Posts by Chris C

Idiot

TO HER:

"She thundered: 'There was no way I could marry an adult film star. I don't know if I will ever be able to trust a man again.'"

If you really feel that way, because one asshole treated you poorly, then you have serious issues. I can understand not trusting HIM again, but not trusted any man? There are a LOT of assholes out there, men and women. To distrust an entire gender because of the actions of one person (or even a few people) is ridiculous.

TO HIM:

"Brake offered: 'The sex side is purely for the camera, but Haylie did not understand I was only acting. I am sorry and did not want to hurt her. I still love Haylie and would have stopped doing porn if she had asked me to.'"

Ignoring the fact that you never gave her a chance to ask you to stop (since you never told her about it), there's a reason most women don't "get" that it's just acting. Most women, and some men, actually believe there is a connection between love and sex. She may also be concerned about STDs, you getting your "costar" pregnant, etc.

Catholic teachings

"That's too bad, according to the Diocese of Shrewsbury's Reverend John Joyce, who confirmed: 'Parish centres under our auspices let their premises on the understanding users and their organisations are compatible with the ethos and teachings of the Catholic church. In this instance, we aren't satisfied such requirements are met.'"

Most Catholics I know are NOT compatible with the ethos and teachings of the Catholic church. Then again, even the Catholic church itself isn't. One of their most sacred rules is "Thou shalt not kill", but look at what they do to family planning clinics and abortion doctors. Let's not forget the Crusades. Then, of course, there's "Thou shalt not commit adultery", etc. There's the idea (belief?) put forth that god forgives, yet the second commandment clearly states "for I the LORD thy God am a jealous God, visiting the iniquity of the fathers upon the children unto the third and fourth generation of them that hate me" (punishing the children for the sins of their fathers). That doesn't sound like forgiveness (or love) to me.

There are far too many inconsistencies and contradictions within the Catholic religion (and Christianity in general) to put any faith in it. Having said that, all Witches should know that Christianity, especially Catholicism, will never accept them. Never. To think that you can bridge the gap and even be tolerated, let alone accepted, is nothing but hopeless insanity.

As for discrimination, in the US, Christians are pretty much allowed to do whatever the hell they want. After all, they make the laws. Case in point: Christian pharmacists who refuse to give the morning after pill to women who are concerned they may be pregnant. The law says that that's OK, that it's acceptable for them to refuse to give women the morning after pill if it conflicts with their religious beliefs. These Christian nutcases have even refused to give the pill to women who were raped. They say that the woman must bear her rapist's child. The "sanctity of life" is apparently more important than the physical and emotional pain, and miserable life, for both the woman and the bastard child. And we thought Nightmare on Elm Street was fiction.

Before anyone gets all huffy, this is not an indictment of all Christians. I know a lot of Christians, even some Catholics, who are good, decent people. But then, that's only because they live by their own moral code instead of taking everything literally from endlessly-translated 2000-year-old documents. Religion is a very personal thing. You don't need anyone else to tell you how to have faith or how to interpret the various texts. After all, nobody in the Christian world has officially been spoken to by god, therefore their interpretations of the various texts are no more important than yours.

Misquoted

"Therefore he said, 'there will be no tax consequence to employers or employees for personal use of work-related devices such as cell phones provided by employers.'"

With all due respect, that's not what he said. The statement linked to states: "Therefore, Secretary Geithner and I ask that Congress act to make clear that there will be no tax consequence to employers or employees for personal use of work-related devices such as cell phones provided by employers." That is much different. In your quote, he made a statement of fact and the law would change. In his statement, he asks Congress to make a change, but they are under no obligation to do so.

Regardless, who else thinks that they'll simply say people won't be held accountable, while still keeping the law on the books in case they want to use it in the future?

IP addresses?

"Following opposition from ISPs and anti-censorship activists, legislators have removed provisions that would have required ISPs to log every attempt to access a blocked site and to inform law enforcement agencies. Opponents pointed out that such a move could criminalise – or raise unwarranted suspicions – over anyone who clicked a link by accident, or was misdirected to it by a hacker."

Or anyone who attempted to visit a site which happens to be hosted on a shared server, thus a single IP address, which hosts thousands of websites. But hey, as long as one child porn image is made inaccessible, it's all good, right?

