I think the mainline Chrome for Android will never support extensions because they want to avoid opening up the "Pandora's Box" that will eventually lead to one of the popular adblockers showing up for Chrome on Android. And since they have such a huge installed base of phones running Chrome, there is a huge financial incentive for them to disallow adblocking extensions for Chrome.
Now that it's open source, I would be greatly appreciative if someone could work on a version of Chrom(ium/e) for Android that has either extensions support, or built-in support for AdBlock-style blocking (i.e., don't even make the HTTP request if the URL or DOM element matches a pattern).
I want the (admittedly superior) performance of the optimized Blink layout engine and V8 JS engine, which no other browsers (that also offer extensions or ad-blocking built-in) offer; I also want the Google-specific blobs (Chromecast in particular); and I want/need AdBlock. Lacking this, I just end up using Firefox for Android, which has decent performance but not great, and has several site compatibility issues that Chrome doesn't for some reason.
It'd be awesome to see an adblocking fork of Chrome have a larger number of users than "mainline" Chrome.
Amazon's spot instances are better in every way. Not only are they usually cheaper than Google's fixed prices, but you can run them for way more than 24 hours. I have a Spot Instance running for 4 months at about 1/25th the price of the on-demand instance, and way cheaper than Google's preemptible instance too.
The limit of 24 hours seems to be designed to prevent people who want to run long-running tasks from using up the spare compute power on something like a VPN. That's fine with me; Amazon can have my business instead.:D
It's a very, very rare situation where I have to actually surrender control of my key for long enough that a *physical* (mechanical) attack could take place, though. Even at airports, I just have to put my wallet through the X-ray scanner. A highly specialized robot designed explicitly for this purpose might be able to take apart the key, duplicate it and put it back together seamlessly in the few seconds it's under the hood there, but no human could. And it's apparently highly resistant to non-destructive attacks.
I *do* wish they'd make a YubiKey Neo with the same innards but with a very strong metal as the outer casing instead of plastic, and with a metal shroud over the USB connector instead of leaving the pins open to the environment (a corrosion and damage risk). It would make the end of it slightly thicker, but that's not a problem in my use case.
Not sure what benefit "tampering" would provide. Why would you have to take it apart to extract its secrets, when you can just: steal the person's smartphone/computer and the yubikey, and use them in tandem to authenticate yourself as the user to whatever services they have locked behind it? You can use the Yubikey all by itself, assuming you have exclusive physical access to the device, to make it serve its purpose for you, the attacker.
Durability concerns are valid, but I keep it in my wallet, and it is working fine for me after some time (about a year and a half). I mainly use it NFC though. The USB connector being "raw" like that is probably more susceptible to damage than the NFC part which is hidden inside the plastic shell.
If you're a developer wanting to write software or games that'll work with this kind of thing, now is a great time to gain some experience with the technology -- go out and buy one.
Otherwise, only those with a ridiculous amount of disposable income, or some other compelling business justification to buy one, are probably going to be purchasing an Oculus Rift, or even a lesser knockoff, for at least 5 years.
I don't think this will reach "power gamer" audiences for 5-7 years, and it won't reach the masses of the "core gamers" for probably close to 10 years.
We also need to make a few assumptions that may not necessarily be true:
(1) The capabilities of GPUs, especially at the mid-range and lower-end, start to be able to push enough pixels to satisfy something this hungry. We were stalled for a number of years because TSMC dragged their feet on the 28nm process. If they delay another couple of years to go smaller than 20nm, the market probably will not be able to support $250-and-under GPUs that can power Oculus Rift or anything similar.
(2) Game developers stop the exponential increase in scene complexity, fidelity, draw calls, shader complexity, etc. I don't see this slowing down at all; if anything, game developers are making their games heavier and heavier at a faster rate than the GPU manufacturers can keep up. There used to be a time when you could buy a single discrete GPU of the highest make/model available on release day of a game, and you'd be able to run it with the maximum detail settings. Now, you either need SLI/CrossFireX, or lower your resolution beyond what's "standard" for the present day. Unfortunately, if texture size and scene complexity continue to climb, it won't matter if the options menu has a detail slider -- if your GPU can't keep up with the required number of pixels per second, it doesn't matter whether you're using big textures or tiny ones.
If "VR" is really going to be a thing, we cannot continue business as usual in the game dev and GPU industries. GPU manufacturers have to pick up the slack and make up for YEARS of lost time. Game devs have to slow down the procession of ever-increasing game requirements.
If you're designing your games to run at 58 to 60 fps at 1080p on max detail with two 980s in SLI, no one is going to be able to install six 980s in SLI to chunk out the required amount of pixels for an Oculus Rift. And trust me, the people who'll be buying VR will not be willing to settle for medium detail. Not til the price of all this comes down to core gamer levels -- no more than $250 for the GPU, and $100-$200 for the VR kit.
First: you misquoted me by leaving out the ", especially..." clause I added to it as a proviso. To make this explicit, that means:
(1) I think I should have the right to live my life the way I want to, regardless of whether anyone else uses any subjective or objective reasoning to determine that my choices are worse than some other choices I could have made instead.
(2) I think, based on evidence that has informed some of the choices I've made, that I've made good choices that are logical and grounded in scientific data, with an aim to minimizing the amount of harm I inflict on my environment and fellow human beings, while (hopefully...) doing my best to slightly improving the lives of at least a handful of other people whom I interact with, either socially or professionally. While I could probably *technically* save some resources by offing myself, so could just about anyone, and I don't advocate suicide. I advocate making the most of what we have, while we have it.
Even if I'm wrong about (2), I think my point in (1) is still able to stand on its own. If I sound defensive, it's because someone else, namely this researcher, has "gone on the offensive" against a certain set of characteristics or behaviors or choices, many of which match some of the choices and behaviors I see in myself. Naturally, if you do not fall within Zimbardo's tartgeting reticule, you would have no reason to be defensive. I do, and I do.
The reason I am concerned is that influential researchers like Zimbardo are able to influence public policy to a significant level, especially because he is the guy who published that seminal result about the Stanford prison experiment. That WAS great work, indeed, and insightful information about human psychology (it also did a great service by opening up a can of worms for the public and other psychologists to dig into for the next ~50 years) -- but that doesn't entitle him to start throwing people like me under the bus.
Consider the distinction between these two statements (neither of which I am implying that Zimbardo actually said; this is just for illustration purposes):
(A): I observe, empirically, that people who exhibit 'foo' behaviors/choices experience 'bar' consequences later.
(B): I observe, empirically, that people who exhibit 'foo' behaviors/choices experience 'bar' consequences later. Therefore, 'foo' is bad, and anyone who behaves like / chooses 'foo' should reexamine their life and maybe stop doing 'foo'.
The problem with (B) is that there may be countless *positive* consequences besides 'bar' (we're assuming 'bar' is something that most people would consider undesirable) that the researcher did not anticipate. Furthermore, there may be disagreement over whether 'bar' is even "bad" at all; maybe it's fine from a certain point of view. In the specifics of this situation, I feel that there's a little bit of both going on.
If Zimbardo stopped at (A), and if TFA stopped at (A), and TFS stopped at (A), I'd be fine. I wouldn't even bat an eyelash. But, not having read the actual research study, TFS and TFA *portray* it as more like (B). If that's not what Zimbardo said, then my beef is with TFA, not Zimbardo. The article definitely reads like the research identifies a societal "problem" that needs to be fixed.
Now, let me be clear. Under normal circumstances, I do not go around living my life by telling people who've made different choices than me that they're wrong, or that they're wasting resources, or making problems worse, or whatever. That's not the type of personality I have. I'm very much "live and let live". But when someone starts taking pot-shots at my choices, I feel fully entitled to rebut their arguments, and maybe even argue past them a little bit if I feel like it, because it has a very personal impact on me when someone does that to me.
In fact, even though I feel that some of my choices are objectively better than the alternatives, I am very hesitant to point out to others, normally, that I disagree with their choices. But unfortunately, when situations like this arise, I can't resist the temptation to air out my opinions, and sometimes people who fall under *my* targeting reticule might get upset. If that's the case here, I'm sorry.
While the guys with Neanderthal brains are out at bars trying to get laid, I'm living a comfortable, safe, and happy life. While they're getting exposed to STDs, drugs, accidental pregnancies, rough divorce settlements, paying child support, spouse abuse (either as the perpetrator or the victim), defaulting on their home because their spouse talked them into living above their means, etc. etc. etc..... I am living in a small single-bed apartment alone, making good money, playing video games (mostly MMOs) for social interaction, and listening to music to tame my biological cravings.
Not to mention, my choice not to reproduce helps the population problem -- at least in the span of a few decades, if not the long term. There is not a single problem that humankind has that can be solved by making more people. In fact, making more people does exactly the opposite for nearly all of our problems; it makes them more severe and reduces the length of time we have until those problems erupt into global catastrophes.
I don't *want or need* a woman. I don't *want or need* a romantic relationship with anyone. I don't want kids. I don't want any of the associated problems that come with either. It's been completely wired out of me.
I am basically an exact description of the type of person the study was about. And yet, I am not unhappy; I am not unsuccessful; I am not a loser. I am an environmentally-conscious, socially-reponsible citizen, supporter of my community, dedicated employee, educated voter and participant in the political process, and I have my fair share of social interaction, too, on the order of 6 to 8 hours per day on MMOs. Just because I don't touch the people I socialize with doesn't somehow make me diseased. I am a very social person. I am "socially intelligent". I can pick up on body language cues, implied meaning in conversation, the intent behind vocal intonation, the significance of a touch. I deal with people in meatspace for eight hours a day, and people in virtual space for another 6 to 8.
Medicine and academia has a tendency to call anything abnormal a disease, or a problem to be solved. Sometimes change is for the better. Sometimes the status quo is the worse of the two worlds.
In short: I would prefer to continue to be who I am, in the situaton I am in, rather than be the epitome of "masculinity" as this researcher thinks I need to be, even if I had the means to become that. And quite honestly, I'm pretty sure I do have the means to become that, if I put my mind to it. I don't put my mind to it because *it's not how I want to live my life.* Who the fuck is Philip Zimbardo to tell me that my life choices are wrong, especially when, by all the objective measurements that his ilk thrive on, I am of a far greater net benefit to society than many of the so-called "masculine" men he thinks I should be?
The relevant software products that are getting extensions sideloaded into them -- Firefox and Chrome -- are both open source. If a vendor like Lenovo wants to put ads in your browser with an extension, what do you think is going to happen when Google shuts off outside extensions in Chrome? That's right -- they're going to ship a fork of Chromium and call it "Lenovo Browser" and make it the default browser. You read it here first, folks.
The solution, for consumers, is simple. Don't use the pre-loaded OS installed on your system. Use a program to get your product key back, then wipe and reinstall from the original OS media. Or if you happen to be able to tolerate a non-Windows OS, just install one of those.
It's also worth mentioning that, as long as Chromium or Firefox is open source, people who want to use ad-blockers will be able to use them, no matter how hard Google tries to stop people from using them. Even if Google used their might to convince Mozilla to take Firefox closed source, another community fork would spring up to maintain Firefox and keep it up to date.
These companies need to understand that you can't strong-arm an idea. Open source code is basically an idea, and as long as there are people, there will be people who are building open source projects that do things that make you lose money. If that keeps you from getting any sleep at night, tough cookies. It's exactly the same reason that we can't defeat terrorism no matter how many people we kill. You can't kill your way through an idea, unless you kill every last human on the planet. This is especially true when tightening your grip makes people want to do that thing you don't want them to do *even more* -- ad blocking has this characteristic to it, too.
Linux is definitely a success story, both according to its original author and many in the community. However, it's not *the only* success story of a widely-used open source OS kernel other than Windows.
For example, the OpenSolaris kernel (and the rest of the operating system) is free software and open source, mature, well-tested, stable, and has a pretty large install base. Solaris is a different matter entirely since it's no longer open source, but the community that used to be behind OpenSolaris is still very active on e.g. Illumos, SmartOS, etc.
Sure, OpenSolaris is no longer a legitimate contender for the desktop (there was a time around 2006-2008 when it was more or less on-par with GNU/Linux on the desktop, believe it or not!), but it's still widely deployed on servers for all sorts of tasks, and it has an incredible compatibility story, too. You can run binaries compiled in the early 90s on a modern SmartOS machine. The Linux devs would just tell you to recompile from source, after fixing any build errors.
And let's not forget that (Free/Open/Net)BSD are also widely used. Again, their viability for *modern* gaming/desktop use is pretty limited (though some would argue otherwise, they're still way behind Linux, if for no other reason than proprietary games only run properly on a "real" Linux kernel), but *BSD OSes are used in a lot of routers, home servers, and yes, production servers for pretty important websites and web services.
I don't believe that Linux is the only winner in the battle for having a viable FOSS operating system based on a FOSS kernel. It's definitely the best we have when it comes to playing games and watching video, but that's because a lot of the proprietary elements that want to protect their content are only willing to support platforms with a huge landslide of installed users, and *BSD and *Solaris/Illumos/SmartOS are definitely not that.
But it would be irresponsible for us to judge winners and losers solely by their ability to present a nice GUI, since we use software for a lot of things that don't need a GUI, or can provide their GUI via a web app (and run that web app on whateverOS, be it Windows, Mac, Linux, Android, etc.), and can very viably be hosted -- with high performance and security to boot -- on *BSD or Solaris derivatives.
My IT shop waits at least a few weeks, if not months, before deploying updates. For critical security updates they usually wait about 2 weeks after the patch tuesday that it comes out on. For everything else, they eventually roll them out, but it can take a very, very long time.
I'm not sure exactly what kind of testing they're doing, or if they are just waiting for users to download the patch and see if it breaks things (resulting in a rollback from MSFT), but we never have the latest and greatest anyway.
Honestly, I can't really blame them. There have been countless "bad" updates out of Microsoft in recent years, that break certain programs or BSOD the system or even make it unbootable. However, I don't have a sense that the testing they're doing on these updates internally is adding any value. Probably best just to take a "wait and see" approach: if the update isn't pulled in 2-3 weeks after it lands, it's probably fine.
Exposure to radiation from space is probabilistic, and there have been many more living human-hours down here on Earth than up in space. Isn't it reasonable to assume that at least a handful of people have been unlucky enough to just *happen* to get bombarded with an unusually high amount of gamma radiation, having the same thing happen to them?
And then there are all these new-fangled manmade sources of gamma rays that we've been blowing up and/or using for electricity since the 40s...
If you're going to reference a pop song ("haters gonna hate"), you chose the wrong pop diva. Rather, you should have used the more apt "Call Me Maybe" by Carly-rae Jeppsen (which is one letter off of "Jeppesen"):
Hey, I just bought you And this is crazy But here's my WiFi So update me maybe?
The problem isn't that they are relying on a single vendor, nor that they chose iOS over Android, or anything else silly like that.
The problem here is that they are using technology that's functionally tested for basic consumer use in a situation that suggests (and may soon require) a mission-critical level of software and hardware certification.
A lot of people (business people / decision-makers, mostly) don't seem to understand the difference between consumer-oriented hardware/software and safety-critical hardware/software.
Safety-critical hardware/software is designed, developed and tested with security, safety, and stability principles that are not only there "in theory", but are also tested for in practice, with a rigorous validation program that ensures the correct operation of the system. On the hardware front, the device is built to higher standards, such that the core chassis of, say, an iPad-like device would be able to withstand more shock than a consumer-oriented iPad with an Otterbox on.
If an airplane goes into a sudden roll or dive, causes the iPad to go flying across the cockpit and shatters the screen, what then? The pilots need the information in that device to be able to know how to follow the proper procedures to continue flying the aircraft safely. Without it, they can take their best guess and rely on instincts on how to operate the systems, but you cannot expect every pilot to memorize every contingency procedure. That's why the EFBs exist in the first place.
If you can't ensure that your tablet electronic device is at least as rugged as a hardback book, you shouldn't be using them on an airplane.
