While the idea of using an Apple-like magnetic connector is cool, there are a lot of issues:
(1) Some of us do work where having strong magnets laying around on a desk is a bad idea. (2) The Apple MagSafe adapters have been highly unreliable, and Apple won't license to third-parties, so you're stuck buying another Apple adapter which will then fail. (3) There can be reports of metal fragments and other magnetic particles sticking to the plug and causing problems.
The answer is the same - money. Those darned evil companies actually enjoy it when you buy their products, over and over again.
There's a real reason why inkjet cartridges differ among manufacturers -- many have the printhead built-in, and printhead is one of the differentiators that distinguish quality (and price) among manufacturers. Even for those that don't include the printhead, the manufacturer tailors the ink for their own printhead and ink delivery system. However, what should be against the law is chipping the inkject cartridge to prevent 3rd party replacements from working - if someone is willing to risk leaks or poorer quality with a 3rd party cartridge, they should be allowed to.
The laptop batter is integrally molded to fit within your laptop. The cells within the plastic are already industry standard cells that you can buy on the open market.
However, it's harder for a manufacturer to argue that they need a custom power adapter if there were an industry standard multi-voltage adapter available. After all, 100W at 17V is the same no matter who makes the adapter. There can be an industry certification process for voltage drop at high currents, ripple, etc, so the manufacturer can say that only "certified" adapters may be used.
They sold over $1.5B worth of Roadsters (1650 @ $109,000) and have used Roadster technology to help produce a more affordable car that will let them sell more cars. The $100K car market is only so big, I don't think they planned on selling millions of the Roadsters. The new "affordable" Model S won't hit the market until next mid next year.
Weighs about 200 pounds and will run however long you need it.
It turns out that computers don't run so well off of small generators - I had small facility that I tried to run off off a generator part-time. We tried a variety of small generators, everything from a small Honda 2000W Inverter model up to a 15KW gasoline powered generator. The APC SmartUPS UPS's didn't fare any better - they switched to battery as soon as we cut over to generator. One computer managed to run for about an hour on the Honda inverter generator, but then the power supply literally began to smoke, I guess the generator doesn't do a good job of approximating a sine wave.
The magic fix was a 20KW diesel generator, but only when we had it about 50% loaded by turning on most of the lights in the facility. When it was lightly loaded, I'm guessing that the frequency wasn't stable enough.
There is a product called HotPlug that is meant for seizing assets without powering them down. It works pretty slick. Basically, you plug it into the same power strip, flip the switch and unplug the powerstrip from the wall. You can also splice into the cord or outlet if needed. http://www.wiebetech.com/products/HotPlug.php
Interesting device -- I see on the specs page that it only goes up to 5 amps.
So it looks like I might (barely) be safe on my fully loaded Sun E450 (500W power supplies) as long as I step down the input voltage to 100V.
Of course, my original point still stands that it makes no sense to power an entire rack when all you want is one server. If you can figure out how to cut over to your own UPS, I think you can figure out how to keep power to the server while you unrack it.
In any case, if I was writing malware i'd be detecting when network connectivity changed (eg my server was being loaded into a truck and no longer connected to the data centre) and initiating an erase of all the disks and RAM... keeping the server hot to run forensics would only make this easier.
Or better, an inertial motion sensor located inside the server case:
I am a federal agent (non-FBI) who has seized large amounts of digital evidence. In criminal cases, you need entire hard drives so you can do forensic extraction. Can you ask the ISP to retrieve the data for you? Yes. However, it depends on 1.) Is this an email address or a large organization with colocated servers. 2.) How much do you trust the ISP? (based on past actions, size, clientele, etc.). BTW, if you search large companies who have their congressman on speed dial, you can be assured that the agents and judge have evaluated the impact to legitimate business vs illegal activity.
I'd think that the same thing applies when the FBI sees a suspect enter a parking garage - they know he entered the garage and are pretty sure that he hid his contraband in a car. The garage owner might be working with the suspect, so they can't trust him. The question is, can they seize all 200 cars in the garage and tow them back to be disassembled and searched to be eventually returned to the owners, perhaps no longer in working order? Would any judge allow that?
If the answer is no, why is it different with servers?
