They'll be at the cash registers next to the Earthlink CD's and the Wal-mart ISP CD's and....etc. They just won't come in the mail. Since they are free, you can get a matching set by swiping the whole box at once.
f |----- o> | ^-crumple here r> | c> | v-crumple here e |-----
Would this be true? It would absorb some of the initial force. Then the crumple effect would be lessened (less force left to crumple / absorbtion from other armor). Meaning that you could actually survive a HIGHER speed impact due to well designed crumple zones?
P.S. The real savings would be that you wouldn't get annoying door dings in the parking lot any more.....and hail damage...and shopping carts and......
You save only 59 seconds over 8 miles by going 75 instead of 65. Do you really have to pass that guy? Do the Math!
I love this sig. I agree completely. Do I speed? Maybe on occassion...by being inattentive to my odometer...but unless you are going to travel for over 30 minutes, speeding is insignificant. I can't tell you how many times I've been passed by someone who is going 15 to 20 MPH more than me only to be sitting next to them at the light at the bottom of the Interstate off-ramp that's 5 miles down the road. Net effect of speeding vs not? Zilch.
I've used much this same quote on my daughter who will be of driving age in about 10 months....hopefully it sinks in.
Why not run two wireless routers. As cheap as they are getting you could just chain them High-speed / Wireless / Secure Wireless. The secure wireless is for you and is hardwired to the wireless to be able to see all that goes on there. You get the benefits of sharing your network but the protection from the freaks. Since secure wireless is hardwired up, you probably already have an 802.11b router sitting around since you upgraded to 802.11g or n.
All of the pleasure, none of the pain. All for a few cents of electricity.
Yeah, a lot of people have been missing that point.
AFAIK, when you purchase property, you do not purchase any rights to the airspace around said house (you may or may not have mineral rights). That allows jets to fly over your house, TV stations to broadcast, Radio, Satellite, etc. It's against the law to descramble satellite signals even though it just happened to be there for the taking. This is the same case, the information going over wireless is not public data, therefore, unless authorized, it is illeagle to receive it, whether encrypted or not.
I figured this study was to provide evidence (either to the advertisers or to TiVo) on whether people are using the service to avoid commercials completely or if they are using it to timeshift their viewing experience.
I know that if I'm watching "live", I'm not skipping commercials....if I'm watching a recorded show, I am. I don't wait 5 to 10 minutes after a show starts to begin watching it just so I can skip commercials (especially if the shows are back to back). I'll just use my normal internal "commercial skip" clock to know when to come back from the fridge / bathroom / etc.
If the study shows that people skip commercials during live events, then the advertisers win and TiVo blocks commercial skip. If the study shows that people skip commercials during recorded events, then TiVo wins and the advertisers go away sulking that they didn't win.
The old Compaq proliant servers I used to support had a key.....but my computer never got "Started Up" until the Rolling Stones whored themselves out to Microsoft.
I also don't think they make enough money, or host valuable enough content to bother having a second datacentre doing nothing just in case something goes wrong in the first place
Even if the content and such isn't valuable, how about load sharing? Have two sites, one in the east and one in the west (either the US or the globe, take your pick). Then, when one site has a problem, you shift the load to the other location. When both are up, you sync them back up and divide the load back out. You are already spending money to handle the load you have....just a matter of where, not a matter of double the price.
The Cult's scholarly publications are of particular interest to us. Because the Cult's journals were circulated on sandstone tablets, editors imposed very strict length limitations. Consequently, authors aggressively compressed their articles. A typical publication would have the following form:
PUZZL.TSK=100@1001|14370747643c6d2db0a40ecb4b0bb65 Should you encounter any such publications, we humbly request that you submit them to us via our web site. Our server will track all submitted publications, ensuring that every participant is given appropriate credit for advancing our understanding of the codex. Publications are of varying value; some will represent a greater contribution than others, and we will take this into account when assigning credit.
Looking at it more, you are right, it's CBV. It's the decorations on the letters that confuse things.
