Almost all AV software is (to borrow a British term) bollocks. One time interval, one AV offering is at the top of the heap. Next time interval, same package is now getting stomped on by other tests, and some tests are not really objective.
Every other OS out there except Windows runs quite fine without AV software. The only reason McAfee is running on the AIX or Solaris box is because it makes the legal eagles happy... and even then, the software only runs when a cron job fires off to fetch updates, then go scan down filesystems... and there are just not going to be any viruses in COFF format on a JFS2 filesystem, nor any on a ZFS pool, barring Windows malware on a samba share.
Realistically, what I've found that protects against the bad crap, would be ad blocking Web extensions and software that blocks bad IP addresses. Yes, in theory, there may be a way for a bad guy to jump a firewall, connect to machines behind a NAT, and inject malware directly, but that is exceedingly rare. The biggest threat next to Trojans (the.pdf.exe or the "foo.pdf.exe" files) are security holes in the Web browser or add-ons. A zero day in a popular browser sells for a lot because it can bring even more revenue in. CryptoLocker has showed that to be the case.
The best way of protection these days is defense in depth. Something like Qubes OS where not just the memory and registers are virtualized, but the complete filesystem. Then, this is combined with a rollback ability so when the Web browser is not used, any code other than signed add-ons is purged, and only data is stored. However, on the operating systems we have now, the next best thing is either running the most dangerous thing (the Web browser) in a virtual machine, or at the minimum a sandbox that redirects writes to a separate filesystem [1].
This sounds like a lot of effort, but it really isn't, once things are set up, and assuming the host machine has enough RAM to keep the VM happy. (XP can do decently in 512MB of RAM, or one can run a modern Linux distro with a modern DE in 1024-2048 MB of RAM.)
With most malware being zero day stuff, if it manages to get a user context, or an Administrator context, you tend to be screwed no matter how good the AV program is, except for Malwarebytes which blocks by IP addresses.
AV has two uses in my book: It keeps the legal eagles happy, and is a checkbox come audit time. It also can useful for scanning offline volumes, to check if a backup image has been rootkitted.
[1]: The reason for the separate filesystem is that I've encountered malware that will just write bunches of zero byte files, or create directories until Windows's analog of inodes are used up. With the sandbox on a separate FS, it doesn't take much to kill the sandbox, reformat the volume, re-Bitlocker [2] it, and continue on.
[2]: With a BitLocker protected filesystem, if you run a Vista or newer format.exe on it, the format command will notice it is a BDE filesystem, and overwrite multiple times the spaces where the old master volume keys are stored, effectively ensuring the volume cannot be recovered.
About a year or two, this was rampant, as there were pictures of people who drilled a hole, had a grey core staring back at them in their 100 ounce gold bars. To boot, the bars were made by a very reliable mint, had assay certificates, and had no obvious marks, so the counterfeiters were very good.
I'm all for solar windows on buildings. It doesn't bring in that much energy per unit area, but on a large, multi-story building, the energy obtained can be substantial.
This is useful for both on-grid use (to help lower power bills), as well as off-grid use (power to be stored in batteries and used with PSW inverters for very clean power in the structure.)
Stuff like this isn't revolutionary, but with energy use, any step helps.
If the data is stored on SSD, it even is easier... just encrypt the files and force a TRIM on empty space.
Previous to this, ransomware was in the wings, but it was relatively amateurish. It used relatively small keys, or spread via a vector that was already plugged by most AV stuff. Now, with zero-days used to get the software onto machines, this is not just a threat, but a big money-maker for the bad guys.
I just wonder if kill switches will help the matter, or if iPhones will just be parted out. Just the screen is $175, and that is on eBay because Apple doesn't have replacements yet. The other components will also be useful, be it the rest of the case, speaker, battery, etc.
Even if the device is completely and utterly bricked, either by a remote erase command (and not able to be activated due to needing the AppleID), or via the GSM/LTE network, the fence who gets the phone will be able to make at least $200 from each stolen device, perhaps far more. There are a lot of iPhone screen repair shops, and one can never know for sure if the screen was purchased from an honest source, or if the screen came from a request reinforced with a knife at the throat. At the right price, the customer wouldn't care. Plus, there are no serial numbers on screens either.
I really do not think blocking iPhones will make a dent in theft. It sure didn't lower the amount of thefts when Apple put in the iOS 7 feature where part of activation was entering in the old AppleID.
You hit the nail on the head. With CDMA providers, unless you buy the device from them, AFAIK, they won't allow it on the network. With GSM providers, if you had an unlocked device with the proper antenna bands, it would work without issue, and just swapping the SIM did the job. No calling up and pleading for permission to use the device, just a card swap and perhaps a power cycle.
A simless device gets us back to the bad old days. With those, I have to beg/plead with the telco in order to have a device allowed on their network, and they can easily just give me the middle finger.
The only non-enterprise backup utility that can do this client-server motif these days is Retrospect. However, the licensing fees for the server version are atrocious. It works OK with disks, but apparently with optical media like Blu-Rays, it has a very limited hardware list, and anything not on the list will not be allowed to even read backups.
Of course, there is always NetBackup, but the ticket for entry into that ballgame will be six digits.
This may be archaic, but this is one application where tape backups can come in handy. Once data is stashed on a tape and the tape dismounted, it is out of reach to malware looking for anything online to disrupt. WORM tapes even more so, since once the session is closed, it is there for good, so malware can't erase the data that is previously written.
Maybe one idea that might help with this is an external hard drive with a large UDF filesystem. Files can be easily copied to it, but once written, they cannot be deleted. Of course, the malware can fill up the drive with garbage or files similar to the relevant ones making it useless for backups, but the data already written would still be accessible.
Depends on the OS. Server operating systems will have a SmartScreen filter that requests to be set up once the machine is running, and will immediately prompt if it encounters unsigned applications and disallow them to run.
This capability is present in Windows 7 and newer (AppLocker), but it isn't turned on unless someone has the "pro" version and access to gpedit.
I've been hacking together a system on a Windows Server 2012 box, where the clients copy their documents to a directory in their own individual shares, then when done, the directories get moved to another directory not accessible to the clients. Then, later in the night, the deduplication process fires off, so for the most part, only changed in the stored documents are stored. Of course, this may not help if the malware is smart enough to do its dirty work slowly over a period of time where old backups are cycled out.
As the parent stated, probably the best way to deal with this is what the parent stated -- something like the Qubes OS project where every application not just has its own memory space, but has its own filesystem completely separate from the other programs. Add to this a backup program that pulls data from a machine (where the client can only start backups, but cannot access backed up info unless it is directly pushed from the server), and this would provide some answer to ransomware.
The scary thing: Ransomware has been around, but CryptoLocker is really the first shot across the bow that uses browser (or browser add-on) holes, Trojans, and other weaknesses to actively do its dirty work. It also is extremely well engineered where the keys are not findable once the software does its nasty deeds.
Depends on OS. Windows uses snapshot functionality, and in theory, it wouldn't be hard for malware to not bother intercepting the files opened under a backup context so they get backed up encrypted compared to files opened directly by the user.
EFS on NTFS works in a similar fashion. If I back up a directory full of EFS protected files, they are stored encrypted. If I fire up a utility like WinRAR which opens files as an application does, Windows will decrypt the files automatically.
There are levels of civilization and currencies that match those levels.
At the absolute lowest level, the currency and the useful items in question will be one and the same. Food, water, and ammo will be foremost. Since ammo (for the most part) can be considered fungible, it probably will end up the currency at this level of civilization (or lack of) because it has a definite use.
Once things calm down, and there is some security, gold and silver are good for trade because they provide a lot of value in a relatively small package.
Things start stabilizing and financial institutions pop up which get a good reputation, and the precious metals can be replaced by paper redeemable for those metals. This makes trade even easier, and here, there can be more paper out there than precious metals (assuming no complete run on the institution.)
