And when told "yes" and given evidence to this fact you still persist with your "what if" game. Clearly you are not interested in the answer unless it is "no" and will be unlikely to believe anything else. Your cognitive bias is getting in your way here.
Referencing some unnamed compiler flags, comparing block devices across "all phones" even when those block devices differ among carriers and phones, and pointing to an experimental Debian project is not really a "yes", it's a "well, it could be".
This is Slashdot, not a consumer news site, no need to use vague handwaving to explain why something is or is not possible. If you know it's possible, then just say why.
You clearly should not use a cell phone. Your plans to... well, whatever... are clearly too sensitive to risk it.
Call the Mossad.
I questioned whether or not Google (or Apple's) assurance that cell phone encryption is secure, and that means I shouldn't use a cell phone?
I also questioned whether or not the tree in my front yard is going to grow roots through the sewer line (it did), should I stop using the toilet as well?
yes, there are compiler flags to help you ensure that.
What are those compiler flags?
How do I know what flags and which version of which compiler Google used to compile the binaries on my phone? Does Verizon use the same flags and compiler as everyone else?
You can get the source code and compile it once and match it against all phones. It's pretty easy to verify you can just dd if=/dev/mmcblk0p## | sha1sum -
So if I run that on a Verizon phone and an AT&T phone is the difference due to different packages put there by the carriers, different compiler flags and/or compiler version, or because someone put a backdoor in some module?
This is a good example of how linux distributions are trying to achieve this.
Is Google going to include this in their Android bulids?
Android's full disk encryption is just an adaptation of dm-crypt. All the source code is in AOSP and the Linux kernel.
Yes, the radio firmware has privileged access and is closed. But that is true for ANY cell phone. If you're concerned about that, then don't use a cell phone, because malicious firmware can potentially pull anything else out of memory if it wanted.
To call this anything but an improvement is extremely short sighted. Take off your tinfoil hat, please.
Is there any way to audit whether the dm-crypt installed on your device matches the source code? Few people compile their own kernel, so it seems that it would be easy for Google or cellular carrier to slip a back door into the module.
Likewise, I wonder how secure Apple's encryption is -- their very public fight against the DoJ could just be a smokescreen to hide the fact that the government can trivially crack the phones, they just don't want anyone to know. Their fight against the DoJ brings this quote to mind: "The lady doth protest too much, methinks."
That connected to where? A toilet isn't a magical device that makes poo disappear; that stuff goes somewhere. In a motorhome, that's a grey/black water tank that has to be emptied. (hint: there's nowhere on a Google campus to dump your RV waste tanks.) It's also something far too big to drive around town. A delivery truck isn't all that out-of-place in the corner of a parking lot, an RV sure as hell is.
An RV is too big to drive around town? You do know they are street legal right? And somehow Safeway in every town manages to get deliveries from full size 18 wheelers, so I think a 20 or 30 ft RV can manage to fit on the roads.
Given that the kid works at Google, you'd think he could figure out how to use Google to find a nearby RV park every few weeks to dump the waste tanks. Since he's not showering in the RV, he can last quite a while on the tanks. If he really doesn't want to drive it somewhere, for a bit more money, he can have a truck come to him.
Well the $200,000 was handwaving, as I mentioned it would make a $1.35 million house there look like crap.
Another poster mentioned a 900 square foot apartment being 1 million. 900 square foot would be about $60,000 here, so not far from the mark.
Median home price in SF is $1M, in Wichita is $100K which is still "only" a 10X difference. You don't mention where "here" is, but if you're not in a city, it's hardly a fair comparison. And while you *can* pay $1M (or more) for a 900 sq ft Condo near downtown, you could pay less than that for a single family home in some neighborhoods (like the Outer Sunset).
A camper truck isn't the same as a motorhome. You really can't park a motorhome in Silicon Valley. You need to go into the outlying areas to do that legally. Sacramento has plenty of places to park a motorhome.
He's parked in Google's lot. If security lets him live in the back of a truck, why wouldn't they let him live in a motorhome? It's not like he'd be the first.
Plus pay $400 per month to park the motorhome in Sacramento and another $1,000 per month to public transportation into work.
I don't think the guy that lives in his employer's parking lot in a truck is really interested in spending 5 hours on public transportation each day getting to work.
Google pays what's considered well more than a living wage in most parts of the country. However San Francisco real estate costs some 18 times what you'll find in most parts of the country. This isn't because somebody decided that one day, rather collectively a lot of people decided that they just wanted to live there, but San Franciscans are about twice as smug as New Yorkers, so they don't let anybody build up, making the housing availability permanently low, making housing costs more than what NY costs.
The median price for a home there is $1.35 million, and the houses you get at that price are crap compared to what you'll get elsewhere for about $200,000.
18 times? The example you quoted is only 6.75X. The difference in rents is a bit higher, but even that is closer to 7X ($3460 for a one bedroom in SF versus $480 in Wichita).
It's hard to make a direct comparison between NYC and SF because of the large difference in scale -- SF is just a bit bigger than Manhattan, but when most people think of NYC, they include the 5 boroughs that cover a much larger area, you'd need to include SF suburbs to make a more meaningful comparison. If you look at rents in the most expensive part of NYC (Tribeca) and compare to the most expensive part of SF (Russian Hill), NYC is about 10% more expensive than SF.
for $10K, he could have bought a 20 year old motorhome and had a bathroom + kitchen... and windows. Sure, his operating expenses may have been higher due to maintenance, but it seems that it'd still be worth it for the comfort and convenience.
At the very least, he ought to glue up some rigid foam insulation to make the truck more comfortable - the truck must feel like an oven after a warm sunny day, even if he doesn't go to bed until after dark.
I'd be worried about emergency egress from the truck, if a fuel leak causes a fire at the rear of the truck, his only escape will be through the flames.
The Nexus 6 is the obvious answer, even if its camera is possibly not as great as the [P|X]. You get pure Android and Qi.
That's a good point - the Nexus 6 is a reasonable option, except that it's just too big. I borrowed one from a friend for a few days, and just couldn't get used to the size.
I'd sign it, and every time they'd call for help I'd say "Oh yeah, we ran into that before, I don't remember exactly how we resolved that problem in the past, but you can try 'sudo rm -rf/' and see if that fixes it". I'm pretty sure they'd only call once.
I was disappointed by the lack of wireless charging and "only" 32GB for the Nexus 5X so am holding onto my Nexus 5 for now. Are there any other good options for a pure android phone (I bought a Samsung S5, but sold it after a month since I couldn't get used to their Touchwiz interface)? I don't really want to go down the route of Cyanogen mod or other releases where I have to flash the phone myself and some features may or may not be supported.
I'd really like the better camera of the 5X, but don't want to give up wireless charging.
Looking at those documents, I just see a generic document saying they have liability insurance. Where does it say it's actually valid in a states? Pulling down several states, they all seem to be the same document.
That's what a certificate of insurance is, a generic document saying that they have insurance. The policy numbers are different for different states, i.e. "CA43610NJ00" for New Jersey, "CA436100CA00" for California.
If Uber were misrepresenting its insurance by posting bogus or misleading COI's, a plaintiff would likely win a liability lawsuit if in an accident that Uber claims is covered by insurance.
Last May when my auto insurance policy renewed there were a few pages enclosed. Adding / detracting language from the previous policy. While not stating Uber or Lyft by name it was clear that the insurance company was writing them completely out of the picture.
And this is a good point. While Uber claims to have bazillions to insure payments in case of accidents, much of the liability will be negated when the driver's actual insurance company denies your claim for injury. And as well, your own insurence company will bail out as well.
Uber / Lift is an unregulated taxi service staffed by drivers that have met a non-existent bar for entry.
Myself? I always hire a towncar.
Isn't Uber's liability insurance exactly for the situation that you describe? It seems like it would be pretty useless if it were secondary insurance that only covered accidents over and above what is paid out by the driver's insurance.
$1 million of liability coverage per incident. Uber holds a commercial insurance policy with $1 million of coverage per incident. Drivers’ liability to third parties is covered from the moment a driver accepts a trip to its conclusion. This policy is expressly primary to any personal auto coverage (However it will not take precedence over any commercial auto insurance for the vehicle). We have provided a $1 million liability policy since commencing ridesharing in early 2013.
