Comment wonder if they'd be there without the airport (Score 1) 103
I wonder if they were there BECAUSE the airport was there.
Save wildlife - build more giant complexes of buildings and asphalt .
I wonder if they were there BECAUSE the airport was there.
Save wildlife - build more giant complexes of buildings and asphalt .
I have some computer science / theory books that are twenty years old and still quite valuable. Those include Cod on relational database design theory. My Visual Basic 6 books are trash because they cover a specific, outdated version of the software.
Thinking about it further, not only are the good old books theory oriented, the ones that come to mind on authored by the originators of the topic - Cod & Date, K&R, etc. The thoughts of the founding fathers of a discipline are always relevant.
I checked it in a couple of different browsers. Only the Android browser made it look correct, and that was only on the second viewing using that browser.
When I first viewed it, it was broken in Android too. Most lines are repeated three times. For example, the sentence starting with "Here's the problem. Dual_EC_DRGB is flawed" is in there three times. I wonder what you'll see if I repost a copy / paste of the text:
Putting it bluntly, you can't.
Here's the problem. Dual_EC_DRGB is flawed, but is *required* to be implemented as part of anything that claims FIPS 140-2 compliance. Anything cryptographic you sell to the government is *required* to be FIPS 140-2 compliant, and operated in FIPS 140-2 compliant mode.
This includes just about all routers, switches, firewalls, operating systems and any other network or security gear in use by the U.S. gov't. Companies that supply this equipment include Cisco, HP, Dell, IBM, Juniper, EMC/RSA, Red Hat and others. In short -- everyone.
Granted, Dual_EC_DRGB is only one of four RNGs in the NIST suite, there is no way a user can specify *which* of those RNGs are actually used. Unlike setting cryptographic algorithms for SSL/TLS, there isn't any frontend for RNGs. They're implemented by the vendors. They're enabled in the products by a simple checkbox setting a registry entry (Windows), a kernel boot parameter (Red Hat) or config setting (most network infrastructure equipment).
Which is your vendor using? Who knows. But if we take the Snowden leaks seriously, the NSA has pressured many major companies to insert "weaknesses" or "backdoors" in various crypto-enabled gear.
Most people are thinking along the lines of "look for malicious code, odd errors or the like". But in the world of crypto, if the RNG isn't R, the entire thing collapsed like a house of cards. All tPutting it bluntly, you can't.
Here's the problem. Dual_EC_DRGB is flawed, but is *required* to be implemented as part of anything that claims FIPS 140-2 compliance. Anything cryptographic you sell to the government is *required* to be FIPS 140-2 compliant, and operated in FIPS 140-2 compliant mode.
This includes just about all routers, switches, firewalls, operating systems and any other network or security gear in use by the U.S. gov't. Companies that supply this equipment include Cisco, HP, Dell, IBM, Juniper, EMC/RSA, Red Hat and others. In short -- everyone.
Granted, Dual_EC_DRGB is only one of four RNGs in the NIST suite, there is no way a user can specify *which* of those RNGs are actually used. Unlike setting cryptographic algorithms for SSL/TLS, there isn't any frontend for RNGs. They're implemented by the vendors. They're enabled in the products by a simple checkbox setting a registry entry (Windows), a kernel boot parameter (Red Hat) or config setting (most network infrastructure equipment).
Which is your vendor using? Who knows. But if we take the Snowden leaks seriously, the NSA has pressured many major companies to insert "weaknesses" or "backdoors" in various crypto-enabled gear.
Most people are thinking along the lines of "look for malicious code, odd errors or the like". But in the world of crypto, if the RNG isn't R, the entire thing collapsed like a house of cards. All the NSA has to do is have essentially a single obfuscated line of code in the RNG. Something along the lines of "if Backdoor then RNG=Dual_EC_DRGB". Hell, in assembly it could probably be a simple JNE instruction.he NSA has to do is have essentially a single obfuscated line of code in the RNG. Something along the lines of "if Backdoor then RNG=Dual_EC_DRGB". Hell, in assembly it could probably be a simple JNE instruction.
The answer is don't use FIPS 140-2 mode, but if you're dealing with the government -- and a huge number Putting it bluntly, you can't.
Here's the problem. Dual_EC_DRGB is flawed, but is *required* to be implemented as part of anything that claims FIPS 140-2 compliance. Anything cryptographic you sell to the government is *required* to be FIPS 140-2 compliant, and operated in FIPS 140-2 compliant mode.
This includes just about all routers, switches, firewalls, operating systems and any other network or security gear in use by the U.S. gov't. Companies that supply this equipment include Cisco, HP, Dell, IBM, Juniper, EMC/RSA, Red Hat and others. In short -- everyone.
Granted, Dual_EC_DRGB is only one of four RNGs in the NIST suite, there is no way a user can specify *which* of those RNGs are actually used. Unlike setting cryptographic algorithms for SSL/TLS, there isn't any frontend for RNGs. They're implemented by the vendors.
