You can count me in that category. I signed up way back in 2008 because after getting out of college, prospective employers would demand if I had a FB/MySpace/Twitter account, and if not, the interview was up, as the HR rep felt that it was mandatory for anyone in IT to have social networking accounts to be considered up to date in skills.
So, I created a Twitter account, followed EMC and a few other names, and called it done... it did make the bean counters happy because they thought I was "with it".
We have 50-60 years of technology advancements. Look how cars have advanced. Had there not been such a strong oil/coal lobby, there would be advancements that would be impossible in today's political climate:
1: Thermal depolymerization -- turn waste products back into crude ready for use again.
2: Droughts would be mitigated as issue with desalination plants combined with the infrastructure to pump it inland.
3: More technologies would be possible to reclaim used components. Waste can be recycled cleanly.
4: More expensive (expensive as in energy) chemical processes can be used to reclaim toxic sites.
I think future generations will think we are dolts as not to have moved to nuclear sooner, because more energy available per person can mean a lot more advances and a better quality of life.
Here is the ironic thing: Both the hippies and the Tea Party people I know are all over solar, wind, and other alternative energy.
I just wonder when the tipping point happens where people and businesses stop wanting to be beholden to Middle Eastern oil and dirty coal, and move onto nuclear [1]. With more energy than what we have now, we can easily use thermal depolymerization to toss waste plastic and usable crude oil.
Depends. A website's SSL key may be slurped up. However, a root CA key should be either kept on an offline machine or kept in a hardware security module where the key won't be divulged, ever... the module will sign a key, and that's it.
I'm sure some places will have their root CA on an externally connected machine, then try to place blame, likely saying how insecure UNIX is (when it isn't any particular flavor of UNIX that is at fault.)
Don't forget Splunk, so the servers that you are managing have a place to dump logs, and where you can do syslog searches from one place. Splunk isn't a magic bullet, but it does a lot of useful functions and can scale up, and it is a very useful troubleshooting tool.
Democracy is showing its cracks here in the US. I've wondered about moving to a different system so we don't keep the same people in office for decades:
I'd propose it be done like jury duty: Come every four years, every citizen's name is tossed in a hat, names are drawn, and those people are sworn into office. No, this isn't perfect, and statistically, there is a chance of getting some real crazies... but is that worse than politicians bought and paid for by campaign donations? Statistically, it will give a true cross-section of the population. It will also get rid of gerrymandering and other crap.
This can be combined with a "no confidence" vote mechanism for further checks/balances.
A secure home server only makes sense. If you get a machine with hardware RAID, mirror the OS drive, then use RAID-Z2 [1] or RAID-Z3 for the data. If using Windows, then you get a choice between bit rot resilience with Storage Spaces + ReFS or deduplication with Storage Spaces + NTFS.
[1]: RAID-Z will find bit rot on a zfs scrub, but won't be able to fix it. RAID-Z2, RAID-Z3 and RAID-1... even ditto blocks can both find and fix it.
The ironic thing is that "real" security is pushed to the side. Old fashioned things like gpg, PGP, proper backups [1][2], sandboxing, and other basic items tend to fall into disuse while "lets just stash it in the cloud and take their word for it, as they use 'encryption' and 'firewalls'" seems to be the mode of operation of the day.
For example, I've seen some "cloud encryption" systems that require one to set up an account... and where the actual encryption key is stored can be anyone's guess (the websites on some of those sites sure do not give any details other than logged in == file access, not logged in == no access.) For remote storage, I rather use a secure archiver (PGPZip, BCArchive, even WinRAR on occassion) for file archives and TrueCrypt or similar for disks. I just prefer to pack my own parachute when it comes to encryption.
[1]: People make fun of tape, but even a relatively older tape format like LTO-4 still can provide a lot of use. It would be nice to see a "consumer grade" format that can hold a couple TB native and can handle USB at multiple speeds so shoe-shining is minimized. Maybe even add a SSD as a buffer to further minimize issues with buffer underruns.
