The article isn't actually about end-to-end email security, but about using web-based email, because you can't trust the contents of the browser window. The answer, of course, is to use a Mail app, and not web-based email. If you use a mail app, end-to-end security works great!
The real problem that needs solving isn't hacking PGP into web-mail, it's making certificate management user-friendly. And that's not even that hard to do!
Sure. But the goal was educational, not production, what they did is pretty reasonable. That is, they built a large cluster of computers for kids to learn parallel programming on, using dirt-cheap commodity components accessible to kids. Sure, it's not a supercomputer in that it won't be on the Top 100 list, but it's a good educational "trainer" supercomputer, in that learning parallel programming teaches the the programming models (though not the specific languages) used by the real supercomputers.
Now, if they could get FORTRAN running parallel on the cluster, that's be really useful for teaching kids to be ready for supercomputing! Not as 'hip' as Node.js, but really useful for doing supercomputing.
One correction - from what I've read Netflix demanded that Comcast give them direct transit for free, Comcast insisted that it be paid transit, through a provider, which is how pretty much all web sites operate - they pay their ISP, the web site's ISP buys transit to the consumer ISPs, and the traffic gets delivered. Netflix refused to buy more bandwidth from a provider, insisting that Netflix be able to bypass their ISP and deliver transit straight to Comcast, and they should get the transit for free from Comcast. Then Netflix tried to push more traffic to Comcast then their ISP was paid to deliver, the connections from Netflix to Comcast saturated and started dropping packets (or were throttled by Comcast, hard to tell from the outside). Netflix' bet was that if their service degraded on Comcast, they could tell their customers it was Comcast's fault, and force Comcast to provide transit for free to avoid the bad PR.
The rule only says that ISPs have to transit traffic without differentiating between it.
Paid caches aren't network transit. They're not affected by this rule.
Peering arrangements are network transit, but the rule just says the ISP has to deliver the traffic they're paid by customers to deliver, whether or not the ISP likes the specific web site the data is coming from. It's not relevant whether the transit is free (peering) or paid transit.
Albert Manero at his team at UCF are doing a great job. One bit I want to add: the community that he's working in is e-NABLE ( http://www.enablingthefuture.o... ). The "one note" stuff is just a Microsoft sponsorship deal, done after-the-fact, and while their financial and marketing sponsorship of Albert's work is awesome (his work takes time and money, even if he gives the results away for free), it would be better to credit the actual community that contributed to the design, not the made up community that MS created for marketing spin. In particular, the hand used in the Limitless design is Flexy Hand (http://www.thingiverse.com/thing:242639) by Gyrobot, who's a very cool guy who deserves some credit for his work.
No, the first amendment says that The People have the Right to form Well Regulated Militia. The Founders strongly opposed the idea of private armies, and in fact when people tried to set up their own military force outside of the Militia they were found guilty of treason and shut down by the army.
It's weird how modern gun salesmen have managed to twist "the people have a right to form well regulated militia" into "gun companies have the right to sell unlimited quantities of any kinds of guns to anonymous buyers over the internet".
Keep in perspective that the "too low" Medicare and Medicaid payment schedule that the hospitals and doctors claim they can't survive on is still much higher than is paid by any healthcare system in any other country on the planet. So why is it that doctors and hospitals in the US charge more than in Japan, Germany, France, the UK, etc., while at the same time delivering inferior medical outcomes? Are they stupider or more wasteful? Or do they just have a higher profit margin? As a patient, I want to pay for healthcare, not profit margins.
And, on the flip side, 10m people are insured that weren't before. And lots of people's coverage is a lot better than it was before. And, on average, insurance rates only went up 2-5%, when it went up 6-10% annually pre-ACA. So from what I can see, insurance coverage is better, and costs are going up more slowly than ever in my lifetime. Not a bad deal.
On average, healthcare costs were going up 6-10% a year every year for decades, and 3-5% a year since ACA. So as a public policy it's working.
So why is your insurance deal so much worse than what everyone else is getting? What's so different about your personal situation to drive your prices dramatically up with millions of people are seeing the opposite?
Healthcare costs have always gone up every year. The reality is that healthcare costs have gone up under ACA at half the rate of the pre-ACA increases (3-4% under ACA, vs. the 6-10% annual increases every year for decades!). That's better.
