Globalization is a horrible, horrible idea for everyone involved -- except the corporations.
I think the people that make a decent (by local standards) living from working for overseas companies would disagree with you.
The only people that are hurt by globalisation are the rich Westerners, i.e. the people who can most afford it. If you've got somewhere to live, money for 3 good meals a day, clothing, and education, then you're pretty damn well off.
That's what the labels get paid to do though. They recoup almost all the money they front to a band for signing with them, and make not just the lion's share of the profit, but virtually all of the profit. So yes, a good label will turn their newly signed nobodies into megastars, which is great for the nobodies. But the label makes millions of dollars doing so. That ought to be more than sufficient payment.
To use your Coke analogy, it's more like the band is the guy that came up with the recipe but didn't have the money to do anything with it. But rather than sell it to someone who did and walk away with a pleasant bulge in his pocket, he gives the rights to The Company in exchange for a loan, which he spends while working his ass off to build up and market a product and get people to want to buy it, and then if he's successful... he gets to pay back the loan to The Company, and walk away with nothing because he signed over the rights to his recipe in order to get the loan.
The big mystery is why anyone would sign a deal like this. I suppose that's why they refer to the big labels as a "cartel"; either you play by their rules or you stay a nobody. All in the sales pitch, I guess.
Indeed, they probably shifted 50-60 terrabytes (I downloaded the album from an alternate source, but I presume it's what was distributed from Radiohead's site, and comes in at 50 mb), which is a crapload of data and would be extremely expensive. However, I guess this was something of an experiment for them and they wanted to get the statistics from their own server... and cost wasn't really an issue for them.
But if you're truly doing the "tip jar" thing, then it would make more sense to offload the bandwidth costs to your audience by providing a torrent or other P2P download. You'd still provide your own bandwidth, but a cheap server or two will do that amply. Heck, if your band is any good you can probably find a bunch of people willing to donate their own bandwidth to you for no charge.
I think the modern equivalent would be a web scripting language; most likely PHP because it has a very low barrier to entry, but any will do.
It's really easy to start, and you immediately have something "on the internet" which you can show to other people and feel like you're making something cool like all those other web sites you visit.
As a kid I was into game programming, use Borland Turbo C under MS-DOS. Then I got my very own computer in '96 for my birthday, which came with Win95... and suddenly programming on it seemed mighty difficult. Suddenly everything's buried under layers of APIs, and I didn't know where to look for documentation. At that point, I pretty much gave up programming.
At the end of that year I discovered Linux, and of course it became very easy to get a web server up and running with a scripting language - and that was pretty exciting. Suddenly I'm a "web programmer"!
"It's" is a valid contraction of "it is", which is the way it was used both times in that post. The first one (Javascript as it's implemented by Microsoft) seems a bit clumsy though.
Your "(good or bad)" disclaimers notwithstanding, winning the lottery is a positive thing; dying in a car crash is a negative thing. People, being more emotional than rational, emphasise the potential good repercussions of their actions, but trivialise or ignore the potential bad outcomes. The person buying a lotto ticket is thinking about the possibility of winning millions of dollars. The person getting in to their car to go to work isn't thinking about the possibility of dying on the way there.
So while your comment is insightful in a way, it doesn't actually mean anything with regards to people's lottery habits. I for one don't buy tickets because I can't be bothered; but if I was able to set up an automatic $10 debit of my credit card each week to enter, I'd certainly do it. Virtually no real cost to me, with the potential for a very substantial, very much positive, lifestyle change. Absolute no-brainer. Also, the fact that some of the money goes to worthwhile causes makes it easy to rationalise the cost, if the potential payout alone isn't sufficient.
If the Mac machine's browser is set to to open 'Safe' files after downloading, the.dmg gets mounted and the Installer is launched.
Isn't this essentially equivalent to having.exe's listed as "Safe" files on a Windows machine?
Am I the only one that thinks it's strange that enabling auto-opening of "safe" files will cause it to automatically mount and execute an installer? Does this happen if it's not a user-initiated download? Is "the Installer" a piece of Apple software (package management type thing) or is this more like Autorun in Windows?
Is the default setting for Safari to open Safe files automatically after download, or does the user have to enable this option?
Nicely put, but consider: the sum total of human achievement is increased in millions of ways every single day in ways which have never been reported on, because... it's not actually newsworthy. It's more like, completely expected.
A lack of human achievement would be newsworthy. Hmmm. Perhaps that's why politics gets so much coverage...
Eh, I perpetually have "Excellent" karma, and I don't post much, and my posts aren't particularly insightful or interesting. Karma doesn't seem terribly difficult to come by here.
Also, now that the dust has settled... the "karma burning" original post is scored +5, Informative. Oh gee, ouch.
I read a book about a Russian submarine that sunk while within range of the US coastline (in range of which city I can't recall) during the Cold War. Big cover up regarding it and the operation the US launched to retrieve it, but the book's conjecture based on the available evidence (odd circumstances surrounding the submarine's departure, damage to its conning tower, evidence that most of the crew had been locked in the rear compartments at the type of the accident) was that a special squad was assigned to the submarine, overpowered the crew when they were in range, and attempted to launch the missiles.
Apparently the safeguards surrounding the launch of these types of weapons were fairly tight (as one would hope), and the team trying to launch the weapons didn't do everything properly. The result was a detonation in the missile tube which sunk the boat.
If that conjecture is true, then we came very close to a nuclear war.
For the same reason that having any one player, especially a commercial organisation, attain a completely dominant position is a Very Bad Thing. The canonical example is of course Microsoft. When there's lots of competition, the only way to compete is to offer your (potential) customers something better than the competition does. Once you have a massive advantage in terms of market share, you're pretty much free to do whatever boosts your own profit -- and that very rarely aligns with what your customers would like to see, or "forward progress" in general.
In fact, publically traded companies (not sure if Facebook is, but I presume Microsoft must be expecting some sort of return on its recent investment) are required to maximise profits. So any corporation with a "near-monopoly" is pretty much required by the law to screw over its customers and set progress back a decade if by doing so it can maintain its status and maximise profits.
I'm not really sure that it matters in this case, though I guess some people think social networking sites are tremendously important, otherwise this article wouldn't be here. Even if they are important, it's not necessary for an open source "replacement" to appear; though I guess some people seem to think OSS is powered by magical pixies. Plus, an OSS solution would pretty much imply there's no single player with undue control.
In summary, it's offensive to some because a for-profit entity which appears to be staffed largely by immature people who have no respect for the privacy of their users has access to a lot of people's personal information. To me, it pales in comparison to say Google; but on the other hand, Google seem to actually have a reasonable track record regarding personal information, and generally behave in the manner in which systems administrators are expected to behave.
Step 1: obtain username and password for some random domain. Phishing, keylogging, guessing, whatever floats your boat. You're not targeting a particular domain so this is pretty easy really.
Step 2: login to web interface of the sponsoring registrar.
Step 3: change name servers to IP addresses of your choice.
Step 4: change the password, registered email address, etc.
In step 3, you'd choose name servers which are already serving the same zone as the original name servers, so nobody notices their domain just stopped working. The new servers now have some additional records.
Realistically though, they probably register the domains in someone else's name using stolen credit card numbers (as an AC already said). I think there's also a cooloff period whereby you can "return" a domain name without charge within a few days, so that combined with stolen cards means the owner of the card is unlikely to ever notice.
We have a similar clause in the copyright page on our site. Pretty much everyone has argued about its stupidity, lack of enforceability, and the fact that it runs counter to what we want (of course we want people to link to our website!).
The reason given by the people that insisted it be there is that they're scared some people we'd rather not be associated with will link to us, and that someone somewhere will somehow construe the link to our site as an endorsement of the linking site by us. For example, a porn site might make a link to us saying we're a good state for making porn in (we're in the tourism industry, so our site is about our state and why you should visit it) and someone will be offended by that.
