Maybe because organised crime could find a lot of uses for a database of the faces of police officers?
If organized crime cares, it can just buy copies of HR documents on each police officer. Or if the mafia has nothing better to do, they may send some kids to take photos of officers and then follow them home. Over time they will get everyone, and it's 100% legal.
Besides, police officers interact primarily with lawbreakers. They already show them their faces and their badges. A LEO in Las Vegas has no reason to be worried that some geek in China will see his face. That LEO better be worried that a local gangbanger saw him and followed him home. And you don't need a camera for that; binoculars would be far more effective.
Police objects to recording of their actions for only one reason: their actions can be used to hang them. Everyone makes mistakes. Raise your hand everyone who hasn't exceeded the posted speed even for one second on your way to work today. Won't be many hands raised, unless you all rode bicycles. Now imagine that the car automatically fines you each time when the number '65' changes to '66'. It wouldn't be worth going to work. In case of police, their errors (regardless of the reason) *also* can have them punished, fired or accused of a crime. Naturally they don't want this to happen. Neither do I or you, but we can't forbid others from seeing our misdeeds. Police can, currently, but that's wrong. If some officers say "we do dangerous work, with gun in hand, so if we shoot a family dog or a kid now and then we shouldn't be accountable." If they can't do their job safely and within the law they should quit; and if the whole police force quits then Wild West, here we come, for better or for worse.
If I want it, only then does the marketer actually mail it
A lot of advertising is done against your will. The advertisers try to force their product into your field of view because they know how that works - you remember what you have seen or heard, even if you don't memorize it intentionally. Mattress Discounters, may you burn in hell!:-) I threw a pound of flyers out last time, but one was from Lowe's and another from Walgreens. Guess what, I need to buy something in both of them! But if a complicated protocol is standing between the ad and my eyes then most likely I'd never see it firsthand; I'd just ban Lowe's and Walgreens and Ace Hardware and OSH even though I buy things in all these stores now and then. So advertisers will not want this approach - it's race to the bottom because once you are banned by the reader you will never be unbanned.
Specifically, I want a virtual PO Box. All my mail would go to a processing center where the front and back of each item is scanned, OCRed, and placed on a web site where I can look at it all. I can then direct them to send or shred any individual item. Because the return address, etc, is OCRed, I can also set up filters for mail I want automatically delivered, like bills.
I'm unsure how you can automate scanning of flyers and other assorted packing materials that they send you once or twice per week. And if you don't do that then filters won't work. USPS gets money for delivery of that junk, so it has to at least offer it to you - it can't dump it right away.
There is also a problem of magazines, catalogs, and whatnot that is large and has pages. It has to be manually handled, so that only top and bottom are scanned - and not some random pages. Each scan must be confirmed (by a human) to be legible. Then all that stuff has to be stored at the post office for some long time (before it is returned) even if you are checking that Web site every day or two. This calls for construction of new automated warehouses at high price - instead of just dumping the paper into your mailbox and letting God^Wyou sort it out.
Also in terms of time, it is much faster to sort the junk mail when you have it in your hands. You don't need to click and zoom on something; and if the nature of the mail is unclear, tear the envelope open and see if this is a bill for a service that you need, or an ad about replacement of your water heater. It's hard to misidentify things when you hold them; but it's much easier if they are just pictures on the screen. It is also essential that every item is correctly tagged and stored, so when you command the system to junk some postcard from some real estate agent the system doesn't junk the bill for your Internet service:-) This has to be automated, otherwise there isn't enough people on this planet to run it by hand.
If such a system is created then USPS will see considerable drop in revenue, even though they can lay some people off too. The broken glass will not be broken anymore. Your purchase of pizza will not be paying salary of your postman. This may be the right thing to do, but one can't claim that USPS profits will increase. Consider that after the USPS invests into those multi-million warehouses and robots - warehouses that are designed to hold the junk mail - the volume of that junk mail drops like a stone, and then those warehouses turn into a bad investment. USPS will go bankrupt because it *already* took a credit to build all that stuff, and now it has no money to repay the investors.
About the only things I every send through the mail are to services living in the internet dark ages of yesteryear (primarily government services).
Definitely not just them. A couple of weeks ago my insurance company sent me another bill, and somewhere there they made a wonderful offer of paying electronically - 12 payments per year, with each payment costing me just one dollar extra! I sent them a check for the whole sum, of course, at the cost of 44 cents. They are not alone in that. Electronic payments are not free, and someone has to pay for it. Checks are free, however irrational that may sound.
If theft is a problem for you locally, you have two options as I see it: 1) set up surveillance cameras of your own, and catch the perpetrators. The police will probably be happy to bust the teenage punks stealing your mail. 2) Get a PO Box.
With regard to your (1), the camera is not an evidence that you can take to the court, and the sheriff won't bother arresting someone - even teenage punks - just because someone may have seen them somewhere. (If that would be the case, graffiti couldn't exist.) It takes some good evidence to arrest; you wouldn't want to be arrested yourself just because something resembling your face was seen on a security camera, in darkness.
From the research on/. it is pretty clear that the functionality that they are so carefully constructing existed since times of Windows for Workgroups, and that was back in 199x.
Lack of value of this proposition for businesses that are just a notch above a mom-and-pop shop comes from two sources:
Costs
Data security
Anyone who has a shared network drive for any purpose already has this "dropbox" thing. Maybe it doesn't do revisions, but IRL most people (who are not programmers) avoid revisions because it's easier to save a file as $foo_revA.doc and be done with it. It's also easier to retrieve it, and compare. Don't forget that MS has Sharepoint, and though from technical POV it is pretty bad, companies invest into it and use it... because it handles their data well enough. And we should not forget about permissions - for the whole site, for projects, for documents... businesses not only need them, they often must have them, by law (such as ITAR, for example.) Similarly, businesses have data retention policies that enforce lifecycle of certain documents; this is not possible if you are not in control of the data.
Since any business with more than 3-4 workers has a server somewhere, this service is of little use to them. Why do you think so many people on/. (of all places) haven't heard about Dropbox? Because it is a niche app that doesn't do much above what is already available. It may be nicer in terms of GUI, allows you to work offline and sync on connect, etc. - such things are neat but they are not really necessary. Google Documents is a good fit for a low level collaboration already, and that covers most of the niche that even wants it.
From what I learned about this thing over the last day, their primary market will be sync to smartphones, done by mostly private persons. Any company that is not out of its mind will forbid such a thing because sending company documents "somewhere into the cloud" and out of your control is insane. Unless Dropbox is planning to reduce the free storage from 2 GB to, say, 2 MB, most of their users will not be paying. Maybe students who work together on a project will use Dropbox, but then they aren't rich enough to pay, and there aren't enough of them. Maybe a 2-3 man startup will use Dropbox, until they get the real infrastructure. A local server costs very little and can be bought as a NAS box. Even if they buy 20 GB accounts, what kind of an Internet pipe one must have to access that much data on a regular basis? It just doesn't make sense if you have a 1 Gbps Ethernet at the office. Time is expensive.
So this is my reasoning, and this is why I do not expect them to be very successful - especially considering the cash that VCs already poured into this company. Their Web site doesn't create an impression that they have a business plan, and their burn rate (head count) for this little app is amazing.
Processors for mobile applications can change the clock far more than 10%. But there is a better solution. Leave the clock alone, just don't do anything useful in most of the clock cycles. Here is a piece of code that would fetch the instruction this way:
I live & work in the valley, but I have no interest in another dot-com that seems to be in a hurry to burn through all their funding while not delivering an application of debatable value to most people. Even if they are wildly successful they will be occupying a small niche and providing free services to most of their clients.
The dropbox home page has a huge, prominent video right in the middle of the page. Did you try watching that?
I also tried to find a description, and failing that I stumbled upon that ginormous button. No, I haven't even considered watching the video. If a company with 30 employees and VC financing can't write one paragraph of text then I'm not interested in their videos.
Besides, a whole lot of people on Earth can passably read English, with a dictionary perhaps. In worst case they can print it and show someone. Many of the same people can't understand spoken American English well enough. This insistence on video looks a lot like arrogance.
This kill switch will help in casual theft cases. Drunk corporate officer leaves laptop in nightclub. It gets grabbed by a club rat. Next day, IT disables the CPU.
I fail to see the advantage of disabling the CPU here, as long as the laptop already has full disk encryption. It is completely integrated (we used PGP Whole Disk Encryption) and invisible to the user; it's just you enter your password earlier.
With regard to the recovery of the laptop, both this "kill switch" and the WDE do the same thing; you reenter the key and the HDD gets decrypted. The difference is small and technical: the kill switch physically wipes the key from the integrated TPM, whereas WDE simply doesn't have the necessary secret (your passphrase) to generate the HDD decryption key.
If we start assuming that the passphrase is known to the thief then all bets are off anyway - he can instantly boot it up and copy the data before the loss is detected, even if you use an ansible to send the signal. Your drunken sales droid is not likely to realize that the notebook is lost until he wakes up in the morning, and there wouldn't be any password written on the laptop itself.
An industrial spy can steal a notebook from a company office. They actually do that, and it's not too difficult. They dress appropriately, tailgate an employee, look around, take what they need and leave, all within 5 minutes. In a larger office there is no way for workers to detect an extra person. In this scenario if the password is written somewhere at the cubicle the thief can have it. Then both methods converge - the thief takes the laptop into a shielded room (a basement) and does his thing there.
You pay for the WDE software only once (as opposed to the continuous 3G service.) Then the laptop doesn't depend on 3G availability to lock the thief out - it's safe by default. This means that you have to have WDE anyway. So what exactly the CPU block buys you if the HDD can't be accessed? Do you (or the company) want to pay money for the service to simply annoy the thief? Most companies can't care less about the laptop hardware, these notebooks are often leased for the duration of the refresh cycle, and/or insured. Companies care about the data, and WDE protects it pretty well. So again, how exactly the kill switch will *improve* security above & beyond existing solutions?
IMO, Intel proposes this simply because they can, and because that's the only security option they can think of. It's a poor option, on par with the unique CPU ID, and it will be equally disabled on majority of notebooks. I think they added it just for a checkbox on sales materials. Technically it is worthless for pretty much everyone and will not be used. Low-end users, like that sales guy, will find this an overkill. High-end users, like CIA, will find this inadequate. Middle-range users already have WDE and have no need to pay for a service that disables a chip that doesn't do anything anyway.
Due to interaction with peripherals, there is a minimum
Ok, perhaps. But the proposal #2 doesn't depend on the fact that the CPU keeps running after the timeout expires. It may well stop, just like that "kill switch" does.
