No other medium has this problem (not in my country anyway)
* The telephone does not have a spam problem.
I live in the US, and we *do*. Do you never get telemarketers?
My instant messanger does not have a spam problem (it used to but they fixed it).
IM systems do. The only reason that problems aren't worse than one might expect is that it's easier to pick up peple blasting out masses of messages because everything in centralized. Centralized systems have their own associated problems (easy monitoring of everything you say, easy abuse by monopolies, single point of failure).
# SMS does not have a spam problem.
I don't carry a cell, but I've certainly heard about people getting SMS spam.
# My postal mailbox does not have a spam problem - "No circulars".
*I* get junk mail in my postal mailbox. Admittedly, a manageable amount, but the majority of the mail I get is junk.
* The fax does not have a spam problem.
True. Up until not all *that* long ago, it *did*, though, at least in the US.
Requiring certs would spell the end of anonymous mail, but spam has already done that, and the Beagle virus has shown another reason why everyone (ISPs in particular in this case) should digitally sign their email.
No, it wouldn't.
Zero-Knowledge sold "nyms" for a while (short for pseudonyms", which basically came down to cryptographic identities. They might in theory be able to map your real identity to your nym and visa versa, but other people couldn't, and I believe they didn't maintain logs. It might be more realistic for someone like Sealand to provide such services.
Aside from the pain it takes to deploy, I really feel that cryptographic solutions are the answer -- at *some* point they have to be deployed. They have the strongest theoretical protections, the lest theoreitical disadvantages to the user, and provide a host of benefits (avoiding users spoofing emails, ensuring that people don't eavesdrop on your email).
This sort of trust system works better with cryptography.
The idea is that people move around IPs, IPs change ownership, people use tunneling, IPv6 comes out, etc.
However, if everyone sends their email with a cryptographic identity and uses these identities instead of IPs to identify people, then you can do the trust system you proposed (or another trust system) and it works reliably. It can take some work to set up, yes...
IMHO, SA and CAV should be set up on client-side boxes by default in Red Hat and other distros, run through procmail or whatnot.
They are absolutely amazing programs when used in conjuction, and I think that too much focus is put on their server-side use -- I *know* that my anti-spam/anti-virus system is excellent, even if my ISP's isn't...and *I* can whitelist and use my own Baysian filtering on things, unlike server-side SA/CAV users.
It is extremely unfortunate that SA/CAV take effort to set up. I consider them more useful and fundamental than the firewall that Red Hat ships in their basic distro.
As I've detailed before every time there's an SPF article on Slashdot, SPF is seriously broken in a number of ways. It was not produced by security people. Microsoft's counterproposal fixes a few of SPF's problems and leaves open a number more.
I thought that the article as a whole was a very realistic and down-to-earth view of what's going on -- it's really nice to see someone in the anti-spam world that knows what they're talking about.
I do have two points -- I really think that despite the drawbacks mentioned, cryptographic systems must ultimately become the final anti-spam solution. There are a number of ways to deal with the issues Neal brought up:
* Automated abuse: this is significant -- it does mean that no ISP can provide an abusable automated system for generating new certs. This is not an insurmountable technical issue, however. Is is an issue for the early transition to Internet-wide email cryptography. One can link trust of multiple identities, so that people can "obtain" up to, say, six new "identity" certs from their ISP per address in an automated fashion, but that if any of these certs are abused, the trust of all of them falls. There needs to be a secure system for granting certs already for webservers or for administering domains. It does not seem unreasonable that piggybacking one of these distribution systems could not be used for handing certs to ISPs/domain owners. If I go to work at a company, the IT people that set up my email client and whatnot just drop my "identity cert" in when setting it up.
* Usability: I see no reason for Neal's assertion that a CA going down would break everything as a problem. At the moment, almost all people rely on MX records to get their email. If the DNS server goes down, they don't get their mail. Is it so much harder to host whatever CA stuff is an issue on a server of DNS reliability? I don't see CA load being an issue -- it's not as if the CA is going to generate a cert per-email in any kind of a sane system. Certs could be cached, cert chains could be attached to emails, etc.
There are three big reasons cryptography is seen as an unpopular solution (and why Microsoft and the SPF people don't like the cryptography path). First, having a cryptosystem that allows signing in place probably means that people are going to include encryption support with it. A lot of governments really, really do not want to lose the ability to read email. I think this can be gotten around by forcing ISPs in such unenglightened countries to use key escrow. Second, a lot of people are concerned about server CPU load. I just don't see this as a problem. I cause more CPU load on systems webbrowsing than I do sending my tiny average number of bytes in email each day. Third, cryptography isn't easy to deploy. You need essentially everyone to be using it for it to be useful (though you can start tying it in to existing antispam filters immediately, treating a signed email as far more trustworthy than an unsigned one -- SpamAssassin can already do this). You need to do PKI, handing out certificates to users, and you need to ensure that these certs are kept reasonably secure.
I don't see Neal's complaint about "nobody should control email" as a problem. Is that an issue? Fine...have, say, several CA roots per country, and allow people to add more if they want. Use a trust system that allows CAs to become untrusted (I've gotten all these spam emails from this domain that this CA alone signed off on...) That should be enough distribution that it's damned hard for anyone to muck around with email as Verisign does with DNS. Also, instead of having CA roots directly sign domains, have CA roots sign "signer servers" that are responsible for handing out certs to domain owners (and have. That way, if I want to set up a root CA tomorrow for my friends to use, all I have to do is kick it on, sign all the "signer servers" for name registrars or whatever that I trust, and then tell my friends to add the root CA as trusted). E
However, gun rights start being infringed in areas where guns are presented as a dangerous threat to law and order. High density urban areas with high crime. Look at, say, NYC.
This might work for knives -- say, a combat knife beneath each seat.
However, there are major problems with guns on an airplane. The first applies to sawed-off shotguns. Airplanes are tight, cramped environments. It is likely that the majority of people onboard are not bad guys. If anyone fires a sawed-off shotgun on a crowed airplane, they are going to hurt a lot of people.
The other problem is that commercial airliners (a) fly really high and (b) have thin aluminum and glass shells. If people start firing guns all at once, the body is going to explosively decompress, which is not going to be good for anyone on the airplane.
Oh, and as one more thing -- the idea is that the major exploitable (by TSA/government/good guys) distinguishing factor between passengers and terrorists are that there are more passengers. Thus, ensuring a system of as rough equality as possible is ideal. If everyone is unarmed, then the twenty will beat the one. If everyone has knives (assuming that one person isn't phenomenally more skiled than everyone else), the twenty will beat the one. If everyone has guns, this gets a bit more risky. If someone starts shooting a sawed-off shotgun, the element of surprise is a *big* deal. If they get off four shots before anyone else starts shooting, they might incapacitate eight people before anyone else can do anything.
Another possibility (if we can swing computer-controlled remote landings) would be to have an emergency switch that gasses the entire plane with sleeping gas. Not great -- sleeping gasses affect different people differently, and you might kill some -- but it's a start. Then the airplane kicks into remote control or computer control mode and the closest tower lands it.
"Good evening, ladies and gentlemen. This is your captain speaking. In the event of an emergency landing, we ask than you place your head on the seat in front of you and lean forwards. In the event of an attempted terrorist hijacking, we ask that you beat the living snot out of said terrorists. In the event..."
I really hate the TSA. The ban on nail scissors is ridiculous. Any of my friends that are serious about martial arts could hurt someone much more badly with their hands (or a nice, heavy, blunt object, which *is* acceptable) than a dinky half-inch blade. I'll bet that if I was intent on smuggling a blade in, I could hide a much larger blade in something metal (come *on*...if there's a metal plate normally in some electronic device and someone slices the thing at a diagonal to produce a *big* blade, then puts the halves together, who is going to notice on an X-ray machine?).
Plus, I forgot about the nail scissors that I carry in my travelling case. It wasn't until the fourth flight that the TSA guy grabbed my scissors. Of all the pointless laws...
