Just did that. But I'd done it already, and Google claims my web history is "paused". Which probably means they will "unpause" it silently at some future time.
There's this annoying trend towards invisible buttons for things web sites don't want you to do. There's no obvious "sign out" button for Google now. Clicking on your user name will get you to a sign-out option, but it's not obvious. Facebook actually has invisible buttons for opting out of ads. (They're at the right of the ad headline. Mouse over that blank area and a "x" will appear. Click on the "x" and some opt-out options will appear. They don't actually make the advertiser go away, though.)
The simple fact is that one guy cannot implement a modern search engine, despite our hopes for the continued relevance of the garage revolutionary.
No, but about 50 people can. Cuil was a business disaster, but they did do a search engine company with about 50 people and a rather modest data center. As of a few years ago, the core search engine team at Google was only about 100 people.
This is a type of index, not a type of database. See locally sensitive hashing. It's an efficient way to find keys which are "near" the search key in some sense.
Such a mechanism could be provided in a key/value store or an SQL database. It's even possible to do it on top of an SQL database. It's more powerful in a database that can do joins, because you can ask questions with several approximate keys.
This is an area of active research. Many machine-learning algorithms are scaled up by locally sensitive hashing, so they can work on big data.
NextBus has been providing real-time bus data for years, and doing it better than Google. NextBus did all the hard work to make this work - they developed the position-reporting boxes that go on buses over a decade ago, got transit systems to adopt their technology, and developed a prediction system that figures out when the next bus will show up, based on live data and history. They even put signs in bus shelters that tell when the next bus will arrive.
There was substantial opposition in the transit industry at first. Some transit agencies didn't want accurate data on their operation publicly available. Some of them still don't. But the ones that do find it useful. The transit agency gets all the bus data and can evaluate how their operation is working.
Then some clown writes an article as if Google invented the technology. This is more like the old MIcrosoft tactic of "embrace, extend, devour".
Scroogle is not a search engine. Scroogle is a hosted front end to Google. DuckDuckGo is a real search engine, one with good privacy policies and only one ad per page.
Canonical announced an EEEpc with Linux, and that never happened. I'm wary of Canonical claims that they're "partnering" with somebody, when the other "partner" doesn't announce the deal too. Where's the announcement from Google?
The best way I've found to do this is to have a non-obvious component actually doing the licensing evaluation (periodically as part of some normal functional operation) and if that fails to subtly screw up the operation of the software. You still want to have standard 'relatively easy to tear out' protection so that legitimate users get notifications of a bad configuration or license, but what you're trying to do is make the software useless for people pushing it on a torrent/warez site.
Yes. AutoCAD did that, back in the DOS era. There were several levels of protection. The first level checksummed the program during loading to detect a corrupted executable. That prevented any accidental error from triggering the deeper checks. Anyone attacking the software would first have to bypass the checksum code.
Further down were many other checks for changes to the protection code. These checks were executed randomly, based on the state of the program, at varying levels of odds. Some were executed every few minutes; some as infrequently as once a year on average. Some of them just made the program exit without saving. Some made subtle changes in the drawing data.
This destroyed the market for cracked versions of AutoCAD. No one trying to crack the software could ever be sure they'd found all the checks. There were dealers selling cracked versions as if they were real ones. Those guys had some very angry customers.
This was effective enough that it stopped piracy in Hong Kong and the USSR. The USSR eventually cut a deal with Autodesk for a bulk buy on a Cyrillic version.
3) Adobe, you want disregard for users? Try your stupid EULA clickthrough every time a new version of your PDF reader comes out.
It's worse than that. I often use machines at TechShop which run off a frozen deployed image of all the software. The first use of Adobe Reader each day on each machine produces that message.
Then Firefox complains that it wants to update itself. Then that Java runtime starter complains. Windows 7 itself at least comprehends that it's running from a frozen image and doesn't try to update itself.
Attempts to fix this problem usually seem to take the form of some abysmal hack to keep the program in memory when not in use. There's one of those memory hogs for OpenOffice, Microsoft Office, Photoshop, and Java. (Java's "jqs.exe" is particularly wasteful of resources. It tries to keep the whole Java environment in memory, deliberately causing page faults, even when there's been no use of Java in hours or weeks.) This is one of the reasons it seems to take gigabytes of memory to do anything today.
Nobody thinks much about linkers any more. That's part of the problem. What's needed is something that organizes the executable file so that the stuff you need to get going loads first, using one big read operation. Linkers which once did that were once common, but are now rare.
Then there's the DLL/shared object problem. Many programs need only a small part of some shared library, but requesting it either brings in the whole thing, or it gets loaded one page fault at a time.
Much of the problem is just bloat. Adobe's PDF reader (which is now unnecessary, since there are good alternatives) takes far too long to load for what it does. Most people don't need the text to speech system, or "WebBuy" (electronic commerce in PDF, a feature used by nobody), yet each adds a noticeable delay to startup.
Hooking something up to the "cloud" makes it worse. Then you get to wait for the server.
ReCAPTCHA needs to be retired. OCR is getting too good. ReCAPTCHA, remember, is using images from book scanning, ones that the OCR system couldn't recognize.
When ReCAPTCHA started, the text presented was usually an English word. Now, if the book scanning OCR system can't figure out something, it's probably not an English word. You're lucky if it's a sequence of characters found on an A-Z keyboard. People have reported ink blots, mathematical formulas, and Cyrillic.
Worse, ReCAPTCHA's idea of the "right" answer is crowdsourced. It's possible for bots to pollute the ReCAPTCHA database, by providing the same wrong answer more than once. You only have to get one of the words right, so if you can read one, a junk response for the other works. This goes into the database as a vote for the "right answer", to be presented to someone else later. I sometimes type "whatever" when one of the images is unreadable.
First of all, these are 15 feet across. That's huge. They also generate passive effects. The dish itself is a parabloic (sic) reflector, and for a unit of this size, can have unintended consequences on equipment located nearby. I don't understand quite how it all works, but the FCC requires permits for antennas above a certain db gain, and these would definately (sic) qualify for that.
It's a receive-only dish. Those don't emit RF. As reflectors, dishes have less effect than a flat surface, other than near their focus. (The focus is close to the dish, and that's where the receiving antenna and low-noise amplifier are mounted.)
Does Google Chrome have a cryptographic-grade random number generator with a good source of enthropy? Javascript math.random()is known to be predictable. Has someone with respected crypto qualifications checked over the code and signed off on it?
This is more like frantic efforts to find a use for a marginal technology.
Cameras on traffic lights are used for this now. These replace the old induction loops. The cameras
currently just look at rectangular areas to see if they have a car in them. Usually, a few rectangles are defined for each lane, to get a rough count of the number of cars waiting. Enhancing that technology to notice distant approaching cards, estimating their speed and arrival time, and adjusting signals accordingly, is a logical next step.
This isn't that helpful during heavy traffic periods, and the existing systems handle light traffic well. So it's probably not worth having a whole "intelligent car" scheme for this.
Unless it's a pay system, where you can pay for a faster green light.
What Nash seems to be describing is a feedback shift register. This has potential as a cryptosystem, but isn't a very good one. As the NSA pointed out, it "affords only limited security".
When Nash wrote this, Friedman had already developed the theory that allowed general cryptanalysis of rotor-type machines. But that was still highly classified. Friedman, of course, was responsible for breaking the Japanese "Purple" cypher, plus many others. Before Friedman, cryptanalysis was about guessing. After Friedman, it was about number crunching.
Friedman was the head cryptanalyst at NSA at the time.
Within NSA, it would have been known that a linear feedback shift register was a weak key generator. So this idea was, properly, rejected. At least NSA looked at it. Friedman's hard line on that subject was "No new encryption system is worth looking at unless it comes from someone who has already broken a very hard one."
The fact that a problem is NP-hard isn't enough to make it a good key generator. The Merkle-Hellman knapsack cryptosystem, the first public-key cryptosystem published, is based on an NP-hard problem. But, like many NP-hard problems, it's only NP-hard in the worst case. The average case is only P-hard. (Linear programming problems, and problems which can be converted to a linear programming problem, are like that.) So that public-key system was cracked.
We still don't have cryptosystems which are provably NP-hard for all cases. Factoring and elliptic curves are as good as it gets, and there's still the possibility that a breakthrough could make factoring easy.
Which registrars take the position contractually that the domain is the property of the registrant and will not be taken down without a court order? Find a registrar that doesn't have "sole discretion" language like this, from Network Solutions:
We may terminate this Agreement or any part of the Network Solutions services at any time
in the event you breach any obligation hereunder, fail to respond within ten (10) calendar days to an
inquiry from us concerning the accuracy or completeness of the information referred to in Section 4 of
this Agreement, if we determine in our sole discretion that you have violated the Network Solutions
Acceptable Use Policy... or for any other reason in Network Solutions' sole discretion upon written
notice to you.
