The problems with OpenSSL aren't actually in the crypto parts. libcrypto is pretty solid, although the APIs could do with a bit of work. The real problems are in the higher layers. In the case of heartbleed, it was a higher-level protocol layered on top of SSL and implemented poorly. It was made worse by the hand-rolled allocator, which is also part of libssl (not libcrypto).

OpenSSL is quite shockingly bad code. We often use it as a test case for analysis tools, because if you can trace the execution flow in OpenSSL enough to do something useful, then you can do pretty much anything. Everything is accessed via so many layers of indirection that it's almost impossible to statically work out what the code flow is. It also uses a crazy tri-state return pattern, where (I think - I've possibly misremembered the exact mapping) a positive value indicates success, zero indicates failure, and negative indicates unusual failure, so people often do == 0 to check for error and are then vulnerable. The core APIs provide the building blocks of common tasks, but no high-level abstractions of the things that people actually want to do, so anyone using it directly is likely to have problems (e.g. it doesn't do certificate verification automatically).

The API is widely cited in API security papers as an example of something that could have been intentionally designed to cause users to introduce vulnerabilities. The problem is that the core crypto routines are well written and audited and no one wants to rewrite them, because the odds of getting them wrong are very high. The real need is to rip them out and put them in a new library with a new API. Apple did this with CommonCrypto and the new wrapper framework whose name escapes me (it integrates nicely with libdispatch), but unfortunately they managed to add some of their own bugs...

If by 'any deal' you mean 'any contract' then they generally do come with either unlimited texting or quite a lot, but that's not true for pre-paid plans, which have made up the majority of the market for the last few years. I'm currently with Three, and they charge 3p/min for calls, 2p/min for texts and 1p/min for data - I'd have to spend a lot of time on the phone to come close to the cost of the cheapest contract plan, so they really only make sense for people who use their phone for business, or who haven't worked out that the 'free' phone that they get is really a loan at 50+% APR to buy a phone. For 2p, I can have one SMS or 2MB of data. The latter is enough to keep an IM connection open all day, so I can see the attraction of things like WhatsApp, especially since you can switch to the desktop version whenever you find the keyboard too limiting.

And that's not counting the fact that you can use WiFi when you're somewhere where roaming is expensive, which is the only reason I still have a SIP client installed on my phone: It's cheaper for me to make calls to the UK from the UK over the mobile network, but when I'm abroad (outside one of Three's Feel at Home countries) it's often a lot cheaper to use SIP. Sending text messages abroad is very expensive, but using WiFi is usually free.

No prepaid plans in the UK come with unlimited texting. You can generally buy a bundle that includes it, but a bundle that provides more data than it's easy to use on a smartphone (without tethering) is generally cheaper and allows you to use email and the web as well as IM apps. I generally pay £1-2/month, and it costs as much in terms of data to have an entire day of IM connectivity as it does to send one SMS.

There's a lot of politics and BS involved, right of way costs and such. Also issues of older infrastructure. The US had widespread cable and phone back before many countries, and as such there is this lethargy with companies to just try and use what's already there rather than put in all new stuff that works better.

However one thing to be careful of when you look at your Internet is how the backhaul is. Something I've observed with a number of the "really fast, no limits, very cheap," networks is that they are basically a big WAN. They don't have the backhaul to the rest of the Internet to maintain those speeds. So big speeds to your neighbours, and your ISP, but not so much to the world.

If you do speeds tests, make sure you test to something not on your ISP, and a decent bit away. That gives you a more realistic speed test. Good internet in the US tends to be fast too all places like that.

For example I pay $100 per month (about 72 Euro) for 150mbit/20mbit Internet, with burst speeds up to 180mbit. Testing to a server in town here, I get that, actually a little over, 183mbit. Testing to a different provider in another state, about 550km away, I get 175mbit. Testing to yet another provider across the country, around 3000km away, I get 140mbit. So I get the speed promised, to a diverse amount of networks. The backhaul is there to support my connection. That is part of the cost.

