>The solution to allow tracking, but keep hackers at bay is to cryptographically hash the card number...
That's what I was going to say. As I was writing a post to tell people to mod you up I realized why it might not do much good. The credit card number is only 16 digits and isn't completely random. This means it would probably be practical to make a rainbow table with the hash of every likely card number. A salt unique to the merchant might help especially if it could be kept from the hackers. A salt that included items unique to the customer such as name, address etc. would require a complete hash search for every customer and might do the trick, or it might not.
I was thinking about a way to get an ultra thin layer of heat sink compound on a cpu. In machining sometimes they stack small steel blocks called guage blocks to the desired height. The blocks are provided in a set of various thicknesses and are machined to very precise thicknesses with a very smooth surface. If you just put the blocks on top of each other the dust and stuff ruins the precision and makes the thickness wrong. So they do what is called "wringing" the blocks together. They just put a little bit of the edge of one block on top of the other and then slide the two blocks together so that the surface contamination and excess oil is pushed off. The blocks end up so close together that some chemical phenomenon makes them able to resist large forces pulling them straight apart even though they can still be easily slid apart. Of course this would require extremely smooth cpus and heat sinks.
I'm sorry, but First Amendment of the US Constitution says you have a right to speak your mind.
There are many reasonable restrictions on freedom of speech. Slander, fraud, and yelling fire in a crowded theater are examples. Revealing top secret information to an enemy is also illegal. Off hand, I can't see good reason to oppose that prohibition.
This is interesting. Doesn't one of the Ten Commandments forbid lying? Can the court compel you to break that? Of course the people of the US pay undercover agents to lie. If paying someone to lie on your behalf isn't a violation of the Ten Commandments then maybe compelling someone to lie isn't either. Or maybe the Ten Commandments just aren't followed that closely anymore, like slavery isn't, even though it is promoted in the bible(1 Timothy 6:1).
What if you were testifying under oath and you were asked if you received a NSL? Would you be required to perjur yourself. If you asked then the judge would probably be required to dismiss the question, but by making such a request you would give it away. Even if you just paused with a blank stare on your face, waiting for the judge to dismiss the question without your prompting, that would probably give it away unless the judge was very quick. What would be the proper response in that situation? Maybe the NSL would be a defense to perjury. Maybe it would be the lawyer who asked the question that would get in trouble.
Maybe in general you could get away with "no comment". If you get a trial would a jury convict you? (I'm deeply saddened I had to use the word "if") Would you be convicted if the government tortured a confession out of you while trying to find out why you were helping the terrorists?
I don't think the government can do that in the US but maybe it can. Anyway, I'm amazed that any company would trust software such as SAP or SUSE linux when the german government can get a window on everything you do whenever it can find an excuse. I would think German software companies and businesses buying German software would insist on a law banning such court orders. Won't it devastate the German software industry when companies realize this? Such a law might also need to prohibit such orders under any circumstances or else the President(Prime Minister?) might take advantage of something like the part of the US Constitution that allows the President to break any law if it's "necessary and proper". Of course some AMD processors are also made in Germany. I wonder if the German government has required stuff to be put in them. Some Intel processors are made in countries other than the US. I wonder if those countries are requiring implants as well.
It all boils down to whether the universe has a purpose. If there is a purpose to the universe or a meaning of life or whatever you want to call it, then that is the basis of rights.
So let me get this straight. The drivers were getting mad at you because they thought you were transmitting data about them to the GPS satellites. So you tried to comfort them by saying that data can't be sent to the GPS satellites. Meanwhile you were transmitting data about them over the cell phone network by CDPD. And you wonder why they didn't trust you?
Does anyone know why USB and IDE flash drives don't max out their bus bandwidths? I realize that a flash chip can only go so fast, but why don't they just parallel as many as needed to get the desired bandwidth?
kwerle wrote that miscofiguration of firewalls might often ruin their security while misconfiguration of NAT is unlikely.
mplex wrote:
[That is one of the worst arguments I have heard in a long time
Actually I think that this is a major argument against IP6. I doubt IP6 home routers will be delivered with a restrictive firewall by default because too many users would call tech support complaining that some services aren't working right. It would probably be like how wireless routers have been delivered with WEP disabled by default even though it would probably be doing the users a favor to have it enabled by default. However, even though I think this is a major disadvantage of IP6, I don't think it outweighs the advantages.
