1: Management. It sucks, but it pretty much is the way to go, and keep going until your retire.
2: Carve a distinct niche, a position of authority for yourself in a company.
3: Get a bunch of clients and people who respect you, and go freelance. With a solid name, this can be lucrative. However, unless one has extremely good creds, there are thousands of others who are going after the same clients.
Bingo. Pretty much without having all the keywords checked off, most resumes get round-filed before they even hit a HR person.
The problem is navigating the Scylla and Charybdis between the two. Two few keywords, your resume is gone. Too many, and you wind up being booted from the interview for resume inflation.
I've ended up finding my job prospects through contacts, people at the renaissance faire I go to, for example.
I've had that happen, and I did warn the guy that the computer I was using really couldn't use MSI files, because they were not in AIX's installp or 64 bit coff format.
I've always thought it would be humorous to allow them into a VM on an isolated network, just so I can snapshot it and see what type of ugly RAT-ware they are using... but if they started hacking from there, I'd be responsible, so ixnay on that happening.
There are ways to hide a program so that increased CPU life would not be noticed:
1: Wait for the MSI install/upgrade mechanism to be used, then start using the CPU after it completes. The program installed will get the blame.
2: Ramp it up over a period of time, so the user gets used to his MBA eating its battery in two hours.
3: Wait until the laptop is plugged in and the screensaver is on, and hit it.
It eventually will be caught, but there are ways to keep all but the more astute people from noticing.
I am actually surprised more "free" programs don't do this with a stipulation in the EULA that they have free run to use the end user's CPU/RAM/IO/disk/network as they see fit, and there isn't anything legally that can challenge that.
Even though there might be claims to the contrary, NJ and NY are part of the same country.
Now, someone who gets a traffic ticket in Jersey and who returns back to Germany or Brazil does not have to worry about having their domestic license suspended.
There is supposedly a difference with extraditable offenses. In general, if it is a felony (or similar) in both countries, it can be considered an offense that extradition can occur. However, there are fuzzy areas. For example, even though Amanda Knox was found innocent by one trial, by US law, there is no double jeopardy. However, there is not that stipulation in Italian law, so it will wind up a long court battle if the US extradites her or not.
They are not true monopolies... but they are used on a name basis. For example, what FB gives, and only FB does is the fact that it has a lot of momentum behind it, and people tend to use it as a primary way of communicating.
In the past, I was shown the door during job interviews because I didn't have a FB or Twitter account, being called a "fossil" since I didn't spew my life's trivia online for all to read. These days, my Twitter account is a placeholder with some sterile, sanitized stuff on it, and FB was that way for a while until people decided to move all their private forums to FB groups.
So, yes, there are alternatives, but using them is like going to the sports bar that has 1-2 people in it, when everyone else is hanging out at the chic new night club downtown.
As for regulations, this concerns me. Smartly done, it would be a good thing, especially with data privacy and retention items. However, realistically, I fear that regulations would do far more harm than good, and what happens is that they get danced around (or just ignored), and the end subscribers wind up dealing with it. For example, if every country followed Russia's lead and demanded their data be stored on servers at their borders, this would allow domestic spying to easily find would-be dissidents and political rivals would get the Nemtsov treatment a lot quicker in some nations.
It would be nice to see items like the right to be forgotten and a default data sunset life (where if the user doesn't explicitly state the data is permanent, it gets erased after 1-2 years), but here in the US, I rarely see regulations benefiting the end users as a whole. For example, when the EPA tightened the noose with no real warning on the steel industry, the entire sector wound up bankrupt since they couldn't compete with Chinese firms that didn't have to deal with all the Draconian regulations, especially with no protective tariffs to level the playing field.
If the entire filesystem was locked, apps that save pictures off like Dropbox's app that get CPU time from iOS due to shifting GPS locations would not work.
There are protected stores which do get locked and are not readable until the device is unlocked, but that is generally part of Apple's KeyChain mechanism.
Attacking the device PIN is a lot harder. After a few times, the device will prompt for one's gmail account (if set up), or just start giving ever-longer timeouts. Some devices can be set to just format the/data partition and do a factory restore.
Some Android phones have some anti-brute force protection at boot, if someone doesn't find a way to dd off the/data partition. First, the device starts timing out, then after 30 tries, it zeroes out/data and does a factory restore.
The protection is decent enough. Most attackers won't guess a 4-6 digit PIN before the phone locks, and if they decide to turn it off and back on, they end up presented with having to deal with the entire/data unlocking passphrase, and get it right in 30 tries.
This is an issue, but at least the FDE code is out in the open, and is based on a known, good algorithm (dm-crypt) that has been in Linux for a long time.
Google is taking steps to fix it. In the latest iteration of devices, the encryption key won't be directly decrypted from the password the user gives, but the password goes to a hardware chip that compares the PIN, and if correct, passes the volume decryption key to the OS.
If one has root access, there is even a better way. You can have the password used to boot and decrypt the/data partition separate from your screen unlocking PIN. This will be a PITA when rebooting the phone... but you can use a much shorter screen unlock code, while still having the full protection of a long key that you set. The downside of this is that root access is required.
The nice thing about OS X is that you -can- run unsigned binaries... but you explicitly have to allow them via hitting control when double-clicking on them..kext files are a different story altogether... but you can disable signing by putting kext-dev-mode=1 in the NVRAM, but it is an all or nothing endeavor.
As for extensions, I sort of miss the old way Macs handled file typing, although the four level type and creator field is archaic these days. The way it was done, a simple rename would not change a file's type. It took going into ResEdit or another utility to actually change a file to an APPL (application).
Not sure how Macs have training wheels, but my antediluvian MacBook running Yosemite shows all file extensions in the Finder, and when I'm using a shell window, ls -l and ls -la work just as well as in AIX, Linux, BSD, Solaris, or any other UNIX or UNIX variant.
I'm OS agnostic, and OS X has some annoying qualities [1], but being able to see file extensions isn't one.
[1]: My biggest complaint about not OS X specifically, but Mac hardware is that Apple killed off the XServe, You -can- rackmount a Mac Pro with a RackMac kit, but it would be nice if Apple still kept a toehold in the enterprise.
I don't mean to digress, but if Apple could make Macs that could connect to each other via Infiniband and read/write to each other's storage, it would be a platform that could run applications at SAN speed and reliability, but without the SAN, just local drive arrays. Doing this would ensure a niche in the enterprise. Apple even has a clustered filesystem, XSan, so in theory, if Apple did a bit of design, one could have a bunch of Macs with fault tolerance of failed drives and systems, similar to how the EMC Isilon arrays work.
If this technology becomes commonplace, I can see this used as a third tier of storage, between normal HDDs and tape, either used as a live landing zone until it gets copied to tape, or perhaps used in concert with a higher tier landing zone, where the data is written onto the platters already deduplicated, aimed at staying there for long term storage.
Even operating systems are starting to become storage tier aware. Windows Server 2012R2 can autotier between SSD and HDD, and Windows Server 10 has improved on that.
What would be ideal would be some drive maker to come up with some way of creating cartridges of drives, in a RAID configuration. Something like iMation's RDX... except each cartridge having 2+ drives in them, so each unit has not just RAID, but can be scrubbed to find and correct bit rod when the garbage collector goes about its business. This would completely replace tape, but also offer the benefits of tape, as in being offline and out of the reach of a bad guy doing "rm -rf/" on every SAN and NAS he can find with his newfound domain admin rights.
About 10-15 years ago, some drives used to have two read/write stacks of heads, each independent from the other. This was killed due due to people wanting cheap drives.
How will this play to the mobile companies selling Android products? A MVNO is nice, but wouldn't that tick off the carriers, and carriers are the entities that sell Android devices?
Maybe this is anecdotal, but I've found that those battery cases put a dent on antenna reception. If you are in a metropolitan area, it may not be an issue, but a suburban or rural area, this may be a deal breaker.
I wonder what Liquid Metal has over sintered aluminum or other alloys. LM has to have a specialized injecting molding machine that keeps a vacuum during the process. Sintering aluminum and other items have their issues, but it is a relatively simpler process to get precise items coming out.
I would say my HTC M8 is a combination of the two. Replaceable batteries are useful, and my last Motorola phone, the Atrix 2, had one and wasn't considered a porker by any means.