It is likely there was no way to remove the server from the enclosure while keeping it supplied with power. So what they likely did is they spliced in their own UPS to the cabinet and rolled the whole thing out. to their truck where they could keep it powered till a expert could get in and get a dump of the system state
And if they have this magic splicing capability (as opposed to relying on redundant power supplies to let them transparently hook up their UPS), are you saying that it was easier to supply 10KW of power to an entire cabinet than it would have been to supply 400W of power to a single server?
They'd need 1000 pounds of batteries to keep the cabinet powered for any appreciable amount of time.
Hey, what can I say, I wasn't a traditional geek in high school, never touched a computer until I took an intro to programming class, spent more time in the gym than studying and was a Child Development major in college (which meant I was surrounded by eligible (and willing!) women). It wasn't until later that I let my true geek emerge and ended up with a Master's in Computer Science (after a short stint as a physics major). And yes, it took me a long time to graduate, but I had a lot of fun along the way! (but no D&D)
Would it have been so hard to use the summary to reveal who Gary Gygax is? It's not like he's a famous geek like John Bardeen.
Unless you are under 25, you must turn in your geek card...Gary Gygax was the founder of TSR, which produced the RPG Dungeons and Dragons, now owned by Wizards of the Coast.
Oh, that.
I was out having sex while my geek friends were playing D&D.
They could lay out the escalators so that you have matching up or down side by side by stacking them 4 wide.
Start with two close together at ground floor, then two on the outside of those from first, then two close together again from second. That way going up or down would simply be a case of a quick turn at each landing.
a bit like having two spiral staircases close together.
They could, and if they were an office building they probably would. But their goal is not to get me in and out of the mall as quickly as possible - they want me to linger and have to travel past as many stores as possible. The store owners spend a lot of time building window displays designed to attract and nudge me into their store.
The blackberry is still far superior for Exchange email and calendaring than any Android or iPhone device that I've tried..
That's the problem. They're great at that and not much else. iPhones and Androids are good at email and good at a whole bunch of things. I guess the market for really hardcore email / Exchange integration isn't all that big.
Yeah, I agree, my BB is great at email, but not so great at just about anything else (except SSH). I carry an Android for personal use and rarely use my Blackberry outside of business hours.
And most malls and department stores use nudging to encourage you to use the escalators instead of the elevator, even though the elevator is often more convenient. When I walk in my local mall, the escalator is hugely apparent, but the elevators are off to the side and not in direct line of sight. The escalators are typically less convenient to go up multiple floors, since you need to go up a floor, then walk around a semi-circle to get to the next escalator and repeat until you reach the floor you want.
Escalators have greater capacity than elevators (this likely more cost effective), and escalator patrons are forced to walk through more of the store, so the mall nudges (and not very subtly) patrons to take the escalator. Further, they can count as emergency egress points, reducing the size of stairwells that have to be provided.
Ethical? It's their property, they can nudge me to climb a ladder between floors if they want to, but if they make me feel unwelcome or uncomfortable, I won't go back, so how far they can nudge me is self limiting.
The hanging balls mentioned in the article don't seem intuitive enough to modify behavior without explanation.
This is childish, a diversion from the real criminals in government. Slashdot should ignore this, but most on here are anti-American anything so it gets posted. You idiots do realize both parties are screwing us over?
I think you're reading the wrong website if you're expecting balanced news reporting from all sides of the political spectrum - Slashdot is not a political website (though they do certainly run politically slanted aricles on geek political issues like net neutrality and freedom of speech issues).
This issue has some geek interest since the documents were released on paper (apparently as a big F*ck you! to everyone that wanted to make them public, since a CD-ROM or DVD release would have been trivial and saved a lot of paper, if you can print something you can capture it as a PDF), and a website scanned in the emails to make them publically available and searchable.
If they hadn't tried to obfuscate them with a paper-only release and released the emails online like any agency interested in transparency would have done, then this issue would have likely not made the pages of slashdot since all of the mainstream news outlets would have published a link to them.
But isn't the point of a book that you/read/ it? Instead of skimming over the pages?.
I have many reference books where I read only a few selected chapters after skimming to find the information I'm interested in. I often skim through entire chapters to see if it's got the information I want. I almost never read a technical book cover to cover - it's not a novel and I don't treat it as one.
