hydrogen peroxide is going to test very, very much like water. Fizzy water, maybe.
Hydrogen peroxide (3%) is a good oral antiseptic, and many dentists recommend to use it (mixed with Listerine) as a mouthwash.
But if you decide to drink even that weak 3% solution, enough foam will spew out of your mouth to put a medium-sized fire out. Hydrogen peroxide is given internally to animals to induce vomiting (and the same will happen to humans.) Finally, 30% H(2)O(2) causes burn-like damage to skin, so you should drink it only if you don't expect to use your digestive system ever again.
All in all, if a terrorist manages to get some bad things onto an airplane it will most likely be done with help of an airport employee or a contractor. There are quite a few things that are delivered to an airport on a daily basis - like goods for stores within the secure area, food for outgoing flights, jet fuel in huge volume, and so on. All these items offer endless concealment possibilities, even ignoring that the jet fuel is itself flammable.
What bombs are those? I'm honestly curious, I've never heard of anything like that before.
Your geek card is in danger. You could think of black hole bombs, for example (The Gap trilogy), or of fun with planet-smashers (Doc Smith's evolved and ethical and genocidal Lensmen), and many more.
you don't have the right to charge money to install chips into someone else's device.
That alone, so broadly worded, is not illegal if that 'someone else' owns the device. There are thousands of electronics technicians in the USA (and far more in China) who do this for a living.
On the other hand, it may be against the law for you to use (or even own) a modified device. But even with guns the legal situation is not that obvious. In any case it's a legal minefield.
"Lebe nicht für andere, sondern lebe für dich!", war das Motto des gelernten Kfz-Mechanikers, der mit 17 Jahren auf einen Strommasten geklettert war und dabei beide Arme verloren hatte.
The original English translation seems to be reasonable, since für != durch. Native German speakers are welcome to correct me, if needed. My German is pretty basic.
I posit that if the e-book price is set to the expected difference in value between new and used, would you still resent being unable to lend or sell the digital copy?
It doesn't matter how much the "new" unit costs because the "used" one is usually cheaper. The difference in price comes not from a physical difference (there are none) but from the book's value to the consumer (a book that is already read is less valuable than a new one.)
This means that to keep things in balance you must allow people (incl. the publisher) to set prices on items that they offer for sale. If you make a second sale impossible then the item is no longer a manufactured product that can be freely traded on the market, but a service that is rendered and instantly consumed in full (like a movie / theater visit.)
Why would you run a vehicle if you're stopped? Just turn it off when appropriate.
Traditional cars are just not designed for frequent restarts. The starter motor has a very limited resource (its brushes wear out) and the 12V battery can start the engine only so many times before the charge drops too much. The charging circuit is also pretty weak, just a notch above the trickle charging. There is also that gear that has to move to engage the starter's mechanical connection... and the starter's RPM is pretty low, which is not good for emissions at the first second or two after starting. Finally, this is yet another task for the driver, and given that the starting is a manual job that asks for some good timing, it will become tiresome very quickly. I did turn off the engine at long stops, like at the railway crossing; but if you do so at every red light you can become an impediment to traffic.
Hybrid ICEs are designed differently, and they start and stop on their own, invisibly to the driver. Most importantly, if the ICE is stopped the car still can be instantly moved - there is enough current from the battery to get moving without waiting for the ICE to spin up.
As a few people noticed, more and more cars appear in Europe that are, actually, built with engine restart in mind. I don't know how well those perform, but if engineers want this feature they certainly can implement it right, even if the car is not a hybrid. But being a hybrid helps because most of the machinery that you need is already there.
Yeah, right. Try starting and stopping the engine at every stop light when it's forty below zero outside
It's a trivial engineering task. Prius, for example, has auxiliary electric heaters, and it maintains the engine temperature (and battery charge) automatically. If it's -40C outside the ICE will run a bit more, and that's all. This shouldn't be of any concern to the driver unless he lives in Alaska; then he'd be getting worse MPG than people in California do.