So, my thoughts: - the file contains many dividing tokens (i.e. MKULTRA and abracadabra) - each block between the tokens represents the same image in some format (GIF, BMP, Text, etc.) - the goal will be to decode as many different versions of the same image as possible - I'm sure there is some link between the dividing tokens and the encoding method (this is purely guessing)
(If I'm right, then the portion of the file that looks like this: evalso dark the con of man __VFD__ *õh__CBV__ dustsolomon includes the __CBV__ because it is part of the encoding)
Approach: - figure out all of the different tokens and what they imply - find the binary file format headers for various file formats - decode, decode, decode
After MKULTRA and before abracadabra......using Notepad (the best programming tool ever?)
Basically, take that chunk of text and put carriage returns after every 64th character. A pattern that matches the GIF image appears using text. [I tried including it, but of course filters killed that idea]
function CheckPassword_or_InjectMe( @id varhcar(200), @password_or_injection varchar(200) ) returning number(1) is
@sql_statement varchar(4000):= '';
@password_checked number(1):= 0; begin
@sql_statement:= 'select 1 from user_list where id = ''' + @id + ''' and password = ''' + @password_or_injection + '''';.....etc.
return @password_checked; end;
Not a real world example, but illustrates how SQL Injection is not a problem of a specific layer but of a specific technique: string building to make SQL. Change it to parameterized SQL and the problem goes away. Of course, in this case, direct SQL would be much more efficient.
You might as well call it an MCDBA or some other stupid acronym.
I know plenty of people with letters after their name (MCSE, PMP, etc.) that fall into one of two categories: 1. Capable and knowledgeable about their area of expertise. 2. Complete idiots.
I know plenty of people WITHOUT letters after their name that fall into one of two categories: 1. Capable and knowledgeable about their area of expertise. 2. Complete idiots.
Certifications are pretty meaningless to me. As for whether a CS degree would help, I'd almost say no (The "lesser" MIS might actually be better in terms of requiring DB courses). I finished my CS degree in '94 without having had a single database class. It was an elective, but not a required class. I didn't think I'd need it. My first job, I had to learn database stuff on my own. And in fact, even without taking a database class until I had been working with them for over 7 years, I was considered the database expert at my first company and now second company (both large Fortune 500's).
BTW, the class I took was the one on Oracle tuning...and it was a joke: they recommended using hints in your SQL. You should tune the statement without hints first. Hints should be a last resort. Why do programmers constantly think that they can do a better job tuning than a large team of programmers who's sole job is to tune a database engine?
Stored procedures alone won't solve the problem. Any procedure which makes use of string building dynamic SQL (front end or back end) could just as easily fall prey to this sort of attack. The real solution is not to treat input as code but as data. Same for the RFID story from the other day. Building SQL (concatenation) is the leading cause of injection problems. Make all of your queries parameterized, not a lot of extra work, but well worth it (not only does it virtually eliminate SQL Injection problems, but you get better performance due to statement caching).
Copy (steal?) idea....sometimes not even as good as the original Market it like crazy Sell to everyone Bully competition Move on to the next idea
The other option is to buy the idea (Visio comes to mind) and then proceed through the rest of the steps. MS is not an innovation company but a very good marketing company.
Yeah, I pretty much agree. I currently get EGM, not because it's a great magazine, but because I got a free subscription to it. Before that, I got some X-box mag (free 1yr subscription) that went under before my free year was up. As compensation, they sent me the rest of my year in two magazines. The only reason that I would by PCGamer was when I was on dial-up and didn't want to spend the time d/l'ing a demo game....and since I've been on high speed (if you count ISDN) since 1996, it's been a while since I actually paid for a game magazine.
Like most game mags, they weren't really any better than anything else out there, and if they weren't free, I'd just as soon get all of my gaming news from a web site.
Layne
P.S. My favorite computer mag of all time is RUN during the Commodore 64 heyday. Well, except for typing in all of that ML code to make some cheesy little game run.
"Barabasi's team calculated the "half-life" of a news document, which corresponds to the period in which half of all visitors that eventually access it have visited. The researchers found that the overall half-life distribution follows a power law, which indicates that most news items have a very short lifetime, although a few continue to be accessed well beyond this period. The average half-life of a news item is just 36 hours, or one and a half days after it is released. While this is short, it is longer than predicted by simple exponential models, which assume that web page browsing is less random than it actually is."
