They took issue with the first clause because, with the current patent situation in the US, anyone could be violating someone's IP rights and not even know it. The 2nd clause, because it's kind of redundant. It's already against the law, why put it in the license?
If you're suggesting that the site should be tying the cookie to an ip address, then I have to disagree. I've done just that, and I discovered that it's a very bad idea. Not just because some people have a different ip address from one session to the next, but because some of them have a different ip address from one page to the next. For example, there are some ISPs that send GET requests through one address, and POSTs through another.
Actually it works very well. I've had 9600GT in SLI for a few months now, and I've never had a problem with a single game (and i play a lot of games). It's been an incredibly wise investment. It was $300 at the time. Not even the $600 8800 Ultra could match the performance of these 2. Yes, if you dont have an SLI capable mobo, it may not be worth the money, but I did.
Also, you're only looking at one game. COD4 at 2560x1600 did worse than the single gpu, and it's an anomaly. If you check the next page, you'll see that Quake Wars increases in 78% with SLI, and the page after that shows UT3 increases by 82% with SLI. And, on page 4, notice the 3DMark06 scores: in 4 of 5 tests, scores were doubled.
It's not always wise to go SLI, but with the 9600GTs it certainly is. For the price, it's an decent card by itself, but put together you get high-end performance for mid-range price.
SLI is not worth it, its broken on many games and it makes a minor performance increase when it does. Going for a 9800 isn't worth it, the extra price is far more than the extra performance. $130
Not true. As Tech Report's review shows, an SLI 9600GT consistently gets roughly 75% more FPS than a single in COD4, Quake Wars, Half Life episode 2, and UT3. The only game they tested that didnt have a significant increase was Crysis at 1280x800, but at 1680x1050 it had almost a 50% increase.
An SLI 9600GT is amazing performance for the price.
There's actually a pretty widespread problem upgrading to Hardy, where it hangs at "generating locales". In fact, in Firefox, if you select Google from the search at the top right, start to type "ubuntu upgrade", then scroll down, you should see both "ubuntu upgrade stuck generating locales" and "ubuntu upgrade locales" out of the roughly 10 suggested searches. (not my searches, the suggested ones.)
It doesnt necessarily mean it was Thawte, though. From an earlier article:
he simply checked the box that stated that the certificate was not going to be used on the internet and was for internal testing only. Luckily, Michael also stated that most CA's rejected his requests.
It's a little vague, but it might mean that a lot of CAs have this checkbox.
Even if you used IPs, you could still be vulnerable to ARP cache poisoning. But ARP poisoning is more difficult, because I think the attacker needs to be on the same LAN as the victim or the server.
The guy was able to buy a certificate for Microsoft's login.live.com, from an undisclosed CA that's trusted by IE by default, because he checked a box saying it was only going to be used for internal use.
keep in mind that's not a real crysis shot. for 1, that scene was never in the game. 2, it's dated a year and a half before it was released. 3, it looks like crap. look at the missiles at the left. that's not crysis.
I've noticed the same thing, with HD-DVD. While HD can look great, it can also highlight flaws. In several different scenes in various movies, you can tell there's a problem with one of the cameras, because all of the shots coming from a certain position are noticeably grainier than the others, to the point where it actually looks worse (IMO) than it would on a DVD.
You cant control the direction, it's random, so you cant use it to send information. You have to set up a classical channel, and in that classical channel you tell them how to piece together the information in the quantum channel to get the message.
The value in this is that with these entangled photon's we can transmit data across any distance instantaneously. From here to anywhere in the universe.
No, you cant. It would violate relativity and causality.
These quantum communication systems require a classical communication channel, which is restricted to the speed of light.
By all means, suggest to us a way to encrypt a website that doesn't involve SSL.
If you're only worried about form values, e.g. passwords, and dont mind if it's javascript-only, you can use a javascript implementation of public key encryption. I used this RSA one on our site until we got SSL working.
Exactly, what happens when you run an AMD chip under both IDs? or an Intel?
As TFA mentions, we cant test it. AMD and Intel lock the CPUIDs on their chips. VIA doesnt. I do think AMD should do some testing in-house though, as I'm sure they could change the CPUID themselves. Though I wouldnt be surprised if they'd already tried this long ago. I know I would have. And if there were major discrepancies, we probably would have heard about it by now.
actually... somewhat. Not the desktop environment itself, I dont think, but KDE applications. I wasnt able to get it to work when i tried it a few months ago. it might be working better now.