Not saying it isn't for yours, just check if you want to compare it to US Internet. I've seen more than a few cases where big numbers to the home aren't backed up by big pipes to the Internet. So the speedtest server at your ISP gives you amazing numbers, but one on a different datacenter a few hundred klicks away is much slower.

By that logic, the Nazis who killed Jews were just doing what they were hired for. Fuck you and your fallacious logic.

I will add that their numbers look different from work I've seen before, and use a more ambitious methodology than I would use. They want to run the entire launch using the magnetic system. This has some serious issues that make it harder IMHO - not that I know much. I believe it would be much easier to justify, finance, and build a system that replaces most or all of the first stage, which is where about 90% of the mass and propellant is spent. Just getting to Mach 5 uses up to 90% of the required fuel at present. It would also eliminate the entire cost of the first stage, replacing it with the cost of electricity, plus wear and tear on the magnetic launch carrier (which could be re-used.)

This approach would not require the high 30G acceleration (which eliminates use for living things) nor the super-long 130km launch track of the MagLaunch system. It would be cheaper and easier to build. This would be a 5G to 10G system with a 50KM track, going up the Andes at the Equator to an elevation of as much over 14,000 feet as can be arranged, with a 5km/s exit velocity if I recall correctly - this would require some work to make a vehicle that could survive such high speeds at relatively low altitudes. At 14,000 feet the air pressure is about 1/2 STP, and at 28,000 it's about 1/4 but there's no satisfactory location that goes to 28,000 feet. But this is getting into highly speculative numbers.

Interesting, thanks. I wasn't aware of these folks, and I'm pretty sure the rest of my partners in Space Finance Group aren't either. We have run several successful Kickstarter projects, including for the National Space Society and The Liftport Group (Michael Laine of Liftport is one of the partners in SFG). We recently completed the rewrite of a business plan and 'pitch deck' for another space launch company. We are also working on equity funding mechanisms for space development, although we're not quite ready to 'go live' with that.

So if these folks are for real, we might be able help them get where they want to go! I'll be contacting them. If anything pans out, you'll be able to say, "I helped them get there." :)

My personal opinion:, while the more 'standard' methods like SpaceX, XCor, Virgin, Blue Origin, and the many more exotic projects like Skylon, etc. (too many to list) are important and will be essential for at least the next 10-20 years, IMHO magnetic launch technology has the best long term potential for reducing costs. I don't think the "Gen 2" version that these folks propose will happen within 100 years if ever. That level of exotic engineering requires a long, long evolution to get there. But a successful Gen 1 system is buildable "today" - by which I mean the engineering will take six to 10 years, and construction another six to 10! This is in the same funding range, again, as the LHC, or the Burj Khalifa - or the various sports-festival boondoggles of late. (These mag-launch folks estimate $20, which may be a better number - I haven't finished reading their material.) So it is in the range of the financial capability of many nations, especially if a few get together.

IIRC Brazil is spending about $6 billion by themselves to host the FIFA World Cup - imagine if they invested that $6 billion as one third of a joint venture space launch system that reduced the cost to LEO from $10K-$20K per pound to even $100 per pound. They could charge $1000 per pound and still be inundated with demand. Their investment could pay for itself in a few years and build a permanent employment base and probably hundreds of spinoff high tech industry facilities, instead of being a sunk cost for a few hours of football fun!

Let's promote the installation of a 5G-capable magnetic launcher (coilgun tech) that goes up the Andes in Ecuador! A 50 mile launcher using a tube that is evacuated of most of its air could replace most or all of the first stage of rockets going to LEO, cutting the cost of launch by 2/3. The technology and project scale are in the same ballpark / order of magnitude as the LHC, and would permanently alter the economics of space development. The last time an equivalent system was thoroughly studied was in the 1970s AFAICT, long before a number of major enabling technologies were mature enough - large superconducting magnets, various materials, control systems, etc.

Gut bacteria and virus have both been implicated in "mental" illness. Look up "Toxoplasmosis".

