27 posts • joined 11 Jan 2011
If you're going to commit US tax fraud, as you described when you discussed hiding (putatively substantial) offshore assets in contravention of US FATCA regs, then why bother with such arcane machinations? You've already accepted that you're committing fraud, so just lie: just make up some inflated costs/expenditures, or just decide not to report income.
Blatant lies are easy; the exercise only becomes nontrivial when you attempt to twist the interpretation of the law in order to be able to argue what you are doing is legal.
The layer references are to the OSI Model. A layer 7 attack means the DDoS is interacting with their web application, rather than further down the protocol stack. For example, a typical DoS SYN flood is at layer 4 (transport) and is less sophisticated / potentially easier to filter.
So now with this "amazing new feature" I will need to create an corporate IT-grade user security policy for my family computers? Right now, family members can share a common user session on the living room PC and not have to worry about other people casually snooping their email, etc. They just logout/close the relevant browser window and walk away... because the login passwords are secret and not saved. Browser-level passwordless, persistent SSO breaks this.
What's that you say? "Don't use Persona then"? No argument from me—I just hope it can be disabled by policy. Anything to mitigate the opportunity of strife at home...
China only has a monopoly on willingness to pollute
Rare earths are unfortunately named: they aren't rare. The only reason China currently has a "monopoly" on world production is that mines in other countries have all shut down due to difficulty complying with environmental regulations. The standard rare earth mineral extraction process is quite polluting.
In effect, all other countries have exported their pollution to a willing China in exchange for extracted rare earth minerals. Thus, the "worst" China can do in this trade war is to cause other countries to relax their environmental regulations, whereupon those countries' domestic rare earths reserves will come back online.
Not exactly the "high tech device apocalypse" as the media prefers to portray it.
I am waiting for the version with offline mode
This game sounds like it wouldn't be suitable for my purposes. I have been playing the franchise since 1995, but I won't accept always-on DRM or play a game that won't work in 10 years when they decide the servers are too expensive to keep running.
As a nice bonus, the version with offline mode will be made available for free and will have no DRM!
It's probably too much to ask
...but I would have definitely appreciated it had he cleaned the dirt from under his fingernails prior to recording that segment.
It's really quite revolting.
"Fair" two-way extradition treaties...
I can certainly understand why the apparent "leverage"/inequity in the US/UK special relationship seems abusive. Even as an American, I would tend to agree with you, based on what little I have read about it (solely in non-US press, mind).
However: as an American, I have to say this doesn't even register on my list of concerns. I'm far more concerned about the trajectory of our imperial presidency that started with FDR. Today, we have a President who asserts the right to perform extrajudicial executions of US citizens he doesn't like (by drone). We have a judiciary that upholds this, including the President's assertion that he can keep secret the rationale about why he can/has "legally" killed citizens at his whim, without allowing them recourse to the courts. Furthermore, we now allow the President to suspend habeas corpus; we have national security letters that bypass the judicial warrant system; and just yesterday the VP asserted that the President could implement gun control via executive order: ie. creating law without Congress.
So, I sincerely apologize if my government is bullying your government. I wish this were the worst injustice caused by my government, but instead we seem hell-bent on erasing rights that have been part of our heritage since the Magna Carta.
300 TB HDDs are waiting in the lab, but are being suppressed by the marketing dept, eh?
I bet they store them on the shelf next to the 100 mpg carburetor and the Ark of the Covenant.
Dying to make batteries?
I guess the plants die to enable the dyeing process...
A desirable job...
Securing the opportunity to perform the job of waving a red flag in front of a spaceship is definitely an elating experience for the new hire.
However—and no one has ever explained to me why—it seems that despite the job being so coveted, no employee ever performs the job twice. I've tried to contact these fortunate few, but it seems they are quite hard to meet after they have led their spaceship through reentry.
All I get are voicemails or disconnected notices when I call. No doubt they are screening calls. Such haughtiness is disgusting, really...
I predict the following:
1) These guidelines will receive just as warm a welcome within the industry as the Do Not Track initiative has enjoyed within the online advertising community, and will be similarly ignored.
2) Eventually, some malformed, loophole-ridden, feel-good legislation will be passed to "protect consumers", but will offer little actual benefit to the population. (cf. the massive changes brought about by the EU cookie directive)
3) Some federal agency will establish a department specifically to police this industry, but it will immediately succumb to regulatory capture by the large market players.
4) The government will require access to all of this data via some form of CALEA-like legislation. In order to protect us. And for freedom and stuff.
Yes, yes: I know I'm going really far out on a limb with these farfetched prophecies... (*cough*)
Agent Smith, CEO of Carbonite, was quoted as saying
Tell me, Mr. Anderson... what good is unlimited backup space... if you're unable to access it?
@"Drunk neighbor" fallacy
It's not quite that simple.
