1134 posts • joined 6 Sep 2007
It may be a big deal for some, for me this means change of platform. This I'd rather stay with previous generation Xeons E5 v2 running in "old" LGA 2011 socket with 64GB of DDR3 I already have (and do not use - but it was relatively cheap!).
.... but I will remain sceptical until open source implementation appears and is merged into both BSD and Linux (and Windows just for laughs - we all remember NetBEUI and NWLink, right?)
Took me few years to learn to do it properly, but in last 5 years it's been pretty good, with Macap and Dalla Corte. It was expensive to buy, but is cheap to run. Just top it up with freshly roasted coffee beans, remember to check water level and keep it clean.
Icon for how I look before my first coffee (where did I put the filter?)
must be French
they wear berets and eat frogs (sort of)
what if ...
... password replacement policies were based on time needed to brute-force an existing password? Say, you are new employee about to set your network password first time (because the one you received on welcome, comes with "must change" setting). You try "Password1" and since this is "cracked" by validator in real time it is not even accepted, since check for minimum password complexity can be run synchronously, as soon as you press Enter. So you try something a bit more complex and it is accepted, but within few hours or few days you receive an email explaining that you need to change your password again because it has been deemed too weak by automated password complexity assessment (i.e. cracked by security team). This comes with obligatory picture borrowed (legally, of course) from xkcd and a longer explanation about how password complexity works. Sounds like pain?
But here is a good part: if you read the instructions carefully, you will figure out how to set a password that you won't ever have to change (bar emergencies). You simply make it complex enough!
Now, if only one password was needed at work ...
Re: Fair play...
POWER8 has comparable set of instructions.
all good points
Now I'm waiting for good professor to produce alternative system. Or at least start productive discussion about design of such a thing. Should I hold my breath?
Actually no, it makes sense. Apple suffered reputational damage as soon as the first class action suit was brought. I'm too lazy to see how this original suit affected the share price but I'd hazard a guess that there was some dip. Now a shareholder are asking for compensation for this dip.
It's fair game, given that (due to lack of dividend) the only way to profit from Apple shares is to sell them, which makes shareholders more sensitive to share price moves.
Re: Who takes the picture?
I think the problem here is the definition (or lack of it) of what is significant enough contribution to work, to make it pass copyright test.
It might be that in the case of actually lost camera, there is no "significant contribution" on the side of camera owner.
It might also be that in case of Mr Slater, the camera was not lost but made ready for simians to use and also that he made significant contribution by first setting up conditions for pictures to be taken and then removing all blurred photos afterwards, selecting good ones and preparing them for publication. To me this seems like nontrivial endeavour.
My guess would be "for performance reasons". You can gain quite a lot of performance by avoiding context switches, but in the context of networking classical layer model makes that difficult. You may want to either to move network drivers to user mode, or move application APIs to kernel mode.
I honestly can't say what FB would do, but I know what I would want to research given objective to improve performance of network stack.
this is big
congratulations to all involved, very impressive!
Re: Sounds potentally very good.
No it wouldn't. Even if the RAM chips could achieve that type of speed, the long wires of the memory bus could not
... hence HP work on photonic connections between memory and CPU, alongside with work on memristors.
Re: Sounds potentally very good.
Abstract of actual paper gives sub-50ns switching speed which is very good, but IIRC (corrections welcome) memristors are promising sub-10ns latencies. While sub-50ns is excellent, sub-10ns is revolutionary, as it would allow CPUs to drop cache memory.
Of course both technologies are in early stages. Perhaps RRAM will put a little more pressure on HP to develop memristors right (or provide them alternative to switch into, if they fail to do it), so this development is encouraging even if one is cheering HP efforts.
I could of course force the streams to recombine via the use of proxies, VPN
yes you could, and while we are at it, can you pls remind what's wrong with obligatory VPN to access corporate network? I know it's not exactly free, but c'mon it just plain sense.
Paris because I'm just the same puzzled.
Re: I'm shocked
This is provably not true, and the evidence is winged flying pig behind my window and snowballs flying from large, hot and red crevice in the ground below.
Our political masters seem to be trying to do something right, and in doing so they agree in principle with Google.
This is unthinkable, I must be living some alternative reality.
I imagine this dialog:
Cameron: amateurs ...
it's all hot air
Hm, picocells .... can those work with SIP?
Now I want SIP phone gateway which would be also 2G picocell for my home, to make my SIP numbers available on my mobile when I'm at home and allow me to make (cheap) SIP calls automatically from my mobile. Because, honestly, SIP handsets rather crappy.
Re: Do we need more original research into proprietary hardware?
These guys are planning to disrupt the market, before declining hardware curve drives them into the ground. This is good plan. Also, software has a tendency to expand to fill all available hardware, while occasionally delivering new important technology - so it is actually worth inventing new hardware to allow these new software technologies to be invented.
