Ditto AC, been using tt-rss for years, it works great. Has a good Android app too, though I don't think there's an iOS one. I don't know if there are any public shared installations of it out there for those who don't run their own servers, though, and if there are, they're probably getting killed right now...
Shaw only throttles *upstream* P2P, so being a selfish ass, I don't care. I throttle it harder than Shaw does myself.:P
Shaw's published caps are clearly better than Telus'. I can't speak to enforcement any more, though. I actually used to work in Shaw's AUP team (which was like five people in the Vancouver office) and we'd just do the top X% of worst offenders from overloaded routers and they got an assload of warnings and phone calls before any enforcement, but that was years back (when the caps were actually kinda crappy, like 50GB on Xtreme) and things will likely be different now. And I've never been on Telus, so I have no experience there.
Shaw serving copyright infringement warnings? You got any links on that? Never heard of it before.
I'm often unsympathetic to speed camera moaners, but "Optotraffic installed the Elmwood Place cameras and administered their use, in return for 40 percent of ticket revenue" is a giant warning flag. It doesn't take a genius to figure out the dangers of revenue generation issues when you run the systems like that...
Oh, and I should have included that there were zero spelling errors, which pretty much disqualifies it as a phishing attempt on its own.:) The Venn diagram of 'phishers' and 'people in possession of working spell check' seems to have no overlap.
Indeed not, but it is a rhetorical flourish. It's a semi-common usage to denote an incredulous response to a wrong assertion. The idea, I think, is that both a question and an incredulous response rise in pitch at the end.
Teksavvy seems to be getting worse. I check them every so often, and last time I checked, their AUP now specifically says you can't run servers; I'm pretty sure it didn't used to say that. They don't appear to offer static IPs for residential accounts any more. Their business pricing isn't very competitive. Distributel's AUP looks similar to Teksavvy's and Shaw's. I can't really see much to recommend any of the resellers over just using Shaw directly any more unless you really need the 'unlimited' data. That's still an advantage, but I think that may be going away soon, with the recent legal settlement. Shaw's caps aren't really that terrible either, they're way higher than Telus' - I think 250GB for 25Mb/sec, and 400GB for 50Mb/sec. And they do offer unlimited accounts, though at higher prices.
It's worth noting that some of Shaw's business services are weirdly well priced. I'm on their 50Mb/s business account; it sounds expensive, but then you see that it includes TV, and you'd think there'd be a catch, but there really isn't. The business 50Mb/sec service gives you basically the same services you'd get in the home 50Mb/s internet + basic cable TV bundle, for the same price (or $10 cheaper, I forget), you get a static IP address, the AUP on business accounts permits servers, you get a higher bandwidth cap and your uplink speed is faster. So...yeah, there's absolutely no reason not to get it. I did.
"To top it off, when Shaw did send out notices about this, they looked so much like every day phishing spam that many people deleted them unread."
Erm. No they didn't? I'm looking at one right now and it doesn't look remotely like 'every day phishing spam'. It doesn't offer me anything, threaten me with anything, or ask me to click on anything. It doesn't include any links except to a forum thread, which the text doesn't make any special effort to make you click on. It didn't trigger my mental 'phishing detector' in the slightest.
I got the email notification late Saturday, two days after the event happened, I guess. That's not a horrible delay. I also saw a bunch of delayed mails come through around that time - 10 or so - and they notified me of the sender and subject line of three mails that were lost, so looks like they managed to recover quite a lot.
I dunno, I guess I'm not TOTALLY OUTRAGED at this. As another commenter said, you know, admins screw up sometimes. Lord knows I have. The fact that they're at least able to identify the subject lines of all the lost mails makes a big difference; you could get any really vital ones re-sent.
"On the other hand, Card seems to have kept his personal views out of his fiction"
Er. You may have missed his five book novelization of the Book of Mormon, which quite prominently features a gay character who practices abstinence (with clear authorial approval).
(I'm gay, married, and Ender's Game and Speaker of the Dead are two of my favourite books ever. Makes it a bit hard to know what to think, really. I would love to meet Scott and attempt to gently talk some sense into him...)
"Network manager is far from perfect. Try setting a static IP address for you wired adapter with network-manager. Or getting a working bridge going. Or having a wi-fi connection active upon booting a computer but before logging in."
You can kinda do all those things with NM. Okay, bridging support only showed up very recently - I don't think it's in a stable release yet, but it's landing in master ATM - but the other two have worked fine for years. You can set static addressing info for a wired connection in nm-connection-editor or GNOME's Network settings applet. As for wireless connections, they often get set up as per-user connections because, well, you set them up as a user. NM respects the multi-user model, it doesn't assume all users want to use the connections and settings of one user. All you have to do to have a wireless connection be systemwide (and hence started at boot time rather than user login time) is set a single property, again in nm-c-e or the GNOME Network applet (or probably any other NM config frontend). It requires root authorization, obviously.
Microsoft chose to provide SB keys because it wants to. Anyone can provide SB keys. You can, if you like; knock yourself out. The trick is in persuading hardware manufacturers to ship with firmwares that trust your keys.
Anyone could step up and offer to provide SB keys for other operating systems, and try to get hardware vendors to ship them. So far, no-one has done so. Red Hat does not want to because a) we don't want to be seen to be in a position of privilege versus other distribution vendors, and b) Red Hat as a company is not really set up to act as a trustworthy CA. (Neither is Microsoft, which is why they outsource a lot of the work to Verisign, but I don't think we can afford that).
The logical entity to do so for Linux would be the Linux Foundation. My understanding, second hand from pjones and mjg59, is that the LF looked into the possibility and said 'thanks, but no thanks'.
SB, per se, is just a mechanism for doing key verification, defined as part of the UEFI spec. The SB part of the UEFI spec doesn't say anything about Microsoft or anyone else providing keys, or make any requirements as to who should trust who else's keys. All of that is an implementation detail so far as the spec is concerned. The implementation that exists in the real world is that MS is providing keys for itself and offering to provide them for others for a nominal fee, MS has succeeded in getting hardware vendors to go along with Windows certification requirements that they enable SB by default and trust MS's key, and that no-one else is offering to act as a key provider to third parties. This reality could change, but it shows no immediate signs of doing so.
That's why I didn't make it. And yes, I have noticed that, but SB doesn't really seem like the logical place to make your glorious stand on the issue, to me.
Microsoft can refuse to sign a UEFI binary for any reason they choose. Signing other people's binaries is an offer they are making voluntarily, not something anyone else is requiring them to do, therefore they set the terms.
Sorry, you're right. I had somehow got the idea that dev mode wasn't available on the Samsung, but it is.
Chrome OS dev mode is more restrictive than MS' x86 Secure Boot requirements - see http://mjg59.dreamwidth.org/22465.html - but it is indeed less restrictive than MS's *ARM* SB requirements. So indeed an ARM Chromebook is relatively a better choice than an ARM Windows RT device.
Hardware ships with terrible firmware! Film at 11!
It is my previously stated opinion that the firmware engineers' union lists 'deep familiarity with a crack pipe' as a minimum baseline requirement for joining, so this shouldn't really _surprise_ anyone. