Re: Responsible security research, he's heard of it
He does list the status of the bugs as "fixed" so perhaps he heard 2.2.0 wasn't vulnerable and felt it safe to disclose.
4662 publicly visible posts • joined 27 Apr 2007
Sadly it is entirely possible. The US has routinely brought legal actions against sums of money so I don't see any reason why they couldn't press charges against an alligator or the cat carcasses for that matter. Of course, they want the money but probably not the alligator unless someone in Justice has a hankering for new luggage perhaps with matching shoes.
Just because they say "bots found in the US would be referred to the FBI for cleansing" doesn't mean they define 'cleansing' the same way you and I would. I suspect cleansing means the entire contents was downloaded, the computer 'cleansed' and a remote back door installed, just in case. You can trust me when I say if I knew the FBI cleansed my computer, I'd instantly archive everything I could in the hopes it may provide some evidence of my innocence and get a new computer, router, ISP, etc.
current != power. The maser could use the same amount of power if the voltage is a billion times higher than said hair dryer. Likewise it could use more or much less than one billionth the power.
In short it's about as useful as comparing the muzzle energy of a bullet to the thermal energy of a steaming hot mug of coffee. Sure, shooting a hot coffee might sound like fun, especially if filmed with one of those super high speed cameras, but it's one less bullet you'll have for the zombie invasion and you'll probably wish you had that coffee when it's your turn to keep watch.
You can have a well balanced Triple Engine without balance shafts. Just make the crank a 120deg one.
Balance shafts aren't typically for primary vibration, which the 120 degrees gets you, but for secondary vibration. Secondary vibration is caused by the motion of the pistons and the angle of the connecting rod which means the top half of the stroke is completed faster than the lower half. Here's why: as the crank rotates from top dead center (TDC), with the connecting rod inline with the crank throw, toward 90 degrees the connecting rod makes an angle with the bore axis so when it reaches 90 degrees the connecting rod is effectively shorter and the piston is actually beyond half of its stroke. Let's work some numbers to illustrate: we have a stroke of 75.4 mm so the crank throw is half that, 37.7 mm, and if we assume the rod to be about 150 mm in length this means the piston wrist pin is 150 + 37.7 = 187.7 mm above the crank at TDC and 150 - 37.7 = 112.3 mm. Now at 90 degrees the connecting rod is at an angle of atan(37.7/150) = 14.1 degrees so the piston wrist pin is now at a height of 150*cos(14.1) = 145.5 mm which is 4.5 mm below the middle of the stroke. This means the piston travels further between crank angles 270 - 0 - 90 than it does when the crank turns from 90 - 180 - 270.
Explorers, we asked you to be pioneers, and you took what we started and went further than we ever could have dreamed: from the large hadron collider at CERN, to the hospital operating table;
I suppose it works if it was exploratory surgery.
But it does beg the question as to who was wearing them.
So if I add several headers that look just like Verizon's UIDH, will they scrape it off when they add their own or will it just be extra? I'm just curious to know if it's possible to send a HTTP request out with a dozen different UIDH headers and up the noise to signal ratio. I suppose it's possible to configure a device to use a proxy or vpn that scrapes the header. Hmm, anybody think folks would pay for a header scraping service?
Ok, I had to look. I couldn't find any regs at NHTSA about a physical connection other than crash safety related things. I was able to find an article over at dual lever steering, of course that's just a concept.
But look at how your phones changed in the past forty years... of course what didn't change depends on the relative position of your ears and mouth...
Phones changed because the functionality changed. With the introduction of automated switching gear you no longer had to bounce the lever a few times and say "Hi Mildred, can you connect me with 8394 Chicago?... Thanks Mildred" as you could dial the number directly. Function changed slightly with the DTMF making buttons more efficient. Trust me when I say I shouldn't get started on "smart" phones where the phone part is more an added-on afterthought than principle function but even the ears and mouth relation no longer has a bearing on the phone design if you're using an ear bud and mic which could easily be in finger cots on your thumb and little finger.
But without a SSN what else can they use to track every single microscopic detail and dollar in your life? It doesn't do them any real harm if your identity is stolen, credit trashed and you're tossed in debtors' prison since you're just a little fish in a big ocean. I mean sure if you've got enough money you can do a pretty good job of hiding things but why should the government bother itself with the big fish when it's much easier to keep the rest of us schooled in a bait ball for easy pickings.
Oh how could they! It's like they don't know me at all. :(
Wait, what?
They use Facebook likes? I don't understand; Facebook likes what?
Huh, a like is what I like on Facebook. But I don't do Facebook so it should be clear that I don't like anything Facebooky.
Oh, now I see. I guess they really do understand me after all, bless their little hearts.
Probably impossible to get the fix out by October. November may have been possible for a stupendous flaw with a desperate need for a fix (Heartbleed level stuff).
Well Google notified MS on 13 Oct. the Monday before Patch Tuesday so they had a day tops which is a non-starter, toss October. That effectively gave MS 29 days until Patch Tuesday in November (the 11th) and 57 days until Patch Tuesday in December (the 9th). Conveniently, since both October and December have 31 days, it put January's Patch Tuesday at 92 days from notification giving Google an opportunity to do their little dookie dance.
Now a cynical old fart, such as yours truly, might say that the GOOG held this little exploit close to their chest and carefully chose the timing to notify MS hoping MS wouldn't have enough time to cover it or would release another unstable patch. Either way MS gets a black eye. Notice that quarterly Patch Tuesdays are always 13 weeks apart and 13*7=91 so it isn't hard for the GOOG to piss in Microsoft's corn flakes or those of anyone else who sets a fixed update schedule for that matter. You see, what their dookie dance is really about is "our flexible release system is bigger better than your rigid one". Perhaps the children over at Google should lay off the sugar and caffeine for a bit.
The important word in LVT is "land". It's a tax on the value of the plot of land, not what is built upon it. 100 m2 of Mayfair pay the same tax whether there's 50 flats on it or one mansion.
Tim, you make an important distinction that I missed. In the US it is largely property tax as it has one assessment for the land, an LVT, and another for "improvements" which consist of buildings and such. That keeps tax on forested lots low, farm land slightly higher and higher still on fully developed land.
@ DavCrav
The only time an assessor makes a visit is when you make further "improvements" like adding a second floor or a garage, you did pull a permit I hope. They don't visit every year or consider maintenance to be improvements even if you spend a considerable sum upgrading from single pane windows to triple pane argon filled low-e windows as to them it's a window. At worst in a few places I've lived there was a ten year walk around to see if you've added something to the back yard that isn't visible from the street such as a pool or a shed but that's about all. It isn't like they inspect what size your TV or refrigerator is or whether you have gold bars stacked in the basement.
One downside to assessing the "improvements" is that the real estate industry is keen to have valuations go up as it means greater commissions for them and many owners like to see their "investment" appreciate in value, especially the ones who treat it like a cash cow and refinance ever greater sums to bolster their income or "consolidate their debt" (which is code for making more room on the credit card for additional purchases). This naturally leads to things like real estate bubbles which are rather nasty things when the correction comes to the market and it isn't helped by certain lending practices of course.
Ah, I see. As a fairly regular reader of Reason I took it as less amnesia and more a double shot of rubbing noses in it. Specifically to the red team in the sense of "it wasn't there before and it didn't suddenly get there by magic so what happened to the small government thing" and to the blue team "just because the government spends money doesn't make it a magical cure all". Granted as a response to the NYT it was most likely a direct jab toward the blue team but has the benefit of smacking down any smirking by a member of the red team.
The way property taxes (LVT) work in most of the US is the property value pretty much follows with inflation so if they suddenly raise the rate much beyond inflation there is substantial push back from the citizenry. Also, it is largely a local thing and everyone knows or can easily look up exactly where the money goes with certain fractions set aside for education, infrastructure and services like police and fire.
In D.C. they have an interesting way to solve the rental/occupancy problem and that is to tax an empty building at a higher rate, 5% if actually empty, down to .85% if fully rented thus providing an incentive to acquire and keep tenants. Sure, the tenants wind up actually paying the tax but it provides a bit of leverage to tenants as landlords will actively try to keep their occupancy up and their tax down. Other landlords will also do their best to fill vacancies as well and may offer a rental at a lower rate if it means giving up a little extra rent in exchange for a lot lower tax. The trick of course is to find a rate that fits the locality.
Lars, it seems you're not familiar with Reason. They are quite aware how much and who pays for the military and the associated costs of universal militarization.
When I use the word 'fast' it would mean the Ferrari's 180+ mph top speed would make it 'faster' than the Tesla but I would also say the Tesla is 'quicker' than the Ferrari based on the 0-60 time. I'm just curious, is that an English (UK vs US) thing or am I just being an arse bringing it up?
Hahahahahahahaha hahahahaha hahahaha. Wooo, who knew the man was such a talented comodian. If G.W. had said it, it would be a humorous bit of hypocrisy but coming from the champion of "Change" it's flat out hysterical. I suppose he could believe privacy means holding a copy of everything in a government database but it's probably more likely that he wants us to believe it will be safe in that database.
Since you asked.
Chicken hearts (halved or quartered), ginger, garlic, sliced leeks (into rings not the long way), saki, cayenne or Thai chillies and sesame oil. Mince equal parts ginger and garlic, add to saki and chicken hearts, allow to marinate for an hour or two. Saute leeks, saute hearts with chillies - salt and pepper to taste. Serve hearts on a bed of leeks or stir fry the whole lot in one go. Optionally, chopped streaky bacon makes a nice addition.
They don't infect the connector yet but a peak inside the cable shows that it wouldn't be hard to construct a cable or any adapter with a malware payload built right in and given how easy it is to find counterfeit parts of premium brands it may not be long before it hits the mean streets. If someone figures out how to infect a legit Apple cable without external modification then screwed will take on a whole new meaning. It seems Semtech is holding the GN2033 chip datasheets pretty close to its chest but that only buys a little time and I would be surprised if the various TLA branches of government weren't actively working on it.
A pint of goat urine would be more pleasant to consume.