For example: massive parallelism still hasn't found good software solution, because existing model based on critical sections does not scale with program design (it forces tight coupling), while transactional memory might scale, but is inefficient due to poor hardware support.
This one is on me.
It took all my willpower not to downvote you, but the weird thing is - I do not know where did that came from.
Should I believe in human-induced global downvoting trend? What if some disaster happens before it's too late?
So many questions ... thus icon.
Re: it's a step backwards
You got it backwards. It also does not help that one has to pivot the tables to actually compare anything. Here is handy table:
Model 1500 Pro, M2: active 140mW, idle 55mW, sleep 0.2mW
Model 2500 Pro, M2: same as above
Model 1500 Pro, 2.5": active 195mW, idle 125mW, sleep 5mW
Model 2500 Pro, 2.5": active 165mW, idle 55mW, sleep 5mW
You are welcome.
Hah, the math makes sense, so my "arguable" turns into "definitely wrong". Thanks for proving it!
Re: Password Managers?
Wasn't there a post the other day stating that they were also insecure and open to hacking?
They are IMHO, a single point of failure.
Yes, there was. Useful research but in case of LastPass , it's a FUD. The problems discovered have been fixed last year.
Although of course, it is risky to put all eggs in one basket, and I'd love to have something better to replace all these passwords. For now though, password manager used in a correct manner seems to be the best solution.
Re: Password Entropy
There are two problems with this 1. plenty of password fields have an unreasonably short limit on a number of characters in a password, thus preventing use of a reasonably long passphrase 2. it is arguable whether a passphrase (build from dictionary words) actually has large entropy, since it can be brute cracked simply in (dictionary size * variations)^(small N) tries, rather than characters^(large N)
For goodness sake, use icons as appropriate. I was thinking "joke alert", but changed my mind ... because your comment might very well be spot-on.
... I might be tempted to filter IP traffic at home, but under following conditions:
* I own the box which does the filtering
* I decide what is being filtered
* I decide which of my home computers are affected by the filtering and which are not
* The box supports both IPv4 and IPv6
Anything else - f* off, it's my network and I decide what enters it.
Re: Please tell me I'm wrong...
Speaking about contract law, you might have spotted phrase similar to the following in contracts "if any clause of this contract is found to contravene local laws or be unenforceable, only such clause will be deemed void, while the remaining clauses of the contract will remain valid and binding", or to such effect. This is to prevent the whole of the contract becoming invalid if any of its clauses is found illegal. How does it happen that some clauses are deemed to contravene local laws? Because laws were made to protect citizens, for example by making it illegal to sell your body parts. Such laws are made by lawmakers, subject to government initiatives.
Now, if a company was to make a business model as an "agent for direct acquisition from donors and selling of human body parts for transplants", any contracts signed under such business model would be deemed invalid. Now, imagine what happens if companies are given the right to sue lawmakers for a reason that laws are hurting their profits. This means that companies can now shape the laws in their favour in order to maximize the profit, and this also means that they can legally force lawmakers to remove such laws which make the above mentioned business model illegal and invalid!
Welcome to the world where companies can force governments to remove laws which protect citizens, if such laws happen to hurt profits.
Re: What is cruft, what is security, and can the LibreSSL programmers tell the difference?
It's been "fixed", by seeding RNG with your private keys. Thank you for such "fix", I'd rather not see something like this in a program I am using. Especially since OpenSSL is unable to provide a guarantee or verify that RNG subsystem is indeed trustworthy one and won't steal your private keys.
Remember, no library can fix security flaws of the underlying operating systems - at best it can work around them. If you want an illusion of security by deploying ever more elaborate workarounds that's your problem, but I'd rather leave it to people who know about security more than you do (or OpenSSL team does).
Re: Code size
No, they wouldn't. Code size is not the only thing that matters - coupling is the same, if not more important. Think of it as the possible number of permutations in a group of elements (elements being design artifacts, ie. functions in C language). In a design with qualities of a hairball (anything connects to anything), the number of possible permutations can be huge, despite the total number of lines "merely" going into many thousands (below million). In order to understand it, you need to read it all and then build mental model of everything there is. That makes for very high barrier to entry.
The purpose of good software design (each language provides own design tools for this, in case of C that would be private headers, static functions etc.) is to control and lower the number of possible connections, thus lowering the overall complexity and the cost of reading and contributing code - despite total code size remaining roughly the same, or perhaps even slightly larger (depending on design tools used).
Of course, LibreSSL didn't set to increase the codebase with design artifacts. They set to remove all dead code first, which obviously is a very good way to start such a project. They are also limited by public API of OpenSSL which makes lots of private functionality available to users unnecessarily. But they are to a good start and I wish them well, enough to setup monthly donation.
massive rock, you say? Something's wrong with my eyes, I read that word differently first time
I think this is the most interesting bit here - they are going to support containers (i.e. kind-of virtual machines) running inside actual Linux virtual machines running on top of Windows.
the question is ...
will it work with IPv6 ?