[2]: Copying documents to a cloud drive is not a proper backup. One delete command issued by malware, and that data is gone. This also applies to copying data to external hard disks or USB flash media... all it takes is something to run through all devices, run a blkdiscard on the device, and if that doesn't work, a dd if=/dev/zero of=whatever, and everything is gone. Using BD-R/DVD+R/CD-R media is closer to a better backup because if the disk is finalized, barring something on the burner's ROM, malware won't be able to tamper with that media. Proper backups are where media is offline, preferably with media sent to at least one offsite location. However, not many places do this right these days.
Another item is that a lot of enterprises have a data recovery agent. That way, if EFS is used, one just cracks open that key, decrypts everything, calls it done.
I'm sure this will be fixed in the next version of the software. Malware is the most well written and meticulously supported software being created in the computer industry these days.
I'm reminded of fractal encryption done about 10-20 years ago. Everyone pushing it said it was 100% secure and unbreakable by mortal men. This encryption system seems to be a lot like fractals.
BitCoins are tracable forever. Those block chains never disappear. However, if one possesses a bunch of tainted coins in a wallet, and hands the wallet to someone else, in exchange for some other commodity, that can effectively hide where the coins came from.
Isn't the Yuan pinned to the dollar right now, so if China stopped accepting USD, it would only bite them, especially their debt holdings?
What is really worrisome is if China gets oil trade to move to a basket system and off the US dollar. Then things will get really pear-shaped, really quickly.
China isn't really Communist, nor communist. It definitely is a capitalist society with some vestiges of a command economy left, with the government having a voice as a part of any companies and ventures on their soil.
(All and all, that's not a bad thing... I wonder how better off the US would be if a FTC or SEC official had a say in all board meetings.)
It is a different culture. Some of what they have is good (they invested in core infrastructure while here in the US, cars were crushed, and China actually is trying to move to a decent UHC system), but some isn't.
What really needs to happen is separation of duties and storing the hashes the same way companies store private keys used for signing... a physically secure, hardened appliance with a limited interface out. Backups are done to a USB port physically on the appliance, and the data never is exposed on the network, only calls to use it.
We can use bcrypt, initial hashes, and such, but it might be better to consider a different protection method -- keep the data separate and physically isolated from everything else... i.e. put the hashes on their own separate box so that even if an attacker manages to get everything on the network, they only can access the stored hashes by trying user/password combos... and with a sane lockout method on the device with exponentially increasing lockouts, it is easy to prevent brute forcing an account.
What would be interesting is if the groups of devices could have their own individual WPA2 encryption key. That way, one wireless segment can use multiple keys in PSK mode. This way, if a smartphone is lost or changed out, just one password needs deleted rather than rekeying every device on the subnet.
Nail, head, hit. Even if someone had a device that had obvious security failings that were unfixable, the EULA/TOS by opening it up and turning it on would ensure that lawsuits would not proceed (either by forcing arbitration, or just a clause stating that it isn't their fault, no matter what.)
I have no interest in IoT. Realistically, what has to be on the Internet all the time and take commands? Why do we need to give devices full exposure if it isn't needed?
If someone wants status messages from devices, why not just have devices communicate via BlueTooth to a log box, and said log box present the data to where it needs to go? This would force an intruder to have to hack that core box, then use BlueTooth weaknesses to jump to actual devices, rather than just run scripts blindly and hope someone's widget shows up.
It would take some thought on layout to have a system that works, where if a motorcycle is in a blind spot (and sometimes they will drive on the breakdown lane to pass), it will show it.
The idea would be a very useful advance, but it would have to be tuned to be able to have information coming in at a glance so one doesn't have to take the time to notice that there is something coming in from the side or whatnot.
Maybe one compromise is on the road already. Freightliner Sprinter vans have a LED that lights up on the mirror when something is in a blind spot, as well as a decent camera arrangement when backing up.
If I had to choose between cameras or mirrors, I prefer both (since cameras add useful information, especially backup cameras), but I'd take mirrors, just because I can gauge depth in them.
