It's not necessarily your facebook account they want. Majority of people use the same (or similar enough to guess via automated mutation) password on facebook as they do on their other accounts - bank, ebay, paypal - all accounts which can be monetized faster than a facebook account. If your email password is compromised, most sites passwords can be reset via your email to gain access.
And yet, when I had an insurance company continue to do direct withdrawals from my account without my authorization after I cancelled my insurance policy, my bank told me their responsibility is to tell me who took the money, not to refund it. It was my responsibility to chase after the insurance company. I tried blocking the payments, so the insurance company changed the amount by a penny and it went through again. Bank explained that I have to know the exact amount or they can't block it. I later found out they could have put manual blocks in place, but that's too expensive for a human to check every withdrawal, so they didn't offer it. I closed the checking account, so the bank proceeded to overdraft from my other account, tacking on an additional fee of course. Eventually just closed all accounts with the bank. Insurance company eventually refunded the money they took, but not the overdraft fee I incurred.
So maybe this guarantee is only if you can prove that the money was stolen because of stolen credentials. If you can't prove it, you don't get this coverage?
The problem with this solution is that he "swatting concern" database is open for anyone to edit, therefore a completely untrusted source of information. Is it really better for the responders to have such untrusted information which anyone can manipulate? What exactly will they do differently when responding to an address in the database? If nothing, then why bother them with the information?
If this was a secured database where only trusted sources can access it, for example police knowing a residence has a history of being swatted, then it might be somewhat useful. It can still be manipulated, but would require a lot more resources (if you want to get on that list you have to swat yourself a few times and not get caught).
Vehicles can be used as lethal weapons. Imagine all those self driving vehicles which suddenly flip one "if" statement, and rather than avoiding pedestrians they aim to hit them. Better yet, imagine a more advanced hack which will perform face recognition and only target specific pedestrian, or even a group of pedestrians. Organized car attacks could be used to attack infrastructure too. 100 million cars suddenly used as weapons might present more danger to the people than a few thousands border patrol robots. While people are thinking about regulating military robots, I don't see any lawmakers worry about cloud connected, self driving capable cars as lethal weapons.
How did you "overstayed at the airport" from "...overstaying their allowed time in the U.S...,."??? In a rush to post a comment and never bothered reading the rest of the sentence?
Show me one cloud vendor who will pay for actual losses cause by their outages (rather than maybe refund this months fee), or one that will not provide government with data they request or simply provide a back-door. It's nice how many providers claim 99.999% availability but are unable to offer insurance against it assuming those odds (for example break even insurance would be I pay $1 per day, and for outage I get paid $100,000 per day, or $69.4 per minute, if they paid $50/minute of outage and charged $1 per day for this insurance, they'd be making money, unless of course 99.999% outage is a fake number).
Why is AI needed for matching colors? As long as measured by the same good quality sensor in same lighting conditions, there should be be no need for AI to match the color exactly.
What is the point of stating that top 4 companies of a very large sector spend more combined than one company of some other sector? Why not turn it around, do top 4 auto manufactures combined spend more on long-term investments than just Google?
Got 2 iPhone X'es in my household and they get the worst WiFi reception out of all devices in the house (Apple banned any apps that will actually show you channels and signal strength, but you can still monitor from the AP side). An iPhone 6 and and iPhone 5S work great where iPhone X loses 5GHz and switches to 2.4GHz as backup. Grabbed an iPhone X and Galaxy S9+ and started walking away from the home, Galaxy got twice as far (by a couple hundred feet) before not being able to stay connected. Sounds like iPhone XS is continuing with the decline. Maybe a ploy to sell Apple's WiFi AP products?
The higher the reliance on a centralized cloud, the more "eggs in the same basket" which break on a whim of some paper pusher in a company you don't control, caused by their incompetence, by their own beliefs or by some viral social outrage. Then of course there is "if we loose your data all you get is your monthly subscription cost back for this month", or "sorry, we're not going to fight a government request for your data", "we're shutting down the service, all the content you purchased and/or created is now gone". The industry keep cycling between centralized and decentralized computing. I wonder when the cloud based services are going to go the way of a mainframe.
