They seem to be concerned that there is no way to lock an XML file in a manner similar to a PDF, which is already a common format used by much of the federal government.
Seems like they're under the same delusion as my employer, and those that regulate them. There is no way to lock a PDF in a manner similar to how these kinds of people perceive PDFs to be locked.
PDFs are trivially editable, just like any other file format that you can read. It is just that the format is so layout-specific that few bother to edit them directly. The only way to detect modifications in a PDF file is to use digital signatures, with all the issues that brings. Relying on PDF as a "read-only" file format is just security by obscurity.
The US did something similar to a huge USSR oil refinery back in the 80s. The mess that made makes this incident look like a few broken motors. The USSR never went to war over it, though I'm sure they knew what happened.
Keep in mind that war has a HUGE cost. As much as you might posture for the masses, nobody with half a brain enters into it lightly. I'd be more concerned with dictators than with most since that premise doesn't always apply. Still, the Iranians must have figured that the damage to their complex is nothing compared to what they'd face if they actually started a shooting war.
In a shooting war with the US there are a few fairly certain conclusions: 1. The US would spend a LOT of money. 2. On both sides lots of people would die. Almost certainly the toll would be much higher in Iran. 3. The current regime in Iran is unlikely to be left standing, or anything bearing a resemblance to it.
Some other possibilities include: 4. Lots of dead people in nearby countries (Israel, Saudi Arabia, Iraq, Afganistan, etc). 5. Loss of international support for the US. 6. Political damage for parties running the US government at the time. 7. Terrorist attacks in the US. These actually would be likely to reduce #5, and could make #6 either better or worse.
Overall I think we can be confident that the US can handle the bill far better than the Iranians.
I guess the average US voter is more willing to trust the US government with this technology than anybody else. Hence the current US policy. Most other industrialized nations are inclined to agree, so they generally support it too. Obviously Iran doesn't, and this is just one more reason why they're a pariah...
The US blew up an oil refinery in Russia during the cold war using tactics like this. While that might be considered an act of war, nobody really would have considered the US and USSR "at war" at the time.
You are completely missing the point. Compliance with the DNT is voluntary.
Sure, but so is cooperating with it on the browser side. Just as an advertiser can decide whether to ignore the flag, a browser distributor can decide whether to ignore the advertiser directive to make it off by default.
Taking an antagonistic approach to solving a problem only works you have something to back your actions up.
We do, and it is called AdBlock. I can't understand why distros don't just bundle it by default...
Well, I doubt that MS won't let windows run unsigned software. They might very well not let it install unsigned drivers or something like that, and they might very well implement Palladium/etc.
So, if you put your computer in unsecure mode then Windows will refuse to play HD video or whatever. If you put it in secure mode then it will refuse to install uncertified drivers/etc, and the computer could perform remote attestation that you have a clean chain from bootloader to video card for playing back DRM'ed content. Of course, somebody will still find a bug in a driver, and these days it is actually practical to capture raw DVI/HDMI video as well (something that wasn't practical back when all this stuff was dreamed up, and HDMI hadn't been cracked in practice back then). This is all silly since you can always just record the display output, and at high resolution under optimum capture conditions an analog recording can be pretty-darn good. After all, the light reflecting off the actor's faces was analog in the first place (assuming the entire movie isn't CGI).
I'm sure this happens to some degree. However, almost no amount of money would lead to a practical treatment for any disease in only a few years. If they thought there was even a 10% chance of success I wouldn't be surprised if many billionaires would spend their fortunes.
Most medical progress is measured in decades, not years. The money we spend today will make a better world for our kids. However, instead the trend in the developed world is to spend money on the cares of today and leave our kids national treasuries that are leveraged to 100% or more of GDP.
If all that debt was going to R&D to cure cancer I imagine our descendants would forgive us. Most goes to propping up lifestyles of the wealthy, either directly or indirectly. Quite a bit goes to paying old people to not work, but there wouldn't be any jobs for them anyway unless you forced company owners to make less money by employing less productive people to do work.
If you don't care about being able to secure-boot, then this won't impact you at all. If you stockpile parts they won't support secure boot anyway.
If you do care about being able to secure-boot, then you need to get MS to sign your bootloader, period. If you build your own linux from scratch or whatever, then you need to get them to sign your own personal machine's loader. Otherwise you have to disable secure boot, and your computer will happy boot a rootkit or your custom OS.
I do think that this practice should be banned. I want secure boot, and I want to be able to secure boot my own OS. Why should I only have the option of secure boot if I buy Windows and run it?
Non-secure is the same as what we have now, but it isn't all that great.
I'd love to be able to tell my computer to only boot an OS that I assign, so that I know that it can't get corrupted by viruses/etc. I could boot from a signed rescue disk if something goes wrong.
The problem is that the standard won't give the consumer choice over which OSes are trusted. The choices will be MS, or no secure boot at all.
1. You call up the lab and tell them that you're interested in a whole genome sequence. The lab will tell you that it is illegal to perform this service without a prescription.
2. So, you talk to you doctor. He asks you why you need one - what is wrong with you. You explain your symptoms (since pure curiosity is not justification for a medical "procedure"). He bills you $80.
3. You end up getting blood tests, x-rays, and every other test imaginable that you have to pay for. Eventually the doctor decides that a whole genome test for xyz disease is justifiable and orders it. He bills you another $80.
4. You spit in a tube and mail it to the lab.
5. The lab spends $1k to sequence your genome. The computer analyzes your genome and decides that you don't have xyz disease. The lab mails a report to your doctor saying that you don't have xyz disease, sends you a bill for $10k, and deletes all traces of your genome.
6. You go to your doctor and he tells you that you don't have xyz disease (and bills you another $80). He then says, maybe you have abc disease instead, and since there is this whole genome test for it all you need to do is spit in another tube...
7a. You don't have insurance, so when you get the two bills for $10k you call the lab and beg and plead and they reduce the bill to $6k because they're really nice people. You take out another mortgage and pay the bill. 7b. You do have insurance, so when the bill arrives the insurance company pays $2k, and tells you to pay the lab $200.
8. Politicians go on about how all of this is the fault of insurance companies, despite the fact that they only thing they did in this whole process is save some poor guy $4k (or $8k if they're dumb enough to pay list price).
Believe it or not there are efforts to ban the few existing personal genome services that already exist. They want you to only get tested if a doctor orders it, have the results sent to your doctor, and only send the specific results that are requested, that way you can have the same test done 14 more times over your life.
Security is all about the weakest link. You can spend money on IT, or on people, or on both, but the attacker just needs to figure out where you are weakest.
Information warfare like many other forms of warfare is very asymmetric. The defender needs to be strong everywhere, and the attacker just needs to be strong in one place. If you are afraid that enemy airplanes are going to bomb you it is far more cost-effective to just bomb their airfields first than to try to shoot them down in the air.
Maybe, but in my experience is that these sorts of things disrupt those scientists no matter what.
Maybe they have to participate to provide input, or testing, or whatever. Maybe they don't have to provide input or testing, and they suffer issues when the untested changes clobber their work. Maybe for lack of input some critical system doesn't get remediated and they get hit by the next worm.
IT changes almost always impact those using systems.
Tragedy of the commons - the same reason why everybody screams about drug companies making money.
Doing research costs money. Once the research is done, knowing the results of that research usually costs very little. So, why not just let somebody else pay for it?
The true cost of research isn't what it cost to run the experiment that lead to the breakthrough. The real cost is all those experiments that led to nothing useful at all. The problem is that you can't have the first without doing a lot of the second.
Maybe, but if his company wasn't all that competitive maybe his options were to have half of a large sum, or all of nothing. That being the case, he's still much better off if his wife takes half of the loot. Considering the fact that she might be the sole reason there was any loot to begin with, it would seem poetic. I wouldn't call it "justice" however, since all of this is done on the backs of the taxpayer...
I wrote so many lines I had wrist problems before I ever owned a computer or even discovered masturbation.
I hear you, but the one nice thing about growing up just at the dawn of the personal computing age was that I asked my teacher if I could type my lines instead (on the computer), and they said, "sure." Ah, Command-V on a 128k Mac running MacWrite...
Yup. It seems that much of the secret to wealth these days is to convince somebody who already has it to invest, take big risks, and ensure that you get a disproportionate share of gains compared to losses. Usually that means a small percentage of gains, and no share of losses.
Certainly the case where I work - especially for vendors offering industry-specific solutions (not so much word processors as things like ERP solutions, industrial automation, etc). I wouldn't be surprised if MS sells enough stuff that they get in on that.
Keep in mind that often all support translates into is somebody to talk to. Managers like to talk to companies about their strategies. They want to know what they're working on, and they like input that they can translate into nice powerpoint slides they can impress their bosses with.
Most FOSS software doesn't have lunches in a nearby city where you can spend a day out of the office hearing about their latest offers. They don't have sales people who will give a presentation at your company, or who can chat on the phone. They don't have an annual conference where you can sip the kool aide. They don't have professionally-created fancy architecture diagrams.
In short, FOSS might work, but it lacks all the stuff managers need to obtain promotions, since their own bosses can't tell whether something works or not and need to judge them by the amount of BS they can generate.
I think I bought my last 1TB drive for $60-70. For $100 I probably could have bought 2TB. Now you can get a 2TB drive for as little as $110, but most are $20-30 higher, unless you want 5400RPM or whatever (no idea why they still sell those - I guess for people who just look at the size like they look at the megapixels).
Prices could still fall by about half before I'd consider them "low."
Agreed. I'd go a step further and require any pension to be defined-contribution as well - so that offers are strictly comparable.
I'm not a big fan of deferred pay in general - it is WAY too open to abuse, and I've seen firsthand the problems that arise when companies imply that workers are earning some benefit only to yank it away from them.
I'm not sure their goal was ever to make money "from android" so much as to ensure that the phones that are out there are able to use other Google services, which do make money. If it weren't for Android competition, you might have iphones that don't have a nice gmail or Google docs app, or whatever. Competition is good for everybody, and Android could be quite successful as a loss-leader.
I'm not sure what the total combined number of smartphone+tablet android installs vs the total combined smartphone+tablet iOS installs are. I wouldn't be surprised if Android holds the combined advantage, even though it falls short in the tablet space. That might be what the post was getting at.
The other issue I see is too many disinterested investors - tons of money in 401ks that is not closely monitored, or where the investors have little control over their investments. That leads to complacent boards and powerful CEOs. The CEO doesn't really care about company performance, as long as he can collect his bonus. If the company collapses the investors might lose out if they're not bailed out, but the CEO keeps his bonuses, as do all the other execs. That means that they have incentive to take lots of risks.
Just ask anybody who made a ton of money off of credit default swaps in 2007 - paper is worth whatever you can get somebody else to pay for it. I'd say that 80% of the "value" of the stock in most trendy companies is based on hype, and you can make a lot of money off of that hype if you're an insider.
If you come out with a new laptop everybody yawns. If you come out with a new tablet people invest money. If you come out with a new pink sleeve for an iPad your stock will soar. Investors are like a big stampede, and if you wave a red flag in the direction they're all running in you'll get lots of money.
The thing is, it doesn't matter how many people are screaming about how great an investment CDS's, or tulips, or whatever is. Eventually you run out of new money, and the whole thing has to stand on whatever real-world earnings it can find. If those aren't there, then the whole situation gets ugly fast, and everybody is screaming for a bailout because "nobody could have seen this coming."
I think K summed it up fairly well - a person is intelligent, but people are dumb.
Iran is a spacefaring nation, and North Korea is probably next. I imagine either of them would love to trash some of the Great Satan's gear, if only to prove that they can hit things with that level of precision.
I dunno - putting stuff on the moon costs a fortune. Most nations spending that kind of money usually want to make themselves appear high and lofty. Burning US flags might be good for the rabble in the street, but I suspect the people who rule them probably would look to do something that appeared more majestic.
I completely agree. When people settled North America, Africa, or South America did they say, "oh you know what those are scared lands we will not disturb them." I say tough titty! If you want them, go get them yourselves, otherwise its fair game!
Perhaps, but those people didn't then go and live unarmed among the people whose sacred lands they disturbed. Basically they operated under might makes right, which works in practice, but in the struggle between random rocketeer and the US Army you can figure out which side has the might.
They seem to be concerned that there is no way to lock an XML file in a manner similar to a PDF, which is already a common format used by much of the federal government.
Seems like they're under the same delusion as my employer, and those that regulate them. There is no way to lock a PDF in a manner similar to how these kinds of people perceive PDFs to be locked.
PDFs are trivially editable, just like any other file format that you can read. It is just that the format is so layout-specific that few bother to edit them directly. The only way to detect modifications in a PDF file is to use digital signatures, with all the issues that brings. Relying on PDF as a "read-only" file format is just security by obscurity.
The US did something similar to a huge USSR oil refinery back in the 80s. The mess that made makes this incident look like a few broken motors. The USSR never went to war over it, though I'm sure they knew what happened.
Keep in mind that war has a HUGE cost. As much as you might posture for the masses, nobody with half a brain enters into it lightly. I'd be more concerned with dictators than with most since that premise doesn't always apply. Still, the Iranians must have figured that the damage to their complex is nothing compared to what they'd face if they actually started a shooting war.
In a shooting war with the US there are a few fairly certain conclusions:
1. The US would spend a LOT of money.
2. On both sides lots of people would die. Almost certainly the toll would be much higher in Iran.
3. The current regime in Iran is unlikely to be left standing, or anything bearing a resemblance to it.
Some other possibilities include:
4. Lots of dead people in nearby countries (Israel, Saudi Arabia, Iraq, Afganistan, etc).
5. Loss of international support for the US.
6. Political damage for parties running the US government at the time.
7. Terrorist attacks in the US. These actually would be likely to reduce #5, and could make #6 either better or worse.
Overall I think we can be confident that the US can handle the bill far better than the Iranians.
I guess the average US voter is more willing to trust the US government with this technology than anybody else. Hence the current US policy. Most other industrialized nations are inclined to agree, so they generally support it too. Obviously Iran doesn't, and this is just one more reason why they're a pariah...
The US blew up an oil refinery in Russia during the cold war using tactics like this. While that might be considered an act of war, nobody really would have considered the US and USSR "at war" at the time.
You are completely missing the point. Compliance with the DNT is voluntary.
Sure, but so is cooperating with it on the browser side. Just as an advertiser can decide whether to ignore the flag, a browser distributor can decide whether to ignore the advertiser directive to make it off by default.
Taking an antagonistic approach to solving a problem only works you have something to back your actions up.
We do, and it is called AdBlock. I can't understand why distros don't just bundle it by default...
Well, I doubt that MS won't let windows run unsigned software. They might very well not let it install unsigned drivers or something like that, and they might very well implement Palladium/etc.
So, if you put your computer in unsecure mode then Windows will refuse to play HD video or whatever. If you put it in secure mode then it will refuse to install uncertified drivers/etc, and the computer could perform remote attestation that you have a clean chain from bootloader to video card for playing back DRM'ed content. Of course, somebody will still find a bug in a driver, and these days it is actually practical to capture raw DVI/HDMI video as well (something that wasn't practical back when all this stuff was dreamed up, and HDMI hadn't been cracked in practice back then). This is all silly since you can always just record the display output, and at high resolution under optimum capture conditions an analog recording can be pretty-darn good. After all, the light reflecting off the actor's faces was analog in the first place (assuming the entire movie isn't CGI).
I'm sure this happens to some degree. However, almost no amount of money would lead to a practical treatment for any disease in only a few years. If they thought there was even a 10% chance of success I wouldn't be surprised if many billionaires would spend their fortunes.
Most medical progress is measured in decades, not years. The money we spend today will make a better world for our kids. However, instead the trend in the developed world is to spend money on the cares of today and leave our kids national treasuries that are leveraged to 100% or more of GDP.
If all that debt was going to R&D to cure cancer I imagine our descendants would forgive us. Most goes to propping up lifestyles of the wealthy, either directly or indirectly. Quite a bit goes to paying old people to not work, but there wouldn't be any jobs for them anyway unless you forced company owners to make less money by employing less productive people to do work.
If you don't care about being able to secure-boot, then this won't impact you at all. If you stockpile parts they won't support secure boot anyway.
If you do care about being able to secure-boot, then you need to get MS to sign your bootloader, period. If you build your own linux from scratch or whatever, then you need to get them to sign your own personal machine's loader. Otherwise you have to disable secure boot, and your computer will happy boot a rootkit or your custom OS.
I do think that this practice should be banned. I want secure boot, and I want to be able to secure boot my own OS. Why should I only have the option of secure boot if I buy Windows and run it?
Non-secure is the same as what we have now, but it isn't all that great.
I'd love to be able to tell my computer to only boot an OS that I assign, so that I know that it can't get corrupted by viruses/etc. I could boot from a signed rescue disk if something goes wrong.
The problem is that the standard won't give the consumer choice over which OSes are trusted. The choices will be MS, or no secure boot at all.
Actually, it will go more like this:
1. You call up the lab and tell them that you're interested in a whole genome sequence. The lab will tell you that it is illegal to perform this service without a prescription.
2. So, you talk to you doctor. He asks you why you need one - what is wrong with you. You explain your symptoms (since pure curiosity is not justification for a medical "procedure"). He bills you $80.
3. You end up getting blood tests, x-rays, and every other test imaginable that you have to pay for. Eventually the doctor decides that a whole genome test for xyz disease is justifiable and orders it. He bills you another $80.
4. You spit in a tube and mail it to the lab.
5. The lab spends $1k to sequence your genome. The computer analyzes your genome and decides that you don't have xyz disease. The lab mails a report to your doctor saying that you don't have xyz disease, sends you a bill for $10k, and deletes all traces of your genome.
6. You go to your doctor and he tells you that you don't have xyz disease (and bills you another $80). He then says, maybe you have abc disease instead, and since there is this whole genome test for it all you need to do is spit in another tube...
7a. You don't have insurance, so when you get the two bills for $10k you call the lab and beg and plead and they reduce the bill to $6k because they're really nice people. You take out another mortgage and pay the bill.
7b. You do have insurance, so when the bill arrives the insurance company pays $2k, and tells you to pay the lab $200.
8. Politicians go on about how all of this is the fault of insurance companies, despite the fact that they only thing they did in this whole process is save some poor guy $4k (or $8k if they're dumb enough to pay list price).
Believe it or not there are efforts to ban the few existing personal genome services that already exist. They want you to only get tested if a doctor orders it, have the results sent to your doctor, and only send the specific results that are requested, that way you can have the same test done 14 more times over your life.
Security is all about the weakest link. You can spend money on IT, or on people, or on both, but the attacker just needs to figure out where you are weakest.
Information warfare like many other forms of warfare is very asymmetric. The defender needs to be strong everywhere, and the attacker just needs to be strong in one place. If you are afraid that enemy airplanes are going to bomb you it is far more cost-effective to just bomb their airfields first than to try to shoot them down in the air.
Maybe, but in my experience is that these sorts of things disrupt those scientists no matter what.
Maybe they have to participate to provide input, or testing, or whatever. Maybe they don't have to provide input or testing, and they suffer issues when the untested changes clobber their work. Maybe for lack of input some critical system doesn't get remediated and they get hit by the next worm.
IT changes almost always impact those using systems.
Tragedy of the commons - the same reason why everybody screams about drug companies making money.
Doing research costs money. Once the research is done, knowing the results of that research usually costs very little. So, why not just let somebody else pay for it?
The true cost of research isn't what it cost to run the experiment that lead to the breakthrough. The real cost is all those experiments that led to nothing useful at all. The problem is that you can't have the first without doing a lot of the second.
Maybe, but if his company wasn't all that competitive maybe his options were to have half of a large sum, or all of nothing. That being the case, he's still much better off if his wife takes half of the loot. Considering the fact that she might be the sole reason there was any loot to begin with, it would seem poetic. I wouldn't call it "justice" however, since all of this is done on the backs of the taxpayer...
I wrote so many lines I had wrist problems before I ever owned a computer or even discovered masturbation.
I hear you, but the one nice thing about growing up just at the dawn of the personal computing age was that I asked my teacher if I could type my lines instead (on the computer), and they said, "sure." Ah, Command-V on a 128k Mac running MacWrite...
Yup. It seems that much of the secret to wealth these days is to convince somebody who already has it to invest, take big risks, and ensure that you get a disproportionate share of gains compared to losses. Usually that means a small percentage of gains, and no share of losses.
Certainly the case where I work - especially for vendors offering industry-specific solutions (not so much word processors as things like ERP solutions, industrial automation, etc). I wouldn't be surprised if MS sells enough stuff that they get in on that.
Keep in mind that often all support translates into is somebody to talk to. Managers like to talk to companies about their strategies. They want to know what they're working on, and they like input that they can translate into nice powerpoint slides they can impress their bosses with.
Most FOSS software doesn't have lunches in a nearby city where you can spend a day out of the office hearing about their latest offers. They don't have sales people who will give a presentation at your company, or who can chat on the phone. They don't have an annual conference where you can sip the kool aide. They don't have professionally-created fancy architecture diagrams.
In short, FOSS might work, but it lacks all the stuff managers need to obtain promotions, since their own bosses can't tell whether something works or not and need to judge them by the amount of BS they can generate.
I think I bought my last 1TB drive for $60-70. For $100 I probably could have bought 2TB. Now you can get a 2TB drive for as little as $110, but most are $20-30 higher, unless you want 5400RPM or whatever (no idea why they still sell those - I guess for people who just look at the size like they look at the megapixels).
Prices could still fall by about half before I'd consider them "low."
Agreed. I'd go a step further and require any pension to be defined-contribution as well - so that offers are strictly comparable.
I'm not a big fan of deferred pay in general - it is WAY too open to abuse, and I've seen firsthand the problems that arise when companies imply that workers are earning some benefit only to yank it away from them.
I'm not sure their goal was ever to make money "from android" so much as to ensure that the phones that are out there are able to use other Google services, which do make money. If it weren't for Android competition, you might have iphones that don't have a nice gmail or Google docs app, or whatever. Competition is good for everybody, and Android could be quite successful as a loss-leader.
I'm not sure what the total combined number of smartphone+tablet android installs vs the total combined smartphone+tablet iOS installs are. I wouldn't be surprised if Android holds the combined advantage, even though it falls short in the tablet space. That might be what the post was getting at.
The other issue I see is too many disinterested investors - tons of money in 401ks that is not closely monitored, or where the investors have little control over their investments. That leads to complacent boards and powerful CEOs. The CEO doesn't really care about company performance, as long as he can collect his bonus. If the company collapses the investors might lose out if they're not bailed out, but the CEO keeps his bonuses, as do all the other execs. That means that they have incentive to take lots of risks.
Just ask anybody who made a ton of money off of credit default swaps in 2007 - paper is worth whatever you can get somebody else to pay for it. I'd say that 80% of the "value" of the stock in most trendy companies is based on hype, and you can make a lot of money off of that hype if you're an insider.
If you come out with a new laptop everybody yawns. If you come out with a new tablet people invest money. If you come out with a new pink sleeve for an iPad your stock will soar. Investors are like a big stampede, and if you wave a red flag in the direction they're all running in you'll get lots of money.
The thing is, it doesn't matter how many people are screaming about how great an investment CDS's, or tulips, or whatever is. Eventually you run out of new money, and the whole thing has to stand on whatever real-world earnings it can find. If those aren't there, then the whole situation gets ugly fast, and everybody is screaming for a bailout because "nobody could have seen this coming."
I think K summed it up fairly well - a person is intelligent, but people are dumb.
Iran is a spacefaring nation, and North Korea is probably next. I imagine either of them would love to trash some of the Great Satan's gear, if only to prove that they can hit things with that level of precision.
I dunno - putting stuff on the moon costs a fortune. Most nations spending that kind of money usually want to make themselves appear high and lofty. Burning US flags might be good for the rabble in the street, but I suspect the people who rule them probably would look to do something that appeared more majestic.
I completely agree. When people settled North America, Africa, or South America did they say, "oh you know what those are scared lands we will not disturb them." I say tough titty! If you want them, go get them yourselves, otherwise its fair game!
Perhaps, but those people didn't then go and live unarmed among the people whose sacred lands they disturbed. Basically they operated under might makes right, which works in practice, but in the struggle between random rocketeer and the US Army you can figure out which side has the might.