Putting addresses in the bulbs means you need to configure your system. Unless the bulb adds a GPS chip too:-) it won't know which room it's in or which switch should control it. Dumb sockets and fixtures can't help there, so if the fixtures have to be upgraded anyway to provide the configuration, then just do that and leave the bulb out of it.
Today's fixtures don't have to be trashed. An add-on module could be wired in, hidden in the junction box. it could be wired as a switch replacement (like Z-wave or Insteon) but that doesn't give the fine grained control that you'd get with the bulb-by-bulb setup described in TFA.
1. This may be an advantage, because they can have custom-built devices that exactly meet their specific needs. The device itself is quite simple, and it only needs to provide a trusted display and keyboard. The only trust in it a user really needs is to know that it's not skimming their PIN, and it's displaying exactly what it's supposed to display. The crypto all happens in their bank card's chip.
2. Agreed that homogeneity is bad (look at Windows) but it's worked for 10 years for RSA tokens. Sealed, tamper resistant / tamper evident units that can never be externally connected to anything are really, really strong. The key is isolation.
3. The LEOs can still arrange that with the banks, the way they are supposed to do it today. Walk up to the bank manager, say "here's a warrant, track John." The bank manager authenticates the warrant, then cooperates. For that matter, the identity of neither party in a transaction has to be kept private for this to work, so network sniffing could be done surreptitiously . The protocol can be structured to hide the authentication details, but they can see that I'm exchanging money with Amazon, or Target, or Dopey Darryl's Drug Depot.
4. I think your autocorrect is kind of screwed up. Most of us don't have a "fleshlight (NSFW)" integrated with our cell phones!:-) I agree that integration seems nice, but for security purposes the users have to understand them to be separate devices, and that the phone screen NEVER authorizes the money.
Safari on the iPhone does it well. The URL bar is scrolled along with the page data. If you need it, just scroll back up, or tap the status bar at the top of the screen to quickly scroll to the top. It's there when you need it, but goes away gracefully when you don't.
Home automation switches don't have the same physical sync issues that you're associating with mechanical switches. They're all Decora form factor switches that are either push-on / push-off, or push-top-on / push-bottom-off, depending on brand and configuration. The Leviton transformer dimmers I've had are annoying, because they're push-bottom-on / push-bottom-off, and are inconsistent with everything else, including their ordinary dimmers that are push-anywhere. In every case, though, there's no mechanical lever that remains up or down. The GE switches have a little LED in them that can be configured to tell you if the switch is on or off (useful for an inside switch controlling outdoor lighting, for example, or for finding the "on" switch in the dark.)
Safety in working on the wiring comes from shutting off the breaker prior to doing any wiring. It is the ONLY approved way to do it regardless of how the switches are wired. Trusting the switch to keep you safe while working on the wiring is hazardous, because the buildings are sometimes not wired in the way you might expect.
Does bulb-at-a-time controllability always make sense? I don't think so, especially in the case of a chandelier type fixture with multiple low lumen bulbs. But if you have an existing set of ceiling cans, or a series of spot lamps, all wired into the same toggle switch, I can easily see situations where you only want one light on (over a reading chair, for example) The existing wiring is too coarse, and fixture-by-fixture control would be better.
That's it! That's exactly the kind of system I'm trying to describe!
The way you described it there may be one exploitable flaw: you said it shows you the destination bank account. That's ideal for online banking, but it would be useless to go shopping with: I don't know the bank account number of the store. I only know the store's name. I'd need to confirm on the device that the store I'm paying is HOME DEPOT, and not "account 12345"; just because the web site says "This is HOME DEPOT and our account # is 12345" puts too much trust in the PC. That part could be faked by a criminal.
You're still thinking "old school" security, which is only slightly better than what we have today. We need a radically different approach, one that removes the motivation to hack by removing the value-carrying-apps from the network. Attacks will always be made on any point that has a presence on the network. Put payments on the phone, and phones become a target. Weird, crazy impersonation attacks that seem highly improbable today would become the XSS of tomorrow's hackers. We need a real difference in order to have a real change.
We also only get to do it once. It's a big change that promises big security improvements, and if we screw it up by overlooking even the tiniest crack in the armor, we don't get to redistribute new hardware, or retrain shoppers.
Imagine if we went with a cell phone solution. A hacker might distribute a Trojaned version of Angry Birds that usurps the "menu button" and then pretends to be your shopping app. It all looks the same to the end user, but it doesn't even take a security violation of any sort to make it happen. Or maybe it only infects jailbroken phones. Maybe it easily affects every Windows 7 Mobile platform, or iOS5, or Android 4.1.085 sometime in 2017. Every phone OS ever piloted to end users will be the target of every criminal hacker. By removing the possibility of making payments from it, it's no longer attacked. By removing the payment system from the network, it's not attackable. It's that simple.
An isolated payment device would be something people would keep track of differently than their phone. I might let a casual acquaintance borrow my phone to make a call, but I wouldn't let anyone borrow my payment device. Even if I did, it'd be sealed shut (like those RSA token keytag things.) For convenience, maybe they can be made in the shape of an iPhone cradle and stuck on the back of the phone with double-sided tape or something. But they can't share the screen or the keyboard with the phone, or the phone simply becomes the next target.
If I say "My name is John", that's identification. Identification can be public or private. Authentication is the proof between two parties that my identification is valid. In other words, during the course of a transaction you can learn that my identity is John, and that my account number is 123, but you shouldn't be able to use that knowledge to prove to someone else that you're John or charge a purchase against account # 123. Requiring separate authentication would eliminate identity theft.
During the purchase, we should be able to authenticate each other, so I know I'm buying a $100 widget from DRB's House of Bits. I should be able to tell my bank to send $100 to DRB's House of Bits. You should be able to draw $100 from account 123. I should get a receipt that says "DRB promises to send a widget to John". Maybe there's even the involvement of an escrow agent such as a "licensed shipping company" that releases the transfer of funds upon receipt of a widget for shipment.
The proof of authorization to transfer $100, the proof of the authentication that you're DRB, that you're talking to my bank, and that I'm John, all should happen on sealed payment devices that can't be updated or hooked to the network.
The bank should supply me with the smart card that has the crypto operations and private keys already inside it. They should also send me a personal authenticator terminal, that is tamper evident, has a 10 key pad and camera for input, and a small display. They're about the size of a credit card. (There are already credit card form factor smart cards with built in 10 key pads that would be ideal, but a bit more costly.)
The camera and 10 key pad would provide the air-gapped input. I would point the camera at your corporate name or logo until my screen displayed the name of who I was going to pay. Bar codes are probably out because a human can't verify them, and people could be fooled by similar names (VVestern Bank is not the same as Western Bank), but a logo (or even just text) would be human recognizable and could be made unambiguous by use of a central registry. I'd use the 10 key pad to enter the amount, perhaps select the bank account, then add my secret PIN. The display would be a number to enter into the retailer's screen or terminal. That authorization number would be cryptographically generated on the card to permit only the transfer of $100 from my account 123 to DRB's House of Bits one time. Or there might be a second entry for approval: after I see the invoice, I enter my PIN to generate a different number to approve the transfer, but that's getting pretty complex.
The problem with the phone is that it becomes a target, and it's on the network. If I want to start stealing, I just have to hack your phone. Convince you to download my "facepalm" app and it infects your payment app, or it paints a fake payment app picture. We shouldn't keep trying to trust these devices.
We're already in the boat of "something is better than nothing" and all we've got is water up to our knees making an incoherent mess.
Instead of continually beating our heads on securing systems and people, let's remove the profit motive. If we fundamentally change how financial transactions are executed, security will becomes less of a problem.
Get the requirements for security out of Windows, and put it into trusted bank-issued smart cards. Separate authentication from authorization from identification. Build system that humans can manually verify without a Windows box being the portal through which this verification happens.
Houses here are usually required to be wired according to the National Electric Code which specifies 15A breakers on circuits run with 14 AWG wire, and 20A breakers on 12 AWG circuits. We also do not have fuses or switches in outlets. The NEC also specifies various additional protections on certain circuits, such as Arc Fault Circuit Interrupters for bedrooms and Ground Fault Interrupters for wet locations like bathrooms, kitchens, and outdoors.
The link you provided gave unrealistically conservative numbers for power transmission, and it even states as much. I think one difference is that the 14 AWG wire we run also has to meet additional standards for insulation, installation, termination, etc., and when the right wire is installed correctly, the risk of fire is minimized. 14AWG wire does indeed get warm when carrying a 1700W load, but it does not melt the insulation or catch fire.
So in your example above, if we ran 5VDC over 14 AWG, we'd still need a 15A circuit breaker, and simply could provide no more than 75W. Even then, the voltage drop would render it useless. I think we both agree that a centrally located 5VDC power supply would be completely impractical without superconductive house wiring (which is itself completely impractical.)
Controllability is the key to saving energy. Turning the lights off when you don't actually need them anymore is a huge opportunity.
The real problem with this idea is that today's houses and light fixtures are not wired to use them well. If the wall switch is off, the light fixture is dead. You can't remotely turn it on, no matter how hard you press the button. If you leave the wall switch on, even when you're occupying the room you have to hunt for a remote control to turn the lights on and off - major usability fail!
The only way to make this work in a usable fashion is to fix the infrastructure. That means we need to bypass all the light switches in a house to provide 24x7 power to the light fixtures, and convert all the existing wall switches to RF remote control switches. That's a huge expense.
My prediction is that some people will install these bulbs, get frustrated that they can't make them work right, and the industry will have screwed itself for decades to get over the public perception problem they're creating for themselves today. As for the bulbs themselves, they'll become niche devices, probably suited only for commercial installations and home automation fanatics.
Apparently, you haven't been studying the spectra of any light sources. Sure, you may have a personal bias towards the familiar incandescent spectrum (most people do), but you'd be surprised as to what colors the various technologies of lamps are emitting these days. LED lights are being manufactured with phosphor coatings that can modify the color spectrum dramatically.
First, you have an incorrect notion that incandescents are not the closest to "natural" light. They're further from sunlight than just about any other common lighting technology, apart from candle light. They have a more red spectrum than other artificial light sources, and the balance is uneven. However, we humans do find their color pleasant and comforting (probably because they're close to firelight.) A mix of 3300K and 4000K fluorescent tubes comes surprisingly close to incandescent, provides a broad wash of bright light, and you would probably find them similarly pleasing. LED lighting, depending on your need, is available in a range of colors. Epistar, Cree, and Bridgelux LED chipsets are available in colors ranging down to a warm white 2700K that are very similar to incandescents. At that color they're less efficient than the whiter or bluer chips, but they're quite pleasant and well balanced. They also offer "true white" 5700K chips in arrays powerful enough to be used for street lighting. Their color balance is much closer to sunlight than any other common artificial light sources. I find them too "blue" to be comfortable, but my orchids love them!
And stop thinking incandescents are cheaper - they are NOT cheaper. The bulb is only a small fraction of the price you pay for the lighting. Unless your mom is upstairs paying the electric bill for you, you are paying 3 times as much for incandescent lighting.
CFLs are definitely the cheapest way to go today, but LEDs are not far behind them, and they consume only half the power of CFLs. LEDs offer other benefits: cooler operation; instant on; shock and vibration resistance; lower operating voltages; much longer lamp life and a lamp life that is not degraded by power cycles; and no hazardous materials requiring fragile item handling or special recycling. If you want to save money, switch to CFLs today, but keep your eye on LEDs. Once the prices drop to around $10 or so for a 60W equivalent bulb, they'll be the cheapest light source you can buy.
A buddy of mine (not the guy in the article) went and bought a couple sets of these lights (on sale after the holidays) just to do exactly that. It's serially controlled via an Arduino, so it's not IPv6, but his heart's in the right place.:-)
If you're that cheap, you obviously want the 7 watt LED, which will cost you $33+$15.40=$48.40 over its 20,000 hour life, as opposed to buying 10 60 watt incandescent bulbs that will cost you a total of $0.50*10+$132=$138.00 for the same amount of illumination over time. That's all based on electricity costs remaining fixed at today's rates, by the way. If the price of electricity rises at any time during those 20,000 hours, you'll save even more by having the LED bulb.
That's not accounting for the reduced risk of fire by not having the white-hot glowing filaments in your house, or the risk of electrical shock by having a hot fragile glass bulb being the only insulation in case of an accidental impact, or the risk of falling off the ladder 9 extra times when changing them. Nor is it accounting for the reduced burden on your air conditioner by emitting less heat in the summer months. Admittedly, it's also not accounting for the increase on your winter heating bill by not adding the heat contributed by the incandescent filament.
Or are you one of those people who doesn't understand the direct relationship between the light bulb and your electric bill, and thinks that saving money on a light bub today is a bargain?
I used to do this all the time. I'd replace light fixtures, fans, whatever, just by shutting off the switch. For "safety", I'd throw a piece of tape on the switch so family members wouldn't accidentally help me by turning on the lights. I also would try to treat the hot wire as hot, leaving a wire nut or tape to cap it while I was working on the circuit. No sense tempting fate, right?
Keen observers will note the key phrasing above is in the "past" tense. One day I found out at my mom's place that the genius who wired a ceiling light in her basement switched the NEUTRAL wire instead of the hot wire. I was taking a broken light fixture down and *BAM*! I shorted the hot to ground, and made all the hurty things in my hand and arm have a really bad day.
If you're sticking your fingers, a screwdriver*, or a pair of pliers into the remains of a shattered bulb, PLEASE don't trust that the butt-head who wired my mom's house didn't also wire yours. Use the breaker to disconnect the power. It's what you're supposed to do, and for a very good reason. And on a bus system like this would require, it's the ONLY safe solution.
* By the way, if you don't have insulated pliers with you, a wide flat blade screwdriver with a plastic insulated handle makes a pretty good tool for removing the base of a shattered bulb.
I assume the GP is talking about low voltage DC, which is safer for humans than house voltage AC. In general, a 120 VAC shock is thought to be less dangerous than a 120 VDC shock because the 120 zero crossings per second gives the muscles periodic chances to relax, theoretically allowing the victim to collapse, which might let him or her fall away from the electrically charged component. High voltage shocks are never healthy, however, and neither AC nor DC should be considered "safe".
The problem with low voltage is that wire losses are resistive, which reduce voltage, yet the current capacity of the wire remains constant. If you reduce 10 volts by 1 volt, you get 9 volts. If you reduce 100 volts by 1 volt, you get 99 volts. At 1 amp, the 10 volt system can deliver 9 watts. At 1 amp, the 100 volt system can deliver 99 watts. Proportionately, the same wire that would cause you to lose 10% of the power in a low voltage system would cost you only 1% of the power in a high voltage system.
Let's say you wanted to run 5VDC throughout your house from a single centralized power supply. (And who among us hasn't thought about exactly this idea?) 14 AWG wire, like the stuff you probably have carrying your 120VAC 15A service today, has a resistance of 0.25 ohms on a 100 foot run. That's 50 feet out and back, which we'll call typical for a small house average run. At 5VDC that's a voltage drop of 2.5% to a barely usable 4.9VDC. Any run longer than 50 feet would not be delivering a usable voltage. 20 AWG, which is the thin stuff you are familiar with that comes from a typical wall wart transformer, has a resistance of 2.6 ohms over the same distance, and would have a voltage drop of 25%, meaning you'd be delivering a definitely unusable 3.75VDC to the load.
Architecturally, this is the wrong place to put uniquely addressed devices. The addresses should be in the fixtures, to avoid the maintenance headache of readdressing bulbs every time they are replaced. If I want the lights in the room to dim, I don't want to tell the bulbs, I want to tell the room that I'm sitting in. The room contains the fixtures. The fixtures contain the bulbs. How the room talks to the fixtures and the fixtures talk to the bulbs are different questions, but individually addressable bulbs is a maintenance disaster waiting to happen.
Just because they're conveniently end-user replaceable doesn't make it a correct choice, just slightly more practical. X-10, Z-Wave and Insteon are all also equally incorrect in that they generally put the control at the point of the switch, instead of the fixture. Again, the user's ultimate goal is not to control the switch but to control the room's lighting, which is defined by the fixtures and their locations within the room.
3 of the astronauts had lobster for breakfast, maybe they thought it may well be their last meal on Earth?
They're off for a week or two of such gastronomic delights as freeze-dried spaghetti, freeze-dried chicken, and peanut butter in a squeeze tube. I'll forgive them for not wanting to depart on a stomach full of freeze-dried Eggo waffles.
Seriously? You're comparing having to move your house to saving my wife's life, and the lives of the other people saved by those radioisotopes? Jeez, I'm so very sorry for the terrible inconvenience. Let me get right on that perspective changing.
And I'm glad Chalk River is still on line. My wife needed the isotopes they make to help treat her cancer.
Their "spill" was 47 liters of heavy water. No damage, nobody harmed. If they stopped making radioisotopes, they'd kill tens of thousands of patients due to lack of treatment options. And it's not like they can stockpile those compounds. The half life of the useful ones are all pretty short.
There's this fragile thing called perspective. I don't know why so many people lose it when they hear the word "nuclear".
This idea goes against may principles on many levels but... I find it eerily compelling.
Me too. It's almost a form of vigilantism, but socially, not physically.
There's one fact about peer pressure that's been ignored by our legal system, and that is it works. When some parent complained to their schoolboard that "my little Johnny shouldn't be ostracized just because he beat up little Timmy and took his lunch money", and some craven maggot on the schoolboard agreed with the defective parent, discipline in the school suffered. Some judge got in public hot water because he made a convicted thief wear a sandwich board that said something like "I swindled this business out of a thousand dollars" and parade down the sidewalk in front of the business for a day.
Shame can be powerful, and we ignore it at our peril. And its becoming so rare that we honor those people who stand up and say "I did a bad thing, sorry" and forget that yes, they did a bad thing, and they really should be ashamed of themselves.
Would it help in this case? I don't know, because I think the people who would threaten to harm this family believe wholeheartedly that they're on the side of God. They won't be ashamed of their actions. But a/b/ response would probably tend more to the harassment side, meaning people throwing chicken manure at them and stuff like that.
Try $140 for a monstrous 6' cable. I almost walked out of Beast Buy when the sleazy salescreature said "with this television, you should buy this cable. It really 'improves the red colors'." (Yes, I know I should have walked away from that motherf*cking liar.) As it was, I returned the cable with the package satisfactorily torn open the next day and bought a replacement at Radio Shack for about $40.
I could have bought a Panasony brand DVD player that included a 6' HDMI cable for less money, thrown away the player, and still been ahead in the transaction.
He wouldn't have to prohibit the publishing of the name. He could use social pressure instead.
"The court orders that if the name of the woman is published, that the person who reveals the name will also be published, and they should be reviled by all civilized people."
Imagine what would happen to the guy if he was outed to a group like/b/, and they decided he was scum. We've seen what happened to the woman who threw the cat in the garbage can. That public spanking didn't stop at national boundaries.
Of course, John Smith might be a member of/b/, and might be revealing the name just for teh lulz. He might get spanked, he might not. But it's an approach we could consider.
Keeping the bribe object as a member of the application would be a pretty poor design as it doesn't allow for multiple bribes per application. I'd expect a better design would include a collection of bribes, and would evaluate their sum.
More importantly, a bribe isn't an application, so there's no "is-a" relationship. An application "has-a" bribe. It's aggregation, not composition.
Slashdot Mirror
Putting addresses in the bulbs means you need to configure your system. Unless the bulb adds a GPS chip too :-) it won't know which room it's in or which switch should control it. Dumb sockets and fixtures can't help there, so if the fixtures have to be upgraded anyway to provide the configuration, then just do that and leave the bulb out of it.
Today's fixtures don't have to be trashed. An add-on module could be wired in, hidden in the junction box. it could be wired as a switch replacement (like Z-wave or Insteon) but that doesn't give the fine grained control that you'd get with the bulb-by-bulb setup described in TFA.
1. This may be an advantage, because they can have custom-built devices that exactly meet their specific needs. The device itself is quite simple, and it only needs to provide a trusted display and keyboard. The only trust in it a user really needs is to know that it's not skimming their PIN, and it's displaying exactly what it's supposed to display. The crypto all happens in their bank card's chip.
2. Agreed that homogeneity is bad (look at Windows) but it's worked for 10 years for RSA tokens. Sealed, tamper resistant / tamper evident units that can never be externally connected to anything are really, really strong. The key is isolation.
3. The LEOs can still arrange that with the banks, the way they are supposed to do it today. Walk up to the bank manager, say "here's a warrant, track John." The bank manager authenticates the warrant, then cooperates. For that matter, the identity of neither party in a transaction has to be kept private for this to work, so network sniffing could be done surreptitiously . The protocol can be structured to hide the authentication details, but they can see that I'm exchanging money with Amazon, or Target, or Dopey Darryl's Drug Depot.
4. I think your autocorrect is kind of screwed up. Most of us don't have a " fleshlight (NSFW)" integrated with our cell phones! :-) I agree that integration seems nice, but for security purposes the users have to understand them to be separate devices, and that the phone screen NEVER authorizes the money.
Safari on the iPhone does it well. The URL bar is scrolled along with the page data. If you need it, just scroll back up, or tap the status bar at the top of the screen to quickly scroll to the top. It's there when you need it, but goes away gracefully when you don't.
Home automation switches don't have the same physical sync issues that you're associating with mechanical switches. They're all Decora form factor switches that are either push-on / push-off, or push-top-on / push-bottom-off, depending on brand and configuration. The Leviton transformer dimmers I've had are annoying, because they're push-bottom-on / push-bottom-off, and are inconsistent with everything else, including their ordinary dimmers that are push-anywhere. In every case, though, there's no mechanical lever that remains up or down. The GE switches have a little LED in them that can be configured to tell you if the switch is on or off (useful for an inside switch controlling outdoor lighting, for example, or for finding the "on" switch in the dark.)
Safety in working on the wiring comes from shutting off the breaker prior to doing any wiring. It is the ONLY approved way to do it regardless of how the switches are wired. Trusting the switch to keep you safe while working on the wiring is hazardous, because the buildings are sometimes not wired in the way you might expect.
Does bulb-at-a-time controllability always make sense? I don't think so, especially in the case of a chandelier type fixture with multiple low lumen bulbs. But if you have an existing set of ceiling cans, or a series of spot lamps, all wired into the same toggle switch, I can easily see situations where you only want one light on (over a reading chair, for example) The existing wiring is too coarse, and fixture-by-fixture control would be better.
That's it! That's exactly the kind of system I'm trying to describe!
The way you described it there may be one exploitable flaw: you said it shows you the destination bank account. That's ideal for online banking, but it would be useless to go shopping with: I don't know the bank account number of the store. I only know the store's name. I'd need to confirm on the device that the store I'm paying is HOME DEPOT, and not "account 12345"; just because the web site says "This is HOME DEPOT and our account # is 12345" puts too much trust in the PC. That part could be faked by a criminal.
You're still thinking "old school" security, which is only slightly better than what we have today. We need a radically different approach, one that removes the motivation to hack by removing the value-carrying-apps from the network. Attacks will always be made on any point that has a presence on the network. Put payments on the phone, and phones become a target. Weird, crazy impersonation attacks that seem highly improbable today would become the XSS of tomorrow's hackers. We need a real difference in order to have a real change.
We also only get to do it once. It's a big change that promises big security improvements, and if we screw it up by overlooking even the tiniest crack in the armor, we don't get to redistribute new hardware, or retrain shoppers.
Imagine if we went with a cell phone solution. A hacker might distribute a Trojaned version of Angry Birds that usurps the "menu button" and then pretends to be your shopping app. It all looks the same to the end user, but it doesn't even take a security violation of any sort to make it happen. Or maybe it only infects jailbroken phones. Maybe it easily affects every Windows 7 Mobile platform, or iOS5, or Android 4.1.085 sometime in 2017. Every phone OS ever piloted to end users will be the target of every criminal hacker. By removing the possibility of making payments from it, it's no longer attacked. By removing the payment system from the network, it's not attackable. It's that simple.
An isolated payment device would be something people would keep track of differently than their phone. I might let a casual acquaintance borrow my phone to make a call, but I wouldn't let anyone borrow my payment device. Even if I did, it'd be sealed shut (like those RSA token keytag things.) For convenience, maybe they can be made in the shape of an iPhone cradle and stuck on the back of the phone with double-sided tape or something. But they can't share the screen or the keyboard with the phone, or the phone simply becomes the next target.
If I say "My name is John", that's identification. Identification can be public or private. Authentication is the proof between two parties that my identification is valid. In other words, during the course of a transaction you can learn that my identity is John, and that my account number is 123, but you shouldn't be able to use that knowledge to prove to someone else that you're John or charge a purchase against account # 123. Requiring separate authentication would eliminate identity theft.
During the purchase, we should be able to authenticate each other, so I know I'm buying a $100 widget from DRB's House of Bits. I should be able to tell my bank to send $100 to DRB's House of Bits. You should be able to draw $100 from account 123. I should get a receipt that says "DRB promises to send a widget to John". Maybe there's even the involvement of an escrow agent such as a "licensed shipping company" that releases the transfer of funds upon receipt of a widget for shipment.
The proof of authorization to transfer $100, the proof of the authentication that you're DRB, that you're talking to my bank, and that I'm John, all should happen on sealed payment devices that can't be updated or hooked to the network.
The bank should supply me with the smart card that has the crypto operations and private keys already inside it. They should also send me a personal authenticator terminal, that is tamper evident, has a 10 key pad and camera for input, and a small display. They're about the size of a credit card. (There are already credit card form factor smart cards with built in 10 key pads that would be ideal, but a bit more costly.)
The camera and 10 key pad would provide the air-gapped input. I would point the camera at your corporate name or logo until my screen displayed the name of who I was going to pay. Bar codes are probably out because a human can't verify them, and people could be fooled by similar names (VVestern Bank is not the same as Western Bank), but a logo (or even just text) would be human recognizable and could be made unambiguous by use of a central registry. I'd use the 10 key pad to enter the amount, perhaps select the bank account, then add my secret PIN. The display would be a number to enter into the retailer's screen or terminal. That authorization number would be cryptographically generated on the card to permit only the transfer of $100 from my account 123 to DRB's House of Bits one time. Or there might be a second entry for approval: after I see the invoice, I enter my PIN to generate a different number to approve the transfer, but that's getting pretty complex.
The problem with the phone is that it becomes a target, and it's on the network. If I want to start stealing, I just have to hack your phone. Convince you to download my "facepalm" app and it infects your payment app, or it paints a fake payment app picture. We shouldn't keep trying to trust these devices.
We're already in the boat of "something is better than nothing" and all we've got is water up to our knees making an incoherent mess.
Instead of continually beating our heads on securing systems and people, let's remove the profit motive. If we fundamentally change how financial transactions are executed, security will becomes less of a problem.
Get the requirements for security out of Windows, and put it into trusted bank-issued smart cards. Separate authentication from authorization from identification. Build system that humans can manually verify without a Windows box being the portal through which this verification happens.
It will only help if we can just figure out how to employ sheep's bladders to prevent earthquakes.
Houses here are usually required to be wired according to the National Electric Code which specifies 15A breakers on circuits run with 14 AWG wire, and 20A breakers on 12 AWG circuits. We also do not have fuses or switches in outlets. The NEC also specifies various additional protections on certain circuits, such as Arc Fault Circuit Interrupters for bedrooms and Ground Fault Interrupters for wet locations like bathrooms, kitchens, and outdoors.
The link you provided gave unrealistically conservative numbers for power transmission, and it even states as much. I think one difference is that the 14 AWG wire we run also has to meet additional standards for insulation, installation, termination, etc., and when the right wire is installed correctly, the risk of fire is minimized. 14AWG wire does indeed get warm when carrying a 1700W load, but it does not melt the insulation or catch fire.
So in your example above, if we ran 5VDC over 14 AWG, we'd still need a 15A circuit breaker, and simply could provide no more than 75W. Even then, the voltage drop would render it useless. I think we both agree that a centrally located 5VDC power supply would be completely impractical without superconductive house wiring (which is itself completely impractical.)
Controllability is the key to saving energy. Turning the lights off when you don't actually need them anymore is a huge opportunity.
The real problem with this idea is that today's houses and light fixtures are not wired to use them well. If the wall switch is off, the light fixture is dead. You can't remotely turn it on, no matter how hard you press the button. If you leave the wall switch on, even when you're occupying the room you have to hunt for a remote control to turn the lights on and off - major usability fail!
The only way to make this work in a usable fashion is to fix the infrastructure. That means we need to bypass all the light switches in a house to provide 24x7 power to the light fixtures, and convert all the existing wall switches to RF remote control switches. That's a huge expense.
My prediction is that some people will install these bulbs, get frustrated that they can't make them work right, and the industry will have screwed itself for decades to get over the public perception problem they're creating for themselves today. As for the bulbs themselves, they'll become niche devices, probably suited only for commercial installations and home automation fanatics.
Apparently, you haven't been studying the spectra of any light sources. Sure, you may have a personal bias towards the familiar incandescent spectrum (most people do), but you'd be surprised as to what colors the various technologies of lamps are emitting these days. LED lights are being manufactured with phosphor coatings that can modify the color spectrum dramatically.