The SD card is more important. Sandisk has 200GB MicroSD cards out. This doesn't give just storage, but the ability to do backups, either with nandroid or with Titanium Backup. Since Titanium Backup uses a very good encryption system for backups (you set a password which encrypts the private key stored with the backup files, and TB uses the public key for backups, only asking for the password to unlock the private key for restores.) To boot, I can copy music to and from the SD card before I load it into the phone. Of course, if something happens and I end up trashing the ROM on the device, I can reload a backup while on the road.
The biggest reason why I won't buy a Samsung Galaxy is because of the fact that it took a major bounty to even get root on the device, much less a custom ROM. The HTC comparable, the One M8 (and the M9 coming out this month) happily runs my custom ROM with XPrivacy and other items. The eFuse issue with the Galaxy is another turn-off. Even with iPhones, if I have a trashed jailbreak, I can use DFU mode and factory restore the device to as good as new. The fact that the Samsung offering permanently disabled functionality is a major minus in my book.
For a corporation, Knox is a useful tool. For an individual, it doesn't do much.
Since the SoC functions are still a black box, I rather just go with a ROM on a moddable handset like the HTC One M8 with XPrivacy installed, where even if a basic fleshlight app demanded every priv under the sun, it won't get it. When it comes to phones, having the ability to block apps from phoning home is a major security feature.
Even better, why can't a company work on virtualization on a handset? That way, one can have a VM for web browsing, one for work stuff, one for home/personal, and one for clients? This is more important and would be more useful (especially if the hardware supported two SIM cards) then yet another black box phone. With online deduplication and having the hypervisor do the encryption, decent security can be maintained on a device without much fuss from the user.
I'm not attached to any of these ideas I posted, so if proven wrong, that is just fine with me... again, they were just thoughts of something that might be useful.
TPM 2.0 is part of the Windows Certification spec, but oftentimes, there are many computers that will run Windows 8.1, but are not certified for it.
Here is the link:
https://msdn.microsoft.com/en-...
I've had phish attempts back in 1993 on Solaris and IRIX... Not good ones, but people fakemailing, pretending to be from "root", asking to run a shell script that would send the/etc/passwd file off to an anonymizer address... well before abuse forced Julf to shut down penet's remailer for good.
Easily detected, because I was the only person with root access, but I'm sure college students probably follow directions and kicked the university's passwd files there (although with NIS/NIS+, as well as the real password hashes stashed in/etc/shadow ) there wasn't much to attack, even back then.
To address points 1-3, TPM 2.0 is an item that is required for a machine to pass Windows 8.1 hardware certification, so even though it isn't explicit, the technology will be there. For better, or worse, it will be with us, so might as well make it useful. If BitLocker can be made as easy to use as FileVault, it would be a big bump in the security reputation of both the hardware vendor, as well as MS.
For point 2, a good example of doing it "right" is Boxcryptor. It is a pretty UI over EncFS, but it does work and works decently well. Most customers don't care about encryption, but it can be used in a way to provide clientside protection that is pretty much transparent. The perfect is the enemy of the good, so there would need to be something done to make recovery usable... but this is a solvable problem, similar to how Apple deals with FileVault 2 recovery issues.
For point 3, it isn't a perfect solution, but it can be implemented "right". A MicroSD card slot is one way, where the slot the card is, is permanently set to be read-only (this is part of the SD spec.) To prevent altering data, the encrypted section of the card could be used to store the OS data. Even with this, it still isn't 100% (as an evil maid could pull the card, go to a place that has the SD spec for decoding the encrypted partition, and modify things), but it is secure from most things.
For point 4, 10GB boards and modules (well, over twisted pair copper that is... NICs that use SFPs are still not inexpensive) are falling in price, so it will not be surprising to see them appearing on consumer level motherboards in a few years, perhaps with some TCP offload functionality. Done right, it would be useful, and if worse comes to worst, the functionality can be shut off entirely.
It would be nice to see Lenovo go a step ahead in the consumer market and not just stop with shovelware, but maybe bundle some security features with their products. This would go a long way to fixing their black eye in the press:
1: A TPM chip shipped off and disabled (as per the spec) on all machines would be useful. Windows Vista and newer can take advantage of this and offer solid encryption that is highly resistant to brute force attack.
