Wasn't that precisely the idea that "The protocol could be tested via a website that allows users to create, retrieve and decrypt sample messages that conform to the protocol - which also demonstrates communication across human cultural boundaries" was addressing?

Pretty easily, at least in this case. The root servers provide these name servers for .kp:

kp. 172800 IN NS ns2.kptc.kp.
kp. 172800 IN NS ns1.kptc.kp.

which are both located on the same class C:

ns1.kptc.kp. 86400 IN A 175.45.176.15
ns2.kptc.kp. 86400 IN A 175.45.176.16

Which generally is indicative of the same network segment. I guess North Korea doesn't have a need for a particularly robust internet infrastructure, so there's a good chance there's just some servers listening on those addresses and no fancy load-balancing or anycast routing going on, and very likely they're at the same physical location.

If either of those stop responding to queries, then resolution of anything under .kp will fail.

Umm... I think I get the point you're trying to make, but you basically implied that this congresswoman deserved to be shot because she didn't answer a question.

That's pretty sick.

Specific questions are difficult to scale though. It works well against normal users (who only have their own resources at their disposal), but if you're running a captcha-breaking business, you have a lot of people with the ability to access a centralised database and customised software. They probably can't make a program smart enough to 'watch' an advert and answer arbitrary questions about it or correctly interpret an idiomatic expression, but once one of their employees has worked out the answer, the question/answer pair gets added to the database and that particular question can be answered by everyone else without thought - or even by software without any human interaction.

The only solution to that is to increase the number of questions so the database hit-ratio becomes very low, but that's quite hard to do. Most such questions will need to be written by a human rather than machine-generated, so it quickly becomes more expensive than just deleting the spam. Plus, there's typically a limited number of questions you can ask, especially if you consider that the questions need to be simple enough for legitimate users to be able to answer.

This page lists major donors to the state Government's flood relief appeal. There are some resources amongst the list.

Even if we give him the benefit of the doubt, what he's basically saying is that brick and mortar stores are a very inefficient and expensive way to provide goods to people. Rather than improve their efficiency or allow the market to kill off the old and no longer useful ways, we should artificially inflate the cost of more efficient methods of providing goods to people, so that all the methods we have available are equally inefficient.

From a short-term perspective, keeping the jobs etc. sounds good. Long-term though, this sounds a bit like the broken window fallacy.

I think the key difference is that the proposition that tiny creatures too small to see cause illness and that killing them with heat will stop them from doing so is something that is testable and verifiable. Also, while I don't know and, like you, can't be bothered finding out the details, I suspect Pasteur didn't go from "milk is white, how pretty!" to "I bet there's tiny bugs in there that make us sick but we could probably kill them with heat!" in one step. More likely, he already knew that for some unknown reason, heating milk before consuming it reduced the likelihood of certain illnesses. That knowledge, combined with other knowledge, resulted in a hypothesis that there were creatures in the milk that were so small they couldn't be seen with the naked eye causing the illness, and that heating the milk killed them. Again, that's a hypothesis that can be tested in various ways.

If Pasteur's claim was that tiny creatures in milk might cause illnesses, and that heating the milk may or may not kill them, and if it does, it may or may not prevent them making us ill, and in fact they still might manage to make us ill even if we don't drink the milk at all through mechanisms I've not yet figured out, then he'd still be right (about the tiny creatures, at least)... but what value is that to anyone? A statement that is true has no value in and of itself: if a neanderthal man conjectured a 100% accurate model of the universe, it wouldn't have done them any good since they lacked the means to prove it was correct. There'd be nothing to set that correct model apart from the incorrect 'models' of superstition that others were positing. A truth that cannot be verified is no better than an untruth that cannot be verified.

On a different note, I think your point was that we shouldn't mock people who come up with extraordinary claims because they might be right. But history is full of examples of people making extraordinary claims and being mocked for it, who are able to back up those claims with evidence, thus proving themselves to be right and silencing those that mocked them. Humankind has been mocking those who make extraordinary claims probably since we were capable of making such claims. Extraordinary claims require extraordinary proof in order to be taken seriously; it's a strategy that has worked very well for us for the entire history of humankind. Why should we change now?

If someone makes an extraordinary claim and not only doesn't provide evidence for that claim, but fails to provide a testable hypothesis that someone else could use to prove or disprove the claim, then they deserve to be mocked. Possibly the claim itself ought not to be, but the person making it does. Such claims contribute nothing of value to anyone, so we may as well get a laugh out of it.

That's not really true. The technology is there and almost certainly works as well as advertised, but there's almost always been a requirement for the pilot to positively identify the enemy before firing upon it, and that usually requires visual confirmation. Very few air-to-air kills have been made at beyond visual range, for this reason.

The theory behind the missile-fighter design was that you'd lock up the target at way beyond visual range and down it with missiles. I think that's how most people perceive modern air combat, in fact - tag a blip on the radar display, fire a missile and excitedly call Fox Three over the radio, wait for the blip to disappear, go home for dinner. In reality, the rules of engagement almost always require the pilots to visually identify hostile aircraft before firing upon them. So the missiles may be very effective, but shooting blind at radar contacts is a bit of a no-no. And once you're close enough to see the enemy, you're probably too close for the longer range missiles to be effective, plus there's a high risk of the missile accidentally locking up a friendly if you shoot into a furball.

So dogfighting capability was returned to the aircraft design and pilot training in a really big way. In the case of an all-out war scenario, the risk would probably be deemed acceptable and the ROE would be relaxed and you'd see a lot of BVR combat taking place, but we're unlikely to see that happen (fingers crossed).

I think you missed the point of the analogy. Our daily lives are full of things that were once newfangled technology that many people resisted and demonized, saying it would destroy this-or-that aspect of society. Most technological advances don't destroy all that much, and many have provided enormous improvements in our quality of life.

HFT may be new, but people will certainly be studying it to see what effects it's having, and incremental adjustments to it will likely be made to try to maximise its benefits while minimizing its drawbacks. While I tend to agree that new technology tends to improve things, it's also worth remembering that most new techs also bring new problems. So just because HFT may have some negative impact on the market, that doesn't mean it's not overall an improvement. Just like the introduction of the automobile saved us from the pollution and sanitation problems of horses, but brought with it problems in the form of exhaust gasses. And the electric car will solve that problem but create others, and so on...

It's not just a black and white "this new tech is good" or "this new tech is bad" - every time we solve one problem, we usually create another, but that's the very nature of progress.

The main reason for having clear quotas is to allow the ISP to estimate for bandwidth usage. As another poster said, it's not the total volume that really matters, but the peak rate of data flow. By saying "you can download up to X GB this month", over a large number of customers, you get fairly predictable usage patterns. If you say "you can download X GB whenever you like" to a large number of customers, you get very difficult to predict usage patterns, which means that provisioning sufficient bandwidth for peak usage becomes difficult.

The 'ideal' solution would be for the ISP to provide a real-time view of their available capacity on each of their transit links, and for users to self-regulate their traffic. If the usage is below say 50%, then you can download as much as you like for no fee. As the utilisation increases, those who have already used a lot of bandwidth get a lower quality of service, unless they pay an increasing fee for "premium" bandwidth. That way, if you're a low usage type of customer, you can just use the internet whenever you want and get full speeds. If you're a high usage type of customer, you can monitor the available capacity and reduce your usage during peak periods, go nuts during low usage periods, and pay a low fee. Or, you can pay heaps and go nuts all the time.

The reason that solution won't work is because most people wouldn't be able to understand what the heck was going on, and many of those who did understand it really can't be bothered with that kind of micromanagement. So, a periodic quota provides a kind of in-between point which is easy enough for users to understand (especially if you provide nice graphs and such) and which also gives the bandwidth provider a reasonable stable and predictable usage pattern.

The problem with this is that it's difficult to identify who's at fault if a download drops. Why should your phone company have to pay more because you're trying to download from a site that's unreliable and keeps dropping offline? What if the download failed due to user error, e.g. moving outside of the service area during it? What's more, even if you do manage to establish clear rules, trying to prove whose fault it actually was after the fact will be very difficult.

Yep, and this is in fact what I do with my home internet connection: non-critical downloads are kept aside until toward the end of my billing cycle, at which point I let them loose since I don't particularly care if I end up shaped for a few hours before the quota resets. But again, this is predictable behaviour which makes network capacity planning easy.

On the other hand, I have a 1 GB quota for my phone which I never get anywhere near (lucky to break 100 megs) and I've never tried to maximise my usage of that... but my phone isn't my primary internet access mechanism, so I guess the psychology is a bit different.

I think there's a step missing in your logic.

If someone asks me why $RANDOM_SPORTS_STAR dedicates so much time and energy to playing some particular sport, and I say that in my opinion I think they do it because it's fun, does that mean I think playing that sport is fun? If so, how do you explain the fact that I don't play that sport? Why would I willingly deny myself fun? Maybe, just maybe, I'm actually trying to put myself in the shoes of someone else who thinks differently to me, and enjoys things that I don't enjoy. It's entirely possible I think someone plays sports because it's fun, even though I personally don't find it to be fun. In the same way, I tend to assume people listen to operas because they enjoy them. Personally, I find them unpleasant to listen to, but that doesn't mean I'm incapable of understanding that other people do in fact actually like them.

The rest of your post is kind of hard to follow, but I think the general gist is that people see videos of soldiers acting like soldiers, and infer that they actually enjoy killing other people. You say it's very common for people to have that naive view because they don't really understand what the soldiers are going through and what they have to do in order to cope, and that the people who better understand the realities take steps to avoid "the masses" from seeing such things because they know it'll be misinterpreted.

Yet you seem to have dismissed the possibility that Julian has a similarly naive view and thinks that soldiers do it simply because they think killing people is fun, and instead decide to infer that his statement that he thinks soldiers do it because they think killing is fun actually means he himself thinks killing is fun. But if that's the case, why didn't he enlist, or at least become a serial killer?

The exploit is clever, but very poorly hidden. Maybe the idea was to hide in full view: people will look at it and decide it could never evaluate as true, and so leave it in place so their hacker will stop trying to add more exploits. They're trying to trick the attacker into thinking they already have an exploit in the code, while chuckling to themselves that it could never work. Haha, jokes on you, Mr Black Hat!

But, all you need to do is overflow a buffer in order to drop the memory location of that particular string into the Password pointer. The backdoor works!

But how would throttling the repetitive requests help? The whole point of DDoS attacks is that the attack requests aren't trivially distinguishable from legitimate traffic the site wants to serve. (For naive attacks they probably are; but in an arms race, the requests will just be modified to be harder/impossible to distinguish from real sessions). If the routers start throttling all traffic to the site under attack then it can no longer serve legitimate requests. Mission accomplished: service denied!

An additional problem is that this requires companies to invest resources to protect other people's networks.