Campaign donations are subject to federal reporting regulations regardless of what currency they use.
Which raises a question. So if someone anonymously dumps 1000 bitcoins on him, then what happens?
He has to not spend it, or run afoul of the FEC for not having his campaign funding papered up nicely. Now if they give it to a superpac, and that superpac goes and gets him elected with a billion dollar campaign, no one could care less.
It needs to become less speculative and more stable to be a true alternative.
It cannot become more stable. The supplies of BTC are limited by design. As BTC is used more and more in the world trade, each BTC keeps increasing in price. This is on top of the built-in deflation in a market of fixed size. This is why it cannot be used as money. Nobody wants to part with something that becomes more expensive as you hold it. There is an awful amount of USD in circulation, and only 21 million BTC. If you replace all USD with BTC, each BTC would cost a million dollars, and you'd run out of divisibility of BTC, and the "small" payment fee would be unaffordable. Also, BTW, early adopters would own half of he planet's wealth.
The reason it can't become more stable (with a click of a button) is that not enough people use it. Deflationary and supply issues aside, there just isnt enough capitalization (with respect to other currencies) to prevent huge swings due to speculation. But contrary to the original assertion about "too much speculation", if enough _more_ people were speculating (raising the value and volume of daily trades), you would see it stabilize compared to the current roller coaster. Bitcoin is like a micro crude oil market; big speculators can drive it any way they want, and since the total capital (relative to USD) in bitcoin is so low, a single heavyweight speculator can run the show.
It does in the short term. Most of the cloud services let you recover/undelete a file for up to 30 days.
You're right that it's not a "real backup", but honestly you aren't going to get most people to do a real backup with any consistency. Cloud backup of a documents folder is a useful stopgap.
This is exactly right. After a little checking, free accounts with Dropbox and Google drive both save old versions (plus pre-deletions) for 30 days by default (provided you have the space) so there is a pretty good hedge against accidental deletion or other corruption. The biggest risk, then, is losing access to your account, or perhaps facing someone with such extreme malice and capability that they take over and delete your account from the service (at which point i suspect it might be near impossible to recover the account AND the files). Backups in the basement (of someone elses house) are always the safest thing, but they are hardly as easy as a cloud service, so for any not-so-dedicated user who is likely to make no backups at all, cloud is the solution.
"(2) Save files to a folder that is automatically mirrored to the cloud, for effortless backups."
Anyone with experience in ransomware know if they encrypt the files in, say, the user folder (where all of these mirrored cloud services live by default) does that echo to the cloud host, ransoming everything there too? If thats the case then it might be a good idea to at least stay one step ahead of the bad guys and put the folder somewhere else in the system.
It can be done in 2018 if you had ~$10 billion and you're willing to launch without "man-rating" certification of your booster.
Falcon Heavy is coming along nicely and they could probably do a launch in 4 years if you prodded Elon with a few billion dollars. Throw another $5 billion or so for the spacecraft/lander/habitat and you could have one that will theoretically work (even if unproven).
Who crowdfunded $10B? So far in 20 days they have $100,000, so they only need what another 19,980 days to get there...
Video cameras to prevent drilling of the outer shell was never considered?
Right. Every bank I've ever been in in the last . . . many . . . years has cameras all around, including pointed at the 24-hour ATMs. So I guess you'd do it as surreptitiously as possible so it wouldn't necessarily get noticed on the footage without carefully watching it.
To add to the complexity, there are plenty of ATMs (more than enough for a gang to live off of) that are nowhere near a bank. Since the plan was well thought out (the software they hacked in was particularly brilliant to have two-factor auth) they probably also cased ATMs that had a minimum of video surveillance and "hit" them when there were few people around.
Then don't do anything for a while, preferably long enough that the footage with the tampering has been overwritten -- or at least long enough that it's tedious and time-consuming to look through everything and you've got the money and made your getaway.
What is apparently necessary is a software tool to match up physical presence with a lack of ATM transaction activity, since these guys no doubt left no electronic trail in the logs of the machine. Therefore you need to find the spots in the tape where someone was at the machine but not performing a (recorded) transaction.
Because that part of the atm is heavily protected, whereas the usb port is behind a plastic panel.
All of the flames about windows vs linux are a red herring. This is the real design flaw. Any design that assumes the USB interface to the software is not just as important to protect as the cash itself completely ignores why they would ever put the USB port on there in the first place (to make material changes to the ATM software).
I suppose that's a "feature", but Linux sure seemed primitive to me a few years ago when I discovered what an ordeal it was to read a floppy disk: with Windows, you just put it into the drive and it worked. I assume the same ordeal holds true today for USB sticks on Linux. (Ever wonder why "The Year of the Linux Desktop" always seems to be in the future, Linus?...)