2: Add clientside encryption to Reachit with a public format, perhaps getting other vendors on board. This way, users have cloud access... but files are transparently encrypted, similar to BoxCryptor.
3: Have a small SSD read-only volume with a custom WIM present for install media as well as drivers. This way, if a machine needs to be reinstalled from scratch due to a HDD or SSD replacement, this can be done anywhere, and no OS media would be needed. This also is useful for recovery as well, especially if there is a way to get to a PE environment which can be used to save off files, run an offline AV scanner, or fix a haywire application.
4: Add firewalling onto the NICs themselves. Around 10 years ago, some nVidia motherboard chipsets had this capability where the onboard NICs were intelligent enough to have the ability to have their own rulesets. This was quite useful, both to keep the OS protected with IP blacklists, as well as to limit the damage a compromised OS can do (for example, block all outgoing port 25 traffic.) As an added benefit, if someone is worried about vPro or other "ring -1" management tools, those can easily be blocked at the NIC.
Some markets just come and go. It might just be that these lines of games might be just as viable as databases for one's Cabbage Patch dolls.
Would it make money? Maybe to a niche market. If I were to do something, I'd focus on price/quality as opposed to volume. For example, the guitar would not be a cheap piece of plastic, but perhaps a real one that can be strung and played as normal once someone got tired of the game.
Also, te game should go further than the last game types. Make different instruments. Allow multiple players to play the instruments at the same time, either coop, or one after the other in a battle of the bands. Even go with odd things, such as a chainsaw and doing WASP or Jackyl songs.
Mainstream-wise, no... this genre isn't going to be in vogue again, but there is still money to be made.
For a more pedestrian use, there is one thing that an engine like this that has a specific power band range would be ideal at... and that would be a generator. Here in the US, it would need to be geared to 3600 RPM unless an inverter is used.
If they were this efficient that they could get that much power output, it might be something to have as a backup generator for a house, as it could run from natural gas, propane, gasoline, or diesel.
Slashdot Mirror
I see three routes to take:
1: Management. It sucks, but it pretty much is the way to go, and keep going until your retire.
2: Carve a distinct niche, a position of authority for yourself in a company.
3: Get a bunch of clients and people who respect you, and go freelance. With a solid name, this can be lucrative. However, unless one has extremely good creds, there are thousands of others who are going after the same clients.
Bingo. Pretty much without having all the keywords checked off, most resumes get round-filed before they even hit a HR person.
The problem is navigating the Scylla and Charybdis between the two. Two few keywords, your resume is gone. Too many, and you wind up being booted from the interview for resume inflation.
I've ended up finding my job prospects through contacts, people at the renaissance faire I go to, for example.
I've had that happen, and I did warn the guy that the computer I was using really couldn't use MSI files, because they were not in AIX's installp or 64 bit coff format.
I've always thought it would be humorous to allow them into a VM on an isolated network, just so I can snapshot it and see what type of ugly RAT-ware they are using... but if they started hacking from there, I'd be responsible, so ixnay on that happening.
There are ways to hide a program so that increased CPU life would not be noticed:
1: Wait for the MSI install/upgrade mechanism to be used, then start using the CPU after it completes. The program installed will get the blame.
2: Ramp it up over a period of time, so the user gets used to his MBA eating its battery in two hours.
3: Wait until the laptop is plugged in and the screensaver is on, and hit it.
It eventually will be caught, but there are ways to keep all but the more astute people from noticing.
I am actually surprised more "free" programs don't do this with a stipulation in the EULA that they have free run to use the end user's CPU/RAM/IO/disk/network as they see fit, and there isn't anything legally that can challenge that.
A lot of airbrush body paints are alcohol based.
Even though there might be claims to the contrary, NJ and NY are part of the same country.
Now, someone who gets a traffic ticket in Jersey and who returns back to Germany or Brazil does not have to worry about having their domestic license suspended.
There is supposedly a difference with extraditable offenses. In general, if it is a felony (or similar) in both countries, it can be considered an offense that extradition can occur. However, there are fuzzy areas. For example, even though Amanda Knox was found innocent by one trial, by US law, there is no double jeopardy. However, there is not that stipulation in Italian law, so it will wind up a long court battle if the US extradites her or not.
They are not true monopolies... but they are used on a name basis. For example, what FB gives, and only FB does is the fact that it has a lot of momentum behind it, and people tend to use it as a primary way of communicating.
In the past, I was shown the door during job interviews because I didn't have a FB or Twitter account, being called a "fossil" since I didn't spew my life's trivia online for all to read. These days, my Twitter account is a placeholder with some sterile, sanitized stuff on it, and FB was that way for a while until people decided to move all their private forums to FB groups.
So, yes, there are alternatives, but using them is like going to the sports bar that has 1-2 people in it, when everyone else is hanging out at the chic new night club downtown.
As for regulations, this concerns me. Smartly done, it would be a good thing, especially with data privacy and retention items. However, realistically, I fear that regulations would do far more harm than good, and what happens is that they get danced around (or just ignored), and the end subscribers wind up dealing with it. For example, if every country followed Russia's lead and demanded their data be stored on servers at their borders, this would allow domestic spying to easily find would-be dissidents and political rivals would get the Nemtsov treatment a lot quicker in some nations.
It would be nice to see items like the right to be forgotten and a default data sunset life (where if the user doesn't explicitly state the data is permanent, it gets erased after 1-2 years), but here in the US, I rarely see regulations benefiting the end users as a whole. For example, when the EPA tightened the noose with no real warning on the steel industry, the entire sector wound up bankrupt since they couldn't compete with Chinese firms that didn't have to deal with all the Draconian regulations, especially with no protective tariffs to level the playing field.
If the entire filesystem was locked, apps that save pictures off like Dropbox's app that get CPU time from iOS due to shifting GPS locations would not work.
There are protected stores which do get locked and are not readable until the device is unlocked, but that is generally part of Apple's KeyChain mechanism.
Attacking the device PIN is a lot harder. After a few times, the device will prompt for one's gmail account (if set up), or just start giving ever-longer timeouts. Some devices can be set to just format the /data partition and do a factory restore.
Some Android phones have some anti-brute force protection at boot, if someone doesn't find a way to dd off the /data partition. First, the device starts timing out, then after 30 tries, it zeroes out /data and does a factory restore.
The protection is decent enough. Most attackers won't guess a 4-6 digit PIN before the phone locks, and if they decide to turn it off and back on, they end up presented with having to deal with the entire /data unlocking passphrase, and get it right in 30 tries.
This is an issue, but at least the FDE code is out in the open, and is based on a known, good algorithm (dm-crypt) that has been in Linux for a long time.
Google is taking steps to fix it. In the latest iteration of devices, the encryption key won't be directly decrypted from the password the user gives, but the password goes to a hardware chip that compares the PIN, and if correct, passes the volume decryption key to the OS.
If one has root access, there is even a better way. You can have the password used to boot and decrypt the /data partition separate from your screen unlocking PIN. This will be a PITA when rebooting the phone... but you can use a much shorter screen unlock code, while still having the full protection of a long key that you set. The downside of this is that root access is required.
The nice thing about OS X is that you -can- run unsigned binaries... but you explicitly have to allow them via hitting control when double-clicking on them. .kext files are a different story altogether... but you can disable signing by putting kext-dev-mode=1 in the NVRAM, but it is an all or nothing endeavor.
As for extensions, I sort of miss the old way Macs handled file typing, although the four level type and creator field is archaic these days. The way it was done, a simple rename would not change a file's type. It took going into ResEdit or another utility to actually change a file to an APPL (application).
Not sure how Macs have training wheels, but my antediluvian MacBook running Yosemite shows all file extensions in the Finder, and when I'm using a shell window, ls -l and ls -la work just as well as in AIX, Linux, BSD, Solaris, or any other UNIX or UNIX variant.
I'm OS agnostic, and OS X has some annoying qualities [1], but being able to see file extensions isn't one.
[1]: My biggest complaint about not OS X specifically, but Mac hardware is that Apple killed off the XServe, You -can- rackmount a Mac Pro with a RackMac kit, but it would be nice if Apple still kept a toehold in the enterprise.