Other failing registrars with "sole discretion" terms include NameKing, Register.com, Name.com, DomainIt, GoDaddy, eNom, Backslap, PairNIC, Best Registrar, Havaname LLC, DomainName, Tucows, Melborne IT...
It's just a thing that plugs into the OBD-II connector and translates some of the CAN bus signals to JSON over USB. It's read-only (probably a good thing). All you currently get is vehicle speed, powertrain torque, odometer, ignition status, door status, steering wheel position, fuel level, fuel consuption, and latitude/longitude (if available). You don't get any internal engine information, diagnostic codes, or maintenance info.
Compare the Scantool which plugs into the OBD-II connector and gives you full access to all the engine diagnostic data. They provide documentation on how to decode the bus data directly, and various "user friendly" applications for looking at it.
âoeThis is one of the reasons we (wanted to buy) T-Mobile, so we could build out the wireless spectrum and offer higher speeds and higher quality coverage to all of Kentucky, including Harlan County," Rateike said.
Yeah, right. As if Harlan County (pop. 33,200, area 498 square miles) could possibly have a spectrum shortage.
Harlan County is served by Appalachian Wireless, an independent outfit. They're rather retro ("Coming soon: 4G Wireless!") It's a mountainous and sparsely populated area. There are towns like Teaberry, KY, (pop. about 400) with no cell sites anywhere nearby.
I have been considering a move towards data analysis type jobs
Now that's a real possibility. "Big data" and the analysis thereof is a field in which there is high demand. A good way to start is to take the Stanford online class in machine learning. It's tough, but will give you an idea of what's possible and how to do it. You might be able to use the technology with your existing employer. Run a classifier to figure out which customers are likely to order something in the next month, and you'll have something they probably don't have now.
This requires math. At least calculus. It's not really that difficult mathematically, but you have to speak the language. (Personally I think the notation used by the machine learning people is awful. They have stuff like superscripts as indices, sometimes in the same equations that have exponents. Sometimes the math makes more sense in Matlab/Octave.)
This might violate the Computer Fraud and Abuse Act. The threshold phrase there is "exceeds authorized access". Explicitly bypassing a security measure is usually considered to satisfy that definition of criminal conduct.
Attempts to use the Computer Fraud and Abuse act have failed with regard to "Flash cookies", because the plaintiff was unable to show $5000 in damages, even across a large number of users. But since then,. Google has offered a deal where users give up their privacy for $25 in gift cards. Google has now put a price tag on privacy, which can be used as evidence against them in valuing future intrusions.
It's not just JotForms.
Google is now the leading site being exploited to host phishing pages. Google has reasonable defenses against phishing for their "sites" product. However, Google doesn't seem to have those protections on their document and spreadsheet products. Here's a fake login form hosted by Google. That's been up since 2010. Here's a fake login page hosted as a Google spreadsheet. Google allows unlimited HTML in a spreadsheet, which means it can be abused in this way. We have a full list, if anyone is interested.
"formbuddy.com" and "surveymonkey.com" can also be abused in this way. Formbuddy seems to kick phishing pages off quickly. Surveymonkey, not so good at this.
If you offer free hosting, and don't have aggressive anti-phishing controls in place, you will be pwned.
MySQL Cluster used to be a pay-only product. Is it free now?
(The setup with one MySQL master and N read-only slaves has been free for years. That powers Wikipedia, for example. It's not MySQL Cluster. A MySQL Cluster has multiple read-write machines.)
The obvious niche for Microsoft is the "Business Tablet". It's clear there's a market, but it's not clear how to do it. A few ideas:
Develop a system that works really well for a few hard jobs. Doctors and cops would be a good start. When those jobs can be made paperless with this tablet, it's ready for prime time.
Integrate camera usage into documents. This fits with the doctor and cop use case. Both groups use images, and need them associated with business documents.
Users are going to want to talk to both the external Internet and the employers' systems. An absolute security barrier is needed between those two security regions. The internal system side is locked down and under the control of corporate IT. The external side isn't. Anything that has to be moved across the barrier is sent up to a corporate firewall system, stripped down to raw text and images, logged, cleaned up, reformatted, re-encrypted, and sent back to the tablet.
