On a recent flight, I heard an older man talk to the woman he was sitting next to about this same issue.
Hearing aids tend to be classified as DME (durable medical equipment). Medical equipment has a higher support cost than netbooks, and the insurance companies are happy to pay. The cost of entry in the DME market is much higher the netbook market.
Although there is a huge market for the product, the liabilities involved in selling these products significantly raises the risk, and therefore the price, in such products.
It's worth looking at how a Ubisoft rep
replies to a post that gives users information on how to use the now-broken service:
Please do not post about illegal activities and or downloads.
The response summarizes the situation appropriately:
WTF I posted a link to google that shows how to play since UBIcraps servers are down and you call it ILLEGAL activities? RAbble rabble!
I will never buy another ubisoft product and I advise you to do the same!
It might not be the cheapest option, but with Amazon's AWS, you can snail mail them a copy of the drive with the data and they're store it in S3 storage buckets.
I think people are upset because this accord is being hammered out in secret behind closed doors, and citizens of the affected countries are only aware of progress on the treaty through leaks.
There's a correct way to "come to grips" with these problems, and that way is by discussing these issues in the open, and allowing for review and comment on what's going on.
I don't think there's much chance of changing the American negotiators views on this, but I'm still going to contact my representatives in Congress. Nothing will likely come out of it.
If you are a/.er in a more reasonable country, say New Zealand or Canada, I beg you to contact your MPs and demand transparency in this process. We shouldn't have to find out about the progress of negotiations through leaks.
Here's another data point for a random end-user:
I've used Google Voice to the tune of approximately 1200 minutes per month for the last four months and haven't experienced service issues with receiving calls or placing calls. I've made very few international calls, however.
The Cisco ASA 5505 is a good choice, but prepared for a bit of a learning curve. For ASA 8.2, the command reference guide weighs in a 3534 pages. If the command-line scares you away, the integrated web management (ASDM) works well for what it is. The 5505 has no fan, provides an 8 port switch (including 2 PoE ports), and is probably slightly greener than an old box running Linux.
Because the package management system runs as root, may install setuid files, or system daemons which contain vulnerable code; an unprivileged user cannot normally do this.
Sure - only signed packages can be installed - but signing a package won't make those pesky buffer overflow vulnerabilities go away.
Certainly there can't be a problem here, says the Fedora team.
According to the release notes, there are 15,000 packages which can be installed by these unprivileged users. That's a lot of fscking code -- surely some of it is poorly written. Consider this scenario:
Package X suffers a critical {local, remote} root vulnerability. If the vulnerability isn't public, any local user (and maybe remote ones too!) has root. If the vulnerability is public, there is often a long window between downstream fixes and Fedora fixes. In either case, this is a security issue.
The Fedora team really should have put this in the release notes and reconsider this implementation in the first place.
From the court documents linked in the article:
Joseph K. Rensin is the sole owner and shareholder of BlueHippo Funding, LLC. FTC 26. Mr. Rensin acted as Chief Executive Officer of BlueHippo from its inception in 2003 until July 20, 2009. See FTC 28 at 7-8; FTC 22G at 3. As CEO, BlueHippo's corporate officers, including the Chief Marketing Officer, reported directly to Mr. Rensin. FTC 28 at 20-22. In addition, Mr. Rensin was involved in BlueHippo's day-to-day operations, "manag[ing] the overall structure and direction of the business" and "overseeing the senior management team in formulating strategy." Id. at 22; FTC 22G at 3.
Great paper.
Cisco is also nice enough to write up about their "Lawful" Intercept products. For example, in Configuring Lawful Intercept Support, they kindly warn the end-user that "To maintain VXSM performance, lawful intercept is limited to no more than 60 active calls." Thanks for the suggestion!
This paragraph from the article is probably the most interesting point:
"Another item of great importance is a security clearance to do the work. This is where you will get only one brand of thinking; DoD or DoE clearance. This will prohibit the security "black hat" types from ever being involved in the project without coming from the DoD or Energy."
This will limit the pool of resources to such an extent to make the project worthless.
Maybe I've been smoking crack, but I find the resources on MSDN to be more than adequate, if you can find the proper one. The shortcomings of MSDN tend to relate to search and relevance IMO, but the information is out there.
Slashdot Mirror
Tor has changed since you read last... "Bridges" were added to Tor and are not listed in any central directory.
Tor bridges
Use rewrite rules to do a 301 redirect to goatse.cx when the host is api.netflix.com!
I highly recommend you read the announcing security vulnerabilities section of Producing Open Source Software book. You'll probably want to read the whole thing, however!
The linked article is next to worthless. The real details are in this blog post.
On a recent flight, I heard an older man talk to the woman he was sitting next to about this same issue.
Hearing aids tend to be classified as DME (durable medical equipment). Medical equipment has a higher support cost than netbooks, and the insurance companies are happy to pay. The cost of entry in the DME market is much higher the netbook market.
Although there is a huge market for the product, the liabilities involved in selling these products significantly raises the risk, and therefore the price, in such products.
Please do not post about illegal activities and or downloads.
The response summarizes the situation appropriately:
WTF I posted a link to google that shows how to play since UBIcraps servers are down and you call it ILLEGAL activities? RAbble rabble! I will never buy another ubisoft product and I advise you to do the same!
It might not be the cheapest option, but with Amazon's AWS, you can snail mail them a copy of the drive with the data and they're store it in S3 storage buckets.
You don't have to "trust" their browser at all.
The source code for Chrome is freely available. If you find any features that are unfriendly towards privacy, you're free to modify the source.
I think people are upset because this accord is being hammered out in secret behind closed doors, and citizens of the affected countries are only aware of progress on the treaty through leaks.
There's a correct way to "come to grips" with these problems, and that way is by discussing these issues in the open, and allowing for review and comment on what's going on.
I don't think there's much chance of changing the American negotiators views on this, but I'm still going to contact my representatives in Congress. Nothing will likely come out of it. If you are a /.er in a more reasonable country, say New Zealand or Canada, I beg you to contact your MPs and demand transparency in this process. We shouldn't have to find out about the progress of negotiations through leaks.
Opera trusts CNNIC also.
Not always the case anymore. Web browsers and servers have implemented persistent connections (keep-alive) for a while. It's in the RFC.
Article is behind a paywall. Search for it with Google News, and the WSJ will let you read it all.
It would just go over the air as data. For example, 1500 minutes of G729a voice uses (4.12kB/s * 60 seconds * 1500 minutes) = 370 MB
The question is what kind deal Google could cut with the carriers to provide nothing more than 370MB a month of data transit.
Here's another data point for a random end-user: I've used Google Voice to the tune of approximately 1200 minutes per month for the last four months and haven't experienced service issues with receiving calls or placing calls. I've made very few international calls, however.
The Cisco ASA 5505 is a good choice, but prepared for a bit of a learning curve. For ASA 8.2, the command reference guide weighs in a 3534 pages. If the command-line scares you away, the integrated web management (ASDM) works well for what it is. The 5505 has no fan, provides an 8 port switch (including 2 PoE ports), and is probably slightly greener than an old box running Linux.
Because the package management system runs as root, may install setuid files, or system daemons which contain vulnerable code; an unprivileged user cannot normally do this.
Sure - only signed packages can be installed - but signing a package won't make those pesky buffer overflow vulnerabilities go away.
Certainly there can't be a problem here, says the Fedora team. According to the release notes, there are 15,000 packages which can be installed by these unprivileged users. That's a lot of fscking code -- surely some of it is poorly written. Consider this scenario: Package X suffers a critical {local, remote} root vulnerability. If the vulnerability isn't public, any local user (and maybe remote ones too!) has root. If the vulnerability is public, there is often a long window between downstream fixes and Fedora fixes. In either case, this is a security issue. The Fedora team really should have put this in the release notes and reconsider this implementation in the first place.
From the court documents linked in the article: Joseph K. Rensin is the sole owner and shareholder of BlueHippo Funding, LLC. FTC 26. Mr. Rensin acted as Chief Executive Officer of BlueHippo from its inception in 2003 until July 20, 2009. See FTC 28 at 7-8; FTC 22G at 3. As CEO, BlueHippo's corporate officers, including the Chief Marketing Officer, reported directly to Mr. Rensin. FTC 28 at 20-22. In addition, Mr. Rensin was involved in BlueHippo's day-to-day operations, "manag[ing] the overall structure and direction of the business" and "overseeing the senior management team in formulating strategy." Id. at 22; FTC 22G at 3.
Great paper. Cisco is also nice enough to write up about their "Lawful" Intercept products. For example, in Configuring Lawful Intercept Support, they kindly warn the end-user that "To maintain VXSM performance, lawful intercept is limited to no more than 60 active calls." Thanks for the suggestion!
This paragraph from the article is probably the most interesting point:
"Another item of great importance is a security clearance to do the work. This is where you will get only one brand of thinking; DoD or DoE clearance. This will prohibit the security "black hat" types from ever being involved in the project without coming from the DoD or Energy."
This will limit the pool of resources to such an extent to make the project worthless.
I wouldn't recommend Websense to anyone. They have a long history of stealth web robots which intentionally disobey the robots.txt standard.
Maybe I've been smoking crack, but I find the resources on MSDN to be more than adequate, if you can find the proper one. The shortcomings of MSDN tend to relate to search and relevance IMO, but the information is out there.
You must be new here. You expect us to read an article before bashing Microsoft?