And Sony will likely be doing pretty much the same as Microsoft. Surreptitious checks for mods when you sign in or play certain games. I doubt they'd give a crap about mods if it were just some guy wanting to install XBMC or an MKV player. Reality says it's because 99.9% of mods will be used to facilitate piracy. So obviously they're treating it seriously. The whole drivel about a "backdoor" last week was probably preparation for an additional challenge / response step during PSN signon.
Without salt all duplicate passwords share the same hash. That's the first problem. So if 30000 of your users share the same password you've cut the amount of work the attacker has to do. Once they dictionary attack one password they have all 30000 because the hash is the same.
The greater benefit is that unless the attacker knows how the salt was created and applied (e.g. prepended / appended), you stop dictionary attacks dead in their tracks. e.g. my salted hash might be a hash of the registered email address + plaintext password + some secret string of a random nature.
That means that even if the attacker stole my database they would not be able to dictionary attack it unless they also had the secret key. So at a minimum the secret should not reside in the same db as the hashes. Better yet, the hasher should not reside in the same process as the login server, better yet it should be on a different, protected box with a well defined API.
Jamming trucks would be a more effective means. Jam the frequencies used by the civilian gear but leave open those for the military or similar.
Trucks with detectors equipement and men in the back with large sticks would be more effective again. Drive around, find an active signal, men jump out the back and smash the kit to bits and beat the shit of anyone running it.
Actually it's more amazing how a well described, reproducible error which illustrates a security flaw gives rise to a fix. Sounds like the previous bugs were too vague to isolate the issue. Bug databases always end up with bugs like that. Go look how many bugs Firefox has open on it for example.
That fragmentation is called choice. Want a 7" tablet? You got it. Want a tablet which can play any media format you can throw at it? You got it. Want an cheapo tablet for ereading? You got it. Tablets from all manufacturers at all price points available for sale from countless online stores. All competing on price, performance, features, value, form factor, build quality, support.
At the end of the day they're still android apps and they all share a large common amount of functionality. That's what the CDD is there to ensure. Problem is that the existing CDD was designed for phone handsets and it needs to be revised.
I don't really see the issue. Every app must already declare what permissions it needs, what API level it supports, what screen sizes it supports, what features (hardware) it uses or requires. It does this in a manifest file that is part of the apk. When you fire up Marketplace it already filters out apps based on these declarations. So if my game requires a 800x400 screen it won't appear to someone looking from a lower res device. If I look at marketplace from my 1.6 device I won't see apps that use 2.1 APIs.
The same applies to hardware. For example Google Maps might say in its manifest that it can use GPS but doesn't require GPS and will therefore work with reduced functionality from a device with no GPS.
So basically there is no longer any reason to make features like GPS, compass, accelerometers, NFC, etc mandatory. Apps which absolutely need these things can say so. Devices which don't supply them won't see them in the market place. That probably still leaves 95% of the app store intact because most apps don't need such sweeping use of hardware in the first place.
It should also be a good thing in general because it encourages apps to ask for the bare minimum of permissions and not a thing more. Otherwise they risk losing potential customers.
Well yes they have. The Archos 101 costs about 3/5 the price of an iPad and demonstrates if you produce a tablet that ditches some of the superfluous stuff you can still produce a usable 10" tablet with wifi, capacitive screen etc. Let's face it, at the end of the day tablets are largely going to be used for browsing, email, notes, videos, music.
The biggest issue with the Archos is it's not compatible with the CDD so it doesn't ship with the Marketplace app. I expect from 2.3 onwards Archos could release devices which are compatible because the CDD is looser now than it was so things like GPS, compass, etc. are no longer mandatory requirements.
There is no reason for any tablet to cost this much. At worst they should cost the same as an iPad. More realistically they should ditch some of the superfluous features (GPS etc.) and concentrate on a functional tablet at more affordable price point.
Part of me wonders if this isn't some kind of ruse, that they're saying $799 because they'll actually flog it at $499 on some phone plan and people will be dumb enough to think they're getting a bargain. Regardless, it's way, way, too much money.
I'm aware of the wand / stylus and of software workarounds. I'm also aware that no amount of software is going to tell the difference between me accidentally brushing my hand and the tip of a wand. It will be very easy to confuse the software where it will ignore legitimate input or misinterpret inadvertant input.
My point also coincides with this article that more or less demonstrates my point. The problem is clearly hard enough that Apple have filed a patent for a solution. Just look at the solution! A weird ass pen with a jointed floaty disk on one end and accelerometers. Plus a bunch of software.
All to make a pen which will presumably cost $$$ and all to approximate what a resistive screen would offer out of the box. That was the point I was making. Resistive is sometimes better where note taking is a critical requirement of a device. I'd add that there are hybrid screens that could offer resistive style input with capacitive for light touch so it's not necessarily either / or.
No, because they are multi-touch touching another part of the screen doesn't interfere with the writing, iOS is smart enough to do things like that by default (even if it wasn't you could just pull the touch that's look like writing of the array programmatically dropping what look like accidental touches.) The iPad has other strong points that makes it good for hospitals: it is lightweight, portable, strong developer base, relatively easy to develop custom applications for, network connected and above all has a battery that lasts an entire shift worth of use.
Writing in a capacitive screen is a disaster. You need a wand like device and software which filters out extraneous false inputs like a person holding the device, accidentally brushing the screen or whatever. I don't believe for a second that the solution even with filtering would be tolderable.
As for the iPad's other attributes I'd say they're debateable. Organisations like serviceable machines which is why devices like Thinkpads are so popular. The iPad is anything but serviceable - if you break it (e.g. by letting it fall off a hospital bed) you throw it away and buy a new one.
Bullshit. You can't bring down cost by ordering a small run of custom hardware even if it is "simpler" (what does a GPS chip really cost wholesale.) Some low cost Taiwanese company would've done it by now if that were true. No one can touch Apple on price because A: they've got the market cornered on some components and B: due to their success they can order in quantities other companies can only dream of (at the moment?).
Yes and some low cost Chinese companies have already done it. You can buy Android tablets for $100 on ebay. Awful tablets but tablets nonetheless. There is ample opportunity for a functional tablets in the $200-300 range.
GPS, compass, accelerometers, rear facing camera, aluminium case, 16Gb are not critical to a tablet which is going to be used for some casual browsing, movies and email. The Archos 101 is already out and favourably reviewed. It demonstrates a perfectly functional tablet with capacitive 10" screen doesn't have to cost anything close to an iPad. Next year will see many such tablets, running Android 3.0 too.
Exactly. Manufacturers are taking the piss with their prices at the minute. I read today that the Motorola Xoom will cost $800. I cannot even fathom where they plucked that figure from unless they've stuck an absurdly high MSRP to make the under-contract Xooms look ever-so more reasonable at $400 or whatever.
I think AOL knows the writing is on the wall for their service. It costs a lot of money to run and their user base is literally dying off. It must be an expensive pain in the ass to maintain that client, and run all those dialups and field support calls, and an infrastructure of mail servers, and put content into the thick client to justify its existence. At some point the user base will drop below a point that it is economical to do and they'll kill the service in phases.
I think AOL are smart to diversify. There is a lot of money to be made from selling advertising space in blogs and the like and they must be relatively cheap to buy and run compared to old media websites.
Huffington Post's biggest claim to fame in recent years has been as a haven for the anti-vaccination lunacy of retards like Jenny McCarthy, Dana Ullman, and followers of Andrew Wakefield.
The HP might be fine for political commentary but it is a haven for quacks, woos and snakeoil salesmen peddling all kinds of pseudo scientific new age nonsense. It is as anti-science and anti-reality. Not surprisingly many liberals, especially scientists and academics are as ashamed by what the HP promotes as conservatives are of creationist drool that infects their blogs.
1) Tablets are NOT being adopted by many tech companies because they are worthless for doing actual work on.
Tablets are largely consumption devices. Slapping a virtual keyboard, or even a keyboard stand doesn't make them drop in replacement for PCs.
However I fully expect that when Microsoft produce a tablet that it *could* be a drop in replacement. We know they're porting Windows to ARM. It's not hard to envisage they device a tablet shell for conventional tablet like stuff, but plug the device into a dock and suddenly you get a Windows desktop. It could be an incredibly powerful arrangement. Biggest fly in the ointment is ARM != x86 and how do they port / emulate all those x86 apps. That's a problem I have seen an adequate answer to.
2) Most Android based tablets kick the crap out of the iPad, hardware and software-wise.
Hmm not yet. I like android a lot but the first wave of devices were either a) crappo chinese knockoffs, b) expensive close but no cigar efforts like the Tab. I think the closest IMO was the Archos 101 which is about 3/5 the cost of the iPad but offers pretty similar functionality. On the software side, Android is fine but it's clear it will take Android 3.0 to bring it up to snuff. Possibly a 3.1.
3) Resistive touchscreens are superior to capacitive touchscreens in many ways.
I agree they are in some ways. I laugh when I hear puff pieces about of schools or hospitals using an iPad. How exactly do they scribble notes on their tablets? The answer is they can't because they're capacitive. A resistive screen would allow a user to tap or write with a stylus. You can buy wands for capacitive screens but you have to fastidiously avoid touching any other part of the screen while you write.
If handwriting is a requirement the screen has to be resistive. I realise of course for general use that resistive leaves something to be desired.
4) Calling the Samsung Galaxy Tab a glorified Android smartphone when the iPad is just a glorified iPhone is ridiculous and hypocritical
I think it's worse with the Tab because Samsung implemented a bunch of crap like GPS, compass, rear facing camera, etc. merely to keep the Android CDD happy. They literally had to make it a giant phone or they couldn't ship with the Android marketplace app or Google apps. I hope Android 3.0 has a CDD that allows tablets a lot more leeway to choose what features they include.
There is no reason that a decent tablet shouldn't retail for half of what an iPad costs and in part that could be achieved by jettisoning superfluous or redundant hardware.
Android has a compatible device document which determines if a device is eligible to receive the marketplace app and by extension all the google apps. Features like compass, GPS, camera etc. were all mandatory in
So the market has split into two camps. The el cheapo tablets and Archos tablets sit in the incompatible camp and suffer from lack of marketplace. The Galaxy Tab and Dell Streak sit in the compatible camp but suffer from bloated price which is unattractive to buyers. This probably explains why the Tab is suffering so much. Apparently the 2.3 CDD loosens up some requirements, but it's too late for most tablets. Perhaps the Archos devices might be able to upgrade to 2.3 become certified.
So I hope when Android 3.0 turns up that in addition to making the UI more friendly it also addresses the CDD. GPS, compass etc. are nice to haves. The basic tablet spec should not force them. But perhaps it should specify extended profiles for PMPs, ereaders etc. For example, perhaps a "media" tablet profile might mandate more codecs, while an ereader tablet might specify certain screen visibility characteristics, possibly even allowing for e-ink displays.
The point being that Android is growing up but the CDD has long been an impediment and it needs to be improved.
Also there are people who are immune compromised or have other contraindications and cannot be vaccinated, and young kids, and new strains of disease that vaccinated people are only partially resistant to.
Vaccination should be considered a duty of care issue. By not vaccinating you put other people are risk. Anti-vax idiots should be done for assault or manslaughter if it can be reasonably proven that their neglect caused their kid or anyone person to contract a serious communicable disease.
How I laugh at all the holier than thou idiots on Slashdot, who really don't want to look at things objectively at all. You lap up whatever the shills in the media tell you, then lambast anybody intelligent enough to question it...
Wow you're paranoid and stupid. The benefits of vaccination are obvious. Whether your paranoia fuelled incredulity can accept it is neither here nor there.
One minute it's the MMR vaccines that cause autism, then it's the mercury based preservatives, then it's the amount of shots kids get, blah blah blah. Basically all the reasons have been refuted by scientific studies (Denmark was used quite often as they keep medical records on all their citizens).
That's because anti-vaxxers are like creationists, 9/11 truthers, holocaust deniers etc. They don't have any evidence so they make unfounded assertions and if one is pounded to dust they move onto the next and go through them in rotation. It's like whack a mole really.
