...is what makes it so much more important to enforce properly....is what makes it so much more important to prosecute properly.
It's not difficult to float a balloon full of red paint onto someone's property. It's not difficult to toss water balloons, or fly cheap drones, either.
It's really not difficult to drop dandelion seeds onto someone's green lawn.
The argument that it's-easy-to-be-a-criminal isn't a reason to force non-criminals to do more work. That's DRM. It's upsetting to non-criminals.
We have all sorts of insecure devices. There's no need to focus on IoT, or computers or electronics at all.
We have pickable locks, unbarred windows, windshield wipers, and high-speed cars separated by nothing but a strip of paint.
There's no reason to update devices that were never designed to change. We've gone centuries with devices that were never designed to change. You can steal a hammer. Does that mean hammer manufacturers need to implement security patches and thumb scanners to ensure that no one can hijack my hammer?
A long time ago, I pushed the update button, I pushed the reboot button, or I waited and pushed the reboot button later.
Not so long ago, I disabled updates until I didn't mind the distraction.
Today, windows is configured to reboot only after-hours -- I choose the hours -- and to avoid updates altogether for a month.
Seems perfect to me!
I don't worry about updates happening during intense work days, nor while on vacation. When I decide to allow the updates, I wake up to a fresh reboot, or I push the reboot button at will.
I'm not seeing anything new, nor anything missing. I'm already in absolutely full control.
The one and only thing that I don't control is that I can't ignore updates for more than 30 days at a time. Meh. Non-vital updates are already delayed 90 days. And, in general, I'd like to update every 30 days anyway.
And even that ain't true. It's very easy to disable updates entirely -- I had to do so on a very old and very busted workstation. It's even easier at the network level too.
So who's complaining here?
It sounds like people who don't know how to configure their machines -- which amounts to going through the aptly named "settings" panels, in sequence, for about ten minutes. And really, anyone incapable of configuring their tools, should have those configurations chosen for them -- which is exactly what's happened.
I couldn't have said it better myself -- in support of the reverse point.
Locking your car door is barely better than just shutting it. Took me 4 minutes to break into a friends' sports car last week when she locked her keys in her trunk. You don't need to be a locksmith to use a wire hanger through the window seal.
Saying that keys remove the human element is like saying, oh wait, that keys remove the human element. You have keys to your office, so you don't need to say the magic word to the guard through the slit in the door. But it's not like office keys and car keys and house keys have made it difficult for anyone to break into your office, your car, or your house. Keys can be copied. Keys can be lost. Keys can be duplicated. And you can get someone to use their key where they shouldn't.
The real problem with passwords has never been on the user side. The problem with passwords is on the monitoring side. No bouncer would ever let you try the wrong password a thousand times in a row.
Security is about way more than checking credentials. It's about discerning whether or not the person standing in-front of you is likely to have those credentials in the first place.
No. I'm not giving you a donation to the fire fighters children fund of america. I don't care what you call your company. I don't care about your helmet, your shiny badge, nor your clipboard. You don't look like a fire fighter to me. And I don't see you driving a fire truck.
You misunderstood. They are doing something "different". As a direct result, they are harder targets than others. The moment everyone does the same thing, bad actors will happily target google the same as everyone else.
It's only difficult to break security keys because they aren't everywhere...yet.
"...unless they also hack or possess that second factor" . . or socially engineer a user in a dozen ways.
Google's success here has absolutely nothing to do with the security keys. This kind of success has everything to do with being different.
Around here, we call this "the club" scenario. For those not in the know, there is (was?) a car security device called "the club" that locked your car's steering wheel, making it physically impossible (inconvenient?) to drive. Was it difficult for a car-thief to disable the club? Not really. Was it easier for a thief to steal a different car in the parking lot? Absolutely.
To forego the another-car-analogy, we can also look at the reason that left-handed sports players are always statistically better -- it's simply because most players aren't left-handed, which means that most players encounter fewer lefties, and hence are less experienced against lefties.
In either case, it's called a dominant minority.
Google's not successful here because they have chosen to use security keys. Google is successful here because they spent a lot of time and money and training and effort and co-ordination to do something that most people aren't currently doing.
Security keys are the minority. Hence, they are more troublesome targets.
Wait a few years.
The win here is "something new". The moment it isn't new, it won't be any more secure than anything else.
Whenever I watch tvision, at the start of every show, there's a big obvious black square in the corner, with an audience rating provided by the content authors. It's there for all of the expected reasons -- viewer discretion is advised.
Is it so difficult to regulate that web-sites do the same? A simple HTTP header X-AudienceRating would do just fine. Don't do it, or lie with it, and police show up at your door. Welcome to teeth.
Overblocking is only ever a concern because you're expected to be able to access community content. But community content is never from outside of your country. So it's easy to have your filter block anything outside your country that doesn't have the header, if you desire.
Sounds like we've solved all of this countless times before. It's been called Parental Lock everywhere else.
So, what's the problem? Oh yeah, no one likes mapping existing laws to the internet, but everyone wants to call the internet here to stay. Gas has taxes to support roads. When cars are mostly electric, they'll be taxed too, because they still need roads. We've always regulated media outlets. Web-sites are no different.
Then let's address that part -- "that we are capable of enforcing the laws".
A long time ago, there was something call the wild wild west. Perhaps www has always stood for wild wild west. The wild wild west was defined by the imbalance of powers, mostly due to two things: the power of criminals with unlimited access to guns, and the lack of power of corporations to actually secure anything like money.
A gang of thieves with horses and guns could easily threaten any business, and any sheriff. Today's "organized crime" isn't in contrast to today's small criminals, it's in contrast to the gangs of criminals in the wild wild west, where holding up any bank was exactly that easy.
This parallels, in my mind, to our conversation at-hand. Corporations have no ability to secure their data, and hackers have unlimited access to hacking tools and escape horses.
But banks haven't become any more secure over the last thousand years. Sure, there are big huge vaults that are very secure. But ATMs are less secure than a 1'000 year-old safe, and they are easily ripped from the wall with a few obvious tools. Similarly, a brinks truck is nothing more than a few humans, easily attacked by a gang of ten teenagers with hammers.
But in the wild wild west, there were deterrents that limited crime to only bands of outlaws. Death-penalties were much more common.
I'm not suggesting that we should kill hackers. I am suggesting that we should eliminate their online freedom in the same way. I don't think it would be difficult to effectively revoke a criminal's general hacking tools (connection, real equipment, et cetera). And hey, if the internet really is an essential human right (which is ridiculous, by the way), I'm sure we can develop a consumer-only tablet-style device for these criminals, that really can't do much more than surf the web.
Maybe, that's actually easier than I think. Maybe it comes down to nothing more than curating their data connection -- in the same way that a prison guard curates a prisoner's movements. We'd be jailing their data connection. It might be as simple as that.
...and hence, I'm saying we make the connected world work like the real life that it is. We start enforcing the laws. We make examples of people. We call them criminals. We make it just as easy to fine them.
And let's be clear, I don't necessarily mean that we always need a big huge court case.
I live in a wonderful little city, next to a giant huge city. We have some very wonderful neighbour-to-neighbour systems. For example, in my city, you are expected to work out the fence situation with your neighbour. It is expected that the two of you will come to an agreement, and no one else cares what that agreement is. However, you have a right to a fence, if you want one. So if you can't come to an agreement with your neighbour, you are allowed to just go ahead and build a fence, on the property line, send half the bill to the city, and the city will pay it instantly, and simply add it onto your neighbour's property tax bill.
The same is true if your neighbour doesn't shovel the snow from their sidewalk, lets their grass/weeds over-grow, or generally lapses on anything that good-neighbours are expected to do.
There's no court case, there's no question. I call the city, the city calls them, if they don't comply right away, the city comes out and does it for them, and charges them for it.
There are plenty of such systems, including those that don't require owning a home. I should think that the connected world would be no different.
And again, I understand the intricacies of accidents. Stumbling upon someone's machine by mis-typing an IP address is like tripping and stumbling into someone's garden. Downloading all of their files is like meticulously picking their flowers. Deleting their files is like unearthing their plants. Doing it multiple times, and after they've asked you to stop is the unequivocal crime.
I think the problem with our laws today, are that they don't allow for obviously equations. I've said this from the street-level cameras. My living room couch isn't public -- even if it's visible through a window, even if the curtains are open. Someone with an x-ray telescope in the street doesn't get to say that I put my couch where it could be seen. The laws were written when houses were long drives from the public street. The law was never written properly. It was never context-aware.
