My problem with such hasher is that, I did not write it. I am not trusting all my passwords to some binary blob. How do I know the add-on/extension/app is not phoning home all my passwords to some chinese hackers? That is why I use my own brain to do the hashing and salting. I am not so paranoid about passwords to minor accounts like slashot or app dev. Even medium level accounts like amazon or gmail is ok. But each my bank/brokerage account gets a personalized password that is not written down, not generated by an app, extension or add-on, not saved by the browser. Unless I can avoid it, I log into these accounts from exactly two computers. One from work (out of the four I use at work) and one from home (out of the seven internet devices at home network).
The user has n interest to make sure that if one site he/she logs into gets hacked, the damage does not spill over into other websites. The websites have a completely different cost/benefit scenario. Security is seen s cost. Do the minimum required to identify the users, remember their settings/preferences, give users some vague sense of security. That is all the web sites are going to do. Unless the user demands better security they wont provide it. You think there will be enough users demanding more secure sites in this day and age? Most users dont even seem to know that there is something called security and privacy. No there is no incentive for the sites to provide any more security. Costs money, reduces user "experience".
So if you care about security, first take steps to make sure you can prevent spill over from one hacked site to other user accounts you have on other sites. Then evangelize about the need for better security, At some point even the twitter using teen might actually "get" it.
1. It is in the best interests of the users to use different passwords for different sites. Simplest thing to do is to use a 8 char string as the base password and append, prepend or insert a three char string based on the web site name into it. Each site has its own password, but it would not be easy to use a compromised password at other sites. It is in the best interests of the users to do it. For sites security is just cost, they do the minimum. Rotate the base password once a year or so.
2. We should ask the more important accounts like brokerage, mutual fund, bank accounts to use a two factor authentication system. But I don't want to juggle too many RSA key fobs. I like google sending a six digit code to the designated cell phone. Google also lets you set up 10 one time pad numbers ahead of time to handle the case when the cell phone cant get texts. As a first step if they would just send me text or an email for each login event and each transaction that would reduce fraud.
3. What really bugs me is, in this day and age of social network where people are posting details of their breakfast lunch and dinner for the whole world to see, even banks use "maiden name of mother" "name of your pet" or "where you went for honeymoon" to reset passwords. That is insane. So I used to give non intuitive answers like "nissan sentra" as the mothers maiden name. But it is so difficult to remember what stupid answer I gave to which site. That is my biggest beef with these security questions.
4. No I did not switch my username and password edit boxes when I signed up for slashdot. Friends recognize the dorm addresses, rest of alumna recognize the dorm names.
We did. Mostly because we are, essentially speaking, a big evolutionary mistake. We can't run fast, we're not strong, we can't hide easily, we have no fur or feathers to keep us warm (which means we have to burn a LOT of calories just to heat up the air around us in cold periods!
No, evolution does not make mistakes. Because evolution does not have a goal, does not have place to reach. When there is no right way for it to work, there can not be a wrong way. So by its very nature what evolution does can not be called right or wrong.
We have not been leopard food for at least the last 15 million years. What is the proof? None of the greater apes have a life span less than 30 years. Animals that can die for no fault of them, purely due to chance, no matter how good they are in whatever survival strategy they follow die young. Insects, mice, most prey animals. Even predators that use the high risk chases die of accidents. Their life span is limited. Species that have control of their life, slow down. Elephants, rhinoceri, hippopotamus, great aps, larger birds, they have no predators, that is how they live that long. So we have been at the top of the food chain for at least 15 million years, since the great ape lines branched off from rest of the primates. Did you know all living things have exactly the same length of life in terms of heart beats. All animals get about 2 billion heartbeats of life.
What an executive of my pillow with a personal credit card with a credit limit higher than 125K paid it to some vendor of my pillow. Acting as the official of the company he offered to pay 125k in company check but the vendor refused to take a check. Even if he gave the vendor money from his creditcard, he should have issued that 125 k check from the company and deposited it into his account. But for some reason he did not. How did this chump get a card with higher than 125 k limit I cant understand. Fools and money are easily parted and fools and he should been taken to the cleaners much earlier.