I think we can all agree that true child pornography (not a 17-year-old taking a picture of herself) is a scourge that needs to be removed and dealt with. But it seems that current methods have far too much collateral damage. Also at issue is the fact that when you click a link, you don't know what that linked-to page actually holds until you get there, and even then, the page may be different for different visitors. In other words, someone who is not looking for child porn may stumble upon some purely by mistake, yet most laws don't seem to care. The only reasonable way to get rid of it is to go after the sources and deal with them appropriately (in such a way so as to deter others).

@AC re: same, same...

"didn't I read somewhere that Telstra Australia have a simiar option for their customers, for an additional fee each month you will be forwarded to an Aussie only helpdesk.

begs the question when does nationalism become racism ???"

Actually, no it doesn't. You apparently have never had to call a help desk and be connected to a foreign call center (read: India). I'm not racist, but I don't want my calls routed to India, and the reason is simple: I have a difficult time understanding them due to their accent, and they apparently have a difficult time understanding me. It was similar when I worked at a small computer shop and one of their distributors' reps was Asian and had a very heavy accent -- I couldn't understand them when they called. If I can't communicate with the person on the other end of the phone, then the connection is useless. Period.

Also, the desire for people to see jobs kept or created locally or nationally versus in a foreign land is not a racist idea. It simply means that people want to help their local or national economy and community instead of seeing their neighbor get evicted because he lost his job so that a CEO can bring home a bigger paycheck. Racism is hating people because of their race. Wanting local or national jobs has nothing to do with hatred.

Public activity

"The judge said Horton could not expect to remain anonymous because 'blogging is essentially a public rather than a private activity'."

And his point is... what, exactly? Publishing a novel is essentially a public rather than a private activity as well, and yet we allow novel authors to use aliases in order to protect their true identity. Why is this any different?

Legal?

"...That would eliminate the need for meter readers to visit each customer to know how much electricity has been consumed, for instance."

In that case, I'll expect my monthly "Customer charge" to decrease since they're admitting they'll be doing less work and using less labor.

"...Technicians envision a system that raises or lowers rates hour by hour depending on the supply of power available, which would be measured based on the reports of millions of individual meters."

Is this legal? It doesn't sound like it to me. What that says is that you will have absolutely no idea how much the power will cost as you use it. You will only know how much it cost once you receive your bill, and even then, it will probably only show the month's or days' total cost instead of showing a breakdown of each rate period. I can't think of any other product or service for which we're expected to pay without knowing the cost up-front.

Lastly, the complete lack of security should be illegal as well. It probably isn't, but it should be. After all, if it's using a mesh network with no encryption, then it's broadcasting your personal information (power usage and possibly other data) and personally-identifiable information (the meter's ID and possibly other data) to anybody who wants to listen. That should be a violation of various data protection laws.

What?!?

"Police were called to deal with 'a naked man was acting aggressively and destroying property at a residence at Brandon', according to a statement. ... 'It is believed that a Taser was deployed and that police managed to physically subdue the man. However, before the ambulance could arrive at the scene the man stopped breathing.'"

Huh? It is BELIEVED that a Taser was deployed? Are they actually saying that they don't know if they deployed a Taser or not? I'm sorry, but if the police are so incompetent that they don't know whether or not they deployed a Taser, then they have absolutely no right being police officers or carrying Tasers.

On a side note, how many deaths must occur before the juice-happy people stop calling the various zappers (Tasers, stun guns, etc) "non-lethal" weapons? And don't even try to use the euphemism "less lethal". Either something is lethal or it's not. Guns don't always kill people, but we still consider them to be lethal weapons. And since law enforcement consider cowboy boots to be deadly weapons*, I see no reason why a Taser should not be considered a deadly weapon. You know damn well that if a regular citizen attacked a police officer with a Taser, the prosecutor would call it a deadly weapon and file the charges appropriately.

* Yes, if someone is wearing cowboy boots when they kick another person, they can be charged with "assault with a deadly weapon". It has happened multiple times in the US

@Jimbo 7

I hate Exchange for a few reasons. High on the list is the ridiculously small total mailbox store size. In Exchange 2000 (which one of my clients is still running because they have no reason to upgrade), the mailbox store is limited to 16GB no matter how many users you have (I think Exchange 2003 upped this to 75GB). This purely artificial limit is enforced because it helps performance, according to Microsoft. Of course, maybe it would help performance if they didn't keep the entire mailbox store in only two files; it would likely be better if it was one file per user.