Why should I give a rat's ass what the universe's "purpose", if any, is for me.
Because you *are* the universe or at least a part of it. You are a bunch of little particles that exploded out of a star. You have been alive for billions of years. One of the cells in your mother's body split in half and half of it became you. You are a part of a continuous line of living cells back to the origin of your line. The purpose of the universe is your purpose by definition. Though I think it does, I can't say with confidence that the universe has a purpose. The life of a human running around this planet may be no more meaningful than the hopping and jumping of a rock rolling down a hillside. But it seems to me that without a purpose nothing matters. Not not ethics or evil. Not happiness or horror. When the capability exists, why not just rewire your brain to experience a continuous state of ultimate ecstasy? There would be no point in moving because there would be no activity that would put your brain in a happier state then it would be in already. You would just sit there motionless with nutrients being pumped into your veins and your life would be equivalent to being a rock. If you don't think that's possible why not? What activity would bring happiness to your brain in a way that no rewiring could substitute? I submit that that activity may be related to the meaning of life.
In that case, we're just complex machines abiding by the laws of physics and any ideas of morality are illusory. Robot rights, therefore, do not matter a whit. Nor, possibly, do human rights. It all ends in a big, dead, cold universe, so it's all for nothing anyway.
Pascal's Wager basically says that if there's no god then it doesn't matter what you believe, but if there is a god then you had better believe in him. Even though Pascal's wager may be invalid when it comes to belief in a particular god, it may be reasonable when applied to a meaning for the universe as a whole. In other words, if the universe is pointless then it doesn't matter what you do, but if there is a purpose to the universe then it does matter what you do. If you don't know what the purpose is then I guess the first step is to figure out what the purpose is.
Anyone can be a provider that you can authenticate against. You don't need AOL or anyone else. You can even be your own provider running your own OpenID server. But the site you're trying to log into can trust or not trust whoever they want. If it's a relatively uncritical site like Slashdot, then the site will probably trust any OpenID provider. But if it's something like your bank, then they may only trust providers that they're reasonably confident will have good security. Actually I doubt banks will use this since they probably won't want to relinquish control of a major part of the authentication process just to save you from having to remember and type your password.
So? If someone tells you their openid (or you setup a spoof website to get it) then you have access to their entire life too, if this becomes popular.
It seems OpenID prevents this problem. With OpenID the only thing you give to the websites you login to is your URL (such as https://aol.com/cooldude ). You can even give your URL to your enemies. You never give your OpenID password to any site except AOL, or if you run your own OpenID server, you never give your password to anyone at all. If I understand it right the whole encrypted procedure goes something like this:
You're trying to login to example.com
Example.com says: Who are you? You say: I'm "https://aol.com/cooldude" Example.com asks AOL: Is this guy really cooldude? AOL sends a message to you asking: Example.com says you're trying to log on, is it really you? You say to AOL: Yea it's me, here's my password to prove it.(AOL doesn't tell example.com your password. Also you save the hassle of entering your password for any site if you already logged in to AOL, like at the beginning of each day.) AOL says to Example.com: Yes we verified it's cooldude. Example.com says to you: Hi cooldude from aol.com, we've verified it's you again. Welcome.
Note that if you log into AOL at the beginning of the day, then for you this whole procedure boils down to you just entering your URL to login and then pressing a button from AOL to authorize the login.
Some advantages and disadvantages are:
You can use one username and password for every site and you only have to enter your password once a day.
If you used the same username and password at a lot of sites before, then with OpenID you don't have to worry about your password being compromised on one site by lax security or a crooked site owner(like a phisher) and then having your accounts compromised at all the other sites.
I'm not sure about the privacy issues. If your OpenID provider allows it(or if you set up your own server) you could set up an unlimited number of ID's (eg cooldude2, cooldude3, etc.) I don't see how you would be giving up any more privacy than any other system. And if your provider allows it you could save a lot of trouble and use the same password for all your IDs. Your OpenID provider could track which sites you log into, but you could just be your own provider or choose one you trust not to track you. Of course the sites you log into could require only certain OpenID providers like AOL, Microsoft, Verisign, etc. You might not be able to use your own server. Sites might only accept OpenIDs from providers that use strong identification, like Paypal's requirement that you control a checking account to be confirmed, because banks in the US are required by law to get ID before opening a checking account(says Paypal).