And on the subject of starting a cold ICE in cold weather. Hybrids start the ICE at higher RPM, and they have 100x power of a standard starter. So if the ICE in a hybrid doesn't start it's because something is broken, not because your battery is frozen solid and the starter barely spins the crankshaft.
Stopping and starting an engine also wastes energy.
It's certainly true if you repeatedly start and stop a car made in 1960's.
But it won't be true if the ICE is designed for that. For example, Prius has no 1900-era DC brush starter, and the ICE can be started with electrical energy or the mechanical energy produced by the inertia of the car. The energy "wasted" to compress the air in the cylinder before first ignition is returned thousandfold in a millisecond.
Please wake me up when this engine can stop and start on demand, like it does in current hybrids. Burning fuel while stopped can never be a good thing.
I'm wondering why so many respondents tell the guy working for the GOVERNMENT AGENCY about corporations.
See the title of the article:-) Yes, other people already pointed out that the title and the content are out of alignment.
Just don't buy crap, or from a company that won't stand by their stuff
That pretty much eliminates every Taiwanese manufacturer whose parts you'd buy from Newegg or Fry's to put into your own boxes.
The advantage of buying from HP/Dell/IBM is that they will stand by their stuff, and they can keep your computers running if you pay them for support. At the previous job HP had a small team of techs on site permanently, and if your HP laptop failed you are maybe 10 minutes away from a replacement.
If HP et al. buy a part from a small Taiwanese manufacturer they do their due diligence first, and they have a vetted second source. Regardless, if a video card fails and you need a replacement, it's not your problem where HP gets it, as long as it's sitting on your desk at 9am next morning. This is worth a lot of money and it can make a difference between getting a promotion and getting fired.
As far as further savings, of course one COULD use a free OS that's known to be more reliable than a more costly one.
Reliability is a complex matter; it includes not only reliability of the kernel but also reliability of all other parts. For example, you insert and remove various USB devices all day long to see if that crashes the system. Reliability of the operator (such as his familiarity with the system) also must be considered. And of course reliability of 3rd party software is essential; if your SolidWorks doesn't run on FreeBSD then you have a problem.
Need to interface with Ofice, use OpenOffice (still there are issues with the latest versions of Microsoft Office docs such as DOCX and XLSX).
You probably never had to answer to hysterical calls for help from some middle manager who just had his carefully laid out MS Word document all chewed up by OpenOffice.
This can happen within the MS Office universe too. But it's better controlled there, and the integrity of your body is in no danger.
Businesses are not interested in taking risks. They are more than willing to pay for stability; now few people even remember how Windows crashes look like. MS Office works well enough and everyone has it. Running it in VMWare or WINE, or maintaining dual-boot, is just a waste of time.
I had the idea of building our own PCs for considerably less.
This is an awful idea. I had some experience with such an experiment; it didn't work. The computers were failing left and right, and the vendor distanced itself from the situaton. You will first be forced to maintain all that herd, and eventually you will become a scapegoat.
Business is all about using money to make other money. It is a legitimate expense to buy a computer; it's tax-deductible on corporate level, so you don't need to squint too hard at the prices. Buy good computers with a warranty and on-site support and be happy.
That's nothing inherently "manly" about killing defenceless creatures for fun.
You apparently know nothing of this, but most kinds of a hunt are not about "killing defenceless creatures for fun". They are about being tough enough to hike tens of miles in woods, in bad weather, with a heavy backpack that contains all that you need to stay alive. If you happen to meet and take a legal game then you need to field-dress it and drag the meat to your truck. This is not a job for overweight weaklings; but a teenager should be shown, at least once, what the real world is about. A hunter respects the animal far more than a boy with a console controller in hand respects enemies that he slaughters in thousands in his FPS world.
What's the logical step that you took to get to this point?
This isn't rocket science. Imagine two gay men adopting a girl (or two lesbians adopting a boy.) That girl or that boy will be missing all the parenting that comes from the other gender, and most importantly they need that parenting because, you know, man != woman, and certain things should be communicated by the parent of the same gender. For example, how likely it is that either of that boy's moms will take him to a deer hunt?
Or some proof that homosexual couples don't make better parents than heterosexual ones?
Would you want to have two left hands or two right hands, instead of a matched set?
It's meant ONLY for the conditions that you fall asleep and close your eyes, which I'm willing to wager is a significant portion of sleep-related accidents.
I'm not ready to bet that your assertion is true. I have *never* closed my eyes for long (more than 0.1s) when driving; however I observed that when I'm tired I'm simply less attentive to surroundings.
It's not meant to be a 100% thing but if it prevents accidents it's extremely worth it
It will breed complacency. People - especially tired people - will allow themselves to relax "just a bit" because the alarm will wake them up in time.
(assuming the price isn't too high of course)
And of course the price will be high - why not, if the device is mandatory and the only way to not buy one is to not own a car? Do you think car insurance is affordable to any driver? Do you think the mandatory alcohol-testing ignition interlock is cheap? Once something is mandated the prices will be sky high - just because they can be.
An alarm would be another layer of protection against this, and there's no reason it has to be a normal camera, cheap night vision would suffice
By any means, if you want it then go and buy one. Or make one for yourself. I just don't want it to be mandated. However you will find that at night reflections of external lights from glasses (even from transparent, prescription ones) will make it difficult for the camera to see the eyes. You will need a tremendous dynamic range of those cameras, something that eyes - an amazingly fine instrument, by the way - are barely capable of.
you could easily detect sunglasses and simply turn the alarm off
Sure you can, but won't that defeat the purpose? Sunglasses are very useful, and people who return home (after work, tired and all) often drive against the setting sun.
If you *really* want something that will alert you to you falling asleep, glue a few buttons to the steering wheel, where you normally keep your fingers. When driving, press a certain button when the alarm beeps a certain tone. If you fail to do that within some short time then the real siren spins up, loud enough to wake up the dead. You can build such a thing *today* out of common parts (look at Z-Wave door/window sensors, for example, no wires to drag from the steering wheel.)
There may be weird command paths that produce unique delays and unless you tested all possible combinations of commands so you can emulate everything, you can't be sure there isn't something left.
That would be indeed a somewhat worthy challenge; though the hacker would just run the tool for a day or two and collect all feasible code paths and delays associated with them. That alone wouldn't be a big deal to spoof.
However in practice a dependency on those "unique delays" is impossible. The average life of an IC on the market is anywhere from 6 months to 1 year. This applies to everything, from external USB Flash (storage and the controller) to internal (parallel or serial) Flash to, as matter of fact, anything else. Nobody is willing to produce obsolete devices, and there is no need to either - they do a decent production run, pay some big bucks for that, and sell the parts until they are all gone. Then a new part is sent to manufacturing.
Replacement ICs, even though they are [sometimes] functionally identical, will have any number of differences in those "unique delays." So if you originally used some TSQ1234ZS and it's now obsolete, you solder a new TSQ1235ZSG and it's all of a sudden incompatible. This makes an OEM's life very interesting, to put it mildly, even if you just use the part per the datasheet. But if you went insane and decided to bet everything on undocumented features... did I mention "insane" already?:-)
And as a side note, typical delays in ICs are pretty small, they are measured in nanoseconds usually. The Flash erase or write cycle is longer, but you can't write just to authenticate. Reading from Flash is pretty fast, around 50 ns if not faster. You need a very accurate clock to measure possible differences between accessing of certain addresses... and that is possible only if an async device is used (one that tells you when it's done.) Synchronous devices do not tell you anything, they just return the data a bit faster than you are reading. In theory it's possible to probe individual addresses at different speeds and find the delay that is the threshold of data delivery. But that would require a complicated controller, with a DCM probably, or with a clock that is around 1 GHz.
It's far more practical to use instead a chip that is designed for auth/TPM use. That would be a secure (tamper-proof) microcontroller with a key that is programmed (once) and with some algorithms to generate whatever signatures or encryption you desire. That microcontroller would be in fact reviewed by a competent person to see if it leaks key material through its power pins or RF - and that won't happen with any Flash. And try to beat their 3-pin SOT23 size.
But who is going to solder in such a TSOP flash chip?