My client has 30 users, and they've exceeded that 16GB limit multiple times. Hey, this is Exchange (effectively an IMAP server), so the whole point is to keep your mail on the server. This is especially true with the creation of Outlook Web Access so that you can access your mailbox (and thus its contents) from anywhere using a web browser. When the mailbox store reaches the 16GB limit, you have to stop the mailbox store, add a registry entry to temporarily increase the mailbox store size by 1GB, restart the mailbox store, then have people delete messages or move them off Exchange into PST files. Every time the mailbox store is started, that registry entry is removed, so you have to keep adding it every time you start the mailbox store (for example, every time you do a backup if you're not using an online method such as Backup Exec's Exchange agent).

Another reason I hate Exchange is that there's no warning when Exchange is nearing that mailbox store size limit (no popup box on the server, no email to the administrator, etc). Everything is going along nicely, then suddenly users start complaining and you have no idea why.

Another reason high on the list is that Exchange itself uses (in my opinion) far too much processing power and memory. I find it absurd that you have to dedicate a high-powered server to be strictly a mail server when you only have 30 users sending/receiving maybe 1500 messages per day.

Exchange does seem to work well (when it works), and I like how it integrates nicely into Active Directory. But the performance and resource usage is, in my opinion, pathetic. Also, I think it's significantly overpriced.

I'll be the first to admit that I don't know of a better system which incorporates everything Exchange does. That said, I can certainly dislike and criticize a piece of software even if there is nothing better available.

As much as I hate it

As much as I hate to say this, if this article is accurate, I have to side with Google here. This bloke admitted he violated the terms of service, therefore Google had every right to terminate his account. In fact, they should go after him for filing a frivolous lawsuit and wasting their (and the taxpayers') time and money.

Yuck, defending Google. I feel so dirty now. But hey, even a megalomaniac can be (legally) right every now and then.

Use multiple algorithms

As I've mentioned before, it seems to me that the best course of action is to use two algorithms; for example, MD5 and SHA1. Calculate one hash using the specified input, and keep that hash. Take that hash value and append the specified input (if it's a large input such as a file, use a portion of the beginning of the input such as the first 32 bytes), then use the second algorithm to produce a second hash. Use those two hashes together to verify the data. I'm not a cryptographer, but I would assume that this method increases the number of brute-force attempts since a collision in one algorithm will almost certainly not result in a collision in the second algorithm (especially since the second algorithm's input includes more than just the specified input).

For quite a while, I've wondered about these hashes and collisions. It may take a single computer many years to brute-force a collision, but that length of time would be decreased significantly if someone used a botnet to distribute the load. Because of this, we must assume that the most powerful supercomputer (or its equivalent) will be used to try to brute-force new and existing algorithms, and design the algorithms accordingly.

Method doesn't matter

"But its argument that hackers bypassed rather than defeated its call verification technology in hacking into its chief exec account skirts the fact its systems were defeated."

Exactly. Your building or house may have a 12" thick steel door with multiple physical locks and a magnetic lock, as well as a fingerprint reader and an iris scanner, but that won't help at all if someone can simply break a window and gain access that way.

Demolition Man

Am I the only one who is reminded of Demolition Man wherein the police department sees Phoenix being violent and one of the officers says "We're police officers. We're not trained to handle this!"?

As for the "I'm not normally one to side with the coppers..." AC, I suppose it would have been OK for him to shoot her, too, if she said "Go ahead and shoot me"?

And as for Mr "should be respectfull to the police", no, not necessarily. Respect is earned, not given. Courtesy and tolerance should be given to everyone, but not respect. All of the police officers I've had contact with do not deserve respect. I don't doubt that there are good cops out there who became cops because they want to help and protect people. But I think you'll find that the majority of them became cops because they have a god complex and get off on the control it gives them.

@Charles Manning

"Surely you either need to use hacks like this or have the sensors running all the time."

Perhaps I'm being too logical, but I would expect that either:

1) The startSensing() function would wait until the sensors were initialized before returning control to the script.

or

2) The startSensing() function would have an optional parameter which tells the function to wait until the sensors were initialized before returning control to the script (and the parameter should default to true). That way, the default usage would ensure that the sensors are ready when control is returned to the script, but the script could tell the function to return immediately (for example, if there are other tasks to perform and the author knows those tasks will take longer to perform than the sensor initialization). In this case, the readSensors() function should return a special value to indicate that the sensor initialization has not completed if called too early.

So no, a hack or workaround would not be required if the API was designed properly.

P55

"Our understanding is that the P55 is one of five models in the single chip 5-Series chipset family...".

