> why focus on the ones that are a common issue for every physical or digital object in existence?
Perhaps because there ARE things you can do to enhance security, that aren't currently being done? You get bonus points if the security steps are different but analogous.
He could fund his efforts with the recovery of cargo containers! It's gotta be easier to stumble over some of those than a body dumped at some mostly-unknown location.
One thing you might (or might not) have missed: character compression.
with 62 characters, you can compress each character into 6 significant bits (losing a couple), allowing you 62^10 combinations in a 64 bit key.
But both your 93^8 password and my 62^10 character password demand that those characters (and character spaces) be used. Some day, some day.
On Unicode, I would be surprised if Japanese phones and game consoles etc didn't have some version of the windows IME to allow kanji to be entered. But as you point out, any means that allows simple/trivial/guessable entry of passwords/gestures/ID also reduces the space a brute force attack has to cover.
pow(62, n) to pow(71, n) or pow(62, n) to pow(62, n+1)
I suspect the answer is "n to n+1". To which the only limit is password size.
If you're arguing about "these keys are not common in passwords" as security, aren't you arguing "security by obscurity"... and if you succeed in convincing folks to use non-alphanumerics, aren't you eroding that very obscurity?
You might as well say "they don't let me type in Unicode values that aren't in the standard alphabet". Anyone got stats for cracking the unicode character space? Is there any particular reason it would be more or less secure than using just alphanumerics, for any given key size?
> on the other hand, she was so opposed to charity to a ridiculous degree... but only philosophically. She was entirely 'rational' about exploiting the weakness of others who created that social safety net that is Medicare and Social Security.
That is, she was against GIVING charity, but not about to pass up TAKING charity.
Knew someone who did that once. Aligned himself, he did. Found it harder walking east-west than north south. But that was okay, he was a snowbird by inclination.
He's dead now, but he still helps us out: We fitted him up with a couple of coils and he's generating power for us. Spinning in his grave, of course....
That's okay. I'm still working my way through Robert Jordan's Wheel of Time series myself. But saying you'll never be able to get to those others... isn't that a bit hysterical? Sure, you may only be on the seventh book of the series, but the author died, there is light at the end of the tunnel!
This does not mean that what it does is "legal", either by international standards or even the laws of the nation itself. It just means that the government has the power to avoid the laws.
> You can secure a computer all you want, it's very difficult to keep most people from clicking the latest joke link and falling for any one of the thousands of ads they'll see in a 5 minute time period. The only perfect solution, is to not let them on the computer at all.
The thing you don't point out is, it doesn't take an ignoramus to fall prey to these vulnerabilities. Quite intelligent, well informed people are subject to the same problem.
This includes people who use computers for a living.... and includes those who secure, maintain, and repair computers. And those who post on slashdot about how secure their computers are.
The advantage these professionals have is that they can secure their computers better, and recognize problems faster. (Too bad that computers are faster still, but they would not be useful if they were slower.)
Federal appropriation for the Corporation for Public Broadcasting for 2011: $430 Million
Proposed TSA body scanners: $76 Million
Budget difference resulting in a threatened government shutdown: $38 Million
Attention put on a line-item of the budget is not proportional to that line-item's actual value.
And there is a paradox that Clinton kinda points out: you can't fund such an organization with government funds because the Congress or the White House could defund it if it started pointing out things that were inconvenient. Or if they wanted to point to a budget "win". Or if they forgot why they funded it to begin with.
And if you can't do that, how is it a government body? How does it differ from factcheck or politifact?
> a debt-based life-cycle... as opposed to previous "intrinsic value"-based life-cycle monetary systems? How do barter systems that use tokens of value fit into your theories?
How do you differentiate the inflation of a "debt-based currency", either paper inflation or hard-asset inflation, from the inflation of the entirely speculated value of bitcoin valuation? How is a bitcoin bubble different from a housing bubble?
Not trolling for reaction here. You profess an education in economics and accounting, so I'm 'trolling' for answers, if I can get them.