This is an excellent reason to have a reader specific piece of hardware. I use a first gen. paperwhite. Put aside for the moment that it's smaller, lighter and has a backlight that goes dimmer than most tablets making it better hardware for holding up in the dark for long periods. When I'm reading I DON'T WANT to be notified of the latest spam I just got. I don't need the option of browsing some web site and I certainly don't want to watch a movie or listen to music.
I don't see notifications while running the Kindle app unless I go look for them, so I only know an email came in if I want to.
When you're in the store and looking at that black and white e-ink screen and comparing it to the full color display of a standard tablet, there is only one winner. Add in that your e-ink reader only displays words vs. everything a tablet does and any reasonable person would decide a full tablet is a much better way to go. Should you get the chance, borrow a backlit e-ink reader and try it for one night. You'll find the reader is a completely different device than the tablet and those weaknesses are actually strengths.
I have a backlit Kindle (that's the one gathering dust in a drawer) yet still choose to use the tablet.
That may be good in moderate light to see movies, but is horrible to read.
And forget at sunshine.
I have an e-Ink Kindle, but that's been sitting in a desk drawer for the past 9 months as I've switched over to using a Nexus 7 tablet for reading since a tablet can do much more.
I don't read (even books) in bright sunlight, so that aspect of the e-Ink doesn't matter to me, the tablet works fine for everywhere I use it: at home in the dark, in the train, in the office. And if I want to switch gears and send an email, read an IM or browse the web, I don't need to switch to a different device.
I did some contract work at a company once where I knew they were using Oracle products beyond their license. I brought it up with the CTO, even quoting the license contract verbatim and he assured me that it was all covered under license and Oracle knew how we were using the product. We had a pretty simple use case and didn't *need* to run Oracle at all, MySQL or PostgreSQL would have been more that sufficient for our needs (and it would have been easy to , but the CTO thought Oracle made the company more prestigious - so migrating off of Oracle was not an option.
Well, they were "lucky" enough to be chosen for an audit and after we inventoried the systems and sent over the oracle logs, Oracle said we were violating our contract terms and were short by about $250,000 worth of products and $25,000/year in back maintenance for 3 years.
Our CEO had contacts at Oracle and negotiated them down to "only" $150K + $10K/year, but that was a pretty significant hit to the company - they ended up folding about 6 months later (not entirely due to the Oracle expense, but losing a few months of burn didn't help).
That phrase has also been used for heyday IBM and Microsoft. But both sucked.
Sometimes you have to choose between money and sanity.
It used to be true of IBM -- as long as you were willing to pay, you could get near perfect uptime and nearly unlimited scalability. But you definitely had to pay for it -- we had a dedicated IBM service rep with an office in our data center, that sort of service doesn't come cheap. But we had no significant downtime in my 4 years there. Sure we had some jobs fail here or there due to DASD failures, but the core mainframe never had a hiccup and we completed several online hardware upgrades with no downtime.
Of course, I can get even better scalability and uptime with a distributed system (geographically distributed) on commodity hardware today, but that wasn't always a viable option.
Why would I want my web browser to give me desktop notifications? Why the hell would I want a website to give me push notifications even if my browser is closed?
Somehow apparently Google decided what users really wanted was an annoying and intrusive browser, when nothing could be further from the truth.
Definitely a feature which needed to be disabled as soon as it was discovered.
Because you get your emails, calendar appointments, and chat messages in your web browser?
Slashdot Mirror
And when told "yes" and given evidence to this fact you still persist with your "what if" game. Clearly you are not interested in the answer unless it is "no" and will be unlikely to believe anything else. Your cognitive bias is getting in your way here.
Referencing some unnamed compiler flags, comparing block devices across "all phones" even when those block devices differ among carriers and phones, and pointing to an experimental Debian project is not really a "yes", it's a "well, it could be".
This is Slashdot, not a consumer news site, no need to use vague handwaving to explain why something is or is not possible. If you know it's possible, then just say why.