If sites only recognize OpenIDs from certain providers, at least the list of providers would likely be more inclusive than something like Microsoft Passport which has only one provider.
OpenID providers might differentiate themselves on their security. Verisign for example may try to claim that their OpenID service (if they had it) is secure enough to use for bank logins.
I'm also surprised at the reaction of slashdotters. I think protecting confidential sources of journalists could be important to maintaining freedom. However this guy is protecting a video taken in the middle of the street in a major city. His sources couldn't have had any expectation of confidentiality.
You could just as easily use Kerberos to encrypt HTTP traffic as SSL
Erm, isn't Kerberos an authentication protocol? from the FAQ at
All it does for telnet is take care of authenticating the users, the rest of the session is still plaintext but the login + pass aren't sent in the clear.
That's what I thought so I checked. They don't seem to make a big deal of it but this little bit seems to indicate that it can be used for encrypting the entire session.
"The next level of Kerberos support is a "true" Kerberized application that uses Kerberos tickets to verify identity and/or encrypt data.... Unfortunately, relatively few applications support Kerberos to this degree."
If someone grabs your laptop and throws it on the ground smashing it to pieces they are guilty of a crime. But if you smash your own laptop you haven't committed a crime. They're punishing the victims for hurting themselves. But if the victims are hurting themselves, that should be punishment enough. There are other laws to protect victims from themselves like seatbelt and helmet laws, but those are usually justified on the grounds that society would have to pay their medical bills.
Information you can't trust ceases to be information.
Not true at all. For example you might ask some random stranger on the street if there are any good restaurants around. The stranger might say that people speak highly of Joe's Steak House around the corner. That's not reliable at all, but it's significantly more valuable than no information at all. Eyewitness testimony is quite unreliable, yet it is often rightfully used to contribute to court judgements.
How do you measure the reliability of information provided by WP?
Wikipedia is not reliable. If you need reliable information then confirm it with a reliable source.
If it was improved much more frequently then that would be a killer feature. But it's not, it's just changed more frequently.
It certainly IS improved more frequently than a traditional encyclopedia. Whether it's degraded more frequently than it's improved, I can't say for sure, but I estimate that it generally(not always) gets better with time.
The dirt is rarely kept in for long before a NPOV-fanatic clears it out.
I'm thinking mainly about things like sections labeled criticism and lists of advantages and disadvantages and such info which does often persist in the articles. Regular encyclopedias also have such info but usually not as much.
Simply using Wikipedia, as a reader or an editor, for more than five days demonstrates how worthless it is as a resource...
A real encyclopedia rests on authority, that is its sole reason for existance.
Just because something isn't perfect doesn't make it worthless. Not only is authority not the sole reason for an encyclopedia, it's not even the main reason. The main reason is simply ready access to information. Information doesn't have to be totally reliable to be useful. For example I learn a lot from Slashdot comments. I certainly don't trust my life to their reliability though. Wikipedia is far more reliable than Slashdot, but still requires skepticism.
I think Wikipedia is one of the greatest inventions in the history of humanity. I would have never thought it would work at all, much less be as incredibly valuable as it is. Wikipedia has some big advantages over traditional encyclopedias. One obvious one is that it is updated much more frequently. Another thing I like is that it often dishes a little dirt about the subject that you wouldn't find in a traditional encyclopedia. Recognize its limitations but enjoy its riches.
..if it came to it then at least an expert should be able to spot a forgery in the event of a dispute.
That won't do you any good because clerks can't distinguish from a legitimate signature and a forged one. Therefore if the owner of a card wants to cheat the bank, they can just sign their own signature with their left hand or something and then deny the charge. If the bank doesn't believe you when you say it was fraudulent then you'll be stuck with the charge (or the store will because they didn't check your ID). The fact that the signatures don't match does you no good.
Chip and pin is a massive improvement over the insane system we have in the US. It may have been sane back when computers were rare or expensive, but there's no excuse for it now. But chip and pin still has serious vulnerabilities, especially when used over the internet. Even with a card reader on your computer, the fact that operating systems like Windows and Linux will never be seriously secure, means that you can't trust what you see on the screen is what's going on over the wires. It's just a matter of time before the banks finally realize that the only solution is a device you carry with its own small display and keypad. Such a device would have a simple enough operating system and software that it might achieve a fairly strong level of security.
