There's a reasonable summary from our co-defendant, a Mr. Tarrant Eightyfour

A site I run is allegedly on the complaint (see sig) and our user population seem to be competing to see who can get their names added to it.

I'm part of the team that run banniNation.com which is a news aggregation site with a fairly similar model to slashhdot.

While we haven't been officially served, our site and business are listed in the original complaint along with the handle of a user who mentioned Mr. Rakofsky.

We've got an official statement of sort at http://www.bannination.com/s/lawsuit and there's a link from there to a very level headed discussion about it. This definitely doesn't just affect bloggers and has further implications around the right to anonymous speech and the liability of service providers.

If I set up something like password_x = SHA1(password_(x-1) + SALT) I really can't see how that would be an issue unless it exposes some weakness in SHA1.

Still the bcrypt solution below looks a lot better

Thanks - will look into that

Yeah, I was thinking about doing that on my site in light of the gawker crack.

Logins are relatively rare events on the server, so I could do something like 1000 SHA-1's with a salt on each iteration. That'd mean

a) It'd take 1000 times longer to crack (obviously this is a constant war between me and the adversary)
b) If i build my own salting implementation on top of sha-1 I doubt I could end up with anything less secure than SHA1 but hopefully it'll require custom software to actually do the exploit.

I've routinely had employers that let me buy a new laptop every couple of years and expense it. That way I get something I'm happy with and the get a more satisfied employee.

I think it was called "Computer Studies" where I went to high school, and it was largely a waste of time. My teacher told me there wasn't any point in me showing up, and i just submitted the assignments and got an A.

The interesting stuff was part of our pure mathematics course. We were handed a simple example of how RSA encryption works and asked to encrypt/decrypt a few messages, break stuff with short keys and explain why it was infeasible at longer key lengths. That's how it should be done!

They did only seem to eliminate domestic roaming charges, and while that's appreciated it doesn't address the larger issue.

I'm kind of at a loss for why T-Mobile can't introduce an "our-network-only" roaming option. A good amount of the time when I'm in europe i never leave TMo's network, yet i still take it in the ass if i use my US sim card.

In fact it's probably still the biggest project I ever got my hands on.

I think there were always some patches that weren't available without a support contract. We ended up having to hack some support into the ftp server to talk to the java authentication backend somewhere.

Still i'm undoubtedly a little sad to see the end of it.

The sales tax issue in the US is breathtaking complicated. We did an ecommerce site for a local chain that has retail locations in a few cities round here. Colorado effectively only applies sales tax if both the consumer and the business share a jurisdiction.

So that means if both and in denver then you need to collect Denver City, Denver County, Colorado State, RTD transit and a few other miscellaneous development levies. However if the business is in denver but the consumer is up in boulder, then you only need to collect Colorado State & RTD.

Unfortunately the boundaries for the different districts are absurdly complicated. I live in a small town in colorado with a single zip code and yet we have 4 different tax rates. The transit tax only applies if you are in a part of the town that was annexed after some year. I can't get the right taxes on something delivered from the other side of town.

I'm sure any sales tax offering will start with just state level taxes being collected, but counties and cities will be right behind in wanting their share. At that point Amazon will have to maintain an accounting relationship with thousands of entities, and they'll have their unfair advantage back since it'll quickly become impractical for all but the largest online retailers to play.

I tried for 6 hours to get my hdtv connected to my macbook and failed dismally. I've been a mac user for 24 years and it utterly let me down.

However it took about 10 seconds with a displayport to HDMI cable on my linux laptop, no configuration necessary.

I bought a Mazda 3 and continually see ads for Mazda3's. I like it, but am unlikely to buy more of them.

I suspect the main driver will be smartphones. Hardly anyone would notice if their smartphone was on IPv6 and it'll be a cheap way for big operators in china and such to get millions of devices online in short order.