Shared posts

27 Apr 21:51

babygonzo: would you leave if someone did this?

firehose

that is not a large pizza and there are at least four people, how the fuck does this happen



babygonzo:

would you leave if someone did this?

27 Apr 21:44

C2E2: "Torchwood" Star Eve Myles Asks, "Do You Want a Series 5?"

firehose

NO
NOOOOOOOOOOOOOOOOOOOOOOOOO NO NO

While fans waiting for more "Torchwood" might be waiting a bit longer, Eve Myles' spotlight panel at C2E2 delighted the show's viewers more than a few behind the scenes stories—many of them quite dirty.
27 Apr 21:42

Clippers Stage Silent Protest

Before Game 4 against the Golden State Warriors, the Los Angeles Clippers chose to take off their shooting shirts and wear their warm up shirts inside out to protest owner Donald Sterling's alleged racist remarks.
27 Apr 21:42

(via Twitter / davidschneider: Good to see Monopoly have updated...

27 Apr 21:41

Are US universities choosing rich Chinese students over Asian Americans?

by Lily Kuo
firehose

good work Dartmouth, you've passed Brown

Bo Guagua, son of former Chinese official Bo Xilai, graduating from Harvard University in 2012.

An editorial in the Chinese financial magazine Caixin points out another potential obstacle for Asian Americans trying to get into college: hundreds of thousands of wealthy Chinese students that are flocking to US schools every year.

American universities, especially elite schools, have been suspected of admitting a disproportionately low number of Asian American students given their high test scores and academic performance. Over the past five to six years, these schools—faced with less private and public funding—have also started depending on international students who pay full tuition to pick up the bill. “Asian Americans now face a double barrier to entry at US universities,” writes the Caixin author Wu Yuci.

Of this pack of international students, Chinese nationals are leading the charge. As China’s economy has developed, more wealthy families are choosing to send their children to American schools. (The daughter of current Chinese president Xi Jinping attends Harvard under a pseudonym, and the son of deposed Chinese official Bo Xilai attended Columbia and Harvard.)

The country has overtaken Japan, Taiwan, and India—previous major exporters of international students. Last year, China was the top sender of international students to the US for the fourth year in a row (pdf). Still, that these students are posing a threat to US students isn’t clear cut. The number of Chinese students pales in comparison to the overall population of Asian Americans enrolled in universities: Enrollment-in-American-universities-Asian-American-students-Chinese-students_chartbuilder At the same time, the trajectory of the two groups couldn’t be more different. Even though Asians form the fastest-growing minority group in the US, their enrollment in US schools stopped increasing in 2009 and has started to fall off. And over the same period, enrollment among Chinese nationals has spiked. Asian-American-students-enrolled-in-US-universities-Asian-American_chartbuilderChinese-students-enrolled-in-US-universities-Chinese-students-in-the-US_chartbuilder (1) Enrollment data at elite universities is perhaps the most suspicious. Despite the fact that Asian Americans are scoring higher than ever on the SAT and majority Asian high schools are the country’s top schools for scores on the SAT and ACT, enrollment at most of the best American colleges has either plateaued or fallen.

​ The American Conservative

At Harvard University, which has faced various charges of bias since the 1990s, the absolute number of enrolled Asian American students has risen about 33% to 3,595 in the fall of 2012, from 2,696 in 1994, according the National Center for Education Statistics. But their percentage of enrolled full-time students has fallen from 20.6% in 1993 to about 16.5%,for much of the past decade, according to the American Conservative

In contrast, the number of Chinese students enrolled at top schools has grown. Chinese enrollment has more than tripled over the same period, from 196 to 686, according to university enrollment numbers (pdf, p. 1).

27 Apr 21:38

Monowheels: The coolest deathtrap on one wheel

by WIRED UK
A Swiss engineer known as Mr. Gerdes designed this monowheel. It is pictured here, ridden by a man who may or may not be Mr. Gerdes, apparently on a trip to Spain in 1931.

Well sir, there's nothing on earth like a genuine, bona fide, electrified, six-foot monowheel. It's on our list of ideas from early 20th century gearheads that we wish had caught on, if only because they look so cool (definitely not because they're safe).