Reminds me of the punch line from an anecdote my father told me... - Turning one screw one quarter turn to fix your problem: 25 cents. - Knowing which screw to turn, in what direction, and why that would fix the problem: 2,000 dollars.
"Pressing the right buttons" is not hard, you say.
The first brilliant thing is that he was familiar with the field at all. How many 16 year olds worldwide does that cover? And at what point is your typical chemistry student using software of that nature, on hardware of that type?
The second, that he knew who to talk to to gain access to the required software (and hardware) to do the computational study.
And the third, that he had particular, positive results to point to.
I appreciate your insight, that he *might* not have been the first to determine the cooperative nature of the compounds in question. But your comment seems overly belittling in my opinion. He "only" repeated, on his own initiative, what an entire lab may have done previously.
The shark who ate him, however, didn't win. After having its dorsal fin cut off for someone's soup, it lived for a short time until being lased by a weaponized Orca.
Somewhere out there, there is laughter coming from the belly of one of Shamu's kin, as an indigestible ghost continues to... pass.
Slashdot Mirror
You are speaking of The 2003 Extradition Act?
> why focus on the ones that are a common issue for every physical or digital object in existence?
Perhaps because there ARE things you can do to enhance security, that aren't currently being done? You get bonus points if the security steps are different but analogous.
He could fund his efforts with the recovery of cargo containers! It's gotta be easier to stumble over some of those than a body dumped at some mostly-unknown location.
So I should download the Krill anti-malware suite?
Should I be watching out for Baleen?
One thing you might (or might not) have missed: character compression.
with 62 characters, you can compress each character into 6 significant bits (losing a couple), allowing you 62^10 combinations in a 64 bit key.
But both your 93^8 password and my 62^10 character password demand that those characters (and character spaces) be used. Some day, some day.
On Unicode, I would be surprised if Japanese phones and game consoles etc didn't have some version of the windows IME to allow kanji to be entered. But as you point out, any means that allows simple/trivial/guessable entry of passwords/gestures/ID also reduces the space a brute force attack has to cover.
One thing puzzles me...
Password security is rated on difficulty, sure. But once you eliminate the dictionary search, you're down to brute force testing each key in turn.
[a-z][A-Z][0-9] = 62 values
[a-z][A-Z][0-9][~!#$%^&*(] = 71 values
So which of these increase the keyspace better...
pow(62, n) to pow(71, n)
or pow(62, n) to pow(62, n+1)
I suspect the answer is "n to n+1". To which the only limit is password size.
If you're arguing about "these keys are not common in passwords" as security, aren't you arguing "security by obscurity" ... and if you succeed in convincing folks to use non-alphanumerics, aren't you eroding that very obscurity?
You might as well say "they don't let me type in Unicode values that aren't in the standard alphabet". Anyone got stats for cracking the unicode character space? Is there any particular reason it would be more or less secure than using just alphanumerics, for any given key size?
You need the Mega Facepalm!
> And confined to a small segment of the population.
Are you talking about the victims or the perpetrators?
Actually, there should have been 12, but it lactate...
> on the other hand, she was so opposed to charity to a ridiculous degree. .. but only philosophically. She was entirely 'rational' about exploiting the weakness of others who created that social safety net that is Medicare and Social Security.
That is, she was against GIVING charity, but not about to pass up TAKING charity.
Knew someone who did that once. Aligned himself, he did. Found it harder walking east-west than north south. But that was okay, he was a snowbird by inclination.
He's dead now, but he still helps us out: We fitted him up with a couple of coils and he's generating power for us. Spinning in his grave, of course....
That's okay. I'm still working my way through Robert Jordan's Wheel of Time series myself. But saying you'll never be able to get to those others... isn't that a bit hysterical? Sure, you may only be on the seventh book of the series, but the author died, there is light at the end of the tunnel!
Some of those things out of print would be political or social commentary, and reports on government actions, as well as technical materials.
Not everything out of print is "entertainment".
So, something like IranOS, Windows for Mullahs, Persia120 (like Xbox360, but with a smaller angle and the novel new BLACK ring of death)?
Or perhaps a custom version of Linux called Red Turban? (China already has Red Flag Linux, so there's precedent...)
