Windows Update can be turned off if worse came to worst. With repositories, people can be told to load a different key.
With a super-root key that has access to features that even the device owner does not possess, there is absolutely nothing anyone can do other than discontinue use of their device.
Even if someone got momentary access to the key (a hacked account on a HSM), the damage would be immeasurable, and hard to fix. Push out a package that disallows future updates via that channel, changes the private key to the blackhat's and then start polling a server array so the malware can download a payload such as a bogus ROM image and so on.
It is what a blackhat would be able to do if they were able to find Google's private key.
Re:didnt original Mac have minimal multi-tasking?
on
iPhone 4 News Roundup
·
· Score: 1
One of the things that made Macs usable again was OS X, and the NeXTStep pedigree.
I'm sure any dedicated Mac person remembers the days where one essentially had to restart their Mac after every application in order not to have a crash, and usually every 2-3 hours. This was the time where a roomful of Macs at a university would be empty. Things have done a complete 180 though. These days, the university has the same amount of Macs, and they are all used (although the old G4s have been replaced by iMacs.) The PCs have the empty chairs now.
The only complaint I have about Macs is that even though the OS has been replaced, HFS+ really is getting long in the tooth. I'd love to see the ZFS development effort [1] get revived, and ZFS used as the Mac's main LVM and filesystem. Especially these days, with ZFS offering deduplication.
[1]: Yes, there is ZFS + FUSE, but that is nowhere near the performance of native.
Firewall software? Maybe because it was because I am a UNIX guy and the kernel of these operating systems had control of the IP stack without needing third party programs. Or because a true firewall is a hardened hardware router that can withstand attacks not just coming from the outside in, but prevents items from coming from the inside out (such as E-mail from any box other than the designated mail servers.) A software firewall that is not built into the OS proper is pointless [1], as the OS should protect against incoming attacks, and if a malicious application is installed, the game is over anyway, so protecting against outbound stuff is pointless.
As for anti-virus, maybe on Windows, but I have yet to see malware on a serious UNIX system unless it is a Trojan (and no A/V system can protect against that.) However, I just find it almost laughable when I have to install McAfee on a pSeries box with some script to show it is running for audit reasons.
Instead, maybe the law should be worded as "proper security measures shall be taken to protect against malicious software and remote attacks." This way, an OS that has a decent IPS built in doesn't need to have third party stuff tacked onto it to make it compliant.
[1]: An exception is the DroidWall app on rooted Android phones. It provides good security because a lot of apps ask for network communication privs which shouldn't have it, and a user otherwise wouldn't have control of what can and what can't communicate out.
Actually, on a serious note, this is what I'm concerned about. By itself, Apple doesn't care one whit about what I am doing. However, there are companies and people who would love to have real time location data:
1: A DA is looking to run a query of anyone who is in a park after dark. She gets the iLocation data, finds a number of people's phones were in the area, then arrests them all for criminal trespass up to two years (statute of limitations) after the fact. This evidence easily persuades a jury to convict, because it is "high tech" and "precise" like DNA evidence.
2: Another county wants more speeding ticket revenue. They compare deltas of locations, then send citations to people who were on roadways, months if not years after the fact.
3: A principal wants to clamp down on people leaving campus for lunch. At the end of the school year, he grabs records, finds who has left grounds via their geolocation information, and suspends them from school during finals, so they can't graduate.
4: Someone had a retro rave. The local PD then a week later get the iLocation information and send arrest warrants on that a week later.
5: An insurance company decides that anyone who goes to a fart lighting contest is uninsurable. They get all the geolocation information of anyone in the area and cancel their policies.
6: Another insurance company gets the geolocation information of every protester at a rally. They are immediately dropped and blacklisted from auto, home, and health policies.
7: A company wants to make a blacklist of all "business hostile" people. They capture geo-location info of people at rallies and protests, then make a list of people who are banned for life. Large shops start subscribing to this list. Outcome: Protest at a march, and find yourself unable to buy groceries, buy gas, or buy any of the staples needed.
8: A foreign country wants to find out who hates them and retaliate. So they get geolocation data of who showed up at what rallies. Then in any business they own, they do mass firings of those people and order their business partners to do the same.
9: A hostile foreign country wants to find out certain gathering spots that have little security. They correlate the information from phones that security personnel have versus civilians. Then they launch a strike against soft targets repeatedly.
10: Elbonia's army is pissing Latveria's intel officers off. Latverian intel gets location info of all Elbonia army family members. Then launches repeated strikes against them. Result: Elbonia's morale to continue the war is decimated.
Also, if you have a rooted phone, you can install DroidWall, so by default unless you go in and allow Android to let an app communicate via 3G or Wi-Fi, it won't be able to communicate out. This is good for those apps that ask for full network rights without any need for them.
They are be a monopoly in some areas. Only one cable company gets control of the wires in a certain area.
Here in the US, a person usually has two choices, perhaps if lucky 3, perhaps if unlucky, none: Cable, DSL, or WiMax. Switching may not be an option. So, it may be that people get Comcast or dialup.
I might not spy monopoly, but I can see collusion happening. Get another ISP and then start charging for bandwidth. Unless the site is a "premium" site. Guess what? People will get worried if they exceed their quota, and hit the "free" site because it is "just as good". With net neutrality dead, there is nothing preventing ISPs from doing this.