I'm glad he said it. Anti vaccination groups have blood on their hands. They've killed people. If a corporation killed people through some faulty product the board of directors would be up for corporate manslaughter. Why shouldn't the same hold for anti-vax advice?
That you "did it by accident" is a lolclause that will get you slapped by a judge in court. I mean he will literally climb over the bench, reach out, and slap you for being such an ignorant jackass as to try.
Assuming it got to court, you'd have a far easier case proving willful copyright infringement if the person had to hack your commercially packaged app, remove the content protections and repackaged it. As opposed to just checking out the source and hitting "make". Even if you could prove your case that it was infringement It could obviously affect the damages that were awarded.
I think it's just common sense that you don't bundle the two parts in the same place.
If gibberish words are turning up the same artificial results then clearly their toolbar is scraping results from the browser. How can they even deny it?
I suppose they should be glad Google just outed them rather than using this surreptitious sniffer to salt Bing's search results with a bunch of crap results.
While I agree this is probably the situation I have to wonder how the pirates managed to get the copyrighted material. Did the authors check it into the same tree as the game source? It would seem to be a tad foolhardy if they did since it gives the pirates an excuse. Oops we made a genuine mistake.
It would be better to put some stub test graphics / levels in with the source and keep the actual game assets completely and totally separate. It wouldn't hurt either to pack them up in a way which cannot be read be read by the standard GPL version of the game. For example, encrypt them or change the file format in some significant way so they just don't read. This again would relieve pirates of the excuse that they did it by accident.
And Sony will likely be doing pretty much the same as Microsoft. Surreptitious checks for mods when you sign in or play certain games. I doubt they'd give a crap about mods if it were just some guy wanting to install XBMC or an MKV player. Reality says it's because 99.9% of mods will be used to facilitate piracy. So obviously they're treating it seriously. The whole drivel about a "backdoor" last week was probably preparation for an additional challenge / response step during PSN signon.
Perhaps you should make a stand by buying a 360 or Wii instead, where they welcome pirates with open arms. Or not.
The greater benefit is that unless the attacker knows how the salt was created and applied (e.g. prepended / appended), you stop dictionary attacks dead in their tracks. e.g. my salted hash might be a hash of the registered email address + plaintext password + some secret string of a random nature.
That means that even if the attacker stole my database they would not be able to dictionary attack it unless they also had the secret key. So at a minimum the secret should not reside in the same db as the hashes. Better yet, the hasher should not reside in the same process as the login server, better yet it should be on a different, protected box with a well defined API.
Just kit out the country with One Laptop Per Child laptops. All the kiddies will form the mesh for you.
Trucks with detectors equipement and men in the back with large sticks would be more effective again. Drive around, find an active signal, men jump out the back and smash the kit to bits and beat the shit of anyone running it.
Actually it's more amazing how a well described, reproducible error which illustrates a security flaw gives rise to a fix. Sounds like the previous bugs were too vague to isolate the issue. Bug databases always end up with bugs like that. Go look how many bugs Firefox has open on it for example.
At the end of the day they're still android apps and they all share a large common amount of functionality. That's what the CDD is there to ensure. Problem is that the existing CDD was designed for phone handsets and it needs to be revised.
The same applies to hardware. For example Google Maps might say in its manifest that it can use GPS but doesn't require GPS and will therefore work with reduced functionality from a device with no GPS.
So basically there is no longer any reason to make features like GPS, compass, accelerometers, NFC, etc mandatory. Apps which absolutely need these things can say so. Devices which don't supply them won't see them in the market place. That probably still leaves 95% of the app store intact because most apps don't need such sweeping use of hardware in the first place.
It should also be a good thing in general because it encourages apps to ask for the bare minimum of permissions and not a thing more. Otherwise they risk losing potential customers.
The biggest issue with the Archos is it's not compatible with the CDD so it doesn't ship with the Marketplace app. I expect from 2.3 onwards Archos could release devices which are compatible because the CDD is looser now than it was so things like GPS, compass, etc. are no longer mandatory requirements.
Part of me wonders if this isn't some kind of ruse, that they're saying $799 because they'll actually flog it at $499 on some phone plan and people will be dumb enough to think they're getting a bargain. Regardless, it's way, way, too much money.
My point also coincides with this article that more or less demonstrates my point. The problem is clearly hard enough that Apple have filed a patent for a solution. Just look at the solution! A weird ass pen with a jointed floaty disk on one end and accelerometers. Plus a bunch of software.
All to make a pen which will presumably cost $$$ and all to approximate what a resistive screen would offer out of the box. That was the point I was making. Resistive is sometimes better where note taking is a critical requirement of a device. I'd add that there are hybrid screens that could offer resistive style input with capacitive for light touch so it's not necessarily either / or.
No, because they are multi-touch touching another part of the screen doesn't interfere with the writing, iOS is smart enough to do things like that by default (even if it wasn't you could just pull the touch that's look like writing of the array programmatically dropping what look like accidental touches.) The iPad has other strong points that makes it good for hospitals: it is lightweight, portable, strong developer base, relatively easy to develop custom applications for, network connected and above all has a battery that lasts an entire shift worth of use.
Writing in a capacitive screen is a disaster. You need a wand like device and software which filters out extraneous false inputs like a person holding the device, accidentally brushing the screen or whatever. I don't believe for a second that the solution even with filtering would be tolderable.
As for the iPad's other attributes I'd say they're debateable. Organisations like serviceable machines which is why devices like Thinkpads are so popular. The iPad is anything but serviceable - if you break it (e.g. by letting it fall off a hospital bed) you throw it away and buy a new one.
Bullshit. You can't bring down cost by ordering a small run of custom hardware even if it is "simpler" (what does a GPS chip really cost wholesale.) Some low cost Taiwanese company would've done it by now if that were true. No one can touch Apple on price because A: they've got the market cornered on some components and B: due to their success they can order in quantities other companies can only dream of (at the moment?).
Yes and some low cost Chinese companies have already done it. You can buy Android tablets for $100 on ebay. Awful tablets but tablets nonetheless. There is ample opportunity for a functional tablets in the $200-300 range.
GPS, compass, accelerometers, rear facing camera, aluminium case, 16Gb are not critical to a tablet which is going to be used for some casual browsing, movies and email. The Archos 101 is already out and favourably reviewed. It demonstrates a perfectly functional tablet with capacitive 10" screen doesn't have to cost anything close to an iPad. Next year will see many such tablets, running Android 3.0 too.
Exactly. Manufacturers are taking the piss with their prices at the minute. I read today that the Motorola Xoom will cost $800. I cannot even fathom where they plucked that figure from unless they've stuck an absurdly high MSRP to make the under-contract Xooms look ever-so more reasonable at $400 or whatever.
I think AOL knows the writing is on the wall for their service. It costs a lot of money to run and their user base is literally dying off. It must be an expensive pain in the ass to maintain that client, and run all those dialups and field support calls, and an infrastructure of mail servers, and put content into the thick client to justify its existence. At some point the user base will drop below a point that it is economical to do and they'll kill the service in phases. I think AOL are smart to diversify. There is a lot of money to be made from selling advertising space in blogs and the like and they must be relatively cheap to buy and run compared to old media websites.
Huffington Post's biggest claim to fame in recent years has been as a haven for the anti-vaccination lunacy of retards like Jenny McCarthy, Dana Ullman, and followers of Andrew Wakefield.
The HP might be fine for political commentary but it is a haven for quacks, woos and snakeoil salesmen peddling all kinds of pseudo scientific new age nonsense. It is as anti-science and anti-reality. Not surprisingly many liberals, especially scientists and academics are as ashamed by what the HP promotes as conservatives are of creationist drool that infects their blogs.
1) Tablets are NOT being adopted by many tech companies because they are worthless for doing actual work on.
Tablets are largely consumption devices. Slapping a virtual keyboard, or even a keyboard stand doesn't make them drop in replacement for PCs.
However I fully expect that when Microsoft produce a tablet that it *could* be a drop in replacement. We know they're porting Windows to ARM. It's not hard to envisage they device a tablet shell for conventional tablet like stuff, but plug the device into a dock and suddenly you get a Windows desktop. It could be an incredibly powerful arrangement. Biggest fly in the ointment is ARM != x86 and how do they port / emulate all those x86 apps. That's a problem I have seen an adequate answer to.