I can do it for you. Or you can buy an analog of a ZIF socket. None of that is rocket science - there are billions of TS[S]OP chips installed (and safely removed) on this planet. To give you an example, you can use a low temperature alloy that melts in hot water. This way you can install and remove TSOP chips until you die from old age, and the ICs will still work fine. They do that with 1000-ball BGAs at trade shows.
In addition, reading the "key" from a device changes its error profile because setting it back to all 1's is an erase, and an erase causes wear.
You'd need to do that "erase-write" cycle many thousand times before a new error shows up. Majority of Flash in the industry has no error correction; it just works - every single bit of it.
When you test for specific hardware behavior as a means of authentication, it's always a good idea to include speed measurements & checks in your code. That way, it's harder for the emulator to fake stuff.
Give me an eval board of a microcontroller with a USB device interface and a week of time, and you will get all of that and more. As matter of fact, I have an AVR32UC3A based board here that I built myself. I can plug it into a PC and it will do whatever the code in the MCU tells it to do, including emulating a mass storage class device with any defects you want. The attacker doesn't even need to order a board built, he can buy one off the shelf.
It sounds an alarm when your eyes are closed for more than a blink. I'd welcome this, as any sane person should.
There are several problems here.
The first problem is that tired people are not necessarily closing their eyes. What happens is that they drift away in their thoughts and lose concentration; they keep looking but stop seeing. A camera like that can't help here. An EEG helmet might be more effective but totally impractical.
The second problem is that in southern states (CA to FL) you must use dark sunglasses from 6am to 8pm during summer (and a bit less during winter) simply because there is too much of sunlight here. How is the camera going to see through the dark lenses of those glasses, and reject reflections at the same time? And at night, with glasses or without, it's too dark for the camera to see the driver's eyes anyway.
Slashdot Mirror
Cavity searches are a notoriously unpopular way to begin a vacation.
Don't worry, these are done only if you and your family refuse to be seen in the nude.
hydrogen peroxide is going to test very, very much like water. Fizzy water, maybe.
Hydrogen peroxide (3%) is a good oral antiseptic, and many dentists recommend to use it (mixed with Listerine) as a mouthwash.
But if you decide to drink even that weak 3% solution, enough foam will spew out of your mouth to put a medium-sized fire out. Hydrogen peroxide is given internally to animals to induce vomiting (and the same will happen to humans.) Finally, 30% H(2)O(2) causes burn-like damage to skin, so you should drink it only if you don't expect to use your digestive system ever again.
All in all, if a terrorist manages to get some bad things onto an airplane it will most likely be done with help of an airport employee or a contractor. There are quite a few things that are delivered to an airport on a daily basis - like goods for stores within the secure area, food for outgoing flights, jet fuel in huge volume, and so on. All these items offer endless concealment possibilities, even ignoring that the jet fuel is itself flammable.
50.9% of Americans do not have a cock to punch. (2000 census)
They still do, it's just not their own.
What bombs are those? I'm honestly curious, I've never heard of anything like that before.
Your geek card is in danger. You could think of black hole bombs, for example (The Gap trilogy), or of fun with planet-smashers (Doc Smith's evolved and ethical and genocidal Lensmen), and many more.
you don't have the right to charge money to install chips into someone else's device.
That alone, so broadly worded, is not illegal if that 'someone else' owns the device. There are thousands of electronics technicians in the USA (and far more in China) who do this for a living.
On the other hand, it may be against the law for you to use (or even own) a modified device. But even with guns the legal situation is not that obvious. In any case it's a legal minefield.
[citation needed]
http://apple.slashdot.org/apple/08/08/07/132229.shtml
That was 2 years ago.
I think the motto as printed is a mistranslation. Consider this variant: [...] "Don't live through others, live through yourself!"
I understand your reasons to say so, but here is the original, in German:
The original English translation seems to be reasonable, since für != durch. Native German speakers are welcome to correct me, if needed. My German is pretty basic.
I posit that if the e-book price is set to the expected difference in value between new and used, would you still resent being unable to lend or sell the digital copy?
It doesn't matter how much the "new" unit costs because the "used" one is usually cheaper. The difference in price comes not from a physical difference (there are none) but from the book's value to the consumer (a book that is already read is less valuable than a new one.)