Make the device rugged enough to survive being dropped and getting wet. (Just because Apple can't do it doesn't mean it can be done. The Casio GZone Commando does it. That thing comes with crappy software, but the hardware is fine.)
Slashdot Mirror
Just did that. But I'd done it already, and Google claims my web history is "paused". Which probably means they will "unpause" it silently at some future time.
There's this annoying trend towards invisible buttons for things web sites don't want you to do. There's no obvious "sign out" button for Google now. Clicking on your user name will get you to a sign-out option, but it's not obvious. Facebook actually has invisible buttons for opting out of ads. (They're at the right of the ad headline. Mouse over that blank area and a "x" will appear. Click on the "x" and some opt-out options will appear. They don't actually make the advertiser go away, though.)
The simple fact is that one guy cannot implement a modern search engine, despite our hopes for the continued relevance of the garage revolutionary.
No, but about 50 people can. Cuil was a business disaster, but they did do a search engine company with about 50 people and a rather modest data center. As of a few years ago, the core search engine team at Google was only about 100 people.
This is a type of index, not a type of database. See locally sensitive hashing. It's an efficient way to find keys which are "near" the search key in some sense.
Such a mechanism could be provided in a key/value store or an SQL database. It's even possible to do it on top of an SQL database. It's more powerful in a database that can do joins, because you can ask questions with several approximate keys.
This is an area of active research. Many machine-learning algorithms are scaled up by locally sensitive hashing, so they can work on big data.
NextBus has been providing real-time bus data for years, and doing it better than Google. NextBus did all the hard work to make this work - they developed the position-reporting boxes that go on buses over a decade ago, got transit systems to adopt their technology, and developed a prediction system that figures out when the next bus will show up, based on live data and history. They even put signs in bus shelters that tell when the next bus will arrive.
There was substantial opposition in the transit industry at first. Some transit agencies didn't want accurate data on their operation publicly available. Some of them still don't. But the ones that do find it useful. The transit agency gets all the bus data and can evaluate how their operation is working.
Then some clown writes an article as if Google invented the technology. This is more like the old MIcrosoft tactic of "embrace, extend, devour".
Scroogle is not a search engine. Scroogle is a hosted front end to Google. DuckDuckGo is a real search engine, one with good privacy policies and only one ad per page.
Canonical announced an EEEpc with Linux, and that never happened. I'm wary of Canonical claims that they're "partnering" with somebody, when the other "partner" doesn't announce the deal too. Where's the announcement from Google?
Kindly please shut up about it forever, or until it's available retail
Yes.
The best way I've found to do this is to have a non-obvious component actually doing the licensing evaluation (periodically as part of some normal functional operation) and if that fails to subtly screw up the operation of the software. You still want to have standard 'relatively easy to tear out' protection so that legitimate users get notifications of a bad configuration or license, but what you're trying to do is make the software useless for people pushing it on a torrent/warez site.
Yes. AutoCAD did that, back in the DOS era. There were several levels of protection. The first level checksummed the program during loading to detect a corrupted executable. That prevented any accidental error from triggering the deeper checks. Anyone attacking the software would first have to bypass the checksum code. Further down were many other checks for changes to the protection code. These checks were executed randomly, based on the state of the program, at varying levels of odds. Some were executed every few minutes; some as infrequently as once a year on average. Some of them just made the program exit without saving. Some made subtle changes in the drawing data.
This destroyed the market for cracked versions of AutoCAD. No one trying to crack the software could ever be sure they'd found all the checks. There were dealers selling cracked versions as if they were real ones. Those guys had some very angry customers.
This was effective enough that it stopped piracy in Hong Kong and the USSR. The USSR eventually cut a deal with Autodesk for a bulk buy on a Cyrillic version.
3) Adobe, you want disregard for users? Try your stupid EULA clickthrough every time a new version of your PDF reader comes out.
It's worse than that. I often use machines at TechShop which run off a frozen deployed image of all the software. The first use of Adobe Reader each day on each machine produces that message. Then Firefox complains that it wants to update itself. Then that Java runtime starter complains. Windows 7 itself at least comprehends that it's running from a frozen image and doesn't try to update itself.
Attempts to fix this problem usually seem to take the form of some abysmal hack to keep the program in memory when not in use. There's one of those memory hogs for OpenOffice, Microsoft Office, Photoshop, and Java. (Java's "jqs.exe" is particularly wasteful of resources. It tries to keep the whole Java environment in memory, deliberately causing page faults, even when there's been no use of Java in hours or weeks.) This is one of the reasons it seems to take gigabytes of memory to do anything today.
