they've just taken tiff, duplicated a bunch of the baseline tags for no good reason (other than to make it incompatible), added their own codec (which they could have done to tiff very easily), removed a bunch of useful stuff from tiff, and called it their own image format.
If you add a new codec to TIFF, then IMO it would be misleading to still call it TIFF, since existing apps that claim to read TIFF can't read the new codec.
I would guess that the predicted-cheap-and-ubiquitous set-top-boxes will not support HD...
They have to decode HD, because what if a particular channel is only broadcast in HD? The box has to decode it. In theory some cheap boxes could have only scaled-down SD composite outputs, but I think by 2009 the box will be one chip and HD component output will be "free".
Re:Publishing DRM exploits prematurely is dumb
on
AACS Device Key Found
·
· Score: 1
Except these people aren't cracking AACS for your benefit. They're either doing it so they can watch movies or for publicity; in either case they have no incentive to wait.
if the attacker doesn't publish the compromised player key, the AACS licensing authority doesn't know which key is compromised, and it can not revoke it.
That only applies if there are many keys, which there aren't. Hackers only reverse-engineer software players, and there are only two software players. Worst-case, AACS LA could just revoke both.
Also, cracking DRM is all about revealing secrets; how could you expect the hackers to agree to some kind of "code of silence" when it comes to their work?
As the parent said, there is no such thing as THE key for the PS3. Each individual PS3 unit has a different key. Revoking one particular PS3 won't cause any collateral damage, so there's nothing stopping Sony from doing it.
I think you got everything right except one point:
cable providers screwed themselves with the way most cable modems fail to buffer outgoing traffic.
I've read that most cable modems have relatively large (1MB) buffers; you can see this because when your upstream is saturated, latency gets huge. If the buffers were small, you'd have consistent latency. However, if you have good QoS large buffers aren't needed and if you have no QoS then no amount of buffering will help when you're transmitting above line rate.
If the motherboard fails and is replaced, won't the disks be overwritten when reconfiguring the array?
If you use a reputable controller (i.e. one that costs more than your entire motherboard), it will read the configuration off the disks instead of overwriting them.
When I read "digital credentials" I immediately thought "(SSL/SMIME) certs and (SSH/PGP) keys". Those are two standard and widely implemented forms of "strong" digital authentication.
The problem with regular certs is that they are all-or-nothing, so if you disclose your cert to a party, they now have all the information in the cert. For example, consider using a "digital drivers license" to prove your age or using a "digital student ID" to get a student discount; it's totall overkill.
The summary explains why Brands credentials are an improvement:
Private Credentials are a cool PKI replacement and anonymous e-cash tech that allows you to prove certified attributes like age, credit rating, group membership, etc. without revealing who you are (emphasis added)
Where is the threat to individual privacy? As I see it, the threat is companies misusing legitimately-obtained personal information. Now let's tie in privacy with today's earlier discussion about credit card fraud. To buy anything over the Net from a reputable vendor, you usually must provide your legal name, home address, and phone number in order for the credit card transaction to be approved. (Buying from less reputable vendors may actually provide more privacy because AFAIK Paypal doesn't expose all these personal details when you make a payment.) What is the chance that VISA/MC/AMEX will re-engineer their systems to be privacy-preserving?
If you are vulnerable to DNS poisoning then OpenID is the least of your worries. Just unplug your computer.
BTW, I think prominent OpenID providers like VeriSign, AOL, and SixApart can afford SSL certificates. Heck, VeriSign can give themselves a cert for free.:-)
If you sign on to multiple sites with OpenID, they can compare their databases to correlate logins. For example, if you tell one site that your girlfriend's name is Marla and you tell another site that your hobby is making soap, then the sites can combine this information.
You got it; that's how telco central offices work and a few companies are proposing that other data centers should switch to DC. But there are many problems: low-voltage DC requires thicker cables than high-voltage AC, I've heard that high-voltage DC can only be plugged in by licensed electricians, and AFAIK there is no standard DC connector. And industry intertia, of course.
Yes, in many cases cooling is the limit (unless you install rack water/air heat exchangers). Reducing power also reduces heat output, so either way you might as well do it.
As one of the founders of Google pointed out about 3 months ago, most if not all the compnents in a PC could be designed to run off a common voltage. The only reasons they don't are historical.
That's not what the Google paper said. It proposed that power supplies should output only 12V and motherboards should contain many DC-DC converters to generate voltages needed by chips. As chip fabrication technology changes, newer chips need lower voltages to operate optimally (not to mention that lower voltage = lower power); since different chips in a computer are made with different technologies, they need different voltages ranging from 1.8V down to 1.0V.
I think Cringely used the power of P2P to combine random buzzwords, product names, and company names faster than ever. Is there any evidence that this particular combination is actually likely to happen?
Demand for RAM slacked off in recent years because of the delays in releasing Vista (seriously). Now that Vista is out, we can expect mainstream PCs will want 2GB of RAM, which should drop the price of 1GB DIMMs.
Slashdot Mirror
Quit trolling; WiMAX can't magically make 802.11 stop working, nor can it convince all the 802.11 hardware vendors to stop making 802.11 hardware.
After z comes aa, ab, etc. 802.3 (Ethernet) is up to ay already.
Here's the Open Specification Promise; I don't see any mention of HD Photo. If it is really included, can someone provide evidence?
they've just taken tiff, duplicated a bunch of the baseline tags for no good reason (other than to make it incompatible), added their own codec (which they could have done to tiff very easily), removed a bunch of useful stuff from tiff, and called it their own image format.
