Forgot your password?
typodupeerror

Comment: Re:polite - yet cutting and informative (Score 1) 1501

by Meriahven (#44294565) Attached to: Kernel Dev Tells Linus Torvalds To Stop Using Abusive Language

Speaking of the swearing capabilities of the English language, this particular porcelain-contained weather anomaly actually originated with Linus having to revert to Finnish when trying to find a powerful enough curse to suit the particular level of stupidity in the transgression being addressed at the time:

https://lkml.org/lkml/2013/7/13/132

And because you were about to ask, "perkeleen vittupää" as an idiom translates to "you fucking idiot", while a more literal translation would be: "In the name of the overgod, you are a cunthead". Finnish is kind of expressive in that particular area :-)

Comment: Re:Ars Technica Lnk (Score 1) 385

by Meriahven (#39363817) Attached to: FBI Tries To Force Google To Unlock User's Android Phone
<Offtopic>

/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i

You of course know the answer already, since you posted the quiz in your sig, but I though it might be fun to post the quiz in a more explicit form, so that more people have a chance to participate. So here goes:

What is the difference between these two groups?

Group A

  • .startdot@example.com
  • two..dots@example.com
  • twodots@example..com
  • enddot.@example.com
  • startdash@-subdomain.example.com
  • enddash@subdomain-.example.com

Group B

  • ipv4@[127.0.0.1]
  • ipv6@[IPv6:CAFE::BABE]
  • !#$&={|}~?^/@example.com
  • user@localhost.localdomain
  • "quoted"@example.com

Three point hint: it has to do with RFC 2821.

One point hint: out of the approximately 200 000 people who have implemented a way to pattern match an email address, approximately seven have ever actually bothered to read the RFC.

</Offtopic>

Comment: My bank's got it right (Score 2) 284

by Meriahven (#36385406) Attached to: Court Rules Passwords+Secret Questions=Secure eBanking

My bank's site requires three things to authenticate me:

1: a user code, 8 characters of randomness generated by the bank (something I and the bank both know)
2: a password, at least 8 character of not-very-randomness generated by me (something the bank can check without actually having to store it)
3: a four-digit number from a printed wallet-size list of one-time codes generated by the bank (something I have)

The password used to be also generated by the bank, but they came to their senses; now that I get to choose it myself, even the clerk who created my account (and possibly caught a glimpse at my one-time password list in the process) does not know everything that is needed to authenticate as me.

The extra trouble is, of course, the exchange of the one-time code lists. This they do by mailing me a new one when there are ~20 unused codes left in the old one, and then I just need to log in to their web site, give the id of the new list, and confirm the list change by a code from the old list.

Not nearly as high-tech as SecurID, but works like a charm.

Comment: No explicit right to free speech? (Score 1) 200

Since Australia is a member of the UN, the right to free speech is quite explicit there too.

Universal Declaration of Human Rights, Article 19:

Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers.

Comment: Re:L/100km? (Score 1) 417

by Meriahven (#35026388) Attached to: Volkswagen Unveils 313 MPG XL1, Slates Production For 2013

an improvement from 10mpg to 11mpg is a much larger improvement in fuel consumed than going from 40mpg to 41mpg

Interestingly, the difference in fuel costs for 10 to 11 MPG is even bigger than the difference between 40 to 44 MPG. (proof: assume that the distance is 440 miles. The respective amounts of fuel are 44, 40, 11 and 10 gallons)

But whichever way you place a fraction, the divisor will be the one to throw anyone's intuition off, so it is equally easy to cook up a situation where thinking in liters/100km will mislead you:

If your budget allows you exactly 100 liters of fuel a month, then an improvement from 10 to 9 liters/100km will give you as many extra monthly kilometers as
    a) an improvement from 5 to 4 liters/kilometer, or
    b) an improvement from 5 to 4.5 liters/kilometer?

Solution: Neither. The respective distances are 1000km to 1111km, 2000km to 2500km and 2000 to 2222 km.

people suck at math.

Exactly.

Comment: Re:L/100km? (Score 1) 417

by Meriahven (#35025736) Attached to: Volkswagen Unveils 313 MPG XL1, Slates Production For 2013

Why not km/liter, which is a much more convenient format for any sort of day-to-day use ...

It does not really matter. There are three situations where you will ever need the fuel consumption stats, and in each one of them both ways are just as easy to use. I used MPG instead of km/liter below, since the two are conceptually equal, but the former makes for easier reading as it is a commonly used unit.

1. Comparing the fuel economy of cars
        bigger MPG is better
        smaller liters/100km is better

2. Computing the fuel costs for a given trip, when you cannot use the "top up before you leave, top up again at destination" method
        divide the trip length by MPG to get gallons
        multiply the trip length by liters/100km to get liters

3. Estimating whether you can reach a destination without refueling. This is the only case which you'll typically have to do in your head, since you are driving. Therefore you want to avoid division, which is difficult to do this way. However, both systems will cope easily:
      multiply remaining fuel by MPG to get your range, and compare with remaining distance
      multiply remaining distance by liters/100km (division by 100 is easy) to get required fuel, and compare with remaining fuel.