(posting as AC due to non-orthodox opinion favoring Windows over Linux.)
Go ahead and take your head out of your ass, and re-read his comment: "Yes, because it's impossible to configure Linux to auto-mount all new devices, check for the presence of a specifically named file and execute commands within.
Emphasis mine. Linux can easily auto-mount thumb drives. Many distros have it enabled out of the box. What you wont find is any that scans the drive for things to run and then does so, with elevated privileges (something present in many recent versions of windows). Having an easy way for an attacker to steal/destroy all the data on a machine might seem like a "Feature" but it sure seems primitive... (if you need examples, confirmed attacks via unwitting use of an infected USB key on windows systems are plentiful.)
His nonchalant "we were just writing about how things already were" is quite on-point and flies in the face of all the doomsdayers. I like this guy even more now.
"Well, look at it this way. The year 2014 is the centenary of World War One. When you hang out in Europe like I do, you stumble over the rubble of World War One, quite a lot. Humanity was in a truly dreadful place, one hundred years ago. The world situation of humanity was truly bitter and hateful and and deadly, and, well, here we are anyway. That's the big picture. "
He is so exactly right. The world is an increasingly safer, more reliable place thanks to, in part, improved technology and communication. Just because we are watching each new technology become part of the bureaucracy/corporatocarcy shouldn't surprise anyone in the least; it isnt going to change itself and it isnt going to keep its dirty paws off of the latest technology just because it sounds "wrong".
A US invasion of any Latin American country larger than Costa Rica would make our current decade-long fiasco in Afghanistan look like a walk in the park. The US could invade all right, but hold on to that territory? Much less make a profit off the project? No, not hardly, and the Fifth Column that would appear overnight among the US Latino population would terrify even the Pentagon brass.
Panama is larger than Costa Rica... You might want to read a bit about pan-american history.
If education is not safe for work, you're in the wrong workplace.
Summary is polemical, but accurate. Bitcoin is for the impotent power-dreamers, and it has no advantages whatever over any other system. Anyway, the first thing a government would do if the currency took hold (which it won't, because it's less safe than putting your money under a mattress) is to change the algorithm so it could create more bitcoins.
Why create more bitcoins when many many of them are going unused (and are probably lost). More likely, a government would implement a "come claim your BTC" policy whereby if you didnt claim it (and submit the proper paperwork to the IRS), you lose it. There would be plenty of BTC that turn up for the central banks to re-purpose.
Have you ever tried making a wire transfer? It takes days.
change the algorithm so it could create more bitcoins.
You'd have to convince all bitcoin users to use the new algorithm. Hard sell getting them to devalue their own money.
No, you need to convince enough people hosting bitcoin servers (read, *miners*) to devalue their currency... in exchange for a renewed gold rush. Pretty easy bait, really. The thing about BTC is that unless a state (or states) takes over administration of the code (it can still be open, just subject to more rigorous change control) then the will of the majority (of people running a BTC transaction host) will win out. Sure, those holding bitcoin with no interest in mining could start up hosts to "win" the fight over the code change, but will they?
Plus, if I were them, I'd be worried that the USA would insert a backdoor in the avionics that allows the plane to be remote controlled by the USA.
If they are procuring them with the hope of surviving any sort of even brief conflict with the US, they will be sadly disappointed no matter who they buy their jets from. A more troubling backdoor would be a listening post on each jet that scoops up data on to a drive in a secret compartment, which can then be downloaded by a CIA/NSA agent pretending to be a Boeing service tech.
There may still be a niche in informal transfers: Party A buys coin, sends to party B, B sells coin. Potentially handy for those who are unable to deal with conventional payment processors (Criminals, activist groups under government oppression, those affected by international sanctions, people in obscure countries where Paypal does no operate) or who are just unwilling (Anti-corporate idealists, paranoid activists, people worried about the many paypal stories of those who struggled to get their money out).
As a medium of long-term storage, or even something you could price goods in, it's just too volatile.
That would only work if the state-backed currency was immediately converted to BTC, then back again. And if thats the case there will quickly become markets for arbitrage as the value would float around wildly (imagine only holding BTC for.1s and the price dropping by 10%, it happens). No, people will still just use the normal, state-backed currency methods for all those things you mentioned. If TOR isnt effective at masking oneself against the oppressive regimes you listed, no BTC transaction house will be invulnerable so the money going in/out will not be insulated in any way just because it existed as BTC for a brief moment. Paypal aside, most of them work pretty well (even if they are pricey in comparison).
The only way the probability of an event can not have a statistic is if it is not measured. And if fraudulent behaviour by banks isn't measured then the US really is stuffed.
I think you are missing the more important information here, malware like this and Linux servers being targeted for attack finally drive a stake through the lie that just because you have source that magically makes it more secure. As we see its just as many of us have been saying for years that once Linux reached a level of popularity it too would fall, no different than windows and OSX.