After that, comes fiat currencies and cryptocurrencies (since it takes a lot of infrastructure to validate BitCoin blockchains, as this can't be done offline unless one wants to risk being scammed by double-spenders.)
Using a fiat currency when people are in survival mode will get one laughed at. Even using precious metals when people are trying to survive might even be pointless. The more stable society gets, the more complex the currencies can become and still be accepted.
David Chaum had a pretty good cryptocurrency going that was truly anonymous (blinding factors and everything.)
I remember this from the toad.com Cypherpunks days. However, even though it was a usable currency, it never caught on.
What I can see happening is some "trusted" site (use that word as you may) offering a steady "X" amount of their credits for BitCoins. Then, when people use the Chaumian currency, the transactions are truly anonymous, and when the currency is changed back into BitCoins, no matter how good the blockchain auditing is, the coins are pretty much laundered.
IMHO, CryptoLocker is just the first shot across the bow.
Long term, maybe it will be a good thing, similar to the old PC days where BIOS killing viruses finally got people to actually care about average security or else keep buying new computers.
Of course, malware like this pretty much trashes almost every single backup system known to man. The enterprise is less affected because of programs like NetBackup that pull data, so malicious software is unable to touch previous backups. However, the main form of backups people do (if they bother to do anything) is copying to a secondary hard disk, which allows the backups to be accessed by malware and destroyed. Services like Mozy sort of help, but they might not keep a previous version of a file that hasn't been corrupted by ransomware, especially if the software is relatively slow and encrypts files over a long period of time to escape detection.
What I am waiting to see is Cryptolocker's descendant. This software will install itself through a hole in a Web browser or add-ons. It will install a low level Windows driver. It will then generate a private key and keep it local to the machine, sending a backup to the ransomware's servers. The software will gradually encrypt files over time. However, when an encrypted file is accessed, it will decrypt it on the fly... for a time.
Then, once it completes encrypting files, it will stop decrypting on the fly, purges the private keys it used, then demand ransom. Since this was done over a period of weeks to months, even backups stored on Mozy or other places will be locked out.
The Surface Pro is a pretty decent piece of hardware. If MS had a decent dock for it that supported Thunderbolt and USB 3.0 so it could be used with a decent monitor, keyboard, and mouse, it would come close to a desktop replacement, although it may not run the latest Crysis iterations at max settings.
Plus, the Secure UEFI Boot can be switched off to use it as a Linux tablet, should the want/need arise.
I think we all feel that way. However, the average Joe is the one with the money, and keeping him relatively safe is a boon for everyone in the Android ecosystem.
The other answer is to have a locked down platform like iOS where nobody can see a true "#" prompt or know what is going on in the device. Given a choice between a walled garden with no way out, versus one that has walls with a switch to flip to drop the walls as one's will, I'll take the latter.
Google needs to start tiering their store. One tier is stuff actively moderated with strict, Draconian guidelines and perhaps additional fees to support this degree of moderation. This tier would be similar to Amazon's, Microsoft's, or Amazon's store and if an app doesn't toe the line perfectly, it gets pulled without mercy (since it can easily be offered on the "free for all" tier.) The second tier would be what their store is now -- pay a fee for an account, upload, and go from there.
The next step is by default, have Android devices download only from the restricted tier of the Google Play Store, and a checkbox, similar to the one that allows sideloading, for using the open tier of their market. This way, the average Joe who doesn't know or doesn't care about permissions is kept safe from potentially malicious software by only being in the actively moderated tier, but someone who has some sort of a clue can turn that protection off and go for whatever utility they want.
Of course, there is worse in the way of markets. AFIAK, China has no access to the Google Play store, and Chinese app stores may have absolutely zero curation or moderation in place whatsoever, so there may be numerous copies of a perfectly legit app, except only one doesn't bring with it an added payload. To boot, number of downloads isn't a good statistic if bogus store accounts are easily created.