The difference is that Intel's method depends on successful delivery of negative authorization, when the hardware is already stolen and under control of thieves. It should be understood that any industrial spy would know *exactly* what to do; perhaps the notebook will be simply placed into a shielded laptop case - a low-tech solution that defeats an expensive infrastructure.
The proposed method depends on positive authorization, delivered over proper channels. If the authorization doesn't come then the computer stops. The thief can't do anything about it. If, for example, the authentication is handled in the pre-boot environment then the CPU won't even boot the OS. It may stay in BIOS, though; but with TPM blocking HDD decryption it's not a problem.
Computers used only on the LAN can have Ethernet authenticators. Computers issued to road warriors can have USB authenticators; they are limited in time and need to be "reset" every day. And it would be also possible to call the help desk, tell them who you are (so that they believe you) then read the long number that the BIOS shows you, enter the long number that they tell you, and you are good to go. That is for emergencies, of course.
The "kill-switch" is intended for businesses and governments - the cost of a computer is negligible compared to the potential cost of a data breach. Encryption should be standard for these organisations.
Yes, and companies who care about the data protection already have full disk encryption deployed. I worked for one such company.
If the encryption is done properly then it should be tied to both the hardware and the user
It is tied to the HDD itself, as I understand, and maybe to the TPM chip (Windows BitLocker.) I'm unsure that corporations will be happy to tie expensive data to a piece of hardware that can fail on its own (and in businesses with thousands of laptops this happens all the time.)
so that data can only be accessed on authorised computer systems.
Technically, "only on computer systems that have the right key." Being authorized is only a preference:-)
Hence the "kill-switch" which will prevent data from being decrypted (by denying access to the hardware) even if the user's passwords are known.
It will do no such thing. The thief - who will be briefed on appropriate measures - will pull the battery from the laptop even before he cuts the security cable. Without power the laptop can't do anything. Since you say "the password is known" then it becomes a trivial task of going into a place with no 3G coverage (a basement, a desert, whatever) and powering up the laptop there. Since 3G will be inoperative, the thief will have plenty of time to copy the HDD onto an external drive. Then the laptop is physically destroyed.
So I don't see how this new kill switch would increase security anywhere.
How many laptop thieves give a crap about the information in the machine?
Only smart ones. Besides, they only need to "know a man" who takes care of all that. They don't need to have any technical expertise. That man not only wipes the HDD unrecoverably clean (which makes identification of the stolen item hard,) he also will drop a pirated OS into it, so that the laptop is ready for sale. The same expert may pay for the data if it's of interest (like some company's projects, or just a bunch of your Quicken accounts.) But just the "HDD service" should be worth a lot to a common thief.
In 99% of the cases all they want is to sell it, as quickly as possible.
Then the ex-owner of the laptop must beat the clock in discovering the loss and activating the kill switch. Otherwise the thief will sell the laptop before you even realize that you lost it. There is no reason for him to hold onto a stolen item, and he doesn't need to use Google to find a fence:-)
this just allows them to put a big sticker on the laptop saying, "if you steal it, it wont work".
I can achieve this very thing by starting the CPU at 1 MHz clock rate, and until a certain 64-bit response is written into a register (calculated from a 64-bit challenge) the CPU will stay at 1 MHz forever. This will allow you to start the BIOS and enter the necessary code. And once the code is in the CPU switches to a normal clock.
You can have variations of this method too. For example, the computer powers up at its normal speed, but starts a timer, and if within 10 minutes (or something) the registers aren't programmed correctly then the CPU clock drops, making the computer useless.
And you can have many ways to "unlock" the CPU. You can have a fingerprint reader or your Windows password doing it for you. You can have a USB device plugged in that has a time-dependent unlock key. You can have a network protocol that checks that the computer is pinging from an approved IP range and then issues the permission to unlock. In all these cases there will be no simple unlock code stored anywhere; Windows password is not readable (only resettable), and external devices can calculate the response based on the challenge. The OS may have the algorithm (which is well known) but lacking the key it would be unable to convert the challenge into the correct response.
And, by the way, this invention cannot be patented now:-)
Actually most people believe that NK will not use an ICBM to deliver a nuke. NK just doesn't have too many of either, and the risk of failure is high. Delivery by a ship or a truck, or just hidden in a sack of heroin, is much easier. Or if you like books of Clive Cussler, check the A/C unit on those imported cars that are delivered by hundreds of thousands every year. I'm pretty sure nobody X-rays them.
Those nukes may be already on US territory, in hands of sleeper agents. Unlikely, sure, but it's possible, and there is no defense against that (not with those borders, at least.) So a war in a faraway land may end up on the US territory.
I guarantee you America, South Korea, or any other westernized nation does not think it will lose in a war against North Korea simply because they have nukes.
Western nations have very fragile societies, compared to an impoverished dictatorship of NK. The definition of "lose" is different for the USA and for NK.
If someone explodes a 10 kT nuke in Pyongyang the city will be largely destroyed, but the regime will be untouched. If anything, it will be proven to any doubters that the USA is an evil aggressor. The event will not affect the world. The goal of the attack will not be achieved.
If someone explodes a 10 kT nuke in NYC or LA the city will be mostly intact, but the US government is likely to collapse. The anarchy and chaos of the disaster will be instantly known to the whole country (and the whole world) and a lot of weird people will crawl out of the woodwork. Financial markets will be in danger; the US dollar may collapse. All kinds of bad things become possible.
But of course the greatest danger of the first strike is in very high likelihood that it won't be the last.