All having the source does is make it so that 1.- if you have the money, or 2.- if you have the coding talent, that you can continue to have that older piece of hardware or software supported...that's it, that's all it does, it keeps you from ending up with software or hardware being unsupported because everybody moved on because you can pay to keep it going or fix it yourself. I mean if anybody even thought about it for more than 30 seconds it would be plain as the nose on your face why "many eyes" is a myth, how many tens of millions of loc is in your average distro? How many programs and/or components are updated/upgraded on that distro per quarter? This is why every bug tracker has bugs going back several years, for the vast majority of any distro I seriously doubt anybody other than the guys that actually work on the project look at it with any regularity and you can be damned sure the majority of it isn't getting a security audit, it simply changes too fast.
But of course I'll be modded off the page for daring to point out what TFA clearly shows, but IRL Linux is just as complex as any other modern OS and where there is complexity there is flaws, simple as that.
Linux vulnerabilities have nothing to do with this, since users are willingly installing the apps and granting them permission to do these things (whether there is a better way of doing the aforementioned things in Android is moot since you decided to attack Linux). The one thing you missed is that when the source is open, the discovery of a vulnerability doesn't have to wait for the corporate "is it worth it to fix it" cycle. Anyone with a smidgen of coding talent can dig in and take a swing at it, which doesnt decrease 0-days but does decrease 180-days or 360-days that we have seen in many closed platforms. You might also want to investigate the fact that it's not a "distro" that needs to be secure at all, it's the individual, visible things (network stack, plus firewalling applications and finally the internet-facing applications) that consist of a much smaller and better reviewed set of code. But have fun getting modded.
Google needs to start tiering their store. One tier is stuff actively moderated with strict, Draconian guidelines and perhaps additional fees to support this degree of moderation. This tier would be similar to Amazon's, Microsoft's, or Amazon's store and if an app doesn't toe the line perfectly, it gets pulled without mercy (since it can easily be offered on the "free for all" tier.) The second tier would be what their store is now -- pay a fee for an account, upload, and go from there.
The next step is by default, have Android devices download only from the restricted tier of the Google Play Store, and a checkbox, similar to the one that allows sideloading, for using the open tier of their market. This way, the average Joe who doesn't know or doesn't care about permissions is kept safe from potentially malicious software by only being in the actively moderated tier, but someone who has some sort of a clue can turn that protection off and go for whatever utility they want.
Of course, there is worse in the way of markets. AFIAK, China has no access to the Google Play store, and Chinese app stores may have absolutely zero curation or moderation in place whatsoever, so there may be numerous copies of a perfectly legit app, except only one doesn't bring with it an added payload. To boot, number of downloads isn't a good statistic if bogus store accounts are easily created.
The Play store is wiped of malware on a pretty regular basis, but there are still a lot of pointless/crappy apps in there. Any true malware capable apps are swiftly removed from the store and from users devices. Your second point is exactly right though; China and other non-western areas don't get the Play store like NA/EUR does. Specifically Google cant collect/disseminate charges from the Play store there, so no developers are interested in making anything but free crApps for it. This means that even if China wern't a hotbed of "loose copyright morals" the people who do pay for software would still not be able to spend their money on the "good" apps from the store. This means they might as well just get a third-party market or better yet just pirate/sideload the apps they want.
So aside from the FUD in this headline, the real story here is that poor sales practices (or a lack of) can push users to do things they might not otherwise, and a huge market is being downright abused. Have there been any malware infection groups coming from NA/EUR where there are a ton of phones and a ton of uneducated users, but full access to the Play store? Nope didnt think so.
It looks like some people missed the part near the end of the post where they explain how Windows power usage is abysmal even compared to the desktop version of OS X.
It looks like some people missed the part where no tablet runs OS X.
Well Windows Phone 7 seems to be great when it comes to power management.
Android is awful. (Suppose WP8 will be as bad as the rest).
You're right, my WP7 phone (a Lumia 900) lasts way longer than my Galaxy S3... Never mind that WP7 can't run any apps in the history of ever (most notably it cant run a microsoft account-capable version of Skype, a microsoft product) but hey the battery will be there when I NEED it...
Ah ha: "I just wish somebody could explain to me and Anand why Windows is so awful at managing idle power."
You make the mistake of thinking that just because the device isn't doing something at the user's direction, that it is idle. How do you think the NSA is getting all of their number crunching done while they shake the bugs out of their Utah data center?
I choose my words carefully, so please don't mistake my meaning. I said "craft the outlines of a better, more secure system". I didn't say a foolproof, catch-all system that would solve everyone's problems with a sprinkling of magical unicorn farts. I said outlines, not a fully implemented solution. I also said a better, not the perfect be-all-end-all because, as you and I both recognize, there is no perfect system.