Nobody thinks much about linkers any more. That's part of the problem. What's needed is something that organizes the executable file so that the stuff you need to get going loads first, using one big read operation. Linkers which once did that were once common, but are now rare.
Then there's the DLL/shared object problem. Many programs need only a small part of some shared library, but requesting it either brings in the whole thing, or it gets loaded one page fault at a time.
Much of the problem is just bloat. Adobe's PDF reader (which is now unnecessary, since there are good alternatives) takes far too long to load for what it does. Most people don't need the text to speech system, or "WebBuy" (electronic commerce in PDF, a feature used by nobody), yet each adds a noticeable delay to startup.
Hooking something up to the "cloud" makes it worse. Then you get to wait for the server.
The CAPTCHA industry is not doing well.
ReCAPTCHA needs to be retired. OCR is getting too good. ReCAPTCHA, remember, is using images from book scanning, ones that the OCR system couldn't recognize. When ReCAPTCHA started, the text presented was usually an English word. Now, if the book scanning OCR system can't figure out something, it's probably not an English word. You're lucky if it's a sequence of characters found on an A-Z keyboard. People have reported ink blots, mathematical formulas, and Cyrillic.
Worse, ReCAPTCHA's idea of the "right" answer is crowdsourced. It's possible for bots to pollute the ReCAPTCHA database, by providing the same wrong answer more than once. You only have to get one of the words right, so if you can read one, a junk response for the other works. This goes into the database as a vote for the "right answer", to be presented to someone else later. I sometimes type "whatever" when one of the images is unreadable.
First of all, these are 15 feet across. That's huge. They also generate passive effects. The dish itself is a parabloic (sic) reflector, and for a unit of this size, can have unintended consequences on equipment located nearby. I don't understand quite how it all works, but the FCC requires permits for antennas above a certain db gain, and these would definately (sic) qualify for that.
It's a receive-only dish. Those don't emit RF. As reflectors, dishes have less effect than a flat surface, other than near their focus. (The focus is close to the dish, and that's where the receiving antenna and low-noise amplifier are mounted.)
Of course, they're essentially trying to do the same thing as NASA was trying to do in the 1960's minus the unknown factor.
Right. There's only so much you can do with chemical fuels. By 1970 or so, chemical rockets were about as good as they could ever get.
Nuclear rocket engines have been built and tested successfully, but for political reasons were not pursued.
Does Google Chrome have a cryptographic-grade random number generator with a good source of enthropy? Javascript math.random() is known to be predictable. Has someone with respected crypto qualifications checked over the code and signed off on it?
This is more like frantic efforts to find a use for a marginal technology.
Cameras on traffic lights are used for this now. These replace the old induction loops. The cameras currently just look at rectangular areas to see if they have a car in them. Usually, a few rectangles are defined for each lane, to get a rough count of the number of cars waiting. Enhancing that technology to notice distant approaching cards, estimating their speed and arrival time, and adjusting signals accordingly, is a logical next step.
This isn't that helpful during heavy traffic periods, and the existing systems handle light traffic well. So it's probably not worth having a whole "intelligent car" scheme for this.
Unless it's a pay system, where you can pay for a faster green light.
What Nash seems to be describing is a feedback shift register. This has potential as a cryptosystem, but isn't a very good one. As the NSA pointed out, it "affords only limited security".
When Nash wrote this, Friedman had already developed the theory that allowed general cryptanalysis of rotor-type machines. But that was still highly classified. Friedman, of course, was responsible for breaking the Japanese "Purple" cypher, plus many others. Before Friedman, cryptanalysis was about guessing. After Friedman, it was about number crunching.
Friedman was the head cryptanalyst at NSA at the time. Within NSA, it would have been known that a linear feedback shift register was a weak key generator. So this idea was, properly, rejected. At least NSA looked at it. Friedman's hard line on that subject was "No new encryption system is worth looking at unless it comes from someone who has already broken a very hard one."
The fact that a problem is NP-hard isn't enough to make it a good key generator. The Merkle-Hellman knapsack cryptosystem, the first public-key cryptosystem published, is based on an NP-hard problem. But, like many NP-hard problems, it's only NP-hard in the worst case. The average case is only P-hard. (Linear programming problems, and problems which can be converted to a linear programming problem, are like that.) So that public-key system was cracked.