We are talking here about proprietary firmware (and drivers) that make certain pieces of hardware nonfunctional. Any proprietary OS has no trouble with that; if Debian default removes those proprietary binaries then certain devices will not work. That's all:-)
It'd be nice to be clear on licensing, redistribution rights etc.
Proprietary blobs are always very clear on licensing and redistribution rights:-) That's probably the first thing they tell you when you install them.
I'm not sure if the binary firmware blobs in the kernel have any different redistribution restrictions, though
I very much doubt that any such blobs are explicitly licensed for use under Linux and not, say, NetBSD. Your incarnation of the free OS would use the same blob in basically the same way. Of course if your OS can't talk to this or that binary driver, it's just too bad - but it's not the license that forbids you something, it's your new and improved driver API that does you in.
With regard to the freedom to understand (as another poster mentions) there is very little to understand in that code unless you also have the schematic of the hardware, *and* the HDL code for all the ASICs that are involved. For example, the super-duper-secret piece of NVidia code can say this:
What does that tell you? Nothing, unless you - like the NVidia firmware guy - have access to *all* the relevant documentation and on top of that have the phone number of the ASIC developer on a speed dial. Without such information you know just enough to be dangerous:-) You can change one bit and burn the hardware. A lot of the code is also written in a certain way, and it may be not obvious why. For example, you may "optimize" a piece of code and break everything because the original code was crafted to execute in so many clock cycles or to leave certain registers untouched. We may debate whether this is a good way of writing code or not, but that's how some firmware is written, especially if you can't afford timer interrupts (like when you generate a serial bitstream for a chip that is much faster than your CPU.) In those cases you need to have very good understanding of the hardware that you are driving, and have a datasheet handy.
In other words, there is very little to learn from those binary blobs. Life is too short to study some junk code written to run some junk hardware for which you don't have a shred of documentation. And if you really want to learn something, build your own hardware from OpenCores parts and write your own drivers. I think they have a complete set of blocks there to build a decent computer from scratch.
why doesn't the sat phone provider build in a crappy little GSM/CDMA into the hand unit, and then gateway from the cell phone network into the sat phone
The SWaP of such a hybrid unit will be determined by the satellite portion. Who would want to always carry a large phone if they know that they aren't going to suddenly end up in a desert instead of their cubicle at work? [A: only these.]
I sometimes find myself in the middle of nowhere, without cell coverage - usually at a safe distance from the civilization. I don't have a sat phone, but if I did I'd want it to be a separate unit. I'd keep it in the car, and if once in a blue moon I must make a call from a no-coverage spot I'd take it and power it up.
More importantly, the biblical flood story portrays YHWH as an evil fuck-up. Why bother with a flood when he could just wish the evildoers out of existence?
Perhaps YHWH was not an omnipotent god. An alien would certainly be able to project holograms from time to time, verbally command locals, and sometimes even do neat tricks using the machinery of his spaceship. For example, he could "stop the Sun" by sending a shuttle with a good searchlight, or even hanging a small artificial Sun in the atmosphere for a day or two. Those savages would not know the difference anyway.
But when it comes to cleaning the slate, this hypothetical alien couldn't personally chase down and kill every person on the planet - not any more that it is practical for humans to chase and stomp every single ant from a large anthill. It would be infeasible to even investigate who is naughty and who is nice. But it would be very much possible to, say, use a force field generator (or just his ship's volume) to create a huge bubble in the ocean. The displaced water then rises and floods the planet - not much, perhaps, but with most people living near the water that would suffice.
Most tales about YHWH aren't painting a picture of a nice guy. It's not that unreasonable to even half-seriously suggest that YHWH was an alien; too many of his actions and orders are pretty inhuman by anyone's measure, but fit a heartless robot just fine.
Any given technology can be optimized for maximum performance (a home computer) or for maximum battery life (a portable computer.) It is possible, theoretically, to connect a 24" LCD monitor to your iPhone, but the video resolution will be so bad that you will hate the day Steve Jobs was born. And who would want to sit at home and read news on a tiny screen when he has a whole wall of a screen right in front of him? Why would you want to dig a trench with a screwdriver? Why would you want to turn a tiny screw with a shovel? You want to use a right tool, not the tool that you happen to have.
The home computer will always be faster - or at least until such a time when a portable computer is "fast enough." This can happen, actually, if all the calculations are moved off of your hardware and onto some big cloud in the sky. Then all you have is a terminal, and it doesn't matter how fast it is. But we aren't there yet, and probably won't be there for a good time because the video bandwidth that modern cards push around is quite impressive.
The only viable case of a convergence that I can see today is a family that is not much into computers. That family can use their smartphones during the day, and at home they drop them in some cradles; that connects them to some LCD panels with somewhat better resolution, and to the keyboard/mouse. Then they can type emails, edit some photos, and browse the Web. Pacman, maybe, or a snake. Not much else. But for them it may be enough.
Slashdot Mirror
Maybe because organised crime could find a lot of uses for a database of the faces of police officers?
If organized crime cares, it can just buy copies of HR documents on each police officer. Or if the mafia has nothing better to do, they may send some kids to take photos of officers and then follow them home. Over time they will get everyone, and it's 100% legal.
Besides, police officers interact primarily with lawbreakers. They already show them their faces and their badges. A LEO in Las Vegas has no reason to be worried that some geek in China will see his face. That LEO better be worried that a local gangbanger saw him and followed him home. And you don't need a camera for that; binoculars would be far more effective.
