So maybe it's time for the good developers to simply walk away. The downside to jailbreaking and rooting has generally been that you're losing security. But if the cost of being a bit more secure was that you only had access to the garbage provided by outright thieves protected by Apple and Google, more and more people would want to escape from their walled gardens.
Well, Apple supports a way to side load apps that's been (ab)used to pirate apps. It is official and has been available since iOS 9. And you don't need MacOS to do it either - there are tools for Windows to do the same as well.
If you're a developer and don't want to have to buy copies of the sideload apps, then you can always distribute your app as SOURCE CODE and use Apple's Xcode as a free-to-deploy to any iOS device you own.
And that's that - you can side load apps officially on iOS - without breaking through the protections the OS offers. You can either decide to pay a bunch of pirates a few dollars a month to do it, or you can distribute your app as source code and have the user compile it. There is apparently a huge library of never-allowed-on-app-store apps available like emulators and such because of this.
You know, you can look that stuff up online now, using your phone. It's what I would do in such a case. If I'm traveling on my regular airline, I've already got the details in their app. I know what gate I'll be arriving at and departing from.
In a lot of places that isn't possible, roaming data rates are such that you pretty much "live without" until you can find free WiFi around (because paid WiFi is still a thing).
Your solution is great if you're in the EU and all that, not so much if you're from places with more backwards ideas of roaming.
Going on a limb here, I donâ(TM)t think google invented sporting event sponsors, and we still have to pay $$$ to get into an event with advertising, merchandise, new cars for sale parked at the entrance, $10/cup beer every ten feet. Not sure what google changes with this dynamic.
This ainâ(TM)t the Internet, advertising can fully fund operations of some websites, not train rides and MLB events.
Seriously, how much beer per person annually would need to be bought for Miller to fully pay for you to sit on some light rail staring a beer poster for 30m? Then if people were buying THAT much beer already why even advertise?
Advertising pays for most or all of it. Those sports games on TV? Guess how much money gets tossed around in advertising just to show it on TV. The Superbowl with its $10M 30 second spot is on the high side, but a sports event on TV can pull in several tens to hundreds of millions of ad dollars.
Ticket prices generally go to the team, who pay the players, pay the league, and that's about it. Players can supplement their income with sponsorships (aka ads), but teams in general are very limited in what advertising they can do. Most of the ads are done by the league itself and they make the huge money - though more is generally made from TV.
All the other gouging is well, someone has to pay for the arena and all that as well as captive audience profits. You don't go to a fair and pay $10 for a corndog because it costs that much, you pay $10 because you're stuck in the fair and that's what everyone wants you to pay.
And here's a 30 minute opportunity for a captive audience. One that is truly captive - being underground, cell signals might be hard to get (they usually have a passive cable repeater or active repeaters in order to bring cellular underground) so everyone is stuck looking awkwardly at each other for 30 minutes.
Well that has to work both ways. Quite a few HR people and recruiters have this arrogant tendency to consider themselves entitled to treat applicants like trash. I've applied for jobs with certain recruiting agencies and companies and never heard from them again. I've been sent (at my own expense) considerable distances to be interviewed by people who clearly hadn't even read my CV. A recruiter will do that to me exactly once. After that, guess whose job adverts are ignored and whose e-mails and messages go straight into the waste basket? Recruiters should just get used to the idea that if they reserve the right to ghost job applicants, give them the run-around or send them on bogus interviews, applicants are going to treat them the same way. Respect is a two way street.
Not responding to an email and not showing up at your scheduled appointment are two very different things. The first costs very little. So companies are free to ignore your emails and you're free to ignore theirs. The overall cost is low on both sides.
But once an appointment is made, resources are committed and it's only basic courtesy to call ahead if you need to reschedule, on both sides. Sure the people may have been unprepared (I've had it done to me - been asked to do an interview with someone right now and handed a CV), but at least everyone had the courtesy to show up.
It's only bad when either side ditches without prior notice - if you decide to now show up to an appointment you agreed to, or if you show up and everyone there doesn't know what to do with you. That is generally seen as rude and very bad since both people have committed.
I mention "agreed to" - an appointment sprung suddenly on you is voidable - unless a time and place are agreed to it's not settled yet. And given sometimes the quickness of it, if someone asks you to come in tomorrow at 8AM and you get the email at 5pm the day before, it's fine to not show up. It would be nicer if you could reply and say it wouldn't work for you (other plans, perhaps, or the need to take time off from work) but there's also no guarantee any email sent after 5pm would be received in time (perhaps you only see it at 7am the next day).
Looking forward to spending under $100 for a 1tb 2.5inch laptop drive
Won't happen. At the "Crashed" price of 8 cents a GB, 1000GB is $80. Given markups and profits, that would be at best, around $150-$200.
And generally speaking, it's not likely to crash. If they can predict a crash a year ahead of time, then manufacturers will scale back their production. Prices might drop a bit, but not to the extremes of a quarter the price.
This is especially so as memory makers have a company that they basically hire to soak up demand - Kingston. It's why Kingston's quality can be so variable - one day they're making product based on Samsung's overruns, while the next day they're making the same product using Toshiba's overruns. It's why you can buy Kingston products generally cheaper
Which planet are you from? You can still take a Color Computer 3 or a Commodore 64 from decades ago, plug them in and they will start instantly just like they did when they were brand new.
No. you'll smoke them. Especially the C64. The power supplies the things use tend to go bad and when they go bad, they lose regulation and output a higher voltage. You do this and you'll actually likely kill the C64.
It's why they make devices that can be used inline of the power supply output that will detect this condition and basically go open so the C64 will not be powered.
And why they make 3rd party replacement power supplies based on modern technology where this won't happen again, runs much cooler (since they use modern switching technology instead of the old school linear power supplies).
And no, more advancecd systems like Amigas, original Macs, etc., are more than likely to be dead because these units had their own form of "planned obsolescence" - they had batteries on the mainboard. If they leaked, they often corroded the main PCB requiring a tedious repair of replacing broken tracks, replacing corroded components, etc.
And that's provided they didn't use devices with embedded batteries - it was very popular to use Dallas (now Microchip) all-in one RTCs and SRAMs with batteries built in. These units are generally good for 20 years, but that's it.
We built a lot of things to blow up in the past. "Suicide boards" are actually a thing in the arcade community.
Why bother streaming when it's available commercial-free in a harbor for rogue sailors?
Why do we prosecute GPL violators so harshly? I mean, information wants to be free, right? And violating the GPL, or more correctly, ignoring the GPL is a copyright violation. The same thing that you do at the harbour for rogue sailors.
Yes, the GPL is completely optional. If you don't agree to it, The license to use the software reverts to all rights reserved as covered by standard copyright law. That's why we call these licenses copyleft - without copyright, they're useless.
Not much difference between downloading music, or movies (without permission) and releasing Linux without source.
I agree, this kind of thing is "seat of the pants" stuff that you just have to do without thinking. Uncoordinated flight is something that is really hard to simulate the forces on your butt for, but good pilots just feel and correct. It's like keeping a car in the middle of the lane when driving, you just do it, you don't have to think about it. That takes air time in a real aircraft with a CFI yelling at you to keep the ball in the middle. I found that an actual spin, when I did it wrong, was quite instructive when I got sloppy practicing departure stalls. Scared the heck out of me when it snapped over but after that I understood what it felt like and found it easier to just do it without thinking.
Which is why simulator training is traditionally reserved where seat of the pants flying is disallowed, like IFR.
VFR training typically takes place in real aircraft not because flight schools want to rip you off, but because things like coordinated flight and flight with reference to the horizon requires a lot of "feel". And while you can get full motion simulators fairly cheaply (about $100K or so) thanks to modern technology, it's still quite new and there aren't much guidelines about using them for primary training.
But even a sit down simulator is great for IFR training - where seat of the pants flying can get you into real trouble (see VFR into IMC accidents). Here, your primary goal is to not trust what you feel, but to trust what your instruments are telling you.
It depends on the ABS. I had a cheap system in my old car and hit a pothole as I was approaching an intersection on a dry sunny day. The ABS thought the car was slipping, because the wheel turned more than the others, and at the same time the car ahead stopped unexpectedly. The ABS came on for a full 2-3 seconds and my stopping distance was probably double dry pavement. This almost caused an accident in otherwise great conditions.
Same goes for traction control. If it's a quality system that controls the input torque to each wheel then it's actually great in snow or ice. But if it's a bargain system that applies the ABS to each wheel to regain control then it's garbage and a decent driver can do far better with it disabled. The WRX I drive now has such a garbage system that there is even a stock button to disable it.
Dirty secret: ABS will always perform worse than a trained driver who can pump the brakes or even threshold brake. The reason ABS is so effective is most drivers are not trained, and pumping/threshold braking is a very complex skill to apply at a time when your brain has effectively "locked up" (i.e. panic situation). That's why ABS is so effective - the driver is trying to panic stop, and in a panic humans generally lose a lot of higher level thinking skills. So what will most humans do? Slam on the brakes, which is where ABS will shine since that's all they need. And thus, most normal drivers will benefit from ABS. Professional drivers don't need it since they can anticipate the problem and calmly execute the panic stop as if was another day on the roads0
Also, the button to disable ABS is not there because it's garbage. It's there because your car is likely used to perform stunts and there's a lot of things ABS interferes with that would be not normal driving, but sport driving. (Drifting, for example, requires wheel slippage so you must disable ABS if you want to do this). Or if you want to achieve maximum braking performance.
Mylan has patent protection that lasts through 2025. So why is a generic version coming to market now? Mylan to launch generic version of EpiPen, at half the cost
Because the patent is on the device itself. The drug is generic and has been for many years (hint: you can buy it super cheap - the dispensing fee probably costs more than the drug itself).
If you don't do what the patent says, you can get a new patent on your auto drug dispenser.
I'm just curious, why are Epi Pens not already generic?
Then observe the value of competition... The market works, if you let it.
The drug (Epinephrine) is generic and the amount in an EpiPen costs under $1 at the pharmacy. It's super cheap and super available.
The part that's patented is the "auto-injector" part. You know, the bit that you jab into your leg and it injects that drug into you. And that's the part they pumped up the prices up on even though it's probably made up of plastic and metal that costs under $1 in raw materials.
The reason you need to have two EpiPens is that one may not have enough dose, and getting approval for an auto injector that has twice as much drug just costs a lot of money. When they're already tossing money in your direction, why bother?
Think we might still call that a no. It honestly sounds like they weren't being secretive about it at all.Think we might still call that a no. It honestly sounds like they weren't being secretive about it at all.
The question is not why, but how. I mean, it's a website, after all. Somehow Apple forced Yahoo to shut down their website? For what benefit? Did Apple go after all the developers and remove their apps or something?
What did Apple do that got Yahoo Japan so legitimately scared they shut down their website? I can't imagine Yahoo being such a big player on iOS that removing their app would have any big effect. Perhaps Apple could've gone after the developers themselves and removed their apps, but with some like Square Enix, that seems unlikely. It's not like Apple could suddenly take more than 30% of every sale.
About the only way I can think of is it would've run like crap in Safari and they wanted to app-ify their website. Even then I don't see the problem since Android is huge over there as well.
What magic power does Apple have to cause Yahoo Japan to retreat? Something that Android doesn't have?
Sure, AT&T might provide horrible security, so their mobiles are not a good 2nd factor.
But isn't as much blame to put on whoever maintained the first factor? The article doesn't tell us how and why that factor failed...
