I have to ask: do you see filesharing to be kind of like pot-smoking, in that "some other people say it's wrong, but it isn't hurting anyone else, so who cares?" Do you believe it's wrong, but participate anyway? Or do you actually believe it's a right that's being wrongly suppressed?
If it's either of the first of those, why do you think it is that nobody challenges the ethics of these private servers? Do you not have any peers whose moral code says "No, filesharing is wrong, you guys are ripping off my favorite band, I'm turning you in to the ethics board?" Are you're saying that really, out of the thousands of students your university, and of every other university situation you are aware of, that not a single student complains about the inappropriateness of it?
I'm not trying to fish for snitches or get anyone in trouble with this question, but I'm just pretty much surprised that nobody complains. Not even the sons or daughters of (RI|MP)AA execs or artists, whose very education might be paid for by the media being copied?
The idea of using cryptography external to the network carrying it is an incremental approach. By placing the security on the smart cards and in the banks removes the need for all the intermediate parties to do anything specific with respect to security.
Right now there are six million merchants who accept Visa. The bad guys have shown they can exploit any of them who are not secure. If we move that responsibility for security into tamper resistant chips and HSMs owned and issued by a few thousand banks, we've reduced the footprint to a set of organizations who specialize in security (and to the small handful of vendors providing solutions.)
If we relax the requirements for hardware tamper resistance at the user's end (via implementing the PIN pads as software on cell phones), every attack will change focus to the weak link. There are literally billions of cell phones in use, with tens of thousands of models of phones and hundreds of thousands of revisions for software for them. The software is written by people wanting to provide cool features, and not by security experts. Can you count on every phone to be secure, always?
If we move to a cell phone based model, it will be a huge expense and will create a set of expectations in the users, just as they have been trained in the convenience of mag stripes today. If we get one or two years into the full deployment and the hackers figure out how to get users to install Trojan Horse PIN pad apps anyway, (via viruses, worms, whatever) then the world will be no better off than they are today. Except, we will have shown them all through our actions that "we spent a ton of money and did it wrong again anyway!"
We have to take all the lessons of the past, including weaknesses in social engineering, EMV protocols, smart card chip design, exploitable differences between old and new protocols, and build a new solution that addresses them all. And we have to do it right the first time, because we won't get a second chance.
I had a bad experience with a plumber one time. Should I say the entire profession is bad?
That depends - did the plumber spout a load of trivially disprovable pseudoscientific nonsense about water and pipework that appears to be shared by the rest of his profession and supported by his professional organisation?
No, but he sold me a Denon amplifier with Monster cables, and porcelain speaker wire standoffs.
Come to think of it, he did tell me to flush a pint of snake oil down the loo every other month to keep the drains clear.
Unfortunately, cell phones that exist today won't work for this. The security has to come from an offline device, one that can't be modified by the user or by a network application. Otherwise, Trojan horses, keyboard monitors, or other malware will become the new avenue of attack.
You could build the card interface device into a mobile phone's shell, but it would need an independent display, keyboard, and chip reader, one the user could trust not to be modified by phone or network updates.
And I'll tell you right now from long experience dealing with people in similar situations that if you give them such a device, they'll demand the next generation of devices will integrate the chip's display and keyboard with the phone. People will say "oh, it's safe." They'll forget or ignore the security reasons for the separation. And not long after that there'll be a rash of phone malware that will persist for many years.
You need the chip on the card, because you can't trust the PIN pad at the retailer, and you can't trust anything short of a chip to prevent duplication.
That PIN pad sitting on the counter might *look* like a real PIN pad, but it might not be on the inside, and from the outside as a customer you have no way of verifying it.
You don't have to check your bank balance daily—just make sure you don't lose the physical card, and review your monthly statements. You would have to do just as much for a credit card.
You are liable for the amount (on a sliding scale) if you don't report the theft within two days. If some waiter skims your debit card's stripe at a restaurant, you will not even know a copy was made, but you are just as liable as if the card were physically stolen. If you check it monthly, that gives the thieves up to 28 days to steal from your account; more than enough time to drain it dry. The only realistic chance you would have of noticing it early is if you get an unexpected NSF while using your card.