My point is best encapsulated by your final sentence -- all security efforts increase the energy cost by more than 100%.
I want to drive fast. I build a road. I don't want someone else on that road to bump into me, which would kill me and thus impede my original intention of driving forward, fast. So I need to put concrete dividers between the lanes.
Building a road is easy. Even paving a road isn't so bad. But bringing in concrete dividers, and orchestrating entrances and exits to them is absurdly expensive.
Hence, we use white and yellow paint, and just presume that people aren't trying to kill each other with cars.
Think about what a handful of ball-bearings or tire-spikes would do if you just flung them onto a highway?
That's like saying the lock on your front door "asks" for a key with the right pattern of bumps, and picking the lock is just sending the bumps a different way.
I don't want to ring my bell and wait for my butler. I want to walk into my house unattested. I also don't want to pay for a butler, nor live with one around. That's why I have a lap-dog, not an attack-dog.
I don't know where you live, but maybe you should consider moving.
I would agree with your father that crime is mostly of opportunity -- I say you can't ever stop Ethan Hunt, so certainly I'd agree that crime prevention is of opportunistic crimes.
But crime prevention isn't about security.
My beloved left her iPhoneX in a restaurant bathroom last week. When she realized, an hour later, she found it at the front. That means at least one woman saw it in the bathroom, and handed it to at least one waitress paid minimum wage, who had this unlocked $1'250 iphone for an hour downtown. And no, she doesn't put a passcode onto it, because that makes the phone unusable in reality.
Currently, and for the last sixty days straight, I have $200 of garden hose and sprinklers on my front lawn. I also keep about $1'500 of gardening tools on the front porch, in plain sight.
I've never owned a car that locks its windshield wipers. I've watched locksmiths and parking lot attendants break into a car in under thirty seconds. Just last week I broke into a car with a wire hanger in under three minutes.
Smashing a window next to a front door is pretty convenient. And with about an hour of practice, picking a lock is just as easy.
I park my convertible open in parking lots all the time. I don't worry about the $200 of stuff that I leave on the seat. I worry about the birds perched on the lightstand above, or the kid with the ice cream cone.
It's not opportunity that stops me from stealing your stuff. It's ethics.
I have trouble with this industry-concept that software security should be put first -- it's an impossible business objective.
Think about how many industries focus on security. Banks, sure. Money transport, of course. Prisons and jails.
My air conditioner broke last week. It needed a new capacitor. It was a 5-minute $0 fix. Walk between the houses, open the compartment, pull out the breaker.
Now imagine your air conditioner, with the software industry's concept of security. Can you? How many check-points for a repairman to get to my air conditioner? How much added hardware? How much added expense in dollars and time? What stops someone from throwing a paint-filled balloon from fifty-feet away?
Security, when lives aren't at risk, is just so rarely worth it.
And when lives are at risk? Maybe you have a lock on your front door. Maybe it's a deadbolt. Maybe it's a really fancy locking mechanism, super-secure. Your front door is likely right next to a glass window. Congrats on the lock. Enjoy the bars on your windows.
And what stops your car, at highway speeds, from hitting another car at highway speeds? Right, a thin strip of white paint. Excellent. Sometimes the paint is yellow, even better.
We've never focused on security. We simply cannot afford to.
Instead, we talk about insurance, and criminal law enforcement.
So that's what I'm suggesting for software. Law enforcement. Deterrents.
In court, they say [what ought to be] the truth. In public, they are completely permitted to lie. I do believe Jerry Springer said it best, a very long time ago.
Software companies don't make money on quality anymore. In fact, most companies don't make money on quality anymore.
And most successful businessmen don't make money on company longevity either. Certainly not if they are actually making a product or performing a service (as opposed to reselling someone else's product or connecting someone else's service).
Modern profit is made by corner-cutting, corporate losses that create personal profit, and up-charging someone else's product and service.
The best way to profit today is actually exactly that -- let the product/service source company (even if you started it) operate at a loss, get all of the tax breaks and eventually go bankrupt without paying anyone, up-charge your customer to connect them with said product/service that you purchased at a discount from a "failing" company. Flex your own tax breaks in a region that seems to be forever failing to keep those source companies. Ta da!
"Age discrimination" is merely an excuse, an legally aggressive way to describe something that really has absolutely nothing to do with age.
I have no doubt that he was a great performer -- experience, age, and the bonus indicate that pretty well. But "performance" in a business context has absolutely nothing to do with "performance" in a production context.
It's easy to be the "worst performing person on the team", when you get paid the biggest bonus. Production / Paycheque. Raise the salary, and the employee quickly becomes the worst on the team.
It's not unusual to fire the most expensive employees, and it's not unusual to fire the most experienced employees. Quite frankly, it's typical. Ideally, most companies want employees who don't demand high salaries, and who do what they're told.
Yes, this is in-line with hiring younger people, and firing older people. But it absolutely nothing to do with their ages, and everything to do with the realities of their value as employees.
There is no mobile device that can be actively used for a full business day. Ten hours of full-brightness, let's say video playing.
Your phone multi-tasks? You can watch a video while typing a document while monitoring a news feed? I highly doubt it. I've yet to even meet a phone that can display two applications on the screen simultaneously.
Small enough to put into your pocket is a volume/mass game. Big enough to display three things (or share with a group of viewers) is a display size thing. Screens can fold dude. Screens can roll dude. Screens can slide out dude. Screens have been doing all of those things for well over 100 years now. Just not on phones -- yet. I don't know if unicorns can fold, but they can certainly roll up for storage.
Mobile's not mature at all. It's still fraught with daily problems. Battery life doesn't fill a day. Displays are too small. It's too big to hold. It's too thin to hold. It can't do anything more than one thing at a time. It can't project. It can't transfer peer-to-peer. It breaks very easily.
In oh so many ways, current mobile is much much much worse than my 486, or even my AT from thirty years ago.. Let's compare all of the things that make my AT from 1985 better than the iphone.
- a floppy disk could transfer data from one AT to another. there's no way to transfer data from one iphone to another.
- my AT's screen was bigger
- my AT's keyboard was more ergonomic
- my AT booted up faster than an iphone
- my AT was far more durable than an iphone
- my AT could run office productivity programs
- my AT could multi-task -- ok, my 486 could actually multi-task
- my AT was more exclusive than an iphone these days
Mobile has a lot farther to go before it's actually useful as something more than a simple consumer tool. Much of it hinges on actual battery technology -- we need batteries that can provide 5'000 watt-hours. That would give us a solid day of real-world power, for actual work:
- doesn't break when you drop it
- big enough to show three things at a time (source material, work interface, presentation output)
- small enough to pocket
- can be used for 100% of its usage for 100% of a day -- doesn't need to sleep before I do!
- can project, in support of a shared experience with a group of people
- can transfer, peer-to-peer, in support of handing data from one person to another
In other words, it needs to actually support its own usage scenario. Just like my desktop, my car, and my house.
Aside from power consumption, and by that we mean battery life, there's no problem with intel in mobile. So we're really just waiting for much better batteries. Maybe all Intel needs to do is to wait.
I think this kind of analysis is quite premature. Presently, there is no mobile-worthy x86 option -- for lots of reasons. Until there is, I don't think you can judge Intel for their direction.
Presume, for a moment, that in a few years, Intel successfully produces an x86 proc for mobile specifications. It's distinctly possible, indeed even probable, that ARM becomes useless, and the entire mobile market moves to x86. What a boon for Intel to have not wasted time and effort during these middle-ground years.
We've lived through this before. I refer you to WAP. How many web developers spent how many hours fumbling through WAP-limited options, before the entire mobile market moved to full web technologies? What a wasted investment for any small company. And what a horrible experience in was for consumers.
Slashdot Mirror
...is what makes it so much more important to enforce properly. ...is what makes it so much more important to prosecute properly.
It's not difficult to float a balloon full of red paint onto someone's property.
It's not difficult to toss water balloons, or fly cheap drones, either.
It's really not difficult to drop dandelion seeds onto someone's green lawn.
The argument that it's-easy-to-be-a-criminal isn't a reason to force non-criminals to do more work. That's DRM. It's upsetting to non-criminals.
Try again.
We have all sorts of insecure devices. There's no need to focus on IoT, or computers or electronics at all.
We have pickable locks, unbarred windows, windshield wipers, and high-speed cars separated by nothing but a strip of paint.
There's no reason to update devices that were never designed to change. We've gone centuries with devices that were never designed to change. You can steal a hammer. Does that mean hammer manufacturers need to implement security patches and thumb scanners to ensure that no one can hijack my hammer?
Start enforcing laws. Start arresting criminals.
A long time ago, I pushed the update button, I pushed the reboot button, or I waited and pushed the reboot button later.
Not so long ago, I disabled updates until I didn't mind the distraction.
Today, windows is configured to reboot only after-hours -- I choose the hours -- and to avoid updates altogether for a month.
Seems perfect to me!
I don't worry about updates happening during intense work days, nor while on vacation. When I decide to allow the updates, I wake up to a fresh reboot, or I push the reboot button at will.
I'm not seeing anything new, nor anything missing. I'm already in absolutely full control.
The one and only thing that I don't control is that I can't ignore updates for more than 30 days at a time. Meh. Non-vital updates are already delayed 90 days. And, in general, I'd like to update every 30 days anyway.
And even that ain't true. It's very easy to disable updates entirely -- I had to do so on a very old and very busted workstation. It's even easier at the network level too.
So who's complaining here?
It sounds like people who don't know how to configure their machines -- which amounts to going through the aptly named "settings" panels, in sequence, for about ten minutes. And really, anyone incapable of configuring their tools, should have those configurations chosen for them -- which is exactly what's happened.
Like I said: I don't see the problem.
I couldn't have said it better myself -- in support of the reverse point.
Locking your car door is barely better than just shutting it. Took me 4 minutes to break into a friends' sports car last week when she locked her keys in her trunk. You don't need to be a locksmith to use a wire hanger through the window seal.
Saying that keys remove the human element is like saying, oh wait, that keys remove the human element. You have keys to your office, so you don't need to say the magic word to the guard through the slit in the door. But it's not like office keys and car keys and house keys have made it difficult for anyone to break into your office, your car, or your house. Keys can be copied. Keys can be lost. Keys can be duplicated. And you can get someone to use their key where they shouldn't.
The real problem with passwords has never been on the user side. The problem with passwords is on the monitoring side. No bouncer would ever let you try the wrong password a thousand times in a row.
Security is about way more than checking credentials. It's about discerning whether or not the person standing in-front of you is likely to have those credentials in the first place.
No. I'm not giving you a donation to the fire fighters children fund of america. I don't care what you call your company. I don't care about your helmet, your shiny badge, nor your clipboard. You don't look like a fire fighter to me. And I don't see you driving a fire truck.
You misunderstood. They are doing something "different". As a direct result, they are harder targets than others. The moment everyone does the same thing, bad actors will happily target google the same as everyone else.
It's only difficult to break security keys because they aren't everywhere...yet.
"...unless they also hack or possess that second factor" . . or socially engineer a user in a dozen ways.
Google's success here has absolutely nothing to do with the security keys. This kind of success has everything to do with being different.
Around here, we call this "the club" scenario. For those not in the know, there is (was?) a car security device called "the club" that locked your car's steering wheel, making it physically impossible (inconvenient?) to drive. Was it difficult for a car-thief to disable the club? Not really. Was it easier for a thief to steal a different car in the parking lot? Absolutely.
To forego the another-car-analogy, we can also look at the reason that left-handed sports players are always statistically better -- it's simply because most players aren't left-handed, which means that most players encounter fewer lefties, and hence are less experienced against lefties.
In either case, it's called a dominant minority.
Google's not successful here because they have chosen to use security keys. Google is successful here because they spent a lot of time and money and training and effort and co-ordination to do something that most people aren't currently doing.
Security keys are the minority. Hence, they are more troublesome targets.
Wait a few years.
The win here is "something new". The moment it isn't new, it won't be any more secure than anything else.
That's awesome, I had no idea about 2257. I'll add that to the list, like the beeping traffic lights, that I wish people would be taught.
Whenever I watch tvision, at the start of every show, there's a big obvious black square in the corner, with an audience rating provided by the content authors. It's there for all of the expected reasons -- viewer discretion is advised.
Is it so difficult to regulate that web-sites do the same? A simple HTTP header X-AudienceRating would do just fine. Don't do it, or lie with it, and police show up at your door. Welcome to teeth.
Overblocking is only ever a concern because you're expected to be able to access community content. But community content is never from outside of your country. So it's easy to have your filter block anything outside your country that doesn't have the header, if you desire.
Sounds like we've solved all of this countless times before. It's been called Parental Lock everywhere else.
So, what's the problem? Oh yeah, no one likes mapping existing laws to the internet, but everyone wants to call the internet here to stay. Gas has taxes to support roads. When cars are mostly electric, they'll be taxed too, because they still need roads. We've always regulated media outlets. Web-sites are no different.
X-AudienceRating - F, G, PG, AA, R, X, XXX
Why is this difficult?
Then let's address that part -- "that we are capable of enforcing the laws".
A long time ago, there was something call the wild wild west. Perhaps www has always stood for wild wild west. The wild wild west was defined by the imbalance of powers, mostly due to two things: the power of criminals with unlimited access to guns, and the lack of power of corporations to actually secure anything like money.
A gang of thieves with horses and guns could easily threaten any business, and any sheriff. Today's "organized crime" isn't in contrast to today's small criminals, it's in contrast to the gangs of criminals in the wild wild west, where holding up any bank was exactly that easy.
This parallels, in my mind, to our conversation at-hand. Corporations have no ability to secure their data, and hackers have unlimited access to hacking tools and escape horses.
But banks haven't become any more secure over the last thousand years. Sure, there are big huge vaults that are very secure. But ATMs are less secure than a 1'000 year-old safe, and they are easily ripped from the wall with a few obvious tools. Similarly, a brinks truck is nothing more than a few humans, easily attacked by a gang of ten teenagers with hammers.
But in the wild wild west, there were deterrents that limited crime to only bands of outlaws. Death-penalties were much more common.
I'm not suggesting that we should kill hackers. I am suggesting that we should eliminate their online freedom in the same way. I don't think it would be difficult to effectively revoke a criminal's general hacking tools (connection, real equipment, et cetera). And hey, if the internet really is an essential human right (which is ridiculous, by the way), I'm sure we can develop a consumer-only tablet-style device for these criminals, that really can't do much more than surf the web.
Maybe, that's actually easier than I think. Maybe it comes down to nothing more than curating their data connection -- in the same way that a prison guard curates a prisoner's movements. We'd be jailing their data connection. It might be as simple as that.
...and hence, I'm saying we make the connected world work like the real life that it is. We start enforcing the laws. We make examples of people. We call them criminals. We make it just as easy to fine them.
And let's be clear, I don't necessarily mean that we always need a big huge court case.
I live in a wonderful little city, next to a giant huge city. We have some very wonderful neighbour-to-neighbour systems. For example, in my city, you are expected to work out the fence situation with your neighbour. It is expected that the two of you will come to an agreement, and no one else cares what that agreement is. However, you have a right to a fence, if you want one. So if you can't come to an agreement with your neighbour, you are allowed to just go ahead and build a fence, on the property line, send half the bill to the city, and the city will pay it instantly, and simply add it onto your neighbour's property tax bill.
The same is true if your neighbour doesn't shovel the snow from their sidewalk, lets their grass/weeds over-grow, or generally lapses on anything that good-neighbours are expected to do.
There's no court case, there's no question. I call the city, the city calls them, if they don't comply right away, the city comes out and does it for them, and charges them for it.
There are plenty of such systems, including those that don't require owning a home. I should think that the connected world would be no different.
And again, I understand the intricacies of accidents. Stumbling upon someone's machine by mis-typing an IP address is like tripping and stumbling into someone's garden. Downloading all of their files is like meticulously picking their flowers. Deleting their files is like unearthing their plants. Doing it multiple times, and after they've asked you to stop is the unequivocal crime.
I think the problem with our laws today, are that they don't allow for obviously equations. I've said this from the street-level cameras. My living room couch isn't public -- even if it's visible through a window, even if the curtains are open. Someone with an x-ray telescope in the street doesn't get to say that I put my couch where it could be seen. The laws were written when houses were long drives from the public street. The law was never written properly. It was never context-aware.
My point is best encapsulated by your final sentence -- all security efforts increase the energy cost by more than 100%.
I want to drive fast. I build a road. I don't want someone else on that road to bump into me, which would kill me and thus impede my original intention of driving forward, fast. So I need to put concrete dividers between the lanes.
Building a road is easy. Even paving a road isn't so bad. But bringing in concrete dividers, and orchestrating entrances and exits to them is absurdly expensive.
Hence, we use white and yellow paint, and just presume that people aren't trying to kill each other with cars.
Think about what a handful of ball-bearings or tire-spikes would do if you just flung them onto a highway?
That's like saying the lock on your front door "asks" for a key with the right pattern of bumps, and picking the lock is just sending the bumps a different way.
I don't want to ring my bell and wait for my butler. I want to walk into my house unattested. I also don't want to pay for a butler, nor live with one around. That's why I have a lap-dog, not an attack-dog.
I don't know where you live, but maybe you should consider moving.
I would agree with your father that crime is mostly of opportunity -- I say you can't ever stop Ethan Hunt, so certainly I'd agree that crime prevention is of opportunistic crimes.
But crime prevention isn't about security.
My beloved left her iPhoneX in a restaurant bathroom last week. When she realized, an hour later, she found it at the front. That means at least one woman saw it in the bathroom, and handed it to at least one waitress paid minimum wage, who had this unlocked $1'250 iphone for an hour downtown. And no, she doesn't put a passcode onto it, because that makes the phone unusable in reality.
Currently, and for the last sixty days straight, I have $200 of garden hose and sprinklers on my front lawn. I also keep about $1'500 of gardening tools on the front porch, in plain sight.
I've never owned a car that locks its windshield wipers. I've watched locksmiths and parking lot attendants break into a car in under thirty seconds. Just last week I broke into a car with a wire hanger in under three minutes.
Smashing a window next to a front door is pretty convenient. And with about an hour of practice, picking a lock is just as easy.
I park my convertible open in parking lots all the time. I don't worry about the $200 of stuff that I leave on the seat. I worry about the birds perched on the lightstand above, or the kid with the ice cream cone.
It's not opportunity that stops me from stealing your stuff. It's ethics.
I have trouble with this industry-concept that software security should be put first -- it's an impossible business objective.
Think about how many industries focus on security. Banks, sure. Money transport, of course. Prisons and jails.
My air conditioner broke last week. It needed a new capacitor. It was a 5-minute $0 fix. Walk between the houses, open the compartment, pull out the breaker.
Now imagine your air conditioner, with the software industry's concept of security. Can you? How many check-points for a repairman to get to my air conditioner? How much added hardware? How much added expense in dollars and time? What stops someone from throwing a paint-filled balloon from fifty-feet away?
Security, when lives aren't at risk, is just so rarely worth it.
And when lives are at risk? Maybe you have a lock on your front door. Maybe it's a deadbolt. Maybe it's a really fancy locking mechanism, super-secure. Your front door is likely right next to a glass window. Congrats on the lock. Enjoy the bars on your windows.
And what stops your car, at highway speeds, from hitting another car at highway speeds? Right, a thin strip of white paint. Excellent. Sometimes the paint is yellow, even better.
We've never focused on security. We simply cannot afford to.
Instead, we talk about insurance, and criminal law enforcement.
So that's what I'm suggesting for software. Law enforcement. Deterrents.
Anything else, well, is just uncivilized.
I'm probably way too old to be tasty. I don't think ketchup would help.
In court, they say [what ought to be] the truth. In public, they are completely permitted to lie. I do believe Jerry Springer said it best, a very long time ago.
Software companies don't make money on quality anymore. In fact, most companies don't make money on quality anymore.
And most successful businessmen don't make money on company longevity either. Certainly not if they are actually making a product or performing a service (as opposed to reselling someone else's product or connecting someone else's service).
Modern profit is made by corner-cutting, corporate losses that create personal profit, and up-charging someone else's product and service.
The best way to profit today is actually exactly that -- let the product/service source company (even if you started it) operate at a loss, get all of the tax breaks and eventually go bankrupt without paying anyone, up-charge your customer to connect them with said product/service that you purchased at a discount from a "failing" company. Flex your own tax breaks in a region that seems to be forever failing to keep those source companies. Ta da!
"Age discrimination" is merely an excuse, an legally aggressive way to describe something that really has absolutely nothing to do with age.
I have no doubt that he was a great performer -- experience, age, and the bonus indicate that pretty well. But "performance" in a business context has absolutely nothing to do with "performance" in a production context.
It's easy to be the "worst performing person on the team", when you get paid the biggest bonus. Production / Paycheque. Raise the salary, and the employee quickly becomes the worst on the team.
It's not unusual to fire the most expensive employees, and it's not unusual to fire the most experienced employees. Quite frankly, it's typical. Ideally, most companies want employees who don't demand high salaries, and who do what they're told.
Yes, this is in-line with hiring younger people, and firing older people. But it absolutely nothing to do with their ages, and everything to do with the realities of their value as employees.
There is no mobile device that can be actively used for a full business day. Ten hours of full-brightness, let's say video playing.
Your phone multi-tasks? You can watch a video while typing a document while monitoring a news feed? I highly doubt it. I've yet to even meet a phone that can display two applications on the screen simultaneously.
Small enough to put into your pocket is a volume/mass game. Big enough to display three things (or share with a group of viewers) is a display size thing. Screens can fold dude. Screens can roll dude. Screens can slide out dude. Screens have been doing all of those things for well over 100 years now. Just not on phones -- yet. I don't know if unicorns can fold, but they can certainly roll up for storage.
Mobile's not mature at all. It's still fraught with daily problems. Battery life doesn't fill a day. Displays are too small. It's too big to hold. It's too thin to hold. It can't do anything more than one thing at a time. It can't project. It can't transfer peer-to-peer. It breaks very easily.
In oh so many ways, current mobile is much much much worse than my 486, or even my AT from thirty years ago.. Let's compare all of the things that make my AT from 1985 better than the iphone.
- a floppy disk could transfer data from one AT to another. there's no way to transfer data from one iphone to another.
- my AT's screen was bigger
- my AT's keyboard was more ergonomic
- my AT booted up faster than an iphone
- my AT was far more durable than an iphone
- my AT could run office productivity programs
- my AT could multi-task -- ok, my 486 could actually multi-task
- my AT was more exclusive than an iphone these days
Mobile has a lot farther to go before it's actually useful as something more than a simple consumer tool. Much of it hinges on actual battery technology -- we need batteries that can provide 5'000 watt-hours. That would give us a solid day of real-world power, for actual work:
- doesn't break when you drop it
- big enough to show three things at a time (source material, work interface, presentation output)
- small enough to pocket
- can be used for 100% of its usage for 100% of a day -- doesn't need to sleep before I do!
- can project, in support of a shared experience with a group of people
- can transfer, peer-to-peer, in support of handing data from one person to another
In other words, it needs to actually support its own usage scenario. Just like my desktop, my car, and my house.
Aside from power consumption, and by that we mean battery life, there's no problem with intel in mobile. So we're really just waiting for much better batteries. Maybe all Intel needs to do is to wait.
I doubt very much that ten years from now, mobile devices won't be able to run any software that exists today.
If you're going to quote partial sentences, please include the primary predicate. I said "distinctly possible".
My comment wasn't about predicting the future. My comment was about Intel's choice being a valid business gamble, given a distinctly possible future.
What actually winds up happening has absolutely nothing to do with my comment.
I think this kind of analysis is quite premature. Presently, there is no mobile-worthy x86 option -- for lots of reasons. Until there is, I don't think you can judge Intel for their direction.
Presume, for a moment, that in a few years, Intel successfully produces an x86 proc for mobile specifications. It's distinctly possible, indeed even probable, that ARM becomes useless, and the entire mobile market moves to x86. What a boon for Intel to have not wasted time and effort during these middle-ground years.
We've lived through this before. I refer you to WAP. How many web developers spent how many hours fumbling through WAP-limited options, before the entire mobile market moved to full web technologies? What a wasted investment for any small company. And what a horrible experience in was for consumers.
We'll wait and see.
Last I checked, "hack" was far older than computers. Older, even, than ingenuity.
https://www.etymonline.com/sea...
https://www.etymonline.com/wor...
chopping wood, coughing, routine work...
Nice that 700 years later, computer criminals adopted it too. Not surprising that this particular word has finally made it back to its roots.
Next you'll be saying that "gay" is suddenly being used to describe everyone who's happy. Wait for it.