Obviously it's a load of nonsense and is embarrassing to most of us, but sometimes you just can't convince people to use basic common sense. (I guess that applies doubly to lawyers?)
Okay, you're right. But even the product page didn't make it especially clear, IMHO.
I'm finally convinced by comments from the developers on Ari's blog,
wherein they indicate that they had to sacrifice the internal card and full-sized SD slot due to the smaller form factor. It's a bit of a disappointment, but I don't think the n810 is sufficiently improved to warrant buying to replace my n800; seems it may simply be intended as an "alternate design" n800.
Yes but the people on Slashdot are NOT a large segment of the population.
Oh great, another rant about how "if it doesn't work out of the box then ma and pa won't use it and it's not worth making". Goddammit, geeks are people too, and deserve cool toys. What's more, we can usually afford to pay for them!
I have to admit I don't see the value of having a portable IM.
Wait a minute... You started out responding to a post in which a not-very-savvy wife seems to like a portable IM by saying that doesn't matter cos this is slashdot, then you say you don't see the value in a portable IM as if that somehow matters (you're on slashdot after all).
People can just sms me. Maybe I should write and Jabber/sms gateway for my server at home. I could hook it up to gtalk and people could IM me and have it go to my cell phone...
Now the trick would be going back the other way.
And NOW you're talking about rigging up some crazy SMS <-> gtalk gateway so people can IM you on your phone via SMS?!? I think you just proved very eloquently why some people might think a mobile IM client that "just works" is a good thing. Not to mention that IM over the internets is typically cheaper than SMS.
N800 takes two full-size SDHC, N810 takes one MiniSD HC
According to TFA, it's the same as the n800: Like the older N800, the N810 boasts... two SD card slots supporting cards up to 8GB apiece.
What's interesting is that in the specs area it lists "2 GB internal memory", and "Expansion slot supports flash cards up to 8GB; compatible with miniSD and microSD with extender".
I think this probably indicates its memory configuration is identical to the n800 - two SD slots, one a pain to access (internal) the other easy (external), and it probably ships with a 2 GB card.
I objected to the idea that shooting someone on their own property could be justified solely on the basis of an unverified anonymous tip, when they could quite reasonably be acting in self-defense. The situation would've been different if they'd verified that someone was actually in danger.
I think the problem is that they don't have any way to verify someone is actually in danger. They can't just call them up and ask if there really is a problem, because a) that would tell the bad guys that someone there called for help, and b) the bad guys themselves might answer and say everything's fine (or coerce the resident to answer and say everything's fine). Likewise, knocking on the door and politely waiting for an answer is just going to give the bad guys time to barricade themselves in.
The main reason for the "hard and fast" response, after all, is to avoid giving the perpetrators time to plan a response. You want to plunge their world into chaos, and a heavily armed assault team is a good way to do that, as it tends to unnerve people, and they decide that doing what the scary man is screaming at him to do is a damned good idea. Calling ahead or announcing your arrival gives the suspects time to prepare for that, which greatly increases the danger for the entry team as well for any hostages.
Moreover, if the SWAT team hasn't yet verified the caller's claims first-hand, then they have to assume that the owner is merely acting in self-defense.
I don't think that's really the team's responsibility, any more than it's a police officer's responsibility to personally verify that the guy they've been told to arrest actually committed the crime. That's sorted out by someone else, and someone with the authority to do so tells them to arrest them. Same deal with SWAT teams. They've been told, by someone who they implicitly trust to provide reasonably accurate information, that there's a deranged guy with a gun who's already shot someone and intends to shoot at least one more person. How do they verify this without putting themselves and their mission in jeopardy?
Any threat to the SWAT team itself is due to their own uninvited and highly suspicious presence
That's only if you assume it's a hoax call. If it's a real call (like the vast majority are), then the threat to the SWAT team is exactly what they've been told to expect: deranged guy with a gun who seems quite willing to use it, and potentially additional armed people the caller wasn't aware of. Yes, the team wouldn't be in danger if they didn't show up uninvited -- but that's their damned job!
Ultimately, they're using the caller ID system as verification, on the assumption that people won't call with a story that would result in an armed response to their own home if they didn't need one. That's a reasonable assumption IMHO. The only solution is to fix the system so it can't be tricked. If that can't be done, then yes -- they need to alter procedures to treat all calls as suspect, with the resulting increase in risk to all involved.
Generally I would consider someone to be at fault if they choose enter someone else's property without permission and end up shooting the owner.
SWAT teams specifically deal with "high-risk" warrants, i.e. cases where they are trying to arrest people who are believed to be armed and dangerous. Or do you think that if you commit a violent crime, you should be able to just go home and be perfectly safe from any form of police response, like in a video game?
In the situation we're discussing, the 911 system has been 'hacked' and the SWAT team are given bogus information. They don't know it's bogus: they're responding to the kind of dangerous situation that they are supposed to respond to. If someone at that premises appears to be an imminent threat to them, of course they're going to respond with force, often lethal force.
This is the reason for the outrage: you're sending people who are amped up and expecting to encounter life-or-death situations to some random person's house. If someone points a comb or remote control at them in poor lighting, they're going to assume it's a gun (they wouldn't be there if the person wasn't considered too dangerous for the regular police).
One big question is, why is a purely electronic hack able to mobilise a SWAT team? Surely there should be more checks and balances than that. Why is it possible to mobilise a response like this without someone in charging physically seeing and verifying a warrant?
I check the machine making the connection. So if it attempts to present as a particular machine _and I check the PTR against it_ I reject the mail out of hand if they don't match.
Right, I'm with you. It is effective, but I tend to find this generates too many false positives. I merely block non-FQDN HELOs, but have to make exceptions for even that on occasion. Trying to convince people to configure their systems properly is often futile, as I'm about to demonstrate...
It's not an option. It's required.
For practical purposes, it is optional. Almost nothing does reverse DNS lookups, and only a subset of those actually care about the results. SMTP is one of them, which is why I bother there. The only other one I can think of at the moment is IRC, and that's pretty much just a vanity thing. I also got my ISP to set a PTR for our NTP server when I added it to the pool, but that's also purely a vanity thing (maybe some geek somewhere will notice he's got a good time source, look up the IP, and think better of our organisation... which will somehow benefit us in an even more roundabout manner). While I appreciate you being a stickler for doing things The Right Way, in actual practice there is zero benefit to setting correct PTRs for the vast majority of applications, which is why almost nobody does it, and looks at you funny when you tell them they ought to / have to.
if everyone does set up properly matching PTR and address records, how will that help? See above.
I meant, how will it help in the long term? While your method is quite effective at the moment (with the false positives caveat, which may or may not matter depending on the purpose of your SMTP service), it's a lot like greylisting: wonderfully effective to start with, but losing effectiveness as spammers make their bots a bit smarter. It's not entirely rocket-science to work out one's correct internet-facing IP address, do a DNS lookup, and then use that in your HELO's from now on; and if an SMTP client connects to you from 68.42.86.74 and claims to be "c-68-42-86-74.hsd1.mi.comcast.net" how are you going to decide it's a zombie spambot?
The only reason spammers don't already do this is because it's slightly more effort to code, and the gain from it is minimal until a significant number of people perform the check you suggest. If more people did that, it'd become worthwhile for the spammers to make their bots that tiny bit smarter, and the check would become much less useful.
In fact, if everyone set up matching PTRs and A records for every IP, then that combined with slightly smarter bots that use their real hostname in the HELO would completely undermine the effectiveness of your HELO/PTR check. Wouldn't it?
That only works for going after uploaders, not downloaders.
Also, most providers have "anonymous" posting, especially the kind of provider that advertises high retention of binary groups. So although you can find out what server or provider the uploader is using, you'd need to subpoena the operator's records to get an IP address. I suspect most of the big Usenet hosts go to great lengths to avoid logging info about who did what, and certainly avoid keeping what logs they do have for very long.
Slashdot Mirror
Looks to me like the buffalo's pulling a person carrying a plow. I'm not sure that counts. ;)
I think the people that make a decent (by local standards) living from working for overseas companies would disagree with you.
The only people that are hurt by globalisation are the rich Westerners, i.e. the people who can most afford it. If you've got somewhere to live, money for 3 good meals a day, clothing, and education, then you're pretty damn well off.
That's what the labels get paid to do though. They recoup almost all the money they front to a band for signing with them, and make not just the lion's share of the profit, but virtually all of the profit. So yes, a good label will turn their newly signed nobodies into megastars, which is great for the nobodies. But the label makes millions of dollars doing so. That ought to be more than sufficient payment.
To use your Coke analogy, it's more like the band is the guy that came up with the recipe but didn't have the money to do anything with it. But rather than sell it to someone who did and walk away with a pleasant bulge in his pocket, he gives the rights to The Company in exchange for a loan, which he spends while working his ass off to build up and market a product and get people to want to buy it, and then if he's successful... he gets to pay back the loan to The Company, and walk away with nothing because he signed over the rights to his recipe in order to get the loan.
The big mystery is why anyone would sign a deal like this. I suppose that's why they refer to the big labels as a "cartel"; either you play by their rules or you stay a nobody. All in the sales pitch, I guess.
Indeed, they probably shifted 50-60 terrabytes (I downloaded the album from an alternate source, but I presume it's what was distributed from Radiohead's site, and comes in at 50 mb), which is a crapload of data and would be extremely expensive. However, I guess this was something of an experiment for them and they wanted to get the statistics from their own server... and cost wasn't really an issue for them.
But if you're truly doing the "tip jar" thing, then it would make more sense to offload the bandwidth costs to your audience by providing a torrent or other P2P download. You'd still provide your own bandwidth, but a cheap server or two will do that amply. Heck, if your band is any good you can probably find a bunch of people willing to donate their own bandwidth to you for no charge.
I think the modern equivalent would be a web scripting language; most likely PHP because it has a very low barrier to entry, but any will do.
It's really easy to start, and you immediately have something "on the internet" which you can show to other people and feel like you're making something cool like all those other web sites you visit.
As a kid I was into game programming, use Borland Turbo C under MS-DOS. Then I got my very own computer in '96 for my birthday, which came with Win95... and suddenly programming on it seemed mighty difficult. Suddenly everything's buried under layers of APIs, and I didn't know where to look for documentation. At that point, I pretty much gave up programming.
At the end of that year I discovered Linux, and of course it became very easy to get a web server up and running with a scripting language - and that was pretty exciting. Suddenly I'm a "web programmer"!
That's terrible! I never cared much for Gates' business practices, but I never thought he was such a horrible person!
Thank you for sharing with us what that monster is really like. Boycott Microsoft!
"It's" is a valid contraction of "it is", which is the way it was used both times in that post. The first one (Javascript as it's implemented by Microsoft) seems a bit clumsy though.
Your "(good or bad)" disclaimers notwithstanding, winning the lottery is a positive thing; dying in a car crash is a negative thing. People, being more emotional than rational, emphasise the potential good repercussions of their actions, but trivialise or ignore the potential bad outcomes. The person buying a lotto ticket is thinking about the possibility of winning millions of dollars. The person getting in to their car to go to work isn't thinking about the possibility of dying on the way there.
So while your comment is insightful in a way, it doesn't actually mean anything with regards to people's lottery habits. I for one don't buy tickets because I can't be bothered; but if I was able to set up an automatic $10 debit of my credit card each week to enter, I'd certainly do it. Virtually no real cost to me, with the potential for a very substantial, very much positive, lifestyle change. Absolute no-brainer. Also, the fact that some of the money goes to worthwhile causes makes it easy to rationalise the cost, if the potential payout alone isn't sufficient.
Isn't this essentially equivalent to having .exe's listed as "Safe" files on a Windows machine?
Am I the only one that thinks it's strange that enabling auto-opening of "safe" files will cause it to automatically mount and execute an installer? Does this happen if it's not a user-initiated download? Is "the Installer" a piece of Apple software (package management type thing) or is this more like Autorun in Windows?
Is the default setting for Safari to open Safe files automatically after download, or does the user have to enable this option?
Nicely put, but consider: the sum total of human achievement is increased in millions of ways every single day in ways which have never been reported on, because... it's not actually newsworthy. It's more like, completely expected.
A lack of human achievement would be newsworthy. Hmmm. Perhaps that's why politics gets so much coverage...
Eh, I perpetually have "Excellent" karma, and I don't post much, and my posts aren't particularly insightful or interesting. Karma doesn't seem terribly difficult to come by here.
Also, now that the dust has settled... the "karma burning" original post is scored +5, Informative. Oh gee, ouch.
I read a book about a Russian submarine that sunk while within range of the US coastline (in range of which city I can't recall) during the Cold War. Big cover up regarding it and the operation the US launched to retrieve it, but the book's conjecture based on the available evidence (odd circumstances surrounding the submarine's departure, damage to its conning tower, evidence that most of the crew had been locked in the rear compartments at the type of the accident) was that a special squad was assigned to the submarine, overpowered the crew when they were in range, and attempted to launch the missiles.
Apparently the safeguards surrounding the launch of these types of weapons were fairly tight (as one would hope), and the team trying to launch the weapons didn't do everything properly. The result was a detonation in the missile tube which sunk the boat.
If that conjecture is true, then we came very close to a nuclear war.
For the same reason that having any one player, especially a commercial organisation, attain a completely dominant position is a Very Bad Thing. The canonical example is of course Microsoft. When there's lots of competition, the only way to compete is to offer your (potential) customers something better than the competition does. Once you have a massive advantage in terms of market share, you're pretty much free to do whatever boosts your own profit -- and that very rarely aligns with what your customers would like to see, or "forward progress" in general.
In fact, publically traded companies (not sure if Facebook is, but I presume Microsoft must be expecting some sort of return on its recent investment) are required to maximise profits. So any corporation with a "near-monopoly" is pretty much required by the law to screw over its customers and set progress back a decade if by doing so it can maintain its status and maximise profits.
I'm not really sure that it matters in this case, though I guess some people think social networking sites are tremendously important, otherwise this article wouldn't be here. Even if they are important, it's not necessary for an open source "replacement" to appear; though I guess some people seem to think OSS is powered by magical pixies. Plus, an OSS solution would pretty much imply there's no single player with undue control.
In summary, it's offensive to some because a for-profit entity which appears to be staffed largely by immature people who have no respect for the privacy of their users has access to a lot of people's personal information. To me, it pales in comparison to say Google; but on the other hand, Google seem to actually have a reasonable track record regarding personal information, and generally behave in the manner in which systems administrators are expected to behave.
Step 1: obtain username and password for some random domain. Phishing, keylogging, guessing, whatever floats your boat. You're not targeting a particular domain so this is pretty easy really.
Step 2: login to web interface of the sponsoring registrar.
Step 3: change name servers to IP addresses of your choice.
Step 4: change the password, registered email address, etc.
In step 3, you'd choose name servers which are already serving the same zone as the original name servers, so nobody notices their domain just stopped working. The new servers now have some additional records.
Realistically though, they probably register the domains in someone else's name using stolen credit card numbers (as an AC already said). I think there's also a cooloff period whereby you can "return" a domain name without charge within a few days, so that combined with stolen cards means the owner of the card is unlikely to ever notice.
We have a similar clause in the copyright page on our site. Pretty much everyone has argued about its stupidity, lack of enforceability, and the fact that it runs counter to what we want (of course we want people to link to our website!).
The reason given by the people that insisted it be there is that they're scared some people we'd rather not be associated with will link to us, and that someone somewhere will somehow construe the link to our site as an endorsement of the linking site by us. For example, a porn site might make a link to us saying we're a good state for making porn in (we're in the tourism industry, so our site is about our state and why you should visit it) and someone will be offended by that.
Obviously it's a load of nonsense and is embarrassing to most of us, but sometimes you just can't convince people to use basic common sense. (I guess that applies doubly to lawyers?)
Okay, you're right. But even the product page didn't make it especially clear, IMHO.
I'm finally convinced by comments from the developers on Ari's blog, wherein they indicate that they had to sacrifice the internal card and full-sized SD slot due to the smaller form factor. It's a bit of a disappointment, but I don't think the n810 is sufficiently improved to warrant buying to replace my n800; seems it may simply be intended as an "alternate design" n800.
Where are people getting the "one miniSD slot" thing from? TFA makes it sound like it's the same as the n800.
Oh great, another rant about how "if it doesn't work out of the box then ma and pa won't use it and it's not worth making". Goddammit, geeks are people too, and deserve cool toys. What's more, we can usually afford to pay for them!
I have to admit I don't see the value of having a portable IM.Wait a minute ... You started out responding to a post in which a not-very-savvy wife seems to like a portable IM by saying that doesn't matter cos this is slashdot, then you say you don't see the value in a portable IM as if that somehow matters (you're on slashdot after all).
People can just sms me. Maybe I should write and Jabber/sms gateway for my server at home. I could hook it up to gtalk and people could IM me and have it go to my cell phone... Now the trick would be going back the other way.And NOW you're talking about rigging up some crazy SMS <-> gtalk gateway so people can IM you on your phone via SMS?!? I think you just proved very eloquently why some people might think a mobile IM client that "just works" is a good thing. Not to mention that IM over the internets is typically cheaper than SMS.
Also, my heard hurts.
According to TFA, it's the same as the n800: Like the older N800, the N810 boasts ... two SD card slots supporting cards up to 8GB apiece.
What's interesting is that in the specs area it lists "2 GB internal memory", and "Expansion slot supports flash cards up to 8GB; compatible with miniSD and microSD with extender".
I think this probably indicates its memory configuration is identical to the n800 - two SD slots, one a pain to access (internal) the other easy (external), and it probably ships with a 2 GB card.
I think the problem is that they don't have any way to verify someone is actually in danger. They can't just call them up and ask if there really is a problem, because a) that would tell the bad guys that someone there called for help, and b) the bad guys themselves might answer and say everything's fine (or coerce the resident to answer and say everything's fine). Likewise, knocking on the door and politely waiting for an answer is just going to give the bad guys time to barricade themselves in.
The main reason for the "hard and fast" response, after all, is to avoid giving the perpetrators time to plan a response. You want to plunge their world into chaos, and a heavily armed assault team is a good way to do that, as it tends to unnerve people, and they decide that doing what the scary man is screaming at him to do is a damned good idea. Calling ahead or announcing your arrival gives the suspects time to prepare for that, which greatly increases the danger for the entry team as well for any hostages.
Moreover, if the SWAT team hasn't yet verified the caller's claims first-hand, then they have to assume that the owner is merely acting in self-defense.I don't think that's really the team's responsibility, any more than it's a police officer's responsibility to personally verify that the guy they've been told to arrest actually committed the crime. That's sorted out by someone else, and someone with the authority to do so tells them to arrest them. Same deal with SWAT teams. They've been told, by someone who they implicitly trust to provide reasonably accurate information, that there's a deranged guy with a gun who's already shot someone and intends to shoot at least one more person. How do they verify this without putting themselves and their mission in jeopardy?
Any threat to the SWAT team itself is due to their own uninvited and highly suspicious presenceThat's only if you assume it's a hoax call. If it's a real call (like the vast majority are), then the threat to the SWAT team is exactly what they've been told to expect: deranged guy with a gun who seems quite willing to use it, and potentially additional armed people the caller wasn't aware of. Yes, the team wouldn't be in danger if they didn't show up uninvited -- but that's their damned job!