There are jobs out there. However, the days of 2008 where one could put out 99 cent fart apps and rake in the cash, or the days of 2012 where one could put out a free-to-play, pay-to-win game are now behind us. The market is saturated.
But there are markets where things are not like that and niches can be made. Embedded programming will be work that requires a real expert, just because each application (and hardware device) is different. A microcontroller for a RV's A/C will require a completely different set of code than a microcontroller that monitors a building's HVAC system at multiple locations. One size does not fit all in the embedded arena, so "commodity development" (i.e. offshoring) will be more expensive than hiring people domestically since there is new ground to be broken.
I'm sure the next bubble is going to be security. SSL/TLS need to be reworked to support multiple root CAs in case one is compromised. That way, if two CAs have no clue about a cert, but one CA vets it, this can raise a red flag. Security isn't something one can do on the cheap. This needs real expertise, and more than just reading "The Cookoo's Egg" and calling oneself a "security professional". White/black hat hacking is going to be an important part of things, and this, yet again, isn't something that comes cheap.
Then there is the fact that there are international issues now. Just last year, people were content to get all their hardware from one country, their software from another. Now, nations want to pack their own parachutes and develop their security in house, and not rely solely on the word of other countries that the smartphones or other items don't come bristling with backdoors and kill switches. So, there will be duplication of effort that wasn't around just a year ago.
On this note, governments will become a bigger client for developers. They will want their own infrastructures, social media sites, and many other items. This will be where the money lies for upcoming companies because governments have deep pockets, and the ability to work on things even if not an immediate profit is obtainable.
Then there are items to be addressed that would make money, infrastructure wise. Here in the US, there is plenty of LAN bandwidth to go around. WAN bandwidth is expensive. Someone making an infrared laser routing system and other means (microwave relay) to create a mesh network would likely make a lot of money, especially if it has innate encryption that consists of more than "trust us, the glowing 'it is encrypted' LED ensures 100% security" flim-flam.
Finally, the model of advertising revenue is going to hit a wall pretty soon. Once ad-supported sites start selling to advertisers every click, mouse wiggle, and keyboard stroke that subscribers do, or even worse, demand intrusive spyware be installed on subscribers' machines, then there will be no more they can sell to the advertisers. Once that happens, the bubble will collapse. Who knows from there. "Free" E-mail may become a thing of the past, perhaps even Google or other search engine use would require micropayments.
All and all, there are still niches to be filled. One just can't follow the herd all day long and expect to be able to get to fresh grass.
From the picture, it is even worse: "5V current ranges plus USB PD."
Realistically, how many amps is thing thing going to allow? 100 watts means that those wires will handle 20 amps, and handle this factoring in voltage drops, especially with the skinny cables and tiny connectors.
Realistically, I wish the USB-C connector could start at 5 volts but negotiate to 12 volts to offset voltage drop. Higher voltages would help more, but then there will be electrocution issues past 12-24 volts depending on a lot of factors. It would be nice to push 48 volts through two wires dedicated to power because that would easily allow 100 watts... but would one trust the bottom-basement Chinese electronic junk with such a high voltage that a short or a misrouted connection doesn't fry other connections or shock the user? I wouldn't.
Even at 12 volts, 10 amps through those small wires is asking a lot, so realistically, 100 watts of power is a joke. I'd expect at most 20-25 watts unless magically the USB consortium is able to spec and deliver on superconductive wires or goes to thicker cables and connectors.
However, any improvements from the usual 2.1 amps through current USB connectors is definitely a step in the right direction.
However, every H-1B coming in will require a payroll tax to be paid that is the difference between the H-1B's salary and either an average salary for a professional in that field or the median US income, whichever is higher. That way, if a place hired someone for $20,000.00/year, the company will have to pay a tax of $31,017.00 at the minimum ($51010/year was the median income in 2012.)
If a company needs specialized labor, they can get it and it won't cost them much relatively. However, this will put a stop to flooding a market with H-1Bs just to drive down wages, and the taxes obtained will help offset the spending power lost by US workers.
In the AIX world, compression does come into handy. Probably the ideal place are applications like low-volume Splunk indexers that end up getting handed redundant data (syslog entries, performance counters), so even the in-RAM read/write disk cache can be compressed.
Then there are those Web servers that have something oddball internally, but have to remain. Someone wants an internal wiki which nobody maintains, so that one is ideal for turning compression to max and just forgetting about.
Of course, there are VMs that you don't want compression on. The instance that does compiler builds comes to mind. Similar with very heavy I/O tasks like high-volume RDMS machines.
This isn't a completely new feature. AIX has had this since at least version 7.1.
It is useful for virtualization. VMs that don't really do much (a tertiary DNS or a rarely used DB server for example) can still be kept in RAM, but the RAM they use minimized so other tasks/VMs have it available.
Of course the downside is if all the VMs decide to go for maximum activity at the same time. On AIX, this will peg the CPU, and cause swapping (especially if the compression ratio is set high.) Not sure what this will do on Linux, likely add significantly to CPU load.
It is only going to backfire. If people realize that their files are being scanned and access blocked because they might be looked at, Dropbox will either become a ghost town or people will just grab a copy of TrueCrypt and start encrypting everything, and then everything goes dark in regards of scanning. If DB blocks encryption, then people will just give them the middle finger and move to GDrive which offers a lot more storage for the unit of currency.
The last thing Dropbox needs is bad publicity. Google is nipping on their heels with very inexpensive storage. Google's app may not be as polished as DB's for photo uploads on iOS, but it is still usable.
2: Scan an offline volume (a VM's disk image) for potential infections.
For real time threats that attack the Web browser and the add-ons, the only real protection is blocking ads via AdBlock, utilities that block by IP address, denying plugins the ability to run unless explicitly clicked on, sandboxing the whole mess so any changes to the filesystem can be easily dumped, and running the browser that you use for banking in a different browser/sandbox as the one you do for other sites.
Slashdot Mirror
You can count me in that category. I signed up way back in 2008 because after getting out of college, prospective employers would demand if I had a FB/MySpace/Twitter account, and if not, the interview was up, as the HR rep felt that it was mandatory for anyone in IT to have social networking accounts to be considered up to date in skills.
So, I created a Twitter account, followed EMC and a few other names, and called it done... it did make the bean counters happy because they thought I was "with it".
+1.
We have 50-60 years of technology advancements. Look how cars have advanced. Had there not been such a strong oil/coal lobby, there would be advancements that would be impossible in today's political climate:
1: Thermal depolymerization -- turn waste products back into crude ready for use again.
2: Droughts would be mitigated as issue with desalination plants combined with the infrastructure to pump it inland.
3: More technologies would be possible to reclaim used components. Waste can be recycled cleanly.
4: More expensive (expensive as in energy) chemical processes can be used to reclaim toxic sites.
I think future generations will think we are dolts as not to have moved to nuclear sooner, because more energy available per person can mean a lot more advances and a better quality of life.
Here is the ironic thing: Both the hippies and the Tea Party people I know are all over solar, wind, and other alternative energy.
I just wonder when the tipping point happens where people and businesses stop wanting to be beholden to Middle Eastern oil and dirty coal, and move onto nuclear [1]. With more energy than what we have now, we can easily use thermal depolymerization to toss waste plastic and usable crude oil.
[1]: Thorium reactors show great promise.
Depends. A website's SSL key may be slurped up. However, a root CA key should be either kept on an offline machine or kept in a hardware security module where the key won't be divulged, ever... the module will sign a key, and that's it.
I'm sure some places will have their root CA on an externally connected machine, then try to place blame, likely saying how insecure UNIX is (when it isn't any particular flavor of UNIX that is at fault.)
Don't forget Splunk, so the servers that you are managing have a place to dump logs, and where you can do syslog searches from one place. Splunk isn't a magic bullet, but it does a lot of useful functions and can scale up, and it is a very useful troubleshooting tool.
Democracy is showing its cracks here in the US. I've wondered about moving to a different system so we don't keep the same people in office for decades:
I'd propose it be done like jury duty: Come every four years, every citizen's name is tossed in a hat, names are drawn, and those people are sworn into office. No, this isn't perfect, and statistically, there is a chance of getting some real crazies... but is that worse than politicians bought and paid for by campaign donations? Statistically, it will give a true cross-section of the population. It will also get rid of gerrymandering and other crap.
This can be combined with a "no confidence" vote mechanism for further checks/balances.
A secure home server only makes sense. If you get a machine with hardware RAID, mirror the OS drive, then use RAID-Z2 [1] or RAID-Z3 for the data. If using Windows, then you get a choice between bit rot resilience with Storage Spaces + ReFS or deduplication with Storage Spaces + NTFS.
[1]: RAID-Z will find bit rot on a zfs scrub, but won't be able to fix it. RAID-Z2, RAID-Z3 and RAID-1... even ditto blocks can both find and fix it.
The ironic thing is that "real" security is pushed to the side. Old fashioned things like gpg, PGP, proper backups [1][2], sandboxing, and other basic items tend to fall into disuse while "lets just stash it in the cloud and take their word for it, as they use 'encryption' and 'firewalls'" seems to be the mode of operation of the day.
For example, I've seen some "cloud encryption" systems that require one to set up an account... and where the actual encryption key is stored can be anyone's guess (the websites on some of those sites sure do not give any details other than logged in == file access, not logged in == no access.) For remote storage, I rather use a secure archiver (PGPZip, BCArchive, even WinRAR on occassion) for file archives and TrueCrypt or similar for disks. I just prefer to pack my own parachute when it comes to encryption.
[1]: People make fun of tape, but even a relatively older tape format like LTO-4 still can provide a lot of use. It would be nice to see a "consumer grade" format that can hold a couple TB native and can handle USB at multiple speeds so shoe-shining is minimized. Maybe even add a SSD as a buffer to further minimize issues with buffer underruns.
[2]: Copying documents to a cloud drive is not a proper backup. One delete command issued by malware, and that data is gone. This also applies to copying data to external hard disks or USB flash media... all it takes is something to run through all devices, run a blkdiscard on the device, and if that doesn't work, a dd if=/dev/zero of=whatever, and everything is gone. Using BD-R/DVD+R/CD-R media is closer to a better backup because if the disk is finalized, barring something on the burner's ROM, malware won't be able to tamper with that media. Proper backups are where media is offline, preferably with media sent to at least one offsite location. However, not many places do this right these days.
Another item is that a lot of enterprises have a data recovery agent. That way, if EFS is used, one just cracks open that key, decrypts everything, calls it done.
I'm sure this will be fixed in the next version of the software. Malware is the most well written and meticulously supported software being created in the computer industry these days.
I'm reminded of fractal encryption done about 10-20 years ago. Everyone pushing it said it was 100% secure and unbreakable by mortal men. This encryption system seems to be a lot like fractals.
BitCoins are tracable forever. Those block chains never disappear. However, if one possesses a bunch of tainted coins in a wallet, and hands the wallet to someone else, in exchange for some other commodity, that can effectively hide where the coins came from.
Isn't the Yuan pinned to the dollar right now, so if China stopped accepting USD, it would only bite them, especially their debt holdings?
What is really worrisome is if China gets oil trade to move to a basket system and off the US dollar. Then things will get really pear-shaped, really quickly.
China isn't really Communist, nor communist. It definitely is a capitalist society with some vestiges of a command economy left, with the government having a voice as a part of any companies and ventures on their soil.
(All and all, that's not a bad thing... I wonder how better off the US would be if a FTC or SEC official had a say in all board meetings.)
It is a different culture. Some of what they have is good (they invested in core infrastructure while here in the US, cars were crushed, and China actually is trying to move to a decent UHC system), but some isn't.
What really needs to happen is separation of duties and storing the hashes the same way companies store private keys used for signing... a physically secure, hardened appliance with a limited interface out. Backups are done to a USB port physically on the appliance, and the data never is exposed on the network, only calls to use it.
We can use bcrypt, initial hashes, and such, but it might be better to consider a different protection method -- keep the data separate and physically isolated from everything else... i.e. put the hashes on their own separate box so that even if an attacker manages to get everything on the network, they only can access the stored hashes by trying user/password combos... and with a sane lockout method on the device with exponentially increasing lockouts, it is easy to prevent brute forcing an account.
What would be interesting is if the groups of devices could have their own individual WPA2 encryption key. That way, one wireless segment can use multiple keys in PSK mode. This way, if a smartphone is lost or changed out, just one password needs deleted rather than rekeying every device on the subnet.
Nail, head, hit. Even if someone had a device that had obvious security failings that were unfixable, the EULA/TOS by opening it up and turning it on would ensure that lawsuits would not proceed (either by forcing arbitration, or just a clause stating that it isn't their fault, no matter what.)
I have no interest in IoT. Realistically, what has to be on the Internet all the time and take commands? Why do we need to give devices full exposure if it isn't needed?
If someone wants status messages from devices, why not just have devices communicate via BlueTooth to a log box, and said log box present the data to where it needs to go? This would force an intruder to have to hack that core box, then use BlueTooth weaknesses to jump to actual devices, rather than just run scripts blindly and hope someone's widget shows up.
It would take some thought on layout to have a system that works, where if a motorcycle is in a blind spot (and sometimes they will drive on the breakdown lane to pass), it will show it.
The idea would be a very useful advance, but it would have to be tuned to be able to have information coming in at a glance so one doesn't have to take the time to notice that there is something coming in from the side or whatnot.
Maybe one compromise is on the road already. Freightliner Sprinter vans have a LED that lights up on the mirror when something is in a blind spot, as well as a decent camera arrangement when backing up.
If I had to choose between cameras or mirrors, I prefer both (since cameras add useful information, especially backup cameras), but I'd take mirrors, just because I can gauge depth in them.
I stand corrected... Your model is far better. The intent was to give an example of what core protocols need to be improved to handle modern attacks.
There are jobs out there. However, the days of 2008 where one could put out 99 cent fart apps and rake in the cash, or the days of 2012 where one could put out a free-to-play, pay-to-win game are now behind us. The market is saturated.
But there are markets where things are not like that and niches can be made. Embedded programming will be work that requires a real expert, just because each application (and hardware device) is different. A microcontroller for a RV's A/C will require a completely different set of code than a microcontroller that monitors a building's HVAC system at multiple locations. One size does not fit all in the embedded arena, so "commodity development" (i.e. offshoring) will be more expensive than hiring people domestically since there is new ground to be broken.
I'm sure the next bubble is going to be security. SSL/TLS need to be reworked to support multiple root CAs in case one is compromised. That way, if two CAs have no clue about a cert, but one CA vets it, this can raise a red flag. Security isn't something one can do on the cheap. This needs real expertise, and more than just reading "The Cookoo's Egg" and calling oneself a "security professional". White/black hat hacking is going to be an important part of things, and this, yet again, isn't something that comes cheap.
Then there is the fact that there are international issues now. Just last year, people were content to get all their hardware from one country, their software from another. Now, nations want to pack their own parachutes and develop their security in house, and not rely solely on the word of other countries that the smartphones or other items don't come bristling with backdoors and kill switches. So, there will be duplication of effort that wasn't around just a year ago.
On this note, governments will become a bigger client for developers. They will want their own infrastructures, social media sites, and many other items. This will be where the money lies for upcoming companies because governments have deep pockets, and the ability to work on things even if not an immediate profit is obtainable.
Then there are items to be addressed that would make money, infrastructure wise. Here in the US, there is plenty of LAN bandwidth to go around. WAN bandwidth is expensive. Someone making an infrared laser routing system and other means (microwave relay) to create a mesh network would likely make a lot of money, especially if it has innate encryption that consists of more than "trust us, the glowing 'it is encrypted' LED ensures 100% security" flim-flam.