No, a phone number is not a second factor
NIST recommendations a few years ago have determined that a phone number is no longer eligible as a "second factor". This includes anything that involves using the phone number - SMS, phone calls, etc. NIST has forseen that phone numbers are not unique identifiers and cannot be "something you have" - because it's something other people can have as well. Basically, a phone number does not identify a unique phone.
And with hacks to SS7 and all that, things can be hijacked.
The only way to use a phone as a second factor is through authentication apps that basically generate a unique key per device and thus cannot be cloned.
Chances are, the AT&T service terms will let him claim only direct damages - damages caused by loss of service so things like a replacement SIM card, the days of service he missed and perhaps any bills that got run out. Indirect damages are almost always excluded, so if loss of service causes you to miss a stock trade or something, those losses wouldn't be eligible.
And this is nevermind the ineffective "2FA" used by the exchange. (And likely, coinbase will be indemnified on that loss as well).
Your cell doesn't track your heart rate, and I haven't seen an app that does anything like my fitbit for tracking my sleep, but maybe there is.
Apple Watches have apparently saved a few lives because they warned of dangerous heart rates that caused the person to actually visit a doctor and discover they had a serious heart condition.
Short of a massive heart attack, a lot of heart conditions aren't found unless a doctor looks for them. The watch merely pointed out something was seriously wrong and to actually seek medical attention.
Google "apple watch saves lives" and it'll bring up dozens of articles on dozens of people who were alerted that something was wrong.
It's been around so long and it's survived this long. Too many people aren't capable of scanning something, then emailing it. Any bets on when the last fax machine will be taken out of service? 20 years? 30?
That's because fax is simple. It's a technology that's really boiled down what it does to the ultimate in simplicity.
To set it up, you connect it to a phone line and power. You can set it up further if you want, but as far as its basic needs, they've been met.
To send a fax, you stick the paper into the document reader, dial the number and press start. The machine will figure out what to do and your pages are magically sent off to the recipient. Hope you got your number right.
To receive a fax, you really do... nothing. It just sits there and answers the phone.
Some fax machines even print you a receipt after it's done.
Brain dead simple.
Try emailing a scan to someone, and how many steps that requires - from scanning the document to your computer and then attaching it to send out. Even with software that automates it all, it's still not quite dump it, push it, and forget about it.
If you have a fancy scanner, it may allow you to scan to email so you can almost do it by entering the recipient's email at the machine. But few scanners do this.
You're far more likely to just have someone take a photo of the document and send it via mms or something.
Not going to happen, the average gamer is a fucking moron. The last 20 years of PC gaming we've seen a shift from games we owned and controlled to games companies own largely because gamers are morons and technologically illiterate. The fact that mmo's and f2p microtransaction games even exist is proof the average person on our planet is a moron.
Surprisingly, when Microsoft tried to do what happened on the PC, everyone objected. And Microsoft offered the chance to resell your used digital games It forced Microsoft to backtrack on the whole thing and redo their DRM system.
Of course, a few years later everyone hates discs and wants digital, so it appears not only do we end up where Microsoft wanted us to be, we've lost all the features they were going to add.
Can someone explain? The tariffs are designed to help American manufacturing, they make American products cheaper than foreign products. And as for shortages, a PC case manufacturer needs thin sheet steel, paint, plastic, and LEDs. Don't tell me you cannot get sheet steel in America any longer? Also, the margins on cases should be astronomical, 5 lbs of steel and a few LEDs, an ounce of black paint and a few plastic parts probably take 5-8 dollars in material costs. The only problem in the industree should be that China can make them cheaper which can be solved with the appropriate tariffs.
No. The tariffs on steel and aluminum do not help manufacturers. They only help steel and aluminum producers.
That's why people hate tariffs - it's a form of industry picking.
The tariffs make foreign steel and aluminum 20% more expensive. BUT, this does not mean US steel and aluminum is cheaper! If the imported stuff is 20% more expensive, you know what happens? The locals will make their stuff more expensive!
Think of it this way - you make a widget for $100 (say it costs you $80 to make). Because of foreign imports of the same widget, they can sell for $90. You can sell for $90 to compete. But how, there's a 20% tariff on them so their widgets cost $108 ($90 + $18 20% tariff). You as a businessman have a choice - sell your widget for $90 (make $10), sell it for $100 (make $20), or sell it for $108 and make $28. There's no reason to sell for $90, or even $100. You'd sell it for $108 because the government just gave you a gift of more profit.
People who buy your widget as a base of their product used to buy it for $90. Now they're forced to buy it for $108. Local industry is making more profit because why not - their stuff costs more so you can raise your prices, so sucks for everyone else.
So US steel and aluminum makers are happy - they get to charge 20% more for their product. Consumers of steel and aluminum are screwed, because their raw material costs just went up.
The final problem is companies the stupid and fat off the bigger profit, but they also get less competitive - if the tariffs are removed, there is no way they can compete. The rest of the world got more efficient and now your industry is real trouble because instead of investing those extra profits they grew fat lazy and stupid and noncompetitive. Meanwhile, industries dependent on those materials would likely have moved elsewhere where they can make their product more competitively because they still need to compete on a world stage.
If tariffs worked, the Great Depression wouldn't have been such a big thing. History is right there. Of course, the problem is the steel and aluminum unions are fairly powerful, sucks to be a company needing to actually build stuff from the now more expensive steel and aluminum.
As for PC cases, the raw materials are really cheap, but the manufacturing is not. CaseLabs makes custom cases so in general they aren't mass manufactured items (which you can use jigs and other things to reduce manufacturing costs). You give them CAD designs and assembly instructions and they will do the necessary hole cutting, nesting, bending, folding, deburring, threading, and other things and out pops a case. They're really nice cases too. And painting is an art - priming, sanding, painting, clearcoating, etc.
Even the switches and LEDs still require a technician to solder them together, something most companies subcontract to China because the cost is so much lower to have them mass produce 10,000 switches with a header plug solder than do it in the US. You can do it in the US, but the cost is higher. (And it's better you use those technicians for more interesting case making work than dull soldering jobs).