The monowheel became something of a trend between world wars, when excited visions of the future seemed to spring from the joy that there even would be a future. Although dozens of varieties rolled out over the years since the 1860s, you're unlikely to see one. They now exist mostly in patent applications, magazine covers, and a handful of garages. Unsurprisingly, they've made plenty of appearances in sci-fi flicks, adding a measure of cool to otherwise mediocre movies.

The basic principle of the monowheel is easy to understand: Build a big enough wheel, and you can put a rider insider of it along with a motor to move the whole works forward. Early versions featured various combinations of motors (gas, electric, pedal-powered) and gear assemblies and are said to have reached speeds up to 93mph—though their manufacturers were known to claim ludicrous speeds. Some versions were refined into relatively practical, not-totally-guaranteed-to-kill-you ways of getting around, if you're brave enough to hop in.

Read 6 remaining paragraphs | Comments

27 Apr 21:35

The Sailor Moon Reboot Has A Cast, An Air Date, And Some New Character Designs

firehose

'July 5, and will be streamed internationally via the Niconico video service. New episodes will air twice per month, on first and third Saturdays at 6:00 AM EST (ah, time zones).'

venus appears to be wearing a roasry as a belt

It's happening. It's happening. The cast of the new Sailor Moon anime series was announced today, and with it came some news I'm definitely in favor of. Kotono Mitsuishi, the original voice of the title character, will be reprising her role in the reboot. Huzzah! As for the remaining Inner Senshi, they're getting some new voices: Hisako Kanemoto as Ami Mizuno/Sailor Mercury, Rina Satou as Rei Hino/Sailor Mars, Ami Koshimizu as Makoto Kino/Sailor Jupiter (aka the best one), and Shizuka Itou as Minako Aino/Sailor Venus. It's not quite the reunion some of us were hoping for, but it's good stuff nonetheless.
27 Apr 21:33

How I used Heartbleed to steal a site’s private crypto key

by Ars Staff
Aurich Lawson / Thinkstock

By now everyone knows about the OpenSSL Heartbleed vulnerability: a missing bounds check in one of the most popular TLS implementations has made millions of Web servers (and more) leak all sorts of sensitive information from memory. This can leak login credentials, authentication cookies, and Web traffic to attackers. But could it be used to recover the site’s TLS private key? This would enable complete decryption of previously-recorded traffic if perfect forward secrecy was not negotiated at the time and otherwise Man-in-The-Middle attacks to all future TLS sessions.

Since this would be a much more serious consequence of Heartbleed, I decided to investigate. The results were positive: I was able to extract private keys from a test Nginx server after a few days' work. Later I applied my techniques to solve the CloudFlare Challenge. Along with a few other security researchers, we independently demonstrated that RSA private keys are indeed at risk. Let's go through the details on how to extract the private key and why the attack is possible.

How to extract the private key

Readers not familiar with RSA can read about it here. To simplify things a bit, a large (2048 bits) number N is constructed by multiplying together two large randomly generated prime numbers p and q. N is made public while p and q are kept secret. Finding p or allows recovery of the private key. A generic attack is just factorizing N, but this is believed to be difficult. However, with a vulnerability like Heartbleed, the attack is much simpler: since the Web server needs the private key in memory to sign the TLS handshake, p and q must live in memory and we can try to obtain them with Heartbleed packets. The problem simply becomes how to identify them in the returned data. This is easy, as we know p and q are 1024 bits (128 bytes) long, and OpenSSL represents big numbers little-endian in memory. A brute-force approach treating every 128 consecutive bytes in the Heartbleed packets as little-endian numbers and testing if it divides N is sufficient to spot potential leaks. This is how most people solved the CloudFlare challenge.

Read 10 remaining paragraphs | Comments

27 Apr 21:32

Working Pip-Boy 3000 from Fallout built for NASA challenge

by S. Prell
firehose

iPhone + sensor + "homemade geiger counter" + microcontroller

A fully functional Pip-Boy 3000 has emerged from the vault of Team Reno, a five-member group of people way, way smarter than us. The device can display relative humidity, altitude, latitude and longitude, atmospheric pressure, ambient temperature,...
27 Apr 21:31

Nephew: Star Wars was in Captain America's list of things to see right? Is he going to watch all six? He's going to find out that Nick Fury is a Jedi.

Nephew: Star Wars was in Captain America's list of things to see right? Is he going to watch all six? He's going to find out that Nick Fury is a Jedi.
27 Apr 21:31

Photo



27 Apr 21:30

Racist throws banana at Dani Alves, so he eats it and wins

by Ryan Rosenblatt

Perfect response to racism is perfect.