As for worse insurance, that's unlikely. For example, the insurance companies aren't allowed to waste more than 15% of what they are paid, when previously there was no limit. And they were allowed to take insurance away from people that had been paying for it, if they became sick and required expensive coverage. And they were allowed to refuse to insure people with "pre-existing conditions" so people could lose coverage if they switched jobs. And they could sell insurance that turned out to be worthless. And the leading cause of bankruptcy in the US was medical bills to PEOPLE WITH INSURANCE who were driven into bankruptcy by their insurance companies. All those practices are illegal, making everyone's insurance (and lives) better.
And hospitals don't have to lose a fortune on providing services to uninsured people, which they covered by inflating the charges on the insured patients. So because the uninsured rate at hospitals has dropped dramatically, hospitals can stop having to cover the loss. Which is one of the many reasons that healthcare costs have stopped skyrocketing.
And 10m people have insurance that didn't, and will therefore lead healthier lives, which is an ethical improvement. If you care about people.
Of course, all of the "nullification" laws get thrown out by the courts, but it gives the state legislatures a chance to grandstand for their dumber voters.
Note also that in reality the state and local governments are less competent and more corrupt (on average) than the federal government. Because there's _way_ less oversight the more local the government is.
In reality, of course, the reason that the web site had problems is that it's an absurdly complex integration of hundreds of back-end systems driven by the perverse insistence that we avoid the simple, efficient solution (let everyone buy into Medicare, a one sentence change to the law requiring no new technology) in order to create more opportunity for state-level corruption and political sabotage.
First to file doesn't mean that you can ignore prior art. It means that if two different inventors patent the same invention, the first filing "wins". But if someone else invented the same thing, and publicly disclosed it but didn't file a patent, before either of those patents, then it would be prior art.
The patent was filed in 2008 - it just took until now to issue. So some lawsuit might hinge on _when_ in 2008 Apple and Motorola filed these patents.:-)
Exactly! Pretty much no startup succeeded with their initial plan intact. The trick is to be agile yet decisive, which is a hard balance. You have to listen to the market and find an opportunity that "clicks", but at the same time you can't redirect every week.
I'd say that Google realizing that consumers don't want Glass, but enterprise customers do, is a pretty reasonable redirect. For another example, look at Apple - they change their minds about things based on market demand. They thought larger phones were a terrible idea, but a few years later the marketplace made clear that larger phones were a significant chunk of the market that they couldn't ignore. Heck, iPhone started with no apps and Apple saying that everything should be web-based, and the redirect to add the App Store turned into a huge success. You can't let yourself be locked into an initial vision and pass up real opportunities in favor of imaginary ones!
Google does all the heavy lifting on servers, for Glass and pretty much everything else that they do. The Glass just collects data and displays the results. It has barely any compute or storage, just enough to be a client to the web services, really. That's how they got it small, light, and relatively cheap (compared to previous similar devices).
Retinal scanning is great, but the goal is to ID people from a distance, so that the observer is just wearing Glass and watching a stream of people. If they're doing a retinal scan, they can also stop people and check IDs. Besides which, of course, normal people don't have a reference retinal scan to check against.
I agree that trying to do general population facial recognition would generate too many false positives, wasting everyone's time.
But there's also some room for optimization to improve the odds, and to find a use case that doesn't require perfection. For example, the system can narrow matches down to people with tickets for flights in the next few hours departing from that airport, and flag anyone who doesn't match for an ID check. To be useful it wouldn't have have to be 100% accurate, or match everyone in the universe, so it's an easier computation - it's value would be in letting security filter out 80% of the people that are known OK travellers, and interview the people that are out of that profile.
Um, no. Jon isn't just a guy hired to read stuff to the camera, it's his show, he runs the staff that produces the show, and he's responsible for selecting everything that goes on the air. He even writes a fair amount of the material. The bit on camera is just the icing on the cake.
That's due to US non-profit rules. That is, by US law (and the IRS) non-profits can have educational missions, but can't produce anything that's of direct benefit to for-profit companies. Since FOSS software can be used by for-profits and not just by non-profits, creating FOSS software can't be the primary mission of a non-profit. That's why the Apache Foundation, GNOME Foundation, etc., are non-profits set up to educate and promote, but can't directly fund development of the FOSS software. Yeah, seems a little silly, but the IRS is quite consistent on this point for decades now.
Sure, if we could disable all of the crud they piled on top, the core of Windows 8 is relatively good, as it's efficient and stable. But the crud on top is really, really irritating, and bloated, which is why Windows 7 looks so good in comparison. My PC that ran find in Win7 became almost unusable with Win8. I'm hoping someone writes an un-installer that rips our the crud, like there was for Vista.