Ultimately, they're using the caller ID system as verification, on the assumption that people won't call with a story that would result in an armed response to their own home if they didn't need one. That's a reasonable assumption IMHO. The only solution is to fix the system so it can't be tricked. If that can't be done, then yes -- they need to alter procedures to treat all calls as suspect, with the resulting increase in risk to all involved.
I think Radiohead already have enough money to live the Lotto life if they want to.
SWAT teams specifically deal with "high-risk" warrants, i.e. cases where they are trying to arrest people who are believed to be armed and dangerous. Or do you think that if you commit a violent crime, you should be able to just go home and be perfectly safe from any form of police response, like in a video game?
In the situation we're discussing, the 911 system has been 'hacked' and the SWAT team are given bogus information. They don't know it's bogus: they're responding to the kind of dangerous situation that they are supposed to respond to. If someone at that premises appears to be an imminent threat to them, of course they're going to respond with force, often lethal force.
This is the reason for the outrage: you're sending people who are amped up and expecting to encounter life-or-death situations to some random person's house. If someone points a comb or remote control at them in poor lighting, they're going to assume it's a gun (they wouldn't be there if the person wasn't considered too dangerous for the regular police).
One big question is, why is a purely electronic hack able to mobilise a SWAT team? Surely there should be more checks and balances than that. Why is it possible to mobilise a response like this without someone in charging physically seeing and verifying a warrant?
Yeah, everyone knows it's 000!
(Or 112 from a GSM phone.)
Right, I'm with you. It is effective, but I tend to find this generates too many false positives. I merely block non-FQDN HELOs, but have to make exceptions for even that on occasion. Trying to convince people to configure their systems properly is often futile, as I'm about to demonstrate...
It's not an option. It's required.For practical purposes, it is optional. Almost nothing does reverse DNS lookups, and only a subset of those actually care about the results. SMTP is one of them, which is why I bother there. The only other one I can think of at the moment is IRC, and that's pretty much just a vanity thing. I also got my ISP to set a PTR for our NTP server when I added it to the pool, but that's also purely a vanity thing (maybe some geek somewhere will notice he's got a good time source, look up the IP, and think better of our organisation... which will somehow benefit us in an even more roundabout manner). While I appreciate you being a stickler for doing things The Right Way, in actual practice there is zero benefit to setting correct PTRs for the vast majority of applications, which is why almost nobody does it, and looks at you funny when you tell them they ought to / have to.
if everyone does set up properly matching PTR and address records, how will that help? See above.I meant, how will it help in the long term? While your method is quite effective at the moment (with the false positives caveat, which may or may not matter depending on the purpose of your SMTP service), it's a lot like greylisting: wonderfully effective to start with, but losing effectiveness as spammers make their bots a bit smarter. It's not entirely rocket-science to work out one's correct internet-facing IP address, do a DNS lookup, and then use that in your HELO's from now on; and if an SMTP client connects to you from 68.42.86.74 and claims to be "c-68-42-86-74.hsd1.mi.comcast.net" how are you going to decide it's a zombie spambot?
The only reason spammers don't already do this is because it's slightly more effort to code, and the gain from it is minimal until a significant number of people perform the check you suggest. If more people did that, it'd become worthwhile for the spammers to make their bots that tiny bit smarter, and the check would become much less useful.
In fact, if everyone set up matching PTRs and A records for every IP, then that combined with slightly smarter bots that use their real hostname in the HELO would completely undermine the effectiveness of your HELO/PTR check. Wouldn't it?
That only works for going after uploaders, not downloaders.
Also, most providers have "anonymous" posting, especially the kind of provider that advertises high retention of binary groups. So although you can find out what server or provider the uploader is using, you'd need to subpoena the operator's records to get an IP address. I suspect most of the big Usenet hosts go to great lengths to avoid logging info about who did what, and certainly avoid keeping what logs they do have for very long.