This means that to keep things in balance you must allow people (incl. the publisher) to set prices on items that they offer for sale. If you make a second sale impossible then the item is no longer a manufactured product that can be freely traded on the market, but a service that is rendered and instantly consumed in full (like a movie / theater visit.)
his motto was: "Don't live for others, live for yourself!"
No further comment is necessary.
This will not work unless you give us your password. :-)
'sudo' needs your password (or none at all.)
Someone else's password would be only needed if you try to use 'su'.
Why would you run a vehicle if you're stopped? Just turn it off when appropriate.
Traditional cars are just not designed for frequent restarts. The starter motor has a very limited resource (its brushes wear out) and the 12V battery can start the engine only so many times before the charge drops too much. The charging circuit is also pretty weak, just a notch above the trickle charging. There is also that gear that has to move to engage the starter's mechanical connection... and the starter's RPM is pretty low, which is not good for emissions at the first second or two after starting. Finally, this is yet another task for the driver, and given that the starting is a manual job that asks for some good timing, it will become tiresome very quickly. I did turn off the engine at long stops, like at the railway crossing; but if you do so at every red light you can become an impediment to traffic.
Hybrid ICEs are designed differently, and they start and stop on their own, invisibly to the driver. Most importantly, if the ICE is stopped the car still can be instantly moved - there is enough current from the battery to get moving without waiting for the ICE to spin up.
As a few people noticed, more and more cars appear in Europe that are, actually, built with engine restart in mind. I don't know how well those perform, but if engineers want this feature they certainly can implement it right, even if the car is not a hybrid. But being a hybrid helps because most of the machinery that you need is already there.
Engine start/stop automatic to avoid long idling periods
The key word is "this engine", not some other engine. Unless you imply that Lupo 3L, back in 1999, used exactly this Mazda engine.
Yeah, right. Try starting and stopping the engine at every stop light when it's forty below zero outside
It's a trivial engineering task. Prius, for example, has auxiliary electric heaters, and it maintains the engine temperature (and battery charge) automatically. If it's -40C outside the ICE will run a bit more, and that's all. This shouldn't be of any concern to the driver unless he lives in Alaska; then he'd be getting worse MPG than people in California do.
And on the subject of starting a cold ICE in cold weather. Hybrids start the ICE at higher RPM, and they have 100x power of a standard starter. So if the ICE in a hybrid doesn't start it's because something is broken, not because your battery is frozen solid and the starter barely spins the crankshaft.
Stopping and starting an engine also wastes energy.
It's certainly true if you repeatedly start and stop a car made in 1960's.
But it won't be true if the ICE is designed for that. For example, Prius has no 1900-era DC brush starter, and the ICE can be started with electrical energy or the mechanical energy produced by the inertia of the car. The energy "wasted" to compress the air in the cylinder before first ignition is returned thousandfold in a millisecond.
Please wake me up when this engine can stop and start on demand, like it does in current hybrids. Burning fuel while stopped can never be a good thing.
I'm wondering why so many respondents tell the guy working for the GOVERNMENT AGENCY about corporations.
See the title of the article :-) Yes, other people already pointed out that the title and the content are out of alignment.
Just don't buy crap, or from a company that won't stand by their stuff
That pretty much eliminates every Taiwanese manufacturer whose parts you'd buy from Newegg or Fry's to put into your own boxes.
The advantage of buying from HP/Dell/IBM is that they will stand by their stuff, and they can keep your computers running if you pay them for support. At the previous job HP had a small team of techs on site permanently, and if your HP laptop failed you are maybe 10 minutes away from a replacement.
If HP et al. buy a part from a small Taiwanese manufacturer they do their due diligence first, and they have a vetted second source. Regardless, if a video card fails and you need a replacement, it's not your problem where HP gets it, as long as it's sitting on your desk at 9am next morning. This is worth a lot of money and it can make a difference between getting a promotion and getting fired.
As far as further savings, of course one COULD use a free OS that's known to be more reliable than a more costly one.