I'm sure that's how you use Note.js, but as far as I can tell, the vast majority of the usage of Node.js is server side. And that's where it overlaps with PHP. They both can be used to do the same thing, but with different strengths. For example, if you're building a modern AJAX app, Node.js is very nice - it's very efficient, lets you use the same programming language for the client-side and server-side code, uses JSON to pass data, is event-driven, good at web services, etc. PHP's strengths are more for the old-school, non-AJAX web sites - it's easy to stick a database query into a web page to pull data and display it, etc. And, of course, there's an already-written PHP solution for almost everything which is it's real strength. For example, if you need a web site CMS, you pick one, and if it's written in PHP (most are) then you use PHP to write whatever plugins you need.
I worked for one corporation with a 30 day email retention policy, and the servers were configured that way. After that, anything of importance was supposed to be printed and filed for future reference. And this was in the 90s. Of course, people still had email on their desktops, etc., but I'd guess it let them respond to lawsuits' discovery in a more limited manner than trawling through all email ever sent by anyone about anything, limiting risk of embarassment. I follow the logic, but pragmatically speaking it's convenient to have past emails easily searchable.
It's easy to set up secure communications within a small, trusted group. So this won't affect any real terrorists that are organized enough to be a real threat. They just install PGP (for example), just as anyone else can. And since the security is end-to-end, it's secure no matter what mail system it passes through. And no matter what laws anyone passes, math still works, so end-to-end encryption is secure from anyone attacking the security. And it's open source, so they can't sneak in corruptions to subvert security. Math doesn't care about politics - if the attackers are your government, or foreign attackers, it's all the same math that protects your communications.
What it will do, though, is let them collect tons of data from from people who aren't serious terrorists. Think of the fun the can have with that!
The real answer to terrorism isn't increased surveillance, or the "magic pixie dust" of data mining, it's real police work. That's what's stopped ever terrorist attack (that's been stopped) so far. If they cared about security, instead of surveillance or big equipment contracts, they'd focus on the stuff that works. Hire lots of smart people, train them and equip them, and pay them well, to do the hard work. The rest, attempting to outlaw encryption, scanning people's shoes, etc., is all a stupid waste of time and money, degrading our society's freedom (i.e. doing what the terrorists want) while achieving nothing of value.
Slashdot Mirror
The article isn't actually about end-to-end email security, but about using web-based email, because you can't trust the contents of the browser window. The answer, of course, is to use a Mail app, and not web-based email. If you use a mail app, end-to-end security works great!
The real problem that needs solving isn't hacking PGP into web-mail, it's making certificate management user-friendly. And that's not even that hard to do!
Sure. But the goal was educational, not production, what they did is pretty reasonable. That is, they built a large cluster of computers for kids to learn parallel programming on, using dirt-cheap commodity components accessible to kids. Sure, it's not a supercomputer in that it won't be on the Top 100 list, but it's a good educational "trainer" supercomputer, in that learning parallel programming teaches the the programming models (though not the specific languages) used by the real supercomputers.
Now, if they could get FORTRAN running parallel on the cluster, that's be really useful for teaching kids to be ready for supercomputing! Not as 'hip' as Node.js, but really useful for doing supercomputing.
One correction - from what I've read Netflix demanded that Comcast give them direct transit for free, Comcast insisted that it be paid transit, through a provider, which is how pretty much all web sites operate - they pay their ISP, the web site's ISP buys transit to the consumer ISPs, and the traffic gets delivered. Netflix refused to buy more bandwidth from a provider, insisting that Netflix be able to bypass their ISP and deliver transit straight to Comcast, and they should get the transit for free from Comcast. Then Netflix tried to push more traffic to Comcast then their ISP was paid to deliver, the connections from Netflix to Comcast saturated and started dropping packets (or were throttled by Comcast, hard to tell from the outside). Netflix' bet was that if their service degraded on Comcast, they could tell their customers it was Comcast's fault, and force Comcast to provide transit for free to avoid the bad PR.
The rule only says that ISPs have to transit traffic without differentiating between it.
Paid caches aren't network transit. They're not affected by this rule.
Peering arrangements are network transit, but the rule just says the ISP has to deliver the traffic they're paid by customers to deliver, whether or not the ISP likes the specific web site the data is coming from. It's not relevant whether the transit is free (peering) or paid transit.
Albert Manero at his team at UCF are doing a great job. One bit I want to add: the community that he's working in is e-NABLE ( http://www.enablingthefuture.o... ). The "one note" stuff is just a Microsoft sponsorship deal, done after-the-fact, and while their financial and marketing sponsorship of Albert's work is awesome (his work takes time and money, even if he gives the results away for free), it would be better to credit the actual community that contributed to the design, not the made up community that MS created for marketing spin. In particular, the hand used in the Limitless design is Flexy Hand (http://www.thingiverse.com/thing:242639) by Gyrobot, who's a very cool guy who deserves some credit for his work.