I am surprised you got the spreadsheet scandal via Colbert. It has been making news for quite some time. There was an NPR report, one BBC report etc. So please do not assume I am getting all my news from Colbert.
Further, very surprisingly, Stewart and Colbert seem to care for accuracy, despite being a comedy show. Being comedians they are able to laugh off their mistakes on air and apologize by making fun of themselves. But still, they do that when they make a mistake. The one I remember recently is Stewart making up a funny dickish name connected with civil rights, and it turned out to be a real name. The on air apology from him made me wonder, why isn't he called the newsman and the others jokers.
What part of pay all remaining installmenst before you leave he does not get? May be he is in the pocket of AT&T and Verizon who just want to some FUD.
Its students are cheating. Its professors are either too dumb to use the spreadsheet correctly or so corrupt they cook up data to be shills for austerity mongers. And they cut real research centers to save money. They buy real estate in around Boston from companies going bankrupt and take off the tax rolls of local municipalities (look up the Aresenal area). I think Harvard's mission has become growing the endowments as much as possible while coasting on the goodwill created by earlier decades of solid academic work.
You are too subtle for your own good. You might have at least hinted something like,
"come on, it is a liver, not a deader, its no big deal keeping it alive".
I keep all my credit cards and smart chip embedded driving lincens in my hat. And my hat is actually a Faraday's cage constructed using a product from Reynolds. I understand the product is made by electrolysis of bauxite. So no one can read anything from it from a distance.
My wife's smart phone locked up and refused to respond to the power on button. Removed the battery, put it back, it worked. My daughter's iPod nano locks up on some corrupted mp3 files. Need to wait for the battery to fully drain and die to hard reboot.
The latest policy shift in T-mobile is: no contracts, transparent installment sales of phones, no nickel and diming on data. 500 MB high speed included. 10$ for another 2GB, another 10$ for "unlimited". At the end of quota, no over use fees, but just throttling of speed. Allows 500 MB of tethering. This should shake things up in a regular free market.
But I am not so sure. Verizon has a huge cash cow, in the form of FiOS. It can use that revenue stream to undercut t-mobile and try to kill it instead of competing with it on a level ground. AT&T has inertia and corporate support helping it. I just hope T-Mobile succeeds just to bring sanity to this market.
T-mobile got the best deal in the failed merger with AT&T. Apparently that contract gave T-mobile 2 billion dollars if the deal was rejected by the Govt, and more importantly bandwidth in the edge network for T-mobile in some 50 markets. If it plays this hand of cards well, things should shake up in the mobile market in USA.
VortexCortex, please sit down, as it might come as a shock to you. No matter what your GPS display shows, you are not the center of the world, and the world does not pivot around you when you make that right turn from Lincoln Ave to Water St. Your use case is so extreme, supporting your needs produces so little marginal revenue for so much of pain, they will happily ignore you. If your needs are met, it would be purely an unintended side benefit happening because of supporting some more mainstream use case.
. If that's how you're doing Agile, you're doing it wrong.
At this point Agile has assume mythical qualities. Any time anything fails to work as promised by Agile, the implementation gets the blame, not Agile. They keep parroting the same thing. "if it does not work, you are doing agile wrong". You could postulate an imaginary waterfall organization, staffed with mythical programmers who do waterfall right. Then I could also say, "if it does not work, you are not doing waterfall right".
We have agile. We have agile tools. We have vendors selling agile management tools to our company making oodles of money. And you ask the agile tool vendor to implement something, suddenly it is going to take 18 months and two release cycles. They are agile, they sell agile tools, they should know how to do agile, and I ask for something simple like, "I want to be able to add/delete people to the notification list of user stories. There is no need to assume, there is going to be only one customer proxy or just one person monitoring progress. So when will I be able to add a notification field and add email ids to it?" 18 months and two releases.
The defect reports come from the field via Siebel database, and some script converts it to rally. In the process it fumbles the name of the submitter and the stupid script becomes the submitter. There is no lookup table to go from Siebel ticket number of Rally defect number or vice versa. Hey, vaunted rally tool vendor, when can you fix it? 18 months and two releases. This is already 18 months and two releases gone, and there is no solution in sight.
Rally is snake oil. It promises to deliver skycastles to addled top management which thinks building software is like toasting bread in Quiznos or building a car in the assembly line.
There are problems with waterfall. There is an entirely different set of problems with agile and rally. Agile is not going to make your process more efficient, or your software higher quality.
Now is your time to come in and say, "Rally is not agile" "You are doing agile wrong" completely ignoring the point there is no documented case of agile working better than waterfall given the same resources and goals.
Even concentrating heat is not all that efficient. If you have two huge lakes with a 10 degree temp diff (one at 35 deg C and another at 25 deg C) you still can not even boil a liter of water, certainly not with 80% efficiency.
Simple fact. There is no heat engine that can convert heat to mechanical energy with 80% efficiency (with reasonable source/sink temperatures). They must be playing fast and loose with the definition of "usable energy".
Yes, wait till you get a real medical need. All the companies that are happily accepting your premia and "insuring" you will deny claims, make life miserable, bump you off, raise the rates, refuse to renew. All other companies will declare your condition pre-existing condition. You might as well save the hassle and go without insurance and put the premia in a separate account. At least you will be able to tap into the amount or premia you have paid.
If you know enough about virtual machines and provisioning, there is a good market for your skills. Install a good distro of linux, install a virtual machine server, provision a XP machine, using the old license. Set up proper firewall and a hardwired whitelist access hosts file. Make the old software work in new machine. Profit.
Thanks, I have a free key fob from ETrade. Let me check if schwab would accept it and if quicken would handle it right.
My problem with such hasher is that, I did not write it. I am not trusting all my passwords to some binary blob. How do I know the add-on/extension/app is not phoning home all my passwords to some chinese hackers? That is why I use my own brain to do the hashing and salting. I am not so paranoid about passwords to minor accounts like slashot or app dev. Even medium level accounts like amazon or gmail is ok. But each my bank/brokerage account gets a personalized password that is not written down, not generated by an app, extension or add-on, not saved by the browser. Unless I can avoid it, I log into these accounts from exactly two computers. One from work (out of the four I use at work) and one from home (out of the seven internet devices at home network).
So if you care about security, first take steps to make sure you can prevent spill over from one hacked site to other user accounts you have on other sites. Then evangelize about the need for better security, At some point even the twitter using teen might actually "get" it.
So what you want is a chrome book. It is already there. 199$. The price can down if there is an uptick in usage.
2. We should ask the more important accounts like brokerage, mutual fund, bank accounts to use a two factor authentication system. But I don't want to juggle too many RSA key fobs. I like google sending a six digit code to the designated cell phone. Google also lets you set up 10 one time pad numbers ahead of time to handle the case when the cell phone cant get texts. As a first step if they would just send me text or an email for each login event and each transaction that would reduce fraud.
3. What really bugs me is, in this day and age of social network where people are posting details of their breakfast lunch and dinner for the whole world to see, even banks use "maiden name of mother" "name of your pet" or "where you went for honeymoon" to reset passwords. That is insane. So I used to give non intuitive answers like "nissan sentra" as the mothers maiden name. But it is so difficult to remember what stupid answer I gave to which site. That is my biggest beef with these security questions.
4. No I did not switch my username and password edit boxes when I signed up for slashdot. Friends recognize the dorm addresses, rest of alumna recognize the dorm names.