Or perhaps the ISP would just not allow connections to anything other than the "blessed" sites, unless the person pays a fee per month and per kilobyte to go outside of the walled, paid for, garden. Perfectly legal, and unless someone steps in, this eventually will become reality.
It just seems like a niche product, and the niche is quite tiny.
For a netbook/laptop, a virtual keyboard won't cut it for a long typing session.
For a tablet PC, it is a bit unwieldy, and there are a lot of good alternatives on the market. The iPad comes to mind for a general function device. The Kindle or Nook come to mind for an e-reader that is easy on the eyes and doesn't burn batteries. And for general computing there are laptops which have the screen fold back so they can double both as a touch screen, and a regular laptop with a keyboard.
I am sure that there are some uses for it that come to mind for dedicated applications (control surface for music production, various embedded tasks), but for a general purpose device, there are a lot of form factors that are a lot more ergonomic.
The Ayatollah is just one person. If he gets killed, there are a lot of clerics who would take his place and who would be *far* more anti-West than what is there now. Same if Ahmadinejad bites it. Assassinating a cleric will only make things a lot worse than it is now. It would give the government a legitimate enemy, and rally people behind them, further enhancing their grip on power. The best thing the West can do is not give any justification to the extremists for their actions. This way moderates can eventually come to power who are more interested in turning Iran into a top world economic powerhouse than continuing to exist on anti-US propaganda.
The problem is that -most- revolutions trade one nasty boss for another that perhaps is more bloodthirsty. Iran comes to mind when the people dumped the Shah, then found themselves at the barrel of the gun held by bloodthirsty fanatics.
The only two exceptions in most of history where a revolution mattered for the average Joe would be the US revolution and the French revolution. Every other revolution in essence just changed one slavemaster for another.
The outstanding thing about T-Mobile is that they are forthright about their fees.
If some app on my Android phone decided to start eating bandwidth like mad, I'd just have to deal with EDGE speeds until the next billing cycle. If this happened on another provider, I'd be owing them a lot of cash.
My idea for a compromise: Have a maximum limit of bandwidth, and throttle (not kill) to EDGE speed once a user hits it. For example, the customer can buy x amount of bandwidth base per month, then authorized y more to be billed. If he or she goes over x+y amount of bandwidth, throttle and notify the user that they got choked, optionally offering to lift the limit to a higher amount on a temporary or permanent basis.
Far weaker would be a "4G" speed service [1] that is truly unlimited in bandwidth ("business class"), but costs $100 a month. I'd rather pay more and at least know that my phone bill will have a maximum bound to it, especially if I just have 1-2 computers and am well off by just using tethering. Long term, this might make cellular providers more money because they would be an alternative to cable. Sprint/Clear is doing a great job at this. I would like it if AT&T would follow suit.
[1]: Technically 4G is all IP communication, compared to 3G/3.5G voice and IP over different channels. However, T-Mobile's HSPA+ is as fast as Sprint/Clear's 4G. Either way, a speed that is usable as a possible replacement for a home Internet connection.
It depends on the user I'm talking to what terminology I use. For someone with a clue, I'll state virus (very rare these days -- people don't share executables), worm, Trojan/Trojanized program (the most common attack), browser/add-on exploit, drive-by download, logic bomb (like a disgruntled sysadmin keeping a file that if it doesn't get a touch in x amount of days, causes a rm -rf/net), or use the generic term, malware.
For Joe Sixpack who does not care about the difference, I just use "virus" for all malicious software, like Southerners use "coke" for any type of soda water. "Virus" already connotes something nasty where anyone who has ever gotten sick has learned what bad anything with that term does, while a something called Trojan might connote something used for pleasure at a truck stop, as opposed to something that is not to be run.
It depends on the printer. A cheap inkjet printer that will eat a set of cartridges on the first color photo, requires special drivers that only that model of printer needs (and are either only available on the driver CD and not for download, or a 4GB lord-king-God executable file that installs all sorts of crap), and only works with a few versions of Windows might be deserving of a choice spot at a "hardware compression" party.
However, there are good printers that don't suck sold today. HP Color Laserjets made in the mid to late 1990s come to mind. Good printers are still available from HP which actually work and don't give you the urge to send the thing sailing towards a hard object. However, printers like the HP CP 4005, CP 4525dtn or others are going to cost $1500 at the minimum, on up. However, with these, you can just use whatever the heck you like. Upload a PDF to the Web interface and print that way. Send it documents via lpr and PostScript Level 3. Feed it a SD card or plug a camera into it that understands EXIF, and let it automatically print. Because these use toner cartridges with decent capacity, you will pay more per cartridge, but they can print out a lot of color photos before it is time to replace them. Plus, toner doesn't dry out over time like cartridges do.
So, there are printers that don't give IT headaches. However, they do cost, and to PHBs, it may not be evident why a workgroup class color laser is far better than an inkjet printer (assuming there are no special needs for the inkjet like printing on transparancies.)
Apple has already done that with the MBAir. I do think that the rest of the MB line will go exclusively flash once there are motherboard based SSDs that have 250GB or more.
Other than the fact of upgradability/expandability, I wouldn't mind that. If the Flash drive were on a mPCIe card, or perhaps even a superfast MicroSD card, that would be a nice compromise between space and ability to get a larger disk.
This reminds me of when I was working at a Fortune 100 company. My boss and I were at a restaurant and were talking to a salesperson about some new gizmo which was very expensive, but we had multiple bids for.
This salesperson was rude as hell to the maitre d' and waitstaff. He ordered one thing, said he ordered something else, yelled at her with choice epithets, demanded another alcoholic drink because the last one wasn't good, then finally stiffed her on the tip. It was so bad that my boss and I both went in and handed the woman more than was the proper gratuity after the salesguy left.
Guess what happened when it was time to purchase the gizmo after the bids were in? My boss and I told the salesperson that we liked the product. But because of the way he treated people under him, his bid was not considered.
This isn't the 90s anymore where if you could spell "TCP/IP", you could get a top tier job in some dot-com startup selling IPX socket wrenches. A college education is no guarantee of anything now. It is pure luck if someone has a job or not unless they are at a peak of their career where their name is their CV. So, count blessings. All it takes is one PHB saying, "OMG, we can offshore this department to Elbonia and I can take credit for the cost savings and buy myself a new BMW!1!1one!" and the job is history. I've seen engineers who have more knowledge than minor deities about their field be given the axe because a MBA [1] who was managing the department drank the offshore ODM/OEM Kool-Aid.
People have to earn a living these days, and ringing up people at a register may not be a prestigious occupation, but it keeps the repo truck away, and food on the table.
Oh, and for maximum revenge, it won't be someone spitting in food. A good number of waitstaff I know have a college background but made the mistake of choosing the wrong major. So they are not going to exact their revenge in such an overt way. Most likely, it will be a waiter saying in a discreet (but loud enough to be heard by other people), "I am sorry, but your card was declined."
[1]: Something I don't get about MBAs. They take ITIL and ethics classes. In fact, these are required for an accredited degree. Why don't they ever put what they had to pass with a "B" or better into practice once the degree is awarded?
I should have stated computer media, because a quality book in a decent environment can last centuries, perhaps more as archival and preservation technologies improve.
Digitial media doesn't fare as well. Paper tape swells and gets misaligned. Punch cards can get put out of order and don't have the density to handle modern storage. Magnetic domains on tape drives get scrambled. CDs and DVDs suffer from oxidation on the dye layer. Photos fade [1]. Hard disks get mechanical issues such as bearing failure.
It might be that as posted above, one of the better ways for long term electronic preservation of information (assuming future archivists have access to modern technology and electricity) might be SLC flash (single cell so there is always a large difference between a 1 and a 0 compared to having to guess if the value is a 0, 1, 2, or a 3), and have the media connected to some power source. This way, the media can get a recharge to protect against data loss due to electron tunneling, but also periodically check if any errors have cropped up, and use onboard ECC to rewrite any blocks that have been damaged over time.
[1]: Photos might be a good way of storing data, and there was an IBM mainframe in the 1970s which actually used black and white negatives as WORM storage. However, there are always issues of data density, and making sure the film is preserved (stored well away from UV light, etc.)
Actually, I'd love something with any of the following:
1: Noticeably better price, but without sacrificing reliability. An average HDD in the enterprise has 1 million hours MTBF with constant reads/writes. A SSD should be similar, or perhaps a lot more because there are no moving parts.
2: An archival grade SSD that can hold data for hundreds, if not thousands of years before so many electrons escape the cells to make a 1 or a zero impossible to tell apart. I don't know any media that can last for more than 10 years reliably. Yes, maybe a CD-R or two may last that long, but it is more of a matter of luck than anything else.
3: SSDs using a different port than SATA. Perhaps have it interface as a direct PCI-E device with a custom bus to add more SSD capacity in a similar form factor to RAM DIMMs.
4: A SSD drive built onto the motherboard. This way, a laptop can be a bit thinner due to not worrying about a 2.5" drive.
5: Combine #1 and #2, and make a device like a tape library that can take SSDs in an optimized form factor and switch them in and out. This way, backups can be copied to a SSD module, module can be dumped in a bin for Iron Mountain to take off.
6: Combine a cryptographic token and a SSD array, so one can have an encrypted hard disk where the PIN is typed on the device itself before it can be used. This way, no keyloggers on a compromised PC can intercept the data. Add to this volumes where various PINs protect certain volumes and too many wrong guesses would have the device zero out the key for that volume, and this would be a way to back up PCs securely without needing any additional encryption software.
7: Combine a fast flash array with a tape library for an easier way to do D2D2T backups.
8: Put some flash onto a tape format, so a tape can be encrypted with one key, but the flash storage on the tape would store an access list of who can unlock the tape's master key. This way, a passphrase, a smart card, and a PGP/gpg key on someone's machine all work to recover data from a tape.
9: A read-only format that can be made very cheaply with a decent capacity. If done right, this might be able to replace Blu-Ray for a movie or audio format. To boot, libraries can be made where all the disks could be readable at once.
10: A standardized full disk encryption format. This way, I insert a flash disk into my camera or phone, enter a password, and it can read/write to that. Then, put it into my computer, type the passphrase, copy the data. If the flash disk is stolen, the data is protected unless the attacker can yank the key out of the computer or phone's memory (a lot harder feat than just picking up an accidentally lost flash drive.)
For a small server, I like the Mac Mini server that has two disks and no optical drive. For basic stuff on a small business network, it might be an extremely good choice. On the order page, one could buy the one with the two 500GB internal drives and OS XS, mirror those drives, then buy a Drobo or SmartStor for a FireWire 800 disk array. This can easily handle a workgroup level backup system like Retrospect, or be a decent E-mail/OpenLDAP/backup DNS/DHCP server.
The only thing I wish the Mac Mini had was a Kensington security slot. Mainly because something that small needs some type of anti-theft measures or else it may wind up someone else's server quite quickly. A Kensington security slot isn't going to stop a determined thief, but it will slow them down and force them to deal with a lock mechanism as opposed to just yanking the machine and tossing it in a backpack. Maybe some accessory provider can make a desk drawer or a secure enclosure the machine can sit in and not overheat.
That may be true for us, but for Joe Sixpack who wants to watch p0rn for $35 a BD-ROM disk on his 1024p screen, he does not care one whit about DRM. To him, if he had to sign into a media player with a fingerprint and a DNA check, he would just shrug it off and still use the platform. It was a miracle that DIVX (not the codec, the Circuit City DVD competitor) was killed off the market. I am sure people would have gotten used to a device having to authorize them before allowing to play media.
This server is an outstanding building block for a very eco-conscious VM system. Take one of these servers, then maybe 2-3 standard servers with very good performance, although they have a large energy footprint. Connect all of them to a SAN.
Now, have a script that runs that does the following:
7:30 AM (or before peak time), suspend the VM which is running on the Atom CPU server (with all the VM disk stuff being on the SAN.)
A standard, high performance, but yet energy-wasting server then grabs and restarts the VM. It keeps running on this (perhaps with another machine as failover) until 5:30pm
5:30 (or off peak time) rolls around. The opposite happens. The VM gets suspended, and the Atom-based machine picks up the baton.
The result here is the best of both worlds. Good CPU at peak times, energy savings at off peak times, and high availability at all times unless the SAN has issues.
This is why I think and greatly fear that closed systems may end up in our future on mainstream computing just due to the dancing bunny problem.
Device operating systems are moving that way where if one wants to run stuff on a smartphone, it must pass a gatekeeper, either always like in the case of Windows Phone 7 or iOS, or a reactive system with an after the fact kill switch like Android has.
Because Joe Sixpack doesn't care about security, it really doesn't matter what OS he uses. He will su to root, log on as Administrator, turn the key and logon as SECOFR on AS/400, or whatever superuser access requires for the website that has the pr0n viewer to be installed. It doesn't matter what the OS is, the dancing bunnies "security hole" is going to kick any OS in the ass. This is one reason why closed environments such as on phones have a lot fewer security issues -- unless Joe Sixpack roots/jailbreaks the device (which will be past his competency and too much trouble in most cases), he most likely isn't going to get a Trojan because the Trojaned app would have had to pass some type of vetting first.
Yes, there are issues where one can get affected through a hole in a browser or add-ons. However, the advantage of a closed system is that if done right (where the OS has DEP, ASLR, and other base level ways to prevent code injection), sneaking executable code on a device is not going to work.
Maybe the compromise in the PC world will be going to a hypervisor based system admin access is available, but it takes some deliberate doing to get a superuser prompt, and applications are installed in VMs, where the compatible OS files are stored as an image. With decent deduplication, the OS files only need to be stored once, so installing a program into its own VM where it can only see what is present there, and perhaps files in a shared directory may end up being what is done. This way, a user ends up never needing admin access, and a Trojan is only limited to that VM.
This is my worry. First, I do think it is good to have a standard ad framework on a platform, because it allows not just app makers to not have to roll their own, but it allows more revenue into the ecosystem allowing for more/better apps.
However, privacy is a concern to me, and your (parent poster) answer is the first straight one I've received.
Best of all worlds is to not have the data collected in the first place. Apple might have the best of intentions in keeping a lot of personal data, and only giving out in specific ways. But that means that Apple's ad servers will become prime targets for not just blackhats who are wanting another mass list of E-mail addresses, but a great holding tank for lawyers to dip from via subpoenas for criminal or civil prosecution.
Why is this bad? Picture some people who decided to use a venue and have a huge gathering with a lot of underground bands. A year later, a DA demands Apple cough up anyone whose iPhones had location at or near the event. Then this information is cross-references with an age database. Now the DA then arrests hundreds of people for an illegal assembly, and underage drinking a year or two after the fact, using Apple's database entries as convicting evidence.
Now take this a step further. A threshold system is run on Apple's iAd location database. If a certain number of iPhones belonging to people people 21 or under are congregating at a residence, then send the local law enforcement to investigate for underage drinking, or just perform a bust anyway for a "noise complaint".
Now another step further: If iAd had access to the gyros on the iPhone, then police could use that to issue speeding tickets years after the fact solely based on how fast the phone was moving, coupled with what highways.
It wouldn't be up to Apple to allow or deny this information. A judge would demand that information from them, or the servers be seized.