RF physics implies that there will be a bleed over effect into neighboring frequencies (any finite-time signal has necessarily infinite bandwidth). So, even with the best possible bandpass filters on GPS receivers *and* Lightsquared transmitters, some RF energy is going to bleed out into neighboring bands via harmonics of the fundamental frequency.
Normally, this isn't an issue because, for example, one TV station is transmitting roughly as strongly as another. However, when it comes to GPS and Lightsquared's proposed ground stations the Lightsquared signal was roughly a billion times stronger than GPS signals. Hell, GPS signals are already often below the thermal noise threshold which makes them hard to receive even without spectrum neighbors bleeding over into their spectrum.
Also, one cannot neglect that tighter bandpass filters inescapably lower the pass through signal, so just throwing out "well, put better filters on the receivers" is not as simple as it sounds because they will make it even harder to isolate the GPS signal. Don't presume that the GPS receiver engineers were just lazy, drunk monkeys who didn't pass undergrad RF engineering classes.
Lightsquared thought they could pull a fast one on the laws of physics. There was a reason they got their spectrum allocation for incredibly cheap. The FCC raised an eyebrow when Lightsquared claimed they could make this work, but let them try anyway. They failed. Had they bought more appropriate spectrum we wouldn't be having this discussion, but Lightsquared tried to be speciously clever instead.
$5 million "damages" is unfair on Apple?
Perhaps so, but you forget this is a class action lawsuit. That means that approximately $4,990,000 of the $5 million will go to the law firm representing the plaintiffs and each member of the class will receive a $0.49 iTunes Store credit.
Furthermore, Apple may *actually wish* to settle, because a lawsuit that is granted class action status seriously abridges the rights of the class (ie. one must opt *out* instead of opting in). Therefore, if Apple settles this class action it should prevent any other suits like this from being raised in the US.
"Oh, you're upset about in app billing too? Didn't you get your 49 cents that we deposited in your iTunes account that buys our way out of any future lawsuits about this unless you went through the onerous process to opt out of the class years ago? Great, all settled then! Have a nice day!"
I have found the opposite to be true.
I have been on both sides of the table over the years: as the interviewer and as the applicant. I've also done consulting contract negotiation on both sides of the table.
I believe the party who makes the first bid is at a disadvantage. If you are hiring and you bid first, the applicant will almost always ask for ~5% more. However, if you get them to bid first you may find their number was 25% less than you were prepared to pay. This results in significant savings and gives you budget room for granting future raises to keep the employee happy. Same general principle applies to consulting contract negotiations.
As always, there is a possibility that the parties can't come to terms if expectations don't overlap, but that's ubiquitous in negotiation.
This is going to be another SCO v IBM, isn't it?
Fun fact: SCO Group is *still* pursuing IBM after nearly a decade, despite losing every case, going bankrupt, etc. Check the timeline on Groklaw.
LightSquared has taken the first steps down this evil path by laying off 45% of its workforce in advance of this lawsuit. Soon they will become like SCO Group: once these companies make the decision to lay off all their technical staff, they become shambling, brainless zombies that will never produce any valuable product again.
However, these ghouls instinctively feel an insatiable urge to feed, and thus their dead hands file court action after court action against the living.
Yes, the blueprints for the Saturn V exist and the launch facilities are still there. However, the supply chain is gone. NASA would have to find a way to source hundreds of thousands of different, obsolete parts. It would be far less expensive to design a new rocket from the ground up than to build another Saturn V, so the idea is infeasible.
Incidentally, this principle also applies to the Space Shuttle. Vendor supply chains have been shut down, parts inventories liquidated, and engineering teams at subcontractors have been laid off. This was even becoming an issue while the Shuttle was still in service... you may remember reading in 2002 that NASA was buying old computers off eBay in order to scavenge the 8086 processors from them for use in the Shuttle computers.
"NASA's mighty Saturn V [...] is capable of 3,400 metric tons."
Given that there is no feasible method for the US to ever construct another Saturn V, surely this would have been better stated in past tense, eh?
As for Mr. Liang's comment, "China lagged more than 10 years behind the United States, Russia and Europe in the development of large-thrust launchers, and should not repeat the mistake in heavy-thrust launchers," perhaps his assistants should advise him of the history of the 1960's space race. It's a somewhat too late to try to be less than 10 years behind in developing heavy lift vehicles.
Of course, for the paradoxical win, China may end up being simultaneously 50 years behind *and* 10 years ahead of the USA in this regard--given the state of the US space program.
This just in...
"Technology firm's cofounder confident that his technology will prevail over the competition! Film at 11."
"We must [...] verify if human beings can live in space."
Was something lost in translation or has the Chinese astronaut corps been under a rock since, well, before it even existed?
This rationale ranks lower than "we want to do it for the lulz."
...offers app permission control. This gives the user "line item veto" control over app permission entries. Of course, this yanks the rug out from the app; how the app responds depends on how gracefully the developer coded for the permission failure.