First, you have an incorrect notion that incandescents are not the closest to "natural" light. They're further from sunlight than just about any other common lighting technology, apart from candle light. They have a more red spectrum than other artificial light sources, and the balance is uneven. However, we humans do find their color pleasant and comforting (probably because they're close to firelight.) A mix of 3300K and 4000K fluorescent tubes comes surprisingly close to incandescent, provides a broad wash of bright light, and you would probably find them similarly pleasing. LED lighting, depending on your need, is available in a range of colors. Epistar, Cree, and Bridgelux LED chipsets are available in colors ranging down to a warm white 2700K that are very similar to incandescents. At that color they're less efficient than the whiter or bluer chips, but they're quite pleasant and well balanced. They also offer "true white" 5700K chips in arrays powerful enough to be used for street lighting. Their color balance is much closer to sunlight than any other common artificial light sources. I find them too "blue" to be comfortable, but my orchids love them!
And stop thinking incandescents are cheaper - they are NOT cheaper. The bulb is only a small fraction of the price you pay for the lighting. Unless your mom is upstairs paying the electric bill for you, you are paying 3 times as much for incandescent lighting.
CFLs are definitely the cheapest way to go today, but LEDs are not far behind them, and they consume only half the power of CFLs. LEDs offer other benefits: cooler operation; instant on; shock and vibration resistance; lower operating voltages; much longer lamp life and a lamp life that is not degraded by power cycles; and no hazardous materials requiring fragile item handling or special recycling. If you want to save money, switch to CFLs today, but keep your eye on LEDs. Once the prices drop to around $10 or so for a 60W equivalent bulb, they'll be the cheapest light source you can buy.
Ten years from now we will have a push to IPv8 addresses as there will be a shortage of IPv6 addresses.
Everyone will want an IPv6 address for the lights on their Christmas trees and house displays.
Ask, and ye shall receive.
A buddy of mine (not the guy in the article) went and bought a couple sets of these lights (on sale after the holidays) just to do exactly that. It's serially controlled via an Arduino, so it's not IPv6, but his heart's in the right place. :-)
I want the cheap bulb.
If you're that cheap, you obviously want the 7 watt LED, which will cost you $33+$15.40=$48.40 over its 20,000 hour life, as opposed to buying 10 60 watt incandescent bulbs that will cost you a total of $0.50*10+$132=$138.00 for the same amount of illumination over time. That's all based on electricity costs remaining fixed at today's rates, by the way. If the price of electricity rises at any time during those 20,000 hours, you'll save even more by having the LED bulb.
That's not accounting for the reduced risk of fire by not having the white-hot glowing filaments in your house, or the risk of electrical shock by having a hot fragile glass bulb being the only insulation in case of an accidental impact, or the risk of falling off the ladder 9 extra times when changing them. Nor is it accounting for the reduced burden on your air conditioner by emitting less heat in the summer months. Admittedly, it's also not accounting for the increase on your winter heating bill by not adding the heat contributed by the incandescent filament.
Or are you one of those people who doesn't understand the direct relationship between the light bulb and your electric bill, and thinks that saving money on a light bub today is a bargain?
I used to do this all the time. I'd replace light fixtures, fans, whatever, just by shutting off the switch. For "safety", I'd throw a piece of tape on the switch so family members wouldn't accidentally help me by turning on the lights. I also would try to treat the hot wire as hot, leaving a wire nut or tape to cap it while I was working on the circuit. No sense tempting fate, right?
Keen observers will note the key phrasing above is in the "past" tense. One day I found out at my mom's place that the genius who wired a ceiling light in her basement switched the NEUTRAL wire instead of the hot wire. I was taking a broken light fixture down and *BAM*! I shorted the hot to ground, and made all the hurty things in my hand and arm have a really bad day.
If you're sticking your fingers, a screwdriver*, or a pair of pliers into the remains of a shattered bulb, PLEASE don't trust that the butt-head who wired my mom's house didn't also wire yours. Use the breaker to disconnect the power. It's what you're supposed to do, and for a very good reason. And on a bus system like this would require, it's the ONLY safe solution.
* By the way, if you don't have insulated pliers with you, a wide flat blade screwdriver with a plastic insulated handle makes a pretty good tool for removing the base of a shattered bulb.
I assume the GP is talking about low voltage DC, which is safer for humans than house voltage AC. In general, a 120 VAC shock is thought to be less dangerous than a 120 VDC shock because the 120 zero crossings per second gives the muscles periodic chances to relax, theoretically allowing the victim to collapse, which might let him or her fall away from the electrically charged component. High voltage shocks are never healthy, however, and neither AC nor DC should be considered "safe".
The problem with low voltage is that wire losses are resistive, which reduce voltage, yet the current capacity of the wire remains constant. If you reduce 10 volts by 1 volt, you get 9 volts. If you reduce 100 volts by 1 volt, you get 99 volts. At 1 amp, the 10 volt system can deliver 9 watts. At 1 amp, the 100 volt system can deliver 99 watts. Proportionately, the same wire that would cause you to lose 10% of the power in a low voltage system would cost you only 1% of the power in a high voltage system.