Unfortunately, there are still racist jerks in the world. One of those racist jerks threw a banana at Dani Alves on Sunday.

So he ate it.

More from our team sites

It's not so much a matter of Dani Alves 1, Racism 0 as it is Danny Alves just beat the piss out of racism and ate it for dinner.

H/T @TheFamousRed

27 Apr 21:28

Security flaw puts all Internet Explorer users at risk, exposes Windows XP

by Dante D'Orazio

If you're still using a 12-year-old operating system, a new security flaw discovered in Internet Explorer should cause you quite a bit of consternation. Microsoft published a security advisory today warning its customers that a vulnerability in all versions of Internet Explorer (6 through 11) could let hackers gain full user permissions over your computer, allowing them to install programs, view and delete data, and much more simply by visiting a website.

That's not good, but at least anyone using Internet Explorer on a modern version of Windows will likely see a patch within a couple weeks' time. Since Microsoft finally ended support for Windows XP on April 8th, it will not receive an update. This is the first known security flaw since that support deadline passed, and it bears true the warnings voiced by the tech community. Windows XP is no longer secure, and it's time to move on.

Security firm FireEye, which revealed the flaw to Microsoft, says that there's evidence of an active exploit targeting Internet Explorer 9 through 11 and Adobe Flash. All Internet Explorer users, regardless of operating system, have a few choices for avoiding this exploit. The easiest method is to use another browser, like Chrome or Firefox (both of which are currently still supported for Windows XP). If you need to stick with Internet Explorer, Microsoft has published some more advanced methods alongside its service advisory. Regardless of what you do, it's a good a idea to take some action to make sure you're safe from the exploit.

27 Apr 21:28

Community college drops choice for president after discovering misconduct claim | OregonLive.com

by gguillotte
Central Oregon Community College decided not to hire its top choice for college president after discovering he was put on leave by another institution when a colleague accused him of sexual misconduct. The community college was poised to name Patrick Lanning its next president on March 17, but it postponed the board's vote without explanation. On April 9, the board voted to drop Lanning from consideration. A colleague filed a tort-claim notice with Chemeketa Community College, Lanning's current employer, on Feb. 24, accusing Lanning of sexual misconduct at a Portland airport hotel in early February, The Bulletin of Bend reported.
27 Apr 19:33

Mack’s bio - Captain Commando (Capcom - arcade - 1991)



Mack’s bio - Captain Commando (Capcom - arcade - 1991)

27 Apr 19:33

(via Twitter / leighalexander: I think I hate secret.ly …)

firehose

welp

27 Apr 19:27

NHL Playoffs: Rangers take series lead against Philadelphia

by Pat Iversen

The Flyers couldn't overcome a three-goal deficit and dropped an important Game 5 in New York.

Flyers fans will probably be regretting the fact that injuries forced defenseman Hal Gill to play in just his seventh game of the season in Game 5, especially since one of his mistakes led to the game-winning goal.

But the rest of the hockey world should be grateful, since Gill's gaffe resulted in the best celebration of the season.

When Brayden Coburn tried to pass the puck to his blueline partner in the third period, Gill lost the puck in his skates and Dominic Moore pounced.

850331290

(via @MyRegularFace)

It was a nifty play, but the real gem was the celebration between Moore and teammate Brian Boyle.

Moore_and_boyle_love_gif

Aw. They love each other. Best hockey hug of the season, by far.

27 Apr 19:27

Just two men are tasked with taking care of OpenSSL

by Dante D'Orazio

OpenSSL is a key security backbone for untold thousands of websites to make sure strangers can't see what you're doing. But as the Heartbleed bug as revealed, this essential tool is in dire need of support; the hodgepodge team in charge of upkeep for the open source protocol is severely understaffed and underpaid. Buzzfeed has published a wonderful feature story on the two men who have been primarily responsible for OpenSSL for more than a decade, and it provides a look into just how a simple flaw like Heartbleed could have made it into the code. Thankfully, if one good thing has come out of this massive security breach, it's that OpenSSL may get some of the attention that it needs — there are already efforts to secure more funding for the project, and BuzzFeed reports that the team plans on bringing in a second full-time developer soon.