For example, I installed Shazam but found it undesirable to allow the app to retain the "Read Phone State and Identity" permission. I disabled that one and allowed the rest; however, upon launch, Shazam reported a connection error despite the phone having full internet connectivity at the time.
Other apps seem to take being neutered in stride, so YMMV.
"I hereby call on the industry leaders to help sort this out,” Colebourne wrote. “IBM, Oracle, Apple, Google, RedHat I'm looking at you."
...you called down the thunder, now reap the whirlwind.
"Why are they making Thunderbird 7 *BETA* the official mail client?"
Well, my guess is that they are hoping that maybe, *just maybe*, that Mozilla Thunderbird 7 won't have gone from beta to EOL by the time Ubuntu 11.10 is released next month.
They probably should have gone with 9.0 alpha to ensure support through the end of the year, though.
The Black Death
My understanding is that when 1/3 of Europe died in the Black Death, the surviving population "inherited" much of the capital infrastructure, farmland, etc. Suddenly the "pie" was split fewer ways, if you will. There is a sharp, upward trend in per-capita income that begins around 1350, so, conveniently, the provided data doesn't disagree with my proposed explanation.
Also, I believe this is approximately the time that the middle class began to emerge (Flemish merchants spreading the meme to other countries, et al).
Then again, I am an American, so perhaps someone more intrinsically familiar with your history can debunk my postulate.
"By itself, a key-fob is not a secure solution in the current environment. "
I understand what you are saying, but I am reminded of the Voltaire quote: "The perfect is the enemy of the good."
OTP mechanisms like keyfobs go a long way to reduce the security effects of phishing attacks. My RSA SecurID token "protects" my credentials quite well... even if my username & password are phished, the credentials are useless after 60 seconds without the corresponding number from the token. Any security exploit would require live session hijacking (as you described), which is a rather complex, unwieldy vector of attack.
Will an OTP mechanism protect you against shadowy intelligence agencies willing to expend significant effort to target your interactions with a specific website? No, probably not.
Will an OTP mechanism confound the overwhelming preponderance of phishing attacks? Yes, quite certainly.
I am reserving judgement about Intel's specific OTP implementation. I prefer the airgap I get from the external keyfob—not to mention that their implementation seems inelegant for reasons that other posters have already described. However, if they manage to popularize it and the system makes a dent in phishing attacks against the populace then that would definitely be a win for all of us.
Controlled Payment Numbers
Does this meet your criteria?
"Typically, a controlled payment number has a limit, and an expiration date between two and twelve months from the issue date, both chosen by the account owner, and while it can usually be set up to allow multiple transactions, it can only be used with a single merchant. This 'alias' number is indistinguishable from an ordinary credit card number, and the user's actual credit card number is never revealed to the merchant."
I don't have to worry about my billing data being breached, because the most they will get is a card number that only works with the merchant/vendor in question. It also helps to keep merchants on a tight leash, because they cannot sneakily charge more than the limit that I allow.
As a bonus, CPN's act as an indirection layer. I got a new CC account number last year due to a massive data breach at some undisclosed card processor. However, all my recurring billing had been setup via ShopSafe controlled payment numbers. These continued to work, and BoA just updated them to point to my new account number. No fuss.
I understand that having one's name and billing address exposed is very irksome. However, I use indirection for those as well: a PO Box billing address and a Google Voice phone number. With GV, I can route specific callers to spam and/or create a whitelist-only system for callers, sending all others directly to voicemail.
As others have commented, the supersonic crack contributes a significant portion of the sound in many scenarios. Subsonic .22 LR has very low kinetic energy and is quite marginal for most purposes.
While most calibers can be rendered subsonic by simply adding less propellant to the cartridge, it would ideal to partially compensate for the lower speed with greater mass. Most 9mm bullets are 90 - 120 grain, while .45ACP bullets mass up up to about 230 grain.
Almost all .45ACP rounds are subsonic by default, so my suggestion would be to use a single-shot type action .45ACP platform for one's suppressed pistol needs (preventing the slide from cycling [ie. single-shot] will eliminate that noise factor). Regardless, it's just more convenient to use off-the-shelf ammo than have to load your own custom rounds, and that makes .45ACP the clear winner for this purpose.
Don't forget to run your suppressor "wet" for additional sound reduction. Notwithstanding, nothing is going to make a suppressed pistol "Hollywood quiet", so expectations need to be realistic.
- 'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
- Crawling from the Wreckage THE DEATH OF ECONOMICS: Aircraft design vs flat-lining financial models
- Moon landing was real and WE CAN PROVE IT, says Nvidia
- Apple's iPhone 6 first-day sales are MEANINGLESS, mutters analyst
- Bargain basement iPhone shoppers BEWARE! eBay exposes users to phishing vuln