"Nicolas Alvarez" <nic### [at] gmailisthebestcom> wrote in message
news:47f52c1c$1@news.povray.org...

> >
http://www.nytimes.com/2008/03/29/science/29collider.html?pagewanted=1&_r=3&
hp
> >
>
> Bleh. Registration required.

As an alternative

http://www.newscientist.com/channel/opinion/dn13555-particle-smasher-not-a-t
hreat-to-the-earth.html?feedId=online-news_rss20

Post a reply to this message

Warp wrote:
> Bill Pragnell <bil### [at] hotmailcom> wrote:
>> The trouble is, most people don't realise that when a scientist says 
>> something is unlikely, they could easily be talking about a 1 in 1e30 
>> chance or less. Basic honesty and innate pedantry forbids them from 
>> saying outright that something is impossible because they don't honestly 
>> know for absolute certainty. Of course, the slightest chance that a 
>> pico-blackhole with less mass than a proton could appear and start to 
>> eat the earth, however slowly or briefly, can very easily be used by the 
>> press to sell at least 1e30 papers...
> 
>   I think that it's a lot more likely that a black hole travelling at
> almost c towards us will collide with the Earth in the next 10 years
> than a micro-blackhole created by humans eating the Earth.

Agreed. If it's very small we probably wouldn't even notice.

Post a reply to this message

> Agreed. If it's very small we probably wouldn't even notice.

If it's big, you think we would notice either? :)

Post a reply to this message

Nicolas Alvarez wrote:
> HTTP auth is not "perfectly good"; but I agree with the general sentiment.

What's wrong with it, other than being limited to name/password as input?

-- 
   Darren New / San Diego, CA, USA (PST)
     "That's pretty. Where's that?"
          "It's the Age of Channelwood."
     "We should go there on vacation some time."

Post a reply to this message

> Nicolas Alvarez wrote:
>> HTTP auth is not "perfectly good"; but I agree with the general 
>> sentiment.
> 
> What's wrong with it, other than being limited to name/password as input?

A good start is: how do you logout?

Post a reply to this message

Nicolas Alvarez wrote:
> A good start is: how do you logout?

You shouldn't need to. You're not connected to the site between page 
fetches. In terms of "how do I remove the password from my machine", 
that would be a local matter.

-- 
   Darren New / San Diego, CA, USA (PST)
     "That's pretty. Where's that?"
          "It's the Age of Channelwood."
     "We should go there on vacation some time."

Post a reply to this message

> Nicolas Alvarez wrote:
>> A good start is: how do you logout?
> 
> You shouldn't need to. You're not connected to the site between page 
> fetches. In terms of "how do I remove the password from my machine", 
> that would be a local matter.

Exactly. Browsers give no UI to stop sending the login information to 
the server.

Post a reply to this message

Nicolas Alvarez wrote:
> Exactly. Browsers give no UI to stop sending the login information to 
> the server.

Firefox certainly does. It's in the exact same panel you go to to clear 
out the "don't save passwords" for the more common "fill in this form to 
get a cookie" kind of tracking.

-- 
   Darren New / San Diego, CA, USA (PST)
     "That's pretty. Where's that?"
          "It's the Age of Channelwood."
     "We should go there on vacation some time."

Post a reply to this message

> Nicolas Alvarez wrote:
>> Exactly. Browsers give no UI to stop sending the login information to 
>> the server.
> 
> Firefox certainly does. It's in the exact same panel you go to to clear 
> out the "don't save passwords" for the more common "fill in this form to 
> get a cookie" kind of tracking.

You mean Remove private data, Authenticated sessions? That's like 
telling people to manually delete cookies from all websites when they 
want to log out from a single place, instead of a "logout" button.

How do I log out of *one* website?

How can a website automatically log you out after inactivity? (cookies 
have expiration date)

Isn't it safer to send a cookie with a session ID back and forth than 
sending your actual username and password on every page request?

Post a reply to this message

Nicolas Alvarez wrote:
> You mean Remove private data, Authenticated sessions?

No. Tools->Options->Privacy->Passwords.  Exactly where you'd expect it.

Authenticated sessions are SSL cookies, nothing to do with passwords.

> How do I log out of *one* website?

Tools->Options->Privacy->Passwords - remove the password for that site.

> How can a website automatically log you out after inactivity? (cookies 
> have expiration date)

With the normal HTTP login mechanism, you're logging in every time you 
fetch a page, so the question is meaningless.

If you're inactive, why does the web site need to "log you out"?  Why 
can't it just discard your session, empty your shopping cart, or 
whatever else it does when you normally "log out"?

How does the web site keep you from saving the password in Firefox for 
more than 30 minutes, forcing you to retype your user name and password 
if you're idle too long?  How does the web site keep you from leaving 
the password-protected page on your screen after too much inactivity?

BTW, cookie expiration is enforced by the browser, not the server. Try 
expiring a cookie on most cell phones. Hint: It doesn't work.

> Isn't it safer to send a cookie with a session ID back and forth than 
> sending your actual username and password on every page request?

No.  Cookies can be hijacked. MD5 message digests can't.

-- 
   Darren New / San Diego, CA, USA (PST)
     "That's pretty. Where's that?"
          "It's the Age of Channelwood."
     "We should go there on vacation some time."

Post a reply to this message