The half-life (not the game, duh) of a news article is 36 hours. People still continue to be interested beyond that. As an advertiser, I'd be more interested in the 70% life. That time when 70% of the people that will look at it *have* looked at it. I would guess that is closer to four days.
I quit running them because they didn't really tell me what my computer was chugging on. Sure SETI@Home is "pretty" as a screen saver as as someone else mentioned, but I want it to show me a star map with a little pointer dot scanning the sky with nearby points of interest. I want it to show me what all of that crap really MEANS. Same for the others I've tried (granted, I've not tried all of them). If I'm going to spare my cycles, make it worth my while.
Oh, and for all of you who think that because it's run by a university means that it's public, who do you think is funding the research project? They get first dibs on most of the results. Or some universities are starting to commercialize the results of their research. You'll pay one way or another....because in America, it's all about the $$$'s.
"He single-handedly forces everyone into the digital generation"
That was Al Gore. He invented the Internet.....just ask him. (http://en.wikipedia.org/wiki/Al_gore#Creation_of_ Internet_speech, http://www.sethf.com/gore/)
So, instead of bashing one camp or the other, how about some ideas of how to use this technology.....
With the ambient light sensors, you could display an image on the screen and adjust the lighting acording to the ambient light (there were left and right sensors). You could even turn your computer into a sundial (ever post needs a link to the Wiki, so here's mine: http://en.wikipedia.org/wiki/Sun_dial). Point your notebook due north and check the time. Too bad the motion sensor didn't include an electronic compass like in my car.....
"Wouldn't irony be more like mankind sets off in giant spaceships to colonize the galaxy and save the planet only to die horrifically in a freak interstellar traffic accident? It could happen easily too, I don't see any stop signs up there! And how do you do right of way in 3 dimensions?? It's madness I say!"
It's called air traffic controllers. And that is why they are considered to have one of the highest stress level jobs possible.
Slashdot Mirror
They'll be at the cash registers next to the Earthlink CD's and the Wal-mart ISP CD's and....etc. They just won't come in the mail. Since they are free, you can get a matching set by swiping the whole box at once.
Layne
Would this be true? It would absorb some of the initial force. Then the crumple effect would be lessened (less force left to crumple / absorbtion from other armor). Meaning that you could actually survive a HIGHER speed impact due to well designed crumple zones?
P.S. The real savings would be that you wouldn't get annoying door dings in the parking lot any more.....and hail damage...and shopping carts and......
Layne
I love this sig. I agree completely. Do I speed? Maybe on occassion...by being inattentive to my odometer...but unless you are going to travel for over 30 minutes, speeding is insignificant. I can't tell you how many times I've been passed by someone who is going 15 to 20 MPH more than me only to be sitting next to them at the light at the bottom of the Interstate off-ramp that's 5 miles down the road. Net effect of speeding vs not? Zilch.
I've used much this same quote on my daughter who will be of driving age in about 10 months....hopefully it sinks in.
Layne
Why not run two wireless routers. As cheap as they are getting you could just chain them High-speed / Wireless / Secure Wireless. The secure wireless is for you and is hardwired to the wireless to be able to see all that goes on there. You get the benefits of sharing your network but the protection from the freaks. Since secure wireless is hardwired up, you probably already have an 802.11b router sitting around since you upgraded to 802.11g or n.
All of the pleasure, none of the pain. All for a few cents of electricity.
Layne
Yeah, a lot of people have been missing that point.
AFAIK, when you purchase property, you do not purchase any rights to the airspace around said house (you may or may not have mineral rights). That allows jets to fly over your house, TV stations to broadcast, Radio, Satellite, etc. It's against the law to descramble satellite signals even though it just happened to be there for the taking. This is the same case, the information going over wireless is not public data, therefore, unless authorized, it is illeagle to receive it, whether encrypted or not.
Layne
I figured this study was to provide evidence (either to the advertisers or to TiVo) on whether people are using the service to avoid commercials completely or if they are using it to timeshift their viewing experience.
I know that if I'm watching "live", I'm not skipping commercials....if I'm watching a recorded show, I am. I don't wait 5 to 10 minutes after a show starts to begin watching it just so I can skip commercials (especially if the shows are back to back). I'll just use my normal internal "commercial skip" clock to know when to come back from the fridge / bathroom / etc.