Did I say RF? No, I said "chipped", although once the security is done correctly RF might not matter as much as you might think.
The correct protocol is for the merchant to tally the merchandise, and present the customer's card with their merchant ID and the transaction amount. The cardholder then has to see and approve that amount by entering a PIN in order to generate an authorization. (The cardholder needs to enter that PIN into a trusted device, which is best met by a smart card with a built-in keyboard and tiny display, or alternately by a trusted keycard device issued by the bank.) The card uses the PIN to generate a one-time approval code, which is forwarded by any means to the bank, along with the card data (account number or whatever), the amount, and the merchant ID. The bank returns an approval code to the merchant, who gives the merchandise to the customer. All this is digitally signed, of course, and the protocols need to be well laid out to avoid potential problems with respect to money laundering, man in the middle attacks, etc.
Note that the customer's account number is only usable for identification. It's only the chip-generated authorization combined with the user entered PIN that carries the value. Something you have plus something you know.
The authorization data is carried by the merchant and delivered by whatever means to the bank. The Internet would work fine. The merchant can see your account number, but they cannot charge you anything other than the value included in your approval. The authorization code is accepted by the bank for one time only use, and they will pay only the merchant ID indicated in the transaction.
Note that in this case, the card is issued by the bank. The certificates and keys are created and injected in the card by the bank. That means it's 100% bank-owned-and-provided hardware from customer to bank and back again. The bank is 100% in charge of security. All you have to do as a customer is not to lose your chipped card AND keep your PIN secret.
An RF based card would make only a minor difference in security. Sure, someone could ping it, but they couldn't get it to emit an authorization token unless they had it in their hands and pushed the tiny buttons. Protections would have to be taken to prevent RF based man-in-the-middle attacks between the merchant and the customer's card, otherwise the merchant might not get paid. But the customer's money is never at risk except when they are entering their PIN, and are staring at the tiny screen that says "PAY WALMART AMT=$34.56".
Sure, a single bank can stand up their own system. But what retailers are going to sign up and connect to them? What retailers want to take on that expense? And if I create John's Credit Network and Bruce creates Bruce's Credit Network, how would we get cooperative protocols? Finally, who is going to finance and pay to create a system that competes with Visa but doesn't actually generate revenue?
And forgetting the difficulties in creating such a system, think about another hard problem, the human element. It's well-demonstrated that ordinary consumers don't care about security. It's not a selling point. Why not? Even if they cared greatly, the $50 liability limit that the consumer protection laws mandate means that they're not at any real risk for fraud if they stick with their current bank. Where is the consumer appeal for "John's Crypto Credit Card, good at more than two retailers citywide, and your money is mathematically safe!" If I can use John's card at two retailers in town, or a Visa at over 6 million locations worldwide, and I'm only risking $50 to go with the Visa, guess which convenient card I'm going to choose?
Thanks, that's good to know, but I still won't carry a debit card. I'm not in the habit of checking my bank balance daily to see if someone's been stealing from me.
For these laughable "protections", I'd be far better off keeping my money under my mattress. It seems to me it should be 100% of the job of the bank to keep my money safe and secure.
The short answer? The banks will do nothing for you today.
The long answer: Nobody will do anything for you tomorrow, either.
Why? Because Visa does two things, only one of which makes money. First, they are in charge of defining financial card security through the PCI council, and they own and operate the secure network VisaNet, which carries authorizations from retailers to banks. Guess which one makes them money?
If Visa were to design and offer a cryptographically secure solution, one based only on smart cards for the customers and Hardware Security Modules (HSMs) at the banks, then I could safely route my charge authorizations over the plain ol' Internet. I wouldn't need to use the charge-per-transaction VisaNet. Visa would stop making money.
So instead of offering a secure solution, Visa and the PCI council say, "Merchants must lock down their systems, protect this data, follow these 12 steps, acknowledge that you are powerless over alcohol (oh wait, wrong 12 steps), and if you don't, we'll loudly blame you for allowing someone to see our non-existent security."
Visa owns the protocols used between merchants and banks. They could strengthen the protocols. They could prescribe encryption. They could require the deployment of chipped banking cards. But they do not, and have not for many, many years, despite a pathetic track record of security.
