The BitCoin ecosystem is composed of very flaky entities. The biggest "exchange", Mt. Gox, seems to be one person reachable only on IRC. They're a depository institution, and people have substantial balances with them. Not only are they not regulated, they don't even seem to have a business address.
The "exchanges" all seem to transfer funds in and out through even flakier services, like Liberty Reserve (somewhere in Costa Rica) and Dwolla (run out of a hackerspace in Des Moines). Neither is registered as a money transfer agency. What we're not seeing is some bank in Switzerland or Luxembourg, handling Bitcoins.
All these organizations are acting as depository institutions without a license to do so. None of them guarantees contractually that they will pay out funds within a set time. All are uninsured and unaudited. Most of them seem to be having some problems delivering cash lately now that there's been a crash in Bitcoins.
On top of this, the whole Bitcoin system is set up like a Ponzi scheme, where there's an advantage to getting in early.
It's probably already too late to get in, and it may be too late to get out.
However, a system where every room has it's own independent sensors and simple decision-makers may not fit Google's data-collection plans.
Actually, you do want to coordinate the whole building. The building-wide system for big buildings has information like wind direction and outside temperature. If there's a cold north wind, intakes can be opened on the north side to exploit it. If the sun is beating down on the west side and heating outside rooms there, air may be pumped from the hot side to the cold side. This sort of thing saves large amounts of fuel, just by working with outside conditions as much as possible.
There is, however, little justification for sending any of that info outside the building, except fault reports and summaries to the maintenance contractor.
That's not some inside server.
Look at their list of files. It's the Senate's outward-facing web server, "www.senate.gov". It also hosts the public web sites of individual senators. It looks like what you can see on a UNIX system with a guest account. Big deal. Every staffer on the Senate side has that much access.
They have the complete directory of all the paintings in the Capitol. The forms for registering as a lobbyist. Pictures of all the Senators. Lots of stuff for tourists. This session's voting results, in HTML. The base Apache config. Nothing exciting.
Home control has been around for a long time without catching on. I live in a house built in 1950, and it has "home control" - two rows of toggle switches in the kitchen and a large number of 3-way and 4-way toggle switches. There was even an override switch in the master bedroom that turned on all the outside lighting. (Those are now on motion detectors.)
In the 1960s, there was a fad for relay-controlled lighting and outlets, controlled through 24VAC relays. That never became popular, especially because the relays tended to burn out.
Then there was X10, the first major power-line based system, in the 1980s. Then Echelon, a better power-line system, in the 1990s. Then we had the "every light bulb gets an IPv6 address" crowd.
What's actually getting installed are non-networked wall switches with PIR motion detectors to turn off the lights when nobody is around. They do the job and take no user attention. Which is the whole point.
When there's nobody in the room, CO2 is low, and humidity on the supply duct is no higher than intake air. The system can then cut airflow to very low levels, let the temperature drop or rise a bit to save energy, and recycle most of the air. As soon as someone enters the room (there's often a motion sensor for this) the temperature margins tighten up to comfort levels and the airflow goes up a bit. If a lot of people enter the room, the CO2 and humidity levels start to climb, and the HVAC system cranks up fan speeds, cuts in chillers, and opens and closes dampers to compensate. Detection of CO (probably smokers) or VOCs (probably someone painting) means input airflow has to go way up and air has to be exhausted to the outside, not recycled. Smoke detection activates emergency modes and alarms.
Now that's doing it right, not some dork trying to operate the system from a touch screen.
If you turn off JavaScript and load the page, you get a big Adobe ad for Flash, followed by a long bullet list of links to HTML pages of plain text. The plain text is all there, but the links to the pictures and video are not.
The commercial market for net censorship is tiny. Most of the people making noise about this want the net censored for other people, not themselves. You can't sell a commercial product on that basis.
There's NetNanny, which is generally considered to be mediocre at its job, but does enough to make some parents happy. Smart kids can usually bypass it. The next step up is a Christian ISP, where filtering takes place at the ISP end. There are a few of those, but they're really tiny.
Interestingly, there is a market in "Kosher mobile phones". They're basic voice-only phones preloaded with a religious-artwork theme, sold to the ultra-Orthodox market. A similar product is offered for the comparable branches of Islam.
Why does an exchange need a physical location, apart from some hosting or colocation?
Because you need someone with identifiable assets whom you can sue. A "perception of trustworthiness" is not enough. Ponzi schemes have happy customers right up to the crash. See Bernard Madoff.
From the forum thread you cited, the reason for the delay appears to be daily API transfer limits imposed by Liberty Reserve, not cash-flow problems on the part of MtGox.
That's a problem for Mt Gox to solve. They, not the end user, chose Liberty Reserve as a payment system.
Then there's the problem of getting money out of Liberty Reserve, which requires a separate deal with a "money exchanger" (most of which seem to be in Russia or Nigeria) for which neither Mt. Gox nor Liberty Reserve takes responsibility.
Blaming other parties for delays in payment is typical of scam operations.
Update: The main "BitCoin exchange", Mt. Gox, gives no information about the business entity behind the exchange, not even an address. The site has only "Tibanne Co. Ltd. (Japan)", which is an ISP in Tokyo.
Mt. Gox is a depository institution - you have to deposit BitCoins to sell them, and after the trade, you now have credit in some currency with Mt. Gox. Then you have to get the money out of Mt. Gox. The withdrawal process is slow. Also, on one forum, there's the comment from a Mt. Gox staffer (?) "If we have a lot of LR activity (like, about now), withdraws will be put on hold and executed later (ie. the next day) in the order they were received." That just screams "Ponzi scheme". They're an exchange; if they're honest, they should never have a cash flow problem.
The more I look at the BitCoin financial infrastructure, the more it looks like the High Yield Investment Program scams. Multiple offshore entities, withdrawal limits, unexpected delays in payouts, anonymous businesses. HYIP schemes are notable for being difficult to cash out of. They have to be, because they're Ponzi schemes.
I'd worry about getting a real currency out of the system. After you've "sold" BitCoins, you have to get settlement in another currency. This is done through rather flakey outfits like Liberty Reserve, which requires arbitration in Costa Rica, or Dwolla, Inc, which gives no business address on their web site but is incorporated in Iowa with a business address of 1312 Locust St, Des Moines, IA 50309 - a boarded up building in Google StreetView.
Look at the Bitcoin price chart . This is a price-only 90 day chart. The site normally displays the price on top of the volume, which obfuscates the trend. Displayed in this form, the chart just screams "bubble".
Yesterday's drop takes the price back to where it was on June 6. Which is twice the price of June 1. Which is twice the price of May 1. Which is three times the price of April 4. Yesterday just happened to be the first big drop.
Patterns like that in something that doesn't generate revenue are usually associated with "High Yield Investment Programs" and Ponzi scams. One wonders how many Bitcoins the people behind this bought early.
Aiming higher is tough at $0.99. Although the future of gaming seems to be that the first one is almost free, but items cost money.
Looking ahead, what's coming? Visuals can continue to improve, but the limitation is the art budget.Movies can now have full photorealism. It just costs upwards of $30 million per hour of screen time. Crowdsourcing? Visit Second Life. Not that many people have the talent to do good art. Also, you need art direction to get a consistent look.
The big revolution in recent years has been better input, allowing the user to do more things. It used to be that the only thing you could do well in video games was shoot. Even moving was limited. Now there's dance, skateboarding, musical instruments, etc. That's progress.
Location-based entertainment could go further in that direction, but it's almost died out. The fighter-plane simulator centers are almost gone.
The success of Farmville amazes me. I can see that some people might like it, but the scale of the thing is far beyond what I would have expected. Happy Farm in China has even more users, but there it's people who moved from the farm to the city that form the bulk of the user base. This is an indication of the real future of gaming - new social money-extraction technologies.
I think I see what he's getting at. In the past few years, a few people have gotten rich doing something really dumb, but popular and scalable. Angry Birds, Farmville, and Twitter come to mind. (Not Facebook; there's a lot of heavy machinery behind the scenes making that go.) Google hasn't been doing that kind of thing. Some people think that's a problem.
In reality, Google has exactly the opposite problem. They've been frantically introducing cool "products" that don't make money. Meanwhile, quality has slipped over at the search engine, which generates almost all the revenue.
Basic truth: ads on a search engine are presented when someone is actively looking for something relevant to the ad, which means there's a reasonable chance of a sale. Ads on almost everything else are annoying interruptions. Google is in a really good business, one much better than "social". It's worth bearing in mind that Facebook only generates about 15% of the revenue of Google.
So having APIs which let people do quick little apps isn't going to affect Google's bottom line much. Sorry, hacker types.
This was a reasonable decision. Microsoft was willfully infringing, and their only defense was that some old version of the product which might have contained the patented technology might have been on sale a year before the patent was filed. Microsoft lost on that issue at trial. Microsoft then cooked up a legal theory that they only had to show a preponderance of the evidence to prevail, rather than having to overcome the statutory provision that issued patents are assumed valid. That was a a weak argument; both the plain text of the statute and previous decisions are against it. The Supreme Court slapped it down 8-0. I'm surprised the Court even took the case.
There's a whole history of early graphical user interfaces from the pre-computer and early computer era.
One of the neater ones was the Panama Canal lock control boards, built by General Electric in 1913. This was a long desk with a symbolic model of the locks. The water level in each lock is represented by the tall indicators. The lock gate positions are represented by aluminum pointers. The protective chain lifted into position to protect the first lock gates from a runaway ship was represented by a little metal chain. The locks themselves are represented by a long strip of blue-grey stone. (The first GUI theme!) The valves are controlled by water faucets, and the gates by handles.
All this is interlocked mechanically, so, for example, that the lock gates can't be opened unless the water levels are equal on both sides. The handles will physically not turn. That technology was borrowed from railroad signalling.
Another system of historical interest is General Railway Signal's NX interlocking system., from 1936. This is the very beginning of "user-friendly" GUIs. Previously, interlocked systems in railroad signalling, and the Panama Canal system, just prevented the operator from doing prohibited operations. NX was the first system which showed the operator all the currently valid options, let the user select one, and took care of the details of making it happen. It's well worked out. The operator selects the entrance point where a train is entering the interlocking. The system figures out all the currently valid exit points, taking into account other trains currently present, conflicting routes, etc., and lights up illuminated buttons on the track diagram for each currently allowed exit point. The operator then selects one exit point. The system then moves all the track switches as necessary, waits until they're set and locked in the correct position, then sets the signals along the route to clear. As the train passes through the interlocking, the signals change to "stop" behind it, and the track sections and switches are automatically freed up for other trains. At all times, there's at least one stopping distance of red-signaled track between any two trains, and any switch in a green-signaled section cannot be moved until the train clears it.
The New York City subway system still uses this technology, along with mechanical train stop devices at every signal which, if up, will hit an air valve on each subway car and stop the train.
There's a simulator if you're interested.
It's worth understanding the big display-board systems of the past. Many of them had better human interfaces than modern systems.
Defence in depth is a very good security practice. You accept that the first line of defence isn't going to be perfect, and build redundancy into the system.
That doesn't help for a monoculture, where all units have exactly the same defenses.
Back before rising spam levels made this unworkable, I used to have a catchall address for my domains. One of my domains in.com has the same name as a church school in ".co.uk". At the beginning of each term, I'd get some messages addressed to students who hadn't figured out the address yet, and I'd send back a canned reply.
One day I got a message titled "I am going to kill you tonight". This was a bit worrisome. Especially since my site predicted which dot-coms were going to go bust, based on their financials, and I routinely got threats. But those threats were usually from corporate lawyers and CFOs, and threatened litigation. After reading the message, though, it was clear it was aimed at some kid at the school.
This was shortly after Columbine, and it said tonight", so I felt I had to do something. I was able to get hold of someone at the school by phone, and they woke up the headmistress (8 hour time difference) and put her on the line. I read her the text of the message, and she immediately knew who it was. She told me it was a 12 year old kid, and the matter would be taken care of.
It's a good thing it was a UK school. In the US, a SWAT team probably would have been sent in.
If you need address space randomization, you're already broken. It just makes the dumber stack overflow exploits crash more.
The real question is "how much can an application do?". You have to assume that applications are hostile. Some of them will be. Some of them will have back doors. Some of them will have adware, spyware, remote updating, and similar attack vectors.
You need an OS that can reliably say no to an application. Apparently by "sandbox" the original author means "protected-mode operating system". Actually, what Apple does is to limit the privileges of each application when they sign it.
Apple's real security measure is developer intimidation. Because Apple can at will kick applications off the platform, smaller developers live in fear of being caught with a security hole.
and the highest paid employee was not allowed to be any more than 20x the lowest paid employee
Woodward Governor once had the restriction that the the CEO was paid 10x the amount of the lowest paid employee. That ended around the time Reagan took office.
Now that the Mac line is finally starting to make inroads in the corporate area, even saying that will hurt corporate adoption. Major companies do not want devices that connect to the "cloud", unless it's their in-house cloud. One of the great strengths of the Blackberry, and part of the reason for its business popularity, is that you can run your own Blackberry server, and the crypto keys are held within your own organization. If your business data is in the "cloud", it's probably being read by the NSA, the FBI, the CIA, Homeland Security, the intelligence services of China and Russia, your "cloud" vendor, and the Russian Business Network.
Slashdot Mirror
Convince me it's not a Ponzi scheme.
The BitCoin ecosystem is composed of very flaky entities. The biggest "exchange", Mt. Gox, seems to be one person reachable only on IRC. They're a depository institution, and people have substantial balances with them. Not only are they not regulated, they don't even seem to have a business address.
The "exchanges" all seem to transfer funds in and out through even flakier services, like Liberty Reserve (somewhere in Costa Rica) and Dwolla (run out of a hackerspace in Des Moines). Neither is registered as a money transfer agency. What we're not seeing is some bank in Switzerland or Luxembourg, handling Bitcoins.
All these organizations are acting as depository institutions without a license to do so. None of them guarantees contractually that they will pay out funds within a set time. All are uninsured and unaudited. Most of them seem to be having some problems delivering cash lately now that there's been a crash in Bitcoins.
On top of this, the whole Bitcoin system is set up like a Ponzi scheme, where there's an advantage to getting in early.
It's probably already too late to get in, and it may be too late to get out.
However, a system where every room has it's own independent sensors and simple decision-makers may not fit Google's data-collection plans.
Actually, you do want to coordinate the whole building. The building-wide system for big buildings has information like wind direction and outside temperature. If there's a cold north wind, intakes can be opened on the north side to exploit it. If the sun is beating down on the west side and heating outside rooms there, air may be pumped from the hot side to the cold side. This sort of thing saves large amounts of fuel, just by working with outside conditions as much as possible.
There is, however, little justification for sending any of that info outside the building, except fault reports and summaries to the maintenance contractor.
That's not some inside server. Look at their list of files. It's the Senate's outward-facing web server, "www.senate.gov". It also hosts the public web sites of individual senators. It looks like what you can see on a UNIX system with a guest account. Big deal. Every staffer on the Senate side has that much access.
They have the complete directory of all the paintings in the Capitol. The forms for registering as a lobbyist. Pictures of all the Senators. Lots of stuff for tourists. This session's voting results, in HTML. The base Apache config. Nothing exciting.
We'll just switch over to other well-supported Microsoft technologies, like Visual J++, for our PlaysForSure application.
Home control has been around for a long time without catching on. I live in a house built in 1950, and it has "home control" - two rows of toggle switches in the kitchen and a large number of 3-way and 4-way toggle switches. There was even an override switch in the master bedroom that turned on all the outside lighting. (Those are now on motion detectors.)
In the 1960s, there was a fad for relay-controlled lighting and outlets, controlled through 24VAC relays. That never became popular, especially because the relays tended to burn out.
Then there was X10, the first major power-line based system, in the 1980s. Then Echelon, a better power-line system, in the 1990s. Then we had the "every light bulb gets an IPv6 address" crowd.
What's actually getting installed are non-networked wall switches with PIR motion detectors to turn off the lights when nobody is around. They do the job and take no user attention. Which is the whole point.
This sort of thing makes more sense in industrial, office, and commercial buildings. There, though, the trend is not towards hooking everything to a remote control. It's adding sensors to make it fully automatic. You can get commercial devices that go in a return air duct and sense temperature, humidity, CO2, CO, volatile organic compounds, and smoke. Then the room just does the right thing.
When there's nobody in the room, CO2 is low, and humidity on the supply duct is no higher than intake air. The system can then cut airflow to very low levels, let the temperature drop or rise a bit to save energy, and recycle most of the air. As soon as someone enters the room (there's often a motion sensor for this) the temperature margins tighten up to comfort levels and the airflow goes up a bit. If a lot of people enter the room, the CO2 and humidity levels start to climb, and the HVAC system cranks up fan speeds, cuts in chillers, and opens and closes dampers to compensate. Detection of CO (probably smokers) or VOCs (probably someone painting) means input airflow has to go way up and air has to be exhausted to the outside, not recycled. Smoke detection activates emergency modes and alarms.
Now that's doing it right, not some dork trying to operate the system from a touch screen.
Really. Just use Google Video search, with SafeSearch turned off. Porn has gone ad-supported, like all other forms of content.
(If only the music industry would figure that out.)
If you turn off JavaScript and load the page, you get a big Adobe ad for Flash, followed by a long bullet list of links to HTML pages of plain text. The plain text is all there, but the links to the pictures and video are not.
The commercial market for net censorship is tiny. Most of the people making noise about this want the net censored for other people, not themselves. You can't sell a commercial product on that basis.
There's NetNanny, which is generally considered to be mediocre at its job, but does enough to make some parents happy. Smart kids can usually bypass it. The next step up is a Christian ISP, where filtering takes place at the ISP end. There are a few of those, but they're really tiny.
Interestingly, there is a market in "Kosher mobile phones". They're basic voice-only phones preloaded with a religious-artwork theme, sold to the ultra-Orthodox market. A similar product is offered for the comparable branches of Islam.
Bitcoin now at $11.01, down from $28.92 at Friday's open. No further comment necessary.
Why does an exchange need a physical location, apart from some hosting or colocation?
Because you need someone with identifiable assets whom you can sue. A "perception of trustworthiness" is not enough. Ponzi schemes have happy customers right up to the crash. See Bernard Madoff.
From the forum thread you cited, the reason for the delay appears to be daily API transfer limits imposed by Liberty Reserve, not cash-flow problems on the part of MtGox.
That's a problem for Mt Gox to solve. They, not the end user, chose Liberty Reserve as a payment system. Then there's the problem of getting money out of Liberty Reserve, which requires a separate deal with a "money exchanger" (most of which seem to be in Russia or Nigeria) for which neither Mt. Gox nor Liberty Reserve takes responsibility.
Blaming other parties for delays in payment is typical of scam operations.
Update: The main "BitCoin exchange", Mt. Gox, gives no information about the business entity behind the exchange, not even an address. The site has only "Tibanne Co. Ltd. (Japan)", which is an ISP in Tokyo.
Mt. Gox is a depository institution - you have to deposit BitCoins to sell them, and after the trade, you now have credit in some currency with Mt. Gox. Then you have to get the money out of Mt. Gox. The withdrawal process is slow. Also, on one forum, there's the comment from a Mt. Gox staffer (?) "If we have a lot of LR activity (like, about now), withdraws will be put on hold and executed later (ie. the next day) in the order they were received." That just screams "Ponzi scheme". They're an exchange; if they're honest, they should never have a cash flow problem.
The more I look at the BitCoin financial infrastructure, the more it looks like the High Yield Investment Program scams. Multiple offshore entities, withdrawal limits, unexpected delays in payouts, anonymous businesses. HYIP schemes are notable for being difficult to cash out of. They have to be, because they're Ponzi schemes.
Update: 1312 Locust has been redeveloped since Google drove by. Dwolla may be located there, in the hacker space Foundry Co-Working.. But no hard confirmation of a physical location yet.
Opened today at $23.95, current price $16.75.
I'd worry about getting a real currency out of the system. After you've "sold" BitCoins, you have to get settlement in another currency. This is done through rather flakey outfits like Liberty Reserve, which requires arbitration in Costa Rica, or Dwolla, Inc, which gives no business address on their web site but is incorporated in Iowa with a business address of 1312 Locust St, Des Moines, IA 50309 - a boarded up building in Google StreetView.
Look at the Bitcoin price chart . This is a price-only 90 day chart. The site normally displays the price on top of the volume, which obfuscates the trend. Displayed in this form, the chart just screams "bubble".
Yesterday's drop takes the price back to where it was on June 6. Which is twice the price of June 1. Which is twice the price of May 1. Which is three times the price of April 4. Yesterday just happened to be the first big drop.
Patterns like that in something that doesn't generate revenue are usually associated with "High Yield Investment Programs" and Ponzi scams. One wonders how many Bitcoins the people behind this bought early.
The story link is to "blogads.com". So this story is probably a spam.
Aiming higher is tough at $0.99. Although the future of gaming seems to be that the first one is almost free, but items cost money.
Looking ahead, what's coming? Visuals can continue to improve, but the limitation is the art budget.Movies can now have full photorealism. It just costs upwards of $30 million per hour of screen time. Crowdsourcing? Visit Second Life. Not that many people have the talent to do good art. Also, you need art direction to get a consistent look.
The big revolution in recent years has been better input, allowing the user to do more things. It used to be that the only thing you could do well in video games was shoot. Even moving was limited. Now there's dance, skateboarding, musical instruments, etc. That's progress.
Location-based entertainment could go further in that direction, but it's almost died out. The fighter-plane simulator centers are almost gone.
The success of Farmville amazes me. I can see that some people might like it, but the scale of the thing is far beyond what I would have expected. Happy Farm in China has even more users, but there it's people who moved from the farm to the city that form the bulk of the user base. This is an indication of the real future of gaming - new social money-extraction technologies.
I think I see what he's getting at. In the past few years, a few people have gotten rich doing something really dumb, but popular and scalable. Angry Birds, Farmville, and Twitter come to mind. (Not Facebook; there's a lot of heavy machinery behind the scenes making that go.) Google hasn't been doing that kind of thing. Some people think that's a problem.
In reality, Google has exactly the opposite problem. They've been frantically introducing cool "products" that don't make money. Meanwhile, quality has slipped over at the search engine, which generates almost all the revenue.
Basic truth: ads on a search engine are presented when someone is actively looking for something relevant to the ad, which means there's a reasonable chance of a sale. Ads on almost everything else are annoying interruptions. Google is in a really good business, one much better than "social". It's worth bearing in mind that Facebook only generates about 15% of the revenue of Google.
So having APIs which let people do quick little apps isn't going to affect Google's bottom line much. Sorry, hacker types.
This was a reasonable decision. Microsoft was willfully infringing, and their only defense was that some old version of the product which might have contained the patented technology might have been on sale a year before the patent was filed. Microsoft lost on that issue at trial. Microsoft then cooked up a legal theory that they only had to show a preponderance of the evidence to prevail, rather than having to overcome the statutory provision that issued patents are assumed valid. That was a a weak argument; both the plain text of the statute and previous decisions are against it. The Supreme Court slapped it down 8-0. I'm surprised the Court even took the case.
This isn't a major decision in patent law, like Bilski or Zoltek. It doesn't change policy. Read "Microsoft v. i4i: Supreme Court Affirms Strong Presumption of Patent Validity " on PatentlyO.
The article re-hashes the obvious.
There's a whole history of early graphical user interfaces from the pre-computer and early computer era.
One of the neater ones was the Panama Canal lock control boards, built by General Electric in 1913. This was a long desk with a symbolic model of the locks. The water level in each lock is represented by the tall indicators. The lock gate positions are represented by aluminum pointers. The protective chain lifted into position to protect the first lock gates from a runaway ship was represented by a little metal chain. The locks themselves are represented by a long strip of blue-grey stone. (The first GUI theme!) The valves are controlled by water faucets, and the gates by handles.
All this is interlocked mechanically, so, for example, that the lock gates can't be opened unless the water levels are equal on both sides. The handles will physically not turn. That technology was borrowed from railroad signalling.
Another system of historical interest is General Railway Signal's NX interlocking system., from 1936. This is the very beginning of "user-friendly" GUIs. Previously, interlocked systems in railroad signalling, and the Panama Canal system, just prevented the operator from doing prohibited operations. NX was the first system which showed the operator all the currently valid options, let the user select one, and took care of the details of making it happen. It's well worked out. The operator selects the entrance point where a train is entering the interlocking. The system figures out all the currently valid exit points, taking into account other trains currently present, conflicting routes, etc., and lights up illuminated buttons on the track diagram for each currently allowed exit point. The operator then selects one exit point. The system then moves all the track switches as necessary, waits until they're set and locked in the correct position, then sets the signals along the route to clear. As the train passes through the interlocking, the signals change to "stop" behind it, and the track sections and switches are automatically freed up for other trains. At all times, there's at least one stopping distance of red-signaled track between any two trains, and any switch in a green-signaled section cannot be moved until the train clears it. The New York City subway system still uses this technology, along with mechanical train stop devices at every signal which, if up, will hit an air valve on each subway car and stop the train. There's a simulator if you're interested.
It's worth understanding the big display-board systems of the past. Many of them had better human interfaces than modern systems.
Defence in depth is a very good security practice. You accept that the first line of defence isn't going to be perfect, and build redundancy into the system.
That doesn't help for a monoculture, where all units have exactly the same defenses.
Back before rising spam levels made this unworkable, I used to have a catchall address for my domains. One of my domains in .com has the same name as a church school in ".co.uk". At the beginning of each term, I'd get some messages addressed to students who hadn't figured out the address yet, and I'd send back a canned reply.
One day I got a message titled "I am going to kill you tonight". This was a bit worrisome. Especially since my site predicted which dot-coms were going to go bust, based on their financials, and I routinely got threats. But those threats were usually from corporate lawyers and CFOs, and threatened litigation. After reading the message, though, it was clear it was aimed at some kid at the school.
This was shortly after Columbine, and it said tonight", so I felt I had to do something. I was able to get hold of someone at the school by phone, and they woke up the headmistress (8 hour time difference) and put her on the line. I read her the text of the message, and she immediately knew who it was. She told me it was a 12 year old kid, and the matter would be taken care of.
It's a good thing it was a UK school. In the US, a SWAT team probably would have been sent in.
If you need address space randomization, you're already broken. It just makes the dumber stack overflow exploits crash more.
The real question is "how much can an application do?". You have to assume that applications are hostile. Some of them will be. Some of them will have back doors. Some of them will have adware, spyware, remote updating, and similar attack vectors.
You need an OS that can reliably say no to an application. Apparently by "sandbox" the original author means "protected-mode operating system". Actually, what Apple does is to limit the privileges of each application when they sign it.
Apple's real security measure is developer intimidation. Because Apple can at will kick applications off the platform, smaller developers live in fear of being caught with a security hole.
and the highest paid employee was not allowed to be any more than 20x the lowest paid employee
Woodward Governor once had the restriction that the the CEO was paid 10x the amount of the lowest paid employee. That ended around the time Reagan took office.
Now that the Mac line is finally starting to make inroads in the corporate area, even saying that will hurt corporate adoption. Major companies do not want devices that connect to the "cloud", unless it's their in-house cloud. One of the great strengths of the Blackberry, and part of the reason for its business popularity, is that you can run your own Blackberry server, and the crypto keys are held within your own organization. If your business data is in the "cloud", it's probably being read by the NSA, the FBI, the CIA, Homeland Security, the intelligence services of China and Russia, your "cloud" vendor, and the Russian Business Network.
Maybe Jobs is just losing it.