Here's an openbsd VM with tor and a bunch of web browsers preinstalled. There's packet filter rules so even if the vagrant user gets owned, it cannot transmit traffic on the outboard network interface. https://github.com/WIZARDISHUNGRY/openbsd-hiddenfortress
A little bit of googling makes it seem like auth tokens are not sent it plaintext over HTTPS but are authenticated using challenge response – http://forums.dropbox.com/topic.php?id=47952 The WWW site may differ.
Obviously that would work, but not if you're using Challenge-response authentication. In general, I don't think people bother with now that when using https.
Assuming they use straight up salted sha256, my five year old core2 laptop does at least 10,000 per second, per core. They could check every user for the top 10k passwords for a few hundred bucks of EC2 time.
That seems like a perfectly good solution to me. Storing a hash of each signature is say 256 bytes and supposing an upper limit of 10,000 signatures, the database file is pretty small. (Better hope they sign the signature database though)
He convinces the FCC to require right-wing channels to link to left-wing channels, Christian channels to link to Muslim channels, vegetarian channels to link to meat-eating channels.
"The [linking] icon itself would not require anyone to read anything," Sunstein writes. "It would merely provide a signal, to the viewer, where a different point of view might be consulted." The FCC approves Sunstein's plan for a "Fairness Doctrine" for the online world, and the FCC sets up a new Bureau of Links to enforce the practice.
The FCC once did enforce a 'fairness doctrine' on broadcasters, and some Democrats occasionally discuss bringing it back.
Meanwhile, some jurisdictions (moreso in Europe) have considered creating a government-enforced 'right of reply', forcing websites to link to opposing viewpoints. And Obama advisor Sunstein has at times advocated (but wisely pulled back from) the same cross-linking and 'sidewalks' mandates that Shafer imagines being implemented:
I downvoted you, but also feel compelled to reply. There are many valid reasons to criticize ITP or to discourage certain people from going there, but you aren't criticizing, you're flaming.
Disclaimer: I come from a CS background (Stanford), but work at a company (Foursquare) where several of the non-engineering founders/early-employees come from ITP, but the engineering team is entirely non-ITP. Also, two of my closest friends have been in ITP. Other than that, I have never been personally affiliated with ITP.
The vibe I get from ITP is definitely a mixed bag of technology and art school. Coming from my background, it feels much closer to an art school than to a CS school. I have no doubt that I would be immensely frustrated in such an environment. Consequently, I've never seriously considered going there, despite the insistence of several close friends. I recognize that ITP is not for me: my technical skills would likely not improve much as a result of going to ITP, and the art-school-vibe would be both unpleasant and frustrating for me.
That said, I can see how certain people could benefit a lot from ITP. If you're an art-inclined individual that wants to get in touch with your tech side, at least enough to be able to build your own prototype without having to rely on someone else. (E.g., get rid of the "I've got a great idea and I'm looking for a technical co-founder" problem... surely everyone on HN can get behind that.) Or if you're a tech-inclined individual and want to get in touch with your art side, to explore how people interact with technology and how even simple technology can drastically change everyday behavior. I think both of these people could benefit from ITP.
The biggest startup successes recently (Facebook, Twitter, Groupon) didn't start with any kind of technological edge. They were a simple PHP website, a basic Rails stack, or practically a static HTML site. Of course, SIGNIFICANT and SOPHISTICATED engineering effort has gone into making these sites scale to their current success, but they proved their worth and achieved traction with little engineering effort. Generally, they distinguish themselves from the pack via their softer side, by building communities and human value through good product design rather than technical prowess. The initial version of Foursquare was a tangled mess of PHP code that was clearly written by someone who know just barely enough to get the job done. You could read the code and cry. But it was enough to get them to tens of thousands of users and millions in funding.
So yes, there are many reasons not to go to ITP. But even a technical person who aspires to be a startup founder could find many reasons to go.
Word. If you're interested in this kind of work, look to MIT (Media Lab), Georgia Tech, Stanford (CCRMA), the UC schools (CNMAT, UCLA design, UCSD, UCSB, etc.), McGill (music tech|CIM|SRE) & Concordia (SIP|comp. arts), RPI (empac), and others. ITP is for beginners.
Developing Chrome is a risk. It's only a hedge against risk if it works.
It's a little like if you could buy insurance, but there'd be a 25% chance that you paid for it and it just didn't do anything. The insurance is a hedge against risk, but buying it is (another) risk.