That's funny. My understanding is that the P55 was the Pentium with MMX instructions.

Responses

@Mad Mike: "...I'm really surprised they don't already have this."

Who says they don't? Isn't it possible (if not plausible) that they do already have this, and this "leak" is their way to gauge the public's reaction?

@Conrad Longmore: "So, we know the bad guys are coming. It would be irresponsible for the security services not to step up measures for the duration of the games. And yes, that's going to be a PITA for people living in London and the South-East. Unfortunately, it is something people are going to have to live with.. temporarily.. if they want to be safe."

I'm sorry, but how do you KNOW "the bad guys are coming"? Oh, you mean you ASSUME they are because your fear tells you so? In reality, you can only go so far as to say it's possible, or perhaps likely, that "the bad guys are coming". You cannot say that you know because you don't. Regardless, it's exactly the type of attitude you expressed which erodes our civil liberties in the name of security. Basically, it boils down to three things: 1) citizens that don't give a damn and wouldn't try to stop an attack even if they knew about it; 2) citizens that don't care about living in a fascist society or dictatorship as long as they have a sense of security (whether such security is real or only perceived), and will allow the government to do literally anything in order to achieve that sense of security; and 3) a government that seeks only power and control, a government that does not want to govern its citizens, but wants to rule them.

Also, no offense, but you're a complete idiot if you think such measures will only be "temporary". They will be temporary in the same way that vague laws are never used in ways the authors didn't intend (and/or in ways the authors promised they wouldn't be used).

Bad translation?

"Similarly, Article 269(b) of the Polish penal code states that, 'whoever prepares, obtains, sells or makes available for other persons the computer devices or software tailored to the purposes of committing [a cybercrime], or prepares computer passwords, entry codes or other data that makes information stored in a computer system or network available' shall be guilty of a crime."

I sincerely hope that that is a bad translation (assuming the law is written in Polish). As quoted, every network administrator is guilty of a crime because they prepare computer passwords that make information stored on a network available. Being the network administrator, they are authorized to do so, and the prepared passwords are used to authenticate authorized users, but such wording (and thus intent) is missing from the quoted text. Can anybody confirm whether or not this is the case?

Terrorist

"Have we got targets for young people who have not been arrested yet? The answer is yes. But we are not just waiting outside schools to pick them up, we are acting on intelligence. If you know you have had your DNA taken and it is on a database then you will think twice about committing burglary for a living."

Is it just me, or did he just admit that the police are a terrorist organization? The definition of terrorist, according to dictionary.com, is "One who governs by terrorism or intimidation". That last quoted sentence certainly seems to fit that definition.

i7

@AC at 23:22 -- Looking at the picture of the underside of that laptop, you couldn't put it on your lap without covering at least one or two of the laptop's four fans. Tons of heat, and lots of noise. Of course, I'd rather have the noise than have the notebook maker use my hard drive as a heat sink. Yes, HP actually did this -- on my Pavilion dv9260nr, the primary hard drive (it has two bays) is used as the heat sink for the video card (NVIDIA GeForce Go 7600 with 256MB discrete memory). The end result is that with 24C ambient temp, the CPU is 25C, the GPU is 56C, the primary HDD is 55C, and the secondary HDD is 33C.

As for the i7 chip itself, I have a feeling it won't be a big seller in any form. Simply put, it consumes way too much power (130W TDP). You can get a Core 2 Duo at 65W at the same clock speed. Yes, the Core 2 Duo is only 2 cores instead of 4, but it's also MUCH less expensive. In other words, the i7 is overpriced, in terms of cash at time of purchase and in terms of power used.

Am I the only one?

I understand the reluctance to allow your (perceived) enemy have their own weapons, especially nuclear weapons, but am I the only one who thinks it's completely hypocritical for a country (or group of countries) to say "WE can have these weapons, but YOU can't"? It's especially hypocritical when there is only one country which has used nuclear weapons, and that's the one saying "YOU can't have them because WE don't trust YOU". I'm a US citizen, and I have to ask -- does anyone trust the US, or do you go along with them out of fear (which would, by definition, make the US government a terrorist organization)?

Good and bad

MLC SSDs have one obvious downside that few people seem to address (or even want to think about) -- the limited write lifetime. In MLC, each location can only be written to 10,000 times. When talking about storage, that's not a lot. The wear-leveling algorithms can move data around to extend the life of the drive, but it still won't be anywhere near the lifetime of a magnetic-disk HDD.

SLC SSDs, with a 100,000 write lifetime, are better in terms of longevity, but are still far less than a magnetic-disk HDD.

Imagine you're running a high-usage database which is updated frequently. At 100,000 writes (SLC SSD), you can write to each location 273 times per day (11 times per hour) for one year. A frequently-updated database will most likely be updated much more than that. An MLC SSD will only only 27 writes to each location per day for one year. Again, wear-leveling algorithms will logically move the data around to extend the life, but the SSD will die much quicker than a HDD.

In other words -- for SSDs to really succeed, they need to find a way to increase the write lifetime, and we need to come up with a filesystem that doesn't cause small transfers (such as Windows' 4KB paging file writes) to slow the system to a crawl.

Fishing expedition

"The particular case here relates to suspected fraudulent credit card use for purchases made in the Live Search cashback program. We've filed this John Doe complaint as a step in the discovery process to enable us to get additional information from third parties for our investigation."

In other words, Microsoft admits that they don't know if there was any fraudulent activity. They admit that the only reason they are filing this lawsuit is that they hope it will reveal information which may indicate fraudulent activity. In other words, the very definition of a fishing expedition.

Remember back in the day when you actually had to have proof BEFORE filing a lawsuit?

@Charles

"So how do you suppose 40K+ websites, each owned by someone else and hosted by different companies on different servers (supposedly all using different server software) all got compromised in such a short period, each in a seemingly different way? Either it's "typing monkeys" or someone has found a "magic bullet" zero-day vulnerability."

First of all, it's extremely unlikely that those 40K+ websites are all using different server software. There are only a few web server packages, and only a handful of scripting languages. To claim that they all use different software is ridiculous. Also, I'd venture a guess that most (if not all) of them are using cPanel. Find a hole in cPanel, and the web is basically yours. I'm not saying that this isn't the result of a keylogger. What I am saying is that that certainly is not the only possible explanation.

----------

To all the Windows vs Linux vs Apple guys:

For the love of $deity, would you please stop waving your dicks around? You're ALL losers, okay? Can't we have one article about an OS without the volley of "my OS has a bigger dick than yours" comments? Each OS has its strengths and weaknesses. Isn't freedom to choose one of the most important freedoms? As Linus himself has said, use the best tool for the job.

Bah

@graeme leggett: "'there was an impact', means much the same as 'there was an effect'"

Don't forget, most people no longer know the difference between "effect" and "affect". Creating new words seems to be an activity many people enjoy (blog, [twitter] tweet, "meh", etc). Similarly, many people see no problem with appending "est" to various adjectives despite the result being grammatically incorrect. Let's not get started on "to" vs "too" or "no" vs "know".

@Jimbo: "I love never ending posts about MS VISTA by users who never bought it and yet complain about it. MS VISTA is great product if you have very good hardware, it's pretty bad on old hardware."

Vista came pre-installed on my HP Pavilion dv9260nr (top of the line notebook when I bought it). HP doesn't carry drivers for anything other than Vista; I had to download drivers for other notebook models to get XP drivers. My point is that this notebook was created explicitly for Vista, and only for Vista. I tried to use Vista, but it was just too slow and buggy. Even the Automatic Updates' "time remaining" calculation didn't work correctly. Needless to say, I shrunk that partition and installed XP after a short time, and XP works quite well. Just because a product works well for you doesn't mean it works the same for other people.

The last time I checked, all versions of Windows based on NT were operating systems -- the piece of software sitting between the applications and the hardware. The OS's job it to run apps, not to consume all of your resources. You have a serious problem if you need a 2GHz processor with 2GB of memory and 40GB drive space to execute a single application.

Cookie-based opt-out

"NebuAd did provide a cookie-based opt-out and claimed to anonymize all user data with a one-way hash, but US law may require an opt-in."

The problem is that a cookie-based opt-out is not a valid opt-out. Not all browsers support cookies, and cookies are not required for web access. Many security-conscious people block cookies, especially third-party cookies, as an additional step in protecting one's privacy. Forcing someone to use cookies in order to opt-out is an affront to that person's privacy.

(Almost) anything that collects personal information should require explicit opt-in (no, burying an agreement within a license or contract does not equal explicit opt-in).

@Frank Bough

"There's something very wrong with the world when a woman will mutilate herself for such a ridiculous reason."