Agreed. The one mitigating factor is that the trade-in value is higher, similar to having 4WD in a pickup.
My biggest complaint about modern US diesels is that they will self-destruct (more realistically, brick themselves) if taken out of the US or Canada, due to the ultra low sulfur versus low sulfur fuels and the new emission systems. Take a Freightliner [1] Sprinter to Mexico and fill it up on low sulfur diesel, and the vehicle's computer will be throwing a code almost immediately, perhaps going into limp home mode soon after (causing very large repair bills, as a plugged DPF can run $3200 as a replacement). Of course, anything above B5 or B10 will also kill the emissions, so dreams of running WMO/WVO are out the window.
[1]: Freightliner or Mercedes. Same vehicle, and the badging can be swapped out to make the local busybodies in a neighborhood happy.
You won't be breaking 0-60 records anywhere near a metro area anyway.
Believe it or not, diesels are getting embraced in the US. The Mercedes Sprinter van is a hit, and both Ford and Fiat (er, Chrysler) are both trying to get some type of decent diesel engine in a van that can compete. This is important because of fleet use of these vehicles.
The "grocery getter" (i.e. half-ton) pickups are getting diesels as well, starting with the Chrysler RAM 1500.
As for hybrids or electric vehicles, I've wondered about just having a pure EV drivetrain, then using a generator from Onan or Kohler mounted onboard with a fuel tank. This would require less time to design around, because the generators are already pre-made, and could be easily replaced if a part fails. Most motorhomes have an onboard genset, usually mounted underneath the rig, and if mounted properly with shock mounts and an exhaust resonator, are not loud.
The books were excellent when I was in high school and learning the basics.
Thank you for making such clear books for an absolute beginner to even get near grokking basic electronics.
Of course, I still suck at soldering (last time I inadvertently made a solder bridge on a 741, and had a prompt magic smoke exit, so I leave that to people with steadier hands.) However, this knowledge helps later on, be it with a solar charging system or other projects.
What will happen is that companies will spawn off sub-contractors which do all the coding and are completely offshore entities.
For example, foocorp spawns off ABC Coders. ABC Coders just does business in one country, selling and maintaining its codebase to foocorp. Foocorp is just a customer, so if a government demands a bug bounty, they would have to go upstream to ABC Coders, and since ABC Coders does not do international business, they can give other nations the middle finger when it comes to their regulations.
I like my refrigerator to keep things cold, perhaps make ice. Not act as a TV or entertainment center, nor share data with the world about the expiration date on the cottage cheese stashed in the crisper drawer [1]. Just run the refrigerant around in the tubes to move heat from the inside to the outside until it hits the right temperature, then stop doing so until the temperature warms up enough to restart the cycle.
Same with my A/C or heater. Heat/cool until it hits the right temperature, stop, then resume working when the temperature rises or falls enough.
I don't care to have to worry about additional Wi-Fi connections, security ramifications if the bad guys get on the internal Wi-Fi segment, mass data gathering. I want appliances to do their basic function, and that's that.
The only connected exception would be smoke, water, and burglar alarms, and even then, it should only connect to a dedicated monitoring center and nowhere else.
[1]: One rule -- if it gets on the Internet, it will eventually be public.
USB 3.5 has a completely different connector than legacy cables... one like Apple's Lightning connector that plugs in either way, and can handle a lot more wattage.
Wasn't there prior art, from a Japanese crock pot that had this technology initially?
What would be nice is to not just have power, but to have data and video on this connector. That way, one can have Thunderbolt, HDMI 2, power, 2-3 lanes of USB 3.5, 1-2 lanes of USB 2.0 (for keyboards and HIDs), and of course GigE or 10GigE, all on the same wire.
Of course, with the space freed up on the device with this one port doing virtually everything, maybe device makers might start putting back the Kensington lock slot. It won't stop a determined thief, but it does deal with the casual/opportunistic snatching.
Slashdot Mirror
Almost all AV software is (to borrow a British term) bollocks. One time interval, one AV offering is at the top of the heap. Next time interval, same package is now getting stomped on by other tests, and some tests are not really objective.
Every other OS out there except Windows runs quite fine without AV software. The only reason McAfee is running on the AIX or Solaris box is because it makes the legal eagles happy... and even then, the software only runs when a cron job fires off to fetch updates, then go scan down filesystems... and there are just not going to be any viruses in COFF format on a JFS2 filesystem, nor any on a ZFS pool, barring Windows malware on a samba share.
Realistically, what I've found that protects against the bad crap, would be ad blocking Web extensions and software that blocks bad IP addresses. Yes, in theory, there may be a way for a bad guy to jump a firewall, connect to machines behind a NAT, and inject malware directly, but that is exceedingly rare. The biggest threat next to Trojans (the .pdf.exe or the "foo.pdf .exe" files) are security holes in the Web browser or add-ons. A zero day in a popular browser sells for a lot because it can bring even more revenue in. CryptoLocker has showed that to be the case.
The best way of protection these days is defense in depth. Something like Qubes OS where not just the memory and registers are virtualized, but the complete filesystem. Then, this is combined with a rollback ability so when the Web browser is not used, any code other than signed add-ons is purged, and only data is stored. However, on the operating systems we have now, the next best thing is either running the most dangerous thing (the Web browser) in a virtual machine, or at the minimum a sandbox that redirects writes to a separate filesystem [1].
This sounds like a lot of effort, but it really isn't, once things are set up, and assuming the host machine has enough RAM to keep the VM happy. (XP can do decently in 512MB of RAM, or one can run a modern Linux distro with a modern DE in 1024-2048 MB of RAM.)
With most malware being zero day stuff, if it manages to get a user context, or an Administrator context, you tend to be screwed no matter how good the AV program is, except for Malwarebytes which blocks by IP addresses.
AV has two uses in my book: It keeps the legal eagles happy, and is a checkbox come audit time. It also can useful for scanning offline volumes, to check if a backup image has been rootkitted.
[1]: The reason for the separate filesystem is that I've encountered malware that will just write bunches of zero byte files, or create directories until Windows's analog of inodes are used up. With the sandbox on a separate FS, it doesn't take much to kill the sandbox, reformat the volume, re-Bitlocker [2] it, and continue on.
[2]: With a BitLocker protected filesystem, if you run a Vista or newer format.exe on it, the format command will notice it is a BDE filesystem, and overwrite multiple times the spaces where the old master volume keys are stored, effectively ensuring the volume cannot be recovered.
About a year or two, this was rampant, as there were pictures of people who drilled a hole, had a grey core staring back at them in their 100 ounce gold bars. To boot, the bars were made by a very reliable mint, had assay certificates, and had no obvious marks, so the counterfeiters were very good.
I'm all for solar windows on buildings. It doesn't bring in that much energy per unit area, but on a large, multi-story building, the energy obtained can be substantial.
This is useful for both on-grid use (to help lower power bills), as well as off-grid use (power to be stored in batteries and used with PSW inverters for very clean power in the structure.)
Stuff like this isn't revolutionary, but with energy use, any step helps.
If the data is stored on SSD, it even is easier... just encrypt the files and force a TRIM on empty space.
Previous to this, ransomware was in the wings, but it was relatively amateurish. It used relatively small keys, or spread via a vector that was already plugged by most AV stuff. Now, with zero-days used to get the software onto machines, this is not just a threat, but a big money-maker for the bad guys.
I just wonder if kill switches will help the matter, or if iPhones will just be parted out. Just the screen is $175, and that is on eBay because Apple doesn't have replacements yet. The other components will also be useful, be it the rest of the case, speaker, battery, etc.
Even if the device is completely and utterly bricked, either by a remote erase command (and not able to be activated due to needing the AppleID), or via the GSM/LTE network, the fence who gets the phone will be able to make at least $200 from each stolen device, perhaps far more. There are a lot of iPhone screen repair shops, and one can never know for sure if the screen was purchased from an honest source, or if the screen came from a request reinforced with a knife at the throat. At the right price, the customer wouldn't care. Plus, there are no serial numbers on screens either.