If you want the banks to be safe with your money, you ironically have to take charge of your own security. If you switch to using the green paper stuff, your losses will be finitely limited to what you carry on your person. If you want a more achievable answer in today's plastic world, DO NOT CARRY DEBIT CARDS. Debit cards do not offer you protection against loss. Credit cards are limited by U.S. law to a maximum of $50 liability to the cardholder. Debit cards losses are usually covered by the bank, but they are under no legal obligation to do so. For ATM access, most banks will honor your request for an ATM-only card instead of accepting their default ATM/Debit card. Of course, the use of credit cards requires personal discipline to always pay the debt on time, but otherwise you would see little difference.
Why should they allow you to install any app you want?
Because it's my phone, my hardware, I paid for it with my money. Apple does not own it, nor any piece of it. I have the full right to use the software it came with in any way I see fit. And I have the right to put whatever software I want on it.
Apple tries to assert that I do not have that right. Apple's only valid assertion is that if I install software from another source that they shouldn't have to support my stuff any more. Fine, void my warranty. It's still my device.
Bullshit. It's completely censorship. The app store has thousands of stupid "apps" that are little more than lame jokebooks, some based on satire, some based on insults (and most based inexplicably on farting noises.) You can even download a Kindle app and read all kinds of satire, political humor, porn, or outright libel, whatever you can buy from Amazon.
Pretending to uphold moral standards for some people while not having moral standards of their own is just more hypocrisy from the Turtlenecked One and his cultists are always ready to defend him. What's next from the App Store -- a Dianetics App?
I'm curious as to how you claim that normal street dust is more dangerous. What do you base this on? Volcanic ash is mostly silicates, and based on what happens when you inhale other silicates (Asbestos) I wouldn't be too keen on the substituting volcanic ash for road dust.
It is thought that asbestos is dangerous primarily due to the shape of the crystals. Broken asbestos fibers are essentially electron-microscopically sharp daggers that can slice into a living cell wall and cause the reproducing cell to make faulty copies of its DNA.
Silicates in general may not chemically cause cancer, certain physical structures of the crystals might be responsible. And I'm not saying that volcanic ash contains the "safe" kind or the "bad" kind of crystals. But I don't know that you can accurately make a blanket statement condemning all silicates just because asbestos is a problem.
On the other hand, given the choice I wouldn't want to suck in a lungful of volcanic ash, either.
This description is from the spam merchant's POV, not the spammer who operates the spamming equipment. The merchant wants to get his message out to X people. The spam operators charge money per address.
What'll happen here is the spam operators will find it more difficult to operate in conditions of continual crackdowns. Taking down a 100,000 bot net does not suddenly create 10 10,000 bot networks. The laws of supply and demand will kick in, meaning the price-per-address will rise. And spammers are going to be impacted by price.
Caveat: I don't believe this crazy conspiracy crap either. My understanding is that people who've analyzed the chip say the extra real estate is occupied by more primary cache, not by more ALU circuitry.
The article is missing a big point: it IS ARM. Just debugging the code shows it is ARM, not PPC.
I think you missed the point entirely. His speculation is that because the chip is so big, he thinks the extra space on the chip might actually be a native Power processor, and that the CPU is currently running the code in an hardware-based ARM emulator, rather than executing on-die ARM instructions.
Then, when OS XI comes out for the iPad, it'll be written in native Power instructions and the chip will execute new apps twice as fast.
The problem with "credible evidence" is that the word "credible" has no precise meaning. Anyone is free to substitute their own belief structure in there and say it's credible to them. And there are lots of people with some pretty fucked-up belief structures.
Even if it did have a precise meaning, let's look at an example. Say I'm representing an electric company who owns power lines. Say you're a homeowner who lives near one, and your kid gets leukemia. Is there a credible link? I can show you a dozen studies that say "yes", and another dozen studies that say "no." From one point of view, it's not even a credible case.
Now look at another similar kind of case: let's say I claim the fluorescent lighting in my office gave me prostate cancer. Credible? There are plenty of people who believe that kind of shit, and probably a few "studies" that would agree with it. If I find the right "doctor" and pay him enough "expert witness fees", he'll testify in court that just about anything is possible.