No they sacrefice cpu clock to prelongg odage/stanby timeon a degraded batery, is it optimal for evryone? No but it eas a feaction to complaints about poor batery pergformanc (have to charge all the time etc) on older devces. Shuld wppl hav ntrudused a setting for batery life cves performsnce, hindsight yea probably. But i doubt they intentionaly slw down their devises just to bush new device sales
In Android terms, the iPhone slows down when it boot loops. The OS detects it couldn't boot properly (and the usual cause is the battery cannot sustain the power requirement, especially during power hungry boot cycles) and slows down the CPU.
So instead of a boot looping phone, you get a phone that's in "limp home" mode - it's working and going to work.
There's a few cases of boot looping Android phones being "rescued" by installing modified kernels that disable stuff. Guess what? You're doing the same thing Apple did - disabling high power CPU cores so you can boot and run on a degraded battery.
Apple's method may be crude, but it's better than a boot looping phone. A slow phone that still works on a bad battery is far better than a phone that won't boot. At least you can make an emergency call.
Is the separate RISC core actually on the silicon or just in the patent? Time to get out the fuming sulfuric acid.
I don't think it's a separate RISC core. It's likely the main RISC core running x86 code. You see, for every processor of Pentium Pro era and afterwards, the "CPU" doesn't execute x86 instructions. Instead, there's a RISC core and a dynamic instruction translator that converts x86 instructions into RISC instructions.
On Intel at least the x86 "front end" consists of around 3-4 "instruction crackers" that can take relatively simple x86 instructions and emit up to 2-3 RISC instructions every clock cycle. There is also a more complex instruction unit that handles the complex x86 instructions. Attached to this is a cache so if the same instruction comes around again, it's not translated but simply re-issues the instructions again.
This is one reason why Spectre and Meltdown were particularly bad on Intel - as the core is relatively independent it will cache things that architecturally it shouldn't but the core didn't know any better.
And no, no x86 natively runs x86 code anymore - it's all dynamically translated into an underlying RISC machine. Nonetheless, Spectre attacks are on general optimizations made which affect all architectures using those optimizations.
As for why this processor allows this mode, I can think it's for special software implemented features - instead of implementing things in hardware, sometimes it's done in software and drivers can use this gateway to turn off the x86 translator and run native RISC code directly for performance reasons. Centaur is not a particularly fast chip, so being able to optimize heavy media applications by dropping into the native RISC mode can speed up things at the driver level.
Almost all IT security these days is "cheaper than possible" because the people in charge are not able to do risk management. Until there are "reference catastrophes" of sufficient magnitude, they will mistakenly believe they are safe and do nothing. Then they will find out that decades of mismanagement are not easy to fix. It is always the same story. It is always utterly stupid. It is always completely obvious to actual experts what is going on, but nobody listens to them.
The leadership we have on all levels is not modern, educated, enlightened. It is cave men (and the occasional cave-woman) dressed in suits, full of themselves, greedy, corrupt and utterly incompetent and unsuitable to fill their core responsibilities.
A few problems.
First, you cannot tell the difference between good security and bad security. It always changes, and what was once good policy can turn out to be really bad policy. E.g., forcing password changes on intervals (e.g., every 30-90 ddays). Or using SMS as a valid form of 2FA.
Second, like a lot of IT work, the better you're at it, the worse you look. A good sysadmin would hardly life a finger to do anything - it's all taken care of and often things are proactively maintained so emergencies practically are rare. Thus the admin looks like he does nothing all day - because he's made sure it all takes care of itself. Likewise, proper security practices look like nothing is happening - you may get attacked, but your defenses withstood the attack, so it looks like nothing happened. Where else has this happened? Well, lots of people believe the Y2K bug was severely overhyped because nothing happened, and that was purely because the worst stuff was fixed. But people maintain it was a waste of money because nothing happened.
Third, security is hard. Defenders have to protect every potential point of entry, while attackers only need one. Just because you're defending against attack #1, doesn't mean you're not vulnerable to attack #2. It just seems you're doing a good job.
It's practically impossible to dictate the worth to the company - it's like buying a stone that wards off elephants - you're trying to convince people, effectively, "You want $X per year to make sure... nothing happens?".
And even worse, you can't compare - perhaps you spent $0 this year, and are safe because you got lucky on #3.
There's no really clean answer to it - look like a chump for paying millions per year, look like a hero for not. Look like a chump for paying millions and still getting attacked, look like a hero for paying nothing and not. There's no answer to any of this.
And even worse, do too much and you can make yourself even more exposed because your users will rebel when you interfere with their work.
I would be extremely reluctant to accept a milestone based contract. If problem come up that are not my fault but which delay the milestones then I'm going to be paying for that.
As a company I'd be worried that the contractor is only interested in hitting the milestones as quickly as possible, rather than delivering good code or a robust system.
It's all about risk management. In regular business contracts, pay per milestone is also known as Firm Fixed Price (FFP) - the price is fixed and based on effort estimates alone. Sometimes there may be continguencies but the risk is borne by the undertaker, so the price generally reflects this. (i.e., it's cost of doing the work plus overheads, plus profit, plus risk margin).
The other method, pay by the hour is generally referred to as Time and Materials (T&M). Here the worker is paid by the hour to do the work and it can take as long as it does (up to a cap). The risk is borne by the customer and often the margins are much smaller
The thing that changes is usually changes. In FFP, changes are typically followed by a change request and a bill for new charges for the changes. On T&M, the change is usually absorbed into the contract (it just takes more time).
In addition, the first work inside FFP is agreeing to not only the requirements, but an acceptance test plan - the milestone markers will not be decided one way or another, but by passing the tests specified in the test plan. So M1 might be passing tests 1-5, M2 1-10, etc. Never accept any FFP without a test plan in place or at least have a test plan as a milestone that needs acceptance.