There's a reductionist orthodoxy, which views man as a brain on a stick - or a monkey driving a robot. Transplant the monkey in a new robot, and you have the same being. Only it's just not true.

Your entire nervous system is an extended "brain", in some regards. The entire "Me" that we have is a hive, and a colony of interdependence. Without getting all speculative or "holistic" examine mitochondria, for Pete's sake!

For the geek set: Luke is as much a manifestation of his midichloreans as he is a history of brain impulses. Put his brain in C3PO and you don't get Luke+Life Extension. You get a limited Luke simulacrum, able to replay Luke memory without new Luke experience or interaction. Plop his brain into Han Solo's body, and he will not be Luke anymore - He may be surprisingly like Han, with amnesia.

Is Scalia seriously suggesting police can act on a tip only after proving that tipster is telling the truth?

As much as I hate to find myself anywhere near Scalia (through he's joined here by Ginsburg, Sotomayor, and Kagan), police can legitimately act on a tip only after proving that a tipster is *likely* to be telling the truth. In this case, after following the car for five minutes and not seeing anything that gave them suspicion that the driver was drunk, there's no way that they could have reasonable suspicion this guy was a drunk driver. Given the documented existence of SWATing, anonymous tips cannot be considered credible grounds for intrusion into a person's liberty.

Interestingly, in this case the tip was not anonymous, but that fact wasn't brought up in the original prosecution and so the tip is dealt with as anonymous.

Lucky for Scalia most progressives still believe in elections, democracy, rule of law and that SCOTUS interpretation of the constitution is the only legal interpretation.

Really? You believe that most progressives believe that in 1857, no person of African descent could be a citizen of a state, despite zero evidence for this decision in the text of the Constitution? And that in 1896, states could comply with the equal protection clause via "separate but equal" bullshit? Well, it does seem that "progressive" has been defined downwards since Obama came into office.

Human rights, democracy, the rule of law, and SCOTUS decisions, are areas that overlap sometimes but not always. Genuine progressives put human rights before the others.

The last time I bought a dedicated device like this, I got a PC Engines WRAP, which is similar to the boards that Soekris sells. For about £100, I got a 266MHz AMD Geode (x86) CPU, a board that could boot from a CF card, and had 3 wired sockets and 2 miniPCI slots (with an 802.11g card in one), a metal case and a couple of antennae. That was quite a few (actually, almost ten) years ago.

The first search result has a similar kit for £139, which is a bit more, but if you shop around you can probably get it for cheaper. That includes a 500MHz x86 CPU and 256MB of RAM, so it will happily run most stock *NIX distributions, or something firewall-centric like pfSense.

No, you shouldn't, but the laptop is probably drawing something on the order of 60-85W and there's no reason why it couldn't get that from a power supply in the display, rather than a separate wall wart...

Thunderbolt doesn't do USB, however the fact that it does PCIe means that you can run a USB controller on the other end. You wouldn't want a Thunderbolt mouse, because it would require sticking a USB controller in the mouse as well as a Thunderbolt interface and a load of PCIe bus logic. USB is nice because the client component is relatively simple and can be made very cheap. It's also nice because there are a number of standard higher-level protocols built on top of it (e.g. HID for keyboards, mice and so on, DUN for things that look a bit like modems). Thunderbolt doesn't replace USB, it's the connection that you use between your laptop and the display or docking station that has all of the USB devices plugged into it.

With Thunderbolt, since it can carry two DP signals, you can plug in one cable to drive two monitors. Since it also carries PCIe, you can drive a USB hub and SATA controller and NIC in one display and also connect the keyboard and mouse and an external disk and network at the same time. Having the same connector able to deliver power would mean that you'd be able to drop a phone in a dock and have it gain access to all of those things and charge, which sounds pretty compelling to me.

We're also finding it useful because you can get PCIe enclosures so we can plug FPGA boards directly into laptops, rather than needing to have a desktop sitting under the desk doing nothing except exposing a high-speed JTAG interface, but that's a fairly niche use.