You clearly should not use a cell phone. Your plans to ... well, whatever ... are clearly too sensitive to risk it.
Call the Mossad.
I questioned whether or not Google (or Apple's) assurance that cell phone encryption is secure, and that means I shouldn't use a cell phone?
I also questioned whether or not the tree in my front yard is going to grow roots through the sewer line (it did), should I stop using the toilet as well?
yes, there are compiler flags to help you ensure that.
What are those compiler flags?
How do I know what flags and which version of which compiler Google used to compile the binaries on my phone? Does Verizon use the same flags and compiler as everyone else?
You can get the source code and compile it once and match it against all phones. It's pretty easy to verify you can just dd if=/dev/mmcblk0p## | sha1sum -
So if I run that on a Verizon phone and an AT&T phone is the difference due to different packages put there by the carriers, different compiler flags and/or compiler version, or because someone put a backdoor in some module?
This is a good example of how linux distributions are trying to achieve this.
Is Google going to include this in their Android bulids?
Android's full disk encryption is just an adaptation of dm-crypt. All the source code is in AOSP and the Linux kernel.
Yes, the radio firmware has privileged access and is closed. But that is true for ANY cell phone. If you're concerned about that, then don't use a cell phone, because malicious firmware can potentially pull anything else out of memory if it wanted.
To call this anything but an improvement is extremely short sighted. Take off your tinfoil hat, please.
Is there any way to audit whether the dm-crypt installed on your device matches the source code? Few people compile their own kernel, so it seems that it would be easy for Google or cellular carrier to slip a back door into the module.
Likewise, I wonder how secure Apple's encryption is -- their very public fight against the DoJ could just be a smokescreen to hide the fact that the government can trivially crack the phones, they just don't want anyone to know. Their fight against the DoJ brings this quote to mind: "The lady doth protest too much, methinks."
where are all the "tuition is to high" americans at??? they need to stand up and say enough is enough
In theory, the high tuitions that foreign students pay keeps tuition lower for domestic students.
That connected to where? A toilet isn't a magical device that makes poo disappear; that stuff goes somewhere. In a motorhome, that's a grey/black water tank that has to be emptied. (hint: there's nowhere on a Google campus to dump your RV waste tanks.) It's also something far too big to drive around town. A delivery truck isn't all that out-of-place in the corner of a parking lot, an RV sure as hell is.
An RV is too big to drive around town? You do know they are street legal right? And somehow Safeway in every town manages to get deliveries from full size 18 wheelers, so I think a 20 or 30 ft RV can manage to fit on the roads.
Given that the kid works at Google, you'd think he could figure out how to use Google to find a nearby RV park every few weeks to dump the waste tanks. Since he's not showering in the RV, he can last quite a while on the tanks. If he really doesn't want to drive it somewhere, for a bit more money, he can have a truck come to him.
If he was still drunk after being awaked from sleep, can't we assume he was also drunk when he drove his vehicle into that private parking lot?
I suppose we could also assume he got into his car sober and started drinking but the first case is more likely. Most people drink at bars or at home.
Or maybe he went to the bar first, then when he went back to his car, he slept it off in his car so he could drive safely.
Well the $200,000 was handwaving, as I mentioned it would make a $1.35 million house there look like crap.
Another poster mentioned a 900 square foot apartment being 1 million. 900 square foot would be about $60,000 here, so not far from the mark.
Median home price in SF is $1M, in Wichita is $100K which is still "only" a 10X difference. You don't mention where "here" is, but if you're not in a city, it's hardly a fair comparison. And while you *can* pay $1M (or more) for a 900 sq ft Condo near downtown, you could pay less than that for a single family home in some neighborhoods (like the Outer Sunset).
A camper truck isn't the same as a motorhome. You really can't park a motorhome in Silicon Valley. You need to go into the outlying areas to do that legally. Sacramento has plenty of places to park a motorhome.
He's parked in Google's lot. If security lets him live in the back of a truck, why wouldn't they let him live in a motorhome? It's not like he'd be the first.
Plus pay $400 per month to park the motorhome in Sacramento and another $1,000 per month to public transportation into work.
I don't think the guy that lives in his employer's parking lot in a truck is really interested in spending 5 hours on public transportation each day getting to work.
Google pays what's considered well more than a living wage in most parts of the country. However San Francisco real estate costs some 18 times what you'll find in most parts of the country. This isn't because somebody decided that one day, rather collectively a lot of people decided that they just wanted to live there, but San Franciscans are about twice as smug as New Yorkers, so they don't let anybody build up, making the housing availability permanently low, making housing costs more than what NY costs.
The median price for a home there is $1.35 million, and the houses you get at that price are crap compared to what you'll get elsewhere for about $200,000.
18 times? The example you quoted is only 6.75X. The difference in rents is a bit higher, but even that is closer to 7X ($3460 for a one bedroom in SF versus $480 in Wichita).
It's hard to make a direct comparison between NYC and SF because of the large difference in scale -- SF is just a bit bigger than Manhattan, but when most people think of NYC, they include the 5 boroughs that cover a much larger area, you'd need to include SF suburbs to make a more meaningful comparison. If you look at rents in the most expensive part of NYC (Tribeca) and compare to the most expensive part of SF (Russian Hill), NYC is about 10% more expensive than SF.
for $10K, he could have bought a 20 year old motorhome and had a bathroom + kitchen... and windows. Sure, his operating expenses may have been higher due to maintenance, but it seems that it'd still be worth it for the comfort and convenience.
At the very least, he ought to glue up some rigid foam insulation to make the truck more comfortable - the truck must feel like an oven after a warm sunny day, even if he doesn't go to bed until after dark.
I'd be worried about emergency egress from the truck, if a fuel leak causes a fire at the rear of the truck, his only escape will be through the flames.
The Nexus 6 is the obvious answer, even if its camera is possibly not as great as the [P|X]. You get pure Android and Qi.
That's a good point - the Nexus 6 is a reasonable option, except that it's just too big. I borrowed one from a friend for a few days, and just couldn't get used to the size.
I'd sign it, and every time they'd call for help I'd say "Oh yeah, we ran into that before, I don't remember exactly how we resolved that problem in the past, but you can try 'sudo rm -rf /' and see if that fixes it". I'm pretty sure they'd only call once.
In a few hundred years we'll have mastered harvesting the sun's energy. Assuming we don't all kill each other first.
We've already mastered it, it's just that we're primarily using solar energy that was stored millions of years ago.
I was disappointed by the lack of wireless charging and "only" 32GB for the Nexus 5X so am holding onto my Nexus 5 for now. Are there any other good options for a pure android phone (I bought a Samsung S5, but sold it after a month since I couldn't get used to their Touchwiz interface)? I don't really want to go down the route of Cyanogen mod or other releases where I have to flash the phone myself and some features may or may not be supported.
I'd really like the better camera of the 5X, but don't want to give up wireless charging.
Looking at those documents, I just see a generic document saying they have liability insurance. Where does it say it's actually valid in a states? Pulling down several states, they all seem to be the same document.
That's what a certificate of insurance is, a generic document saying that they have insurance. The policy numbers are different for different states, i.e. "CA43610NJ00" for New Jersey, "CA436100CA00" for California.
If Uber were misrepresenting its insurance by posting bogus or misleading COI's, a plaintiff would likely win a liability lawsuit if in an accident that Uber claims is covered by insurance.
Last May when my auto insurance policy renewed there were a few pages enclosed. Adding / detracting language from the previous policy. While not stating Uber or Lyft by name it was clear that the insurance company was writing them completely out of the picture.
And this is a good point. While Uber claims to have bazillions to insure payments in case of accidents, much of the liability will be negated when the driver's actual insurance company denies your claim for injury. And as well, your own insurence company will bail out as well.
Uber / Lift is an unregulated taxi service staffed by drivers that have met a non-existent bar for entry.
Myself? I always hire a towncar.
Isn't Uber's liability insurance exactly for the situation that you describe? It seems like it would be pretty useless if it were secondary insurance that only covered accidents over and above what is paid out by the driver's insurance.
They even say that it's primary insurance:
http://newsroom.uber.com/2014/...