The problem is that there are few or no vendors of extremely rugged hardware/software solutions that are available in a thin and light form factor akin to an iPad. The safety-critical rugged device sector is 5 to 10 years behind the state-of-the-art consumer device space. That's because it takes many more months to design and ship a device with a much higher level of physical and digital assurance of correct operation. The airlines seem willing to take the risk of failure of these consumer devices, because they would rather have the latest features, like capacitive multitouch, ultra-slim design, retina displays, etc. instead of using something whose technology was state-of-the-art in 2008, but is built like a brick, both physically and software-wise.
We've seen MANY first-hand examples of consumer electronics devices from ALL vendors having extremely dangerous stability and security bugs that would render the device inoperable for the use case the airlines are using it for. We can't take the risk that this important tool will be unavailable when they need it. AA and other carriers need to stop using iPads as replacements for the flight bag, and either pay for the R&D for a proper rugged replacement, or go back to paper.
I'll conclude by saying that the EFB/flight bag is, in my opinion, a safety-critical tool aboard all except the most sophisticated airplanes (e.g. the Airbus A380, which has a computer built into the cockpit on an LCD screen that actually tells the pilots what to do to resolve problems). The airlines are taking a big risk by implementing this with consumer technology. If they "do it right" and work with a vendor that produces rugged industrial mobile devices, it will cost more and have a much longer development cycle than shipping iPads. The devices will almost certainly be heavier, have less "whizzy" displays and UI, have a shorter battery life, and be harder to upgrade if additional features are desired later. But they will have a MUCH higher level of assurance that their correct operation, both hardware and software-wise, will continue to be available in the case of an emergency when they are needed most. It still won't be impossible that they'll break, but it'll be much less likely.
You are right, of course, that it has to be a collective effort. However, your mental mistake was in saying that nothing you do will matter. I absolutely agree with you that bringing our population (globally!) under control is the most important step we can take. I absolutely agree that the rate of growth of our consumption of fossil fuels is going to cause us to hit a "brick wall" in, AT MOST, a handful of generations -- if it doesn't happen to your kids, it'll happen to your grandkids, I'm almost certain.
This brick wall is basically the point beyond which, obtaining cheap fossil fuels for electricity production and transportation at a rate that meets demand is impossible. In 5 year old terms, "everything will start getting extremely expensive." I have no idea what is going to happen at that point. Resource wars? Massive investments in nuclear power and electric cars shore up "business as usual" for another few decades? Fusion power becomes economical and saves us for the long haul, provided that we're all willing to convert to electric cars? I don't know. I just know that it's going to be bad, especially in the short term, as food prices spike and people can't pay their gas bill to get to work (if the gas station even *has* any gas).
When it comes to matters like this, every little bit DOES help. Every person who is convinced that they need to do their part by conserving as much energy as they can is setting an example for the rest who are happy to keep rollin' coal.
In your situation, by far the greatest damage you've done to the planet and our collective resource supply was to bring those three children into the world. United States citizens consume more fossil fuels per capita than all but 12 countries, but most of those countries have extremely small populations with high median income, so they're hardly a drop in the bucket. I guess you could have done worse by raising them in Qatar, but it's still pretty bad.
Honestly, I could care less about your SUV. I'm not one of those wackos who would try to force you into an abortion when you had more than 2 kids, and I certainly wouldn't want any harm to come to them now that they're a part of the world.
All I want is for you to *accept responsibility for your own choices and actions*. If you're willing to man up and admit that you *could have*, in retrospect, contributed less to the world's problems by *not* having 3 kids (and having, instead, 2, 1, or 0), and if you're willing to carry forward the message to others that the need is urgent to ensure that *everyone* contributes a little bit to making the population problem better, and NOT worse (which is unfortunately what you've done, whether you think it's significant or not), then you're on the right path, SUV or not.
I know that we can't all be ideologues and that sometimes we can't practice what we preach because of the realities of life. I don't know you, and for all I know your children were "a coincidence" (not planned) and were triplets, which can happen to anybody. But taking responsibility for yourself is a necessary prerequisite before you can start telling other people (such as the China you harp on about -- and rightly so) that *they* also need to quit reproducing like rabbits and cut down on fossil fuel consumption. Otherwise they'll just laugh at you, point at your 3 kids, and go get their wife preggers tonight to make the problem worse.
No, I live in a place where most people have Verizon or AT&T with limited data, because the alternatives have horrid coverage. They pay huge monthly bills for ant-fart-sized data plans, like 5 or 10 GB per month for an entire family.
They have unlimited data or extremely high caps on their home Internet connection, sure, but I haven't seen any of them unraveling 25 miles of structured cabling with them as they drive from their house to work.
I had a huge response typed up here that I was ready to send, but I realized it was laced with ad-hominem, and I wasn't able to find a way to write it that would be free of statements that could be interpreted that way. It is very, very hard to write about someone else's lifestyle -- especially when you disagree with some of their choices -- without being offensive. So I'm not even going to try.
Instead, I would like for you to take a deep breath, change gears, open your mind, and watch this lecture by the late and great Professor Emeritus Albert Allen Bartlett of University of Colorado at Boulder. Remember that he was a very distinguished and respected scholar, whose statements in this lecture are completely fact-based and inevitable consequences of mathematics. Please do not let any opinion in this thread, mine especially, distract you from the message of knowledge that Professor Bartlett wishes to deliver to you posthumously with this lecture.
You are assuming that the standard image deployed to every employee contains all of the desired software solutions, and that no one could ever conceive of or imagine a world where a new piece of software might exist that could make their work more productive.
That's an assumption that I've found to be false in 4 out of the 4 jobs I've ever worked, over a career of 12+ years.
Can't tell you how many times my coworkers, who have limited data but know I have unlimited data, have asked me while we're out and about if I could google something, or ask me to turn on my wifi hotspot.
There is a definite and obvious use case for unlimited or very cheap data when "anywhere" (where my specific definition of "anywhere" means, typically, on the road, or at any number of random retail establishments or private office complexes in the Baltimore metro area / suburban sprawl). Landline-backed WiFi is rarely available, and where it is, it's not free, or too slow to be useful.
The telcos can give us excuses all day about why we can't have unlimited or very cheap data, but eventually they're going to have to figure it out. There is a ridiculous amount of pent-up demand for cheap cellular data, or any alternative that gives you instant broadband-speed data at your fingertips almost anywhere. WiFi, WiMax, and all the other alternatives that have tried to be it, have utterly failed to come even close because of a lack of coverage. The only alternative we have today is grandfathered unlimited on Verizon & AT&T if you need tethering, or Sprint/T-Mo if you don't need tethering.
No, $10/GB is not insanely cheap. $0.10 per GB is closer to the order of magnitude I'm willing to pay, with $0.01 as the ideal. I think the telcos haven't unlocked pricing on this level for the masses because they're too busy swimming in their $10 bills, not because there is an engineering brick wall that would prevent them from doing this.
I have nothing against paying by the gigabyte. I'm not at all married to the idea of unlimited. I just refuse to accept paying such an outlandish fee for a gigabyte of data, when 1 GB is almost nothing with today's content-rich web apps (auto-playing 1080p videos, images, huge.js applications, etc.) In fact, some websites can easily make you spend $1 or more in a couple seconds by just visiting a company's homepage, and while the page is rendering and you're fumbling around trying to tap the close button, you've downloaded more than 100 MB of video, and spent upwards of a dollar. Not cool, but it happens.
I think, to determine the price per gigabyte, we should back into it by determining a reasonable price for one second of saturated average throughput (SAT), which should be set to the expected downstream you'd get if you're downloading at "saturation speed" (as fast as the LTE modem can go with the current bandwidth available) for one second.
For Verizon LTE, SAT would currently be something like 20 Mbps. So that means you would be downloading 20 Megabits in one second. To download one gigabyte, you would have to download continuously at 20 Mbps for 400 seconds. If we set our one-second SAT target price at $0.0001, this means you could currently charge $0.04 per gigabyte, which I think is a great price.
However, the price per gigabyte should go down the higher the bandwidth. The goal is to prevent any one second of SAT from costing too much. So if they doubled the LTE bandwidth to 40 Mbps SAT, to maintain our target one-second price of $0.0001, we'd have to charge $0.02 per gigabyte. By measuring the user's bill according to what we consider to be a reasonable price for 1 second of SAT, the carriers will be adjusting the price per gigabyte to be lower and lower the more bandwidth is available. This is something consumers want (and need) to see.
Compare this to the current model, where 1 GB of data has been the same since 3G days. Even though we have many times more bandwidth and capacity on the mobile networks than we used to in 2003, we're still billing customers $10 per GB. That, I think, is completely unreasonable. The only reason this has happened is that the carriers are trying to get their customers into the hundred-millions, so they're dividing their limited resources by a great deal more handsets than they had on the network in 2003. I don't agree with this model one bit. It means that us early adopters are now effectivel
Don't be ridiculous. The *core* of Linux can run fine on anything, but to actually do something useful, you need more hardware. "Can run" and "can do what I need to do with it after it's booted" are two different things.
The people saying that Linux can run on anything are right. So are the people who are wishing that the Compute Stick would come with at least the same hardware as the Windows version. What if they want to do a little more than just browse the web? Linux definitely has the programs available to do something a little more resource intensive. It seems unnecessary to tie the hardware to the software.
No -- modern web browsers (IE 8+, Firefox since a long time, and Chrome since its initial public release) are sandboxed off from the native platform to such an extent that you cannot access the native code environment or the local filesystem from JavaScript. Even if you tell the browser that you trust the site, a modern browser is not going to allow you to access the filesystem or call Windows APIs from JS.
You can do a lot of useful things with JavaScript and HTML in a browser like Chrome, but there are still a great many tasks that are desirable and important which can't be done in this environment. For example, automating a workflow in Microsoft Office.
And for heaven's sake, if you're an IT administrator and reading this, please, please, PLEASE stop forcing users to run IE 6/7/8 and nothing else. At a bare minimum, install and support Firefox ESR. It is not in your job description to take pleasure in your users' suffering.;)
First, let me say that I totally agree that "regular" users -- those who are not programmers or testers or system administrators -- do not typically need administrative rights, nor do they, in the ideal case, need the ability to run unauthorized third-party programs.
HOWEVER, my concern is that there will be many inappropriate and heavy-handed uses of this technology called "Device Guard" by IT departments that are not effectively satisfying the needs of their users.
Firstly, every IT department would, in an ideal world, be willing to get over themselves and accept the fact that software development can, and should, happen in departments other than the official IT department. The larger and more diverse your organization is, the truer this statement is. An employee shouldn't have to be within the reporting chain of the CIO or IT Director in order to be able to develop software as part of their official responsibilities. And yes, if an employee's management chain officially assigns them software development duties, and these responsibilities are accepted as legitimate by a corporate officer who isn't in IT, then this software development *is* official, even if IT isn't aware of it.
The next thing is, IT organizations need to assign appropriate permissions and trust (e.g. local admin rights) to these external development organizations. Trust them to do their job correctly, and only crack down if there is an actual violation. If you're worried about compliance, give them your security policies and make them provide a compliance report before deploying the software. Come up with some *minimally-invasive* hoops they'd have to jump through to get approval to deploy their finished software. *Don't* try to take ownership of their product lifecycle.
In an IT shop meeting these simple minimal criteria, I think this Device Guard feature would be mostly harmless. Jane the Executive Assistant tries to run an.exe screensaver with cat pictures and is blocked; too bad. Tom the software developer who doesn't work for IT submits a ticket and gets local admin rights within 48 hours so he can get his job done. Before deployment, he gets IT to roll out a patch to all their workstations whitelisting his codesigning cert, which was purchased on his (non-IT) department's dime. Everybody is happy (except Jane, but she'll live).
My concern is that there are hundreds of IT shops out there in the wild which do NOT have the political or social intelligence to enact policies like these, and would rather bury their heads in the sand and pretend there's not a problem. They are so averse to risk and change that they would rather see their company stagnate due to the unavailability of necessary tools and technologies, instead of working through the growing pains of becoming an organization that can accommodate the realities of the fast-paced 21st century business culture, such as the necessity of software development done locally to the people who will be using the software (advantages: reduced cost, shorter lifecycle, more relevant and accessible to the end-users, faster response to change requests, etc.)
These same shops without the above will be all too happy to turn on Device Guard for its security benefits, without making the required accommodations for the many existing Shadow IT organizations in their company, half of whom are afraid of IT's potential overreaction to their project and have thus never come forward and told IT what they're doing.
Mark my words: the day that IT departments roll out Windows 10 and turn on Device Guard, the shit is going to hit the fan. You'd better have already worked out the proper preparations with *all* the software developers in your user base -- not just the IT department -- to support their production software, or random pieces of your mission-critical software are just going to stop working one day, and an angry CxO is going to want to know why IT broke their systems.
If some of the IT departments I've had to tangle with in the past were doing their jobs correctly, anyone doing software development -- whether an "official" part of the IT department or not -- would be able to easily obtain local admin rights on their workstation.
If they were doing their jobs correctly, it wouldn't take 2-3 years to develop, test and deploy a simple productivity enhancement or workflow automation solution that might take 40-80 hours to actually code, and maybe another 100 hours to design, test and document. Not to mention, anyone who's actually gone through the whole 2-3 year lifecycle often ends up paying way more than they wanted to, for a way over-engineered solution that tries to solve every problem anyone's ever had, instead of just solving the problem at hand.
Also, IT departments never have any free bandwidth for new requests, which is why it takes at least a year for them to even start looking at a problem someone comes to them with. This is not entirely their fault: the CFO will often demand the IT director to keep all of their staff 100% utilized on required projects, so if the IT director tried to keep some staff semi-available for new requests that come in, the CFO would just reduce their head count until they had just enough people to work the projects that are already in development.
I'm not saying *all* IT Administrators do their jobs poorly or take too long to get things done. I'm saying that the processes and bureaucracy in place -- which, let's face it, most of the IT folks hate just as much as their "customers" -- make the IT organization very inefficient for handling anything that needs a quick turnaround. They are good for managing general use computer rollout with bog standard Office software and Internet access. Beyond that, if a manager or director wants something different, and they want it done *this* year, they are probably going to have to hire their own software folks, interns, or tap internal talent of people who happen to know software development (whether or not it's in their job description). At that point, they've just created a Shadow IT organization.
My point is that Shadow IT isn't a bad thing if the people working it know what they're doing, and can avoid pitfalls like downloading malware, pirating commercial software, etc. One good way to go about it is to develop your solution in an open source environment (e.g. Java, a GCC language, Ruby, etc.) and to only pull in third-party libraries that are MIT-licensed. It's very, very hard to run afoul of the three-clause BSD license or MIT license; you just create a LICENSE.txt that fulfills the attribution obligations, and off you go.
This "Device Guard" feature, as I understand it, will actively block non-administrators from being able to compile and run their own executable code, or to install third-party software or runtimes that might enable the same. They then have one of two options: either talk to IT, or try to get around it by using runtimes that already exist on the computer.
If they try to talk to IT, chances are good that IT will ask that the entire shadow IT project be canceled, and that they be allowed to develop (or buy, COTS) the solution themselves. Once you're in that trap, you automatically know it's going to take 2 years at a minimum. The project you're working on may not even be relevant that far down the road. If you don't agree to letting them work it into their pipeline, then they likely won't agree to give you admin rights. These talks very rarely go over well, unless you're in a very progressive company; but if you were, you'd probably have admin rights in the first place, or at least a separate computer or VM with a sandboxed subnet without access to any sensitive stuff on the LAN, where you have full admin rights.
This is why shadow IT organizations often just choose to write their stuff in VBA or VBScript. Java is usually a viable option too, but if you need native libraries or any third-party components that need native libraries, you're probably o
This is true for home users, but anyone connected to an enterprise domain who doesn't work for the help desk probably knows the pain of not having an administrator account. Even people who fall under the auspices of "IT" often don't have administrator accounts, if they aren't part of the team that holds the keys to the castle.
I know many software engineers who don't have admin rights on their PCs. It'll be interesting to see the tug of war over this, between paranoid IT guys and the rest of the people who are just trying to get their work done, whether by installing third-party software, or by compiling executable code themselves.
Slashdot Mirror
I think the mainline Chrome for Android will never support extensions because they want to avoid opening up the "Pandora's Box" that will eventually lead to one of the popular adblockers showing up for Chrome on Android. And since they have such a huge installed base of phones running Chrome, there is a huge financial incentive for them to disallow adblocking extensions for Chrome.
Now that it's open source, I would be greatly appreciative if someone could work on a version of Chrom(ium/e) for Android that has either extensions support, or built-in support for AdBlock-style blocking (i.e., don't even make the HTTP request if the URL or DOM element matches a pattern).
I want the (admittedly superior) performance of the optimized Blink layout engine and V8 JS engine, which no other browsers (that also offer extensions or ad-blocking built-in) offer; I also want the Google-specific blobs (Chromecast in particular); and I want/need AdBlock. Lacking this, I just end up using Firefox for Android, which has decent performance but not great, and has several site compatibility issues that Chrome doesn't for some reason.
It'd be awesome to see an adblocking fork of Chrome have a larger number of users than "mainline" Chrome.
Then don't.
Amazon's spot instances are better in every way. Not only are they usually cheaper than Google's fixed prices, but you can run them for way more than 24 hours. I have a Spot Instance running for 4 months at about 1/25th the price of the on-demand instance, and way cheaper than Google's preemptible instance too.
The limit of 24 hours seems to be designed to prevent people who want to run long-running tasks from using up the spare compute power on something like a VPN. That's fine with me; Amazon can have my business instead. :D
Good point; I didn't think of that.
It's a very, very rare situation where I have to actually surrender control of my key for long enough that a *physical* (mechanical) attack could take place, though. Even at airports, I just have to put my wallet through the X-ray scanner. A highly specialized robot designed explicitly for this purpose might be able to take apart the key, duplicate it and put it back together seamlessly in the few seconds it's under the hood there, but no human could. And it's apparently highly resistant to non-destructive attacks.
I *do* wish they'd make a YubiKey Neo with the same innards but with a very strong metal as the outer casing instead of plastic, and with a metal shroud over the USB connector instead of leaving the pins open to the environment (a corrosion and damage risk). It would make the end of it slightly thicker, but that's not a problem in my use case.
Not sure what benefit "tampering" would provide. Why would you have to take it apart to extract its secrets, when you can just: steal the person's smartphone/computer and the yubikey, and use them in tandem to authenticate yourself as the user to whatever services they have locked behind it? You can use the Yubikey all by itself, assuming you have exclusive physical access to the device, to make it serve its purpose for you, the attacker.
Durability concerns are valid, but I keep it in my wallet, and it is working fine for me after some time (about a year and a half). I mainly use it NFC though. The USB connector being "raw" like that is probably more susceptible to damage than the NFC part which is hidden inside the plastic shell.
If you're a developer wanting to write software or games that'll work with this kind of thing, now is a great time to gain some experience with the technology -- go out and buy one.
Otherwise, only those with a ridiculous amount of disposable income, or some other compelling business justification to buy one, are probably going to be purchasing an Oculus Rift, or even a lesser knockoff, for at least 5 years.
I don't think this will reach "power gamer" audiences for 5-7 years, and it won't reach the masses of the "core gamers" for probably close to 10 years.
We also need to make a few assumptions that may not necessarily be true:
(1) The capabilities of GPUs, especially at the mid-range and lower-end, start to be able to push enough pixels to satisfy something this hungry. We were stalled for a number of years because TSMC dragged their feet on the 28nm process. If they delay another couple of years to go smaller than 20nm, the market probably will not be able to support $250-and-under GPUs that can power Oculus Rift or anything similar.
(2) Game developers stop the exponential increase in scene complexity, fidelity, draw calls, shader complexity, etc. I don't see this slowing down at all; if anything, game developers are making their games heavier and heavier at a faster rate than the GPU manufacturers can keep up. There used to be a time when you could buy a single discrete GPU of the highest make/model available on release day of a game, and you'd be able to run it with the maximum detail settings. Now, you either need SLI/CrossFireX, or lower your resolution beyond what's "standard" for the present day. Unfortunately, if texture size and scene complexity continue to climb, it won't matter if the options menu has a detail slider -- if your GPU can't keep up with the required number of pixels per second, it doesn't matter whether you're using big textures or tiny ones.
If "VR" is really going to be a thing, we cannot continue business as usual in the game dev and GPU industries. GPU manufacturers have to pick up the slack and make up for YEARS of lost time. Game devs have to slow down the procession of ever-increasing game requirements.
If you're designing your games to run at 58 to 60 fps at 1080p on max detail with two 980s in SLI, no one is going to be able to install six 980s in SLI to chunk out the required amount of pixels for an Oculus Rift. And trust me, the people who'll be buying VR will not be willing to settle for medium detail. Not til the price of all this comes down to core gamer levels -- no more than $250 for the GPU, and $100-$200 for the VR kit.
First: you misquoted me by leaving out the ", especially..." clause I added to it as a proviso. To make this explicit, that means:
(1) I think I should have the right to live my life the way I want to, regardless of whether anyone else uses any subjective or objective reasoning to determine that my choices are worse than some other choices I could have made instead.
(2) I think, based on evidence that has informed some of the choices I've made, that I've made good choices that are logical and grounded in scientific data, with an aim to minimizing the amount of harm I inflict on my environment and fellow human beings, while (hopefully...) doing my best to slightly improving the lives of at least a handful of other people whom I interact with, either socially or professionally. While I could probably *technically* save some resources by offing myself, so could just about anyone, and I don't advocate suicide. I advocate making the most of what we have, while we have it.
Even if I'm wrong about (2), I think my point in (1) is still able to stand on its own. If I sound defensive, it's because someone else, namely this researcher, has "gone on the offensive" against a certain set of characteristics or behaviors or choices, many of which match some of the choices and behaviors I see in myself. Naturally, if you do not fall within Zimbardo's tartgeting reticule, you would have no reason to be defensive. I do, and I do.
The reason I am concerned is that influential researchers like Zimbardo are able to influence public policy to a significant level, especially because he is the guy who published that seminal result about the Stanford prison experiment. That WAS great work, indeed, and insightful information about human psychology (it also did a great service by opening up a can of worms for the public and other psychologists to dig into for the next ~50 years) -- but that doesn't entitle him to start throwing people like me under the bus.
Consider the distinction between these two statements (neither of which I am implying that Zimbardo actually said; this is just for illustration purposes):
(A): I observe, empirically, that people who exhibit 'foo' behaviors/choices experience 'bar' consequences later.
(B): I observe, empirically, that people who exhibit 'foo' behaviors/choices experience 'bar' consequences later. Therefore, 'foo' is bad, and anyone who behaves like / chooses 'foo' should reexamine their life and maybe stop doing 'foo'.
The problem with (B) is that there may be countless *positive* consequences besides 'bar' (we're assuming 'bar' is something that most people would consider undesirable) that the researcher did not anticipate. Furthermore, there may be disagreement over whether 'bar' is even "bad" at all; maybe it's fine from a certain point of view. In the specifics of this situation, I feel that there's a little bit of both going on.
If Zimbardo stopped at (A), and if TFA stopped at (A), and TFS stopped at (A), I'd be fine. I wouldn't even bat an eyelash. But, not having read the actual research study, TFS and TFA *portray* it as more like (B). If that's not what Zimbardo said, then my beef is with TFA, not Zimbardo. The article definitely reads like the research identifies a societal "problem" that needs to be fixed.
Now, let me be clear. Under normal circumstances, I do not go around living my life by telling people who've made different choices than me that they're wrong, or that they're wasting resources, or making problems worse, or whatever. That's not the type of personality I have. I'm very much "live and let live". But when someone starts taking pot-shots at my choices, I feel fully entitled to rebut their arguments, and maybe even argue past them a little bit if I feel like it, because it has a very personal impact on me when someone does that to me.
In fact, even though I feel that some of my choices are objectively better than the alternatives, I am very hesitant to point out to others, normally, that I disagree with their choices. But unfortunately, when situations like this arise, I can't resist the temptation to air out my opinions, and sometimes people who fall under *my* targeting reticule might get upset. If that's the case here, I'm sorry.
While the guys with Neanderthal brains are out at bars trying to get laid, I'm living a comfortable, safe, and happy life. While they're getting exposed to STDs, drugs, accidental pregnancies, rough divorce settlements, paying child support, spouse abuse (either as the perpetrator or the victim), defaulting on their home because their spouse talked them into living above their means, etc. etc. etc..... I am living in a small single-bed apartment alone, making good money, playing video games (mostly MMOs) for social interaction, and listening to music to tame my biological cravings.
Not to mention, my choice not to reproduce helps the population problem -- at least in the span of a few decades, if not the long term. There is not a single problem that humankind has that can be solved by making more people. In fact, making more people does exactly the opposite for nearly all of our problems; it makes them more severe and reduces the length of time we have until those problems erupt into global catastrophes.
I don't *want or need* a woman. I don't *want or need* a romantic relationship with anyone. I don't want kids. I don't want any of the associated problems that come with either. It's been completely wired out of me.
I am basically an exact description of the type of person the study was about. And yet, I am not unhappy; I am not unsuccessful; I am not a loser. I am an environmentally-conscious, socially-reponsible citizen, supporter of my community, dedicated employee, educated voter and participant in the political process, and I have my fair share of social interaction, too, on the order of 6 to 8 hours per day on MMOs. Just because I don't touch the people I socialize with doesn't somehow make me diseased. I am a very social person. I am "socially intelligent". I can pick up on body language cues, implied meaning in conversation, the intent behind vocal intonation, the significance of a touch. I deal with people in meatspace for eight hours a day, and people in virtual space for another 6 to 8.
Medicine and academia has a tendency to call anything abnormal a disease, or a problem to be solved. Sometimes change is for the better. Sometimes the status quo is the worse of the two worlds.
In short: I would prefer to continue to be who I am, in the situaton I am in, rather than be the epitome of "masculinity" as this researcher thinks I need to be, even if I had the means to become that. And quite honestly, I'm pretty sure I do have the means to become that, if I put my mind to it. I don't put my mind to it because *it's not how I want to live my life.* Who the fuck is Philip Zimbardo to tell me that my life choices are wrong, especially when, by all the objective measurements that his ilk thrive on, I am of a far greater net benefit to society than many of the so-called "masculine" men he thinks I should be?
The relevant software products that are getting extensions sideloaded into them -- Firefox and Chrome -- are both open source. If a vendor like Lenovo wants to put ads in your browser with an extension, what do you think is going to happen when Google shuts off outside extensions in Chrome? That's right -- they're going to ship a fork of Chromium and call it "Lenovo Browser" and make it the default browser. You read it here first, folks.
The solution, for consumers, is simple. Don't use the pre-loaded OS installed on your system. Use a program to get your product key back, then wipe and reinstall from the original OS media. Or if you happen to be able to tolerate a non-Windows OS, just install one of those.
It's also worth mentioning that, as long as Chromium or Firefox is open source, people who want to use ad-blockers will be able to use them, no matter how hard Google tries to stop people from using them. Even if Google used their might to convince Mozilla to take Firefox closed source, another community fork would spring up to maintain Firefox and keep it up to date.
These companies need to understand that you can't strong-arm an idea. Open source code is basically an idea, and as long as there are people, there will be people who are building open source projects that do things that make you lose money. If that keeps you from getting any sleep at night, tough cookies. It's exactly the same reason that we can't defeat terrorism no matter how many people we kill. You can't kill your way through an idea, unless you kill every last human on the planet. This is especially true when tightening your grip makes people want to do that thing you don't want them to do *even more* -- ad blocking has this characteristic to it, too.
Linux is definitely a success story, both according to its original author and many in the community. However, it's not *the only* success story of a widely-used open source OS kernel other than Windows.
For example, the OpenSolaris kernel (and the rest of the operating system) is free software and open source, mature, well-tested, stable, and has a pretty large install base. Solaris is a different matter entirely since it's no longer open source, but the community that used to be behind OpenSolaris is still very active on e.g. Illumos, SmartOS, etc.
Sure, OpenSolaris is no longer a legitimate contender for the desktop (there was a time around 2006-2008 when it was more or less on-par with GNU/Linux on the desktop, believe it or not!), but it's still widely deployed on servers for all sorts of tasks, and it has an incredible compatibility story, too. You can run binaries compiled in the early 90s on a modern SmartOS machine. The Linux devs would just tell you to recompile from source, after fixing any build errors.
And let's not forget that (Free/Open/Net)BSD are also widely used. Again, their viability for *modern* gaming/desktop use is pretty limited (though some would argue otherwise, they're still way behind Linux, if for no other reason than proprietary games only run properly on a "real" Linux kernel), but *BSD OSes are used in a lot of routers, home servers, and yes, production servers for pretty important websites and web services.
I don't believe that Linux is the only winner in the battle for having a viable FOSS operating system based on a FOSS kernel. It's definitely the best we have when it comes to playing games and watching video, but that's because a lot of the proprietary elements that want to protect their content are only willing to support platforms with a huge landslide of installed users, and *BSD and *Solaris/Illumos/SmartOS are definitely not that.
But it would be irresponsible for us to judge winners and losers solely by their ability to present a nice GUI, since we use software for a lot of things that don't need a GUI, or can provide their GUI via a web app (and run that web app on whateverOS, be it Windows, Mac, Linux, Android, etc.), and can very viably be hosted -- with high performance and security to boot -- on *BSD or Solaris derivatives.
My IT shop waits at least a few weeks, if not months, before deploying updates. For critical security updates they usually wait about 2 weeks after the patch tuesday that it comes out on. For everything else, they eventually roll them out, but it can take a very, very long time.
I'm not sure exactly what kind of testing they're doing, or if they are just waiting for users to download the patch and see if it breaks things (resulting in a rollback from MSFT), but we never have the latest and greatest anyway.
Honestly, I can't really blame them. There have been countless "bad" updates out of Microsoft in recent years, that break certain programs or BSOD the system or even make it unbootable. However, I don't have a sense that the testing they're doing on these updates internally is adding any value. Probably best just to take a "wait and see" approach: if the update isn't pulled in 2-3 weeks after it lands, it's probably fine.
Exposure to radiation from space is probabilistic, and there have been many more living human-hours down here on Earth than up in space. Isn't it reasonable to assume that at least a handful of people have been unlucky enough to just *happen* to get bombarded with an unusually high amount of gamma radiation, having the same thing happen to them?
And then there are all these new-fangled manmade sources of gamma rays that we've been blowing up and/or using for electricity since the 40s...
If you're going to reference a pop song ("haters gonna hate"), you chose the wrong pop diva. Rather, you should have used the more apt "Call Me Maybe" by Carly-rae Jeppsen (which is one letter off of "Jeppesen"):
Hey, I just bought you
And this is crazy
But here's my WiFi
So update me maybe?
The problem isn't that they are relying on a single vendor, nor that they chose iOS over Android, or anything else silly like that.
The problem here is that they are using technology that's functionally tested for basic consumer use in a situation that suggests (and may soon require) a mission-critical level of software and hardware certification.
A lot of people (business people / decision-makers, mostly) don't seem to understand the difference between consumer-oriented hardware/software and safety-critical hardware/software.
Safety-critical hardware/software is designed, developed and tested with security, safety, and stability principles that are not only there "in theory", but are also tested for in practice, with a rigorous validation program that ensures the correct operation of the system. On the hardware front, the device is built to higher standards, such that the core chassis of, say, an iPad-like device would be able to withstand more shock than a consumer-oriented iPad with an Otterbox on.
If an airplane goes into a sudden roll or dive, causes the iPad to go flying across the cockpit and shatters the screen, what then? The pilots need the information in that device to be able to know how to follow the proper procedures to continue flying the aircraft safely. Without it, they can take their best guess and rely on instincts on how to operate the systems, but you cannot expect every pilot to memorize every contingency procedure. That's why the EFBs exist in the first place.
If you can't ensure that your tablet electronic device is at least as rugged as a hardback book, you shouldn't be using them on an airplane.
The problem is that there are few or no vendors of extremely rugged hardware/software solutions that are available in a thin and light form factor akin to an iPad. The safety-critical rugged device sector is 5 to 10 years behind the state-of-the-art consumer device space. That's because it takes many more months to design and ship a device with a much higher level of physical and digital assurance of correct operation. The airlines seem willing to take the risk of failure of these consumer devices, because they would rather have the latest features, like capacitive multitouch, ultra-slim design, retina displays, etc. instead of using something whose technology was state-of-the-art in 2008, but is built like a brick, both physically and software-wise.
We've seen MANY first-hand examples of consumer electronics devices from ALL vendors having extremely dangerous stability and security bugs that would render the device inoperable for the use case the airlines are using it for. We can't take the risk that this important tool will be unavailable when they need it. AA and other carriers need to stop using iPads as replacements for the flight bag, and either pay for the R&D for a proper rugged replacement, or go back to paper.
I'll conclude by saying that the EFB/flight bag is, in my opinion, a safety-critical tool aboard all except the most sophisticated airplanes (e.g. the Airbus A380, which has a computer built into the cockpit on an LCD screen that actually tells the pilots what to do to resolve problems). The airlines are taking a big risk by implementing this with consumer technology. If they "do it right" and work with a vendor that produces rugged industrial mobile devices, it will cost more and have a much longer development cycle than shipping iPads. The devices will almost certainly be heavier, have less "whizzy" displays and UI, have a shorter battery life, and be harder to upgrade if additional features are desired later. But they will have a MUCH higher level of assurance that their correct operation, both hardware and software-wise, will continue to be available in the case of an emergency when they are needed most. It still won't be impossible that they'll break, but it'll be much less likely.
You are right, of course, that it has to be a collective effort. However, your mental mistake was in saying that nothing you do will matter. I absolutely agree with you that bringing our population (globally!) under control is the most important step we can take. I absolutely agree that the rate of growth of our consumption of fossil fuels is going to cause us to hit a "brick wall" in, AT MOST, a handful of generations -- if it doesn't happen to your kids, it'll happen to your grandkids, I'm almost certain.
This brick wall is basically the point beyond which, obtaining cheap fossil fuels for electricity production and transportation at a rate that meets demand is impossible. In 5 year old terms, "everything will start getting extremely expensive." I have no idea what is going to happen at that point. Resource wars? Massive investments in nuclear power and electric cars shore up "business as usual" for another few decades? Fusion power becomes economical and saves us for the long haul, provided that we're all willing to convert to electric cars? I don't know. I just know that it's going to be bad, especially in the short term, as food prices spike and people can't pay their gas bill to get to work (if the gas station even *has* any gas).
When it comes to matters like this, every little bit DOES help. Every person who is convinced that they need to do their part by conserving as much energy as they can is setting an example for the rest who are happy to keep rollin' coal.
In your situation, by far the greatest damage you've done to the planet and our collective resource supply was to bring those three children into the world. United States citizens consume more fossil fuels per capita than all but 12 countries, but most of those countries have extremely small populations with high median income, so they're hardly a drop in the bucket. I guess you could have done worse by raising them in Qatar, but it's still pretty bad.
Honestly, I could care less about your SUV. I'm not one of those wackos who would try to force you into an abortion when you had more than 2 kids, and I certainly wouldn't want any harm to come to them now that they're a part of the world.
All I want is for you to *accept responsibility for your own choices and actions*. If you're willing to man up and admit that you *could have*, in retrospect, contributed less to the world's problems by *not* having 3 kids (and having, instead, 2, 1, or 0), and if you're willing to carry forward the message to others that the need is urgent to ensure that *everyone* contributes a little bit to making the population problem better, and NOT worse (which is unfortunately what you've done, whether you think it's significant or not), then you're on the right path, SUV or not.
I know that we can't all be ideologues and that sometimes we can't practice what we preach because of the realities of life. I don't know you, and for all I know your children were "a coincidence" (not planned) and were triplets, which can happen to anybody. But taking responsibility for yourself is a necessary prerequisite before you can start telling other people (such as the China you harp on about -- and rightly so) that *they* also need to quit reproducing like rabbits and cut down on fossil fuel consumption. Otherwise they'll just laugh at you, point at your 3 kids, and go get their wife preggers tonight to make the problem worse.
No, I live in a place where most people have Verizon or AT&T with limited data, because the alternatives have horrid coverage. They pay huge monthly bills for ant-fart-sized data plans, like 5 or 10 GB per month for an entire family.
They have unlimited data or extremely high caps on their home Internet connection, sure, but I haven't seen any of them unraveling 25 miles of structured cabling with them as they drive from their house to work.
I had a huge response typed up here that I was ready to send, but I realized it was laced with ad-hominem, and I wasn't able to find a way to write it that would be free of statements that could be interpreted that way. It is very, very hard to write about someone else's lifestyle -- especially when you disagree with some of their choices -- without being offensive. So I'm not even going to try.
Instead, I would like for you to take a deep breath, change gears, open your mind, and watch this lecture by the late and great Professor Emeritus Albert Allen Bartlett of University of Colorado at Boulder. Remember that he was a very distinguished and respected scholar, whose statements in this lecture are completely fact-based and inevitable consequences of mathematics. Please do not let any opinion in this thread, mine especially, distract you from the message of knowledge that Professor Bartlett wishes to deliver to you posthumously with this lecture.
https://www.youtube.com/watch?...
RIP Professor Bartlett, and may you learn something useful from this very insightful Professor of Physics.
You are assuming that the standard image deployed to every employee contains all of the desired software solutions, and that no one could ever conceive of or imagine a world where a new piece of software might exist that could make their work more productive.
That's an assumption that I've found to be false in 4 out of the 4 jobs I've ever worked, over a career of 12+ years.
Can't tell you how many times my coworkers, who have limited data but know I have unlimited data, have asked me while we're out and about if I could google something, or ask me to turn on my wifi hotspot.
There is a definite and obvious use case for unlimited or very cheap data when "anywhere" (where my specific definition of "anywhere" means, typically, on the road, or at any number of random retail establishments or private office complexes in the Baltimore metro area / suburban sprawl). Landline-backed WiFi is rarely available, and where it is, it's not free, or too slow to be useful.
The telcos can give us excuses all day about why we can't have unlimited or very cheap data, but eventually they're going to have to figure it out. There is a ridiculous amount of pent-up demand for cheap cellular data, or any alternative that gives you instant broadband-speed data at your fingertips almost anywhere. WiFi, WiMax, and all the other alternatives that have tried to be it, have utterly failed to come even close because of a lack of coverage. The only alternative we have today is grandfathered unlimited on Verizon & AT&T if you need tethering, or Sprint/T-Mo if you don't need tethering.
No, $10/GB is not insanely cheap. $0.10 per GB is closer to the order of magnitude I'm willing to pay, with $0.01 as the ideal. I think the telcos haven't unlocked pricing on this level for the masses because they're too busy swimming in their $10 bills, not because there is an engineering brick wall that would prevent them from doing this.
I have nothing against paying by the gigabyte. I'm not at all married to the idea of unlimited. I just refuse to accept paying such an outlandish fee for a gigabyte of data, when 1 GB is almost nothing with today's content-rich web apps (auto-playing 1080p videos, images, huge .js applications, etc.) In fact, some websites can easily make you spend $1 or more in a couple seconds by just visiting a company's homepage, and while the page is rendering and you're fumbling around trying to tap the close button, you've downloaded more than 100 MB of video, and spent upwards of a dollar. Not cool, but it happens.
I think, to determine the price per gigabyte, we should back into it by determining a reasonable price for one second of saturated average throughput (SAT), which should be set to the expected downstream you'd get if you're downloading at "saturation speed" (as fast as the LTE modem can go with the current bandwidth available) for one second.
For Verizon LTE, SAT would currently be something like 20 Mbps. So that means you would be downloading 20 Megabits in one second. To download one gigabyte, you would have to download continuously at 20 Mbps for 400 seconds. If we set our one-second SAT target price at $0.0001, this means you could currently charge $0.04 per gigabyte, which I think is a great price.
However, the price per gigabyte should go down the higher the bandwidth. The goal is to prevent any one second of SAT from costing too much. So if they doubled the LTE bandwidth to 40 Mbps SAT, to maintain our target one-second price of $0.0001, we'd have to charge $0.02 per gigabyte. By measuring the user's bill according to what we consider to be a reasonable price for 1 second of SAT, the carriers will be adjusting the price per gigabyte to be lower and lower the more bandwidth is available. This is something consumers want (and need) to see.
Compare this to the current model, where 1 GB of data has been the same since 3G days. Even though we have many times more bandwidth and capacity on the mobile networks than we used to in 2003, we're still billing customers $10 per GB. That, I think, is completely unreasonable. The only reason this has happened is that the carriers are trying to get their customers into the hundred-millions, so they're dividing their limited resources by a great deal more handsets than they had on the network in 2003. I don't agree with this model one bit. It means that us early adopters are now effectivel
Don't be ridiculous. The *core* of Linux can run fine on anything, but to actually do something useful, you need more hardware. "Can run" and "can do what I need to do with it after it's booted" are two different things.
The people saying that Linux can run on anything are right. So are the people who are wishing that the Compute Stick would come with at least the same hardware as the Windows version. What if they want to do a little more than just browse the web? Linux definitely has the programs available to do something a little more resource intensive. It seems unnecessary to tie the hardware to the software.
No -- modern web browsers (IE 8+, Firefox since a long time, and Chrome since its initial public release) are sandboxed off from the native platform to such an extent that you cannot access the native code environment or the local filesystem from JavaScript. Even if you tell the browser that you trust the site, a modern browser is not going to allow you to access the filesystem or call Windows APIs from JS.
You can do a lot of useful things with JavaScript and HTML in a browser like Chrome, but there are still a great many tasks that are desirable and important which can't be done in this environment. For example, automating a workflow in Microsoft Office.
And for heaven's sake, if you're an IT administrator and reading this, please, please, PLEASE stop forcing users to run IE 6/7/8 and nothing else. At a bare minimum, install and support Firefox ESR. It is not in your job description to take pleasure in your users' suffering. ;)
First, let me say that I totally agree that "regular" users -- those who are not programmers or testers or system administrators -- do not typically need administrative rights, nor do they, in the ideal case, need the ability to run unauthorized third-party programs.
HOWEVER, my concern is that there will be many inappropriate and heavy-handed uses of this technology called "Device Guard" by IT departments that are not effectively satisfying the needs of their users.
Firstly, every IT department would, in an ideal world, be willing to get over themselves and accept the fact that software development can, and should, happen in departments other than the official IT department. The larger and more diverse your organization is, the truer this statement is. An employee shouldn't have to be within the reporting chain of the CIO or IT Director in order to be able to develop software as part of their official responsibilities. And yes, if an employee's management chain officially assigns them software development duties, and these responsibilities are accepted as legitimate by a corporate officer who isn't in IT, then this software development *is* official, even if IT isn't aware of it.
The next thing is, IT organizations need to assign appropriate permissions and trust (e.g. local admin rights) to these external development organizations. Trust them to do their job correctly, and only crack down if there is an actual violation. If you're worried about compliance, give them your security policies and make them provide a compliance report before deploying the software. Come up with some *minimally-invasive* hoops they'd have to jump through to get approval to deploy their finished software. *Don't* try to take ownership of their product lifecycle.
In an IT shop meeting these simple minimal criteria, I think this Device Guard feature would be mostly harmless. Jane the Executive Assistant tries to run an .exe screensaver with cat pictures and is blocked; too bad. Tom the software developer who doesn't work for IT submits a ticket and gets local admin rights within 48 hours so he can get his job done. Before deployment, he gets IT to roll out a patch to all their workstations whitelisting his codesigning cert, which was purchased on his (non-IT) department's dime. Everybody is happy (except Jane, but she'll live).
My concern is that there are hundreds of IT shops out there in the wild which do NOT have the political or social intelligence to enact policies like these, and would rather bury their heads in the sand and pretend there's not a problem. They are so averse to risk and change that they would rather see their company stagnate due to the unavailability of necessary tools and technologies, instead of working through the growing pains of becoming an organization that can accommodate the realities of the fast-paced 21st century business culture, such as the necessity of software development done locally to the people who will be using the software (advantages: reduced cost, shorter lifecycle, more relevant and accessible to the end-users, faster response to change requests, etc.)
These same shops without the above will be all too happy to turn on Device Guard for its security benefits, without making the required accommodations for the many existing Shadow IT organizations in their company, half of whom are afraid of IT's potential overreaction to their project and have thus never come forward and told IT what they're doing.
Mark my words: the day that IT departments roll out Windows 10 and turn on Device Guard, the shit is going to hit the fan. You'd better have already worked out the proper preparations with *all* the software developers in your user base -- not just the IT department -- to support their production software, or random pieces of your mission-critical software are just going to stop working one day, and an angry CxO is going to want to know why IT broke their systems.
If some of the IT departments I've had to tangle with in the past were doing their jobs correctly, anyone doing software development -- whether an "official" part of the IT department or not -- would be able to easily obtain local admin rights on their workstation.
If they were doing their jobs correctly, it wouldn't take 2-3 years to develop, test and deploy a simple productivity enhancement or workflow automation solution that might take 40-80 hours to actually code, and maybe another 100 hours to design, test and document. Not to mention, anyone who's actually gone through the whole 2-3 year lifecycle often ends up paying way more than they wanted to, for a way over-engineered solution that tries to solve every problem anyone's ever had, instead of just solving the problem at hand.
Also, IT departments never have any free bandwidth for new requests, which is why it takes at least a year for them to even start looking at a problem someone comes to them with. This is not entirely their fault: the CFO will often demand the IT director to keep all of their staff 100% utilized on required projects, so if the IT director tried to keep some staff semi-available for new requests that come in, the CFO would just reduce their head count until they had just enough people to work the projects that are already in development.
I'm not saying *all* IT Administrators do their jobs poorly or take too long to get things done. I'm saying that the processes and bureaucracy in place -- which, let's face it, most of the IT folks hate just as much as their "customers" -- make the IT organization very inefficient for handling anything that needs a quick turnaround. They are good for managing general use computer rollout with bog standard Office software and Internet access. Beyond that, if a manager or director wants something different, and they want it done *this* year, they are probably going to have to hire their own software folks, interns, or tap internal talent of people who happen to know software development (whether or not it's in their job description). At that point, they've just created a Shadow IT organization.
My point is that Shadow IT isn't a bad thing if the people working it know what they're doing, and can avoid pitfalls like downloading malware, pirating commercial software, etc. One good way to go about it is to develop your solution in an open source environment (e.g. Java, a GCC language, Ruby, etc.) and to only pull in third-party libraries that are MIT-licensed. It's very, very hard to run afoul of the three-clause BSD license or MIT license; you just create a LICENSE.txt that fulfills the attribution obligations, and off you go.
This "Device Guard" feature, as I understand it, will actively block non-administrators from being able to compile and run their own executable code, or to install third-party software or runtimes that might enable the same. They then have one of two options: either talk to IT, or try to get around it by using runtimes that already exist on the computer.
If they try to talk to IT, chances are good that IT will ask that the entire shadow IT project be canceled, and that they be allowed to develop (or buy, COTS) the solution themselves. Once you're in that trap, you automatically know it's going to take 2 years at a minimum. The project you're working on may not even be relevant that far down the road. If you don't agree to letting them work it into their pipeline, then they likely won't agree to give you admin rights. These talks very rarely go over well, unless you're in a very progressive company; but if you were, you'd probably have admin rights in the first place, or at least a separate computer or VM with a sandboxed subnet without access to any sensitive stuff on the LAN, where you have full admin rights.
This is why shadow IT organizations often just choose to write their stuff in VBA or VBScript. Java is usually a viable option too, but if you need native libraries or any third-party components that need native libraries, you're probably o
This is true for home users, but anyone connected to an enterprise domain who doesn't work for the help desk probably knows the pain of not having an administrator account. Even people who fall under the auspices of "IT" often don't have administrator accounts, if they aren't part of the team that holds the keys to the castle.
I know many software engineers who don't have admin rights on their PCs. It'll be interesting to see the tug of war over this, between paranoid IT guys and the rest of the people who are just trying to get their work done, whether by installing third-party software, or by compiling executable code themselves.