Do you know how many walled gardens there are for podcasts? I've helped a couple people list their RSS feed and I didn't post to anywhere near this number of services. If this were part of an open web, they would simply be indexed by search engines and no manual submission would be needed. You don't have to explicitly submit your web site to Google, Bing, Yahoo, DuckDuckGo, etc, so why should podcasts be any different? Sure, you can prefer manually-submitted entries. But expecting every podcast to know of every directory is insane.
The open web is indexed by search engines because eventually you're going to get a link to your content. But that can take days, weeks, months, or years depending on how high traffic the sites that link to your content are. Try it. Set up a website and see how long until Google etc., will index it. If it's not linked anywhere, they likely won't even notice.
Podcasts are a different beast - one podcast doesn't really "link" another. Sure you can get "please check out Guest Speaker's podcast!" but those don't really link. It's way too easy to create a podcast and u nless people index it, it likely won't be noticed. Perhaps if you own a website you can link to the podcast and thus get into the big directories through normal webcrawling, but if you don't publicize it, it won't get picked up.
If you want to verify what is happening, then you should monitor all the wireless traffic your phone sends. Compare it in a quiet environment and one with talking. See if the data sent from the device is enough for conversations.
For the most part it is in Apples best interest in not getting caught betraying our trust in its security feature. The easiest way to not get caught is to not do the action.
And knowing the publicity it would generate, it wouldn't surprise if me people have already done that. Since Apple is a big name and it would get you lots of publicity, I'm sure everything an iPhone does is heavily scrutinized. Every packet that is sent or received is analyzed for purpose, etc.
And I'm pretty sure they've done it using fake cellular networks too in order to capture any cellular data usage and packets as well.
One packet out of place and it'll be front page on all the mainstream media within the hour, and Tim Cook hauled in front of Congress in 2.
This is especially so since I think even Siri is doing less and less in the cloud and more and more on device
Did the find a flaw in the Transmission Control Protocol? Or in the Linux implementation of same? In the latter case, that's a Linux bug, not TCP.
Most flaws found have been implementation flaws (e.g., xmas attack and others), I think the only real TCP flaw was SYN-flooding with spoofed hosts. Before everyone switched to syncookies, doing so would consume resources on the host for book-keeping of those half-open connections (until it timed out). Now that everyone uses syncookies to do the book-keeping of TCP half-open connections with zero overhead, it's not an issue.
Here it's a Linux/BSD issue where the stack hangs onto packets that arrive out of order until the buffers run out which forces the kernel to coalesce the packets to free up memory (which is an expensive operation). The fix is to recognize the situation and simply drop the packets - it's TCP, they're not acknowledged yet so dropping is the best thing to do.
AC the math of the speed per face detection is well understood. The international and national database work needed to match a face with is not new. Who is allowed into Japan for the sport event is understood. Japan can count and do math on every face entering japan. Every face that then returned to their own nations after the sports. How long they are allowed to stay in Japan is set. Show up on camera a set time after the sporting events are over and get detected.
They actually have deployed the technology now - several event halls and such use it in place of the ticket. The face is scanned when the ticket is purchased and is now linked to the ticket for entry purposes. When you sign in, your face is scanned, and if it matches, you're through. If it fails (either someone with a similar face is matched, etc), you show your ticket to get in.
It is surprisingly quick - roughly under a couple of seconds, and naturally the efficient Japanese like it since they can get through the gates much faster than if they showed their tickets and have those scanned through (which takes a few seconds more.
It's especially handy for limited events - fan clubs and such getting exclusive access means the fan club itself simply provided the photos so only members can enter
Slashdot Mirror
Well, Apple supports a way to side load apps that's been (ab)used to pirate apps. It is official and has been available since iOS 9. And you don't need MacOS to do it either - there are tools for Windows to do the same as well.
If you're a developer and don't want to have to buy copies of the sideload apps, then you can always distribute your app as SOURCE CODE and use Apple's Xcode as a free-to-deploy to any iOS device you own.
And that's that - you can side load apps officially on iOS - without breaking through the protections the OS offers. You can either decide to pay a bunch of pirates a few dollars a month to do it, or you can distribute your app as source code and have the user compile it. There is apparently a huge library of never-allowed-on-app-store apps available like emulators and such because of this.
In a lot of places that isn't possible, roaming data rates are such that you pretty much "live without" until you can find free WiFi around (because paid WiFi is still a thing).
Your solution is great if you're in the EU and all that, not so much if you're from places with more backwards ideas of roaming.
Advertising pays for most or all of it. Those sports games on TV? Guess how much money gets tossed around in advertising just to show it on TV. The Superbowl with its $10M 30 second spot is on the high side, but a sports event on TV can pull in several tens to hundreds of millions of ad dollars.
Ticket prices generally go to the team, who pay the players, pay the league, and that's about it. Players can supplement their income with sponsorships (aka ads), but teams in general are very limited in what advertising they can do. Most of the ads are done by the league itself and they make the huge money - though more is generally made from TV.
All the other gouging is well, someone has to pay for the arena and all that as well as captive audience profits. You don't go to a fair and pay $10 for a corndog because it costs that much, you pay $10 because you're stuck in the fair and that's what everyone wants you to pay.
And here's a 30 minute opportunity for a captive audience. One that is truly captive - being underground, cell signals might be hard to get (they usually have a passive cable repeater or active repeaters in order to bring cellular underground) so everyone is stuck looking awkwardly at each other for 30 minutes.
Not responding to an email and not showing up at your scheduled appointment are two very different things. The first costs very little. So companies are free to ignore your emails and you're free to ignore theirs. The overall cost is low on both sides.
But once an appointment is made, resources are committed and it's only basic courtesy to call ahead if you need to reschedule, on both sides. Sure the people may have been unprepared (I've had it done to me - been asked to do an interview with someone right now and handed a CV), but at least everyone had the courtesy to show up.