And, if it were not blazingly obvious from how I'd written it (I thought including "armchair thinkers" in my post would have been a giveaway), I was speaking of thought experiments and white papers. However, get enough intelligent people together with their ideas, and yes, absolutely, you could come up with a good replacement.
The reason "the banks" haven't done it themselves ought to be obvious - banking is just one of a dozen instances where SSNs are used. No single industry is going to tackle the problem on their own - why should they? Unless you change it all, you may as well change none, because SSNs would still be cross-referenced to the new system.
If a bank (or banks) had a better way of doing it they are more than welcome to; like I said, the cost of the current system is basically the huge fraud departments each must fund in order to keep the status quo. If there was an even marginally better system that wasnt both god-awful expensive (requiring lots of special infrastructure) and infuriatingly difficult ("yes i lost the keyfob, no i don't have time to mail you some of my DNA, i need my credit line unfrozen and the fraudulent charges reversed today!") then yes it would have been pursued. There are many great ideas out there but they all fail the practicality test when applied to 300M americans who, lets face it, ALL need numerous credit/banking/investing accounts.
Oh, I can understand how it came about. But, really, there are any number of intelligent people - security analysts, IT professionals, bankers, human factors specialists, and armchair thinkers - that could probably craft the outlines of a better, more secure system with an afternoon's effort. Why hasn't such a system come around yet?
They say, "if it ain't broke, don't fix it." But the way we use SSNs as a catch-all identifier has been broken at least since the introduction of online commerce - why hasn't anyone even proposed fixing it yet?
Ah to live in an engineer's world: "there is a problem? Why, I already have a solution in my head for that! Now it is solved."
You can't think of a system that is at once nationally effective, customer-friendly, and cheap(er) to operate. If you could, the banks would scrap the SSN and start using it so they can fire their legions of fraud monitors/investigators. It is simply more profitable for them to maintain the system and band-aid it occasionally. Yes, exploits are obvious and plentiful, but an exploit-free system doesn't exist, so replacing all the NPPI practices with "better" ones would be incremental at best.
I have a general question: why does the Social Security Number endure as the primary key of, well, every kind of financial account or transaction in the United States. The SSN - how it's assigned, how it's revoked, the regulations regarding who can use it and for what, what necessary safeguards are in place to prevent theft or misuse, its anonymity or lack thereof - was never intended for the tasks that it is now burdened with. It's broken in so many ways that it would be hilarious - if the consequences were not so dire.
The answer to your question is easy: consumers demand easier interactions with banks and other orgs, and the orgs know that the harder they are to deal with the less likely the are to attract customers.
Instead of enrolling a new user by gathering all of their NPPI and then insisting on some extra public key verification (home mailing, notarized document, etc) before creating a private key (a password) they simply take you at your word that if you know all this NPPI, you must be _that_ John C Doe and not a different one, or not some identity thief. Add to that the use case of "i lost my keys", wherein the org needs to be able to quickly assess the identity of someone who has forgotten/lost/destroyed their "password", and doing it the "right way" starts to carry more of a burden than just doing it the same ol' way, and maintaining a staff of fraud investigators. The system hasn't changed because customers could care less as long as it doesn't hurt them, and fraud detection/remediation is effective "enough" to keep almost everyone happy. Those that have trouble are in a world of shit, though.
I never understood why social security numbers have become secret. It was my student ID both in undergrad and grad school. Available to everyone. Once upon a time, you were even supposed to keep your social security card in your wallet. Now it needs to be kept secret, along with my mother's maiden name.
It is just a has code -- not a password.
Until the grand abstractor that is the Internet came along, exploiting the system usually meant being in a position of some power at one of those institutions, or digging through lots of garbage to find discarded records. In the realm of things that make you unique and are both quantifiable and indelible, SSN is at the top of the list. It became the de facto "identity password" since about 50 years ago when national, impersonal, remote services like credit cards took off and the creditors (banks), instead of coming up with a better system, left well enough alone.
Think about it, how would you _indelibly_ tell two people apart on paper, both named John Charles Doe and both born on 6/7/89? Record who their parents were? Record where or maybe exactly when they were born? Record some assigned nonce that was issued at birth by some all-knowing entity? Oops, that's what a SSN is!
A world without secret SSNs requires much more diligence on the part of the _customer_ because they are burdened with extra identification elements (public ones and private ones, a username and password of sorts) for each service unless a national or international effort to standardize comes about.
Slashdot Mirror
Bitcoin is an _alternative_ to fiat currencies? Citation needed, mostly because I can't believe anyone would be that delusional.
Apparently he likes the thought of not knowing how many TV ads and rally signs his campaign can afford 12 hours from now...
Campaign donations are subject to federal reporting regulations regardless of what currency they use.
Which raises a question. So if someone anonymously dumps 1000 bitcoins on him, then what happens?
He has to not spend it, or run afoul of the FEC for not having his campaign funding papered up nicely. Now if they give it to a superpac, and that superpac goes and gets him elected with a billion dollar campaign, no one could care less.
It needs to become less speculative and more stable to be a true alternative.
It cannot become more stable. The supplies of BTC are limited by design. As BTC is used more and more in the world trade, each BTC keeps increasing in price. This is on top of the built-in deflation in a market of fixed size. This is why it cannot be used as money. Nobody wants to part with something that becomes more expensive as you hold it. There is an awful amount of USD in circulation, and only 21 million BTC. If you replace all USD with BTC, each BTC would cost a million dollars, and you'd run out of divisibility of BTC, and the "small" payment fee would be unaffordable. Also, BTW, early adopters would own half of he planet's wealth.
The reason it can't become more stable (with a click of a button) is that not enough people use it. Deflationary and supply issues aside, there just isnt enough capitalization (with respect to other currencies) to prevent huge swings due to speculation. But contrary to the original assertion about "too much speculation", if enough _more_ people were speculating (raising the value and volume of daily trades), you would see it stabilize compared to the current roller coaster. Bitcoin is like a micro crude oil market; big speculators can drive it any way they want, and since the total capital (relative to USD) in bitcoin is so low, a single heavyweight speculator can run the show.
It does in the short term. Most of the cloud services let you recover/undelete a file for up to 30 days.
You're right that it's not a "real backup", but honestly you aren't going to get most people to do a real backup with any consistency. Cloud backup of a documents folder is a useful stopgap.
This is exactly right. After a little checking, free accounts with Dropbox and Google drive both save old versions (plus pre-deletions) for 30 days by default (provided you have the space) so there is a pretty good hedge against accidental deletion or other corruption. The biggest risk, then, is losing access to your account, or perhaps facing someone with such extreme malice and capability that they take over and delete your account from the service (at which point i suspect it might be near impossible to recover the account AND the files). Backups in the basement (of someone elses house) are always the safest thing, but they are hardly as easy as a cloud service, so for any not-so-dedicated user who is likely to make no backups at all, cloud is the solution.
"(2) Save files to a folder that is automatically mirrored to the cloud, for effortless backups."
Anyone with experience in ransomware know if they encrypt the files in, say, the user folder (where all of these mirrored cloud services live by default) does that echo to the cloud host, ransoming everything there too? If thats the case then it might be a good idea to at least stay one step ahead of the bad guys and put the folder somewhere else in the system.
It can be done in 2018 if you had ~$10 billion and you're willing to launch without "man-rating" certification of your booster.
Falcon Heavy is coming along nicely and they could probably do a launch in 4 years if you prodded Elon with a few billion dollars. Throw another $5 billion or so for the spacecraft/lander/habitat and you could have one that will theoretically work (even if unproven).
Who crowdfunded $10B? So far in 20 days they have $100,000, so they only need what another 19,980 days to get there...
Video cameras to prevent drilling of the outer shell was never considered?
Right. Every bank I've ever been in in the last . . . many . . . years has cameras all around, including pointed at the 24-hour ATMs. So I guess you'd do it as surreptitiously as possible so it wouldn't necessarily get noticed on the footage without carefully watching it.
To add to the complexity, there are plenty of ATMs (more than enough for a gang to live off of) that are nowhere near a bank. Since the plan was well thought out (the software they hacked in was particularly brilliant to have two-factor auth) they probably also cased ATMs that had a minimum of video surveillance and "hit" them when there were few people around.
Then don't do anything for a while, preferably long enough that the footage with the tampering has been overwritten -- or at least long enough that it's tedious and time-consuming to look through everything and you've got the money and made your getaway.
What is apparently necessary is a software tool to match up physical presence with a lack of ATM transaction activity, since these guys no doubt left no electronic trail in the logs of the machine. Therefore you need to find the spots in the tape where someone was at the machine but not performing a (recorded) transaction.
Because that part of the atm is heavily protected, whereas the usb port is behind a plastic panel.
All of the flames about windows vs linux are a red herring. This is the real design flaw. Any design that assumes the USB interface to the software is not just as important to protect as the cash itself completely ignores why they would ever put the USB port on there in the first place (to make material changes to the ATM software).
I suppose that's a "feature", but Linux sure seemed primitive to me a few years ago when I discovered what an ordeal it was to read a floppy disk: with Windows, you just put it into the drive and it worked. I assume the same ordeal holds true today for USB sticks on Linux. (Ever wonder why "The Year of the Linux Desktop" always seems to be in the future, Linus?...)
(posting as AC due to non-orthodox opinion favoring Windows over Linux.)