The relying party (the asking site) contacts your open id provider directly. So yes, if this is done over HTTP rather than HTTPS, you could use a DNS attack to break it.
Behind the scenes, the relying party and OpenID provider establish a shared key using Diffie-Hellman. After the user authenticates with the provider, he comes back to the relying party with a message that says that he has authenticated. Key parts of the messages are digitally signed with the shared key, and the relying party has to verify the signature.
The Diffie-Hellman part is optional, but most providers use it. If the relying party fails to establish a key with the provider, then when the user comes back with the "I'm authenticated" message, the relying party sends that message to the provider and asks the provider to verify that it's true.
You could also use an XRI (for example, =yourname). They're kind of bizarre, and some relying parties might not support them. Also, something like =yourname will usually cost you $12/year. But something like =self*yourname would be free, because there's a free service that owns the XRI =self.
OpenID eliminates the need for multiple usernames across different websites, simplifying your online experience.
Note the key phrase "eliminates the need for multiple usernames". That means not needing an accound at MySpace, Facebook, or Livejournal to message a friend.
That's not entirely true. It might've been the goal of OpenID to eliminate the need to have different accounts on different sites, but in reality it only eliminates the need to remember different usernames and passwords. Relying parties could still require you to fill out a form to sign up the first time you log in with your OpenID. There's a chance you'll need to choose a username, and maybe even a password. The only difference is you wont have to remember them.
For example, if yahoo is your openid provider, you would enter http://openid.yahoo.com/cortesoft. Right off the bat, you already have to enter a ridiculously long user id.
It's unfortunate that you used Yahoo as an example, because actually with Yahoo you only need to enter yahoo.com. In this case, your actual OpenID isnt given to the relying party until after you authenticate with Yahoo. This isnt very common though, most providers do make you type out your actual OpenID.
Slashdot Mirror
They took issue with the first clause because, with the current patent situation in the US, anyone could be violating someone's IP rights and not even know it. The 2nd clause, because it's kind of redundant. It's already against the law, why put it in the license?
If you're suggesting that the site should be tying the cookie to an ip address, then I have to disagree. I've done just that, and I discovered that it's a very bad idea. Not just because some people have a different ip address from one session to the next, but because some of them have a different ip address from one page to the next. For example, there are some ISPs that send GET requests through one address, and POSTs through another.
you're probably thinking of Epiphany, a fork of Galeon. They're apparently switching to WebKit.
Galeon uses Gecko, not WebKit.
Actually it works very well. I've had 9600GT in SLI for a few months now, and I've never had a problem with a single game (and i play a lot of games). It's been an incredibly wise investment. It was $300 at the time. Not even the $600 8800 Ultra could match the performance of these 2. Yes, if you dont have an SLI capable mobo, it may not be worth the money, but I did.
Also, you're only looking at one game. COD4 at 2560x1600 did worse than the single gpu, and it's an anomaly. If you check the next page, you'll see that Quake Wars increases in 78% with SLI, and the page after that shows UT3 increases by 82% with SLI. And, on page 4, notice the 3DMark06 scores: in 4 of 5 tests, scores were doubled.
It's not always wise to go SLI, but with the 9600GTs it certainly is. For the price, it's an decent card by itself, but put together you get high-end performance for mid-range price.
SLI is not worth it, its broken on many games and it makes a minor performance increase when it does. Going for a 9800 isn't worth it, the extra price is far more than the extra performance. $130
Not true. As Tech Report's review shows, an SLI 9600GT consistently gets roughly 75% more FPS than a single in COD4, Quake Wars, Half Life episode 2, and UT3. The only game they tested that didnt have a significant increase was Crysis at 1280x800, but at 1680x1050 it had almost a 50% increase.
An SLI 9600GT is amazing performance for the price.
There's actually a pretty widespread problem upgrading to Hardy, where it hangs at "generating locales". In fact, in Firefox, if you select Google from the search at the top right, start to type "ubuntu upgrade", then scroll down, you should see both "ubuntu upgrade stuck generating locales" and "ubuntu upgrade locales" out of the roughly 10 suggested searches. (not my searches, the suggested ones.)
