Not even close. A single ATI HD4870X2 card has 2.4 TFLOPS or processing power: 2 (instr/clock with MAD) * 800 (Streaming Processors) * 750 (MHz) * 2 (GPUs) = 2.4 TFLOPS.
I am surprised no one mentioned by far the simplest and cheapest solution to render any data on a drive inaccessible: if it was encrypted in the first place, just drop or destroy the key. For exmaple, if a password was required to access the data nothing needs to be done as it is already inaccessible to adversaries; or if the key to encrypt a hard drive was stored on a USB thumbdrive, just destroy the thumbdrive.
The incrementing number you are referring to is the revision number, which is just an alias for the SHA1-based revision ID. It is unique to each repo (so can get "out of sync" as you say) and exists merely for convenience for the developer working with a given repo.
In 1995, Ulf Michael Widenius and David Axmark started writing an open-source database for their own needs. In 2008 Sun buys MySQL for $1B. Isn't that one of the greatest open-source achievement ?
About to blow up ? Naaah. Don't believe them.
Urgent: sell 2-story home, 4 BR, 2 BA, on 25000 sq. ft property. Located in beautiful Wyoming next to Yellowstone National Park. Grab it while possible !
Well an upgrade would require end-user browser changes: MD5-based CA certs need to be removed from their trusted CA list.
Let me reword that: certs of CAs still using MD5 to sign web site certs need to be removed from the browsers' trusted CA list (because even CA certs signed with SHA-1 can be exploited if they issue MD5-based web site certs).
MD5 has to go. The PKI infrastructure already supports SHA-2, which is considered better; MD5 is only there for legacy certs. So an upgrade doesn't require end-user browser changes; it can all be done by CAs and web sites.
Well an upgrade would require end-user browser changes: MD5-based CA certs need to be removed from their trusted CA list.
The PDF file seems interesting at first but many pages are [CENSORED]
and even [CENSORED] which leads me to doubt of the usefulness of [CENSORED]
notwhistanding [CENSORED]. Does anyone [CENSORED]. Or [CENSORED] ?
I'd venture, without doing any kind of extensive research into this, that something else might happened in the capital markets in 2008.
What do you mean ? What's happening ? And what's up with these stories of people being foreclosed ? Why don't they just do like me ? Living under a cheap, not expensive, rock.
Reporter: The magma volume in Montserrat eruptions is much larger than anyone would estimate and... oh! look at that burst of lava ! I have never seen anyth- OMG I FEEL THE EARTH RUMBLIN- Studio anchor:... Charles ? Do you hear me ? *turning to his co-anchor* Is he still with us ?
Backdooring something like the Linux Kernel via traditional means (by attempting to submit malicious patches) would be much, much harder than you think. I mean just read the LKML to understand how thorough the review process is: the owner of the code scrutinizes your patch line by line, suggests improvements, even catches coding style errors, etc. Maintainers are especially cautious about code that comes from unknown developers.
Regarding your comment about hacking servers holding the source code, this would also very likely get caught really quickly, because of the very nature of version control systems whose only purpose is to track changes. As a matter of fact in 2003, a CVS mirror (not the primary repository) of the kernel source tree was successfully hacked and a backdoor was inserted in the code, but the problem got identified and fixed in less than 24 hours
So, do you trust a development model where malicious code is caught in 24h, or a dev model where backdoors can exist for 7 years ? The answer is obvious to me:)
Linux has had a full-featured 64-bit Java plugin that even includes LiveConnect support for at least months via IcedTea, a special build by Red Hat of the official OpenJDK source tree. For example Ubuntu 8.10 ships this 64-bit plugin as the icedtea6-plugin package, which I have been using for the past 2 months. And, no, I am not talking about the GCJ or Blackdown Java implementations which are significantly more buggy or incomplete (lacks LiveConnect support).
What is new today is that Sun just released a development build of Java 6u12, build b02, which includes the 64-bit plugin. However technically we still have to wait for a couple months before 6u12 is officially released. But again you can already get a 64-bit plugin based on essentially the same source tree via IcedTea.
Geek girl. Plugging things into other things. Laptop running Hardy Hardon^H^H^H^HHeron.
Just wait for the torrent of +5, Funny jokes about to get posted...
One potential flaw I just noticed in the way BD+ uses RSA is that they use the public exponent e = 3. This low value is known to open up multiple theoretical attacks as described in section 4 of this paper. Too lazy to register a Doom9 account to post that info on their forums...
That's right. Nehalem requires new chipsets, new sockets, hence new motherboards, *and* new memory (more expensive DDR3 replacing DDR2). As opposed to Shanghai that can just be dropped into any 2-year old socket F motherboard. While Intel had no choice and had to do these architectural changes, this is a factor that is going to hamper the rate of adoption of Nehalem.
Slashdot Mirror
Not even close. A single ATI HD4870X2 card has 2.4 TFLOPS or processing power: 2 (instr/clock with MAD) * 800 (Streaming Processors) * 750 (MHz) * 2 (GPUs) = 2.4 TFLOPS.
I am surprised no one mentioned by far the simplest and cheapest solution to render any data on a drive inaccessible: if it was encrypted in the first place, just drop or destroy the key. For exmaple, if a password was required to access the data nothing needs to be done as it is already inaccessible to adversaries; or if the key to encrypt a hard drive was stored on a USB thumbdrive, just destroy the thumbdrive.
The incrementing number you are referring to is the revision number, which is just an alias for the SHA1-based revision ID. It is unique to each repo (so can get "out of sync" as you say) and exists merely for convenience for the developer working with a given repo.
Not true. Use "hg strip" (mq extension) to remove a branch.
Just like Mercurial. Actually all DVCS compute the hash of (parent revs + new content) to generate the child revision identifier.
In 1995, Ulf Michael Widenius and David Axmark started writing an open-source database for their own needs. In 2008 Sun buys MySQL for $1B. Isn't that one of the greatest open-source achievement ?
The E segment of the last digit of the year failed at exactly midnight !!
I always thought <3 was a kiss. Gahhh ! Why do I always misunderstand emoticons ?
I always thought 3 was a kiss. Gahhh ! Why do I always misunderstand emoticons ?
(.Y.)
Sexier ) (
( y )
About to blow up ? Naaah. Don't believe them.
Urgent: sell 2-story home, 4 BR, 2 BA, on 25000 sq. ft property. Located in beautiful Wyoming next to Yellowstone National Park. Grab it while possible !
Let me reword that: certs of CAs still using MD5 to sign web site certs need to be removed from the browsers' trusted CA list (because even CA certs signed with SHA-1 can be exploited if they issue MD5-based web site certs).
Well an upgrade would require end-user browser changes: MD5-based CA certs need to be removed from their trusted CA list.
The PDF file seems interesting at first but many pages are [CENSORED] and even [CENSORED] which leads me to doubt of the usefulness of [CENSORED] notwhistanding [CENSORED]. Does anyone [CENSORED]. Or [CENSORED] ?
What do you mean ? What's happening ? And what's up with these stories of people being foreclosed ? Why don't they just do like me ? Living under a cheap, not expensive, rock.
Reporter: The magma volume in Montserrat eruptions is much larger than anyone would estimate and... oh! look at that burst of lava ! I have never seen anyth- OMG I FEEL THE EARTH RUMBLIN- ... Charles ? Do you hear me ? *turning to his co-anchor* Is he still with us ?
Studio anchor:
I heard Tony Stark was able to build one in a cave. With a box of scraps.
Backdooring something like the Linux Kernel via traditional means (by attempting to submit malicious patches) would be much, much harder than you think. I mean just read the LKML to understand how thorough the review process is: the owner of the code scrutinizes your patch line by line, suggests improvements, even catches coding style errors, etc. Maintainers are especially cautious about code that comes from unknown developers.
Regarding your comment about hacking servers holding the source code, this would also very likely get caught really quickly, because of the very nature of version control systems whose only purpose is to track changes. As a matter of fact in 2003, a CVS mirror (not the primary repository) of the kernel source tree was successfully hacked and a backdoor was inserted in the code, but the problem got identified and fixed in less than 24 hours
With proprietary software there is only a restricted number of people who review code, typically only a very specific dev/QA team employed by the software vendor. I would even argue that because of the implicit trust between these employees, reviews tend to be shallower. Two examples to prove my point: in 2001 it was discovered that a back door password has been hidden in Borland/Inprise's popular Interbase database software for at least seven years. In June 2008 it was discovered by a security researcher that for multiple years all versions of Windows have been intentionally using a lower-quality cryptographic function for Protected Storage when the locale was set to French.
So, do you trust a development model where malicious code is caught in 24h, or a dev model where backdoors can exist for 7 years ? The answer is obvious to me :)
I mean who in a sane mind would want windows on a submarine ? It's not like there is anything interesting to see in the darkness of the depths.
I just tested this one.
Linux has had a full-featured 64-bit Java plugin that even includes LiveConnect support for at least months via IcedTea, a special build by Red Hat of the official OpenJDK source tree. For example Ubuntu 8.10 ships this 64-bit plugin as the icedtea6-plugin package, which I have been using for the past 2 months. And, no, I am not talking about the GCJ or Blackdown Java implementations which are significantly more buggy or incomplete (lacks LiveConnect support).
What is new today is that Sun just released a development build of Java 6u12, build b02, which includes the 64-bit plugin. However technically we still have to wait for a couple months before 6u12 is officially released. But again you can already get a 64-bit plugin based on essentially the same source tree via IcedTea.
Geek girl. Plugging things into other things. Laptop running Hardy Hardon^H^H^H^HHeron.
Just wait for the torrent of +5, Funny jokes about to get posted...
One potential flaw I just noticed in the way BD+ uses RSA is that they use the public exponent e = 3. This low value is known to open up multiple theoretical attacks as described in section 4 of this paper. Too lazy to register a Doom9 account to post that info on their forums...
More details about the prototype of an existing voice-powered telephone system: http://en.wikipedia.org/wiki/Tin_can_telephone
That's right. Nehalem requires new chipsets, new sockets, hence new motherboards, *and* new memory (more expensive DDR3 replacing DDR2). As opposed to Shanghai that can just be dropped into any 2-year old socket F motherboard. While Intel had no choice and had to do these architectural changes, this is a factor that is going to hamper the rate of adoption of Nehalem.