Go ahead and take your head out of your ass, and re-read his comment: "Yes, because it's impossible to configure Linux to auto-mount all new devices, check for the presence of a specifically named file and execute commands within.
Emphasis mine. Linux can easily auto-mount thumb drives. Many distros have it enabled out of the box. What you wont find is any that scans the drive for things to run and then does so, with elevated privileges (something present in many recent versions of windows). Having an easy way for an attacker to steal/destroy all the data on a machine might seem like a "Feature" but it sure seems primitive... (if you need examples, confirmed attacks via unwitting use of an infected USB key on windows systems are plentiful.)
His nonchalant "we were just writing about how things already were" is quite on-point and flies in the face of all the doomsdayers. I like this guy even more now.
"Well, look at it this way. The year 2014 is the centenary of World War One. When you hang out in Europe like I do, you stumble over the rubble of World War One, quite a lot. Humanity was in a truly dreadful place, one hundred years ago. The world situation of humanity was truly bitter and hateful and and deadly, and, well, here we are anyway. That's the big picture. "
He is so exactly right. The world is an increasingly safer, more reliable place thanks to, in part, improved technology and communication. Just because we are watching each new technology become part of the bureaucracy/corporatocarcy shouldn't surprise anyone in the least; it isnt going to change itself and it isnt going to keep its dirty paws off of the latest technology just because it sounds "wrong".
A US invasion of any Latin American country larger than Costa Rica would make our current decade-long fiasco in Afghanistan look like a walk in the park. The US could invade all right, but hold on to that territory? Much less make a profit off the project? No, not hardly, and the Fifth Column that would appear overnight among the US Latino population would terrify even the Pentagon brass.
Panama is larger than Costa Rica... You might want to read a bit about pan-american history.
If education is not safe for work, you're in the wrong workplace.
Summary is polemical, but accurate. Bitcoin is for the impotent power-dreamers, and it has no advantages whatever over any other system. Anyway, the first thing a government would do if the currency took hold (which it won't, because it's less safe than putting your money under a mattress) is to change the algorithm so it could create more bitcoins.
Why create more bitcoins when many many of them are going unused (and are probably lost). More likely, a government would implement a "come claim your BTC" policy whereby if you didnt claim it (and submit the proper paperwork to the IRS), you lose it. There would be plenty of BTC that turn up for the central banks to re-purpose.
no advantages whatever over any other system.
Have you ever tried making a wire transfer? It takes days.
change the algorithm so it could create more bitcoins.
You'd have to convince all bitcoin users to use the new algorithm. Hard sell getting them to devalue their own money.
No, you need to convince enough people hosting bitcoin servers (read, *miners*) to devalue their currency... in exchange for a renewed gold rush. Pretty easy bait, really. The thing about BTC is that unless a state (or states) takes over administration of the code (it can still be open, just subject to more rigorous change control) then the will of the majority (of people running a BTC transaction host) will win out. Sure, those holding bitcoin with no interest in mining could start up hosts to "win" the fight over the code change, but will they?
Plus, if I were them, I'd be worried that the USA would insert a backdoor in the avionics that allows the plane to be remote controlled by the USA.
If they are procuring them with the hope of surviving any sort of even brief conflict with the US, they will be sadly disappointed no matter who they buy their jets from. A more troubling backdoor would be a listening post on each jet that scoops up data on to a drive in a secret compartment, which can then be downloaded by a CIA/NSA agent pretending to be a Boeing service tech.
There may still be a niche in informal transfers: Party A buys coin, sends to party B, B sells coin. Potentially handy for those who are unable to deal with conventional payment processors (Criminals, activist groups under government oppression, those affected by international sanctions, people in obscure countries where Paypal does no operate) or who are just unwilling (Anti-corporate idealists, paranoid activists, people worried about the many paypal stories of those who struggled to get their money out).
As a medium of long-term storage, or even something you could price goods in, it's just too volatile.
That would only work if the state-backed currency was immediately converted to BTC, then back again. And if thats the case there will quickly become markets for arbitrage as the value would float around wildly (imagine only holding BTC for .1s and the price dropping by 10%, it happens). No, people will still just use the normal, state-backed currency methods for all those things you mentioned. If TOR isnt effective at masking oneself against the oppressive regimes you listed, no BTC transaction house will be invulnerable so the money going in/out will not be insulated in any way just because it existed as BTC for a brief moment. Paypal aside, most of them work pretty well (even if they are pricey in comparison).
Does your statement make sense to yourself?
The only way the probability of an event can not have a statistic is if it is not measured.
And if fraudulent behaviour by banks isn't measured then the US really is stuffed.