27 Apr 19:09

The Video Game Conference That Let Me Say Goodbye To A Departed Friend

by gguillotte
firehose

Nathan Grayson memorialized Annie at Lost Levels.

Kotaku front-paged this; stay the fuck out of the comments.

There it is. The bench. That exact park bench. It's one of the very first places where I said hello to a friend who would change the course of my entire life. And now I'm saying goodbye.
27 Apr 18:55

ANUBIS NO

roachpatrol:

kenaabik:

So I see this

image

and all I can think is 

image

this

image

image

27 Apr 18:17

ctron164: sizvideos: How to Tell Black People Apart by David...

27 Apr 18:16

Avanti CB350S

firehose

a reader donates a kegerator to phoronix, and they all but benchmark it, because it's phoronix

The Avanti CB350S is a very nice accessory for a home or small office when working long hours, but the engineering quality of the interesting product is questionable... Many Phoronix readers will likely love the Avanti CB350S once the issues are worked out.
27 Apr 18:14

villain chair - Captain Commando (Capcom - arcade - 1991)



villain chair - Captain Commando (Capcom - arcade - 1991)

27 Apr 18:13

Ain't No Poodle Skirt Like a K-9 Poodle Skirt

by Robert T. Gonzalez

Ain't No Poodle Skirt Like a K-9 Poodle Skirt

'Cuz a K-9 Poodle Skirt's got a ROBOTIC DOG ON IT.

Read more...








27 Apr 18:13

CEO Gurbaksh Chahal Fired By RadiumOne Board

According to sources, Gurbaksh Chahal has been fired by the board of RadiumOne, directly related to his conviction for battery and domestic violence.
27 Apr 18:13

El Salvador Is Imprisoning Women Who Miscarry

El Salvador is one of five Latin American countries, along with Nicaragua, Honduras, Dominican Republic, and Chile, that does not allow any form of abortion, in any circumstance — and scores of women have been imprisoned for suffering miscarriages.
27 Apr 18:13

Magic Johnson Says Donald Sterling Should Sell Clippers

“I respect him, I thought he respected me, but when these comments came out, it hurt. It didn't hurt me as much personally as it hurt me for all African Americans."
27 Apr 16:30

Fucking Star Fucking Wars

by Anonymous

I was a child when I Star Wars in the FUCKING THEATER in 1977 and I have to say that I am so sick and tired at the mere mention of it. I'm tired of the toys, clothing, shoes, baked goods, candy, wallpaper, posters, books, blankets, pillows, video games, the "shot for shot" remakes by idiot assholes, Star Wars-themed weddings, CEILING FANS (yes, you read that correctly), bike helmets (you read that correctly too), cartoons, "special edition" DVD's WITH "new" commentary, HORRIBLE sequels (or prequels), tattoos on douche-bags, jewelry, lunch boxes, LEGOS kits, the homemade costumes, the fan art, bedrooms decorated in a Star Wars theme by some fucking rich, bored father, the lunches this father also packs up for his wittle douche-bag snookums and finally, the rehashing of every fucking second that went on "behind the scenes." What's next, a condom made to look like a lightsaber? Wait a minute, that's actually a genius idea…time for a Kickstarter!

[ Subscribe to the comments on this story ]

27 Apr 16:28

Here's Why It Took 2 Years For Anyone To Notice Heartbleed

firehose

'So why didn't this virtuous circle allow OpenSSL to catch the Heartbleed problem sooner? The problem is that security vulnerabilities aren't like other bugs. Most bugs crop up naturally as people use the software. The most common and harmful bugs are the ones that get noticed and fixed first.

But security flaws don't come up naturally. They only surface when someone deliberately goes looking for them. And that can happen one of two ways. If security researchers find a security bug first, it can be quickly patched before much harm is done. If malicious hackers find a bug first, it can be exploited to catastrophic effect.

So the usual open source model of waiting for users to report and fix bugs as they discover them doesn't work for security problems. To find security bugs before the bad guys do, people have to be actively looking for them. And while many IT workers understand the importance of this kind of security auditing, it's much harder to convince management to devote resources to fixing theoretical security bugs when there are always more immediate non-security bugs requiring attention.'

which, eh, when the software's only purpose is to secure communications, maybe the usual patterns of OSS don't, or at least really obviously shouldn't, apply

Computer security is a classic collective action problem. We all benefit from efforts to improve software security, but most organizations don't make it a priority.
27 Apr 16:14

Photo