I can understand having to not have guns in carry-on. I can even consider large knives reasonable (You don't need your machete in-flight). However, taking pocket knives/keychain knives/nail scissors is just plain annoying. I'm sure the respective industries have done quite well, though...
(I just stopped by cnn.com to check whether the article is real -- it is).
All we need. More impetus for rights-restricting "anti-terrorism" laws. Presumably little enthusiasm for addressing root causes. People like smashing things when they get mad or scared.
Look at the State of Vermont - no permits needed to own a handgun and to carry it openly or concealed. And guess what - they have a very low violent crime rate.
It's possible that this *is* cause-and-effect, but the other way around. There haven't been a lot of gun-related crimes, so people haven't agitated for anti-gun laws.
Just to be a bastard, I gotta point out that this could probably be considered a Ghost bug. While there might not be anything Symantec could *do* to help someone that's mucked up their drive, I could reasonably see them complaining to Symantec about it.
Jeff Garzik, the Linux SATA guy (I thought Garzik was the Linux Ethernet guy after the Garzik/Becker fallout, but whatever), wrote in to say that this was host-protected space. He implied that this might be used when bad blocks crop up.
I'm very dubious about this. It doesn't make much sense technically.
Someone said that some OEM dumped OS space for storing an OS. Yeeesss...that could be right. However, we are talking upwards of ten gigs. I don't buy that they're asking for a third of the hard drive for the OEM.
I would *damn* well not be monkeying around with my drive until some other people test this out and (potentially) destroy their drives. I'm not currently sure how nasty this is, but if Garzik is right on almost any of his guesses, you have the potential to physically destroy your drive.
Here's one more possibility (a positive one). Garzik pointed out that factory cert time is when drive sizes are calculated. It's possible that, since drives are sold at particular sizes (120 GB, etc), if a hard drive can store 170 GB, not enough to get up to the next storage capacity (180 GB), the manufacturer just does not use space after a certain point to obtain a uniform line of drives. In this case, "unlocking" this space is equivalent to overclocking processors. Reasons for supporting this guess is that the sizes are uniformly large, but not large enough to push drives into the next storage bin.
A couple of points I'd worry about: clearly, the manufacturer did not intend you to be using this space. As such, they may allow space to pass cert and sit in a protected partition...but presumably they're going to put the least-reliable area (inside or outside of the disk) in this partition. This would be the least-reliable section of the disk.
This may become a valid technique (if unreliable), but I'm not sure if I'd do it. I'm pretty uncomfortable with the reliability of certified, used-as-manufacturer-considered-safe consumer IDE hard drives already (1 yr warranty, numerous nasty batches in the last few years, etc). If you OC your processor...big deal, you're out a processor and maybe a motherboard. If you lose your hard drive, you lose a lot of data...and hard drives are awfully cheap these days.
There are no guarantees that the drive firmware is going to not have subtle bugs relating to mucking around in a partition that's supposed to be hidden.
It may be that error-correction space is not allocated for this partition.
It may be that other metadata that the drive allocates about space that you normally need (I dunno, SMART related data or something), and that isn't existant for the hidden area.
Finally, there's no guarantee that if this works properly for one drive, that it will work properly for other drives. Heck, what if there's a mechanical or firmware revision within a single model (as Creative Labs likes to do with their soundcard products), and things work properly with one drive and not with another?
Doesn't mean that this might not be useful for someone...just that if I have to cut corners to save money somewhere, I think I'd rather do it on a lot of things other than hard drive reliability. Keep in mind also that if I'm right about the bin size, you're saving less than one bin size -- probably less than $20.
Finally, cheap drives fail a lot these days. If your drive starts the click of death within a year or three years or whatever your manufacturer warranty is, they may refuse to send you a new drive if you've been mucking around with low-level stuff on the drive.
If EV1 really was concerned about customer upset (and they've claimed that they were, and thought that it was minor), they could easily have asked for feedback. They closed the deal without letting any of their customers have a chance to give them feedback. I realize that they're now between a rock and a hard place, and that sucks, but ultimately they made the mistake -- some people just don't want their fees going in part to SCO to help attack Linux. I'd say that's a reasonable point of irritation.
EV1 might be able to get out of this by claiming breech of contract by SCO (who has clearly made claims about the specifics of the financial bits), but otherwise, they're just going to have to put up. They put themselves in a position where they can't easily remedy their mistake.
The scene of the landscape does change, so it's good to re-evaluate things every now and then. If there's a better deal than EV1 out there right now, it's worth trying out. [shrug]
McDonalds knew full well that their coffee was too hot, and kept it that way to save money despite customers getting burned and complaints by health inspectors.
You have now claimed this multiple times, and still failed to back it up. McDonalds said under oath that their taste test groups and coffee experts they consulted came up with this as a final result. I see absolutely zero way one can save money by keeping coffee hotter.
Hell, we aren't going to agree on this one way or another. I think you're utterly wrong, and you think I'm utterly wrong.
Instead of being dosed with 30 millirads, he was dosed with 3,000, and came out nice and crispy. Would you say his family didn't have the right to millions in compensation for frying the guy?
You're talking about the Therac-25. This is a case where the manufacturer had a pretty good idea that there were multiple major problems, and kept trying to cover it up or use hacks until the FDA made them take the thing out of commission. That's entirely different from making an inadvertent mistake.
I'm sorry, but in the UK people are actually aware that a whole world exists outside their borders.
I'm not trying to look at things quite that extremely.
Obviously, people interact on the Internet, used to use BBSes, and may know other people from trade shows. However, it's a lot more convenient to meet other people in the same country -- maybe you work in Boston, then in Sillicon Valley, and then maybe in Austin, and you have a pretty good cross-section of the ideas floating around.
I don't think that the UK is "isolationist". It's just isolated from the US and Japan, which means that it gets different ideas. The same happens between the US and Japan. [shrug] Well, it's all guessing on my part, anyway.
Wow. Thank you. At first I was dubious, but then I started reading "Why We Need More Reality Television" in the "Scorched Earth Party" section. It's great.:-)
Okay, clearly you're running a commercial venture, and there are clearly players that like your style. I'm not trying to bash your approach.
However, I kind of liked having five to maybe twenty players active at any given time on MUDs I've played. It meant that you could know just about everyone that played.
That being said, I'm sure there's something to be said for having a virtual city...
IMO, there are very few US developers (Origin at their prime, Looking Glass Studios) who can compete with the best of Britain in terms of innovation.
I really wonder. Is it because the British just happen to come up with a lot of original ideas? While it's not impossible, I'm a little dubious. I wonder if perhaps it's because you have a lot of developers that are physically isolated from the mass of US and Japanese developers, and have a chance to go their own ways.
Perhaps the real answer to game diversity is to find a couple of islands, dump game developers on them without access to the outside world for a couple of years, and see what new things spring up.:-)
Knowledge sharing is good, as it allows building upon past mistakes and god ideas. However, I claim that what is "apparently better" may not always actually be better. Someone may have to make an apparently non-ideal mental path to arrive at a better final solution. The problem is that if there are lots of ideas floating around that are "apparently better" and lead someone away from finding alternate, potentially better solutions.
Every time I see a game developer say "Has $FANCY_WELL_SELLING_GAME-style $FEATURE" on a new game's featurelist, I've seen a developer not run out and come up with a potentially better solution.
Oh, well. Honestly, people complain about the lack of innovation in games, but I can't help but think that things are better now than in the console days of the NES/SNES. Man, there were enough cloned platform games out there to choke a horse...
I wonder -- was I the only one that didn't really like many Rare games very much? As for DKC -- I know a lot of people got into DKC, but I always was a little suspicious that *most* games are pretty decent if you give yourself the chance to get into them, and that Nintendo pushed DKC hard.
I knew that Populous was from the UK, but I didn't know about X-Com. Those were both genre-starters, not just good sellers.
Slashdot Mirror
No other medium has this problem (not in my country anyway)
* The telephone does not have a spam problem.
I live in the US, and we *do*. Do you never get telemarketers?
My instant messanger does not have a spam problem (it used to but they fixed it).