Yep, pretty sure it's most recent measure was $100B (in penalties/settlements) and a lot more than $100B in actual fraud (depending on how you mark the value of a subprime mortgage backed security and the loan itself): http://www.bloomberg.com/news/2013-08-28/u-s-bank-legal-bills-exceed-100-billion.html
I think you are missing the more important information here, malware like this and Linux servers being targeted for attack finally drive a stake through the lie that just because you have source that magically makes it more secure. As we see its just as many of us have been saying for years that once Linux reached a level of popularity it too would fall, no different than windows and OSX.
All having the source does is make it so that 1.- if you have the money, or 2.- if you have the coding talent, that you can continue to have that older piece of hardware or software supported...that's it, that's all it does, it keeps you from ending up with software or hardware being unsupported because everybody moved on because you can pay to keep it going or fix it yourself. I mean if anybody even thought about it for more than 30 seconds it would be plain as the nose on your face why "many eyes" is a myth, how many tens of millions of loc is in your average distro? How many programs and/or components are updated/upgraded on that distro per quarter? This is why every bug tracker has bugs going back several years, for the vast majority of any distro I seriously doubt anybody other than the guys that actually work on the project look at it with any regularity and you can be damned sure the majority of it isn't getting a security audit, it simply changes too fast.
But of course I'll be modded off the page for daring to point out what TFA clearly shows, but IRL Linux is just as complex as any other modern OS and where there is complexity there is flaws, simple as that.
Linux vulnerabilities have nothing to do with this, since users are willingly installing the apps and granting them permission to do these things (whether there is a better way of doing the aforementioned things in Android is moot since you decided to attack Linux). The one thing you missed is that when the source is open, the discovery of a vulnerability doesn't have to wait for the corporate "is it worth it to fix it" cycle. Anyone with a smidgen of coding talent can dig in and take a swing at it, which doesnt decrease 0-days but does decrease 180-days or 360-days that we have seen in many closed platforms. You might also want to investigate the fact that it's not a "distro" that needs to be secure at all, it's the individual, visible things (network stack, plus firewalling applications and finally the internet-facing applications) that consist of a much smaller and better reviewed set of code. But have fun getting modded.
Google needs to start tiering their store. One tier is stuff actively moderated with strict, Draconian guidelines and perhaps additional fees to support this degree of moderation. This tier would be similar to Amazon's, Microsoft's, or Amazon's store and if an app doesn't toe the line perfectly, it gets pulled without mercy (since it can easily be offered on the "free for all" tier.) The second tier would be what their store is now -- pay a fee for an account, upload, and go from there.
The next step is by default, have Android devices download only from the restricted tier of the Google Play Store, and a checkbox, similar to the one that allows sideloading, for using the open tier of their market. This way, the average Joe who doesn't know or doesn't care about permissions is kept safe from potentially malicious software by only being in the actively moderated tier, but someone who has some sort of a clue can turn that protection off and go for whatever utility they want.
Of course, there is worse in the way of markets. AFIAK, China has no access to the Google Play store, and Chinese app stores may have absolutely zero curation or moderation in place whatsoever, so there may be numerous copies of a perfectly legit app, except only one doesn't bring with it an added payload. To boot, number of downloads isn't a good statistic if bogus store accounts are easily created.
The Play store is wiped of malware on a pretty regular basis, but there are still a lot of pointless/crappy apps in there. Any true malware capable apps are swiftly removed from the store and from users devices. Your second point is exactly right though; China and other non-western areas don't get the Play store like NA/EUR does. Specifically Google cant collect/disseminate charges from the Play store there, so no developers are interested in making anything but free crApps for it. This means that even if China wern't a hotbed of "loose copyright morals" the people who do pay for software would still not be able to spend their money on the "good" apps from the store. This means they might as well just get a third-party market or better yet just pirate/sideload the apps they want.
So aside from the FUD in this headline, the real story here is that poor sales practices (or a lack of) can push users to do things they might not otherwise, and a huge market is being downright abused. Have there been any malware infection groups coming from NA/EUR where there are a ton of phones and a ton of uneducated users, but full access to the Play store? Nope didnt think so.
It looks like some people missed the part near the end of the post where they explain how Windows power usage is abysmal even compared to the desktop version of OS X.
It looks like some people missed the part where no tablet runs OS X.
Well Windows Phone 7 seems to be great when it comes to power management.
Android is awful. (Suppose WP8 will be as bad as the rest).
You're right, my WP7 phone (a Lumia 900) lasts way longer than my Galaxy S3... Never mind that WP7 can't run any apps in the history of ever (most notably it cant run a microsoft account-capable version of Skype, a microsoft product) but hey the battery will be there when I NEED it...
Ah ha: "I just wish somebody could explain to me and Anand why Windows is so awful at managing idle power."
You make the mistake of thinking that just because the device isn't doing something at the user's direction, that it is idle. How do you think the NSA is getting all of their number crunching done while they shake the bugs out of their Utah data center?
