because if your webpage is on www.foo.com and you want to pull a js library from www.bar.com, you can do src="//www.bar.com/cdn/bogus.js" and not have to worry if foo switches over to https only (as long as bar.com supports https) (or did a joke just go over my head)
Was that a typo? The 100 Mbit switches when everyone was starting to upgrade to 10 Gbit? I would have expected Google to be using 100 Gb when everyone else was starting to upgrade... if it wasn't a typo, could you explain why?
My prescription glasses have the tint that goes from essentially clear to sunglasses depending on light. I've noticed if I look at black light with them on, they go kind of foggy, which I guess makes sense given that IIRC, it's actually ultraviolet light that makes the shift happens, which is also why they're less effective in cars. Anyone else have this effect?
UDP 4500 would like a word with you. Mind you, if you have a VPN server and are NATing it, you may have a problem or at least require some registry hacks
I also type (most) passwords purely by muscle memory (and have had to type a couple of shared passwords into wordpad so I can actually say what it is I've been typing (mostly for where shift is and isn't toggled)... but having said that, I've gotten multiple accounts locked out due to the following reasons:
Gorram cap lock (as annoying as the popup is, that's something MS got right imho)
Pseudo-cap lock... not sure if MS would have detected it (it was through a web interface), but somehow the KVM I was using stopped detecting shift/control and there was no feedback that this was a problem as my username is all lower case
Shitty dell keyboard on one laptop only detects one letter (which of course appears several times in the passphrase) about 30% of the time... yeah, I can count *'s, but that's a pita given the muscle memory above
Probably also, a long time ago, at least got the password wrong once when switching between old school apple and IBM keyboards (f and j have dots on PC, d and k have dots on MAC, put my hands in wrong spot)
There's also the story about the guy who could type his password sitting but not standing... the story goes that while sitting, he touch typed, while standing he hunted and pecked and someone had swapped a couple of keys on the keyboard that wouldn't be noticed while touch typing but would when looking at the keyboard
As far as shoulder surfing goes, if someone is going to be hunting and pecking the password anyways, it would seem to be almost as easy for a shoulder surfer to watch your fingers hit keys as it would be to read the password off the screen... especially if you use leetspelling for passwords.
I doubt you'll see this and all, but I'm amused that I read your post (without seeing the poster name) and was wondering if the poster had worked with you. Hope all is well, and btw, I'm not the father of a child(1) process.
I could be wrong, but I think the good news is that if they embed the graphics, they've basically embedded it such that your browser doesn't go back to a server to get the image (at some point, they added the ability to embed an image as base64 encoded data, theoretically targetting a page with small images that would take longer (due to having to setup multiple http connections after decoding the html) to pull down separately))...I'd say they're doing it more to get around filters than to do web bugs.
Most VPN Clients I've used support a split tunnel mode... the idea being that data going to your company's internal LAN goes through the VPN tunnel ; data going elsewhere goes outside the tunnel. The idea here is that if you're trying to do stuff on the public network (that's assumed to be less sensitive to begin with), you don't have to wait for the traffic to flow from your computer to your company and then to the site you want (worst case being if you wanted to say stream music off your music server on your home LAN)
Umm... I'd say the real advantage of CRT's is max (and flexibility of) resolutions... it was wicked tiny, but I could run 1600x1200 on my ancient 17" CRT; with my 19" LCD, I'm limited to 1280x1024.
Seriousily... I had a former coworker who had previousily worked at the Patent Office and he strongly implied the exact opposite of your claim; they're expected to be able to either accept or reject a quota of N (for some reasonable value of N I've forgotten) patents per week and that his boss _heavily_ leaned on him to reject as many patents as possible. One of his favorite rejections was where someone had tried to patent some Windows technique (and had stolen the description of how to do it directly from a book my coworker had read and just done find-replace). Coworker also mentioned that good patent workers frequently build up a queue of rejected patents (i.e. week 1 they find a way to reject 3N patents; they then release just enough rejections each week to meet their quota and spend the rest of their time getting a patent law degree or similar or browsing the web depending on their ambition level. Also, patent office is one of the few parts of the gov't that makes a profit.
I have a newer (2000 or so) joystick/gamepad that came with the DB15 and a USB adapter so you could use it with either the old style connector or USB; I believe I tried hooking up my older DB15 only one but I can't remember if it consistently worked with everything I tried or not.
Agree on the pain factor with the old school joysticks. IIRC, the way you measured it was write a 1 bit to one of the pins and then keep reading it back until it was 0; they used RC (Resistor/Capacitor) circuits such that the moving to left was immediate and right was some non-zero time (which would vary on your processor speed if you were polling, the joystick, and in theory the temperature (i.e. over time the joystick would heat and this increases the resistance but apparently I wasn't hard core or only had decent quality stuff since I don't remember seeing this really affect any of my games or code) Reading the buttons, on the other hand, was dirt simple since they were either on or off... I guess I should be glad they didn't try to do pressure sensitive buttons.
One useful bit was that if the joystick was unplugged, some old games would basically spend FF or FFFF cycles on each read waiting for the bit to switch; my ex-roommate commented that that was the only way to get some old games to play on newer hardware without running an external slow down app (or using the turbo button which didn't actually do anything on the computers where you really needed it)
Maybe they were eating it mostly raw? (See comment in wikipedia on why people living way up north tend not to suffer from scurvy despite animal-product heavy diets) Of maybe that was just all the wild fruit you stopped and picked.
To clarify both sides, unless I've missed something in the last couple of years, AES was designed[1] with the possibility of quantum computing in mind and the solution is to use double the bit length you'd otherwise need (which is the same for at least some elliptic curve-based Public Key algorithms but for different algorithmic reasons). Is this still computable by standard computers? Yes. Does it make it harder to use "strong" crypto in limited hardware, a little. Could there be improved algorithms down the road that push it to the point that it takes the same order of time to decrypt on standard computers algorithms knowing the key as it does to decrypt (break) on quantum computers without knowing the key? Possibly (in the sense that I don't know of any proofs showing limits on efficiency gains etc.).
[1]Designed is probably not the right word, but basically, brute force searching of 128bit symmetric keys is believed to be secure in the sense that using all atoms as non-quantum computers would find it some point after expected heat death of universe. However, quantum computers can (being lazy, start at wikipedia's entry on cryptoanalysis, look for grover algorithm) do a brute force search in quadratic time (so 128bits would take on the order of 2^64 steps which is much more tractable... however, using 256bit AES keys (which would otherwise be overkill for most things) now take on the order of 2^128 steps which again hits that whole heat death thing, unless either a better algorithm comes out or someone comes out with some sort of hyper-quantum-computing idea)
Unfortunately, it wouldn't be the first time... Google comstock (example: http://en.wikipedia.org/wiki/Anthony_Comstock) wherein hyper-moralists blocked even anatomy textbooks from being delivered by the postal service.
Slashdot Mirror
Not sure if you were trolling (in which case you got me), but you seem to have confused Andrew Jackson with Andrew Johnson
because if your webpage is on www.foo.com and you want to pull a js library from www.bar.com, you can do src="//www.bar.com/cdn/bogus.js" and not have to worry if foo switches over to https only (as long as bar.com supports https) (or did a joke just go over my head)
Was that a typo? The 100 Mbit switches when everyone was starting to upgrade to 10 Gbit? I would have expected Google to be using 100 Gb when everyone else was starting to upgrade... if it wasn't a typo, could you explain why?
My prescription glasses have the tint that goes from essentially clear to sunglasses depending on light. I've noticed if I look at black light with them on, they go kind of foggy, which I guess makes sense given that IIRC, it's actually ultraviolet light that makes the shift happens, which is also why they're less effective in cars. Anyone else have this effect?
Care to make a plug for them?
UDP 4500 would like a word with you. Mind you, if you have a VPN server and are NATing it, you may have a problem or at least require some registry hacks
Pretty sure ronin = laid off samurai, not ninja.
I also type (most) passwords purely by muscle memory (and have had to type a couple of shared passwords into wordpad so I can actually say what it is I've been typing (mostly for where shift is and isn't toggled)... but having said that, I've gotten multiple accounts locked out due to the following reasons:
Gorram cap lock (as annoying as the popup is, that's something MS got right imho)
Pseudo-cap lock... not sure if MS would have detected it (it was through a web interface), but somehow the KVM I was using stopped detecting shift/control and there was no feedback that this was a problem as my username is all lower case
Shitty dell keyboard on one laptop only detects one letter (which of course appears several times in the passphrase) about 30% of the time... yeah, I can count *'s, but that's a pita given the muscle memory above
Probably also, a long time ago, at least got the password wrong once when switching between old school apple and IBM keyboards (f and j have dots on PC, d and k have dots on MAC, put my hands in wrong spot)
There's also the story about the guy who could type his password sitting but not standing... the story goes that while sitting, he touch typed, while standing he hunted and pecked and someone had swapped a couple of keys on the keyboard that wouldn't be noticed while touch typing but would when looking at the keyboard
As far as shoulder surfing goes, if someone is going to be hunting and pecking the password anyways, it would seem to be almost as easy for a shoulder surfer to watch your fingers hit keys as it would be to read the password off the screen... especially if you use leetspelling for passwords.
*sigh* ... and by not I of course mean now... stupid single letter changing the whole meaning of the sentence.
I doubt you'll see this and all, but I'm amused that I read your post (without seeing the poster name) and was wondering if the poster had worked with you.
Hope all is well, and btw, I'm not the father of a child(1) process.
Carleton
I could be wrong, but I think the good news is that if they embed the graphics, they've basically embedded it such that your browser doesn't go back to a server to get the image (at some point, they added the ability to embed an image as base64 encoded data, theoretically targetting a page with small images that would take longer (due to having to setup multiple http connections after decoding the html) to pull down separately))...I'd say they're doing it more to get around filters than to do web bugs.
Hmm... Palin, Edwards, Quayle, (Also Adm Stockton was Perot's iirc), Ferraro and anyone before that was BMT as they say... so 5.
Grr... wish I had modpoints... there's about 3 light years of difference between fruitcake and stollen...
Hmm... guessing you mean Debt of Honor by Tom Clancy.
Most VPN Clients I've used support a split tunnel mode... the idea being that data going to your company's internal LAN goes through the VPN tunnel ; data going elsewhere goes outside the tunnel. The idea here is that if you're trying to do stuff on the public network (that's assumed to be less sensitive to begin with), you don't have to wait for the traffic to flow from your computer to your company and then to the site you want (worst case being if you wanted to say stream music off your music server on your home LAN)
That would be my guess.
Umm... I'd say the real advantage of CRT's is max (and flexibility of) resolutions... it was wicked tiny, but I could run 1600x1200 on my ancient 17" CRT; with my 19" LCD, I'm limited to 1280x1024.
If it helps, no... I saw the exact same thing.
Seriousily... I had a former coworker who had previousily worked at the Patent Office and he strongly implied the exact opposite of your claim; they're expected to be able to either accept or reject a quota of N (for some reasonable value of N I've forgotten) patents per week and that his boss _heavily_ leaned on him to reject as many patents as possible. One of his favorite rejections was where someone had tried to patent some Windows technique (and had stolen the description of how to do it directly from a book my coworker had read and just done find-replace). Coworker also mentioned that good patent workers frequently build up a queue of rejected patents (i.e. week 1 they find a way to reject 3N patents; they then release just enough rejections each week to meet their quota and spend the rest of their time getting a patent law degree or similar or browsing the web depending on their ambition level. Also, patent office is one of the few parts of the gov't that makes a profit.
I have a newer (2000 or so) joystick/gamepad that came with the DB15 and a USB adapter so you could use it with either the old style connector or USB; I believe I tried hooking up my older DB15 only one but I can't remember if it consistently worked with everything I tried or not.
Agree on the pain factor with the old school joysticks. IIRC, the way you measured it was write a 1 bit to one of the pins and then keep reading it back until it was 0; they used RC (Resistor/Capacitor) circuits such that the moving to left was immediate and right was some non-zero time (which would vary on your processor speed if you were polling, the joystick, and in theory the temperature (i.e. over time the joystick would heat and this increases the resistance but apparently I wasn't hard core or only had decent quality stuff since I don't remember seeing this really affect any of my games or code) Reading the buttons, on the other hand, was dirt simple since they were either on or off... I guess I should be glad they didn't try to do pressure sensitive buttons.
One useful bit was that if the joystick was unplugged, some old games would basically spend FF or FFFF cycles on each read waiting for the bit to switch; my ex-roommate commented that that was the only way to get some old games to play on newer hardware without running an external slow down app (or using the turbo button which didn't actually do anything on the computers where you really needed it)
as in a kilo of feathers that were implied to be on earth versus a kilo of rocks on the moon.
Maybe they were eating it mostly raw? (See comment in wikipedia on why people living way up north tend not to suffer from scurvy despite animal-product heavy diets) Of maybe that was just all the wild fruit you stopped and picked.
Fine... which weighs more, a kilogram of moon rocks or a kilogram of feathers?
To clarify both sides, unless I've missed something in the last couple of years, AES was designed[1] with the possibility of quantum computing in mind and the solution is to use double the bit length you'd otherwise need (which is the same for at least some elliptic curve-based Public Key algorithms but for different algorithmic reasons). Is this still computable by standard computers? Yes. Does it make it harder to use "strong" crypto in limited hardware, a little. Could there be improved algorithms down the road that push it to the point that it takes the same order of time to decrypt on standard computers algorithms knowing the key as it does to decrypt (break) on quantum computers without knowing the key? Possibly (in the sense that I don't know of any proofs showing limits on efficiency gains etc.).
[1]Designed is probably not the right word, but basically, brute force searching of 128bit symmetric keys is believed to be secure in the sense that using all atoms as non-quantum computers would find it some point after expected heat death of universe. However, quantum computers can (being lazy, start at wikipedia's entry on cryptoanalysis, look for grover algorithm) do a brute force search in quadratic time (so 128bits would take on the order of 2^64 steps which is much more tractable... however, using 256bit AES keys (which would otherwise be overkill for most things) now take on the order of 2^128 steps which again hits that whole heat death thing, unless either a better algorithm comes out or someone comes out with some sort of hyper-quantum-computing idea)
Unfortunately, it wouldn't be the first time...
Google comstock (example: http://en.wikipedia.org/wiki/Anthony_Comstock) wherein hyper-moralists blocked even anatomy textbooks from being delivered by the postal service.
Err... no... .exe ... bounced .exe renamed to .txt ... bounced .exe zipped, bounced .exe, zipped, zipped renames, ... bounced .exe, zipped, encrypted ... still bounced (I'm guess my zip program kept the file table unencrypted) .exe, renamed to .txt, zipped, encrypted ... gets through, now brother can't figure out how to get the file ...
Process:
Send email with
Send email with
Send email with
Send email with
Send email with
Send email with