So your argument is that Trump got elected by the far left and far right, since everyone else voted for Hillary? Care to show any evidence how far left supported Trump?
What you need is an Augmented Reality app that will superimpose turn signals on any cars it perceives as turning? Maybe some AI that will even watch for the drivers eyeing their blind spot before turning? Way more likely to work than hoping everyone in LA starts driving a Tesla.
"MS is willing to accept an additional cost"? You mean "MS is willing to pass on the additional cost to its customers, with an appropriate markup of course". Next time the government support contracts are up for negotiation, prices needs to up, but at least they will have a good PR excuse. If you think they will just eat the cost, your are mistaken. Nothing is free, someone has to pay for it in the end, the question is who will pay for this.
Whenever you hear someone is getting some benefit, think who is paying for it. If it's the government, it's the taxpayers who pay for it. If it's a private corporation, it's the customers who pay for it because no way shareholders are willing to pay that our of their dividends (if they did, they'd want charity receipts).
Whether stock market or a casino, gambling is taking high risks so nobody should be surprised if they lose their shirt. If you buy into something that returns significantly more than what you can borrow money at, of course it's high risk (or else the bank lending you money would buy those same investments instead of lending you money).
Suing has become just another revenue source. The music industry would sue the mothers of college students for giving birth to children who are infringing copyrights, if they think they'd net any money from it. The reality though is that it costs more to sue individual people, so they'll go after large entities first. Next up, they might sue each university for copyright infringements their students may be doing (they won't go after specific examples, they'll sue for average estimated number of infringements".
You are missing a bigger picture. Someone you pissed off manages to grab your pin (video tape you entering it, or just peek over your shoulder), then changes it, calls in an anonymous tip to the police, you can't unlock it, bye-bye for the next decade. Easier than framing someone for a crime.
Security "defects" as you call them are discovered in libraries, communication protocols, CPU's, and other things which the app simply uses. Some stem from bugs, others simply from the fact that more computing power is becoming available - what was not feasible to brute force 10 years ago can be hacked today with a couple of high end GPU's. The fixes are often still needed in the app. Sure, you can say app needs to be supported forever, but you wouldn't be able to afford such an app because it would need a designated developer so that next time there is something like new old TLS being depricated because it's too weak, or there are CPU bugs like specter and meltdown which will allow the attacker to ready any credentials your app is using. Then there is the fact that if the app is using a library which is no longer supported, you need to port the app to the new library because the old one is left unpatched.
Personally, I used to hate the software lease model, but over the years I learned to appreciate it, mostly because it gives the maker incentive to patch and keep things compatible with the world. Today, I'd rather pay $1/month for an app than $20 one time fee.
I never said in your app. They are found every day, in various libraries, or specter/meltdown in a CPU(so yes, it affects every app - if you think Intel or ARM is going to fix your app for specter/meltdown family of vulnerabilities you are sticking your head in the sand). The support burden is to evaluate all the found vulnerabilities and see whether they apply to your app or not, then fix the ones that do apply.
Apple wants secure phones. They want developers to have an incentive to continue patching apps rather than moving to new ones and leaving the old ones with gaping security holes leaking your passwords, contacts, emails, pictures, etc (whatever the app has access to at least, but possibly more if it can be used a launch point on your device to attack other parts of the phone or other devices on your network). Once they move enough top apps, they will probably ban unsupported/unpatched apps.
Once the developer has your money, there is no incentive to patch it for you, unless the app keeps selling in large volume so it's worth for the developer to keep updating it rather than move to a whole new app. Are you willing to pay $20 for every security fix, or just prefer to save money and have the app being a gaping security hole on your phone?
If you want security patches you need the developers to have an incentive to release them. Some are extremely complex fix (specter/meltdown for example) and there isn't sufficient ROI to do that - they already have your money, no more money coming in. This is a big reason why most phones don't get updates, no longer in production and no more money coming from customers to fund it, so people walk around with phones which can be hacked any script kiddie can download. With a subscription service, there is funding to continue support. Without it, developers time is better used creating new products.
Why do application developers need recurring revenue from the application?
That like saying, "I need all your money!" It is easy to understand the motivation to want more money, but it doesn't make it a need.
I'll stick with open source apps.
That is incredibly short sighted. Apps run on phones, which are always-connected devices. Security vulnerabilities are found every day (yes, open source too) and some, such as specter and meltdown are very complex to fix. When you pay for an app, how long do you think the developer should be supporting the app even if releasing nothing more than security patches so that you phone doesn't get hacked? That is what costs time and money, and I said nothing yet about new functionality or simply keeping up with new protocols (say you have a mail app and google requires a new security protocol which developer would need to implement and test).
Apple is trying to move the developers to the subscription model because they want the developers to keep updating the apps, if for nothing more than security. Apple wants their phones secured, they don't want "Apple hacked, paypal, facebook, bank passwords leaked by an attack via an old unpatched app", of "upatched app with camera access hacked and taking videos of people in their bedrooms" types of headlines in the media. I suspect they are planning to simply ban apps without support for security patching, hence they want developers to move to the new model to encourage continued support. Want an app without support, sure, enjoy it until a new security vulnerability is found next week and the app gets banned for not patching it, but since you already gave your money to the developer they have no incentive whatsoever to patch it for you, their app sales already peaked and are declining, so the developer has moved onto a new app which will give them a lot more revenue than patching current app.
Slashdot Mirror
It's not necessarily your facebook account they want. Majority of people use the same (or similar enough to guess via automated mutation) password on facebook as they do on their other accounts - bank, ebay, paypal - all accounts which can be monetized faster than a facebook account. If your email password is compromised, most sites passwords can be reset via your email to gain access.
And yet, when I had an insurance company continue to do direct withdrawals from my account without my authorization after I cancelled my insurance policy, my bank told me their responsibility is to tell me who took the money, not to refund it. It was my responsibility to chase after the insurance company. I tried blocking the payments, so the insurance company changed the amount by a penny and it went through again. Bank explained that I have to know the exact amount or they can't block it. I later found out they could have put manual blocks in place, but that's too expensive for a human to check every withdrawal, so they didn't offer it. I closed the checking account, so the bank proceeded to overdraft from my other account, tacking on an additional fee of course. Eventually just closed all accounts with the bank. Insurance company eventually refunded the money they took, but not the overdraft fee I incurred.
So maybe this guarantee is only if you can prove that the money was stolen because of stolen credentials. If you can't prove it, you don't get this coverage?
The problem with this solution is that he "swatting concern" database is open for anyone to edit, therefore a completely untrusted source of information. Is it really better for the responders to have such untrusted information which anyone can manipulate? What exactly will they do differently when responding to an address in the database? If nothing, then why bother them with the information?
If this was a secured database where only trusted sources can access it, for example police knowing a residence has a history of being swatted, then it might be somewhat useful. It can still be manipulated, but would require a lot more resources (if you want to get on that list you have to swat yourself a few times and not get caught).
Vehicles can be used as lethal weapons. Imagine all those self driving vehicles which suddenly flip one "if" statement, and rather than avoiding pedestrians they aim to hit them. Better yet, imagine a more advanced hack which will perform face recognition and only target specific pedestrian, or even a group of pedestrians. Organized car attacks could be used to attack infrastructure too. 100 million cars suddenly used as weapons might present more danger to the people than a few thousands border patrol robots. While people are thinking about regulating military robots, I don't see any lawmakers worry about cloud connected, self driving capable cars as lethal weapons.
How did you "overstayed at the airport" from "...overstaying their allowed time in the U.S...,."??? In a rush to post a comment and never bothered reading the rest of the sentence?
Show me one cloud vendor who will pay for actual losses cause by their outages (rather than maybe refund this months fee), or one that will not provide government with data they request or simply provide a back-door. It's nice how many providers claim 99.999% availability but are unable to offer insurance against it assuming those odds (for example break even insurance would be I pay $1 per day, and for outage I get paid $100,000 per day, or $69.4 per minute, if they paid $50/minute of outage and charged $1 per day for this insurance, they'd be making money, unless of course 99.999% outage is a fake number).
Why is AI needed for matching colors? As long as measured by the same good quality sensor in same lighting conditions, there should be be no need for AI to match the color exactly.
What is the point of stating that top 4 companies of a very large sector spend more combined than one company of some other sector? Why not turn it around, do top 4 auto manufactures combined spend more on long-term investments than just Google?
Got 2 iPhone X'es in my household and they get the worst WiFi reception out of all devices in the house (Apple banned any apps that will actually show you channels and signal strength, but you can still monitor from the AP side). An iPhone 6 and and iPhone 5S work great where iPhone X loses 5GHz and switches to 2.4GHz as backup. Grabbed an iPhone X and Galaxy S9+ and started walking away from the home, Galaxy got twice as far (by a couple hundred feet) before not being able to stay connected. Sounds like iPhone XS is continuing with the decline. Maybe a ploy to sell Apple's WiFi AP products?
The higher the reliance on a centralized cloud, the more "eggs in the same basket" which break on a whim of some paper pusher in a company you don't control, caused by their incompetence, by their own beliefs or by some viral social outrage. Then of course there is "if we loose your data all you get is your monthly subscription cost back for this month", or "sorry, we're not going to fight a government request for your data", "we're shutting down the service, all the content you purchased and/or created is now gone". The industry keep cycling between centralized and decentralized computing. I wonder when the cloud based services are going to go the way of a mainframe.
So your argument is that Trump got elected by the far left and far right, since everyone else voted for Hillary? Care to show any evidence how far left supported Trump?
What you need is an Augmented Reality app that will superimpose turn signals on any cars it perceives as turning? Maybe some AI that will even watch for the drivers eyeing their blind spot before turning? Way more likely to work than hoping everyone in LA starts driving a Tesla.
"MS is willing to accept an additional cost"? You mean "MS is willing to pass on the additional cost to its customers, with an appropriate markup of course". Next time the government support contracts are up for negotiation, prices needs to up, but at least they will have a good PR excuse. If you think they will just eat the cost, your are mistaken. Nothing is free, someone has to pay for it in the end, the question is who will pay for this.
Whenever you hear someone is getting some benefit, think who is paying for it. If it's the government, it's the taxpayers who pay for it. If it's a private corporation, it's the customers who pay for it because no way shareholders are willing to pay that our of their dividends (if they did, they'd want charity receipts).
How is exchanges taking their cut different from when you play for example Poker at the casino and they simply take rake from each pot?
Not true. There is plenty of money to be made on speculation bubbles, just like in a casino, it is not impossible possible to win, just unlikely.
Whether stock market or a casino, gambling is taking high risks so nobody should be surprised if they lose their shirt. If you buy into something that returns significantly more than what you can borrow money at, of course it's high risk (or else the bank lending you money would buy those same investments instead of lending you money).
Suing has become just another revenue source. The music industry would sue the mothers of college students for giving birth to children who are infringing copyrights, if they think they'd net any money from it. The reality though is that it costs more to sue individual people, so they'll go after large entities first. Next up, they might sue each university for copyright infringements their students may be doing (they won't go after specific examples, they'll sue for average estimated number of infringements".
You are missing a bigger picture. Someone you pissed off manages to grab your pin (video tape you entering it, or just peek over your shoulder), then changes it, calls in an anonymous tip to the police, you can't unlock it, bye-bye for the next decade. Easier than framing someone for a crime.
Security "defects" as you call them are discovered in libraries, communication protocols, CPU's, and other things which the app simply uses. Some stem from bugs, others simply from the fact that more computing power is becoming available - what was not feasible to brute force 10 years ago can be hacked today with a couple of high end GPU's. The fixes are often still needed in the app. Sure, you can say app needs to be supported forever, but you wouldn't be able to afford such an app because it would need a designated developer so that next time there is something like new old TLS being depricated because it's too weak, or there are CPU bugs like specter and meltdown which will allow the attacker to ready any credentials your app is using. Then there is the fact that if the app is using a library which is no longer supported, you need to port the app to the new library because the old one is left unpatched.
Personally, I used to hate the software lease model, but over the years I learned to appreciate it, mostly because it gives the maker incentive to patch and keep things compatible with the world. Today, I'd rather pay $1/month for an app than $20 one time fee.
You just perfectly demonstrated ignorance of an average user. "I can't see security, so if I can't hack it, it's totally secure".
I never said in your app. They are found every day, in various libraries, or specter/meltdown in a CPU(so yes, it affects every app - if you think Intel or ARM is going to fix your app for specter/meltdown family of vulnerabilities you are sticking your head in the sand). The support burden is to evaluate all the found vulnerabilities and see whether they apply to your app or not, then fix the ones that do apply.
Apple wants secure phones. They want developers to have an incentive to continue patching apps rather than moving to new ones and leaving the old ones with gaping security holes leaking your passwords, contacts, emails, pictures, etc (whatever the app has access to at least, but possibly more if it can be used a launch point on your device to attack other parts of the phone or other devices on your network). Once they move enough top apps, they will probably ban unsupported/unpatched apps.
Once the developer has your money, there is no incentive to patch it for you, unless the app keeps selling in large volume so it's worth for the developer to keep updating it rather than move to a whole new app. Are you willing to pay $20 for every security fix, or just prefer to save money and have the app being a gaping security hole on your phone?
If you want security patches you need the developers to have an incentive to release them. Some are extremely complex fix (specter/meltdown for example) and there isn't sufficient ROI to do that - they already have your money, no more money coming in. This is a big reason why most phones don't get updates, no longer in production and no more money coming from customers to fund it, so people walk around with phones which can be hacked any script kiddie can download. With a subscription service, there is funding to continue support. Without it, developers time is better used creating new products.
Why do application developers need recurring revenue from the application?
That like saying, "I need all your money!" It is easy to understand the motivation to want more money, but it doesn't make it a need.
I'll stick with open source apps.
That is incredibly short sighted. Apps run on phones, which are always-connected devices. Security vulnerabilities are found every day (yes, open source too) and some, such as specter and meltdown are very complex to fix. When you pay for an app, how long do you think the developer should be supporting the app even if releasing nothing more than security patches so that you phone doesn't get hacked? That is what costs time and money, and I said nothing yet about new functionality or simply keeping up with new protocols (say you have a mail app and google requires a new security protocol which developer would need to implement and test).
Apple is trying to move the developers to the subscription model because they want the developers to keep updating the apps, if for nothing more than security. Apple wants their phones secured, they don't want "Apple hacked, paypal, facebook, bank passwords leaked by an attack via an old unpatched app", of "upatched app with camera access hacked and taking videos of people in their bedrooms" types of headlines in the media. I suspect they are planning to simply ban apps without support for security patching, hence they want developers to move to the new model to encourage continued support. Want an app without support, sure, enjoy it until a new security vulnerability is found next week and the app gets banned for not patching it, but since you already gave your money to the developer they have no incentive whatsoever to patch it for you, their app sales already peaked and are declining, so the developer has moved onto a new app which will give them a lot more revenue than patching current app.