I don't mean to digress, but if Apple could make Macs that could connect to each other via Infiniband and read/write to each other's storage, it would be a platform that could run applications at SAN speed and reliability, but without the SAN, just local drive arrays. Doing this would ensure a niche in the enterprise. Apple even has a clustered filesystem, XSan, so in theory, if Apple did a bit of design, one could have a bunch of Macs with fault tolerance of failed drives and systems, similar to how the EMC Isilon arrays work.
If this technology becomes commonplace, I can see this used as a third tier of storage, between normal HDDs and tape, either used as a live landing zone until it gets copied to tape, or perhaps used in concert with a higher tier landing zone, where the data is written onto the platters already deduplicated, aimed at staying there for long term storage.
Even operating systems are starting to become storage tier aware. Windows Server 2012R2 can autotier between SSD and HDD, and Windows Server 10 has improved on that.
What would be ideal would be some drive maker to come up with some way of creating cartridges of drives, in a RAID configuration. Something like iMation's RDX... except each cartridge having 2+ drives in them, so each unit has not just RAID, but can be scrubbed to find and correct bit rod when the garbage collector goes about its business. This would completely replace tape, but also offer the benefits of tape, as in being offline and out of the reach of a bad guy doing "rm -rf/" on every SAN and NAS he can find with his newfound domain admin rights.
About 10-15 years ago, some drives used to have two read/write stacks of heads, each independent from the other. This was killed due due to people wanting cheap drives.
How will this play to the mobile companies selling Android products? A MVNO is nice, but wouldn't that tick off the carriers, and carriers are the entities that sell Android devices?
Maybe this is anecdotal, but I've found that those battery cases put a dent on antenna reception. If you are in a metropolitan area, it may not be an issue, but a suburban or rural area, this may be a deal breaker.
I wonder what Liquid Metal has over sintered aluminum or other alloys. LM has to have a specialized injecting molding machine that keeps a vacuum during the process. Sintering aluminum and other items have their issues, but it is a relatively simpler process to get precise items coming out.
I would say my HTC M8 is a combination of the two. Replaceable batteries are useful, and my last Motorola phone, the Atrix 2, had one and wasn't considered a porker by any means.
The SD card is more important. Sandisk has 200GB MicroSD cards out. This doesn't give just storage, but the ability to do backups, either with nandroid or with Titanium Backup. Since Titanium Backup uses a very good encryption system for backups (you set a password which encrypts the private key stored with the backup files, and TB uses the public key for backups, only asking for the password to unlock the private key for restores.) To boot, I can copy music to and from the SD card before I load it into the phone. Of course, if something happens and I end up trashing the ROM on the device, I can reload a backup while on the road.
The biggest reason why I won't buy a Samsung Galaxy is because of the fact that it took a major bounty to even get root on the device, much less a custom ROM. The HTC comparable, the One M8 (and the M9 coming out this month) happily runs my custom ROM with XPrivacy and other items. The eFuse issue with the Galaxy is another turn-off. Even with iPhones, if I have a trashed jailbreak, I can use DFU mode and factory restore the device to as good as new. The fact that the Samsung offering permanently disabled functionality is a major minus in my book.
For a corporation, Knox is a useful tool. For an individual, it doesn't do much.
Since the SoC functions are still a black box, I rather just go with a ROM on a moddable handset like the HTC One M8 with XPrivacy installed, where even if a basic fleshlight app demanded every priv under the sun, it won't get it. When it comes to phones, having the ability to block apps from phoning home is a major security feature.
Even better, why can't a company work on virtualization on a handset? That way, one can have a VM for web browsing, one for work stuff, one for home/personal, and one for clients? This is more important and would be more useful (especially if the hardware supported two SIM cards) then yet another black box phone. With online deduplication and having the hypervisor do the encryption, decent security can be maintained on a device without much fuss from the user.
I'm not attached to any of these ideas I posted, so if proven wrong, that is just fine with me... again, they were just thoughts of something that might be useful. TPM 2.0 is part of the Windows Certification spec, but oftentimes, there are many computers that will run Windows 8.1, but are not certified for it. Here is the link: https://msdn.microsoft.com/en-...
