Forgot your password?

Comment: Rubbing alcohol vs. denatured alcohol vs. drinking (Score 3, Informative) 172

by billstewart (#46812967) Attached to: The Science Behind Powdered Alcohol

In the US, "rubbing alcohol" usually refers to isopropyl alcohol, not ethanol, and it's medical-use purity. And you can absorb alcohol through your skin, so you wouldn't want toxic impurities in it.

That's different from "denatured alcohol", which is usually some combination of ethanol and things that are bad for you, and it's the version that's not food-grade, it's paint-thinner-grade solvent.

The strongest distilled ethanol-water combinations are about 96% ethanol, which has a lower boiling point than pure ethanol; if you want to get it any drier than that, you need to add some kind of other organic solvent such as benzene, so that you can boil off the alcohol-water-benzene mixture at an even lower temperature, leaving the ethanol and less or no water. But you're not normally going to do that for food-grade alcohols, because you don't want any remaining benzene, and because 96% is too strong to be actually drinkable anyway; maybe you'd want a stronger alcohol if you wanted to dissolve some flavoring that's less soluble with the remaining water content, but 96% is usually strong enough to do the job pretty well.

Comment: Alcohol vapors and rapid drunkenness (Score 1) 172

by billstewart (#46812935) Attached to: The Science Behind Powdered Alcohol

I've occasionally heated up liquor to pour over a dessert before flaming it. Brought it to near-boiling in the microwave, and carrying it over to the table where we were going to serve it was ... entertaining. It goes right through your sinuses into your bloodstream, faster than drinking it, but I'd much rather drink it.

This powdered alcohol does keep telling you not to snort it; says it'll get you drunk but be unpleasant, and certainly with the flavored versions I'd expect that to be true. (Even with the unflavored ones, seems like a nose-ful of carbohydrates isn't really what you want.)

Comment: SSL speed used to matter a lot, still does (Score 1) 374

by billstewart (#46803215) Attached to: OpenSSL Cleanup: Hundreds of Commits In a Week

SSL has two parts that take a lot of time - key exchange using public-key technology, which just depends on the number of connections, and data encryption, which takes time proportional to the amount of data encrypted. Until the last few years, the key exchange time dominated, because public-key operations are slow and most use of SSL was for encrypting passwords, credit card numbers, or other very small chunks of data. It was pulling teeth to get a lot of sites to use SSL at all (though the whole Certificate Authority system is a lot to blame for that), and it was pulling teeth to get a lot of sites to encrypt more than just your login and credit card data (such as the whole page that asks for your login.)

Do you think speed doesn't matter any more, now that lots of sites are running with the CPU relatively idle? How many SSL connections do you use where the server has bothered to turn on PFS, the Perfect Forward Secrecy stuff that does a one-time Diffie-Hellman exchange? (Appallingly few.) How many sites do you connect to that are using 2048-bit public-key or longer? (Some, but hardly most.) It's still about performance.

Comment: Notepad (Score 1) 168

by billstewart (#46803143) Attached to: Ask Slashdot: Professional Journaling/Notes Software?

Back when I had a Psion 3A organizer, it was a great tool for taking notes on, though eventually the hardware died.

After that I used a series of Palm Pilot versions, which weren't as good - graffiti was slower than typing, and the text file editor could only handle notes up to 4KB, so I had to start new ones roughly monthly (though at least they did sync with Outlook pretty well.)

For the last decade or so I've been doing most of my work on Windows, so I just keep a Notepad text file open on my laptop all the time, and update the filename quarterly to keep an archive (though I haven't actually truncated the old part of the file in a few years, since Win7's Notepad can handle decently large files.) I back it up to various other media, and I suppose I could also back it up to my phone.

Comment: Upgrading Lots of Machines from a Cache? (Score 2) 177

by billstewart (#46792443) Attached to: Ubuntu Linux 14.04 LTS Trusty Tahr Released

So is there any way to cache Ubuntu upgrades, which would let my large collection of virtual and physical lab machines all fetch them from the LAN instead of the each one having to drag them across its WAN? Might as well fetch the official copy just once, and have everything else update at gigabit speeds.

Comment: What's the closest JEOS equivalent? (Score 1) 177

by billstewart (#46785827) Attached to: Ubuntu Linux 14.04 LTS Trusty Tahr Released

JEOS (Just Enough Operating System) used to be a sub-version of Ubuntu, with a minimal server edition; anything else you wanted was an apt-get install away. But there hasn't been a real JEOS version since about 8.04 or so, and with virtual machines these days I have a need for a lot of small-disk-footprint VMs. Is there something that's relatively similar, with basic networking and maybe a LAMP stack?

It would be nice to have a basic X windows environment, but I don't need big piles of Gnome or KDE, and I definitely don't need OpenOffice or lots of the other fun tools. Thanks!

Comment: Yeah, what AC said about Open Source docs (Score 1) 54

by billstewart (#46769663) Attached to: All Packages Needed For FreedomBox Now In Debian

In this case I know it's some kind of privacy software, but typically "FooBatz Release 5.4c is out!!!" is some gaming application or whatever. A half-sentence or more in the Slashdot summary would help, and so would a FAQ that starts with a section of "What is FooBatz?" rather than with "Why won't Ver 5.4b build on Slackware?"

Comment: TurboTax on Windows, Paper Returns (Score 1) 386

by billstewart (#46757551) Attached to: Slashdot Asks: How Do You Pay Your Taxes?

Am I trusting my tax data to online services? Fat chance. Too many people have my data already.

More precisely, my wife runs TurboTax, I run errands and fetch papers and caffeine.
Back in the 80s, we went to H&R Block because of the complexity of moving expenses from my first post-college job, and my wife said "that looks easy", took the H&R Block tax prep course and did a year of working there, then a couple years at another tax/accounting company, then started her own tax business, using TurboTax and a laptop. It was a bit difficult to keep everything working, because TurboTax assumed you had a desktop PC with a real disk drive instead of floppies, but after a couple years of using RAMdoubler and disk compression, she was able to upgrade to a laptop that resembled what TurboTax needed. Eventually she went back to doing computer businesses and was able to get rid of most of her tax clients (and eventually all of them), but she's been doing the taxes in the years since then.

I think we're finally using the personal version of TurboTax by now; we used the tax-preparer version for many years because there were things the personal one just couldn't do or didn't do well (including importing previous years' data from the tax-preparer version, which kept us on that for a couple years after we would have switched.)

Comment: Download new OpenSSL, not just recompile (Score 1) 239

by billstewart (#46720753) Attached to: Heartbleed OpenSSL Vulnerability: A Technical Remediation

No, you actually have to fix the code to add bounds checking, or download a new version of OpenSSL (which probably gets you other fixes as well, unless you were already running the latest version.)

Recompiling OpenSSL with the proper flag isn't enough to do the job - there are people who've done that and had problems keeping OpenSSL stable on their platforms, and more importantly, that still doesn't stop the Heartbleed attack from causing trouble. You need to get the code not to try to fetch memory beyond the appropriate object's array bounds, though OpenSSL should also default to using malloc()/free() instead of rolling its own badly.

% APL is a natural extension of assembler language programming; ...and is best for educational purposes. -- A. Perlis