If the study shows that people skip commercials during live events, then the advertisers win and TiVo blocks commercial skip. If the study shows that people skip commercials during recorded events, then TiVo wins and the advertisers go away sulking that they didn't win.
Layne
The old Compaq proliant servers I used to support had a key.....but my computer never got "Started Up" until the Rolling Stones whored themselves out to Microsoft.
Layne
Even if the content and such isn't valuable, how about load sharing? Have two sites, one in the east and one in the west (either the US or the globe, take your pick). Then, when one site has a problem, you shift the load to the other location. When both are up, you sync them back up and divide the load back out. You are already spending money to handle the load you have....just a matter of where, not a matter of double the price.
Layne
Looks like my premise wasn't that far off......
Layne
Looking at it more, you are right, it's CBV. It's the decorations on the letters that confuse things.
So, my thoughts:
- the file contains many dividing tokens (i.e. MKULTRA and abracadabra)
- each block between the tokens represents the same image in some format (GIF, BMP, Text, etc.)
- the goal will be to decode as many different versions of the same image as possible
- I'm sure there is some link between the dividing tokens and the encoding method (this is purely guessing)
(If I'm right, then the portion of the file that looks like this: evalso dark the con of man __VFD__ *õh__CBV__ dustsolomon includes the __CBV__ because it is part of the encoding)
Approach:
- figure out all of the different tokens and what they imply
- find the binary file format headers for various file formats
- decode, decode, decode
Layne
Dude, check this out.....
After MKULTRA and before abracadabra......using Notepad (the best programming tool ever?)
Basically, take that chunk of text and put carriage returns after every 64th character. A pattern that matches the GIF image appears using text. [I tried including it, but of course filters killed that idea]
BTW, the text looks more like a GBV than a CBV.
Layne
My example was for dynamic SQL.
:= ''; := 0; := 'select 1 from user_list where id = ''' + @id + ''' and password = ''' + @password_or_injection + ''''; .....etc.
function CheckPassword_or_InjectMe( @id varhcar(200), @password_or_injection varchar(200) ) returning number(1) is
@sql_statement varchar(4000)
@password_checked number(1)
begin
@sql_statement
return @password_checked;
end;
Not a real world example, but illustrates how SQL Injection is not a problem of a specific layer but of a specific technique: string building to make SQL. Change it to parameterized SQL and the problem goes away. Of course, in this case, direct SQL would be much more efficient.
Layne
You might as well call it an MCDBA or some other stupid acronym.
I know plenty of people with letters after their name (MCSE, PMP, etc.) that fall into one of two categories:
1. Capable and knowledgeable about their area of expertise.
2. Complete idiots.
I know plenty of people WITHOUT letters after their name that fall into one of two categories:
1. Capable and knowledgeable about their area of expertise.
2. Complete idiots.
Certifications are pretty meaningless to me. As for whether a CS degree would help, I'd almost say no (The "lesser" MIS might actually be better in terms of requiring DB courses). I finished my CS degree in '94 without having had a single database class. It was an elective, but not a required class. I didn't think I'd need it. My first job, I had to learn database stuff on my own. And in fact, even without taking a database class until I had been working with them for over 7 years, I was considered the database expert at my first company and now second company (both large Fortune 500's).
BTW, the class I took was the one on Oracle tuning...and it was a joke: they recommended using hints in your SQL. You should tune the statement without hints first. Hints should be a last resort. Why do programmers constantly think that they can do a better job tuning than a large team of programmers who's sole job is to tune a database engine?
Layne
Stored procedures alone won't solve the problem. Any procedure which makes use of string building dynamic SQL (front end or back end) could just as easily fall prey to this sort of attack. The real solution is not to treat input as code but as data. Same for the RFID story from the other day. Building SQL (concatenation) is the leading cause of injection problems. Make all of your queries parameterized, not a lot of extra work, but well worth it (not only does it virtually eliminate SQL Injection problems, but you get better performance due to statement caching).
Layne
That's been Microsoft's modus operandi all along:
Copy (steal?) idea....sometimes not even as good as the original
Market it like crazy
Sell to everyone
Bully competition
Move on to the next idea
The other option is to buy the idea (Visio comes to mind) and then proceed through the rest of the steps. MS is not an innovation company but a very good marketing company.