We still don't have cryptosystems which are provably NP-hard for all cases. Factoring and elliptic curves are as good as it gets, and there's still the possibility that a breakthrough could make factoring easy.
Which registrars take the position contractually that the domain is the property of the registrant and will not be taken down without a court order? Find a registrar that doesn't have "sole discretion" language like this, from Network Solutions: We may terminate this Agreement or any part of the Network Solutions services at any time in the event you breach any obligation hereunder, fail to respond within ten (10) calendar days to an inquiry from us concerning the accuracy or completeness of the information referred to in Section 4 of this Agreement, if we determine in our sole discretion that you have violated the Network Solutions Acceptable Use Policy ... or for any other reason in Network Solutions' sole discretion upon written
notice to you.
Other failing registrars with "sole discretion" terms include NameKing, Register.com, Name.com, DomainIt, GoDaddy, eNom, Backslap, PairNIC, Best Registrar, Havaname LLC, DomainName, Tucows, Melborne IT...
It's just a thing that plugs into the OBD-II connector and translates some of the CAN bus signals to JSON over USB. It's read-only (probably a good thing). All you currently get is vehicle speed, powertrain torque, odometer, ignition status, door status, steering wheel position, fuel level, fuel consuption, and latitude/longitude (if available). You don't get any internal engine information, diagnostic codes, or maintenance info.
Compare the Scantool which plugs into the OBD-II connector and gives you full access to all the engine diagnostic data. They provide documentation on how to decode the bus data directly, and various "user friendly" applications for looking at it.
âoeThis is one of the reasons we (wanted to buy) T-Mobile, so we could build out the wireless spectrum and offer higher speeds and higher quality coverage to all of Kentucky, including Harlan County," Rateike said.
Yeah, right. As if Harlan County (pop. 33,200, area 498 square miles) could possibly have a spectrum shortage.
Harlan County is served by Appalachian Wireless, an independent outfit. They're rather retro ("Coming soon: 4G Wireless!") It's a mountainous and sparsely populated area. There are towns like Teaberry, KY, (pop. about 400) with no cell sites anywhere nearby.
I have been considering a move towards data analysis type jobs
Now that's a real possibility. "Big data" and the analysis thereof is a field in which there is high demand. A good way to start is to take the Stanford online class in machine learning. It's tough, but will give you an idea of what's possible and how to do it. You might be able to use the technology with your existing employer. Run a classifier to figure out which customers are likely to order something in the next month, and you'll have something they probably don't have now.
This requires math. At least calculus. It's not really that difficult mathematically, but you have to speak the language. (Personally I think the notation used by the machine learning people is awful. They have stuff like superscripts as indices, sometimes in the same equations that have exponents. Sometimes the math makes more sense in Matlab/Octave.)
This might violate the Computer Fraud and Abuse Act. The threshold phrase there is "exceeds authorized access". Explicitly bypassing a security measure is usually considered to satisfy that definition of criminal conduct.
Attempts to use the Computer Fraud and Abuse act have failed with regard to "Flash cookies", because the plaintiff was unable to show $5000 in damages, even across a large number of users. But since then,. Google has offered a deal where users give up their privacy for $25 in gift cards. Google has now put a price tag on privacy, which can be used as evidence against them in valuing future intrusions.
In the Battelle article, he admits he was blogging after drinking. Don't expect much.
It's not just JotForms. Google is now the leading site being exploited to host phishing pages. Google has reasonable defenses against phishing for their "sites" product. However, Google doesn't seem to have those protections on their document and spreadsheet products. Here's a fake login form hosted by Google. That's been up since 2010. Here's a fake login page hosted as a Google spreadsheet. Google allows unlimited HTML in a spreadsheet, which means it can be abused in this way. We have a full list, if anyone is interested.
"formbuddy.com" and "surveymonkey.com" can also be abused in this way. Formbuddy seems to kick phishing pages off quickly. Surveymonkey, not so good at this.
If you offer free hosting, and don't have aggressive anti-phishing controls in place, you will be pwned.
MySQL Cluster used to be a pay-only product. Is it free now?
(The setup with one MySQL master and N read-only slaves has been free for years. That powers Wikipedia, for example. It's not MySQL Cluster. A MySQL Cluster has multiple read-write machines.)
The obvious niche for Microsoft is the "Business Tablet". It's clear there's a market, but it's not clear how to do it. A few ideas: