http://www.ringwoodbiology.co....

or take your pick...crop to hearts content...

http://www.bigstockphoto.com/s...
http://www.bigstockphoto.com/s...

Yes, its a suitable image. But its not uniquely suitable. Any of thousands of other images are equally suitable.

Hell, I could recreate the pose with a volunteer model (wife), 10 minutes, and trip to the thrift shop for.

Of course.

You read it in a class where the controversies raised are a central part of the education about american history and american literature.

I respectfully disagree. I wouldn't ban it from the curriculum. Its perfectly appropriate for an American Lit curriculum.

However, if I were teaching calligraphy and wanted to give them practice exercises with n's and g's What possible reason is there to justify selecting "sand nigger" as their practice words? Yes, there are n's and g's ... but innumerable other options are equally suitable to satisfy that objective, There is no reason to select an ethnic slur. Because its a calligraphy class... and we want to focus on calligraphy... brush strokes and technique. You want to focus on how to draw the letters, not get overly distracted by what the practice exercises actually say.

In a class where you want discussions about the book selecting a book that is both suitable for the course (american english lit) incites discussion makes sense.

In a CS image processing course you want discussion about rasterization, antialiasing, edge detection...not on the ethics of porn. Why would you select an image that originates with porn? Its not like there is a dearth of suitable photos to choose from.

My response to THAT issue was in the first part of my reply, to wit: that there is no particular reason to use that image, and that I'd select a different one.

I haven't bought into this bullshit. I don't think the image is the least bit profane.

I have however bought into the unequivocal fact that the image draws controversy and discussion unrelated to teaching computer science.

If I were a teacher, and i wasn't interested in that discussion and controversy distracting the class, I'd pick a different image. Its not like there is any thing technical about that image that makes it especially useful as a test case.

Great points. A good topic for a philosophy course; but it's not computer science.

You've got it upside dowm. I run systemd on emacs.

Peak pricing is based on peak demand. If someone buys a battery to try and get abitrage between peak and offpeak pricing they can.

However as soon as you try to scale it up and "everyone starts doing it" it doesn't work.

Each person that adds on lops a little slice of how much is needed at peak, and adds a little sloce to how much is needed off peak.

Think about that. As soon as enough people jump on the bandwagon the offpeak demand rises and the peak demand falls to equilibrium and the prices will equalize and there will be no more price arbitrage.

So, short term, yeah, it might makes sense - you might even break even or come out ahead depending on how things go. As backup power for your home, maybe it makes sense.

But long term though, I speculate the power company will simply deploy its own industrial scale batteries for a fraction of the price per kwh stored than will be available to me at home and use that to smooth things out at their end. And then peak pricing and off peak pricing will move to equillibrium.

First thing to remember is that this is not someone who lost their job, it's a boss being rejected by his employees. That is a very special and unusual kind of situation, where normal power relationships are inverted. You can't really say the person in question is being oppressed here.

So if a company rejected their boss for agreeing with same-sex marriage, if the rest of the company was by and whole against it, I wouldn't be happy about it, but I would not claim they had done anything morally wrong (beyond to whatever extent I think holding such an opinion is morally wrong).

So what you're saying is, nobody has ever had freedom of speech?

Thanks for clearing that up.

This is not a freedom which exists, especially since it makes no sense at all.

He did not.

Bad guys have to set the evil bit; the software checks whether or not it's set. Really people, we've thought this through.

Good solve! :) Strictly speaking, it would have been O18.9Neon as I was truncating rather than rounding atomic weights.

That was my thought too. And even that algorithm was relatively simple; requiring the user memorize just a couple simple rules and either know the periodic table; or have ready access to one (which is trivial) in the event he needs to "regenerate" a forgotten password.

I -used- to use techniques in the same general category as this for password generation... but after a few breaches and other forced password change situations it became irritating because I could no longer use the password the 'system' generated with some sites. I switched to using a password manager with random passwords on most sites.

I still use a 'system' for some sites I use regularly and/or have to enter the p/w manually instead of being able to use copy/paste.

I memorize a simple password for each and then some apply some ciphers and transformations to it. So losing one to a phish isn't a threat to the rest, and I can change it easily since it isn't based soley on the domain name.

But it's only suitable for a smallish number of sites; since I still have to remember a basic password.

And honestly, at this stage I feel the so-called security questions (that anyone who knows you can answer) with email or SMS recovery mechanisms are the weakest link. As these are both fairly easy to intercept; especially if you know the target.

Your criticism amounts to "If it doesn't completely solve the problem for everybody its no good." and that is false.

Yes some will switch to various simple password patterns t.password for twitter... f.password for facebook... or maybe fb.password... etc. That's still an improvement. Even simple patters require some effort to break.

Some fraction will use a harder patterns that aren't immediately obvious. That's an improvement. Lets say my password is "stupidgdog" for google. Maybe your automated phishing tools will try stupidfdog on facebook... but maybe not.

Some fraction will use a slightly harder pattern.

Lets say I use stupidgHdog as my google password. My new pattern is still simple. its "stupid" + "first name of domain" + "next letter in alphabet capitalized" + "dog"

With just one sample, are you really sure your automated phishing tools going to figure out that facebook is: stupidfGdog ? And twitter its stupidtUdog?

And that's still pretty lazy as passwords go.

Some smal fraction will take the hint and use much harder patterns. That will take several fished passwords for the user and probably some human eyes to figure out. This is an improvement.

Lets say my google password is: C69.7Germanium what's my facebook password?

Here... I give you twitter on this pattern too: N47.8Vanadium.
With 2 samples passwords you've got enough of a pattern to try and brute force it... letter + 3 digits + element... 26* 1000 * 118... 2.6 million passwords to try.

Very doable if its a targeted search on a particular user... but your probably not going to spend the time looking at each fished password and then write a script to do that specific search... for just one random user. Probably.

And some fraction of people will switch to using a password safe or something, and thats an improvement too.

Fair enough. Still...

"Password Alert is also available to Google for Work customers, including Google Apps and Drive for Work. Your administrator can install Password Alert for everyone in the domains they manage, and receive alerts when Password Alert detects a possible problem."

The intersection of administrators who might think its a good idea with end users that use the same password on other sites might be large enough to be at least a little bit fun.

Yeah, if it were integrated with something like password safe or password gorilla or keypass etc.

Or I suppose it could be tied into the A/V products which already have anti-phishing extensions -- McAfee for example, already has a password safe and antiphishing ... seems almost a no-brainer for them to integrate them in this way. The password safe component could dump a list of hashes and domain names and if you try entering a password that matches the hash throw up an alert. And then maybe flag the page for A/V's phishing lists so if a page is generating alerts like crazy visitors it can be blacklisted -- preventing other users from even reaching the domain/phishing page.

Put on the popcorn and wait for the fireworks show that arises when people who use the same password they use for google on other sites.

Still its an interesting idea, that might be usable in a general purpose extension that maintains hashes and URLs and then hashes every input box and compares it to the databse / urls -- and if it finds a hash match but the URL is wrong throw up an alert.

Way more useful than a google only one that only works in chrome and only when you are signed in.

No good reason for Grandma to use Chrome anyway, or anyone else for that matter.