I, for one, know very well what I'd like to learn from a book, so why does the author decide for me?
Isn't that the whole point of skimming the book? I may not care about how to integrate Drupal and Myspace so I can quickly skim over or skip those chapters, and then concentrate on those areas that do interest me.
What memeory problem? It uses 150MB when just browsing with a few tabs open, I've stress tested mine with 10 tabs of videos, pages and flash. It never passes 250MB. Who even has that little RAM still, let alone uses firefox like that?
My browser has been open for about 2 days, I have around 20 tabs open (no video sites, though I'm sure a lot of the pages have Flash ads)
It's currently using 2200MB of virtual memory and 1100MB of real memory.
That doesn't include the 289MB/123MB used by the Flash plugin container.
So at which point you say "hell yeah. fuck verizon. that's what they get for being a big monolithic company, screw the man!" until you realize that these competitors wouldn't exist without "the man" because the infrastructure they're renting wouldn't exist or be maintained.
So without large, monolithic telcos, there'd be no telephone system?
I think it's more likely that without large telcos, there'd be a set of smaller telcos, so someone wishing to resell services would have to negotiate with multiple companies. I don't know if that would result in higher or lower prices to the end-user, since economies of scale factor in, but so does efficiency/overhead of a large company. My small credit union gives me much better service at lower rates than my former large bank, but they don't have thousands of miles of wiring to maintain. There must be some happy medium where a smaller telco can provide good service at lower rates than a large monolithic company.
In any case, I don't think it's true that there'd be no telephone infrastructure without Verizon, so it doesn't seem that a company should thank Verizon merely for existing.
You should use a virtual number every single time when online. All merchants are shady in that there's no telling when their records may be compromised.
Even though my credit card number has been compromised twice (once thanks to Nashbar, a large, legitimate retailer), I've suffered no out of pocket losses - just 15 minutes to call the bank, then fill out the followup paperwork.
Since the inconvenience to me is small, and all of the loss is shouldered by the bank and merchant, I see no reason to spend an extra few minutes with every purchase to get a virtual card number. If I have some reason to suspect that the merchant is not going to take care of my number (i.e. if he seems like some fly-by-night outfit), then I'll take the time to use a virtual card number to save myself some inconvenience, but otherwise, it's not worth it to me.
There are many ways banks could make credit cards more secure, but for now it's cheaper to eat the losses (which mostly get passed on to merchants anyway).
Just saying it will take an astronomical amount of time to bruteforce the entire key space does not imply your key will be the last one guessed;)
Actually I think it's pretty much guaranteed that the correct key will be the last one guessed -- why would you continue to guess keys after you've already found it? Kind of like how you always find your wallet in the last place you look, you stop looking after you find it.
"Even if the data is encrypted, if you're using a virtual server in The Cloud, then the server requires the key to decrypt it, and anyone with access to that virtual machine can then read the data."
I made this same argument at work (Fortune 10 company), nobody had apparently thought of that - not only does your 'cloud' application need the key, but we also outsource most of the coding to India, Mexico, etc. If you lay off one of those people (or, uh, 'end their contract') they could potentially walk with the key and post it on the 'net, giving millions of potential hackers the key to get to your 'cloud data' (this holds even if your app is internal using the cloud only for data storage).
Why do your developers have the encryption key to the production database? No single person should have access to the complete key. And you should rotate keys regularly so even if someone does steal your key, it has a limited lifetime.
While the idea of using an Apple-like magnetic connector is cool, there are a lot of issues:
(1) Some of us do work where having strong magnets laying around on a desk is a bad idea. (2) The Apple MagSafe adapters have been highly unreliable, and Apple won't license to third-parties, so you're stuck buying another Apple adapter which will then fail. (3) There can be reports of metal fragments and other magnetic particles sticking to the plug and causing problems.
Citation needed.
#1 - compass calibrators
#2 - http://www.zdnet.com/blog/mobile-gadgeteer/apple-magsafe-failure-prevents-work-from-getting-done/276
#3 - http://www.corbisimages.com/stock-photo/rights-managed/BE052647/huge-magnet-picking-up-scrap-metal/?ext=1
How about ink cartdridges? Laptop batteries? etc.