I really do not think blocking iPhones will make a dent in theft. It sure didn't lower the amount of thefts when Apple put in the iOS 7 feature where part of activation was entering in the old AppleID.
You hit the nail on the head. With CDMA providers, unless you buy the device from them, AFAIK, they won't allow it on the network. With GSM providers, if you had an unlocked device with the proper antenna bands, it would work without issue, and just swapping the SIM did the job. No calling up and pleading for permission to use the device, just a card swap and perhaps a power cycle.
A simless device gets us back to the bad old days. With those, I have to beg/plead with the telco in order to have a device allowed on their network, and they can easily just give me the middle finger.
Thumbs down on simless devices.
The only non-enterprise backup utility that can do this client-server motif these days is Retrospect. However, the licensing fees for the server version are atrocious. It works OK with disks, but apparently with optical media like Blu-Rays, it has a very limited hardware list, and anything not on the list will not be allowed to even read backups.
Of course, there is always NetBackup, but the ticket for entry into that ballgame will be six digits.
This may be archaic, but this is one application where tape backups can come in handy. Once data is stashed on a tape and the tape dismounted, it is out of reach to malware looking for anything online to disrupt. WORM tapes even more so, since once the session is closed, it is there for good, so malware can't erase the data that is previously written.
Maybe one idea that might help with this is an external hard drive with a large UDF filesystem. Files can be easily copied to it, but once written, they cannot be deleted. Of course, the malware can fill up the drive with garbage or files similar to the relevant ones making it useless for backups, but the data already written would still be accessible.
Depends on the OS. Server operating systems will have a SmartScreen filter that requests to be set up once the machine is running, and will immediately prompt if it encounters unsigned applications and disallow them to run.
This capability is present in Windows 7 and newer (AppLocker), but it isn't turned on unless someone has the "pro" version and access to gpedit.
I've been hacking together a system on a Windows Server 2012 box, where the clients copy their documents to a directory in their own individual shares, then when done, the directories get moved to another directory not accessible to the clients. Then, later in the night, the deduplication process fires off, so for the most part, only changed in the stored documents are stored. Of course, this may not help if the malware is smart enough to do its dirty work slowly over a period of time where old backups are cycled out.
As the parent stated, probably the best way to deal with this is what the parent stated -- something like the Qubes OS project where every application not just has its own memory space, but has its own filesystem completely separate from the other programs. Add to this a backup program that pulls data from a machine (where the client can only start backups, but cannot access backed up info unless it is directly pushed from the server), and this would provide some answer to ransomware.
The scary thing: Ransomware has been around, but CryptoLocker is really the first shot across the bow that uses browser (or browser add-on) holes, Trojans, and other weaknesses to actively do its dirty work. It also is extremely well engineered where the keys are not findable once the software does its nasty deeds.
Depends on OS. Windows uses snapshot functionality, and in theory, it wouldn't be hard for malware to not bother intercepting the files opened under a backup context so they get backed up encrypted compared to files opened directly by the user.
EFS on NTFS works in a similar fashion. If I back up a directory full of EFS protected files, they are stored encrypted. If I fire up a utility like WinRAR which opens files as an application does, Windows will decrypt the files automatically.
There are levels of civilization and currencies that match those levels.
At the absolute lowest level, the currency and the useful items in question will be one and the same. Food, water, and ammo will be foremost. Since ammo (for the most part) can be considered fungible, it probably will end up the currency at this level of civilization (or lack of) because it has a definite use.
Once things calm down, and there is some security, gold and silver are good for trade because they provide a lot of value in a relatively small package.
Things start stabilizing and financial institutions pop up which get a good reputation, and the precious metals can be replaced by paper redeemable for those metals. This makes trade even easier, and here, there can be more paper out there than precious metals (assuming no complete run on the institution.)
After that, comes fiat currencies and cryptocurrencies (since it takes a lot of infrastructure to validate BitCoin blockchains, as this can't be done offline unless one wants to risk being scammed by double-spenders.)
Using a fiat currency when people are in survival mode will get one laughed at. Even using precious metals when people are trying to survive might even be pointless. The more stable society gets, the more complex the currencies can become and still be accepted.
David Chaum had a pretty good cryptocurrency going that was truly anonymous (blinding factors and everything.)
I remember this from the toad.com Cypherpunks days. However, even though it was a usable currency, it never caught on.
What I can see happening is some "trusted" site (use that word as you may) offering a steady "X" amount of their credits for BitCoins. Then, when people use the Chaumian currency, the transactions are truly anonymous, and when the currency is changed back into BitCoins, no matter how good the blockchain auditing is, the coins are pretty much laundered.
IMHO, CryptoLocker is just the first shot across the bow.
Long term, maybe it will be a good thing, similar to the old PC days where BIOS killing viruses finally got people to actually care about average security or else keep buying new computers.
Of course, malware like this pretty much trashes almost every single backup system known to man. The enterprise is less affected because of programs like NetBackup that pull data, so malicious software is unable to touch previous backups. However, the main form of backups people do (if they bother to do anything) is copying to a secondary hard disk, which allows the backups to be accessed by malware and destroyed. Services like Mozy sort of help, but they might not keep a previous version of a file that hasn't been corrupted by ransomware, especially if the software is relatively slow and encrypts files over a long period of time to escape detection.
What I am waiting to see is Cryptolocker's descendant. This software will install itself through a hole in a Web browser or add-ons. It will install a low level Windows driver. It will then generate a private key and keep it local to the machine, sending a backup to the ransomware's servers. The software will gradually encrypt files over time. However, when an encrypted file is accessed, it will decrypt it on the fly... for a time.
Then, once it completes encrypting files, it will stop decrypting on the fly, purges the private keys it used, then demand ransom. Since this was done over a period of weeks to months, even backups stored on Mozy or other places will be locked out.
Don't forget highly reliable, dependable software coupled with (as per previous postings) top tier customer support.
The Surface Pro is a pretty decent piece of hardware. If MS had a decent dock for it that supported Thunderbolt and USB 3.0 so it could be used with a decent monitor, keyboard, and mouse, it would come close to a desktop replacement, although it may not run the latest Crysis iterations at max settings.
Plus, the Secure UEFI Boot can be switched off to use it as a Linux tablet, should the want/need arise.
I think we all feel that way. However, the average Joe is the one with the money, and keeping him relatively safe is a boon for everyone in the Android ecosystem.
The other answer is to have a locked down platform like iOS where nobody can see a true "#" prompt or know what is going on in the device. Given a choice between a walled garden with no way out, versus one that has walls with a switch to flip to drop the walls as one's will, I'll take the latter.
Google needs to start tiering their store. One tier is stuff actively moderated with strict, Draconian guidelines and perhaps additional fees to support this degree of moderation. This tier would be similar to Amazon's, Microsoft's, or Amazon's store and if an app doesn't toe the line perfectly, it gets pulled without mercy (since it can easily be offered on the "free for all" tier.) The second tier would be what their store is now -- pay a fee for an account, upload, and go from there.
The next step is by default, have Android devices download only from the restricted tier of the Google Play Store, and a checkbox, similar to the one that allows sideloading, for using the open tier of their market. This way, the average Joe who doesn't know or doesn't care about permissions is kept safe from potentially malicious software by only being in the actively moderated tier, but someone who has some sort of a clue can turn that protection off and go for whatever utility they want.
Of course, there is worse in the way of markets. AFIAK, China has no access to the Google Play store, and Chinese app stores may have absolutely zero curation or moderation in place whatsoever, so there may be numerous copies of a perfectly legit app, except only one doesn't bring with it an added payload. To boot, number of downloads isn't a good statistic if bogus store accounts are easily created.