We did. Mostly because we are, essentially speaking, a big evolutionary mistake. We can't run fast, we're not strong, we can't hide easily, we have no fur or feathers to keep us warm (which means we have to burn a LOT of calories just to heat up the air around us in cold periods!
No, evolution does not make mistakes. Because evolution does not have a goal, does not have place to reach. When there is no right way for it to work, there can not be a wrong way. So by its very nature what evolution does can not be called right or wrong.
We have not been leopard food for at least the last 15 million years. What is the proof? None of the greater apes have a life span less than 30 years. Animals that can die for no fault of them, purely due to chance, no matter how good they are in whatever survival strategy they follow die young. Insects, mice, most prey animals. Even predators that use the high risk chases die of accidents. Their life span is limited. Species that have control of their life, slow down. Elephants, rhinoceri, hippopotamus, great aps, larger birds, they have no predators, that is how they live that long. So we have been at the top of the food chain for at least 15 million years, since the great ape lines branched off from rest of the primates. Did you know all living things have exactly the same length of life in terms of heart beats. All animals get about 2 billion heartbeats of life.
The record is broken, the law is broken, the legislature is (house) broken, but the rent seeking copyright babies are stronger than ever
What an executive of my pillow with a personal credit card with a credit limit higher than 125K paid it to some vendor of my pillow. Acting as the official of the company he offered to pay 125k in company check but the vendor refused to take a check. Even if he gave the vendor money from his creditcard, he should have issued that 125 k check from the company and deposited it into his account. But for some reason he did not. How did this chump get a card with higher than 125 k limit I cant understand. Fools and money are easily parted and fools and he should been taken to the cleaners much earlier.
Thats the last question I guess.
RIAA issued a DMCA take down notice and they had to take it down.
I am surprised you got the spreadsheet scandal via Colbert. It has been making news for quite some time. There was an NPR report, one BBC report etc. So please do not assume I am getting all my news from Colbert.
Further, very surprisingly, Stewart and Colbert seem to care for accuracy, despite being a comedy show. Being comedians they are able to laugh off their mistakes on air and apologize by making fun of themselves. But still, they do that when they make a mistake. The one I remember recently is Stewart making up a funny dickish name connected with civil rights, and it turned out to be a real name. The on air apology from him made me wonder, why isn't he called the newsman and the others jokers.
[1] http://arstechnica.com/tech-policy/2013/04/microsoft-excel-the-ruiner-of-global-economies/
[2] http://news.silobreaker.com/does-this-spreadsheet-error-invalidate-the-case-for-austerity-5_2266755871209947215
[3] http://news.silobreaker.com/three-umass-profs-expose-flaw-in-harvard-research-that-underpinned-austerity-5_2266756154677788864
[4] http://news.yahoo.com/student-took-eminent-economists-debt-issue-won-095347790--business.html
[5] http://www.bbc.co.uk/news/magazine-22223190
[6] http://chronicle.com/article/UMass-Graduate-Student-Talks/138763/
What part of pay all remaining installmenst before you leave he does not get? May be he is in the pocket of AT&T and Verizon who just want to some FUD.
Its students are cheating. Its professors are either too dumb to use the spreadsheet correctly or so corrupt they cook up data to be shills for austerity mongers. And they cut real research centers to save money. They buy real estate in around Boston from companies going bankrupt and take off the tax rolls of local municipalities (look up the Aresenal area). I think Harvard's mission has become growing the endowments as much as possible while coasting on the goodwill created by earlier decades of solid academic work.
You are too subtle for your own good. You might have at least hinted something like, "come on, it is a liver, not a deader, its no big deal keeping it alive".
I keep all my credit cards and smart chip embedded driving lincens in my hat. And my hat is actually a Faraday's cage constructed using a product from Reynolds. I understand the product is made by electrolysis of bauxite. So no one can read anything from it from a distance.
Be doubly sure. Apply ROT-13 twice on all your documents.
My wife's smart phone locked up and refused to respond to the power on button. Removed the battery, put it back, it worked. My daughter's iPod nano locks up on some corrupted mp3 files. Need to wait for the battery to fully drain and die to hard reboot.
Really, you are getting unlimited text, voice and 500MB of highspeed (10 Mbps) data for 25$ a month? That is the normal price in Europe?
But I am not so sure. Verizon has a huge cash cow, in the form of FiOS. It can use that revenue stream to undercut t-mobile and try to kill it instead of competing with it on a level ground. AT&T has inertia and corporate support helping it. I just hope T-Mobile succeeds just to bring sanity to this market.
T-mobile got the best deal in the failed merger with AT&T. Apparently that contract gave T-mobile 2 billion dollars if the deal was rejected by the Govt, and more importantly bandwidth in the edge network for T-mobile in some 50 markets. If it plays this hand of cards well, things should shake up in the mobile market in USA.
VortexCortex, please sit down, as it might come as a shock to you. No matter what your GPS display shows, you are not the center of the world, and the world does not pivot around you when you make that right turn from Lincoln Ave to Water St. Your use case is so extreme, supporting your needs produces so little marginal revenue for so much of pain, they will happily ignore you. If your needs are met, it would be purely an unintended side benefit happening because of supporting some more mainstream use case.
. If that's how you're doing Agile, you're doing it wrong.
At this point Agile has assume mythical qualities. Any time anything fails to work as promised by Agile, the implementation gets the blame, not Agile. They keep parroting the same thing. "if it does not work, you are doing agile wrong". You could postulate an imaginary waterfall organization, staffed with mythical programmers who do waterfall right. Then I could also say, "if it does not work, you are not doing waterfall right".
We have agile. We have agile tools. We have vendors selling agile management tools to our company making oodles of money. And you ask the agile tool vendor to implement something, suddenly it is going to take 18 months and two release cycles. They are agile, they sell agile tools, they should know how to do agile, and I ask for something simple like, "I want to be able to add/delete people to the notification list of user stories. There is no need to assume, there is going to be only one customer proxy or just one person monitoring progress. So when will I be able to add a notification field and add email ids to it?" 18 months and two releases.
The defect reports come from the field via Siebel database, and some script converts it to rally. In the process it fumbles the name of the submitter and the stupid script becomes the submitter. There is no lookup table to go from Siebel ticket number of Rally defect number or vice versa. Hey, vaunted rally tool vendor, when can you fix it? 18 months and two releases. This is already 18 months and two releases gone, and there is no solution in sight.
Rally is snake oil. It promises to deliver skycastles to addled top management which thinks building software is like toasting bread in Quiznos or building a car in the assembly line.
There are problems with waterfall. There is an entirely different set of problems with agile and rally. Agile is not going to make your process more efficient, or your software higher quality.
Now is your time to come in and say, "Rally is not agile" "You are doing agile wrong" completely ignoring the point there is no documented case of agile working better than waterfall given the same resources and goals.
Even concentrating heat is not all that efficient. If you have two huge lakes with a 10 degree temp diff (one at 35 deg C and another at 25 deg C) you still can not even boil a liter of water, certainly not with 80% efficiency.
Simple fact. There is no heat engine that can convert heat to mechanical energy with 80% efficiency (with reasonable source/sink temperatures). They must be playing fast and loose with the definition of "usable energy".
Yes, wait till you get a real medical need. All the companies that are happily accepting your premia and "insuring" you will deny claims, make life miserable, bump you off, raise the rates, refuse to renew. All other companies will declare your condition pre-existing condition. You might as well save the hassle and go without insurance and put the premia in a separate account. At least you will be able to tap into the amount or premia you have paid.
If you know enough about virtual machines and provisioning, there is a good market for your skills. Install a good distro of linux, install a virtual machine server, provision a XP machine, using the old license. Set up proper firewall and a hardwired whitelist access hosts file. Make the old software work in new machine. Profit.