Let's say you wanted to run 5VDC throughout your house from a single centralized power supply. (And who among us hasn't thought about exactly this idea?) 14 AWG wire, like the stuff you probably have carrying your 120VAC 15A service today, has a resistance of 0.25 ohms on a 100 foot run. That's 50 feet out and back, which we'll call typical for a small house average run. At 5VDC that's a voltage drop of 2.5% to a barely usable 4.9VDC. Any run longer than 50 feet would not be delivering a usable voltage. 20 AWG, which is the thin stuff you are familiar with that comes from a typical wall wart transformer, has a resistance of 2.6 ohms over the same distance, and would have a voltage drop of 25%, meaning you'd be delivering a definitely unusable 3.75VDC to the load.
Architecturally, this is the wrong place to put uniquely addressed devices. The addresses should be in the fixtures, to avoid the maintenance headache of readdressing bulbs every time they are replaced. If I want the lights in the room to dim, I don't want to tell the bulbs, I want to tell the room that I'm sitting in. The room contains the fixtures. The fixtures contain the bulbs. How the room talks to the fixtures and the fixtures talk to the bulbs are different questions, but individually addressable bulbs is a maintenance disaster waiting to happen.
Just because they're conveniently end-user replaceable doesn't make it a correct choice, just slightly more practical. X-10, Z-Wave and Insteon are all also equally incorrect in that they generally put the control at the point of the switch, instead of the fixture. Again, the user's ultimate goal is not to control the switch but to control the room's lighting, which is defined by the fixtures and their locations within the room.
3 of the astronauts had lobster for breakfast, maybe they thought it may well be their last meal on Earth?
They're off for a week or two of such gastronomic delights as freeze-dried spaghetti, freeze-dried chicken, and peanut butter in a squeeze tube. I'll forgive them for not wanting to depart on a stomach full of freeze-dried Eggo waffles.
Seriously? You're comparing having to move your house to saving my wife's life, and the lives of the other people saved by those radioisotopes? Jeez, I'm so very sorry for the terrible inconvenience. Let me get right on that perspective changing.
And I'm glad Chalk River is still on line. My wife needed the isotopes they make to help treat her cancer.
Their "spill" was 47 liters of heavy water. No damage, nobody harmed. If they stopped making radioisotopes, they'd kill tens of thousands of patients due to lack of treatment options. And it's not like they can stockpile those compounds. The half life of the useful ones are all pretty short.
There's this fragile thing called perspective. I don't know why so many people lose it when they hear the word "nuclear".
This idea goes against may principles on many levels but... I find it eerily compelling.
Me too. It's almost a form of vigilantism, but socially, not physically.
There's one fact about peer pressure that's been ignored by our legal system, and that is it works. When some parent complained to their schoolboard that "my little Johnny shouldn't be ostracized just because he beat up little Timmy and took his lunch money", and some craven maggot on the schoolboard agreed with the defective parent, discipline in the school suffered. Some judge got in public hot water because he made a convicted thief wear a sandwich board that said something like "I swindled this business out of a thousand dollars" and parade down the sidewalk in front of the business for a day.
Shame can be powerful, and we ignore it at our peril. And its becoming so rare that we honor those people who stand up and say "I did a bad thing, sorry" and forget that yes, they did a bad thing, and they really should be ashamed of themselves.
Would it help in this case? I don't know, because I think the people who would threaten to harm this family believe wholeheartedly that they're on the side of God. They won't be ashamed of their actions. But a /b/ response would probably tend more to the harassment side, meaning people throwing chicken manure at them and stuff like that.
Try $140 for a monstrous 6' cable. I almost walked out of Beast Buy when the sleazy salescreature said "with this television, you should buy this cable. It really 'improves the red colors'." (Yes, I know I should have walked away from that motherf*cking liar.) As it was, I returned the cable with the package satisfactorily torn open the next day and bought a replacement at Radio Shack for about $40.
I could have bought a Panasony brand DVD player that included a 6' HDMI cable for less money, thrown away the player, and still been ahead in the transaction.
There's no solution here.
He wouldn't have to prohibit the publishing of the name. He could use social pressure instead.
"The court orders that if the name of the woman is published, that the person who reveals the name will also be published, and they should be reviled by all civilized people."
Imagine what would happen to the guy if he was outed to a group like /b/, and they decided he was scum. We've seen what happened to the woman who threw the cat in the garbage can. That public spanking didn't stop at national boundaries.
Of course, John Smith might be a member of /b/, and might be revealing the name just for teh lulz. He might get spanked, he might not. But it's an approach we could consider.
Keeping the bribe object as a member of the application would be a pretty poor design as it doesn't allow for multiple bribes per application. I'd expect a better design would include a collection of bribes, and would evaluate their sum.
More importantly, a bribe isn't an application, so there's no "is-a" relationship. An application "has-a" bribe. It's aggregation, not composition.