Re: Very unclear
rm "Important File.ows" "shellscript.sh" "My \"Expenses\".ods" "-rf"
When writing C (or C++) program parsing parameters like the above, you will find that the last parameter "-rf" was passed by shell to your program without surrounding quotes. Thus this gained nothing :(
Of course you might be advocating that quotes surrounding parameters should be passed to program (also when put explicitly by the user) but I'm not certain that this is good idea. For one, how do you pass a filename starting with quotes to your program and make it understand that these quotes are part of the filename, not a decoration?
It is up to program to decide what is filename and what is option.
Re: Very unclear
The problem is parsing of filenames by traditional unix utilities, since "everybody" knows that if a filename starts with dash (i.e. - ) then programs will parse it as if it was an option. That's why some programs support -- after which everything will be interpreted as filename, even if it "looks" like an option.
As for actual vulnerability .... well if you are running shell scripts as root and these use globbing, and it never occurred to you that users might have files starting with a dash ... now it time to start checking these scripts.
Re: positively surprising
I tried to use OpenSSL in my own home project, and like everyone doing it I had to read some parts of the code, because it is very poorly documented. If you do C or C++ programming for a living, reading this code will yield a stream of "WTF" because the code quality is really, really bad. I do not remember much detail, but my impression at the time coincides with what you can read on OpenSSL Valhalla Rampage now. Tons of dead code, even more useless macros, plenty of unintuitive functions incorrectly replicating functionality of C library, support for long dead platforms, everything done on unsafe pointers with fancy allocators etc. Above all, I was really bewildered that this seemed to work. Didn't have time to dig deeper beyond making my project to use it in somehow correct manner.
This is surprising news and I hope they sincerely mean what they write. If indeed OpenSSL sticks to the plan to remove dead code and cleanup the rest, and also to improve its processes and response times, it would be great. In fact, that is exactly what the project needs
However I would not expect publication of a timeline any time soon. I do not think it is possible to tell how long it would take to clean up the mess that the code is right now, without spending significant time studying all the dark corners there are. Which is fine - take your time, but do it right.
OpenSSL demonstrated to the world that they take the critique seriously, now they need to demonstrate that they know what they are doing. Which means hard work and is good use for the money pledged to the project so far.
condolences to family and friends.
Re: Own goal!
.... my email is not arriving today either, but I would not connect this with Microsoft.
Re: No E-Voting cannot be democratic
on the other hand, if voting was to be performed at the pooling station but replacing paper vote with computer terminal, it would certainly speed up vote counting. At the expense of making it vulnerable to vote manipulation in which case proof such as this might be helpful.
as much as I hate EU
... I must admit that its competition commission seem to be actually doing useful job. Hope they show some teeth this time!
(no text here)
well, all right
so what they tested basically was that in the presence of strong relativistic field (black hole, for example), wave function of a quanta can be replicated, without it collapsing first.
Re: Alternate control method.
Ah yes, there is distinct lack of bearings around the axle mounting the wing. However, given the temperature in which this has to function (some -60 Celsius) I am not sure that this is a bad thing. Low temperature grease is the most important thing here, and forcing it inside bearings (to avoid any trace of water which would freeze) might be difficult.
Re: "Bad gas ... Artist's impression of a black hole"
Black holes are very messy eaters, some 40% material escapes it, and it is this escaping matter which is illustrated. Wikipedia article shows impression on a black hole in empty space (and very close, too), but this is not the the case here.
wish them all the best
I have private BB with keyboard and it's really great device for emails and messaging. I feels little long in tooth now, but I just do not want to switch to touch-only devices. Q10 missed some features and I hope they can fix it.
Also, I really hope that BB will continue to develop and support this great real-time and POSIX compatible OS which is QNX. But to do that, they need to survive.
well, that is exactly what Apple PR will say:
With the new and revolutionary soldered memory chips, we give our users guarantee that no bad memory modules can be installed in the machine, first time in the history of IT industry
Re: Im in.
Ah, right. Overdrafts (and any other kind of lending for account owners). That's one thing such a bank wouldn't have.
This is obviously competitive disadvantage, but would it scare customers away? Perhaps not. The difference between such a bank and teapot is that you actually cannot rob a bank which keeps all the money at the central bank. I guess that someone might like this extra security.
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Infosec geniuses hack a Canon PRINTER and install DOOM
- Game Theory Half a BILLION in the making: Bungie's Destiny reviewed
- Review A SCORCHIO fatboy SSD: Samsung SSD850 PRO 3D V-NAND
- Was Earth once covered in HELLFIRE? No – more like a wet Sunday night in Iceland