Reliability is a complex matter; it includes not only reliability of the kernel but also reliability of all other parts. For example, you insert and remove various USB devices all day long to see if that crashes the system. Reliability of the operator (such as his familiarity with the system) also must be considered. And of course reliability of 3rd party software is essential; if your SolidWorks doesn't run on FreeBSD then you have a problem.
Need to interface with Ofice, use OpenOffice (still there are issues with the latest versions of Microsoft Office docs such as DOCX and XLSX).
You probably never had to answer to hysterical calls for help from some middle manager who just had his carefully laid out MS Word document all chewed up by OpenOffice.
This can happen within the MS Office universe too. But it's better controlled there, and the integrity of your body is in no danger.
Businesses are not interested in taking risks. They are more than willing to pay for stability; now few people even remember how Windows crashes look like. MS Office works well enough and everyone has it. Running it in VMWare or WINE, or maintaining dual-boot, is just a waste of time.
I had the idea of building our own PCs for considerably less.
This is an awful idea. I had some experience with such an experiment; it didn't work. The computers were failing left and right, and the vendor distanced itself from the situaton. You will first be forced to maintain all that herd, and eventually you will become a scapegoat.
Business is all about using money to make other money. It is a legitimate expense to buy a computer; it's tax-deductible on corporate level, so you don't need to squint too hard at the prices. Buy good computers with a warranty and on-site support and be happy.
That's nothing inherently "manly" about killing defenceless creatures for fun.
You apparently know nothing of this, but most kinds of a hunt are not about "killing defenceless creatures for fun". They are about being tough enough to hike tens of miles in woods, in bad weather, with a heavy backpack that contains all that you need to stay alive. If you happen to meet and take a legal game then you need to field-dress it and drag the meat to your truck. This is not a job for overweight weaklings; but a teenager should be shown, at least once, what the real world is about. A hunter respects the animal far more than a boy with a console controller in hand respects enemies that he slaughters in thousands in his FPS world.
What's the logical step that you took to get to this point?
This isn't rocket science. Imagine two gay men adopting a girl (or two lesbians adopting a boy.) That girl or that boy will be missing all the parenting that comes from the other gender, and most importantly they need that parenting because, you know, man != woman, and certain things should be communicated by the parent of the same gender. For example, how likely it is that either of that boy's moms will take him to a deer hunt?
Or some proof that homosexual couples don't make better parents than heterosexual ones?
Would you want to have two left hands or two right hands, instead of a matched set?
It's meant ONLY for the conditions that you fall asleep and close your eyes, which I'm willing to wager is a significant portion of sleep-related accidents.
I'm not ready to bet that your assertion is true. I have *never* closed my eyes for long (more than 0.1s) when driving; however I observed that when I'm tired I'm simply less attentive to surroundings.
It's not meant to be a 100% thing but if it prevents accidents it's extremely worth it
It will breed complacency. People - especially tired people - will allow themselves to relax "just a bit" because the alarm will wake them up in time.
(assuming the price isn't too high of course)
And of course the price will be high - why not, if the device is mandatory and the only way to not buy one is to not own a car? Do you think car insurance is affordable to any driver? Do you think the mandatory alcohol-testing ignition interlock is cheap? Once something is mandated the prices will be sky high - just because they can be.
An alarm would be another layer of protection against this, and there's no reason it has to be a normal camera, cheap night vision would suffice
By any means, if you want it then go and buy one. Or make one for yourself. I just don't want it to be mandated. However you will find that at night reflections of external lights from glasses (even from transparent, prescription ones) will make it difficult for the camera to see the eyes. You will need a tremendous dynamic range of those cameras, something that eyes - an amazingly fine instrument, by the way - are barely capable of.
you could easily detect sunglasses and simply turn the alarm off
Sure you can, but won't that defeat the purpose? Sunglasses are very useful, and people who return home (after work, tired and all) often drive against the setting sun.
If you *really* want something that will alert you to you falling asleep, glue a few buttons to the steering wheel, where you normally keep your fingers. When driving, press a certain button when the alarm beeps a certain tone. If you fail to do that within some short time then the real siren spins up, loud enough to wake up the dead. You can build such a thing *today* out of common parts (look at Z-Wave door/window sensors, for example, no wires to drag from the steering wheel.)