If you add a new codec to TIFF, then IMO it would be misleading to still call it TIFF, since existing apps that claim to read TIFF can't read the new codec.
ARIN wants thousands of dollars PER YEAR for portable address space.
Of course, you didn't mention that IPv4 address space costs even more.
I would guess that the predicted-cheap-and-ubiquitous set-top-boxes will not support HD...
They have to decode HD, because what if a particular channel is only broadcast in HD? The box has to decode it. In theory some cheap boxes could have only scaled-down SD composite outputs, but I think by 2009 the box will be one chip and HD component output will be "free".
Except these people aren't cracking AACS for your benefit. They're either doing it so they can watch movies or for publicity; in either case they have no incentive to wait.
if the attacker doesn't publish the compromised player key, the AACS licensing authority doesn't know which key is compromised, and it can not revoke it.
That only applies if there are many keys, which there aren't. Hackers only reverse-engineer software players, and there are only two software players. Worst-case, AACS LA could just revoke both.
Also, cracking DRM is all about revealing secrets; how could you expect the hackers to agree to some kind of "code of silence" when it comes to their work?
As the parent said, there is no such thing as THE key for the PS3. Each individual PS3 unit has a different key. Revoking one particular PS3 won't cause any collateral damage, so there's nothing stopping Sony from doing it.
I think you got everything right except one point:
cable providers screwed themselves with the way most cable modems fail to buffer outgoing traffic.
I've read that most cable modems have relatively large (1MB) buffers; you can see this because when your upstream is saturated, latency gets huge. If the buffers were small, you'd have consistent latency. However, if you have good QoS large buffers aren't needed and if you have no QoS then no amount of buffering will help when you're transmitting above line rate.
If the motherboard fails and is replaced, won't the disks be overwritten when reconfiguring the array?
If you use a reputable controller (i.e. one that costs more than your entire motherboard), it will read the configuration off the disks instead of overwriting them.
Several companies are already offering music rental services... powered by MS DRM.
Except they know that people usually only use Partition Magic occasionally, so they'd set the rental price almost as high as the sale price.
When I read "digital credentials" I immediately thought "(SSL/SMIME) certs and (SSH/PGP) keys". Those are two standard and widely implemented forms of "strong" digital authentication.
The problem with regular certs is that they are all-or-nothing, so if you disclose your cert to a party, they now have all the information in the cert. For example, consider using a "digital drivers license" to prove your age or using a "digital student ID" to get a student discount; it's totall overkill.
The summary explains why Brands credentials are an improvement:
Private Credentials are a cool PKI replacement and anonymous e-cash tech that allows you to prove certified attributes like age, credit rating, group membership, etc. without revealing who you are (emphasis added)
Where is the threat to individual privacy? As I see it, the threat is companies misusing legitimately-obtained personal information. Now let's tie in privacy with today's earlier discussion about credit card fraud. To buy anything over the Net from a reputable vendor, you usually must provide your legal name, home address, and phone number in order for the credit card transaction to be approved. (Buying from less reputable vendors may actually provide more privacy because AFAIK Paypal doesn't expose all these personal details when you make a payment.) What is the chance that VISA/MC/AMEX will re-engineer their systems to be privacy-preserving?
If you are vulnerable to DNS poisoning then OpenID is the least of your worries. Just unplug your computer.
:-)
BTW, I think prominent OpenID providers like VeriSign, AOL, and SixApart can afford SSL certificates. Heck, VeriSign can give themselves a cert for free.
What's to stop them doing this with your email address right now?
Nothing, that's why OpenID is really no better or worse than the status quo when it comes to privacy.
If you sign on to multiple sites with OpenID, they can compare their databases to correlate logins. For example, if you tell one site that your girlfriend's name is Marla and you tell another site that your hobby is making soap, then the sites can combine this information.
You got it; that's how telco central offices work and a few companies are proposing that other data centers should switch to DC. But there are many problems: low-voltage DC requires thicker cables than high-voltage AC, I've heard that high-voltage DC can only be plugged in by licensed electricians, and AFAIK there is no standard DC connector. And industry intertia, of course.
Yes, in many cases cooling is the limit (unless you install rack water/air heat exchangers). Reducing power also reduces heat output, so either way you might as well do it.
As one of the founders of Google pointed out about 3 months ago, most if not all the compnents in a PC could be designed to run off a common voltage. The only reasons they don't are historical.
That's not what the Google paper said. It proposed that power supplies should output only 12V and motherboards should contain many DC-DC converters to generate voltages needed by chips. As chip fabrication technology changes, newer chips need lower voltages to operate optimally (not to mention that lower voltage = lower power); since different chips in a computer are made with different technologies, they need different voltages ranging from 1.8V down to 1.0V.
I think Cringely used the power of P2P to combine random buzzwords, product names, and company names faster than ever. Is there any evidence that this particular combination is actually likely to happen?
I don't know much economics, but my understanding is that DRAM vendors use demand to decide how much of each type of chip to produce.
Demand for RAM slacked off in recent years because of the delays in releasing Vista (seriously). Now that Vista is out, we can expect mainstream PCs will want 2GB of RAM, which should drop the price of 1GB DIMMs.
Some Cells are made by IBM and some are made by Sony/Toshiba.