I'm guessing this discovery was the result of someone taking a shower after some kind of urine-related lab prank...

So you're saying that their "detect tampering" protocol fails to protect against a "just dumping noise into the air" DoS?

I do grant you that if you can't hear the AP, you could be fooled into connecting to the MITM posing as the AP. But that's kind-of outside the scope of the protocol. This protocol is ensuring that the key you get from the AP comes from the AP you requested it from. If you can't hear the original AP, then you haven't really requested a key from it, but from the repeater.

That's more of an identification issue than a 'packet modified in transit' issue.

The point is that you can't make a second overlapping noise pattern without changing the first. You can't yell anything that turns an existing yell into silence.

You're bitwise-anding all the yelling together, and only if that validates the key you got, do you trust it.

So MITM can't yell while the router's yelling unless its hash starts the way the router's ends (and it knows this in time and starts yelling at the right time) or the client will see a bad hash, tear down and try again.

And if the MITM yells _after_ the router, then it's too late, the client has already gotten a key with a valid hash yelled with it, and is secure.

And if the MITM tries to drown out the yelling (or the key) from the router, the client can see this unusually long yell, and know that a key was being sent at the time, and will tear down and try again.

This was on page 2 of the article...

Easter Eggs may be cool. Easter Eggs your QA team, management and people who're actually customer-facing don't know about are less cool. Easter Eggs that blow up in your face, introduce vulnerabilities, or simply surprise the users of industrial control systems (used in nuclear reactors at that!) are pretty uncool.

This one was of the second type, and not (as far as we know) the third type.

It does reflect a concerningly non-professional attitude to the development of an industrial device, in my opinion.

I was going to suggest iFolder, but this post's already here. I like it because I set it up, handed it off to a non-IT person to run, and only hear a complaint when someone shuts down the server.

It's basically a dropbox workalike from user perspective, as far as I can tell. With cross-platform client support to boot.

Well, except one bug involving a user with admin privileges somehow removing all owners for a particular folder. You can still use it, but can't access it with the admin interface. There's a data repair I've never managed to apply...

But yeah, overall, very happy with it. The main Debian pain is to do with Debian's mono-apache integration setup getting in the way, if I recall correctly. I ended up turning that off. ^_^

It might explain it, if your expectation is that a human in that situation would be moving. (Breathing, blinking, twitching occasionally)

Note for example the "corpse" dot on the graph in the article.

This only applies to certain laws, where pre-existing agreements... exist *cough* to keep the relevant laws in sync between states and territories. It just happens that the classification system is one of them.

http://www.ag.gov.au/www/agd/agd.nsf/Page/Committeesandcouncils_Ministerialcouncils_StandingCommitteeofAttorneysGeneral

No. We are talking about a _change_ in the government-mandated censorship of games to match that applied to the film industry.

Because they have agreed not to, in order to keep things relatively in-sync. The individual implementations do vary state-by-state. For example, you can't sell or demonstrate RC video games in the ACT, but you can certainly own and play them. In WA (I understand) it's illegal to even own RC material.

It's a state issue because everything is a state or territory issue except that limited set of things listed in the constitution. (One of these limited things is what makes "customs" a federal issue, which is why the customs rules are tighter than any state or territory's on RC material, but once it's past customs, those rules are irrelevant) So the federal government cannot make a law about classification, the best they can do is create and issue codes and guidelines. Which they do. It's a very similar thing in traffic law. We now have a national traffic law code, but each state must codify (and amend as they see fit) that code into their own law.

I'm going to guess "a self-charging UAV with tiny cameras on board" is what you are angling for here... But the sentence itself is a travesty. Worse than using a passive form to remove blame, this appears to be using the second person to try and make me feel involved in reaching the conclusion the writer has already decided I should reach, and hence turn idle speculation into some kind of supported conclusion in my head.

Thank you, but I can do my own mind-reading without needing to be prompted.

That's last year's similar effort. This article's talking about the new WG proposal under the same name, described at http://www.ietf.org/mail-archive/web/homegate/current/msg00821.html

Wikipedia says it's up to the IOMMU to enforce this. http://en.wikipedia.org/wiki/Thunderbolt_(interface)#Security

The only other discussion Google turned up was either http://erratasec.blogspot.com/2011/02/thunderbolt-introducing-new-way-to-hack.html or people republishing, reprinting or rephrasing that post.

http://www.abc.net.au/rn/linguafranca/stories/2010/3007980.htm has a reference to the linguistics details of what I was recalling poorly, with details more accurate than mine. And of course, Wikipedia has something about this too: http://en.wikipedia.org/wiki/Kuuk_Thaayorre_language

Nothing about the indoors stuff though.

In studying linguistics, one of the examples we were given was that Australian languages don't generally have "left" or "right" but describe everything in cardinal directions. If I recall correctly, there were experiments done that found that Australian Aborigines could tell cardinal directions even inside a windowless room in an entire other hemisphere (i.e. Northern hemisphere) from their home. I don't recall if this particular ability was considered miraculous or simply neat, and of course we were interested in the linguistic aspects of the idea, not the actual "sensing North" part of it.

Maybe this is how they did it?

Actually, according to the article at http://www.bankofcanada.ca/wp-content/uploads/2011/06/spencer.pdf (linked from TFA) under "Related Information" Canada will be the first country to embed a stripe of holographic foil in a transparent area.

They also have a transparent area that shows the denomination when held in front of a point light source, but they don't clearly specify if that's a Canada-unique feature.

From the same article, Canada is buying the substrate (with said security features) from Note Printing Australia, and printing the notes themselves in Ottawa. So I doubt these features will remain uniquely Canadian, but will show up in future currency designs using this substrate too.