No, the first amendment says that The People have the Right to form Well Regulated Militia. The Founders strongly opposed the idea of private armies, and in fact when people tried to set up their own military force outside of the Militia they were found guilty of treason and shut down by the army.
It's weird how modern gun salesmen have managed to twist "the people have a right to form well regulated militia" into "gun companies have the right to sell unlimited quantities of any kinds of guns to anonymous buyers over the internet".
Keep in perspective that the "too low" Medicare and Medicaid payment schedule that the hospitals and doctors claim they can't survive on is still much higher than is paid by any healthcare system in any other country on the planet. So why is it that doctors and hospitals in the US charge more than in Japan, Germany, France, the UK, etc., while at the same time delivering inferior medical outcomes? Are they stupider or more wasteful? Or do they just have a higher profit margin? As a patient, I want to pay for healthcare, not profit margins.
If you didn't notice any of the hundreds of good effects of ACA, perhaps silence is best.
"the assumed number of healthy young people to float Obamacare of course aren't and won't be there"
In reality, of course, the number of health, young people buying through the exchanges is more than was predicted.
And, on the flip side, 10m people are insured that weren't before. And lots of people's coverage is a lot better than it was before. And, on average, insurance rates only went up 2-5%, when it went up 6-10% annually pre-ACA. So from what I can see, insurance coverage is better, and costs are going up more slowly than ever in my lifetime. Not a bad deal.
Interesting anecdote.
On average, healthcare costs were going up 6-10% a year every year for decades, and 3-5% a year since ACA. So as a public policy it's working.
So why is your insurance deal so much worse than what everyone else is getting? What's so different about your personal situation to drive your prices dramatically up with millions of people are seeing the opposite?
Healthcare costs have always gone up every year. The reality is that healthcare costs have gone up under ACA at half the rate of the pre-ACA increases (3-4% under ACA, vs. the 6-10% annual increases every year for decades!). That's better.
As for worse insurance, that's unlikely. For example, the insurance companies aren't allowed to waste more than 15% of what they are paid, when previously there was no limit. And they were allowed to take insurance away from people that had been paying for it, if they became sick and required expensive coverage. And they were allowed to refuse to insure people with "pre-existing conditions" so people could lose coverage if they switched jobs. And they could sell insurance that turned out to be worthless. And the leading cause of bankruptcy in the US was medical bills to PEOPLE WITH INSURANCE who were driven into bankruptcy by their insurance companies. All those practices are illegal, making everyone's insurance (and lives) better.
And hospitals don't have to lose a fortune on providing services to uninsured people, which they covered by inflating the charges on the insured patients. So because the uninsured rate at hospitals has dropped dramatically, hospitals can stop having to cover the loss. Which is one of the many reasons that healthcare costs have stopped skyrocketing.
And 10m people have insurance that didn't, and will therefore lead healthier lives, which is an ethical improvement. If you care about people.
Of course, all of the "nullification" laws get thrown out by the courts, but it gives the state legislatures a chance to grandstand for their dumber voters.
Note also that in reality the state and local governments are less competent and more corrupt (on average) than the federal government. Because there's _way_ less oversight the more local the government is.
In reality, of course, the reason that the web site had problems is that it's an absurdly complex integration of hundreds of back-end systems driven by the perverse insistence that we avoid the simple, efficient solution (let everyone buy into Medicare, a one sentence change to the law requiring no new technology) in order to create more opportunity for state-level corruption and political sabotage.
First to file doesn't mean that you can ignore prior art. It means that if two different inventors patent the same invention, the first filing "wins". But if someone else invented the same thing, and publicly disclosed it but didn't file a patent, before either of those patents, then it would be prior art.
The patent was filed in 2008 - it just took until now to issue. So some lawsuit might hinge on _when_ in 2008 Apple and Motorola filed these patents. :-)
Exactly! Pretty much no startup succeeded with their initial plan intact. The trick is to be agile yet decisive, which is a hard balance. You have to listen to the market and find an opportunity that "clicks", but at the same time you can't redirect every week.
I'd say that Google realizing that consumers don't want Glass, but enterprise customers do, is a pretty reasonable redirect. For another example, look at Apple - they change their minds about things based on market demand. They thought larger phones were a terrible idea, but a few years later the marketplace made clear that larger phones were a significant chunk of the market that they couldn't ignore. Heck, iPhone started with no apps and Apple saying that everything should be web-based, and the redirect to add the App Store turned into a huge success. You can't let yourself be locked into an initial vision and pass up real opportunities in favor of imaginary ones!