Agreed. The one mitigating factor is that the trade-in value is higher, similar to having 4WD in a pickup.
My biggest complaint about modern US diesels is that they will self-destruct (more realistically, brick themselves) if taken out of the US or Canada, due to the ultra low sulfur versus low sulfur fuels and the new emission systems. Take a Freightliner [1] Sprinter to Mexico and fill it up on low sulfur diesel, and the vehicle's computer will be throwing a code almost immediately, perhaps going into limp home mode soon after (causing very large repair bills, as a plugged DPF can run $3200 as a replacement). Of course, anything above B5 or B10 will also kill the emissions, so dreams of running WMO/WVO are out the window.
[1]: Freightliner or Mercedes. Same vehicle, and the badging can be swapped out to make the local busybodies in a neighborhood happy.
You won't be breaking 0-60 records anywhere near a metro area anyway.
Believe it or not, diesels are getting embraced in the US. The Mercedes Sprinter van is a hit, and both Ford and Fiat (er, Chrysler) are both trying to get some type of decent diesel engine in a van that can compete. This is important because of fleet use of these vehicles.
The "grocery getter" (i.e. half-ton) pickups are getting diesels as well, starting with the Chrysler RAM 1500.
As for hybrids or electric vehicles, I've wondered about just having a pure EV drivetrain, then using a generator from Onan or Kohler mounted onboard with a fuel tank. This would require less time to design around, because the generators are already pre-made, and could be easily replaced if a part fails. Most motorhomes have an onboard genset, usually mounted underneath the rig, and if mounted properly with shock mounts and an exhaust resonator, are not loud.
+1
The books were excellent when I was in high school and learning the basics.
Thank you for making such clear books for an absolute beginner to even get near grokking basic electronics.
Of course, I still suck at soldering (last time I inadvertently made a solder bridge on a 741, and had a prompt magic smoke exit, so I leave that to people with steadier hands.) However, this knowledge helps later on, be it with a solar charging system or other projects.
What will happen is that companies will spawn off sub-contractors which do all the coding and are completely offshore entities.
For example, foocorp spawns off ABC Coders. ABC Coders just does business in one country, selling and maintaining its codebase to foocorp. Foocorp is just a customer, so if a government demands a bug bounty, they would have to go upstream to ABC Coders, and since ABC Coders does not do international business, they can give other nations the middle finger when it comes to their regulations.
I am a fan of the KISS principle.
I like my refrigerator to keep things cold, perhaps make ice. Not act as a TV or entertainment center, nor share data with the world about the expiration date on the cottage cheese stashed in the crisper drawer [1]. Just run the refrigerant around in the tubes to move heat from the inside to the outside until it hits the right temperature, then stop doing so until the temperature warms up enough to restart the cycle.
Same with my A/C or heater. Heat/cool until it hits the right temperature, stop, then resume working when the temperature rises or falls enough.
I don't care to have to worry about additional Wi-Fi connections, security ramifications if the bad guys get on the internal Wi-Fi segment, mass data gathering. I want appliances to do their basic function, and that's that.
The only connected exception would be smoke, water, and burglar alarms, and even then, it should only connect to a dedicated monitoring center and nowhere else.
[1]: One rule -- if it gets on the Internet, it will eventually be public.
USB 3.5 has a completely different connector than legacy cables... one like Apple's Lightning connector that plugs in either way, and can handle a lot more wattage.
Wasn't there prior art, from a Japanese crock pot that had this technology initially?
What would be nice is to not just have power, but to have data and video on this connector. That way, one can have Thunderbolt, HDMI 2, power, 2-3 lanes of USB 3.5, 1-2 lanes of USB 2.0 (for keyboards and HIDs), and of course GigE or 10GigE, all on the same wire.
Of course, with the space freed up on the device with this one port doing virtually everything, maybe device makers might start putting back the Kensington lock slot. It won't stop a determined thief, but it does deal with the casual/opportunistic snatching.