I choose my words carefully, so please don't mistake my meaning. I said "craft the outlines of a better, more secure system". I didn't say a foolproof, catch-all system that would solve everyone's problems with a sprinkling of magical unicorn farts. I said outlines, not a fully implemented solution. I also said a better, not the perfect be-all-end-all because, as you and I both recognize, there is no perfect system.
And, if it were not blazingly obvious from how I'd written it (I thought including "armchair thinkers" in my post would have been a giveaway), I was speaking of thought experiments and white papers. However, get enough intelligent people together with their ideas, and yes, absolutely, you could come up with a good replacement.
The reason "the banks" haven't done it themselves ought to be obvious - banking is just one of a dozen instances where SSNs are used. No single industry is going to tackle the problem on their own - why should they? Unless you change it all, you may as well change none, because SSNs would still be cross-referenced to the new system.
If a bank (or banks) had a better way of doing it they are more than welcome to; like I said, the cost of the current system is basically the huge fraud departments each must fund in order to keep the status quo. If there was an even marginally better system that wasnt both god-awful expensive (requiring lots of special infrastructure) and infuriatingly difficult ("yes i lost the keyfob, no i don't have time to mail you some of my DNA, i need my credit line unfrozen and the fraudulent charges reversed today!") then yes it would have been pursued. There are many great ideas out there but they all fail the practicality test when applied to 300M americans who, lets face it, ALL need numerous credit/banking/investing accounts.
Oh, I can understand how it came about. But, really, there are any number of intelligent people - security analysts, IT professionals, bankers, human factors specialists, and armchair thinkers - that could probably craft the outlines of a better, more secure system with an afternoon's effort. Why hasn't such a system come around yet?
They say, "if it ain't broke, don't fix it." But the way we use SSNs as a catch-all identifier has been broken at least since the introduction of online commerce - why hasn't anyone even proposed fixing it yet?
Ah to live in an engineer's world: "there is a problem? Why, I already have a solution in my head for that! Now it is solved."
You can't think of a system that is at once nationally effective, customer-friendly, and cheap(er) to operate. If you could, the banks would scrap the SSN and start using it so they can fire their legions of fraud monitors/investigators. It is simply more profitable for them to maintain the system and band-aid it occasionally. Yes, exploits are obvious and plentiful, but an exploit-free system doesn't exist, so replacing all the NPPI practices with "better" ones would be incremental at best.
I have a general question: why does the Social Security Number endure as the primary key of, well, every kind of financial account or transaction in the United States. The SSN - how it's assigned, how it's revoked, the regulations regarding who can use it and for what, what necessary safeguards are in place to prevent theft or misuse, its anonymity or lack thereof - was never intended for the tasks that it is now burdened with. It's broken in so many ways that it would be hilarious - if the consequences were not so dire.
The answer to your question is easy: consumers demand easier interactions with banks and other orgs, and the orgs know that the harder they are to deal with the less likely the are to attract customers.
Instead of enrolling a new user by gathering all of their NPPI and then insisting on some extra public key verification (home mailing, notarized document, etc) before creating a private key (a password) they simply take you at your word that if you know all this NPPI, you must be _that_ John C Doe and not a different one, or not some identity thief. Add to that the use case of "i lost my keys", wherein the org needs to be able to quickly assess the identity of someone who has forgotten/lost/destroyed their "password", and doing it the "right way" starts to carry more of a burden than just doing it the same ol' way, and maintaining a staff of fraud investigators. The system hasn't changed because customers could care less as long as it doesn't hurt them, and fraud detection/remediation is effective "enough" to keep almost everyone happy. Those that have trouble are in a world of shit, though.
I never understood why social security numbers have become secret. It was my student ID both in undergrad and grad school. Available to everyone. Once upon a time, you were even supposed to keep your social security card in your wallet. Now it needs to be kept secret, along with my mother's maiden name.
It is just a has code -- not a password.
Until the grand abstractor that is the Internet came along, exploiting the system usually meant being in a position of some power at one of those institutions, or digging through lots of garbage to find discarded records. In the realm of things that make you unique and are both quantifiable and indelible, SSN is at the top of the list. It became the de facto "identity password" since about 50 years ago when national, impersonal, remote services like credit cards took off and the creditors (banks), instead of coming up with a better system, left well enough alone.
Think about it, how would you _indelibly_ tell two people apart on paper, both named John Charles Doe and both born on 6/7/89? Record who their parents were? Record where or maybe exactly when they were born? Record some assigned nonce that was issued at birth by some all-knowing entity? Oops, that's what a SSN is!
A world without secret SSNs requires much more diligence on the part of the _customer_ because they are burdened with extra identification elements (public ones and private ones, a username and password of sorts) for each service unless a national or international effort to standardize comes about.