Which is your vendor using? Who knows. But if we take the Snowden leaks seriously, the NSA has pressured many major companies to insert "weaknesses" or "backdoors" in various crypto-enabled gear.
Most people are thinking along the lines of "look for malicious code, odd errors or the like". But in the world of crypto, if the RNG isn't R, the entire thing collapsed like a house of cards. All the NSA has to do is have essentially a single obfuscated line of code in the RNG. Something along the lines of "if Backdoor then RNG=Dual_EC_DRGB". Hell, in assembly it could probably be a simple JNE instruction.of companies do -- you have no choice.
Even if you turn don't turn it on,if your equipment is something that the vendor WANTS to sell to the gov't then Dual_EC_DRGB is implemented in there whether you want it or not. How can you ensure there is no "if Backdoor then RNG=Dual_EC_DRGB" in there?
Before answering, please go visit the Obfuscated C Code Contest webpage and browse around.
Okay, it *IS* possible to ensure it with 100% open source code you compile yourself(1) that has been publicly vetted by people who have expertiese in this area. One suggestion is NaCL [cace-project.eu].
Good luck, and may the source be with you.
(1) -- If the people who are going to cite Ken Thompson's Reflections on Trusting Trust can keep themselves confined to one subthread, I would appreciate it.
Was that mess posted with Android 2.3 by chance?
As I read this, I'm on a trip to Houston to retrieve several terabytes of data for Clonebox. At 90 minutes each way, if I bring back 8TB, that's what, 60 Gbps. There's no way I could transfer that data over my cable modem.
That's a good idea. More generally, "stop showing me ads for this, I'm not going to buy it (or don't care to have it show up where other people might see it on my screen). That would be a win-win for consumers and advertisers.
I don't care for the fact that advertisers have a profile of me, but I do like seeing ads that might actually interest me. eBay does a good job of showing me listings I might want to look at.
Nm
It just costs ten times as much and lacks the same capabilities.
Other than the fact that it's a completely different class of product
Sure they _could_, but since the people who misled the judges were representatives of an agency, engaging in the agency's business as directed by their superiors, it's better that the agency and it's leaders are held accountable. For now, there are congressional hearings going on handling the matter through the political process, with congresscritters feeling public pressure. As a general rule, judges don't like to single-handedly usurp the public political process. Of course the Supreme Court from time to time has to rule on cases involving politically disputed issues, but lower courts generally shouldn't.
If, through the process of congressional hearings and such, it becomes clear that specific people committed perjury, that would be time for courts to convict certain people, after the public has made decisions through their elected representatives.
> I worry about the educational validity of MOOCs and feel that universities don't really have an idea of what they are for
A Google fellow working on MOOC.org / edX, Dr. Guha, said Tuesday that they most certainly don't know what they are doing, no more than he knew what he was doing when he created RSS, so they are trying to set up a flexible framework in which people can experiment, try things.
It's ILLEGAL for the NSA to spy on Americans, and for good reason. That doesn't mean it's OKAY for them to spy on everyone else, but at least it's LEGAL.
As a US citizen, I'd rather China spy on me than the NSA. The reason is because China isn't going to try to "bust" me on a minor and erroneous charge. For example, there is a porn star named Ann Howe aka Melissa who started in porn when she was 20. She looks young, so several people have been busted for "child porn" for having pics of her when she was 20-25 years old. I don't want my government spying on my internet usage because my government will charge me with child porn based on a chick in her twenties. The Chinese government doesn't give a shit what porn I see. Therefore yes, it's less bad for a government to spy on foreigners - even when I am the foreigner.
Judges have ruled that the NSA could do these things - when the NSA lied to the judges about what they were doing and how. Some of those judges are pretty pisses off now that they know how the subpoenas were abused, so I wouldn't think think those rulings definitively say what NSA is doing is in fact legal. The judges who made the rulings don't think they approved what was actually going on.
There are some good people at Open University. A commenter mentioned quality. The person at OU who I work with annoys me at times because he insists on top quality. There's no such thing as a quick fix on the software we use - the OU person insists that every change is WELL thought out and implemented in the very best way possible, even if that's a lot more work than doing it the easy way.
Best of luck to my friends at OU in this new endeavour.
Sure, when you show the patent examiner what part of the Linux OS (or just kernel if you prefer) previously did that thing in the patent, how, and when. It sounds like that's the type of thing these people are doing.
MOST patent suits are filed by one of twelve companies. There are hundreds of companies who actively try to license their IP, like Arm and Bell Labs do.
The "good" scenario is in fact the common one. The bad scenario is the one you see covered on Slashdot.
Also from time to time Slashdot covers a story of proper patent use, but in a totally misleading way so as to make it sound bad. For example, last week we had the story of Cisco wanting to come to the rescue when a big bad patent troll was suing defenseless defendants. The big bad wolf in that case is a nonprofit organization and the "defenseless victims" are AT&T, Comcast, Level3, and Time Warner.
He has not acquired a fortune; the fortune has acquired him. -- Bion