Windows Update can be turned off if worse came to worst. With repositories, people can be told to load a different key.
With a super-root key that has access to features that even the device owner does not possess, there is absolutely nothing anyone can do other than discontinue use of their device.
Even if someone got momentary access to the key (a hacked account on a HSM), the damage would be immeasurable, and hard to fix. Push out a package that disallows future updates via that channel, changes the private key to the blackhat's and then start polling a server array so the malware can download a payload such as a bogus ROM image and so on.
It is what a blackhat would be able to do if they were able to find Google's private key.
One of the things that made Macs usable again was OS X, and the NeXTStep pedigree.
I'm sure any dedicated Mac person remembers the days where one essentially had to restart their Mac after every application in order not to have a crash, and usually every 2-3 hours. This was the time where a roomful of Macs at a university would be empty. Things have done a complete 180 though. These days, the university has the same amount of Macs, and they are all used (although the old G4s have been replaced by iMacs.) The PCs have the empty chairs now.
The only complaint I have about Macs is that even though the OS has been replaced, HFS+ really is getting long in the tooth. I'd love to see the ZFS development effort [1] get revived, and ZFS used as the Mac's main LVM and filesystem. Especially these days, with ZFS offering deduplication.
[1]: Yes, there is ZFS + FUSE, but that is nowhere near the performance of native.
Firewall software? Maybe because it was because I am a UNIX guy and the kernel of these operating systems had control of the IP stack without needing third party programs. Or because a true firewall is a hardened hardware router that can withstand attacks not just coming from the outside in, but prevents items from coming from the inside out (such as E-mail from any box other than the designated mail servers.) A software firewall that is not built into the OS proper is pointless [1], as the OS should protect against incoming attacks, and if a malicious application is installed, the game is over anyway, so protecting against outbound stuff is pointless.
As for anti-virus, maybe on Windows, but I have yet to see malware on a serious UNIX system unless it is a Trojan (and no A/V system can protect against that.) However, I just find it almost laughable when I have to install McAfee on a pSeries box with some script to show it is running for audit reasons.
Instead, maybe the law should be worded as "proper security measures shall be taken to protect against malicious software and remote attacks." This way, an OS that has a decent IPS built in doesn't need to have third party stuff tacked onto it to make it compliant.
[1]: An exception is the DroidWall app on rooted Android phones. It provides good security because a lot of apps ask for network communication privs which shouldn't have it, and a user otherwise wouldn't have control of what can and what can't communicate out.
Actually, on a serious note, this is what I'm concerned about. By itself, Apple doesn't care one whit about what I am doing. However, there are companies and people who would love to have real time location data:
1: A DA is looking to run a query of anyone who is in a park after dark. She gets the iLocation data, finds a number of people's phones were in the area, then arrests them all for criminal trespass up to two years (statute of limitations) after the fact. This evidence easily persuades a jury to convict, because it is "high tech" and "precise" like DNA evidence.
2: Another county wants more speeding ticket revenue. They compare deltas of locations, then send citations to people who were on roadways, months if not years after the fact.
3: A principal wants to clamp down on people leaving campus for lunch. At the end of the school year, he grabs records, finds who has left grounds via their geolocation information, and suspends them from school during finals, so they can't graduate.
4: Someone had a retro rave. The local PD then a week later get the iLocation information and send arrest warrants on that a week later.
5: An insurance company decides that anyone who goes to a fart lighting contest is uninsurable. They get all the geolocation information of anyone in the area and cancel their policies.
6: Another insurance company gets the geolocation information of every protester at a rally. They are immediately dropped and blacklisted from auto, home, and health policies.
7: A company wants to make a blacklist of all "business hostile" people. They capture geo-location info of people at rallies and protests, then make a list of people who are banned for life. Large shops start subscribing to this list. Outcome: Protest at a march, and find yourself unable to buy groceries, buy gas, or buy any of the staples needed.
8: A foreign country wants to find out who hates them and retaliate. So they get geolocation data of who showed up at what rallies. Then in any business they own, they do mass firings of those people and order their business partners to do the same.
9: A hostile foreign country wants to find out certain gathering spots that have little security. They correlate the information from phones that security personnel have versus civilians. Then they launch a strike against soft targets repeatedly.
10: Elbonia's army is pissing Latveria's intel officers off. Latverian intel gets location info of all Elbonia army family members. Then launches repeated strikes against them. Result: Elbonia's morale to continue the war is decimated.
Also, if you have a rooted phone, you can install DroidWall, so by default unless you go in and allow Android to let an app communicate via 3G or Wi-Fi, it won't be able to communicate out. This is good for those apps that ask for full network rights without any need for them.
They are be a monopoly in some areas. Only one cable company gets control of the wires in a certain area.
Here in the US, a person usually has two choices, perhaps if lucky 3, perhaps if unlucky, none: Cable, DSL, or WiMax. Switching may not be an option. So, it may be that people get Comcast or dialup.
I might not spy monopoly, but I can see collusion happening. Get another ISP and then start charging for bandwidth. Unless the site is a "premium" site. Guess what? People will get worried if they exceed their quota, and hit the "free" site because it is "just as good". With net neutrality dead, there is nothing preventing ISPs from doing this.
Or perhaps the ISP would just not allow connections to anything other than the "blessed" sites, unless the person pays a fee per month and per kilobyte to go outside of the walled, paid for, garden. Perfectly legal, and unless someone steps in, this eventually will become reality.
It just seems like a niche product, and the niche is quite tiny.
For a netbook/laptop, a virtual keyboard won't cut it for a long typing session.
For a tablet PC, it is a bit unwieldy, and there are a lot of good alternatives on the market. The iPad comes to mind for a general function device. The Kindle or Nook come to mind for an e-reader that is easy on the eyes and doesn't burn batteries. And for general computing there are laptops which have the screen fold back so they can double both as a touch screen, and a regular laptop with a keyboard.
I am sure that there are some uses for it that come to mind for dedicated applications (control surface for music production, various embedded tasks), but for a general purpose device, there are a lot of form factors that are a lot more ergonomic.
The Ayatollah is just one person. If he gets killed, there are a lot of clerics who would take his place and who would be *far* more anti-West than what is there now. Same if Ahmadinejad bites it. Assassinating a cleric will only make things a lot worse than it is now. It would give the government a legitimate enemy, and rally people behind them, further enhancing their grip on power. The best thing the West can do is not give any justification to the extremists for their actions. This way moderates can eventually come to power who are more interested in turning Iran into a top world economic powerhouse than continuing to exist on anti-US propaganda.
The problem is that -most- revolutions trade one nasty boss for another that perhaps is more bloodthirsty. Iran comes to mind when the people dumped the Shah, then found themselves at the barrel of the gun held by bloodthirsty fanatics.
The only two exceptions in most of history where a revolution mattered for the average Joe would be the US revolution and the French revolution. Every other revolution in essence just changed one slavemaster for another.
The outstanding thing about T-Mobile is that they are forthright about their fees.
If some app on my Android phone decided to start eating bandwidth like mad, I'd just have to deal with EDGE speeds until the next billing cycle. If this happened on another provider, I'd be owing them a lot of cash.
My idea for a compromise: Have a maximum limit of bandwidth, and throttle (not kill) to EDGE speed once a user hits it. For example, the customer can buy x amount of bandwidth base per month, then authorized y more to be billed. If he or she goes over x+y amount of bandwidth, throttle and notify the user that they got choked, optionally offering to lift the limit to a higher amount on a temporary or permanent basis.
Far weaker would be a "4G" speed service [1] that is truly unlimited in bandwidth ("business class"), but costs $100 a month. I'd rather pay more and at least know that my phone bill will have a maximum bound to it, especially if I just have 1-2 computers and am well off by just using tethering. Long term, this might make cellular providers more money because they would be an alternative to cable. Sprint/Clear is doing a great job at this. I would like it if AT&T would follow suit.
[1]: Technically 4G is all IP communication, compared to 3G/3.5G voice and IP over different channels. However, T-Mobile's HSPA+ is as fast as Sprint/Clear's 4G. Either way, a speed that is usable as a possible replacement for a home Internet connection.
It depends on the user I'm talking to what terminology I use. For someone with a clue, I'll state virus (very rare these days -- people don't share executables), worm, Trojan/Trojanized program (the most common attack), browser/add-on exploit, drive-by download, logic bomb (like a disgruntled sysadmin keeping a file that if it doesn't get a touch in x amount of days, causes a rm -rf /net), or use the generic term, malware.
For Joe Sixpack who does not care about the difference, I just use "virus" for all malicious software, like Southerners use "coke" for any type of soda water. "Virus" already connotes something nasty where anyone who has ever gotten sick has learned what bad anything with that term does, while a something called Trojan might connote something used for pleasure at a truck stop, as opposed to something that is not to be run.
It depends on the printer. A cheap inkjet printer that will eat a set of cartridges on the first color photo, requires special drivers that only that model of printer needs (and are either only available on the driver CD and not for download, or a 4GB lord-king-God executable file that installs all sorts of crap), and only works with a few versions of Windows might be deserving of a choice spot at a "hardware compression" party.
However, there are good printers that don't suck sold today. HP Color Laserjets made in the mid to late 1990s come to mind. Good printers are still available from HP which actually work and don't give you the urge to send the thing sailing towards a hard object. However, printers like the HP CP 4005, CP 4525dtn or others are going to cost $1500 at the minimum, on up. However, with these, you can just use whatever the heck you like. Upload a PDF to the Web interface and print that way. Send it documents via lpr and PostScript Level 3. Feed it a SD card or plug a camera into it that understands EXIF, and let it automatically print. Because these use toner cartridges with decent capacity, you will pay more per cartridge, but they can print out a lot of color photos before it is time to replace them. Plus, toner doesn't dry out over time like cartridges do.
So, there are printers that don't give IT headaches. However, they do cost, and to PHBs, it may not be evident why a workgroup class color laser is far better than an inkjet printer (assuming there are no special needs for the inkjet like printing on transparancies.)
Apple has already done that with the MBAir. I do think that the rest of the MB line will go exclusively flash once there are motherboard based SSDs that have 250GB or more.
Other than the fact of upgradability/expandability, I wouldn't mind that. If the Flash drive were on a mPCIe card, or perhaps even a superfast MicroSD card, that would be a nice compromise between space and ability to get a larger disk.
This reminds me of when I was working at a Fortune 100 company. My boss and I were at a restaurant and were talking to a salesperson about some new gizmo which was very expensive, but we had multiple bids for.
This salesperson was rude as hell to the maitre d' and waitstaff. He ordered one thing, said he ordered something else, yelled at her with choice epithets, demanded another alcoholic drink because the last one wasn't good, then finally stiffed her on the tip. It was so bad that my boss and I both went in and handed the woman more than was the proper gratuity after the salesguy left.
Guess what happened when it was time to purchase the gizmo after the bids were in? My boss and I told the salesperson that we liked the product. But because of the way he treated people under him, his bid was not considered.
Nerd rage much?
This isn't the 90s anymore where if you could spell "TCP/IP", you could get a top tier job in some dot-com startup selling IPX socket wrenches. A college education is no guarantee of anything now. It is pure luck if someone has a job or not unless they are at a peak of their career where their name is their CV. So, count blessings. All it takes is one PHB saying, "OMG, we can offshore this department to Elbonia and I can take credit for the cost savings and buy myself a new BMW!1!1one!" and the job is history. I've seen engineers who have more knowledge than minor deities about their field be given the axe because a MBA [1] who was managing the department drank the offshore ODM/OEM Kool-Aid.
People have to earn a living these days, and ringing up people at a register may not be a prestigious occupation, but it keeps the repo truck away, and food on the table.
Oh, and for maximum revenge, it won't be someone spitting in food. A good number of waitstaff I know have a college background but made the mistake of choosing the wrong major. So they are not going to exact their revenge in such an overt way. Most likely, it will be a waiter saying in a discreet (but loud enough to be heard by other people), "I am sorry, but your card was declined."
[1]: Something I don't get about MBAs. They take ITIL and ethics classes. In fact, these are required for an accredited degree. Why don't they ever put what they had to pass with a "B" or better into practice once the degree is awarded?
I should have stated computer media, because a quality book in a decent environment can last centuries, perhaps more as archival and preservation technologies improve.
Digitial media doesn't fare as well. Paper tape swells and gets misaligned. Punch cards can get put out of order and don't have the density to handle modern storage. Magnetic domains on tape drives get scrambled. CDs and DVDs suffer from oxidation on the dye layer. Photos fade [1]. Hard disks get mechanical issues such as bearing failure.
It might be that as posted above, one of the better ways for long term electronic preservation of information (assuming future archivists have access to modern technology and electricity) might be SLC flash (single cell so there is always a large difference between a 1 and a 0 compared to having to guess if the value is a 0, 1, 2, or a 3), and have the media connected to some power source. This way, the media can get a recharge to protect against data loss due to electron tunneling, but also periodically check if any errors have cropped up, and use onboard ECC to rewrite any blocks that have been damaged over time.
[1]: Photos might be a good way of storing data, and there was an IBM mainframe in the 1970s which actually used black and white negatives as WORM storage. However, there are always issues of data density, and making sure the film is preserved (stored well away from UV light, etc.)
Actually, I'd love something with any of the following:
1: Noticeably better price, but without sacrificing reliability. An average HDD in the enterprise has 1 million hours MTBF with constant reads/writes. A SSD should be similar, or perhaps a lot more because there are no moving parts.
2: An archival grade SSD that can hold data for hundreds, if not thousands of years before so many electrons escape the cells to make a 1 or a zero impossible to tell apart. I don't know any media that can last for more than 10 years reliably. Yes, maybe a CD-R or two may last that long, but it is more of a matter of luck than anything else.
3: SSDs using a different port than SATA. Perhaps have it interface as a direct PCI-E device with a custom bus to add more SSD capacity in a similar form factor to RAM DIMMs.
4: A SSD drive built onto the motherboard. This way, a laptop can be a bit thinner due to not worrying about a 2.5" drive.
5: Combine #1 and #2, and make a device like a tape library that can take SSDs in an optimized form factor and switch them in and out. This way, backups can be copied to a SSD module, module can be dumped in a bin for Iron Mountain to take off.
6: Combine a cryptographic token and a SSD array, so one can have an encrypted hard disk where the PIN is typed on the device itself before it can be used. This way, no keyloggers on a compromised PC can intercept the data. Add to this volumes where various PINs protect certain volumes and too many wrong guesses would have the device zero out the key for that volume, and this would be a way to back up PCs securely without needing any additional encryption software.
7: Combine a fast flash array with a tape library for an easier way to do D2D2T backups.
8: Put some flash onto a tape format, so a tape can be encrypted with one key, but the flash storage on the tape would store an access list of who can unlock the tape's master key. This way, a passphrase, a smart card, and a PGP/gpg key on someone's machine all work to recover data from a tape.
9: A read-only format that can be made very cheaply with a decent capacity. If done right, this might be able to replace Blu-Ray for a movie or audio format. To boot, libraries can be made where all the disks could be readable at once.
10: A standardized full disk encryption format. This way, I insert a flash disk into my camera or phone, enter a password, and it can read/write to that. Then, put it into my computer, type the passphrase, copy the data. If the flash disk is stolen, the data is protected unless the attacker can yank the key out of the computer or phone's memory (a lot harder feat than just picking up an accidentally lost flash drive.)