Actually, we had some infrared laser retail scanners about 10 years ago. The scanner included a red LED that was (supposed to be) focused on the same spot as the IR laser, making it easy for the cashier to aim. So the big red line the cashier saw wasn't doing the scanning -- it was the IR laser.
People complain about DVD prices, about movie prices, about whatever the studios do that isn't "give away their stuff for free." And those same people (on slashdot and elsewhere) say "You need to find a new approach." So this looks like an effort by the studio to say "See, we're trying a new approach."
However, as you've pointed out, we all recognize this is simply a different approach to packaging and marketing, rather than trying to change the economic model. And this particular attempt is almost sleazy in that the movies are advertised but aren't coming with the rights to watch them.
But here's the deal: high quality movies still cost a truckload of money to make. And they're all a gamble: you can spend $200 million on a movie that flops at the box office, or you could spend that same $200 million and get an epic blockbuster; until the movie hits the screens you really don't know.
I don't expect them to ever give them away for free, and I don't think anyone should ever expect that. They'll simply stop investing money in big movies if there's no chance of payback. Then all we'll get are the low-budget films. (Not that they all suck, but they certainly mostly suck.) I suppose the plus side is that they'll stop giving Michael Bay to make fake-looking CGI explosions.
Nice work disabling comments. Let the Cupertino Comment SPAM Bots attack!!!
Oh, please. The Apple fanbois are legion, and never have anything good to say if you disparage their turtleneck-wearing leader or his elite products. Disabling comments is likely to leave the signal-to-noise ratio at exactly the same level it is without comments (zero divided by anything is still zero.)
I have to ask: do you see filesharing to be kind of like pot-smoking, in that "some other people say it's wrong, but it isn't hurting anyone else, so who cares?" Do you believe it's wrong, but participate anyway? Or do you actually believe it's a right that's being wrongly suppressed?
If it's either of the first of those, why do you think it is that nobody challenges the ethics of these private servers? Do you not have any peers whose moral code says "No, filesharing is wrong, you guys are ripping off my favorite band, I'm turning you in to the ethics board?" Are you're saying that really, out of the thousands of students your university, and of every other university situation you are aware of, that not a single student complains about the inappropriateness of it?
I'm not trying to fish for snitches or get anyone in trouble with this question, but I'm just pretty much surprised that nobody complains. Not even the sons or daughters of (RI|MP)AA execs or artists, whose very education might be paid for by the media being copied?
Does a bobbear shit in the woods?
I'm not sure. But if you're a scammer he will happily pee in your revenue stream...
Remind me not to phish in that stream!
The idea of using cryptography external to the network carrying it is an incremental approach. By placing the security on the smart cards and in the banks removes the need for all the intermediate parties to do anything specific with respect to security.
Right now there are six million merchants who accept Visa. The bad guys have shown they can exploit any of them who are not secure. If we move that responsibility for security into tamper resistant chips and HSMs owned and issued by a few thousand banks, we've reduced the footprint to a set of organizations who specialize in security (and to the small handful of vendors providing solutions.)
If we relax the requirements for hardware tamper resistance at the user's end (via implementing the PIN pads as software on cell phones), every attack will change focus to the weak link. There are literally billions of cell phones in use, with tens of thousands of models of phones and hundreds of thousands of revisions for software for them. The software is written by people wanting to provide cool features, and not by security experts. Can you count on every phone to be secure, always?
If we move to a cell phone based model, it will be a huge expense and will create a set of expectations in the users, just as they have been trained in the convenience of mag stripes today. If we get one or two years into the full deployment and the hackers figure out how to get users to install Trojan Horse PIN pad apps anyway, (via viruses, worms, whatever) then the world will be no better off than they are today. Except, we will have shown them all through our actions that "we spent a ton of money and did it wrong again anyway!"
We have to take all the lessons of the past, including weaknesses in social engineering, EMV protocols, smart card chip design, exploitable differences between old and new protocols, and build a new solution that addresses them all. And we have to do it right the first time, because we won't get a second chance.