2) Most Android based tablets kick the crap out of the iPad, hardware and software-wise.
Hmm not yet. I like android a lot but the first wave of devices were either a) crappo chinese knockoffs, b) expensive close but no cigar efforts like the Tab. I think the closest IMO was the Archos 101 which is about 3/5 the cost of the iPad but offers pretty similar functionality. On the software side, Android is fine but it's clear it will take Android 3.0 to bring it up to snuff. Possibly a 3.1.
3) Resistive touchscreens are superior to capacitive touchscreens in many ways.
I agree they are in some ways. I laugh when I hear puff pieces about of schools or hospitals using an iPad. How exactly do they scribble notes on their tablets? The answer is they can't because they're capacitive. A resistive screen would allow a user to tap or write with a stylus. You can buy wands for capacitive screens but you have to fastidiously avoid touching any other part of the screen while you write.
If handwriting is a requirement the screen has to be resistive. I realise of course for general use that resistive leaves something to be desired.
4) Calling the Samsung Galaxy Tab a glorified Android smartphone when the iPad is just a glorified iPhone is ridiculous and hypocritical
I think it's worse with the Tab because Samsung implemented a bunch of crap like GPS, compass, rear facing camera, etc. merely to keep the Android CDD happy. They literally had to make it a giant phone or they couldn't ship with the Android marketplace app or Google apps. I hope Android 3.0 has a CDD that allows tablets a lot more leeway to choose what features they include.
There is no reason that a decent tablet shouldn't retail for half of what an iPad costs and in part that could be achieved by jettisoning superfluous or redundant hardware.
So I hope when Android 3.0 turns up that in addition to making the UI more friendly it also addresses the CDD. GPS, compass etc. are nice to haves. The basic tablet spec should not force them. But perhaps it should specify extended profiles for PMPs, ereaders etc. For example, perhaps a "media" tablet profile might mandate more codecs, while an ereader tablet might specify certain screen visibility characteristics, possibly even allowing for e-ink displays.
The point being that Android is growing up but the CDD has long been an impediment and it needs to be improved.
Also there are people who are immune compromised or have other contraindications and cannot be vaccinated, and young kids, and new strains of disease that vaccinated people are only partially resistant to. Vaccination should be considered a duty of care issue. By not vaccinating you put other people are risk. Anti-vax idiots should be done for assault or manslaughter if it can be reasonably proven that their neglect caused their kid or anyone person to contract a serious communicable disease.
Wow you're paranoid and stupid. The benefits of vaccination are obvious. Whether your paranoia fuelled incredulity can accept it is neither here nor there.
That's because anti-vaxxers are like creationists, 9/11 truthers, holocaust deniers etc. They don't have any evidence so they make unfounded assertions and if one is pounded to dust they move onto the next and go through them in rotation. It's like whack a mole really.
I'm glad he said it. Anti vaccination groups have blood on their hands. They've killed people. If a corporation killed people through some faulty product the board of directors would be up for corporate manslaughter. Why shouldn't the same hold for anti-vax advice?
It's not a backdoor. It's a challenge / response. Easily understandable for anyone who wishes to bother.
Assuming it got to court, you'd have a far easier case proving willful copyright infringement if the person had to hack your commercially packaged app, remove the content protections and repackaged it. As opposed to just checking out the source and hitting "make". Even if you could prove your case that it was infringement It could obviously affect the damages that were awarded.
I think it's just common sense that you don't bundle the two parts in the same place.
I suppose they should be glad Google just outed them rather than using this surreptitious sniffer to salt Bing's search results with a bunch of crap results.
While I agree this is probably the situation I have to wonder how the pirates managed to get the copyrighted material. Did the authors check it into the same tree as the game source? It would seem to be a tad foolhardy if they did since it gives the pirates an excuse. Oops we made a genuine mistake. It would be better to put some stub test graphics / levels in with the source and keep the actual game assets completely and totally separate. It wouldn't hurt either to pack them up in a way which cannot be read be read by the standard GPL version of the game. For example, encrypt them or change the file format in some significant way so they just don't read. This again would relieve pirates of the excuse that they did it by accident.