Bud? Really? You've really got to stop consuming the mass market US food stuffs and stick with the small craft makers products. It doesn't matter if it's chocolate or beer. There is a reason the trots are often referred to as 'the hershey squirts' here in the states.
If you want to do something that requires elevated access on *NIX you have to run SUDO - which executes as UID 0 = root.
Actually you can specify the UID by using the -u option on the command line so while the default may be root but it doesn't have to execute as root. There are also a whole host of other options you can set in sudoers including limiting who can run which commands and the GID/UID those commands use to execute. It seems that "you can directly assign just the rights needed and elevate only those without running a root level user process to get there" in *NIX as well.
Don't forget that those 90 days also include the great turkey eating challenge, a.k.a. turkey-day or Thanksgiving. That also kills half a week to a week easily as folks tend to travel far and wide at that time. Besides, most folks who aren't burning vacation days and go into the office operate on cruise control between turkey-day and new year.
It must be about jobs because all modern pumps have a safety valve that shuts the flow if a car drives off and pulls the hose out of the pump. Back in the day I lived next to a local station owner and we would chew the fat when I stopped in. He was quite pleased with the then new tech as he had a drive off two weeks after he updated his pumps and was quite impressed by how little gasoline wound up on the ground and that he could clean it up with a single rag instead of a few bags of kitty litter.
Unfortunately it didn't help with the yahoos with the older cars with the filler behind a spring loaded plate. It seems they would try jamming the plate with the gas cap while they walked around doing other things the cap would pop out and the plate would flip back up tossing the nozzle out which would then continue to spew fuel on the ground. I'm kind of glad we don't have the filler behind the plate anymore even if it was a cleaner look and it didn't matter which side of the pump you pulled to.
One problem I had with my WP8 Nokia was that the screen, which worked fine with gloves, was too sensitive without gloves. Even with the sensitivity set to the lowest setting I was constantly getting the stupid search to pop up when reaching across to touch a tile on the left side of the screen because it would register the base of my thumb near the search icon. I know, I'm holding it wrong.
BTW voice control is pretty standard even on my new Passport. It's true, I can search the phone or the internet, make calls, play music, write texts, twitter, set reminders, navigate, send emails, etc. all by voice just like everyone else. I imagine dictating a formula filled spreadsheet would get a bit tedious but it's theoretically possible.
As for typing speed, the cheating claim is a bit petty. It's pretty clear from the MS video that the guy competing for the record had practiced quite a bit and I'd wager if you rotate the phone or swapped to a different size phone his speed would change drastically because the muscle memory wouldn't be as accurate. Besides it's a phone, I'm not likely to write something the size of War and Peace on it. Granted, I'm considering making a small dock that uses the Slimport for the monitor and BT for a regular keyboard and mouse to investigate if it's good enough to ditch pass along the aging desktop I've got.
@Captain DaFt,
Sounds like a place I worked and eventually it drove the head of IT to seek greener and saner pastures elsewhere. Before he left he changed all the admin/root passwords hoping all the higher ups would clearly understand why he was leaving but most of them thought it was funny. The password was Dilbert.
Anyone who says different is a pinko asswipe limey faggot.
Puh-leese! How many times do we have to tell you? It's "commie pinko asswipe limey faggot". If you leave off the 'commie' it detracts from the 'pinko' and almost makes it sound fashion forward. I have to be honest, the oversight brings what started out as a 10 down to a 6 maybe 7 tops. A good effort but do try harder.
(maybe this is actually what the FBI did, as it's possible they might actually know what they're doing)
Possible, yes. Probable, no. It's also possible our dog knows as many swear words in Cantonese as I do since on hearing certain words we both turn toward each other with the "was it you" look. In the end it doesn't take a rocket scientist to know when it's a good time for both of us to retire to the shed for a few hours.
The problem being that the Amazon and Nokia(?) forks of Android are selling like hotcakes.
That would be long* before the three martini lunches start.
*for small values of long. I've never quite figured out when or if they actually ended. Perhaps it's more a buffer space than an actual single event. Dear $DEITY! I've just realized a pub is just a TLB for people!
This is why you gift experiences rather than material goods. The value of memories collected on a beach in Aruba, a trek to Machu Picchu, a nice evening out to dinner and a show or a simple day at the spa is far above that which can be derived in some sort of brick that will be perceived as obsolete, slow and grotesquely inadequate in less than a years time. Champagne, candlelight and chocolates in front of a warm fire on a chilly evening is a far better gift for both of you than spending one more day in the office trying to please the C-suite with cheap kit. No, I don't care what she thinks she wants because sometimes you have to break out of the staid mold and let your hair down and the more practical the both of you are the more you need to unplug even for one day. Gifts aren't practical, they are what a person wouldn't buy for themselves but might still enjoy and if you're wrong, it happens from time to time.
@ Peter Simpson 1, You can alternatively tape a small piece of the certified k-cup where the sensor is for a more permanent fix. Before the patent ran out on the k-cup I wondered if they would go this route to keep their margins and I expect they'll soon introduce a second tag designed to work only in 'commercial' applications for workplaces who don't want their employees nicking a free cup or six to use at home.