IM systems do. The only reason that problems aren't worse than one might expect is that it's easier to pick up peple blasting out masses of messages because everything in centralized. Centralized systems have their own associated problems (easy monitoring of everything you say, easy abuse by monopolies, single point of failure).
# SMS does not have a spam problem.
I don't carry a cell, but I've certainly heard about people getting SMS spam.
# My postal mailbox does not have a spam problem - "No circulars".
*I* get junk mail in my postal mailbox. Admittedly, a manageable amount, but the majority of the mail I get is junk.
* The fax does not have a spam problem.
True. Up until not all *that* long ago, it *did*, though, at least in the US.
Requiring certs would spell the end of anonymous mail, but spam has already done that, and the Beagle virus has shown another reason why everyone (ISPs in particular in this case) should digitally sign their email.
No, it wouldn't.
Zero-Knowledge sold "nyms" for a while (short for pseudonyms", which basically came down to cryptographic identities. They might in theory be able to map your real identity to your nym and visa versa, but other people couldn't, and I believe they didn't maintain logs. It might be more realistic for someone like Sealand to provide such services.
Aside from the pain it takes to deploy, I really feel that cryptographic solutions are the answer -- at *some* point they have to be deployed. They have the strongest theoretical protections, the lest theoreitical disadvantages to the user, and provide a host of benefits (avoiding users spoofing emails, ensuring that people don't eavesdrop on your email).
This does not exist because when you e-mail someone in a challenge and response system, it automatically assumes they are friendly.
Or you can use syncookies-style crypographic tokens or something.
The problem is that interpretation systems have severe usability issues and screw mailing lists.
This sort of trust system works better with cryptography.
The idea is that people move around IPs, IPs change ownership, people use tunneling, IPv6 comes out, etc.
However, if everyone sends their email with a cryptographic identity and uses these identities instead of IPs to identify people, then you can do the trust system you proposed (or another trust system) and it works reliably. It can take some work to set up, yes...
IMHO, SA and CAV should be set up on client-side boxes by default in Red Hat and other distros, run through procmail or whatnot.
They are absolutely amazing programs when used in conjuction, and I think that too much focus is put on their server-side use -- I *know* that my anti-spam/anti-virus system is excellent, even if my ISP's isn't...and *I* can whitelist and use my own Baysian filtering on things, unlike server-side SA/CAV users.
It is extremely unfortunate that SA/CAV take effort to set up. I consider them more useful and fundamental than the firewall that Red Hat ships in their basic distro.
As I've detailed before every time there's an SPF article on Slashdot, SPF is seriously broken in a number of ways. It was not produced by security people. Microsoft's counterproposal fixes a few of SPF's problems and leaves open a number more.
I thought that the article as a whole was a very realistic and down-to-earth view of what's going on -- it's really nice to see someone in the anti-spam world that knows what they're talking about.
I do have two points -- I really think that despite the drawbacks mentioned, cryptographic systems must ultimately become the final anti-spam solution. There are a number of ways to deal with the issues Neal brought up:
* Automated abuse: this is significant -- it does mean that no ISP can provide an abusable automated system for generating new certs. This is not an insurmountable technical issue, however. Is is an issue for the early transition to Internet-wide email cryptography. One can link trust of multiple identities, so that people can "obtain" up to, say, six new "identity" certs from their ISP per address in an automated fashion, but that if any of these certs are abused, the trust of all of them falls. There needs to be a secure system for granting certs already for webservers or for administering domains. It does not seem unreasonable that piggybacking one of these distribution systems could not be used for handing certs to ISPs/domain owners. If I go to work at a company, the IT people that set up my email client and whatnot just drop my "identity cert" in when setting it up.
* Usability: I see no reason for Neal's assertion that a CA going down would break everything as a problem. At the moment, almost all people rely on MX records to get their email. If the DNS server goes down, they don't get their mail. Is it so much harder to host whatever CA stuff is an issue on a server of DNS reliability? I don't see CA load being an issue -- it's not as if the CA is going to generate a cert per-email in any kind of a sane system. Certs could be cached, cert chains could be attached to emails, etc.