I had a bad experience with a plumber one time. Should I say the entire profession is bad?
That depends - did the plumber spout a load of trivially disprovable pseudoscientific nonsense about water and pipework that appears to be shared by the rest of his profession and supported by his professional organisation?
No, but he sold me a Denon amplifier with Monster cables, and porcelain speaker wire standoffs.
Come to think of it, he did tell me to flush a pint of snake oil down the loo every other month to keep the drains clear.
Unfortunately, cell phones that exist today won't work for this. The security has to come from an offline device, one that can't be modified by the user or by a network application. Otherwise, Trojan horses, keyboard monitors, or other malware will become the new avenue of attack.
You could build the card interface device into a mobile phone's shell, but it would need an independent display, keyboard, and chip reader, one the user could trust not to be modified by phone or network updates.
And I'll tell you right now from long experience dealing with people in similar situations that if you give them such a device, they'll demand the next generation of devices will integrate the chip's display and keyboard with the phone. People will say "oh, it's safe." They'll forget or ignore the security reasons for the separation. And not long after that there'll be a rash of phone malware that will persist for many years.
You need the chip on the card, because you can't trust the PIN pad at the retailer, and you can't trust anything short of a chip to prevent duplication.
That PIN pad sitting on the counter might *look* like a real PIN pad, but it might not be on the inside, and from the outside as a customer you have no way of verifying it.
You don't have to check your bank balance daily—just make sure you don't lose the physical card, and review your monthly statements. You would have to do just as much for a credit card.
You are liable for the amount (on a sliding scale) if you don't report the theft within two days. If some waiter skims your debit card's stripe at a restaurant, you will not even know a copy was made, but you are just as liable as if the card were physically stolen. If you check it monthly, that gives the thieves up to 28 days to steal from your account; more than enough time to drain it dry. The only realistic chance you would have of noticing it early is if you get an unexpected NSF while using your card.
Did I say RF? No, I said "chipped", although once the security is done correctly RF might not matter as much as you might think.
The correct protocol is for the merchant to tally the merchandise, and present the customer's card with their merchant ID and the transaction amount. The cardholder then has to see and approve that amount by entering a PIN in order to generate an authorization. (The cardholder needs to enter that PIN into a trusted device, which is best met by a smart card with a built-in keyboard and tiny display, or alternately by a trusted keycard device issued by the bank.) The card uses the PIN to generate a one-time approval code, which is forwarded by any means to the bank, along with the card data (account number or whatever), the amount, and the merchant ID. The bank returns an approval code to the merchant, who gives the merchandise to the customer. All this is digitally signed, of course, and the protocols need to be well laid out to avoid potential problems with respect to money laundering, man in the middle attacks, etc.
Note that the customer's account number is only usable for identification. It's only the chip-generated authorization combined with the user entered PIN that carries the value. Something you have plus something you know.
The authorization data is carried by the merchant and delivered by whatever means to the bank. The Internet would work fine. The merchant can see your account number, but they cannot charge you anything other than the value included in your approval. The authorization code is accepted by the bank for one time only use, and they will pay only the merchant ID indicated in the transaction.
Note that in this case, the card is issued by the bank. The certificates and keys are created and injected in the card by the bank. That means it's 100% bank-owned-and-provided hardware from customer to bank and back again. The bank is 100% in charge of security. All you have to do as a customer is not to lose your chipped card AND keep your PIN secret.
An RF based card would make only a minor difference in security. Sure, someone could ping it, but they couldn't get it to emit an authorization token unless they had it in their hands and pushed the tiny buttons. Protections would have to be taken to prevent RF based man-in-the-middle attacks between the merchant and the customer's card, otherwise the merchant might not get paid. But the customer's money is never at risk except when they are entering their PIN, and are staring at the tiny screen that says "PAY WALMART AMT=$34.56".
Sure, a single bank can stand up their own system. But what retailers are going to sign up and connect to them? What retailers want to take on that expense? And if I create John's Credit Network and Bruce creates Bruce's Credit Network, how would we get cooperative protocols? Finally, who is going to finance and pay to create a system that competes with Visa but doesn't actually generate revenue?