Google does all the heavy lifting on servers, for Glass and pretty much everything else that they do. The Glass just collects data and displays the results. It has barely any compute or storage, just enough to be a client to the web services, really. That's how they got it small, light, and relatively cheap (compared to previous similar devices).
Retinal scanning is great, but the goal is to ID people from a distance, so that the observer is just wearing Glass and watching a stream of people. If they're doing a retinal scan, they can also stop people and check IDs. Besides which, of course, normal people don't have a reference retinal scan to check against.
I agree that trying to do general population facial recognition would generate too many false positives, wasting everyone's time.
But there's also some room for optimization to improve the odds, and to find a use case that doesn't require perfection. For example, the system can narrow matches down to people with tickets for flights in the next few hours departing from that airport, and flag anyone who doesn't match for an ID check. To be useful it wouldn't have have to be 100% accurate, or match everyone in the universe, so it's an easier computation - it's value would be in letting security filter out 80% of the people that are known OK travellers, and interview the people that are out of that profile.
Um, no. Jon isn't just a guy hired to read stuff to the camera, it's his show, he runs the staff that produces the show, and he's responsible for selecting everything that goes on the air. He even writes a fair amount of the material. The bit on camera is just the icing on the cake.
That's due to US non-profit rules. That is, by US law (and the IRS) non-profits can have educational missions, but can't produce anything that's of direct benefit to for-profit companies. Since FOSS software can be used by for-profits and not just by non-profits, creating FOSS software can't be the primary mission of a non-profit. That's why the Apache Foundation, GNOME Foundation, etc., are non-profits set up to educate and promote, but can't directly fund development of the FOSS software. Yeah, seems a little silly, but the IRS is quite consistent on this point for decades now.
9/11 was under Bush. Are you arguing that Obama made Bush de-prioritize counter-terrorism?
Sure, if we could disable all of the crud they piled on top, the core of Windows 8 is relatively good, as it's efficient and stable. But the crud on top is really, really irritating, and bloated, which is why Windows 7 looks so good in comparison. My PC that ran find in Win7 became almost unusable with Win8. I'm hoping someone writes an un-installer that rips our the crud, like there was for Vista.
I'm sure that's how you use Note.js, but as far as I can tell, the vast majority of the usage of Node.js is server side. And that's where it overlaps with PHP. They both can be used to do the same thing, but with different strengths. For example, if you're building a modern AJAX app, Node.js is very nice - it's very efficient, lets you use the same programming language for the client-side and server-side code, uses JSON to pass data, is event-driven, good at web services, etc. PHP's strengths are more for the old-school, non-AJAX web sites - it's easy to stick a database query into a web page to pull data and display it, etc. And, of course, there's an already-written PHP solution for almost everything which is it's real strength. For example, if you need a web site CMS, you pick one, and if it's written in PHP (most are) then you use PHP to write whatever plugins you need.
I worked for one corporation with a 30 day email retention policy, and the servers were configured that way. After that, anything of importance was supposed to be printed and filed for future reference. And this was in the 90s. Of course, people still had email on their desktops, etc., but I'd guess it let them respond to lawsuits' discovery in a more limited manner than trawling through all email ever sent by anyone about anything, limiting risk of embarassment. I follow the logic, but pragmatically speaking it's convenient to have past emails easily searchable.
It's easy to set up secure communications within a small, trusted group. So this won't affect any real terrorists that are organized enough to be a real threat. They just install PGP (for example), just as anyone else can. And since the security is end-to-end, it's secure no matter what mail system it passes through. And no matter what laws anyone passes, math still works, so end-to-end encryption is secure from anyone attacking the security. And it's open source, so they can't sneak in corruptions to subvert security. Math doesn't care about politics - if the attackers are your government, or foreign attackers, it's all the same math that protects your communications.
What it will do, though, is let them collect tons of data from from people who aren't serious terrorists. Think of the fun the can have with that!
The real answer to terrorism isn't increased surveillance, or the "magic pixie dust" of data mining, it's real police work. That's what's stopped ever terrorist attack (that's been stopped) so far. If they cared about security, instead of surveillance or big equipment contracts, they'd focus on the stuff that works. Hire lots of smart people, train them and equip them, and pay them well, to do the hard work. The rest, attempting to outlaw encryption, scanning people's shoes, etc., is all a stupid waste of time and money, degrading our society's freedom (i.e. doing what the terrorists want) while achieving nothing of value.