The other trend I see for the future is many more hackers learning to probe the dies of security chips. With the rapid increase in the number of devices relying on secret keys hidden in security chips, such as credit cards, motherboards, sattelite and cable tv, Blueray, and more, there will be greatly increasing demand for the ability to extract those keys. Electron microscopes or any other equipment to get into these chips can be bought, borrowed, or even built in one's garage. I'm sure that any chip can be defeated if the hacker has enough samples to work with. I don't know if the difficulty will make it impractical though.
I just bought a GB of RAM on ebay for $45 for my old 600 MHz server.
Trying to squirrel more functionality out of less RAM is a waste of time.
A lot of people didn't even pay $45 for their entire computer. It's a waste of time if you have the money but not the time. If you have the time but not the money, then you might have little choice.
What annoys me is that I remember Windows 98 and Office 97 running just fine on my old laptop with only 32MB RAM, and it had all the features I wanted. But even with an upgrade to 128MB RAM the laptop is slowed to near uselessness even by Xubuntu. Fluxbox is fast enough so I know it's possible. But the integration and ease of use of fluxbox and the other lightweight window managers I've tried is far below Windows 98.
Still I think we would all be better off in the long run if we switched to Linux because of the freedom, versatility, customizability, fixability, and price. If the playing field between Linux and Windows were level, that is if we were free from the lockin of hardware and software compatibility, I think Linux is good enough it could win today. Linux is still a little harder to use than windows, but then there was a time when Windows beat out superior operating systems like OS2 and MacOS.
I had a domain expire that was originally on GoDaddy...about 8 months later...When I tried to renew through GoDaddy, they said that it was on hold, and it would cost $$$ extra to release it...
I think this is actually a feature rather than a bad thing. If your registrar lets your domain go then it will be picked up by a squatter. Then if you want it back the squatter will put it up for auction and/or extort you for as much as they think they can. Just a couple weeks ago I forgot about an old domain that wasn't very important to me and I accidentally let it expire for about two weeks. When I realized it Godaddy let me reregister it for no extra charge above the usual registration fee. After a certain period Godaddy has to pay out of their own pocket to hold onto your domain. They have to recover their costs from the few people who want their domain back since they can't get anything from the people who don't want them anymore.
If your domain has any value to anyone else though you'll probably be out of luck anyway, because I think Godaddy puts your domain up for auction after it's been expired for more than 75days. This sounds nasty but if Godaddy didn't do it it would be immediately snatched up by other even nastier auction places anyhow, so Godaddy might as well make the profits themselves.
I also wonder if this is bogus. If it's true, why be anonymous since the former employer will instantly know who you are anyway. On the other hand if this is bogus you'd need to be anonymous so they couldn't sue you for libel.
I agree that the form letter against spam fighting solutions is not really fair. I expect that no solution could meet all the requirements of the form. What's more, some of the requirements of the form are things that would be worth giving up for an effective spam fighting solution. I also think that most of the criticisms of your (fredklein's) solution aren't big problems.
It seems to me a simpler solution is just to get the ISPs to stop permitting spam and zombies. I think they could do it easily but don't do it now for fear of loosing customers (both clueless zombie owners and spammers). Perhaps an organization could be formed to boycott ISPs that don't shut down zombies. Perhaps a class action lawsuit could be filed on behalf of all the people who had to waste money on antispam software because the ISPs don't shut down the zombies which are engaging in illegal activities in plain sight of the ISPs. Perhaps a law could be passed to force ISPs to shut them down.
When spam from the US plummets to tiny levels, all other countries would probably follow, either enthusiastically or reluctantly.
The trick is that the sensor that measures the start and the sensor that measures the end of the pulse aren't really measuring the same thing.
I meant to say:
The trick is that the timing sensor at the entrance of the test chamber isn't measuring the same thing as the timing sensor at the exit of the test chamber.
This experiment appears to be one of a class of experiments that use interference within pulses to generate timing errors that make it look like stuff is traveling at different speeds than it really is. The trick is that the sensor that measures the start and the sensor that measures the end of the pulse aren't really measuring the same thing.
For example say I generate a one second pulse with my flashlight by pushing the switch on and then turning it off one second later. Since the distance from the filament in the flashlight bulb to the front of my flashlight is about 1cm it therefore took the light pulse from my flashlight one second to traverse the 1cm distance. That's a very slow light pulse. What a breakthrough I've made. NOT.
Of course they're a lot trickier about it with these experiments. Maybe they send the waves through substances with nonlinear transmittance characteristics or other tricks to get complicated interference patters and such, which make their pulse dectectors trip at the wrong time. What's mind boggling is that they manage to trick reputable journals into publishing this garbage.
Just yesterday I read about a funny experiment that demonstrates the absurdity of these experiments. They used similar tricks to make sound travel faster than light. Indeed they could make the sound travel at any speed they wanted. They could even make the pulse exit before it was detected entering.
Slashdot Mirror
That's what I was going to say. As I was writing a post to tell people to mod you up I realized why it might not do much good. The credit card number is only 16 digits and isn't completely random. This means it would probably be practical to make a rainbow table with the hash of every likely card number. A salt unique to the merchant might help especially if it could be kept from the hackers. A salt that included items unique to the customer such as name, address etc. would require a complete hash search for every customer and might do the trick, or it might not.
I was thinking about a way to get an ultra thin layer of heat sink compound on a cpu. In machining sometimes they stack small steel blocks called guage blocks to the desired height. The blocks are provided in a set of various thicknesses and are machined to very precise thicknesses with a very smooth surface. If you just put the blocks on top of each other the dust and stuff ruins the precision and makes the thickness wrong. So they do what is called "wringing" the blocks together. They just put a little bit of the edge of one block on top of the other and then slide the two blocks together so that the surface contamination and excess oil is pushed off. The blocks end up so close together that some chemical phenomenon makes them able to resist large forces pulling them straight apart even though they can still be easily slid apart. Of course this would require extremely smooth cpus and heat sinks.
This is interesting. Doesn't one of the Ten Commandments forbid lying? Can the court compel you to break that? Of course the people of the US pay undercover agents to lie. If paying someone to lie on your behalf isn't a violation of the Ten Commandments then maybe compelling someone to lie isn't either. Or maybe the Ten Commandments just aren't followed that closely anymore, like slavery isn't, even though it is promoted in the bible(1 Timothy 6:1).
What if you were testifying under oath and you were asked if you received a NSL? Would you be required to perjur yourself. If you asked then the judge would probably be required to dismiss the question, but by making such a request you would give it away. Even if you just paused with a blank stare on your face, waiting for the judge to dismiss the question without your prompting, that would probably give it away unless the judge was very quick. What would be the proper response in that situation? Maybe the NSL would be a defense to perjury. Maybe it would be the lawyer who asked the question that would get in trouble.
Maybe in general you could get away with "no comment". If you get a trial would a jury convict you? (I'm deeply saddened I had to use the word "if") Would you be convicted if the government tortured a confession out of you while trying to find out why you were helping the terrorists?
This reminds me of how in Germany the government could order an organization to backdoor their software and keep it secret. http://www.theregister.co.uk/2003/08/21/net_anonym ity_service_backdoored/
I don't think the government can do that in the US but maybe it can. Anyway, I'm amazed that any company would trust software such as SAP or SUSE linux when the german government can get a window on everything you do whenever it can find an excuse. I would think German software companies and businesses buying German software would insist on a law banning such court orders. Won't it devastate the German software industry when companies realize this? Such a law might also need to prohibit such orders under any circumstances or else the President(Prime Minister?) might take advantage of something like the part of the US Constitution that allows the President to break any law if it's "necessary and proper". Of course some AMD processors are also made in Germany. I wonder if the German government has required stuff to be put in them. Some Intel processors are made in countries other than the US. I wonder if those countries are requiring implants as well.
So let me get this straight. The drivers were getting mad at you because they thought you were transmitting data about them to the GPS satellites. So you tried to comfort them by saying that data can't be sent to the GPS satellites. Meanwhile you were transmitting data about them over the cell phone network by CDPD. And you wonder why they didn't trust you?
Does anyone know why USB and IDE flash drives don't max out their bus bandwidths? I realize that a flash chip can only go so fast, but why don't they just parallel as many as needed to get the desired bandwidth?
mplex wrote:
Actually I think that this is a major argument against IP6. I doubt IP6 home routers will be delivered with a restrictive firewall by default because too many users would call tech support complaining that some services aren't working right. It would probably be like how wireless routers have been delivered with WEP disabled by default even though it would probably be doing the users a favor to have it enabled by default. However, even though I think this is a major disadvantage of IP6, I don't think it outweighs the advantages.Anyone can be a provider that you can authenticate against. You don't need AOL or anyone else. You can even be your own provider running your own OpenID server. But the site you're trying to log into can trust or not trust whoever they want. If it's a relatively uncritical site like Slashdot, then the site will probably trust any OpenID provider. But if it's something like your bank, then they may only trust providers that they're reasonably confident will have good security. Actually I doubt banks will use this since they probably won't want to relinquish control of a major part of the authentication process just to save you from having to remember and type your password.
It seems OpenID prevents this problem. With OpenID the only thing you give to the websites you login to is your URL (such as https://aol.com/cooldude ). You can even give your URL to your enemies. You never give your OpenID password to any site except AOL, or if you run your own OpenID server, you never give your password to anyone at all. If I understand it right the whole encrypted procedure goes something like this:
You're trying to login to example.com
Example.com says: Who are you?
You say: I'm "https://aol.com/cooldude"
Example.com asks AOL: Is this guy really cooldude?
AOL sends a message to you asking: Example.com says you're trying to log on, is it really you?
You say to AOL: Yea it's me, here's my password to prove it.(AOL doesn't tell example.com your password. Also you save the hassle of entering your password for any site if you already logged in to AOL, like at the beginning of each day.)
AOL says to Example.com: Yes we verified it's cooldude.
Example.com says to you: Hi cooldude from aol.com, we've verified it's you again. Welcome.
Note that if you log into AOL at the beginning of the day, then for you this whole procedure boils down to you just entering your URL to login and then pressing a button from AOL to authorize the login.
Some advantages and disadvantages are:
You can use one username and password for every site and you only have to enter your password once a day.
If you used the same username and password at a lot of sites before, then with OpenID you don't have to worry about your password being compromised on one site by lax security or a crooked site owner(like a phisher) and then having your accounts compromised at all the other sites.
I'm not sure about the privacy issues. If your OpenID provider allows it(or if you set up your own server) you could set up an unlimited number of ID's (eg cooldude2, cooldude3, etc.) I don't see how you would be giving up any more privacy than any other system. And if your provider allows it you could save a lot of trouble and use the same password for all your IDs. Your OpenID provider could track which sites you log into, but you could just be your own provider or choose one you trust not to track you. Of course the sites you log into could require only certain OpenID providers like AOL, Microsoft, Verisign, etc. You might not be able to use your own server. Sites might only accept OpenIDs from providers that use strong identification, like Paypal's requirement that you control a checking account to be confirmed, because banks in the US are required by law to get ID before opening a checking account(says Paypal).
If sites only recognize OpenIDs from certain providers, at least the list of providers would likely be more inclusive than something like Microsoft Passport which has only one provider.
OpenID providers might differentiate themselves on their security. Verisign for example may try to claim that their OpenID service (if they had it) is secure enough to use for bank logins.
There are plenty of vulnerabilities that can be seen just by visiting the public areas of a site and viewing the page sources without hacking in.
I'm also surprised at the reaction of slashdotters. I think protecting confidential sources of journalists could be important to maintaining freedom. However this guy is protecting a video taken in the middle of the street in a major city. His sources couldn't have had any expectation of confidentiality.
That's what I thought so I checked. They don't seem to make a big deal of it but this little bit seems to indicate that it can be used for encrypting the entire session.
From
http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerbe
"The next level of Kerberos support is a "true" Kerberized application that uses Kerberos tickets to verify identity and/or encrypt data.
If someone grabs your laptop and throws it on the ground smashing it to pieces they are guilty of a crime. But if you smash your own laptop you haven't committed a crime. They're punishing the victims for hurting themselves. But if the victims are hurting themselves, that should be punishment enough. There are other laws to protect victims from themselves like seatbelt and helmet laws, but those are usually justified on the grounds that society would have to pay their medical bills.
I think Wikipedia is one of the greatest inventions in the history of humanity. I would have never thought it would work at all, much less be as incredibly valuable as it is. Wikipedia has some big advantages over traditional encyclopedias. One obvious one is that it is updated much more frequently. Another thing I like is that it often dishes a little dirt about the subject that you wouldn't find in a traditional encyclopedia. Recognize its limitations but enjoy its riches.
Chip and pin is a massive improvement over the insane system we have in the US. It may have been sane back when computers were rare or expensive, but there's no excuse for it now. But chip and pin still has serious vulnerabilities, especially when used over the internet. Even with a card reader on your computer, the fact that operating systems like Windows and Linux will never be seriously secure, means that you can't trust what you see on the screen is what's going on over the wires. It's just a matter of time before the banks finally realize that the only solution is a device you carry with its own small display and keypad. Such a device would have a simple enough operating system and software that it might achieve a fairly strong level of security.
The other trend I see for the future is many more hackers learning to probe the dies of security chips. With the rapid increase in the number of devices relying on secret keys hidden in security chips, such as credit cards, motherboards, sattelite and cable tv, Blueray, and more, there will be greatly increasing demand for the ability to extract those keys. Electron microscopes or any other equipment to get into these chips can be bought, borrowed, or even built in one's garage. I'm sure that any chip can be defeated if the hacker has enough samples to work with. I don't know if the difficulty will make it impractical though.
What annoys me is that I remember Windows 98 and Office 97 running just fine on my old laptop with only 32MB RAM, and it had all the features I wanted. But even with an upgrade to 128MB RAM the laptop is slowed to near uselessness even by Xubuntu. Fluxbox is fast enough so I know it's possible. But the integration and ease of use of fluxbox and the other lightweight window managers I've tried is far below Windows 98.
Still I think we would all be better off in the long run if we switched to Linux because of the freedom, versatility, customizability, fixability, and price. If the playing field between Linux and Windows were level, that is if we were free from the lockin of hardware and software compatibility, I think Linux is good enough it could win today. Linux is still a little harder to use than windows, but then there was a time when Windows beat out superior operating systems like OS2 and MacOS.
I think this is actually a feature rather than a bad thing. If your registrar lets your domain go then it will be picked up by a squatter. Then if you want it back the squatter will put it up for auction and/or extort you for as much as they think they can. Just a couple weeks ago I forgot about an old domain that wasn't very important to me and I accidentally let it expire for about two weeks. When I realized it Godaddy let me reregister it for no extra charge above the usual registration fee. After a certain period Godaddy has to pay out of their own pocket to hold onto your domain. They have to recover their costs from the few people who want their domain back since they can't get anything from the people who don't want them anymore.
If your domain has any value to anyone else though you'll probably be out of luck anyway, because I think Godaddy puts your domain up for auction after it's been expired for more than 75days. This sounds nasty but if Godaddy didn't do it it would be immediately snatched up by other even nastier auction places anyhow, so Godaddy might as well make the profits themselves.
I also wonder if this is bogus. If it's true, why be anonymous since the former employer will instantly know who you are anyway. On the other hand if this is bogus you'd need to be anonymous so they couldn't sue you for libel.
It seems to me a simpler solution is just to get the ISPs to stop permitting spam and zombies. I think they could do it easily but don't do it now for fear of loosing customers (both clueless zombie owners and spammers). Perhaps an organization could be formed to boycott ISPs that don't shut down zombies. Perhaps a class action lawsuit could be filed on behalf of all the people who had to waste money on antispam software because the ISPs don't shut down the zombies which are engaging in illegal activities in plain sight of the ISPs. Perhaps a law could be passed to force ISPs to shut them down.
When spam from the US plummets to tiny levels, all other countries would probably follow, either enthusiastically or reluctantly.
The trick is that the sensor that measures the start and the sensor that measures the end of the pulse aren't really measuring the same thing.
I meant to say:
The trick is that the timing sensor at the entrance of the test chamber isn't measuring the same thing as the timing sensor at the exit of the test chamber.
For example say I generate a one second pulse with my flashlight by pushing the switch on and then turning it off one second later. Since the distance from the filament in the flashlight bulb to the front of my flashlight is about 1cm it therefore took the light pulse from my flashlight one second to traverse the 1cm distance. That's a very slow light pulse. What a breakthrough I've made. NOT.
Of course they're a lot trickier about it with these experiments. Maybe they send the waves through substances with nonlinear transmittance characteristics or other tricks to get complicated interference patters and such, which make their pulse dectectors trip at the wrong time. What's mind boggling is that they manage to trick reputable journals into publishing this garbage.
Just yesterday I read about a funny experiment that demonstrates the absurdity of these experiments. They used similar tricks to make sound travel faster than light. Indeed they could make the sound travel at any speed they wanted. They could even make the pulse exit before it was detected entering.
http://www.physorg.com/news88249076.html