And forgetting the difficulties in creating such a system, think about another hard problem, the human element. It's well-demonstrated that ordinary consumers don't care about security. It's not a selling point. Why not? Even if they cared greatly, the $50 liability limit that the consumer protection laws mandate means that they're not at any real risk for fraud if they stick with their current bank. Where is the consumer appeal for "John's Crypto Credit Card, good at more than two retailers citywide, and your money is mathematically safe!" If I can use John's card at two retailers in town, or a Visa at over 6 million locations worldwide, and I'm only risking $50 to go with the Visa, guess which convenient card I'm going to choose?
Thanks, that's good to know, but I still won't carry a debit card. I'm not in the habit of checking my bank balance daily to see if someone's been stealing from me.
For these laughable "protections", I'd be far better off keeping my money under my mattress. It seems to me it should be 100% of the job of the bank to keep my money safe and secure.
The short answer? The banks will do nothing for you today.
The long answer: Nobody will do anything for you tomorrow, either.
Why? Because Visa does two things, only one of which makes money. First, they are in charge of defining financial card security through the PCI council, and they own and operate the secure network VisaNet, which carries authorizations from retailers to banks. Guess which one makes them money?
If Visa were to design and offer a cryptographically secure solution, one based only on smart cards for the customers and Hardware Security Modules (HSMs) at the banks, then I could safely route my charge authorizations over the plain ol' Internet. I wouldn't need to use the charge-per-transaction VisaNet. Visa would stop making money.
So instead of offering a secure solution, Visa and the PCI council say, "Merchants must lock down their systems, protect this data, follow these 12 steps, acknowledge that you are powerless over alcohol (oh wait, wrong 12 steps), and if you don't, we'll loudly blame you for allowing someone to see our non-existent security."
Visa owns the protocols used between merchants and banks. They could strengthen the protocols. They could prescribe encryption. They could require the deployment of chipped banking cards. But they do not, and have not for many, many years, despite a pathetic track record of security.
If you want the banks to be safe with your money, you ironically have to take charge of your own security. If you switch to using the green paper stuff, your losses will be finitely limited to what you carry on your person. If you want a more achievable answer in today's plastic world, DO NOT CARRY DEBIT CARDS. Debit cards do not offer you protection against loss. Credit cards are limited by U.S. law to a maximum of $50 liability to the cardholder. Debit cards losses are usually covered by the bank, but they are under no legal obligation to do so. For ATM access, most banks will honor your request for an ATM-only card instead of accepting their default ATM/Debit card. Of course, the use of credit cards requires personal discipline to always pay the debt on time, but otherwise you would see little difference.
Why should they allow you to install any app you want?
Because it's my phone, my hardware, I paid for it with my money. Apple does not own it, nor any piece of it. I have the full right to use the software it came with in any way I see fit. And I have the right to put whatever software I want on it.
Apple tries to assert that I do not have that right. Apple's only valid assertion is that if I install software from another source that they shouldn't have to support my stuff any more. Fine, void my warranty. It's still my device.
Bullshit. It's completely censorship. The app store has thousands of stupid "apps" that are little more than lame jokebooks, some based on satire, some based on insults (and most based inexplicably on farting noises.) You can even download a Kindle app and read all kinds of satire, political humor, porn, or outright libel, whatever you can buy from Amazon.
Pretending to uphold moral standards for some people while not having moral standards of their own is just more hypocrisy from the Turtlenecked One and his cultists are always ready to defend him. What's next from the App Store -- a Dianetics App?
Re: your sig
If you learn of an Apple-Google-Nintendo merger, do not be troubled. For you are in Eyjafjallajokull, and are already dying of volcanic ash!
I'm curious as to how you claim that normal street dust is more dangerous. What do you base this on? Volcanic ash is mostly silicates, and based on what happens when you inhale other silicates (Asbestos) I wouldn't be too keen on the substituting volcanic ash for road dust.
It is thought that asbestos is dangerous primarily due to the shape of the crystals. Broken asbestos fibers are essentially electron-microscopically sharp daggers that can slice into a living cell wall and cause the reproducing cell to make faulty copies of its DNA.