Police objects to recording of their actions for only one reason: their actions can be used to hang them. Everyone makes mistakes. Raise your hand everyone who hasn't exceeded the posted speed even for one second on your way to work today. Won't be many hands raised, unless you all rode bicycles. Now imagine that the car automatically fines you each time when the number '65' changes to '66'. It wouldn't be worth going to work. In case of police, their errors (regardless of the reason) *also* can have them punished, fired or accused of a crime. Naturally they don't want this to happen. Neither do I or you, but we can't forbid others from seeing our misdeeds. Police can, currently, but that's wrong. If some officers say "we do dangerous work, with gun in hand, so if we shoot a family dog or a kid now and then we shouldn't be accountable." If they can't do their job safely and within the law they should quit; and if the whole police force quits then Wild West, here we come, for better or for worse.
I should comment only on this:
If I want it, only then does the marketer actually mail it
A lot of advertising is done against your will. The advertisers try to force their product into your field of view because they know how that works - you remember what you have seen or heard, even if you don't memorize it intentionally. Mattress Discounters, may you burn in hell! :-) I threw a pound of flyers out last time, but one was from Lowe's and another from Walgreens. Guess what, I need to buy something in both of them! But if a complicated protocol is standing between the ad and my eyes then most likely I'd never see it firsthand; I'd just ban Lowe's and Walgreens and Ace Hardware and OSH even though I buy things in all these stores now and then. So advertisers will not want this approach - it's race to the bottom because once you are banned by the reader you will never be unbanned.
Specifically, I want a virtual PO Box. All my mail would go to a processing center where the front and back of each item is scanned, OCRed, and placed on a web site where I can look at it all. I can then direct them to send or shred any individual item. Because the return address, etc, is OCRed, I can also set up filters for mail I want automatically delivered, like bills.
I'm unsure how you can automate scanning of flyers and other assorted packing materials that they send you once or twice per week. And if you don't do that then filters won't work. USPS gets money for delivery of that junk, so it has to at least offer it to you - it can't dump it right away.
There is also a problem of magazines, catalogs, and whatnot that is large and has pages. It has to be manually handled, so that only top and bottom are scanned - and not some random pages. Each scan must be confirmed (by a human) to be legible. Then all that stuff has to be stored at the post office for some long time (before it is returned) even if you are checking that Web site every day or two. This calls for construction of new automated warehouses at high price - instead of just dumping the paper into your mailbox and letting God^Wyou sort it out.
Also in terms of time, it is much faster to sort the junk mail when you have it in your hands. You don't need to click and zoom on something; and if the nature of the mail is unclear, tear the envelope open and see if this is a bill for a service that you need, or an ad about replacement of your water heater. It's hard to misidentify things when you hold them; but it's much easier if they are just pictures on the screen. It is also essential that every item is correctly tagged and stored, so when you command the system to junk some postcard from some real estate agent the system doesn't junk the bill for your Internet service :-) This has to be automated, otherwise there isn't enough people on this planet to run it by hand.
If such a system is created then USPS will see considerable drop in revenue, even though they can lay some people off too. The broken glass will not be broken anymore. Your purchase of pizza will not be paying salary of your postman. This may be the right thing to do, but one can't claim that USPS profits will increase. Consider that after the USPS invests into those multi-million warehouses and robots - warehouses that are designed to hold the junk mail - the volume of that junk mail drops like a stone, and then those warehouses turn into a bad investment. USPS will go bankrupt because it *already* took a credit to build all that stuff, and now it has no money to repay the investors.
About the only things I every send through the mail are to services living in the internet dark ages of yesteryear (primarily government services).
Definitely not just them. A couple of weeks ago my insurance company sent me another bill, and somewhere there they made a wonderful offer of paying electronically - 12 payments per year, with each payment costing me just one dollar extra! I sent them a check for the whole sum, of course, at the cost of 44 cents. They are not alone in that. Electronic payments are not free, and someone has to pay for it. Checks are free, however irrational that may sound.
If theft is a problem for you locally, you have two options as I see it: 1) set up surveillance cameras of your own, and catch the perpetrators. The police will probably be happy to bust the teenage punks stealing your mail. 2) Get a PO Box.
3) A good mailbox
With regard to your (1), the camera is not an evidence that you can take to the court, and the sheriff won't bother arresting someone - even teenage punks - just because someone may have seen them somewhere. (If that would be the case, graffiti couldn't exist.) It takes some good evidence to arrest; you wouldn't want to be arrested yourself just because something resembling your face was seen on a security camera, in darkness.
HINT: Integration.
From the research on /. it is pretty clear that the functionality that they are so carefully constructing existed since times of Windows for Workgroups, and that was back in 199x.
Lack of value of this proposition for businesses that are just a notch above a mom-and-pop shop comes from two sources:
Anyone who has a shared network drive for any purpose already has this "dropbox" thing. Maybe it doesn't do revisions, but IRL most people (who are not programmers) avoid revisions because it's easier to save a file as $foo_revA.doc and be done with it. It's also easier to retrieve it, and compare. Don't forget that MS has Sharepoint, and though from technical POV it is pretty bad, companies invest into it and use it... because it handles their data well enough. And we should not forget about permissions - for the whole site, for projects, for documents... businesses not only need them, they often must have them, by law (such as ITAR, for example.) Similarly, businesses have data retention policies that enforce lifecycle of certain documents; this is not possible if you are not in control of the data.
Since any business with more than 3-4 workers has a server somewhere, this service is of little use to them. Why do you think so many people on /. (of all places) haven't heard about Dropbox? Because it is a niche app that doesn't do much above what is already available. It may be nicer in terms of GUI, allows you to work offline and sync on connect, etc. - such things are neat but they are not really necessary. Google Documents is a good fit for a low level collaboration already, and that covers most of the niche that even wants it.
From what I learned about this thing over the last day, their primary market will be sync to smartphones, done by mostly private persons. Any company that is not out of its mind will forbid such a thing because sending company documents "somewhere into the cloud" and out of your control is insane. Unless Dropbox is planning to reduce the free storage from 2 GB to, say, 2 MB, most of their users will not be paying. Maybe students who work together on a project will use Dropbox, but then they aren't rich enough to pay, and there aren't enough of them. Maybe a 2-3 man startup will use Dropbox, until they get the real infrastructure. A local server costs very little and can be bought as a NAS box. Even if they buy 20 GB accounts, what kind of an Internet pipe one must have to access that much data on a regular basis? It just doesn't make sense if you have a 1 Gbps Ethernet at the office. Time is expensive.
So this is my reasoning, and this is why I do not expect them to be very successful - especially considering the cash that VCs already poured into this company. Their Web site doesn't create an impression that they have a business plan, and their burn rate (head count) for this little app is amazing.
most likely around -10% of the labeled frequency
Processors for mobile applications can change the clock far more than 10%. But there is a better solution. Leave the clock alone, just don't do anything useful in most of the clock cycles. Here is a piece of code that would fetch the instruction this way:
if (do_useful_work) {
instruction <= cache;
++ip;
} else {
instruction <= NOP;
}
By controlling the duty cycle of the 'do_useful_work' signal you throttle the effective speed of the CPU.
I am constantly amazed that there isn't _something_ which offers this.
Google photos + Picasa do that, for years now.
I live & work in the valley, but I have no interest in another dot-com that seems to be in a hurry to burn through all their funding while not delivering an application of debatable value to most people. Even if they are wildly successful they will be occupying a small niche and providing free services to most of their clients.
The dropbox home page has a huge, prominent video right in the middle of the page. Did you try watching that?
I also tried to find a description, and failing that I stumbled upon that ginormous button. No, I haven't even considered watching the video. If a company with 30 employees and VC financing can't write one paragraph of text then I'm not interested in their videos.
Besides, a whole lot of people on Earth can passably read English, with a dictionary perhaps. In worst case they can print it and show someone. Many of the same people can't understand spoken American English well enough. This insistence on video looks a lot like arrogance.
This kill switch will help in casual theft cases. Drunk corporate officer leaves laptop in nightclub. It gets grabbed by a club rat. Next day, IT disables the CPU.
I fail to see the advantage of disabling the CPU here, as long as the laptop already has full disk encryption. It is completely integrated (we used PGP Whole Disk Encryption) and invisible to the user; it's just you enter your password earlier.
With regard to the recovery of the laptop, both this "kill switch" and the WDE do the same thing; you reenter the key and the HDD gets decrypted. The difference is small and technical: the kill switch physically wipes the key from the integrated TPM, whereas WDE simply doesn't have the necessary secret (your passphrase) to generate the HDD decryption key.
If we start assuming that the passphrase is known to the thief then all bets are off anyway - he can instantly boot it up and copy the data before the loss is detected, even if you use an ansible to send the signal. Your drunken sales droid is not likely to realize that the notebook is lost until he wakes up in the morning, and there wouldn't be any password written on the laptop itself.
An industrial spy can steal a notebook from a company office. They actually do that, and it's not too difficult. They dress appropriately, tailgate an employee, look around, take what they need and leave, all within 5 minutes. In a larger office there is no way for workers to detect an extra person. In this scenario if the password is written somewhere at the cubicle the thief can have it. Then both methods converge - the thief takes the laptop into a shielded room (a basement) and does his thing there.
You pay for the WDE software only once (as opposed to the continuous 3G service.) Then the laptop doesn't depend on 3G availability to lock the thief out - it's safe by default. This means that you have to have WDE anyway. So what exactly the CPU block buys you if the HDD can't be accessed? Do you (or the company) want to pay money for the service to simply annoy the thief? Most companies can't care less about the laptop hardware, these notebooks are often leased for the duration of the refresh cycle, and/or insured. Companies care about the data, and WDE protects it pretty well. So again, how exactly the kill switch will *improve* security above & beyond existing solutions?
IMO, Intel proposes this simply because they can, and because that's the only security option they can think of. It's a poor option, on par with the unique CPU ID, and it will be equally disabled on majority of notebooks. I think they added it just for a checkbox on sales materials. Technically it is worthless for pretty much everyone and will not be used. Low-end users, like that sales guy, will find this an overkill. High-end users, like CIA, will find this inadequate. Middle-range users already have WDE and have no need to pay for a service that disables a chip that doesn't do anything anyway.
Due to interaction with peripherals, there is a minimum
Ok, perhaps. But the proposal #2 doesn't depend on the fact that the CPU keeps running after the timeout expires. It may well stop, just like that "kill switch" does.
The difference is that Intel's method depends on successful delivery of negative authorization, when the hardware is already stolen and under control of thieves. It should be understood that any industrial spy would know *exactly* what to do; perhaps the notebook will be simply placed into a shielded laptop case - a low-tech solution that defeats an expensive infrastructure.
The proposed method depends on positive authorization, delivered over proper channels. If the authorization doesn't come then the computer stops. The thief can't do anything about it. If, for example, the authentication is handled in the pre-boot environment then the CPU won't even boot the OS. It may stay in BIOS, though; but with TPM blocking HDD decryption it's not a problem.
Computers used only on the LAN can have Ethernet authenticators. Computers issued to road warriors can have USB authenticators; they are limited in time and need to be "reset" every day. And it would be also possible to call the help desk, tell them who you are (so that they believe you) then read the long number that the BIOS shows you, enter the long number that they tell you, and you are good to go. That is for emergencies, of course.
they'll carry on in that vain for hours.
It was not a typo.
The "kill-switch" is intended for businesses and governments - the cost of a computer is negligible compared to the potential cost of a data breach. Encryption should be standard for these organisations.
Yes, and companies who care about the data protection already have full disk encryption deployed. I worked for one such company.
If the encryption is done properly then it should be tied to both the hardware and the user
It is tied to the HDD itself, as I understand, and maybe to the TPM chip (Windows BitLocker.) I'm unsure that corporations will be happy to tie expensive data to a piece of hardware that can fail on its own (and in businesses with thousands of laptops this happens all the time.)
so that data can only be accessed on authorised computer systems.
Technically, "only on computer systems that have the right key." Being authorized is only a preference :-)
Hence the "kill-switch" which will prevent data from being decrypted (by denying access to the hardware) even if the user's passwords are known.
It will do no such thing. The thief - who will be briefed on appropriate measures - will pull the battery from the laptop even before he cuts the security cable. Without power the laptop can't do anything. Since you say "the password is known" then it becomes a trivial task of going into a place with no 3G coverage (a basement, a desert, whatever) and powering up the laptop there. Since 3G will be inoperative, the thief will have plenty of time to copy the HDD onto an external drive. Then the laptop is physically destroyed.
So I don't see how this new kill switch would increase security anywhere.
How many laptop thieves give a crap about the information in the machine?
Only smart ones. Besides, they only need to "know a man" who takes care of all that. They don't need to have any technical expertise. That man not only wipes the HDD unrecoverably clean (which makes identification of the stolen item hard,) he also will drop a pirated OS into it, so that the laptop is ready for sale. The same expert may pay for the data if it's of interest (like some company's projects, or just a bunch of your Quicken accounts.) But just the "HDD service" should be worth a lot to a common thief.
In 99% of the cases all they want is to sell it, as quickly as possible.
Then the ex-owner of the laptop must beat the clock in discovering the loss and activating the kill switch. Otherwise the thief will sell the laptop before you even realize that you lost it. There is no reason for him to hold onto a stolen item, and he doesn't need to use Google to find a fence :-)
this just allows them to put a big sticker on the laptop saying, "if you steal it, it wont work".
I can achieve this very thing by starting the CPU at 1 MHz clock rate, and until a certain 64-bit response is written into a register (calculated from a 64-bit challenge) the CPU will stay at 1 MHz forever. This will allow you to start the BIOS and enter the necessary code. And once the code is in the CPU switches to a normal clock.
You can have variations of this method too. For example, the computer powers up at its normal speed, but starts a timer, and if within 10 minutes (or something) the registers aren't programmed correctly then the CPU clock drops, making the computer useless.
And you can have many ways to "unlock" the CPU. You can have a fingerprint reader or your Windows password doing it for you. You can have a USB device plugged in that has a time-dependent unlock key. You can have a network protocol that checks that the computer is pinging from an approved IP range and then issues the permission to unlock. In all these cases there will be no simple unlock code stored anywhere; Windows password is not readable (only resettable), and external devices can calculate the response based on the challenge. The OS may have the algorithm (which is well known) but lacking the key it would be unable to convert the challenge into the correct response.
And, by the way, this invention cannot be patented now :-)
Actually most people believe that NK will not use an ICBM to deliver a nuke. NK just doesn't have too many of either, and the risk of failure is high. Delivery by a ship or a truck, or just hidden in a sack of heroin, is much easier. Or if you like books of Clive Cussler, check the A/C unit on those imported cars that are delivered by hundreds of thousands every year. I'm pretty sure nobody X-rays them.
Those nukes may be already on US territory, in hands of sleeper agents. Unlikely, sure, but it's possible, and there is no defense against that (not with those borders, at least.) So a war in a faraway land may end up on the US territory.
I guarantee you America, South Korea, or any other westernized nation does not think it will lose in a war against North Korea simply because they have nukes.
Western nations have very fragile societies, compared to an impoverished dictatorship of NK. The definition of "lose" is different for the USA and for NK.
If someone explodes a 10 kT nuke in Pyongyang the city will be largely destroyed, but the regime will be untouched. If anything, it will be proven to any doubters that the USA is an evil aggressor. The event will not affect the world. The goal of the attack will not be achieved.
If someone explodes a 10 kT nuke in NYC or LA the city will be mostly intact, but the US government is likely to collapse. The anarchy and chaos of the disaster will be instantly known to the whole country (and the whole world) and a lot of weird people will crawl out of the woodwork. Financial markets will be in danger; the US dollar may collapse. All kinds of bad things become possible.
But of course the greatest danger of the first strike is in very high likelihood that it won't be the last.