It's only bad when either side ditches without prior notice - if you decide to now show up to an appointment you agreed to, or if you show up and everyone there doesn't know what to do with you. That is generally seen as rude and very bad since both people have committed.
I mention "agreed to" - an appointment sprung suddenly on you is voidable - unless a time and place are agreed to it's not settled yet. And given sometimes the quickness of it, if someone asks you to come in tomorrow at 8AM and you get the email at 5pm the day before, it's fine to not show up. It would be nicer if you could reply and say it wouldn't work for you (other plans, perhaps, or the need to take time off from work) but there's also no guarantee any email sent after 5pm would be received in time (perhaps you only see it at 7am the next day).
Won't happen. At the "Crashed" price of 8 cents a GB, 1000GB is $80. Given markups and profits, that would be at best, around $150-$200.
And generally speaking, it's not likely to crash. If they can predict a crash a year ahead of time, then manufacturers will scale back their production. Prices might drop a bit, but not to the extremes of a quarter the price.
This is especially so as memory makers have a company that they basically hire to soak up demand - Kingston. It's why Kingston's quality can be so variable - one day they're making product based on Samsung's overruns, while the next day they're making the same product using Toshiba's overruns. It's why you can buy Kingston products generally cheaper
No. you'll smoke them. Especially the C64. The power supplies the things use tend to go bad and when they go bad, they lose regulation and output a higher voltage. You do this and you'll actually likely kill the C64.
It's why they make devices that can be used inline of the power supply output that will detect this condition and basically go open so the C64 will not be powered.
And why they make 3rd party replacement power supplies based on modern technology where this won't happen again, runs much cooler (since they use modern switching technology instead of the old school linear power supplies).
And no, more advancecd systems like Amigas, original Macs, etc., are more than likely to be dead because these units had their own form of "planned obsolescence" - they had batteries on the mainboard. If they leaked, they often corroded the main PCB requiring a tedious repair of replacing broken tracks, replacing corroded components, etc.
And that's provided they didn't use devices with embedded batteries - it was very popular to use Dallas (now Microchip) all-in one RTCs and SRAMs with batteries built in. These units are generally good for 20 years, but that's it.
We built a lot of things to blow up in the past. "Suicide boards" are actually a thing in the arcade community.
Why do we prosecute GPL violators so harshly? I mean, information wants to be free, right? And violating the GPL, or more correctly, ignoring the GPL is a copyright violation. The same thing that you do at the harbour for rogue sailors.
Yes, the GPL is completely optional. If you don't agree to it, The license to use the software reverts to all rights reserved as covered by standard copyright law. That's why we call these licenses copyleft - without copyright, they're useless.
Not much difference between downloading music, or movies (without permission) and releasing Linux without source.
Which is why simulator training is traditionally reserved where seat of the pants flying is disallowed, like IFR.
VFR training typically takes place in real aircraft not because flight schools want to rip you off, but because things like coordinated flight and flight with reference to the horizon requires a lot of "feel". And while you can get full motion simulators fairly cheaply (about $100K or so) thanks to modern technology, it's still quite new and there aren't much guidelines about using them for primary training.
But even a sit down simulator is great for IFR training - where seat of the pants flying can get you into real trouble (see VFR into IMC accidents). Here, your primary goal is to not trust what you feel, but to trust what your instruments are telling you.
Dirty secret: ABS will always perform worse than a trained driver who can pump the brakes or even threshold brake. The reason ABS is so effective is most drivers are not trained, and pumping/threshold braking is a very complex skill to apply at a time when your brain has effectively "locked up" (i.e. panic situation). That's why ABS is so effective - the driver is trying to panic stop, and in a panic humans generally lose a lot of higher level thinking skills. So what will most humans do? Slam on the brakes, which is where ABS will shine since that's all they need. And thus, most normal drivers will benefit from ABS. Professional drivers don't need it since they can anticipate the problem and calmly execute the panic stop as if was another day on the roads0
Also, the button to disable ABS is not there because it's garbage. It's there because your car is likely used to perform stunts and there's a lot of things ABS interferes with that would be not normal driving, but sport driving. (Drifting, for example, requires wheel slippage so you must disable ABS if you want to do this). Or if you want to achieve maximum braking performance.
Because the patent is on the device itself. The drug is generic and has been for many years (hint: you can buy it super cheap - the dispensing fee probably costs more than the drug itself).
If you don't do what the patent says, you can get a new patent on your auto drug dispenser.
The drug (Epinephrine) is generic and the amount in an EpiPen costs under $1 at the pharmacy. It's super cheap and super available.
The part that's patented is the "auto-injector" part. You know, the bit that you jab into your leg and it injects that drug into you. And that's the part they pumped up the prices up on even though it's probably made up of plastic and metal that costs under $1 in raw materials.
The reason you need to have two EpiPens is that one may not have enough dose, and getting approval for an auto injector that has twice as much drug just costs a lot of money. When they're already tossing money in your direction, why bother?
The question is not why, but how. I mean, it's a website, after all. Somehow Apple forced Yahoo to shut down their website? For what benefit? Did Apple go after all the developers and remove their apps or something?
What did Apple do that got Yahoo Japan so legitimately scared they shut down their website? I can't imagine Yahoo being such a big player on iOS that removing their app would have any big effect. Perhaps Apple could've gone after the developers themselves and removed their apps, but with some like Square Enix, that seems unlikely. It's not like Apple could suddenly take more than 30% of every sale.
About the only way I can think of is it would've run like crap in Safari and they wanted to app-ify their website. Even then I don't see the problem since Android is huge over there as well.
What magic power does Apple have to cause Yahoo Japan to retreat? Something that Android doesn't have?
No, a phone number is not a second factor
NIST recommendations a few years ago have determined that a phone number is no longer eligible as a "second factor". This includes anything that involves using the phone number - SMS, phone calls, etc. NIST has forseen that phone numbers are not unique identifiers and cannot be "something you have" - because it's something other people can have as well. Basically, a phone number does not identify a unique phone.