Silicates in general may not chemically cause cancer, certain physical structures of the crystals might be responsible. And I'm not saying that volcanic ash contains the "safe" kind or the "bad" kind of crystals. But I don't know that you can accurately make a blanket statement condemning all silicates just because asbestos is a problem.
On the other hand, given the choice I wouldn't want to suck in a lungful of volcanic ash, either.
This description is from the spam merchant's POV, not the spammer who operates the spamming equipment. The merchant wants to get his message out to X people. The spam operators charge money per address.
What'll happen here is the spam operators will find it more difficult to operate in conditions of continual crackdowns. Taking down a 100,000 bot net does not suddenly create 10 10,000 bot networks. The laws of supply and demand will kick in, meaning the price-per-address will rise. And spammers are going to be impacted by price.
you don't declare a war on spam, win it, and then spam is forever gone
Why not? It worked on drugs, terrorism, obesity and poverty.
What are you, some kind of fat, poor, scary junkie?
Hey, wait a minute. I know some people like that.
Caveat: I don't believe this crazy conspiracy crap either. My understanding is that people who've analyzed the chip say the extra real estate is occupied by more primary cache, not by more ALU circuitry.
The article is missing a big point: it IS ARM. Just debugging the code shows it is ARM, not PPC.
I think you missed the point entirely. His speculation is that because the chip is so big, he thinks the extra space on the chip might actually be a native Power processor, and that the CPU is currently running the code in an hardware-based ARM emulator, rather than executing on-die ARM instructions.
Then, when OS XI comes out for the iPad, it'll be written in native Power instructions and the chip will execute new apps twice as fast.
The problem with "credible evidence" is that the word "credible" has no precise meaning. Anyone is free to substitute their own belief structure in there and say it's credible to them. And there are lots of people with some pretty fucked-up belief structures.
Even if it did have a precise meaning, let's look at an example. Say I'm representing an electric company who owns power lines. Say you're a homeowner who lives near one, and your kid gets leukemia. Is there a credible link? I can show you a dozen studies that say "yes", and another dozen studies that say "no." From one point of view, it's not even a credible case.
Now look at another similar kind of case: let's say I claim the fluorescent lighting in my office gave me prostate cancer. Credible? There are plenty of people who believe that kind of shit, and probably a few "studies" that would agree with it. If I find the right "doctor" and pay him enough "expert witness fees", he'll testify in court that just about anything is possible.
Actually, we had some infrared laser retail scanners about 10 years ago. The scanner included a red LED that was (supposed to be) focused on the same spot as the IR laser, making it easy for the cashier to aim. So the big red line the cashier saw wasn't doing the scanning -- it was the IR laser.
People complain about DVD prices, about movie prices, about whatever the studios do that isn't "give away their stuff for free." And those same people (on slashdot and elsewhere) say "You need to find a new approach." So this looks like an effort by the studio to say "See, we're trying a new approach."
However, as you've pointed out, we all recognize this is simply a different approach to packaging and marketing, rather than trying to change the economic model. And this particular attempt is almost sleazy in that the movies are advertised but aren't coming with the rights to watch them.
But here's the deal: high quality movies still cost a truckload of money to make. And they're all a gamble: you can spend $200 million on a movie that flops at the box office, or you could spend that same $200 million and get an epic blockbuster; until the movie hits the screens you really don't know.
I don't expect them to ever give them away for free, and I don't think anyone should ever expect that. They'll simply stop investing money in big movies if there's no chance of payback. Then all we'll get are the low-budget films. (Not that they all suck, but they certainly mostly suck.) I suppose the plus side is that they'll stop giving Michael Bay to make fake-looking CGI explosions.
You have a copy of GI Joe "on the printer"?
You're doing it wrong.
crap, I meant "SNR(with Apple fanboi comments) == SNR(without comments)"
Nice work disabling comments. Let the Cupertino Comment SPAM Bots attack!!!
Oh, please. The Apple fanbois are legion, and never have anything good to say if you disparage their turtleneck-wearing leader or his elite products. Disabling comments is likely to leave the signal-to-noise ratio at exactly the same level it is without comments (zero divided by anything is still zero.)