Please define "mutilate". Do you consider breast enlargement surgery to be mutilation? Liposuction? Botox injections? Nose jobs? Any kind of cosmetic surgery? LASIK or other type of eye surgery? Tooth fillings, caps, crowns, or implants? Gold teeth? Braces? Tattoos? Piercings? Knee or hip replacements? Organ replacement? Heart bypass surgery? Appendix removal? Titanium pins or plates to replace missing bone? Mastectomy? Hysterectomy? Tonsillectomy? Gastric bypass? The point is, one person's definition of "mutilation" can be far different from another's.

I can speak only for myself, but I would guess that a large number of people do not consider a person's career to be "a ridiculous reason". Do you think training every day of their lives is "a ridiculous reason" for an Olympic medalist or a classical musician? Advancement of one's career is a very valid reason for many choices, especially when it coincides with other reasons.

Stop being a male chauvinist pig and start being a human.

re: might

"They're the law, surely they should know if something is illegal or not!"

You'll obviously be somewhat surprised to find out that this assumption is not correct. It is widely assumed that law enforcement officials will be able to tell you if something is illegal or not, but, as ridiculous as it sounds, that is not the case. I once sent an email to my state's attorney general asking if online gambling was illegal according to my state's laws. The response I received was that he could not tell me, that I would have to seek advice from professional legal counsel. The state DA, the man who decides whether or not to prosecute criminal court cases, could not tell me if something was illegal or not. There's something wrong with your laws when law enforcement officials cannot tell you if something is illegal or not.

As for the confiscated items, I would venture a guess that, like in many other cases, they confiscated every piece of electronic kit in the room -- PCs, monitors, printers, scanners, keyboards, mice, speakers, storage media, phones, VCR/DVD players, VCR/DVD media, CD players and stereos, music CDs, televisions, etc. When executing seizures, they apparently don't believe in the word "overkill", even when something is clearly outside the scope of the search warrant (like confiscating a television).

Here we go again

I'm so sick of this whole argument brought about by people who have no clue what they're talking about. There is literally no way to prove causation. Let me repeat that, There is LITERALLY NO WAY to prove that experiencing violent media causes aggression or violent tendencies. The human brain is extremely complex, and we (society) have absolutely no idea how it works. In addition to this, life is not a computer simulation. In life, there is no way to stop your experiment and reset it to a known state. In life, there is also no way to eliminate all other external factors (such as whether the child is from a wealthy family or a low-income family, genetic predispositions, etc). Thousands of other external factors will be completely disregarded (did all of the "violent" children drink milk, for example, or were instances of violence precipitated by an emotional event such as the ending of a relationship?). There are too many factors, and far too many unknown variables, to prove any causation between violence in media and aggression/violent tendencies.

Also, I notice that when these "researchers" try to "prove" that violence in media causes aggression and/or violent tendencies, they never say how all human beings have a predisposition to violence and/or aggression. But I guess that little tidbit might not help their "findings" too much, would it? Newsflash: most people ARE aggressive and/or have violent tendencies. You don't see it because they keep it in check and don't show you that part of themselves. Are these "researchers" trying to say that all boxers, football/rugby players, murderers, assaulters, etc have played violent video games?

As for Eddie "Amendments my ass" Edwards, it's the first amendment that allows you to speak freely and grace us with your ignorance. The federal court has every right to block a state law if said law is determined to be unconstitutional. When the founding fathers crafted the Bill of Rights, it was done so as a list of the minimum rights afforded to every US citizen, rights which cannot be taken away by the federal government, or any state or local government. I cannot even begun to understand why you think the Bill of Rights should not be honored in the state of California.

Fourth attempt?

"The problem is is that there is still an md5 or sha1 hash to rainbow table with, and though your password may be crazy complex and impossible to brute force with reasonable hardware, the hash may still collide with the hash for dog."

That's true. For every hash, there will always be collisions. The point of my comment was that a cracker would not be able to use a rainbow table to find a collision. The end result would be that the cracker would need to brute-force to find a collision (either trying to brute-force the authentication algorithm, or by creating a new rainbow table using the authentication algorithm).

So, if anyone is still reading these comments, how about this:

1. Take the user's password, append a piece of non-changing data, and generate the MD5 hash of the concatenated string.

2. Take the MD5 hash, append the user's password, and append a piece of non-changing data, then generate the SHA1 hash of the concatenated string.

3. Store the MD5 hash and the SHA1 hash as the user's authentication tokens.

Because the two hashes are not derived from identical strings, a cracker could not find matching collisions to get the original password.