Finally, the model of advertising revenue is going to hit a wall pretty soon. Once ad-supported sites start selling to advertisers every click, mouse wiggle, and keyboard stroke that subscribers do, or even worse, demand intrusive spyware be installed on subscribers' machines, then there will be no more they can sell to the advertisers. Once that happens, the bubble will collapse. Who knows from there. "Free" E-mail may become a thing of the past, perhaps even Google or other search engine use would require micropayments.
All and all, there are still niches to be filled. One just can't follow the herd all day long and expect to be able to get to fresh grass.
From the picture, it is even worse: "5V current ranges plus USB PD."
Realistically, how many amps is thing thing going to allow? 100 watts means that those wires will handle 20 amps, and handle this factoring in voltage drops, especially with the skinny cables and tiny connectors.
Realistically, I wish the USB-C connector could start at 5 volts but negotiate to 12 volts to offset voltage drop. Higher voltages would help more, but then there will be electrocution issues past 12-24 volts depending on a lot of factors. It would be nice to push 48 volts through two wires dedicated to power because that would easily allow 100 watts... but would one trust the bottom-basement Chinese electronic junk with such a high voltage that a short or a misrouted connection doesn't fry other connections or shock the user? I wouldn't.
Even at 12 volts, 10 amps through those small wires is asking a lot, so realistically, 100 watts of power is a joke. I'd expect at most 20-25 watts unless magically the USB consortium is able to spec and deliver on superconductive wires or goes to thicker cables and connectors.
However, any improvements from the usual 2.1 amps through current USB connectors is definitely a step in the right direction.
Here is how to do it. Remove caps on H-1B labor.
However, every H-1B coming in will require a payroll tax to be paid that is the difference between the H-1B's salary and either an average salary for a professional in that field or the median US income, whichever is higher. That way, if a place hired someone for $20,000.00/year, the company will have to pay a tax of $31,017.00 at the minimum ($51010/year was the median income in 2012.)
If a company needs specialized labor, they can get it and it won't cost them much relatively. However, this will put a stop to flooding a market with H-1Bs just to drive down wages, and the taxes obtained will help offset the spending power lost by US workers.
In the AIX world, compression does come into handy. Probably the ideal place are applications like low-volume Splunk indexers that end up getting handed redundant data (syslog entries, performance counters), so even the in-RAM read/write disk cache can be compressed.
Then there are those Web servers that have something oddball internally, but have to remain. Someone wants an internal wiki which nobody maintains, so that one is ideal for turning compression to max and just forgetting about.
Of course, there are VMs that you don't want compression on. The instance that does compiler builds comes to mind. Similar with very heavy I/O tasks like high-volume RDMS machines.
This isn't a completely new feature. AIX has had this since at least version 7.1.
It is useful for virtualization. VMs that don't really do much (a tertiary DNS or a rarely used DB server for example) can still be kept in RAM, but the RAM they use minimized so other tasks/VMs have it available.
Of course the downside is if all the VMs decide to go for maximum activity at the same time. On AIX, this will peg the CPU, and cause swapping (especially if the compression ratio is set high.) Not sure what this will do on Linux, likely add significantly to CPU load.
It is only going to backfire. If people realize that their files are being scanned and access blocked because they might be looked at, Dropbox will either become a ghost town or people will just grab a copy of TrueCrypt and start encrypting everything, and then everything goes dark in regards of scanning. If DB blocks encryption, then people will just give them the middle finger and move to GDrive which offers a lot more storage for the unit of currency.
The last thing Dropbox needs is bad publicity. Google is nipping on their heels with very inexpensive storage. Google's app may not be as polished as DB's for photo uploads on iOS, but it is still usable.
AV programs are useful for two things:
1: Make the legal eagles happy.
2: Scan an offline volume (a VM's disk image) for potential infections.
For real time threats that attack the Web browser and the add-ons, the only real protection is blocking ads via AdBlock, utilities that block by IP address, denying plugins the ability to run unless explicitly clicked on, sandboxing the whole mess so any changes to the filesystem can be easily dumped, and running the browser that you use for banking in a different browser/sandbox as the one you do for other sites.