I've had phish attempts back in 1993 on Solaris and IRIX... Not good ones, but people fakemailing, pretending to be from "root", asking to run a shell script that would send the /etc/passwd file off to an anonymizer address... well before abuse forced Julf to shut down penet's remailer for good.
Easily detected, because I was the only person with root access, but I'm sure college students probably follow directions and kicked the university's passwd files there (although with NIS/NIS+, as well as the real password hashes stashed in /etc/shadow ) there wasn't much to attack, even back then.
To address points 1-3, TPM 2.0 is an item that is required for a machine to pass Windows 8.1 hardware certification, so even though it isn't explicit, the technology will be there. For better, or worse, it will be with us, so might as well make it useful. If BitLocker can be made as easy to use as FileVault, it would be a big bump in the security reputation of both the hardware vendor, as well as MS.
For point 2, a good example of doing it "right" is Boxcryptor. It is a pretty UI over EncFS, but it does work and works decently well. Most customers don't care about encryption, but it can be used in a way to provide clientside protection that is pretty much transparent. The perfect is the enemy of the good, so there would need to be something done to make recovery usable... but this is a solvable problem, similar to how Apple deals with FileVault 2 recovery issues.
For point 3, it isn't a perfect solution, but it can be implemented "right". A MicroSD card slot is one way, where the slot the card is, is permanently set to be read-only (this is part of the SD spec.) To prevent altering data, the encrypted section of the card could be used to store the OS data. Even with this, it still isn't 100% (as an evil maid could pull the card, go to a place that has the SD spec for decoding the encrypted partition, and modify things), but it is secure from most things.
For point 4, 10GB boards and modules (well, over twisted pair copper that is... NICs that use SFPs are still not inexpensive) are falling in price, so it will not be surprising to see them appearing on consumer level motherboards in a few years, perhaps with some TCP offload functionality. Done right, it would be useful, and if worse comes to worst, the functionality can be shut off entirely.
It would be nice to see Lenovo go a step ahead in the consumer market and not just stop with shovelware, but maybe bundle some security features with their products. This would go a long way to fixing their black eye in the press:
1: A TPM chip shipped off and disabled (as per the spec) on all machines would be useful. Windows Vista and newer can take advantage of this and offer solid encryption that is highly resistant to brute force attack.
2: Add clientside encryption to Reachit with a public format, perhaps getting other vendors on board. This way, users have cloud access... but files are transparently encrypted, similar to BoxCryptor.
3: Have a small SSD read-only volume with a custom WIM present for install media as well as drivers. This way, if a machine needs to be reinstalled from scratch due to a HDD or SSD replacement, this can be done anywhere, and no OS media would be needed. This also is useful for recovery as well, especially if there is a way to get to a PE environment which can be used to save off files, run an offline AV scanner, or fix a haywire application.
4: Add firewalling onto the NICs themselves. Around 10 years ago, some nVidia motherboard chipsets had this capability where the onboard NICs were intelligent enough to have the ability to have their own rulesets. This was quite useful, both to keep the OS protected with IP blacklists, as well as to limit the damage a compromised OS can do (for example, block all outgoing port 25 traffic.) As an added benefit, if someone is worried about vPro or other "ring -1" management tools, those can easily be blocked at the NIC.
Some markets just come and go. It might just be that these lines of games might be just as viable as databases for one's Cabbage Patch dolls.
Would it make money? Maybe to a niche market. If I were to do something, I'd focus on price/quality as opposed to volume. For example, the guitar would not be a cheap piece of plastic, but perhaps a real one that can be strung and played as normal once someone got tired of the game.
Also, te game should go further than the last game types. Make different instruments. Allow multiple players to play the instruments at the same time, either coop, or one after the other in a battle of the bands. Even go with odd things, such as a chainsaw and doing WASP or Jackyl songs.
Mainstream-wise, no... this genre isn't going to be in vogue again, but there is still money to be made.
For a more pedestrian use, there is one thing that an engine like this that has a specific power band range would be ideal at... and that would be a generator. Here in the US, it would need to be geared to 3600 RPM unless an inverter is used.
If they were this efficient that they could get that much power output, it might be something to have as a backup generator for a house, as it could run from natural gas, propane, gasoline, or diesel.