Features

"...an antimicrobial keyboard, rubberized kickball-like exterior, and a special "network activity light" on the back of the lid designed to tattle to teacher when the kids are trading Pokemons online rather than paying attention to lessons."

Antimicrobial keyboard -- completely useless. This netbook will still spread germs. That is, unless you believe that kids will not touch the touchpad, touchscreen, or casing.

Network activity light -- pretty useless. If the kid was doing something they shouldn't be doing, they'll have the window closed by the time the teacher gets to them. At that point, how will the teacher know they were doing something wrong as opposed to the netbook downloading updates (Windows, antivirus, Java, Adobe, Apple, Google, Mozilla, etc). Most programs don't give you the option of specifying when to check for (or, in some cases, download) updates.

Rubberized case -- might actually be a good idea. Depending on the material, it may provide negligible protection from a drop, but a rubberized material will make it easier to grip and will resist slipping. At any rate, it's better than the glossy, easily-scratched-with-the-slight-breeze materials which seem to be the current fad.

I have to say, though, a 3-cell battery doesn't sound like much for a computer which is supposed to be designed for educational use (read: used for 6-8 hours between recharges). Dell's website says "3-cell or 6-cell 'Smart' Lithium-Ion Primary battery featuring Express Charge™" and "65W AC Adapter featuring cord wrapping".

Personally, this is my favorite quote from Dell (when selecting the operating system): "Please note that if you choose Microsoft Vista and also would like Microsoft Office productivity software, you will need to select a hard drive option with at least 80GB of space." That's a lot of space for an operating system and office suite.

re: Hotmails spam filtering sucks

"They even blackhole mail rather than rejecting it in many cases."

Actually, spam SHOULD be blackholed rather than rejected. Virtually no spam actually comes from the email address listed in the "From" header. As we saw in the early days of spam filtering (and still on some poorly-configured systems today), rejecting mail and sending it back to the "From" address only causes additional traffic and problems -- for you (the receiver) and for the "From" address/domain.

If all spam was rejected and sent back to the "From" header's domain, I have a feeling the Internet would slow to a crawl because of all the additional traffic it would generate. I know for a fact it would melt one of my clients' mail servers considering they get about 98,000 messages sent to invalid addresses. Sending all of those messages back to the alleged originating domains would cause an unnecessary massive increase in resource utilization and outgoing traffic, not to mention the return traffic when the alleged originating domain's mail server sends its own NDR because the address in the "From" header was fake to begin with. And then we've got a ping-pong match, where each side's mail server sends an NDR to a non-existent user.

Sue him

I would guess that the Craigslist boss probably shut down the "erotic services" section to avoid a lengthy and costly lawsuit. But McMaster HAS gone too far. If what was reported in this article is true, he is guilty of defamation (libel). In any case, he is guilty of blackmail (“If those South Carolina portions of the site are not removed, the management of craigslist may be subject to criminal investigation and prosecution.”). My advice would be for Craigslist to sue McMaster and the State of South Carolina.

Incorrect understanding

I think the author misunderstands the inner workings of Firefox:

"Tabs were a minor revolution for internet users because they meant that rather than having to keep opening new versions of your browser for each site you wanted to view, killing the machine's performance and exposing yourself to crashes, you could work within one browser."

In Firefox, using default settings, you are ALWAYS using exactly one instance of the executable. All browser windows are created and maintained by one process. If any one of those windows crashes, then ALL of the windows close.

Interestingly, because Firefox only allows one executable instance at any given time, you cannot (using default settings) run Firefox 2 and Firefox 3 at the same time, even though they are separate executables installed into separate directories. If you have FF3 open, then running the FF2 executable will open another FF3 window.

Less-competitive market?

"The FTC's biggest hurtle in the case was showing adequate evidence that Rambus' high royalty rates have resulted in a less competitive market."

Can somebody explain why this needed to be explained at all? Rambus intentionally defrauded JEDEC during the drafting of the DDR standard by not informing them of Rambus' patent applications for technologies used in DDR memory. Subsequently, JEDEC formalized the DDR standard. As a result, all PC manufacturers adopted the DDR standard. The end result is that Rambus gets a royalty on literally every PC sold. When a company gets a royalty on 100% of the market, how can anybody NOT see that it eliminated competition? When you're competitor is forced to pay you a royalty, then they're not really a competitor.