$1 million of liability coverage per incident. Uber holds a commercial insurance policy with $1 million of coverage per incident. Drivers’ liability to third parties is covered from the moment a driver accepts a trip to its conclusion. This policy is expressly primary to any personal auto coverage (However it will not take precedence over any commercial auto insurance for the vehicle). We have provided a $1 million liability policy since commencing ridesharing in early 2013.
They have their Certificate of Insurance docs online for each state.
since a tablet can do much more
This is an excellent reason to have a reader specific piece of hardware. I use a first gen. paperwhite. Put aside for the moment that it's smaller, lighter and has a backlight that goes dimmer than most tablets making it better hardware for holding up in the dark for long periods. When I'm reading I DON'T WANT to be notified of the latest spam I just got. I don't need the option of browsing some web site and I certainly don't want to watch a movie or listen to music.
I don't see notifications while running the Kindle app unless I go look for them, so I only know an email came in if I want to.
When you're in the store and looking at that black and white e-ink screen and comparing it to the full color display of a standard tablet, there is only one winner. Add in that your e-ink reader only displays words vs. everything a tablet does and any reasonable person would decide a full tablet is a much better way to go. Should you get the chance, borrow a backlit e-ink reader and try it for one night. You'll find the reader is a completely different device than the tablet and those weaknesses are actually strengths.
I have a backlit Kindle (that's the one gathering dust in a drawer) yet still choose to use the tablet.
Non e-ink tablets tend to be glossy.
That may be good in moderate light to see movies, but is horrible to read.
And forget at sunshine.
I have an e-Ink Kindle, but that's been sitting in a desk drawer for the past 9 months as I've switched over to using a Nexus 7 tablet for reading since a tablet can do much more.
I don't read (even books) in bright sunlight, so that aspect of the e-Ink doesn't matter to me, the tablet works fine for everywhere I use it: at home in the dark, in the train, in the office. And if I want to switch gears and send an email, read an IM or browse the web, I don't need to switch to a different device.
What is it exactly that legally entitles companies like Oracle to audit you?
Why can't you just tell them to F off?
Contracts.
I did some contract work at a company once where I knew they were using Oracle products beyond their license. I brought it up with the CTO, even quoting the license contract verbatim and he assured me that it was all covered under license and Oracle knew how we were using the product. We had a pretty simple use case and didn't *need* to run Oracle at all, MySQL or PostgreSQL would have been more that sufficient for our needs (and it would have been easy to , but the CTO thought Oracle made the company more prestigious - so migrating off of Oracle was not an option.
Well, they were "lucky" enough to be chosen for an audit and after we inventoried the systems and sent over the oracle logs, Oracle said we were violating our contract terms and were short by about $250,000 worth of products and $25,000/year in back maintenance for 3 years.
Our CEO had contacts at Oracle and negotiated them down to "only" $150K + $10K/year, but that was a pretty significant hit to the company - they ended up folding about 6 months later (not entirely due to the Oracle expense, but losing a few months of burn didn't help).
That phrase has also been used for heyday IBM and Microsoft. But both sucked.
Sometimes you have to choose between money and sanity.
It used to be true of IBM -- as long as you were willing to pay, you could get near perfect uptime and nearly unlimited scalability. But you definitely had to pay for it -- we had a dedicated IBM service rep with an office in our data center, that sort of service doesn't come cheap. But we had no significant downtime in my 4 years there. Sure we had some jobs fail here or there due to DASD failures, but the core mainframe never had a hiccup and we completed several online hardware upgrades with no downtime.
Of course, I can get even better scalability and uptime with a distributed system (geographically distributed) on commodity hardware today, but that wasn't always a viable option.
Why would I want my web browser to give me desktop notifications? Why the hell would I want a website to give me push notifications even if my browser is closed?
Somehow apparently Google decided what users really wanted was an annoying and intrusive browser, when nothing could be further from the truth.
Definitely a feature which needed to be disabled as soon as it was discovered.
Because you get your emails, calendar appointments, and chat messages in your web browser?
You really going to take a taxi to the grocery store?
Well no, I would walk to the grocery store and take the taxi home.