) of kinetic energy hitting the drone.
This is also assuming that the guy is using the largest commonly fielded bird hunting combo. If he's using a 2.5" or 2" shell, the numbers drop even more.
I would be quite surprised if someone pulled off a 200' vertical shot, hit, and did substantial enough damage to take a drone out of the sky. Yeah, commercial drones are wimpy, but not /that/ wimpy.
-Rick
That's pure BS right there.
I've got an '06 VW Golf TDi that has been running on ULSD since '08 with over 160,000 miles on it. I haven't had a single drive train failure on it.
I've replaced the glow plugs (Wisconsin winters are brutal), the timing belt (at ~100k miles), and regular oil changes at 10k miles. And I still pull 44mpg highway.
No vehicles have required DEF since 2008. It was a short term solution to meet EPA bin requirements in 2007/2008 while still running on low sulfur diesel fuel. Ultra low sulfur diesel, ULSD, does not require DEF to meet EPA requirements.
The EPA hasn't cost any jobs. It increases costs insignificantly, but the quantity of jobs is entirely dependent on demand. The few bucks that EPA regs add to the price of a car do not meaningfully impact demand.
-Rick
I would ass-u-me that this would mean that over a period of time X, a current generation chip would process Y commands consuming N units of energy.
The new chip would perform 2Y commands over X time while only consuming .8N units of energy.
Or that each command execution would take 80% of the energy of a current gen chip, but that it could complete twice as many of them in the same time period, meaning a net increase of ~60% energy consumption at sustained max load.
Tons of ways to play with the statistics on this one, and the 100% performance improvement and 20% energy efficiency improvement are not mutually exclusive. But the summary doesn't give any context or detail, so without RTFA, it should be considered nothing more than marketing speak.
-Rick
Most of the devs here come from COBOL/Mainframe backgrounds. So capslock is heavily abused, as is 4 letter abbreviations for every word, and excessive use of underscores.
-Rick
Depending on state and local ordinances, it may also fall under Aerial Trespass, the laws typically used to force telephone/cable/power companies to run their lines under ground or around property lines.
-Rick
Or an under barrel mounted grenade launcher. check out the M-203 :)
-Rick
I would correct that even further.
It isn't about the fittest or death risk, it's about being able to procreate and survive.
In your species example of the 4, 6, and 10 mph creature. If the live birth rate of the creature declines as their speed increases (musculature takes energy/hormones away from breeding, high speed movements cause more lost pregnancies, etc...) than the 4mph species may actually be the winner as they will out-bread the 6 and 10mph variants.
Now, throw a 5 mph predator into the mix and the picture may change. If the 4mph variant can still breed fast enough to offset the deaths to the predator and out populate the higher speed variants, then it could still be the winner.
More likely though, the 6mph critter would win out as it is able to out breed the 10mph critter and would suffer significantly less losses than the 4mph critter to 5mph predators.
It all comes down to procreation. Which is the basic of the movie Idiocracy.
-Rick
This bug is in the JIT optimizer of the 4.6 framework. For apps you are developing, it's absolutely no problem, you just go into the compiler settings and uncheck the 'optimize' setting.
The problem though, is that the 4.6 framework is an in-place replacement for the 4.5 framework, which was an in-place replacement for the 4.0 framework. And the JIT optimizer is on by default. So if you install the 4.6 framework, it could potentially introduce this bug into any application developed targeting the 4.0, 4.5, or 4.6 framework that is already distributed.
Luckily, it appears as though the issue is a combination of a nullable int that has a bug in the boxing/unboxing of it's operator when calling the .hasValue method. So the actual number of places where this will actually pop up is hopefully quite limited.
That said, MS better get this patch deployed ASAP. Or if you are in a critical hurry, the correction has already been committed to the .Net Git repo, so you can brave a build from that.
-Rick
The fix is available in the .Net Git repo if you want it prior to the next official release.