The answer is the same - money. Those darned evil companies actually enjoy it when you buy their products, over and over again.
There's a real reason why inkjet cartridges differ among manufacturers -- many have the printhead built-in, and printhead is one of the differentiators that distinguish quality (and price) among manufacturers. Even for those that don't include the printhead, the manufacturer tailors the ink for their own printhead and ink delivery system. However, what should be against the law is chipping the inkject cartridge to prevent 3rd party replacements from working - if someone is willing to risk leaks or poorer quality with a 3rd party cartridge, they should be allowed to.
The laptop batter is integrally molded to fit within your laptop. The cells within the plastic are already industry standard cells that you can buy on the open market.
However, it's harder for a manufacturer to argue that they need a custom power adapter if there were an industry standard multi-voltage adapter available. After all, 100W at 17V is the same no matter who makes the adapter. There can be an industry certification process for voltage drop at high currents, ripple, etc, so the manufacturer can say that only "certified" adapters may be used.
Tell me again where the failure is?
The failure is in your multiplication. It is $180 million, not $1.8 billion.
Ahh yeah, you're right - that'll teach me for miscounting my 0's!
They sold over $1.5B worth of Roadsters (1650 @ $109,000) and have used Roadster technology to help produce a more affordable car that will let them sell more cars. The $100K car market is only so big, I don't think they planned on selling millions of the Roadsters. The new "affordable" Model S won't hit the market until next mid next year.
Tell me again where the failure is?
http://www.google.com/products/catalog?hl=en&q=10000+watt+generator&safe=off&sqi=2&cid=11842679777176480618&os=contents
Weighs about 200 pounds and will run however long you need it.
It turns out that computers don't run so well off of small generators - I had small facility that I tried to run off off a generator part-time. We tried a variety of small generators, everything from a small Honda 2000W Inverter model up to a 15KW gasoline powered generator. The APC SmartUPS UPS's didn't fare any better - they switched to battery as soon as we cut over to generator. One computer managed to run for about an hour on the Honda inverter generator, but then the power supply literally began to smoke, I guess the generator doesn't do a good job of approximating a sine wave.
The magic fix was a 20KW diesel generator, but only when we had it about 50% loaded by turning on most of the lights in the facility. When it was lightly loaded, I'm guessing that the frequency wasn't stable enough.
There is a product called HotPlug that is meant for seizing assets without powering them down. It works pretty slick. Basically, you plug it into the same power strip, flip the switch and unplug the powerstrip from the wall. You can also splice into the cord or outlet if needed.
http://www.wiebetech.com/products/HotPlug.php
Interesting device -- I see on the specs page that it only goes up to 5 amps.
So it looks like I might (barely) be safe on my fully loaded Sun E450 (500W power supplies) as long as I step down the input voltage to 100V.
Of course, my original point still stands that it makes no sense to power an entire rack when all you want is one server. If you can figure out how to cut over to your own UPS, I think you can figure out how to keep power to the server while you unrack it.
In any case, if I was writing malware i'd be detecting when network connectivity changed (eg my server was being loaded into a truck and no longer connected to the data centre) and initiating an erase of all the disks and RAM... keeping the server hot to run forensics would only make this easier.
Or better, an inertial motion sensor located inside the server case:
http://www.motionnode.com/
As soon as it detects motion, have the server erase everything.
I am a federal agent (non-FBI) who has seized large amounts of digital evidence. In criminal cases, you need entire hard drives so you can do forensic extraction. Can you ask the ISP to retrieve the data for you? Yes. However, it depends on 1.) Is this an email address or a large organization with colocated servers. 2.) How much do you trust the ISP? (based on past actions, size, clientele, etc.). BTW, if you search large companies who have their congressman on speed dial, you can be assured that the agents and judge have evaluated the impact to legitimate business vs illegal activity.
I'd think that the same thing applies when the FBI sees a suspect enter a parking garage - they know he entered the garage and are pretty sure that he hid his contraband in a car. The garage owner might be working with the suspect, so they can't trust him. The question is, can they seize all 200 cars in the garage and tow them back to be disassembled and searched to be eventually returned to the owners, perhaps no longer in working order? Would any judge allow that?
If the answer is no, why is it different with servers?