Layne
Yeah, I pretty much agree. I currently get EGM, not because it's a great magazine, but because I got a free subscription to it. Before that, I got some X-box mag (free 1yr subscription) that went under before my free year was up. As compensation, they sent me the rest of my year in two magazines. The only reason that I would by PCGamer was when I was on dial-up and didn't want to spend the time d/l'ing a demo game....and since I've been on high speed (if you count ISDN) since 1996, it's been a while since I actually paid for a game magazine.
Like most game mags, they weren't really any better than anything else out there, and if they weren't free, I'd just as soon get all of my gaming news from a web site.
Layne
P.S. My favorite computer mag of all time is RUN during the Commodore 64 heyday. Well, except for typing in all of that ML code to make some cheesy little game run.
"Barabasi's team calculated the "half-life" of a news document, which corresponds to the period in which half of all visitors that eventually access it have visited. The researchers found that the overall half-life distribution follows a power law, which indicates that most news items have a very short lifetime, although a few continue to be accessed well beyond this period. The average half-life of a news item is just 36 hours, or one and a half days after it is released. While this is short, it is longer than predicted by simple exponential models, which assume that web page browsing is less random than it actually is."
The half-life (not the game, duh) of a news article is 36 hours. People still continue to be interested beyond that. As an advertiser, I'd be more interested in the 70% life. That time when 70% of the people that will look at it *have* looked at it. I would guess that is closer to four days.
Layne
Basically it is taking a database row
ID Col1 Col2 Col3
-- ---- ---- ----
01 aaaa bbbb cccc
And mapping it to an object / class such that
Object.ID = 01
Object.Col1 = aaaa
Object.Col2 = bbbb
Object.Col3 = cccc
The techniques etc. are what are patented.
Layne
No patents are known to have been violated in producing this mapping. My technique (brain and keyboard) is patent pending.
I quit running them because they didn't really tell me what my computer was chugging on. Sure SETI@Home is "pretty" as a screen saver as as someone else mentioned, but I want it to show me a star map with a little pointer dot scanning the sky with nearby points of interest. I want it to show me what all of that crap really MEANS. Same for the others I've tried (granted, I've not tried all of them). If I'm going to spare my cycles, make it worth my while.
Oh, and for all of you who think that because it's run by a university means that it's public, who do you think is funding the research project? They get first dibs on most of the results. Or some universities are starting to commercialize the results of their research. You'll pay one way or another....because in America, it's all about the $$$'s.
Layne
"It seems to be missing some things."
Why isn't Visual Studio going toe-to-toe with Eclipse?
Where's VBScript vs JavaScript?
What's Web / AJAX services doing in the corner? MS has that capability, too.
What about DirectX vs OpenGL?
I'm sure it's missing quite a bit more, too.
Layne
"Attack of the killer tomatos maybe?"
All it takes is one stray cosmic ray to ruin the hole lot.....mutated crops lead to death of human kind.
Layne
"He single-handedly forces everyone into the digital generation"
_ Internet_speech, http://www.sethf.com/gore/)
That was Al Gore. He invented the Internet.....just ask him. (http://en.wikipedia.org/wiki/Al_gore#Creation_of
Layne
So, instead of bashing one camp or the other, how about some ideas of how to use this technology.....
With the ambient light sensors, you could display an image on the screen and adjust the lighting acording to the ambient light (there were left and right sensors). You could even turn your computer into a sundial (ever post needs a link to the Wiki, so here's mine: http://en.wikipedia.org/wiki/Sun_dial). Point your notebook due north and check the time. Too bad the motion sensor didn't include an electronic compass like in my car.....
Layne
Wouldn't you start as a Zergling and then, as you progress through levels, eventually become a Zerg Queen?
Layne
"Wouldn't irony be more like mankind sets off in giant spaceships to colonize the galaxy and save the planet only to die horrifically in a freak interstellar traffic accident? It could happen easily too, I don't see any stop signs up there! And how do you do right of way in 3 dimensions?? It's madness I say!"
It's called air traffic controllers. And that is why they are considered to have one of the highest stress level jobs possible.
Layne