Because doubling the key length roughly increases the required time by 7. Increasing compute time by 7^20 is a little extreme, when just doubling it is good for a while.
Yes but if the key length is sufficiently large they lose plausible deniability. No ones going to believe that anyone bruteforced a 2048 cert key but if you start mentioning MD5 and less and 1024 then it could be anyone.
I would hardly call it proactive, they have just discarded all the certs that would have been considered insecure a couple of years ago. A company that promotes "trusted computing" should have done this when they were found to be insecure.
The proactive approach would be to upgrade all certs to 2048 bits so they will be as good as current best standardized strength*. This is just removing those that they would consider insecure MD5 and less than 1024 bits. This is bear minimum to try and mitigate the damage.
*they could beet most Linux distros to do this completely.
I see it working in a car mounted GPS device, though it sounds like extra external sensors and large amounts of storage are required to achieve the stated accuracy along with partial GPS coverage.
But indoor or urban mapping from a smartphone does not look like its solved. Indoor mapping using only censors available to a smartphone is not the same as this works while my phone is in my pocket where my hand, briefcase or anything else is swinging past it while I am moving though doors. In areas where you can't get GPS relative positioning is only so useful, people what maps because they have not been here before.
I guess if you have a slick "handoff" algorithm to the next wifi points you could maintain the current street at the expense of killing battery life and having to have a valid starting point.
I now realize that the target is car mounted units that use to rely on GPS which i think is far easier. Smart phones have more things that are unknown with battery and space constraints.
TV stations (especially since the changeover to digital and the use of multiple synchronized transmitters sending the same signal on the same frequency) and cell towers all send fantastically accurate timing references.
This might get you the right street or block almost all of the time but there will still be times it can't do or gets it wrong. Path distance is hardly reliable in an urban environment for initially locating your position. Filtering the estimated position over a trip probably they probably have worked out, especially if they include an accelerometer. Is the timing outside of the main data or would the device require a full software defined OFDM receiver?
Distance to WiFI devices can be measured by actively interacting with them in various low-level ways that are a part of the standard and a legitimate thing for any other WiFi device to do.
Is this path or actual distance? Wifi will be really accurate if the position in the DB is accurate and its line of sight.
For the general public this is for when GPS does not work. The product will require extra hardware and if they want the best results a lot of extra hardware in there mobile device. Cellphone antennas are optimized for cellphone frequencies they are not designed to pickup frequencies so it may require extra antennas on the device. This is far more complex in the real word than GPS, you would only use this where GPS does not work.
I was thinking they could detect and report unexpected changes to wireless signal fields but this is beyond complex and a massive battery and privacy problem.
The problem of determining location off no line of sight signals using strength is a problem that is never going to solvable in too many situations without so much extra data you could not consider it feasible. If you can control were the signals are then you can reduce these situations, possibly to an acceptable level.
Signal strength is unreliable, as it depends on the atmosphere in between you and the transmitter. Yet you may be able to get time data (summary mentions digital signals only) and based on that calculate your distance.
I think its very possible to achieve this as long as the signals you rely on are line of sight. They will have smart people working on the problem. They use digital signals as most analogue signals have large wavelengths that cannot be picked up by cell phone size antennas and they also may have broadcast IDs. The article makes this look like a solution to a Military problem where they can maintain intelligence on broadcast sources that will be line of sight, when the enemy brakes GPS.
In urban, in my experience, GPS signals can generally be received but are unreliable due to reflections: the GPSr assumes direct line to the satellite, not via a reflection. As a result GPS in urban areas is often off-set, or jumpy (location jumps by 20-30m in any direction)
Without using third party wireless that is almost line of sight they will not be able to do much better. And any new large sign or a large truck parked out front will effect the signal strength field of the source meaning other sources have to used to realize this source should be discarded. I still think sticking a direction transmitter at every street corner is the best way to solve this.
Sure in an open area the signal strength from broadcast and third-party location services is fine but so is GPS.
But in an urban environment these are not accurate signal strength is only loosely proportional to inverse square of the distance so any accuracy will utterly break down. I can't see them having the money investing on getting a location DB for coverage outside major cities meaning you have to ship an unusable feature to most of the population.
The firm believes the technology could also work in urban concrete canyons where GPS signals cannot currently reach.
This will only work by regularly updating a database of local signals by driving down these roads and walking around areas. You might get the reliability for a consumer device but SDR like this can hardly be cheap, small and low power.
Possibly they have algorithm to make this manageable but i would think installing purpose built transmitting devices at every street corner would be a better option.
You can have hundreds or even thousand of options in the GUI fairly easily.
For some application is viable, mainly ones you spend hours a day using. This is where you have time to learn a CLI properly and get comfortable with it.
For a unique task that you might want to do once a month with zero training or experence this is just as confusing and you have no idea what you can do with it and if you do know you will struggle to a portion find options (depends on task and designer) and have to Google for how do it (if you have to Google for where to find something is it is at best little better than a CLI). Have you got an example of a GUI with hundreds (or more interestingly thousands) of options that does not require tutorials to use or have an many session learning curve?
The command line is great for people that have memorized all the commands, know exactly what they want to do, and can run the operations in their sleep. But for everyone else it's a hinderence. They have to do queries and check forums to figure out what the program is called. Then they need to look up the syntax. It's the opposite of user friendly.
Sometimes this is the case but its rarely that bad, generally is just run this line with the appropriate field. Mostly is just scary and does not hide the information the user will have difficulty understanding. Instead of pages of pictures on where to find an options its now all compressed down to a line.
It also provides obscure options and the chance to provide solutions to a user by just copy and pasting a line. In a GUI these would require 100s of options that the user would have to individually fill in. You can implement find -exec commands in a user friendly comforting GUI, you have to cut down the options and remove functionally to get it remotely sane.
The command line is scary (feels unsafe), not visually pretty and does not comfort users that the operation is OK but that's all due to a lack of experience with it, its not fundamentally hostile to the user.
I expect they patched the kernel at some stage and the only people running the kernel either have not updated in years or know how to apply the workarounds. Quantum appeared to be concerned if desktop Ubuntu that he was using was at risk of crashing.
Read the summary. This was fixed it appears in 2.6.29 kernels still used from before this will be old (and ironically considered "stable"). Modern Desktop distro's will be using 3.x which has had had this fixed for a long time. Ubuntu will be using 3.3 i would expect.
The only distros using old kernels will be some versions of Debian, CentOS and some based off it because this is a well tested stable kernel.
3. There is a $350 filing fee + lawyer's fees for filing a suit. The issue you seem to miss is that the copyright holder attempted to file one suit which encompasses a number of John Does instead of filling a suit for each John Doe That is called "joining" suits. So instead of filing a hundred separate suits the rights holder wants to file one suit. John Doe #4 is seeking to sever his suit so the rights holder must pay another filing fee and attend another trial.
This is what I am argueing, bit torrent carries not immunity to copyright charge. Did the users interact?
To use my example John Doe A interacts with John Doe B and John Doe C but John Doe B does not interact with John Doe C and therefor John Doe B can not be in the same suit as John Doe C... that is the right thing to do
If this ends up being determined the correct way to do it by the legal system then fine i don't like it. These people never interacted person to person, which is i would expect is what the law was originally intended to mean. Explain the difference to me on how googles search are not human speech because they are computer output but the only interaction is between computers; it is using a law that did not anticipate today's internet. That final link of A's interaction with B not just B's computer needs to be explicit (you are just assuming it), otherwise interacting with peoples possessions can get a lot of people legally involved.
Everyone knows the data comes from someone's computer.
When i say computer i don't just mean desktops and laptop that the user is sitting in-front of and has authorize that individual torrent. You can automate the downloading of torrent and authorize remotely.
That is why there are courts to find the facts of the case. A plaintiff files a case and then has to prove it. The allegations do not have to be "a given" before a suit is filled.
So the suit is still against John Doe until you establish who actually authorized the download? You don't need to assume the owner of the network is JD to get his details? You just want to be able to contact him to help establish who the John Doe is? There is no evidence that JD interacted with the other torrent peers.
Not necessarily true. If the IP address is associated with a modem that has no wireless access and that modem is connected to one computer that does not have a wireless card that it is beyond a reasonable doubt that the computer is the only one accessing the internet through that IP address. If the computer is in an area that is only accessed by one person then it is beyond a reasonable doubt that the person is the only one who controls the computer. This would be a special case but it is possible. If one adds a router, especially a wireless router, to the picture then there is no way to prove what computer used the torrent system.
There are cases when it all comes out that can be proven, i expect it could be a single figure percentage. Do you choose not to send notices if this is unlikely to be case? Meanwhile for the others that receive notices because they own the network have to spend money and time to find out about their legal situation and find supporting evidence that they did not do it, it is almost impossible to get any concept proof that they did or did not do it. Causing the defendant stress because of a partially automated system. I believe especially when you are taking excessive damages if this goes to court that to keep sanity in the system both plaintiff and defendant need similar legal cost.
The point that you seem to miss is that the human started the process by downloading a torrent file and loading it into a program that a human knew would go out and get segments from other computers. The computer did not decide to select a file and download it using a specific protocol; that was the choice of a human. Just because a human gives commands to a computer does not mean that the human is free from criminal or civil charges.
Of course its a crime, but its not not a given that the user know how bit torrent work or that they are aware of how other are involved. The minimum is they started a torrent on an installed torrent client possibly by just clicking once on a link on the internet and don't know how to stop it. The question is should rights holders be able to send notices to a person who possibly authorized the transfer for little cost and properly and fairly interpreting the law is it lawful for them to do this?
To put it succinctly as possible: A human authorizes the upload and a human authorizes the download so when a download takes place both humans are culpable.
But do I interact with you? You appear to avoid answering the question. Yes i would have authorized my computer to seek other other computers to illegally share. It's not implicit that i intend to effect any other user or that it does. There are many cases that people would be unaffected by me torrenting. It is defiantly not a given that the owner of the computer, who gets sued, has authorized or been interacted with.
You know there is someone who has authorized the action the computer is taking.
I guess, but you know know who or how directly or intentionally they authorized it. I guess you can expect to be highly likely that you will be downloading or uploading form or to a computer that has be directly authorized. My intent is primarily to just get the file from whatever source i get it from and if i support the organization to allow my computer to carry on providing that resource to others. I don't intend to interact with the users who authorized it. Though not the issue you can't even get the infringing computer from an IP much less the user who authorized the infringement.
2. John Doe A, through his computer, downloads segments from John Doe B.
That is what i'm discussing. I believe it should read: John Doe A's computer downloads segments from John Doe B's computer. John Doe A did not choose to download from John Doe B this was made as the result of the interaction's of computers. This is a computer generated resault and like Google's search results are not human generated.
Having a separate trial for each source is not economically feasible for the copyright holder so the want cases joined.
If there is no interaction this is an arbitrary way of doing it, why not save time and get everyone with the same torrent hash. I think everyone downloading and uploading the torrent is committing separate crimes.
the true test is did everyone interact?
Hypothetically if we were in the same swarm how do I (not something I own) interact with you? Do you know you are interacting with me (not my computer actually me)? The level of interaction between us is so low people could charged for tiny unintentional involvement with other serious crimes.
No, you misunderstand (probably my fault). There is user to user interaction on the service conveying human content from one user to the intended recipient, in your example.
Bit-torrent is only computers interacting based on a protocol, i do not intend to interact with another human i just want the file and my computer on my behalf interacts with another on the swarm. Me with my computer on the being on the same swarm as another swarm as another computer does not involve me having any direct iteration with the user (if there even is one) and indirectly negligible and no provable indirect interaction with the user.
While i am aware my computer is interacting with other computers to download my file*, neither it nor me actually interacts directly with another human user. My only interaction is with my computer to initiate a torrent.
I would have though this interacting claim is severely weakened in the US due to the ruling that the US that computer output is not included as free speech, the output of a protocol or algorithm is separated from the user.
*You would have some difficulty proving this for the general public.
There are two rather different versions of the free market: The one they assured us that we would get (that one requires minimal but good regulation) and the one that occurs under no regulation.
The GP is referring to the former and what the US currently has is neither.
I think the surface will be terrible to use as a tablet just because MS chose the ratio to match current laptop screens.
Its just too thin either orientation. You loose half the screen for things that pop-out from the bottom or top including the keyboard and if you turn it upright its too thin to deliver a decent experience for most things. Traditionally you use portrait for web-pages buy the arm one does not horizontal resolution to view it naively.
If its a poor tablet then and it wont be as good for typing as laptop then its doomed to find its self a small uninteresting niche. This is made worse because its only available online or from an MS store.
Probably because whatever works would be today would be made redundant by LO.
It would just result in works being compared to LO like IE is compared to Chrome or Firefox. They would be giving people an excuse to bash MS. Plus they would loose sales to those who don't need anything more.
Slashdot Mirror
Because doubling the key length roughly increases the required time by 7. Increasing compute time by 7^20 is a little extreme, when just doubling it is good for a while.
Yes but if the key length is sufficiently large they lose plausible deniability.
No ones going to believe that anyone bruteforced a 2048 cert key but if you start mentioning MD5 and less and 1024 then it could be anyone.
I would hardly call it proactive, they have just discarded all the certs that would have been considered insecure a couple of years ago. A company that promotes "trusted computing" should have done this when they were found to be insecure.
The proactive approach would be to upgrade all certs to 2048 bits so they will be as good as current best standardized strength*. This is just removing those that they would consider insecure MD5 and less than 1024 bits. This is bear minimum to try and mitigate the damage.
*they could beet most Linux distros to do this completely.
I see it working in a car mounted GPS device, though it sounds like extra external sensors and large amounts of storage are required to achieve the stated accuracy along with partial GPS coverage.
But indoor or urban mapping from a smartphone does not look like its solved. Indoor mapping using only censors available to a smartphone is not the same as this works while my phone is in my pocket where my hand, briefcase or anything else is swinging past it while I am moving though doors. In areas where you can't get GPS relative positioning is only so useful, people what maps because they have not been here before.
I guess if you have a slick "handoff" algorithm to the next wifi points you could maintain the current street at the expense of killing battery life and having to have a valid starting point.
I now realize that the target is car mounted units that use to rely on GPS which i think is far easier. Smart phones have more things that are unknown with battery and space constraints.
TV stations (especially since the changeover to digital and the use of multiple synchronized transmitters sending the same signal on the same frequency) and cell towers all send fantastically accurate timing references.
This might get you the right street or block almost all of the time but there will still be times it can't do or gets it wrong. Path distance is hardly reliable in an urban environment for initially locating your position. Filtering the estimated position over a trip probably they probably have worked out, especially if they include an accelerometer.
Is the timing outside of the main data or would the device require a full software defined OFDM receiver?
Distance to WiFI devices can be measured by actively interacting with them in various low-level ways that are a part of the standard and a legitimate thing for any other WiFi device to do.
Is this path or actual distance? Wifi will be really accurate if the position in the DB is accurate and its line of sight.
For the general public this is for when GPS does not work. The product will require extra hardware and if they want the best results a lot of extra hardware in there mobile device. Cellphone antennas are optimized for cellphone frequencies they are not designed to pickup frequencies so it may require extra antennas on the device. This is far more complex in the real word than GPS, you would only use this where GPS does not work.
I was thinking they could detect and report unexpected changes to wireless signal fields but this is beyond complex and a massive battery and privacy problem.
The problem of determining location off no line of sight signals using strength is a problem that is never going to solvable in too many situations without so much extra data you could not consider it feasible. If you can control were the signals are then you can reduce these situations, possibly to an acceptable level.
Signal strength is unreliable, as it depends on the atmosphere in between you and the transmitter. Yet you may be able to get time data (summary mentions digital signals only) and based on that calculate your distance.
I think its very possible to achieve this as long as the signals you rely on are line of sight. They will have smart people working on the problem.
They use digital signals as most analogue signals have large wavelengths that cannot be picked up by cell phone size antennas and they also may have broadcast IDs.
The article makes this look like a solution to a Military problem where they can maintain intelligence on broadcast sources that will be line of sight, when the enemy brakes GPS.
In urban, in my experience, GPS signals can generally be received but are unreliable due to reflections: the GPSr assumes direct line to the satellite, not via a reflection. As a result GPS in urban areas is often off-set, or jumpy (location jumps by 20-30m in any direction)
Without using third party wireless that is almost line of sight they will not be able to do much better. And any new large sign or a large truck parked out front will effect the signal strength field of the source meaning other sources have to used to realize this source should be discarded. I still think sticking a direction transmitter at every street corner is the best way to solve this.
Sure in an open area the signal strength from broadcast and third-party location services is fine but so is GPS.
But in an urban environment these are not accurate signal strength is only loosely proportional to inverse square of the distance so any accuracy will utterly break down. I can't see them having the money investing on getting a location DB for coverage outside major cities meaning you have to ship an unusable feature to most of the population.
The firm believes the technology could also work in urban concrete canyons where GPS signals cannot currently reach.
This will only work by regularly updating a database of local signals by driving down these roads and walking around areas. You might get the reliability for a consumer device but SDR like this can hardly be cheap, small and low power.
Possibly they have algorithm to make this manageable but i would think installing purpose built transmitting devices at every street corner would be a better option.
You can have hundreds or even thousand of options in the GUI fairly easily.
For some application is viable, mainly ones you spend hours a day using. This is where you have time to learn a CLI properly and get comfortable with it.
For a unique task that you might want to do once a month with zero training or experence this is just as confusing and you have no idea what you can do with it and if you do know you will struggle to a portion find options (depends on task and designer) and have to Google for how do it (if you have to Google for where to find something is it is at best little better than a CLI).
Have you got an example of a GUI with hundreds (or more interestingly thousands) of options that does not require tutorials to use or have an many session learning curve?
The command line is great for people that have memorized all the commands, know exactly what they want to do, and can run the operations in their sleep. But for everyone else it's a hinderence. They have to do queries and check forums to figure out what the program is called. Then they need to look up the syntax.
It's the opposite of user friendly.
Sometimes this is the case but its rarely that bad, generally is just run this line with the appropriate field. Mostly is just scary and does not hide the information the user will have difficulty understanding. Instead of pages of pictures on where to find an options its now all compressed down to a line.
It also provides obscure options and the chance to provide solutions to a user by just copy and pasting a line. In a GUI these would require 100s of options that the user would have to individually fill in. You can implement find -exec commands in a user friendly comforting GUI, you have to cut down the options and remove functionally to get it remotely sane.
The command line is scary (feels unsafe), not visually pretty and does not comfort users that the operation is OK but that's all due to a lack of experience with it, its not fundamentally hostile to the user.
I expect they patched the kernel at some stage and the only people running the kernel either have not updated in years or know how to apply the workarounds.
Quantum appeared to be concerned if desktop Ubuntu that he was using was at risk of crashing.
Read the summary. This was fixed it appears in 2.6.29 kernels still used from before this will be old (and ironically considered "stable").
Modern Desktop distro's will be using 3.x which has had had this fixed for a long time. Ubuntu will be using 3.3 i would expect.
The only distros using old kernels will be some versions of Debian, CentOS and some based off it because this is a well tested stable kernel.
3. There is a $350 filing fee + lawyer's fees for filing a suit. The issue you seem to miss is that the copyright holder attempted to file one suit which encompasses a number of John Does instead of filling a suit for each John Doe That is called "joining" suits. So instead of filing a hundred separate suits the rights holder wants to file one suit. John Doe #4 is seeking to sever his suit so the rights holder must pay another filing fee and attend another trial.
This is what I am argueing, bit torrent carries not immunity to copyright charge. Did the users interact?
To use my example John Doe A interacts with John Doe B and John Doe C but John Doe B does not interact with John Doe C and therefor John Doe B can not be in the same suit as John Doe C ... that is the right thing to do
If this ends up being determined the correct way to do it by the legal system then fine i don't like it. These people never interacted person to person, which is i would expect is what the law was originally intended to mean. Explain the difference to me on how googles search are not human speech because they are computer output but the only interaction is between computers; it is using a law that did not anticipate today's internet. That final link of A's interaction with B not just B's computer needs to be explicit (you are just assuming it), otherwise interacting with peoples possessions can get a lot of people legally involved.
Everyone knows the data comes from someone's computer.
When i say computer i don't just mean desktops and laptop that the user is sitting in-front of and has authorize that individual torrent. You can automate the downloading of torrent and authorize remotely.
That is why there are courts to find the facts of the case. A plaintiff files a case and then has to prove it. The allegations do not have to be "a given" before a suit is filled.
So the suit is still against John Doe until you establish who actually authorized the download? You don't need to assume the owner of the network is JD to get his details? You just want to be able to contact him to help establish who the John Doe is? There is no evidence that JD interacted with the other torrent peers.
Not necessarily true. If the IP address is associated with a modem that has no wireless access and that modem is connected to one computer that does not have a wireless card that it is beyond a reasonable doubt that the computer is the only one accessing the internet through that IP address. If the computer is in an area that is only accessed by one person then it is beyond a reasonable doubt that the person is the only one who controls the computer. This would be a special case but it is possible. If one adds a router, especially a wireless router, to the picture then there is no way to prove what computer used the torrent system.
There are cases when it all comes out that can be proven, i expect it could be a single figure percentage. Do you choose not to send notices if this is unlikely to be case? Meanwhile for the others that receive notices because they own the network have to spend money and time to find out about their legal situation and find supporting evidence that they did not do it, it is almost impossible to get any concept proof that they did or did not do it. Causing the defendant stress because of a partially automated system. I believe especially when you are taking excessive damages if this goes to court that to keep sanity in the system both plaintiff and defendant need similar legal cost.
The point that you seem to miss is that the human started the process by downloading a torrent file and loading it into a program that a human knew would go out and get segments from other computers. The computer did not decide to select a file and download it using a specific protocol; that was the choice of a human. Just because a human gives commands to a computer does not mean that the human is free from criminal or civil charges.
Of course its a crime, but its not not a given that the user know how bit torrent work or that they are aware of how other are involved. The minimum is they started a torrent on an installed torrent client possibly by just clicking once on a link on the internet and don't know how to stop it. The question is should rights holders be able to send notices to a person who possibly authorized the transfer for little cost and properly and fairly interpreting the law is it lawful for them to do this?
To put it succinctly as possible: A human authorizes the upload and a human authorizes the download so when a download takes place both humans are culpable.
But do I interact with you? You appear to avoid answering the question. Yes i would have authorized my computer to seek other other computers to illegally share. It's not implicit that i intend to effect any other user or that it does. There are many cases that people would be unaffected by me torrenting. It is defiantly not a given that the owner of the computer, who gets sued, has authorized or been interacted with.
You know there is someone who has authorized the action the computer is taking.
I guess, but you know know who or how directly or intentionally they authorized it. I guess you can expect to be highly likely that you will be downloading or uploading form or to a computer that has be directly authorized. My intent is primarily to just get the file from whatever source i get it from and if i support the organization to allow my computer to carry on providing that resource to others. I don't intend to interact with the users who authorized it. Though not the issue you can't even get the infringing computer from an IP much less the user who authorized the infringement.
2. John Doe A, through his computer, downloads segments from John Doe B.
That is what i'm discussing. I believe it should read:
John Doe A's computer downloads segments from John Doe B's computer.
John Doe A did not choose to download from John Doe B this was made as the result of the interaction's of computers. This is a computer generated resault and like Google's search results are not human generated.
Having a separate trial for each source is not economically feasible for the copyright holder so the want cases joined.
If there is no interaction this is an arbitrary way of doing it, why not save time and get everyone with the same torrent hash. I think everyone downloading and uploading the torrent is committing separate crimes.
the true test is did everyone interact?
Hypothetically if we were in the same swarm how do I (not something I own) interact with you? Do you know you are interacting with me (not my computer actually me)? The level of interaction between us is so low people could charged for tiny unintentional involvement with other serious crimes.
No, you misunderstand (probably my fault).
There is user to user interaction on the service conveying human content from one user to the intended recipient, in your example.
Bit-torrent is only computers interacting based on a protocol, i do not intend to interact with another human i just want the file and my computer on my behalf interacts with another on the swarm. Me with my computer on the being on the same swarm as another swarm as another computer does not involve me having any direct iteration with the user (if there even is one) and indirectly negligible and no provable indirect interaction with the user.
I intend to interact with your computer not you.
My computer is interacting with other computers.
While i am aware my computer is interacting with other computers to download my file*, neither it nor me actually interacts directly with another human user.
My only interaction is with my computer to initiate a torrent.
I would have though this interacting claim is severely weakened in the US due to the ruling that the US that computer output is not included as free speech, the output of a protocol or algorithm is separated from the user.
*You would have some difficulty proving this for the general public.
The GP is well aware of that.
There are two rather different versions of the free market:
The one they assured us that we would get (that one requires minimal but good regulation) and
the one that occurs under no regulation.
The GP is referring to the former and what the US currently has is neither.
From the wiki article:
By SQL Server 2005 the legacy Sybase code had been completely rewritten.
So MS coders have rewritten the failed Unix DB this is hardly credentials.
Looks like they changed it to 16:10 for the current models.
Text and the arranged list of tiles they use to demo the portrait work pretty well because they rearrange without needing to stretch anything.
Not that I disagree about 9:16 being potentially awkward, the arm surface has the same horizontal resolutions as the ipad 1 and 2 in portrait mode.
The iPad is sometimes gets sent to mobile websites, if MS is fine with letting servers do the same then the native res is not as much of an issue.
I think the surface will be terrible to use as a tablet just because MS chose the ratio to match current laptop screens.
Its just too thin either orientation.
You loose half the screen for things that pop-out from the bottom or top including the keyboard and if you turn it upright its too thin to deliver a decent experience for most things. Traditionally you use portrait for web-pages buy the arm one does not horizontal resolution to view it naively.
If its a poor tablet then and it wont be as good for typing as laptop then its doomed to find its self a small uninteresting niche. This is made worse because its only available online or from an MS store.
Supposedly this is an advancement on an automated docking. Can someone fill me in or is this just media spin?
Probably because whatever works would be today would be made redundant by LO.
It would just result in works being compared to LO like IE is compared to Chrome or Firefox. They would be giving people an excuse to bash MS. Plus they would loose sales to those who don't need anything more.