It doesnt necessarily mean it was Thawte, though. From an earlier article:
It's a little vague, but it might mean that a lot of CAs have this checkbox.
Even if you used IPs, you could still be vulnerable to ARP cache poisoning. But ARP poisoning is more difficult, because I think the attacker needs to be on the same LAN as the victim or the server.
The guy was able to buy a certificate for Microsoft's login.live.com, from an undisclosed CA that's trusted by IE by default, because he checked a box saying it was only going to be used for internal use.
Please reveal the CA. They need to be shut down.
keep in mind that's not a real crysis shot. for 1, that scene was never in the game. 2, it's dated a year and a half before it was released. 3, it looks like crap. look at the missiles at the left. that's not crysis.
Indeed. $21 more to be exact. You can upgrade to a Core 2 Duo E4600 for another $60.
I've noticed the same thing, with HD-DVD. While HD can look great, it can also highlight flaws. In several different scenes in various movies, you can tell there's a problem with one of the cameras, because all of the shots coming from a certain position are noticeably grainier than the others, to the point where it actually looks worse (IMO) than it would on a DVD.
which is why browsers come with the CAs' public keys cached.
You cant control the direction, it's random, so you cant use it to send information. You have to set up a classical channel, and in that classical channel you tell them how to piece together the information in the quantum channel to get the message.
The value in this is that with these entangled photon's we can transmit data across any distance instantaneously. From here to anywhere in the universe.
No, you cant. It would violate relativity and causality.
These quantum communication systems require a classical communication channel, which is restricted to the speed of light.
By all means, suggest to us a way to encrypt a website that doesn't involve SSL.
If you're only worried about form values, e.g. passwords, and dont mind if it's javascript-only, you can use a javascript implementation of public key encryption. I used this RSA one on our site until we got SSL working.
Exactly, what happens when you run an AMD chip under both IDs? or an Intel?
As TFA mentions, we cant test it. AMD and Intel lock the CPUIDs on their chips. VIA doesnt. I do think AMD should do some testing in-house though, as I'm sure they could change the CPUID themselves. Though I wouldnt be surprised if they'd already tried this long ago. I know I would have. And if there were major discrepancies, we probably would have heard about it by now.
mod parent up!
since when is "because that's what the government decided" a valid argument, especially on slashdot?
but does it run on windows?
actually... somewhat. Not the desktop environment itself, I dont think, but KDE applications. I wasnt able to get it to work when i tried it a few months ago. it might be working better now.
The relying party (the asking site) contacts your open id provider directly. So yes, if this is done over HTTP rather than HTTPS, you could use a DNS attack to break it.
Behind the scenes, the relying party and OpenID provider establish a shared key using Diffie-Hellman. After the user authenticates with the provider, he comes back to the relying party with a message that says that he has authenticated. Key parts of the messages are digitally signed with the shared key, and the relying party has to verify the signature.
The Diffie-Hellman part is optional, but most providers use it. If the relying party fails to establish a key with the provider, then when the user comes back with the "I'm authenticated" message, the relying party sends that message to the provider and asks the provider to verify that it's true.
You could also use an XRI (for example, =yourname). They're kind of bizarre, and some relying parties might not support them. Also, something like =yourname will usually cost you $12/year. But something like =self*yourname would be free, because there's a free service that owns the XRI =self.
Note the key phrase "eliminates the need for multiple usernames". That means not needing an accound at MySpace, Facebook, or Livejournal to message a friend.
That's not entirely true. It might've been the goal of OpenID to eliminate the need to have different accounts on different sites, but in reality it only eliminates the need to remember different usernames and passwords. Relying parties could still require you to fill out a form to sign up the first time you log in with your OpenID. There's a chance you'll need to choose a username, and maybe even a password. The only difference is you wont have to remember them.
For example, if yahoo is your openid provider, you would enter http://openid.yahoo.com/cortesoft. Right off the bat, you already have to enter a ridiculously long user id.
It's unfortunate that you used Yahoo as an example, because actually with Yahoo you only need to enter yahoo.com. In this case, your actual OpenID isnt given to the relying party until after you authenticate with Yahoo. This isnt very common though, most providers do make you type out your actual OpenID.
Wow, that's evil, even for malware authors.