Forgot your password?

Comment: Re:PCI Compliance (Score 1) 337

This requirement is normally done at the network boundary, so a hardware firewall will meet this requirement, although for web facing servers, often companies also like having application level firewalls (protocol level) that can inspect for suspicious activity at layer 7, not just the simple stuff. There is a huge business around certification and auditing for this, nobody should just jump into handling credit cards without knowing what they are getting into.

Comment: PCI Compliance (Score 4, Informative) 337

As soon as they start handling credit card transactions, they will need to conform with PCI standards, which will mandate much much higher levels of protections. There are significant fines associated with non-compliance so you may want to forward them over information about this.

Comment: Re:Child Support Nightmare (Score 1) 146

by ebrandsberg (#46361915) Attached to: UK Government Proposes Rules To Allow 'Three-Parent Embryos'

DNA testing would see the parentage of the third doner without specialized testing. Mitochondrial DNS are ONLY passed to offspring by their mothers, and given the procedure, there will still be a "DNS" mother involved, insuring that a reasonable set of parents can still be determined using the normal procedures. Not a nightmare at all.

Comment: Re:Still abusive (Score 0) 511

by ebrandsberg (#46276651) Attached to: Gabe Newell Responds: Yes, We're Looking For Cheaters Via DNS

Not a valid comparison, because even then, they don't actually send the dns names. They send a hash of them, meaning you can't reverse the hash and find the name. In your comparison, they would send a value that allows them to determine if someone else's webcam had the exact same image visible, but nothing more. Privacy is protected.

Comment: Re:Still abusive (Score 2) 511

by ebrandsberg (#46276297) Attached to: Gabe Newell Responds: Yes, We're Looking For Cheaters Via DNS

If you think looking at DNS is abusive, you probably don't want to know what it takes to find installed rootkit based cheats or similar. The fact that they are only sending hashes of the names found, in my mind, makes this a reasonable approach as a 2nd pass to verify that they don't have false positives. From the way I read this, the idea is to do a 2nd check just to verify that the first check didn't flag you incorrectly.

Comment: Re:Still abusive (Score 5, Informative) 511

by ebrandsberg (#46275693) Attached to: Gabe Newell Responds: Yes, We're Looking For Cheaters Via DNS

did you even read his response? They look for indications that the cheat is in play, THEN they check DNS as verification, and send a HASH of the dns name to their servers for comparison. This means they don't even see the actual dns name on their side, they can just check against known hashes of the sites the DRM used for verification. That is why it is two staged. Simple existence of the names in your DNS cache won't trigger the ban hammer.

Comment: Re:Unemployment rate 17,7% (Score 4, Insightful) 398

by ebrandsberg (#46080811) Attached to: Detroit Wants Its Own High-Tech Visa

I think the idea is that if they have visas to hand out to companies, the companies will be willing to put offices in Detroit for those people to work in. From there, services will be needed from the lower-skill people in the area, think food service, etc. This will then eat into the 17.1% unemployment. The problem isn't the number of workers but the type and skill of the workers, and getting things back in balance. I'm not sure this is the right solution to the problem, but I am willing to consider that it may be A solution to the problem for now.

Comment: Re:One question (Score 1) 230

HTC at least:

I suspect that the formalizing of CM as a company may help resolve some of these issues however, as they can push the component makers to provide the drivers to THEM. It is somewhat the same situation as with the phone makers, where they get the drivers from the component makers, and include them in their build. CM could do the same, and release the binary drivers for the CM builds on third party phones for CM builds. Who knows what will happen, once the $$ is traded, the lawyers are happy and code is released. The unique part of CM is that it would be supporting many phone vendors and not making their own phone.

Comment: Re:One question (Score 1) 230

Usually the phone makers are releasing the binary blobs that allow CM and other custom Android versions to run. As long as they continue to do so in a way that allows the binary blobs to be redistributed, there won't be an issue. If they attempt to restrict this use however, it will result in a phone basically being blacklisted by anybody that does anything outside of the ordinary, and personally, I would not buy the phone, or advise others to as well.

Comment: Re:One question (Score 5, Interesting) 230

I suspect that smaller companies like Blu Products ( could end up offloading software development and support for their phones under contract. Likewise they could offer services to enterprise customers to unify the android systems that they support on the "bring your own device" plans, so as to simplify support as well. I downloaded the newest CM daily today for the HTC One, and it prompted to link to the Cyanogenmod account, and once linked, it provided services such as remote wiping, finding my phone, etc. As such, if you have one unified version of android across multiple devices, it opens the door for providing unified services to simplify enterprise management. My worry is that companies like Samsung will not like this model since it levels the playing field between them and other hardware makers (the software is the same now) and they will refuse to release hardware level drivers to enable various features. That said, it opens the door to hardware/firmware only phone releases from small companies and open the market for rapid advancement.

Comment: Re:Yahoo (Score 4, Interesting) 174

by ebrandsberg (#44883543) Attached to: Secret Court Upholds Phone Data Collection

Phone records. I don't think Yahoo or Google is a phone company in the sense AT&T, Verizon, Sprint or T-Mobile are. As others have pointed out, there is no reason for them to challenge these orders, as they a) get paid for the costs of complying (from what I understand), b) the orders themselves are classified, so no real risk (until now) of people knowing what is going on and c) it would cost them money to challenge. The entire system is stacked against privacy.

Comment: When they help me... (Score 1) 707

by ebrandsberg (#44346733) Attached to: The Man Who Convinced Us We Needed Vitamin Supplements

There are two times that I *feel* like multi-vitamins help me (yay for the Placebo effect if that is what it is):

1. When I drink too much, if I take a vitamin before going to bed, it really helps stem the hangover the next morning;
2. I have a tendency to have restless leg syndrome. Taking a vitamin a bit before bed seems to help, and the medical literature seems to support this.

The article in question attacks very particular statements about Vitamins to cure disease, then uses this to state that they are rarely useful to take. The reality is much more murky, and for many people, general multivitamins may help.

Comment: Worked great for me (Score 1) 77

by ebrandsberg (#43626427) Attached to: Epic and Mozilla Bring HTML5 OpenGL Demo To the Browser

I just tried, and I was able to "play" the demo, walking around the environment, etc. I ran the benchmark, and got 57fps, and although I have 120hz monitors, I suspect something is limiting most of the rendering to 60hz. TBH, this is amazing to me. I tested under windows 7 with firefox 20.0.1 however, so I'll have to try booted into Ubuntu and see how it works there.

egrep patterns are full regular expressions; it uses a fast deterministic algorithm that sometimes needs exponential space. -- unix manuals