It is likely there was no way to remove the server from the enclosure while keeping it supplied with power. So what they likely did is they spliced in their own UPS to the cabinet and rolled the whole thing out. to their truck where they could keep it powered till a expert could get in and get a dump of the system state
And if they have this magic splicing capability (as opposed to relying on redundant power supplies to let them transparently hook up their UPS), are you saying that it was easier to supply 10KW of power to an entire cabinet than it would have been to supply 400W of power to a single server?
They'd need 1000 pounds of batteries to keep the cabinet powered for any appreciable amount of time.
Sure you were, cool guy. Now please go away.
Hey, what can I say, I wasn't a traditional geek in high school, never touched a computer until I took an intro to programming class, spent more time in the gym than studying and was a Child Development major in college (which meant I was surrounded by eligible (and willing!) women). It wasn't until later that I let my true geek emerge and ended up with a Master's in Computer Science (after a short stint as a physics major). And yes, it took me a long time to graduate, but I had a lot of fun along the way! (but no D&D)
Would it have been so hard to use the summary to reveal who Gary Gygax is? It's not like he's a famous geek like John Bardeen.
Unless you are under 25, you must turn in your geek card...Gary Gygax was the founder of TSR, which produced the RPG Dungeons and Dragons, now owned by Wizards of the Coast.
Oh, that.
I was out having sex while my geek friends were playing D&D.
Would it have been so hard to use the summary to reveal who Gary Gygax is? It's not like he's a famous geek like John Bardeen.
They could lay out the escalators so that you have matching up or down side by side by stacking them 4 wide.
Start with two close together at ground floor, then two on the outside of those from first, then two close together again from second. That way going up or down would simply be a case of a quick turn at each landing.
a bit like having two spiral staircases close together.
They could, and if they were an office building they probably would. But their goal is not to get me in and out of the mall as quickly as possible - they want me to linger and have to travel past as many stores as possible. The store owners spend a lot of time building window displays designed to attract and nudge me into their store.
The blackberry is still far superior for Exchange email and calendaring than any Android or iPhone device that I've tried..
That's the problem. They're great at that and not much else. iPhones and Androids are good at email and good at a whole bunch of things. I guess the market for really hardcore email / Exchange integration isn't all that big.
Yeah, I agree, my BB is great at email, but not so great at just about anything else (except SSH). I carry an Android for personal use and rarely use my Blackberry outside of business hours.
When is the last time you have used blackberry phone ?
2 minutes ago.
The blackberry is still far superior for Exchange email and calendaring than any Android or iPhone device that I've tried.
Several execs in my company tried to move to shiny new iPhones, but all of them came back to Blackberries. Well, some carry both a BB and iPhone.
And most malls and department stores use nudging to encourage you to use the escalators instead of the elevator, even though the elevator is often more convenient. When I walk in my local mall, the escalator is hugely apparent, but the elevators are off to the side and not in direct line of sight. The escalators are typically less convenient to go up multiple floors, since you need to go up a floor, then walk around a semi-circle to get to the next escalator and repeat until you reach the floor you want.
Escalators have greater capacity than elevators (this likely more cost effective), and escalator patrons are forced to walk through more of the store, so the mall nudges (and not very subtly) patrons to take the escalator. Further, they can count as emergency egress points, reducing the size of stairwells that have to be provided.
Ethical? It's their property, they can nudge me to climb a ladder between floors if they want to, but if they make me feel unwelcome or uncomfortable, I won't go back, so how far they can nudge me is self limiting.
The hanging balls mentioned in the article don't seem intuitive enough to modify behavior without explanation.
This is childish, a diversion from the real criminals in government. Slashdot should ignore this, but most on here are anti-American anything so it gets posted. You idiots do realize both parties are screwing us over?
I think you're reading the wrong website if you're expecting balanced news reporting from all sides of the political spectrum - Slashdot is not a political website (though they do certainly run politically slanted aricles on geek political issues like net neutrality and freedom of speech issues).
This issue has some geek interest since the documents were released on paper (apparently as a big F*ck you! to everyone that wanted to make them public, since a CD-ROM or DVD release would have been trivial and saved a lot of paper, if you can print something you can capture it as a PDF), and a website scanned in the emails to make them publically available and searchable.