There are three big reasons cryptography is seen as an unpopular solution (and why Microsoft and the SPF people don't like the cryptography path). First, having a cryptosystem that allows signing in place probably means that people are going to include encryption support with it. A lot of governments really, really do not want to lose the ability to read email. I think this can be gotten around by forcing ISPs in such unenglightened countries to use key escrow. Second, a lot of people are concerned about server CPU load. I just don't see this as a problem. I cause more CPU load on systems webbrowsing than I do sending my tiny average number of bytes in email each day. Third, cryptography isn't easy to deploy. You need essentially everyone to be using it for it to be useful (though you can start tying it in to existing antispam filters immediately, treating a signed email as far more trustworthy than an unsigned one -- SpamAssassin can already do this). You need to do PKI, handing out certificates to users, and you need to ensure that these certs are kept reasonably secure.
I don't see Neal's complaint about "nobody should control email" as a problem. Is that an issue? Fine...have, say, several CA roots per country, and allow people to add more if they want. Use a trust system that allows CAs to become untrusted (I've gotten all these spam emails from this domain that this CA alone signed off on...) That should be enough distribution that it's damned hard for anyone to muck around with email as Verisign does with DNS. Also, instead of having CA roots directly sign domains, have CA roots sign "signer servers" that are responsible for handing out certs to domain owners (and have. That way, if I want to set up a root CA tomorrow for my friends to use, all I have to do is kick it on, sign all the "signer servers" for name registrars or whatever that I trust, and then tell my friends to add the root CA as trusted). E
I didn't say it did.
I'm a fan of gun rights.
However, gun rights start being infringed in areas where guns are presented as a dangerous threat to law and order. High density urban areas with high crime. Look at, say, NYC.
I don't agree.
This might work for knives -- say, a combat knife beneath each seat.
However, there are major problems with guns on an airplane. The first applies to sawed-off shotguns. Airplanes are tight, cramped environments. It is likely that the majority of people onboard are not bad guys. If anyone fires a sawed-off shotgun on a crowed airplane, they are going to hurt a lot of people.
The other problem is that commercial airliners (a) fly really high and (b) have thin aluminum and glass shells. If people start firing guns all at once, the body is going to explosively decompress, which is not going to be good for anyone on the airplane.
Oh, and as one more thing -- the idea is that the major exploitable (by TSA/government/good guys) distinguishing factor between passengers and terrorists are that there are more passengers. Thus, ensuring a system of as rough equality as possible is ideal. If everyone is unarmed, then the twenty will beat the one. If everyone has knives (assuming that one person isn't phenomenally more skiled than everyone else), the twenty will beat the one. If everyone has guns, this gets a bit more risky. If someone starts shooting a sawed-off shotgun, the element of surprise is a *big* deal. If they get off four shots before anyone else starts shooting, they might incapacitate eight people before anyone else can do anything.
Another possibility (if we can swing computer-controlled remote landings) would be to have an emergency switch that gasses the entire plane with sleeping gas. Not great -- sleeping gasses affect different people differently, and you might kill some -- but it's a start. Then the airplane kicks into remote control or computer control mode and the closest tower lands it.
"Good evening, ladies and gentlemen. This is your captain speaking. In the event of an emergency landing, we ask than you place your head on the seat in front of you and lean forwards. In the event of an attempted terrorist hijacking, we ask that you beat the living snot out of said terrorists. In the event..."
I really hate the TSA. The ban on nail scissors is ridiculous. Any of my friends that are serious about martial arts could hurt someone much more badly with their hands (or a nice, heavy, blunt object, which *is* acceptable) than a dinky half-inch blade. I'll bet that if I was intent on smuggling a blade in, I could hide a much larger blade in something metal (come *on*...if there's a metal plate normally in some electronic device and someone slices the thing at a diagonal to produce a *big* blade, then puts the halves together, who is going to notice on an X-ray machine?).
Plus, I forgot about the nail scissors that I carry in my travelling case. It wasn't until the fourth flight that the TSA guy grabbed my scissors. Of all the pointless laws...
I can understand having to not have guns in carry-on. I can even consider large knives reasonable (You don't need your machete in-flight). However, taking pocket knives/keychain knives/nail scissors is just plain annoying. I'm sure the respective industries have done quite well, though...
(I just stopped by cnn.com to check whether the article is real -- it is).
All we need. More impetus for rights-restricting "anti-terrorism" laws. Presumably little enthusiasm for addressing root causes. People like smashing things when they get mad or scared.
Look at the State of Vermont - no permits needed to own a handgun and to carry it openly or concealed. And guess what - they have a very low violent crime rate.
It's possible that this *is* cause-and-effect, but the other way around. There haven't been a lot of gun-related crimes, so people haven't agitated for anti-gun laws.
Just to be a bastard, I gotta point out that this could probably be considered a Ghost bug. While there might not be anything Symantec could *do* to help someone that's mucked up their drive, I could reasonably see them complaining to Symantec about it.
I'm still confused.
Jeff Garzik, the Linux SATA guy (I thought Garzik was the Linux Ethernet guy after the Garzik/Becker fallout, but whatever), wrote in to say that this was host-protected space. He implied that this might be used when bad blocks crop up.
I'm very dubious about this. It doesn't make much sense technically.
Someone said that some OEM dumped OS space for storing an OS. Yeeesss...that could be right. However, we are talking upwards of ten gigs. I don't buy that they're asking for a third of the hard drive for the OEM.
I would *damn* well not be monkeying around with my drive until some other people test this out and (potentially) destroy their drives. I'm not currently sure how nasty this is, but if Garzik is right on almost any of his guesses, you have the potential to physically destroy your drive.
Here's one more possibility (a positive one). Garzik pointed out that factory cert time is when drive sizes are calculated. It's possible that, since drives are sold at particular sizes (120 GB, etc), if a hard drive can store 170 GB, not enough to get up to the next storage capacity (180 GB), the manufacturer just does not use space after a certain point to obtain a uniform line of drives. In this case, "unlocking" this space is equivalent to overclocking processors. Reasons for supporting this guess is that the sizes are uniformly large, but not large enough to push drives into the next storage bin.
A couple of points I'd worry about: clearly, the manufacturer did not intend you to be using this space. As such, they may allow space to pass cert and sit in a protected partition...but presumably they're going to put the least-reliable area (inside or outside of the disk) in this partition. This would be the least-reliable section of the disk.
This may become a valid technique (if unreliable), but I'm not sure if I'd do it. I'm pretty uncomfortable with the reliability of certified, used-as-manufacturer-considered-safe consumer IDE hard drives already (1 yr warranty, numerous nasty batches in the last few years, etc). If you OC your processor...big deal, you're out a processor and maybe a motherboard. If you lose your hard drive, you lose a lot of data...and hard drives are awfully cheap these days.
There are no guarantees that the drive firmware is going to not have subtle bugs relating to mucking around in a partition that's supposed to be hidden.
It may be that error-correction space is not allocated for this partition.
It may be that other metadata that the drive allocates about space that you normally need (I dunno, SMART related data or something), and that isn't existant for the hidden area.
Finally, there's no guarantee that if this works properly for one drive, that it will work properly for other drives. Heck, what if there's a mechanical or firmware revision within a single model (as Creative Labs likes to do with their soundcard products), and things work properly with one drive and not with another?
Doesn't mean that this might not be useful for someone...just that if I have to cut corners to save money somewhere, I think I'd rather do it on a lot of things other than hard drive reliability. Keep in mind also that if I'm right about the bin size, you're saving less than one bin size -- probably less than $20.
Finally, cheap drives fail a lot these days. If your drive starts the click of death within a year or three years or whatever your manufacturer warranty is, they may refuse to send you a new drive if you've been mucking around with low-level stuff on the drive.
If EV1 really was concerned about customer upset (and they've claimed that they were, and thought that it was minor), they could easily have asked for feedback. They closed the deal without letting any of their customers have a chance to give them feedback. I realize that they're now between a rock and a hard place, and that sucks, but ultimately they made the mistake -- some people just don't want their fees going in part to SCO to help attack Linux. I'd say that's a reasonable point of irritation.