In the third situation both methods involve only a multiplication of two small numbers, so even if you cannot calculate the correct figures, it's easy enough to hit the correct ballpark with either method.

There does not seem to be a real difference between the convenience of the systems in day-to-day use.

Comment: How much should a content provider pay? (Score 1) 226

by Meriahven (#34256092) Attached to: UK Minister Backs 'Two-Speed' Internet

It seems slightly silly to me that the content providers have pay for their network access in order to offer their services, which they usually do for free. A contentless net is a useless net, so it would seem reasonable that a content provider get their connection at very cheap prices, at least. Of course this will never happen, but let's say, for argument's sake, that Google started to aggressively renegotiate their peering agreements. It would seem that anyone not willing to peer with them at dictated terms would be left with an unsellable Google-less Internet.

The smaller content providers obviously cannot do anything so straightforward without at least uniting their power first, but if they ever did, I think the ISPs would be the ones to fold first, after all they have to sell _something_ to the home customer.

Naturally, that would mean every web page instantly becoming uselessly heavy with ads and no concern for bandwith usage, so let's hope they never get around to it.

(Full disclosure: I work at a company that hosts several relatively large web services.)

Comment: It's easy to overthink even in the simplest cases (Score 3, Insightful) 394

by Meriahven (#34006966) Attached to: Taco Bell Programming

I once had a pair of command line tools that both printed lists of words (usernames, actually, one per row), and I wanted to find out how many unique ones there were. Obviously, the right hand side part of the pipeline was going to be something along the lines of " | sort -u | wc -l", but then I got utterly stuck by the left hand side. How can I combine the STDOUTs of two processes? Do I really need to resort to using temporary files? Is there really no tool to do the logical opposite of the "tee" command?

You are probably thinking: "Oh, you silly person, that's so trivial, you must be very incompetent", but in case you aren't, you might want to spend a minute trying to figure it out before reading on. I even asked a colleague for help before realizing that the reason I could not find a tool for the task was quite an obvious one: such a tool does not exist. Or actually it kinda does, but only in an implied sense: what I was hoping to achieve could be done by the humble semicolon and a pair of parens. I only had to put the two commands in parens to run them in a subshell, put a semicolon in between, so one will run after the other is finished, and I was done. I guess it was just that the logical leap from "This task is so simple, there must be a tool for this" to "just run the commands one after another" was too big for my feeble mind to accomplish.

So I guess the moral of the story is, even if you want to use just one simple tool, you may be overthinking it :-)

Comment: Re:It appears to be safe. (was: Re:Not running it. (Score 1) 488

by Meriahven (#33635970) Attached to: Linux Kernel Exploit Busily Rooting 64-Bit Machines

Do you inspect and thoroughly understand every update that your distro suggests

Of course not. This is because it is considerably more difficult to compromise a distro's packet distribution system than it is to compromise or spoof a website. Tricking my browser should be even easier.

Things might have been different had I spotted any kind of digital signature (or even a checksum) anywhere near the download page, or if the download had even originated on a SSL verified server. This is very likely to be because of incompetence of the guys running the site, but on my list of reasons for adding things to the kernel, incompetence is not exactly on the top.

Comment: Re:It appears to be safe. (was: Re:Not running it. (Score 5, Informative) 488

by Meriahven (#33632610) Attached to: Linux Kernel Exploit Busily Rooting 64-Bit Machines

Is anything bad going to happen to you if you compile and run that C code? As far as I can tell, no.

You are very likely correct in thinking that adding yet another anonymous recommendation on the internet will make more people run the code. However, this is Slashdot, where the users are slightly more security aware than on an average internet site.

You see, If I were to attack all those nifty linux boxen out there, what would be a better attack vector than advertising your exploit on slashdot, which is known to accept almost anything on the front page, and yet is very likely to contain the biggest active linux user community on the nets? By looking at the code it seems obvious that the tool contains enough binary code to contain an exploit or three. If it is never used in a malicious way, it is somewhat difficult to say. So, outside a security lab setting, it is hard to tell if the provided code is not the exploit itself. Definitely "You are probably getting hacked right now! Check for viruses for free!" has been one of the more common attack vector against Windows users.

Whatever the case, I would not recommend running code that looks like this:

static char dis4blens4sel1nuxhayettgdr64545[] and
static int wtfyourunhere_heee(char *out_release, char* out_version)

"It's curtains for you, Mighty Mouse! This gun is so futuristic that even *I* don't know how it works!" -- from Ralph Bakshi's Mighty Mouse

Working...