If they hadn't tried to obfuscate them with a paper-only release and released the emails online like any agency interested in transparency would have done, then this issue would have likely not made the pages of slashdot since all of the mainstream news outlets would have published a link to them.
When I saw the sarahsinbox.com url, I thought maybe it was her box in a box: http://www.youtube.com/watch?v=3xElIik0Ys0
But isn't the point of a book that you /read/ it? Instead of skimming over the pages? .
I have many reference books where I read only a few selected chapters after skimming to find the information I'm interested in. I often skim through entire chapters to see if it's got the information I want. I almost never read a technical book cover to cover - it's not a novel and I don't treat it as one.
I, for one, know very well what I'd like to learn from a book, so why does the author decide for me?
Isn't that the whole point of skimming the book? I may not care about how to integrate Drupal and Myspace so I can quickly skim over or skip those chapters, and then concentrate on those areas that do interest me.
What reason could you possibly have for keeping 20 tabs open for 2 days?
I don't have the same 20 tabs open today that I had open yesterday -- only 4 are pinned as app tabs and open continuously.
What memeory problem? It uses 150MB when just browsing with a few tabs open, I've stress tested mine with 10 tabs of videos, pages and flash. It never passes 250MB.
Who even has that little RAM still, let alone uses firefox like that?
My browser has been open for about 2 days, I have around 20 tabs open (no video sites, though I'm sure a lot of the pages have Flash ads)
It's currently using 2200MB of virtual memory and 1100MB of real memory.
That doesn't include the 289MB/123MB used by the Flash plugin container.
So at which point you say "hell yeah. fuck verizon. that's what they get for being a big monolithic company, screw the man!" until you realize that these competitors wouldn't exist without "the man" because the infrastructure they're renting wouldn't exist or be maintained.
So without large, monolithic telcos, there'd be no telephone system?
I think it's more likely that without large telcos, there'd be a set of smaller telcos, so someone wishing to resell services would have to negotiate with multiple companies. I don't know if that would result in higher or lower prices to the end-user, since economies of scale factor in, but so does efficiency/overhead of a large company. My small credit union gives me much better service at lower rates than my former large bank, but they don't have thousands of miles of wiring to maintain. There must be some happy medium where a smaller telco can provide good service at lower rates than a large monolithic company.
In any case, I don't think it's true that there'd be no telephone infrastructure without Verizon, so it doesn't seem that a company should thank Verizon merely for existing.
You should use a virtual number every single time when online. All merchants are shady in that there's no telling when their records may be compromised.
Even though my credit card number has been compromised twice (once thanks to Nashbar, a large, legitimate retailer), I've suffered no out of pocket losses - just 15 minutes to call the bank, then fill out the followup paperwork.
Since the inconvenience to me is small, and all of the loss is shouldered by the bank and merchant, I see no reason to spend an extra few minutes with every purchase to get a virtual card number. If I have some reason to suspect that the merchant is not going to take care of my number (i.e. if he seems like some fly-by-night outfit), then I'll take the time to use a virtual card number to save myself some inconvenience, but otherwise, it's not worth it to me.
There are many ways banks could make credit cards more secure, but for now it's cheaper to eat the losses (which mostly get passed on to merchants anyway).
Just saying it will take an astronomical amount of time to bruteforce the entire key space does not imply your key will be the last one guessed ;)
Actually I think it's pretty much guaranteed that the correct key will be the last one guessed -- why would you continue to guess keys after you've already found it? Kind of like how you always find your wallet in the last place you look, you stop looking after you find it.
"Even if the data is encrypted, if you're using a virtual server in The Cloud, then the server requires the key to decrypt it, and anyone with access to that virtual machine can then read the data."
I made this same argument at work (Fortune 10 company), nobody had apparently thought of that - not only does your 'cloud' application need the key, but we also outsource most of the coding to India, Mexico, etc. If you lay off one of those people (or, uh, 'end their contract') they could potentially walk with the key and post it on the 'net, giving millions of potential hackers the key to get to your 'cloud data' (this holds even if your app is internal using the cloud only for data storage).
Why do your developers have the encryption key to the production database? No single person should have access to the complete key. And you should rotate keys regularly so even if someone does steal your key, it has a limited lifetime.