I disagree.
Like the US, China has laws that affect even the government.
Unlike the US, China has proven willing to actively harass people (including lawyers) who attempt to enforce particular of those laws.
The US, on the other hand, adopts a more defensive strategy: Sovereign Immunity, State secrets privilege and the occasional Selective enforcement incident.
This does not mean that what it does is "legal", either by international standards or even the laws of the nation itself. It just means that the government has the power to avoid the laws.
The GP might have a point: The permission is based on the user, not on the device. A thief might *conceivably* have a case on the privacy issue.
Whether that would interfere with his arraignment on theft is another matter, though.
> You can secure a computer all you want, it's very difficult to keep most people from clicking the latest joke link and falling for any one of the thousands of ads they'll see in a 5 minute time period. The only perfect solution, is to not let them on the computer at all.
The thing you don't point out is, it doesn't take an ignoramus to fall prey to these vulnerabilities. Quite intelligent, well informed people are subject to the same problem.
This includes people who use computers for a living. ... and includes those who secure, maintain, and repair computers. And those who post on slashdot about how secure their computers are.
The advantage these professionals have is that they can secure their computers better, and recognize problems faster. (Too bad that computers are faster still, but they would not be useful if they were slower.)
I don't speak iptables parameter. So perhaps I missed something in your method.
How do you prevent a distributed brute-force attack (1 attempt per zombie) while simultaneously preventing said attack to become a defacto DDOS?
If you're worried about the infrared radiation, perhaps this would be a bad time to mention that they've been ingesting Carbon-14 as well....
Oil industry subsidies: $4 Billion
Federal appropriation for the Corporation for Public Broadcasting for 2011: $430 Million
Proposed TSA body scanners: $76 Million
Budget difference resulting in a threatened government shutdown: $38 Million
Attention put on a line-item of the budget is not proportional to that line-item's actual value.
And there is a paradox that Clinton kinda points out: you can't fund such an organization with government funds because the Congress or the White House could defund it if it started pointing out things that were inconvenient. Or if they wanted to point to a budget "win". Or if they forgot why they funded it to begin with.
And if you can't do that, how is it a government body? How does it differ from factcheck or politifact?
> a debt-based life-cycle ... as opposed to previous "intrinsic value"-based life-cycle monetary systems? How do barter systems that use tokens of value fit into your theories?
How do you differentiate the inflation of a "debt-based currency", either paper inflation or hard-asset inflation, from the inflation of the entirely speculated value of bitcoin valuation? How is a bitcoin bubble different from a housing bubble?
Not trolling for reaction here. You profess an education in economics and accounting, so I'm 'trolling' for answers, if I can get them.
As you wish...
Bitcoin is like driving an unarmed M1 Abrams in rush hour traffic. The police want to pull you over, sure, but they have no practical way of doing so.
So they wait for you to get out of the tank, and THEN arrest you.
Reminds me of the punch line from an anecdote my father told me...
- Turning one screw one quarter turn to fix your problem: 25 cents.
- Knowing which screw to turn, in what direction, and why that would fix the problem: 2,000 dollars.
"Pressing the right buttons" is not hard, you say.
The first brilliant thing is that he was familiar with the field at all. How many 16 year olds worldwide does that cover? And at what point is your typical chemistry student using software of that nature, on hardware of that type?
The second, that he knew who to talk to to gain access to the required software (and hardware) to do the computational study.
And the third, that he had particular, positive results to point to.
I appreciate your insight, that he *might* not have been the first to determine the cooperative nature of the compounds in question. But your comment seems overly belittling in my opinion. He "only" repeated, on his own initiative, what an entire lab may have done previously.
The shark who ate him, however, didn't win. After having its dorsal fin cut off for someone's soup, it lived for a short time until being lased by a weaponized Orca.
Somewhere out there, there is laughter coming from the belly of one of Shamu's kin, as an indigestible ghost continues to ... pass.
Humans are always going to be the weak link. Cause too many alerts, get the operator to shut that alert mechanism down, and hey, presto!
UAC window, anyone?