And with hacks to SS7 and all that, things can be hijacked.
The only way to use a phone as a second factor is through authentication apps that basically generate a unique key per device and thus cannot be cloned.
Chances are, the AT&T service terms will let him claim only direct damages - damages caused by loss of service so things like a replacement SIM card, the days of service he missed and perhaps any bills that got run out. Indirect damages are almost always excluded, so if loss of service causes you to miss a stock trade or something, those losses wouldn't be eligible.
And this is nevermind the ineffective "2FA" used by the exchange. (And likely, coinbase will be indemnified on that loss as well).
Apple Watches have apparently saved a few lives because they warned of dangerous heart rates that caused the person to actually visit a doctor and discover they had a serious heart condition.
Short of a massive heart attack, a lot of heart conditions aren't found unless a doctor looks for them. The watch merely pointed out something was seriously wrong and to actually seek medical attention.
Google "apple watch saves lives" and it'll bring up dozens of articles on dozens of people who were alerted that something was wrong.
That's because fax is simple. It's a technology that's really boiled down what it does to the ultimate in simplicity.
To set it up, you connect it to a phone line and power. You can set it up further if you want, but as far as its basic needs, they've been met.
To send a fax, you stick the paper into the document reader, dial the number and press start. The machine will figure out what to do and your pages are magically sent off to the recipient. Hope you got your number right.
To receive a fax, you really do... nothing. It just sits there and answers the phone.
Some fax machines even print you a receipt after it's done.
Brain dead simple.
Try emailing a scan to someone, and how many steps that requires - from scanning the document to your computer and then attaching it to send out. Even with software that automates it all, it's still not quite dump it, push it, and forget about it.
If you have a fancy scanner, it may allow you to scan to email so you can almost do it by entering the recipient's email at the machine. But few scanners do this.
You're far more likely to just have someone take a photo of the document and send it via mms or something.
Surprisingly, when Microsoft tried to do what happened on the PC, everyone objected. And Microsoft offered the chance to resell your used digital games It forced Microsoft to backtrack on the whole thing and redo their DRM system.
Of course, a few years later everyone hates discs and wants digital, so it appears not only do we end up where Microsoft wanted us to be, we've lost all the features they were going to add.
No. The tariffs on steel and aluminum do not help manufacturers. They only help steel and aluminum producers.
That's why people hate tariffs - it's a form of industry picking.
The tariffs make foreign steel and aluminum 20% more expensive. BUT, this does not mean US steel and aluminum is cheaper! If the imported stuff is 20% more expensive, you know what happens? The locals will make their stuff more expensive!
Think of it this way - you make a widget for $100 (say it costs you $80 to make). Because of foreign imports of the same widget, they can sell for $90. You can sell for $90 to compete. But how, there's a 20% tariff on them so their widgets cost $108 ($90 + $18 20% tariff). You as a businessman have a choice - sell your widget for $90 (make $10), sell it for $100 (make $20), or sell it for $108 and make $28. There's no reason to sell for $90, or even $100. You'd sell it for $108 because the government just gave you a gift of more profit.
People who buy your widget as a base of their product used to buy it for $90. Now they're forced to buy it for $108. Local industry is making more profit because why not - their stuff costs more so you can raise your prices, so sucks for everyone else.
So US steel and aluminum makers are happy - they get to charge 20% more for their product. Consumers of steel and aluminum are screwed, because their raw material costs just went up.
The final problem is companies the stupid and fat off the bigger profit, but they also get less competitive - if the tariffs are removed, there is no way they can compete. The rest of the world got more efficient and now your industry is real trouble because instead of investing those extra profits they grew fat lazy and stupid and noncompetitive. Meanwhile, industries dependent on those materials would likely have moved elsewhere where they can make their product more competitively because they still need to compete on a world stage.
If tariffs worked, the Great Depression wouldn't have been such a big thing. History is right there. Of course, the problem is the steel and aluminum unions are fairly powerful, sucks to be a company needing to actually build stuff from the now more expensive steel and aluminum.
As for PC cases, the raw materials are really cheap, but the manufacturing is not. CaseLabs makes custom cases so in general they aren't mass manufactured items (which you can use jigs and other things to reduce manufacturing costs). You give them CAD designs and assembly instructions and they will do the necessary hole cutting, nesting, bending, folding, deburring, threading, and other things and out pops a case. They're really nice cases too. And painting is an art - priming, sanding, painting, clearcoating, etc.
Even the switches and LEDs still require a technician to solder them together, something most companies subcontract to China because the cost is so much lower to have them mass produce 10,000 switches with a header plug solder than do it in the US. You can do it in the US, but the cost is higher. (And it's better you use those technicians for more interesting case making work than dull soldering jobs).
In Android terms, the iPhone slows down when it boot loops. The OS detects it couldn't boot properly (and the usual cause is the battery cannot sustain the power requirement, especially during power hungry boot cycles) and slows down the CPU.
So instead of a boot looping phone, you get a phone that's in "limp home" mode - it's working and going to work.
There's a few cases of boot looping Android phones being "rescued" by installing modified kernels that disable stuff. Guess what? You're doing the same thing Apple did - disabling high power CPU cores so you can boot and run on a degraded battery.
Apple's method may be crude, but it's better than a boot looping phone. A slow phone that still works on a bad battery is far better than a phone that won't boot. At least you can make an emergency call.
I don't think it's a separate RISC core. It's likely the main RISC core running x86 code. You see, for every processor of Pentium Pro era and afterwards, the "CPU" doesn't execute x86 instructions. Instead, there's a RISC core and a dynamic instruction translator that converts x86 instructions into RISC instructions.