Personally, I think JEDEC should have sued Rambus for fraud for intentionally not revealing their patent applications when drafting the DDR standard. But then, since Rambus is a US corporation, we all know how that would have ended. We need only to look at Research In Motion to remind us of that.

re: Game in Excel

Nope, it's not a myth. Microsoft really did program a game inside Excel 2000 (and we all wonder why MSOffice is so expensive). I tried it out just before posting my comment to confirm. From the text file that was sent to me explaining how to access it:

----------------------------------------------------------------------

Excel Racing Game

----------------------------------------------------------------------

A full-fledged game is hidden in the first release of Excel 2000. (It was removed in SR1 and SR2.) Follow these steps to access a racing game similar to Spy Hunter.

1. Open Excel 2000 with a blank worksheet.

2. Select File, Save as Web Page.

3. In the Save As dialog box, choose Selection: Sheet, check Add interactivity, and click Publish.

4. Click Publish in the 'Publish as Web Page' dialog box.

5. Close Excel, declining to save the worksheet.

6. Open Internet Explorer.

7. Choose File, Open, click Browse, and open the file you just saved.

8. Click in the spreadsheet, and hold Page Down to go to row 2000.

9. Click the gray header to select row 2000.

10. Use Tab to move the active cell pointer to cell WC2000.

11. Hold down Ctrl-Alt-Shift and click the Office logo in the upper left corner.

12. If you've come this far, congratulations! Use the arrow keys to navigate, the spacebar to fire, O to drop an oil slick, H to turn on your headlights, and Esc to quit playing.

----------------------------------------------------------------------

re: Nobody is forcing advertisers...

"It is one thing to fret about third world workers being exploited by some Evil Empire, or some old gran being duped out of her nest egg by a fraudster, but fretting about advertisers being screwed over is quite another matter."

I find it interesting that you read an article about Google's hypocritical stance on openness, and the only information you got out of it is about advertising. Looks like someone drank the Kool-Aid.

What?

"In a prepared statement, [Connecting attorney-general Richard Blumenthal] said 'We will be monitoring closely to make sure that this measure is more than a name change from erotic to adult and that the manual blocking is tough and effective to scrub prostitution and pornography.'"

When did pornography become illegal?

If you want to solve all of the problems with prostitution, then legalize it and regulate it, enforce mandatory condom use and mandatory health checks to protect against disease, etc. Two consenting adults having sex should not be illegal. Then again, neither should simulating sex with a bicycle inside your locked hotel room.

To those with more knowledge than I

Just a random bit of questioning here --

How does the protection/armoring of an SRBM compare to that of an ICBM? Could it be that they want to test against an SRBM because it will be easier to destroy?

Will the SRBM used in the firing tests be a real SRBM (with the same protections as a real one would have), or would it merely be a mock-up (to make it easier to shoot down, thus giving the illusion of better performance)?

For any missile with a nuclear payload, what would the damage be of destroying the missile at its zenith? For example, would the nuclear fallout still be dangerous? If so, more dangerous than if the missile landed in a remote or uninhabited location (if it was redirected off-course, for example)?

Never heard of him

I have absolutely no idea who this person is. But then, I haven't listened to the radio in about nine years, and I don't follow the entertainment industries. All-in-all, though, what he wrote sounds pretty good to me, though it shows that he has no idea about Web 2.0. Seriously, he DOESN'T want the world to know what he does every second of every day? And then there's his appalling lack of txt-speak (not a single "u", "ur", "r", or "ne1" to be seen). Clearly, he will never be the voice of the next generation.

I'm ready for Armageddon... are you?

Responding to a "cyber attack" with a physical attack is so ridiculously out of proportion, it's absurd. If the military can't figure out a way to protect their computers from "attackers", then perhaps they never should have allowed the public onto their network in the first place, you think?

The biggest problem with responding physically to a "cyber attack" is that you don't know who the real source is. In physical combat, you can physically determine who is assaulting you, so you know, beyond any doubt, who to retaliate against. On the Internet, you have literally no idea who the source of an attack is. Sure, you can make an educated guess based on their IP address. But the prevalence of botnets is proof that the direct source may not be the real source. Physically attacking the location registered to an IP address may do nothing more than eliminate an unaware middleman.

Also, it's not hard to imagine how the rest of the world would react to a seemingly unprovoked against by the US, though I suspect the US would be more subtle than sending in a bomber (though I certainly wouldn't rule that out, either).

Just imagine... People growing up during the Cold War thought THAT was scary (and I have no doubt that it was). But if you ask me, the current (and no doubt, future) state is much more scary. At least during the Cold War, you had a good idea of who the "enemy" was.