The 2009 models do, but I was looking at the unibody models, and didn't see one.
For a small server, I like the Mac Mini server that has two disks and no optical drive. For basic stuff on a small business network, it might be an extremely good choice. On the order page, one could buy the one with the two 500GB internal drives and OS XS, mirror those drives, then buy a Drobo or SmartStor for a FireWire 800 disk array. This can easily handle a workgroup level backup system like Retrospect, or be a decent E-mail/OpenLDAP/backup DNS/DHCP server.
The only thing I wish the Mac Mini had was a Kensington security slot. Mainly because something that small needs some type of anti-theft measures or else it may wind up someone else's server quite quickly. A Kensington security slot isn't going to stop a determined thief, but it will slow them down and force them to deal with a lock mechanism as opposed to just yanking the machine and tossing it in a backpack. Maybe some accessory provider can make a desk drawer or a secure enclosure the machine can sit in and not overheat.
That may be true for us, but for Joe Sixpack who wants to watch p0rn for $35 a BD-ROM disk on his 1024p screen, he does not care one whit about DRM. To him, if he had to sign into a media player with a fingerprint and a DNA check, he would just shrug it off and still use the platform. It was a miracle that DIVX (not the codec, the Circuit City DVD competitor) was killed off the market. I am sure people would have gotten used to a device having to authorize them before allowing to play media.
This server is an outstanding building block for a very eco-conscious VM system. Take one of these servers, then maybe 2-3 standard servers with very good performance, although they have a large energy footprint. Connect all of them to a SAN.
Now, have a script that runs that does the following:
7:30 AM (or before peak time), suspend the VM which is running on the Atom CPU server (with all the VM disk stuff being on the SAN.)
A standard, high performance, but yet energy-wasting server then grabs and restarts the VM. It keeps running on this (perhaps with another machine as failover) until 5:30pm
5:30 (or off peak time) rolls around. The opposite happens. The VM gets suspended, and the Atom-based machine picks up the baton.
The result here is the best of both worlds. Good CPU at peak times, energy savings at off peak times, and high availability at all times unless the SAN has issues.
This is why I think and greatly fear that closed systems may end up in our future on mainstream computing just due to the dancing bunny problem.
Device operating systems are moving that way where if one wants to run stuff on a smartphone, it must pass a gatekeeper, either always like in the case of Windows Phone 7 or iOS, or a reactive system with an after the fact kill switch like Android has.
Because Joe Sixpack doesn't care about security, it really doesn't matter what OS he uses. He will su to root, log on as Administrator, turn the key and logon as SECOFR on AS/400, or whatever superuser access requires for the website that has the pr0n viewer to be installed. It doesn't matter what the OS is, the dancing bunnies "security hole" is going to kick any OS in the ass. This is one reason why closed environments such as on phones have a lot fewer security issues -- unless Joe Sixpack roots/jailbreaks the device (which will be past his competency and too much trouble in most cases), he most likely isn't going to get a Trojan because the Trojaned app would have had to pass some type of vetting first.
Yes, there are issues where one can get affected through a hole in a browser or add-ons. However, the advantage of a closed system is that if done right (where the OS has DEP, ASLR, and other base level ways to prevent code injection), sneaking executable code on a device is not going to work.
Maybe the compromise in the PC world will be going to a hypervisor based system admin access is available, but it takes some deliberate doing to get a superuser prompt, and applications are installed in VMs, where the compatible OS files are stored as an image. With decent deduplication, the OS files only need to be stored once, so installing a program into its own VM where it can only see what is present there, and perhaps files in a shared directory may end up being what is done. This way, a user ends up never needing admin access, and a Trojan is only limited to that VM.
This is my worry. First, I do think it is good to have a standard ad framework on a platform, because it allows not just app makers to not have to roll their own, but it allows more revenue into the ecosystem allowing for more/better apps.
However, privacy is a concern to me, and your (parent poster) answer is the first straight one I've received.
Best of all worlds is to not have the data collected in the first place. Apple might have the best of intentions in keeping a lot of personal data, and only giving out in specific ways. But that means that Apple's ad servers will become prime targets for not just blackhats who are wanting another mass list of E-mail addresses, but a great holding tank for lawyers to dip from via subpoenas for criminal or civil prosecution.
Why is this bad? Picture some people who decided to use a venue and have a huge gathering with a lot of underground bands. A year later, a DA demands Apple cough up anyone whose iPhones had location at or near the event. Then this information is cross-references with an age database. Now the DA then arrests hundreds of people for an illegal assembly, and underage drinking a year or two after the fact, using Apple's database entries as convicting evidence.
Now take this a step further. A threshold system is run on Apple's iAd location database. If a certain number of iPhones belonging to people people 21 or under are congregating at a residence, then send the local law enforcement to investigate for underage drinking, or just perform a bust anyway for a "noise complaint".
Now another step further: If iAd had access to the gyros on the iPhone, then police could use that to issue speeding tickets years after the fact solely based on how fast the phone was moving, coupled with what highways.
It wouldn't be up to Apple to allow or deny this information. A judge would demand that information from them, or the servers be seized.