We are talking here about proprietary firmware (and drivers) that make certain pieces of hardware nonfunctional. Any proprietary OS has no trouble with that; if Debian default removes those proprietary binaries then certain devices will not work. That's all :-)
It'd be nice to be clear on licensing, redistribution rights etc.
Proprietary blobs are always very clear on licensing and redistribution rights :-) That's probably the first thing they tell you when you install them.
I'm not sure if the binary firmware blobs in the kernel have any different redistribution restrictions, though
I very much doubt that any such blobs are explicitly licensed for use under Linux and not, say, NetBSD. Your incarnation of the free OS would use the same blob in basically the same way. Of course if your OS can't talk to this or that binary driver, it's just too bad - but it's not the license that forbids you something, it's your new and improved driver API that does you in.
With regard to the freedom to understand (as another poster mentions) there is very little to understand in that code unless you also have the schematic of the hardware, *and* the HDL code for all the ASICs that are involved. For example, the super-duper-secret piece of NVidia code can say this:
uint32_t *p = (uint32_t *) REG_ARRAY_A_AUX_CTRL_REG3;
*p = REG_ARRAY_A_AUX_CTRL_REG3_SETUP1_MASK;
What does that tell you? Nothing, unless you - like the NVidia firmware guy - have access to *all* the relevant documentation and on top of that have the phone number of the ASIC developer on a speed dial. Without such information you know just enough to be dangerous :-) You can change one bit and burn the hardware. A lot of the code is also written in a certain way, and it may be not obvious why. For example, you may "optimize" a piece of code and break everything because the original code was crafted to execute in so many clock cycles or to leave certain registers untouched. We may debate whether this is a good way of writing code or not, but that's how some firmware is written, especially if you can't afford timer interrupts (like when you generate a serial bitstream for a chip that is much faster than your CPU.) In those cases you need to have very good understanding of the hardware that you are driving, and have a datasheet handy.
In other words, there is very little to learn from those binary blobs. Life is too short to study some junk code written to run some junk hardware for which you don't have a shred of documentation. And if you really want to learn something, build your own hardware from OpenCores parts and write your own drivers. I think they have a complete set of blocks there to build a decent computer from scratch.
Different tools for different jobs.
So what job then requires an OS that is "pure and advanced with pure Free and Open goals in mind" ?
Most jobs that I'm aware of require an OS that works; and the "works" part is not negotiable.
why doesn't the sat phone provider build in a crappy little GSM/CDMA into the hand unit, and then gateway from the cell phone network into the sat phone
The SWaP of such a hybrid unit will be determined by the satellite portion. Who would want to always carry a large phone if they know that they aren't going to suddenly end up in a desert instead of their cubicle at work? [A: only these.]
I sometimes find myself in the middle of nowhere, without cell coverage - usually at a safe distance from the civilization. I don't have a sat phone, but if I did I'd want it to be a separate unit. I'd keep it in the car, and if once in a blue moon I must make a call from a no-coverage spot I'd take it and power it up.
The Captain ate some funky chili and the Borg are attacking.
Normally I'd recommend to jam the Borg ship, but a chili like that might be even better.
More importantly, the biblical flood story portrays YHWH as an evil fuck-up. Why bother with a flood when he could just wish the evildoers out of existence?
Perhaps YHWH was not an omnipotent god. An alien would certainly be able to project holograms from time to time, verbally command locals, and sometimes even do neat tricks using the machinery of his spaceship. For example, he could "stop the Sun" by sending a shuttle with a good searchlight, or even hanging a small artificial Sun in the atmosphere for a day or two. Those savages would not know the difference anyway.
But when it comes to cleaning the slate, this hypothetical alien couldn't personally chase down and kill every person on the planet - not any more that it is practical for humans to chase and stomp every single ant from a large anthill. It would be infeasible to even investigate who is naughty and who is nice. But it would be very much possible to, say, use a force field generator (or just his ship's volume) to create a huge bubble in the ocean. The displaced water then rises and floods the planet - not much, perhaps, but with most people living near the water that would suffice.
Most tales about YHWH aren't painting a picture of a nice guy. It's not that unreasonable to even half-seriously suggest that YHWH was an alien; too many of his actions and orders are pretty inhuman by anyone's measure, but fit a heartless robot just fine.
Any given technology can be optimized for maximum performance (a home computer) or for maximum battery life (a portable computer.) It is possible, theoretically, to connect a 24" LCD monitor to your iPhone, but the video resolution will be so bad that you will hate the day Steve Jobs was born. And who would want to sit at home and read news on a tiny screen when he has a whole wall of a screen right in front of him? Why would you want to dig a trench with a screwdriver? Why would you want to turn a tiny screw with a shovel? You want to use a right tool, not the tool that you happen to have.
The home computer will always be faster - or at least until such a time when a portable computer is "fast enough." This can happen, actually, if all the calculations are moved off of your hardware and onto some big cloud in the sky. Then all you have is a terminal, and it doesn't matter how fast it is. But we aren't there yet, and probably won't be there for a good time because the video bandwidth that modern cards push around is quite impressive.
The only viable case of a convergence that I can see today is a family that is not much into computers. That family can use their smartphones during the day, and at home they drop them in some cradles; that connects them to some LCD panels with somewhat better resolution, and to the keyboard/mouse. Then they can type emails, edit some photos, and browse the Web. Pacman, maybe, or a snake. Not much else. But for them it may be enough.