-Rick
A co-worker of mine had just finished implementing a new caching system for a legacy app that interfaced between multiple systems and the mainframe to track progress and shipping of pilot production runs. Due to a bug in his code, in a very specific use case, one of the cached systems would not get flushed. This was identified a few days after the production release when the company (a multi-billion dollar food sciences multi-national corporation) received a phone call from a Pastor in BFE, Minnesota asking why we had sent him almost 500 gallons of ice cream. Apparently, his church's address was in the system from some charity event we had sponsored, since the ID and business type didn't flush from the previous transaction, when the pilot plant told the software to print labels for the next order, it pulled the shipping address from the wrong database and the ID just happened to collide.
The cost of shipping the ice cream back for disposal was ridiculous. So the company told the Pastor to have a huge ice cream social.
The responsible developer was not fired, but there were running gags about him being the Ice Cream Man for the next year.
-Rick
My concern is how to keep someone between your server and the subscriber's MUA from compromising "possession", or how to establish "possession" the first time.
If you follow the same model with account creation, then you already have possession established. If someone compromises your email account, and knows your user account for this site, and knows your security answers, then yeah, you're borked. But if someone has all of that information already, I'm pretty sure you've been borked for a while and in significantly worse ways than someone having your college transcripts. ;)
I just use a PRNG. If I need it as a GUID, I request 120 random bits and format them as a type 4 UUID. Is that good enough?
"Good enough" is a question that is best answered by the asker. Security isn't a Boolean implementation. You aren't secure or insecure, you are at some level of security across a very wide range. Storing passwords in clear text is vastly more secure than having no authentication on a system at all, but it is vastly less secure than storing a hashed password. And that is vastly less secure than storing a 1-way hashed password. And even that is meaningless if you don't have a secured communication layer, or if you aren't correctly exchanging public/private keys. etc...
Are you trying to keep script kiddies from spamming your content management site with pictures of dicks, or are you trying to keep banking details, SSNs, and credit histories locked up with controlled access via the internet?
With that said, you're likely more on the 'secure' side using a v4 UUID, assuming the rest of your implementation follows the appropriate patterns.
-Rick
[quote]So how do you encrypt this UUID?[/quote]
You don't. It's just a GUID or some other low collision rate hash.
[quote]And what do you send for a password reset?[/quote]
You send them a new UUID in a link. When the link is hit, the UUID resolves back to their account and they are directed to enter a new password, just like a first time user.
The combination of time (the UUID can be time boxed), activity (a successful login nullifies the UUID), and possession (control of the account's registered email address), and if you want to get really wild, knowledge of a security question, creates a scenario where there are no good purely technical solutions for the attacker.
An attacker could, in theory, create a colliding GUID for an account they know the name of (but not password), manually enter the UUID link, and set the new password (assuming there is no security question).
But if an attacker manages to consistently generate colliding GUIDs*, they have accomplished something so monumental that they should be heralded as the second coming of Steve Jobs or something.
(*Assuming the coders didn't decide to come up with their own GUID generation algorithm that is easily reverse engineered and seeded)
-Rick
Which is part of the point of getting more developers to move into managerial roles ;)
-Rick
I find this notion interesting.
I am a manager. I have hired people over 50. On my team right now I have 3 people within 3 years of full retirement. One of whom I hired within the last year. I also have two that are within spitting range of 50, one of who I hired less than 6 months ago.
When I'm bringing someone on board in the 40+ category with 20+ years of professional experience, I have drastically different expectations than what I'm looking for in a 24 year old kid who's on his first salary gig out of college.
I'm looking for someone who understands corporate structures, workflow analysis, generalization. I'm looking for someone who says, "When you boil this down, it's an asset management system, and I've worked with half a dozen different vendors and 4 different home grown systems that do the same thing". I want someone who can sit down with users, look at what their doing and not just imagine up a new piece of software, but understand the business process to the point where they can make truly business impacting recommendations with a realistic grasp of what it would take to accomplish. I want someone who will pull the young bucks aside and explain to them the merits of simplicity and maintainability, someone who can do code reviews without being a pretentious dick, someone who can help guide that next generation of developers into the future engineers and architects I need.
People over 50 absolutely have a place in the development arena. But if you're 50 years old and still expect to have the same responsibilities as a 24 year old kid, you will be sorely disappointed.
-Rick