There may be weird command paths that produce unique delays and unless you tested all possible combinations of commands so you can emulate everything, you can't be sure there isn't something left.
That would be indeed a somewhat worthy challenge; though the hacker would just run the tool for a day or two and collect all feasible code paths and delays associated with them. That alone wouldn't be a big deal to spoof.
However in practice a dependency on those "unique delays" is impossible. The average life of an IC on the market is anywhere from 6 months to 1 year. This applies to everything, from external USB Flash (storage and the controller) to internal (parallel or serial) Flash to, as matter of fact, anything else. Nobody is willing to produce obsolete devices, and there is no need to either - they do a decent production run, pay some big bucks for that, and sell the parts until they are all gone. Then a new part is sent to manufacturing.
Replacement ICs, even though they are [sometimes] functionally identical, will have any number of differences in those "unique delays." So if you originally used some TSQ1234ZS and it's now obsolete, you solder a new TSQ1235ZSG and it's all of a sudden incompatible. This makes an OEM's life very interesting, to put it mildly, even if you just use the part per the datasheet. But if you went insane and decided to bet everything on undocumented features ... did I mention "insane" already? :-)
And as a side note, typical delays in ICs are pretty small, they are measured in nanoseconds usually. The Flash erase or write cycle is longer, but you can't write just to authenticate. Reading from Flash is pretty fast, around 50 ns if not faster. You need a very accurate clock to measure possible differences between accessing of certain addresses ... and that is possible only if an async device is used (one that tells you when it's done.) Synchronous devices do not tell you anything, they just return the data a bit faster than you are reading. In theory it's possible to probe individual addresses at different speeds and find the delay that is the threshold of data delivery. But that would require a complicated controller, with a DCM probably, or with a clock that is around 1 GHz.
It's far more practical to use instead a chip that is designed for auth/TPM use. That would be a secure (tamper-proof) microcontroller with a key that is programmed (once) and with some algorithms to generate whatever signatures or encryption you desire. That microcontroller would be in fact reviewed by a competent person to see if it leaks key material through its power pins or RF - and that won't happen with any Flash. And try to beat their 3-pin SOT23 size.
But who is going to solder in such a TSOP flash chip?
I can do it for you. Or you can buy an analog of a ZIF socket. None of that is rocket science - there are billions of TS[S]OP chips installed (and safely removed) on this planet. To give you an example, you can use a low temperature alloy that melts in hot water. This way you can install and remove TSOP chips until you die from old age, and the ICs will still work fine. They do that with 1000-ball BGAs at trade shows.
In addition, reading the "key" from a device changes its error profile because setting it back to all 1's is an erase, and an erase causes wear.
You'd need to do that "erase-write" cycle many thousand times before a new error shows up. Majority of Flash in the industry has no error correction; it just works - every single bit of it.
When you test for specific hardware behavior as a means of authentication, it's always a good idea to include speed measurements & checks in your code. That way, it's harder for the emulator to fake stuff.
Give me an eval board of a microcontroller with a USB device interface and a week of time, and you will get all of that and more. As matter of fact, I have an AVR32UC3A based board here that I built myself. I can plug it into a PC and it will do whatever the code in the MCU tells it to do, including emulating a mass storage class device with any defects you want. The attacker doesn't even need to order a board built, he can buy one off the shelf.
It sounds an alarm when your eyes are closed for more than a blink. I'd welcome this, as any sane person should.
There are several problems here.
The first problem is that tired people are not necessarily closing their eyes. What happens is that they drift away in their thoughts and lose concentration; they keep looking but stop seeing. A camera like that can't help here. An EEG helmet might be more effective but totally impractical.
The second problem is that in southern states (CA to FL) you must use dark sunglasses from 6am to 8pm during summer (and a bit less during winter) simply because there is too much of sunlight here. How is the camera going to see through the dark lenses of those glasses, and reject reflections at the same time? And at night, with glasses or without, it's too dark for the camera to see the driver's eyes anyway.