EV1 might be able to get out of this by claiming breech of contract by SCO (who has clearly made claims about the specifics of the financial bits), but otherwise, they're just going to have to put up. They put themselves in a position where they can't easily remedy their mistake.
The scene of the landscape does change, so it's good to re-evaluate things every now and then. If there's a better deal than EV1 out there right now, it's worth trying out. [shrug]
McDonalds knew full well that their coffee was too hot, and kept it that way to save money despite customers getting burned and complaints by health inspectors.
You have now claimed this multiple times, and still failed to back it up. McDonalds said under oath that their taste test groups and coffee experts they consulted came up with this as a final result. I see absolutely zero way one can save money by keeping coffee hotter.
Hell, we aren't going to agree on this one way or another. I think you're utterly wrong, and you think I'm utterly wrong.
Instead of being dosed with 30 millirads, he was dosed with 3,000, and came out nice and crispy. Would you say his family didn't have the right to millions in compensation for frying the guy?
You're talking about the Therac-25. This is a case where the manufacturer had a pretty good idea that there were multiple major problems, and kept trying to cover it up or use hacks until the FDA made them take the thing out of commission. That's entirely different from making an inadvertent mistake.
I'm sorry, but in the UK people are actually aware that a whole world exists outside their borders.
I'm not trying to look at things quite that extremely.
Obviously, people interact on the Internet, used to use BBSes, and may know other people from trade shows. However, it's a lot more convenient to meet other people in the same country -- maybe you work in Boston, then in Sillicon Valley, and then maybe in Austin, and you have a pretty good cross-section of the ideas floating around.
I don't think that the UK is "isolationist". It's just isolated from the US and Japan, which means that it gets different ideas. The same happens between the US and Japan. [shrug] Well, it's all guessing on my part, anyway.
Wow. Thank you. At first I was dubious, but then I started reading "Why We Need More Reality Television" in the "Scorched Earth Party" section. It's great. :-)
Okay, clearly you're running a commercial venture, and there are clearly players that like your style. I'm not trying to bash your approach.
However, I kind of liked having five to maybe twenty players active at any given time on MUDs I've played. It meant that you could know just about everyone that played.
That being said, I'm sure there's something to be said for having a virtual city...
Is the siesta part of Spanish culture? I always thought that it was strictly Mexican.
I've never been to the UK, but I have a couple of friends that head over (admittedly, to London) and seem to have an incredible time partying it up.
I wonder what musical tastes in the UK are like -- whether they mirror the US or what.
IMO, there are very few US developers (Origin at their prime, Looking Glass Studios) who can compete with the best of Britain in terms of innovation.
:-)
I really wonder. Is it because the British just happen to come up with a lot of original ideas? While it's not impossible, I'm a little dubious. I wonder if perhaps it's because you have a lot of developers that are physically isolated from the mass of US and Japanese developers, and have a chance to go their own ways.
Perhaps the real answer to game diversity is to find a couple of islands, dump game developers on them without access to the outside world for a couple of years, and see what new things spring up.
Knowledge sharing is good, as it allows building upon past mistakes and god ideas. However, I claim that what is "apparently better" may not always actually be better. Someone may have to make an apparently non-ideal mental path to arrive at a better final solution. The problem is that if there are lots of ideas floating around that are "apparently better" and lead someone away from finding alternate, potentially better solutions.
Every time I see a game developer say "Has $FANCY_WELL_SELLING_GAME-style $FEATURE" on a new game's featurelist, I've seen a developer not run out and come up with a potentially better solution.
Oh, well. Honestly, people complain about the lack of innovation in games, but I can't help but think that things are better now than in the console days of the NES/SNES. Man, there were enough cloned platform games out there to choke a horse...
I wonder -- was I the only one that didn't really like many Rare games very much? As for DKC -- I know a lot of people got into DKC, but I always was a little suspicious that *most* games are pretty decent if you give yourself the chance to get into them, and that Nintendo pushed DKC hard.
I knew that Populous was from the UK, but I didn't know about X-Com. Those were both genre-starters, not just good sellers.