On Intel at least the x86 "front end" consists of around 3-4 "instruction crackers" that can take relatively simple x86 instructions and emit up to 2-3 RISC instructions every clock cycle. There is also a more complex instruction unit that handles the complex x86 instructions. Attached to this is a cache so if the same instruction comes around again, it's not translated but simply re-issues the instructions again.
This is one reason why Spectre and Meltdown were particularly bad on Intel - as the core is relatively independent it will cache things that architecturally it shouldn't but the core didn't know any better.
And no, no x86 natively runs x86 code anymore - it's all dynamically translated into an underlying RISC machine. Nonetheless, Spectre attacks are on general optimizations made which affect all architectures using those optimizations.
As for why this processor allows this mode, I can think it's for special software implemented features - instead of implementing things in hardware, sometimes it's done in software and drivers can use this gateway to turn off the x86 translator and run native RISC code directly for performance reasons. Centaur is not a particularly fast chip, so being able to optimize heavy media applications by dropping into the native RISC mode can speed up things at the driver level.
A few problems.
First, you cannot tell the difference between good security and bad security. It always changes, and what was once good policy can turn out to be really bad policy. E.g., forcing password changes on intervals (e.g., every 30-90 ddays). Or using SMS as a valid form of 2FA.
Second, like a lot of IT work, the better you're at it, the worse you look. A good sysadmin would hardly life a finger to do anything - it's all taken care of and often things are proactively maintained so emergencies practically are rare. Thus the admin looks like he does nothing all day - because he's made sure it all takes care of itself. Likewise, proper security practices look like nothing is happening - you may get attacked, but your defenses withstood the attack, so it looks like nothing happened. Where else has this happened? Well, lots of people believe the Y2K bug was severely overhyped because nothing happened, and that was purely because the worst stuff was fixed. But people maintain it was a waste of money because nothing happened.
Third, security is hard. Defenders have to protect every potential point of entry, while attackers only need one. Just because you're defending against attack #1, doesn't mean you're not vulnerable to attack #2. It just seems you're doing a good job.
It's practically impossible to dictate the worth to the company - it's like buying a stone that wards off elephants - you're trying to convince people, effectively, "You want $X per year to make sure ... nothing happens?".
And even worse, you can't compare - perhaps you spent $0 this year, and are safe because you got lucky on #3.
There's no really clean answer to it - look like a chump for paying millions per year, look like a hero for not. Look like a chump for paying millions and still getting attacked, look like a hero for paying nothing and not. There's no answer to any of this.
And even worse, do too much and you can make yourself even more exposed because your users will rebel when you interfere with their work.
It's all about risk management. In regular business contracts, pay per milestone is also known as Firm Fixed Price (FFP) - the price is fixed and based on effort estimates alone. Sometimes there may be continguencies but the risk is borne by the undertaker, so the price generally reflects this. (i.e., it's cost of doing the work plus overheads, plus profit, plus risk margin).
The other method, pay by the hour is generally referred to as Time and Materials (T&M). Here the worker is paid by the hour to do the work and it can take as long as it does (up to a cap). The risk is borne by the customer and often the margins are much smaller
The thing that changes is usually changes. In FFP, changes are typically followed by a change request and a bill for new charges for the changes. On T&M, the change is usually absorbed into the contract (it just takes more time).
In addition, the first work inside FFP is agreeing to not only the requirements, but an acceptance test plan - the milestone markers will not be decided one way or another, but by passing the tests specified in the test plan. So M1 might be passing tests 1-5, M2 1-10, etc. Never accept any FFP without a test plan in place or at least have a test plan as a milestone that needs acceptance.
The open web is indexed by search engines because eventually you're going to get a link to your content. But that can take days, weeks, months, or years depending on how high traffic the sites that link to your content are. Try it. Set up a website and see how long until Google etc., will index it. If it's not linked anywhere, they likely won't even notice.
Podcasts are a different beast - one podcast doesn't really "link" another. Sure you can get "please check out Guest Speaker's podcast!" but those don't really link. It's way too easy to create a podcast and u nless people index it, it likely won't be noticed. Perhaps if you own a website you can link to the podcast and thus get into the big directories through normal webcrawling, but if you don't publicize it, it won't get picked up.
And knowing the publicity it would generate, it wouldn't surprise if me people have already done that. Since Apple is a big name and it would get you lots of publicity, I'm sure everything an iPhone does is heavily scrutinized. Every packet that is sent or received is analyzed for purpose, etc.
And I'm pretty sure they've done it using fake cellular networks too in order to capture any cellular data usage and packets as well.
One packet out of place and it'll be front page on all the mainstream media within the hour, and Tim Cook hauled in front of Congress in 2.
This is especially so since I think even Siri is doing less and less in the cloud and more and more on device
Most flaws found have been implementation flaws (e.g., xmas attack and others), I think the only real TCP flaw was SYN-flooding with spoofed hosts. Before everyone switched to syncookies, doing so would consume resources on the host for book-keeping of those half-open connections (until it timed out). Now that everyone uses syncookies to do the book-keeping of TCP half-open connections with zero overhead, it's not an issue.
Here it's a Linux/BSD issue where the stack hangs onto packets that arrive out of order until the buffers run out which forces the kernel to coalesce the packets to free up memory (which is an expensive operation). The fix is to recognize the situation and simply drop the packets - it's TCP, they're not acknowledged yet so dropping is the best thing to do.
They actually have deployed the technology now - several event halls and such use it in place of the ticket. The face is scanned when the ticket is purchased and is now linked to the ticket for entry purposes. When you sign in, your face is scanned, and if it matches, you're through. If it fails (either someone with a similar face is matched, etc), you show your ticket to get in.
It is surprisingly quick - roughly under a couple of seconds, and naturally the efficient Japanese like it since they can get through the gates much faster than if they showed their tickets and have those scanned through (which takes a few seconds more.
It's especially handy for limited events - fan clubs and such getting exclusive access means the fan club itself simply provided the photos so only members can enter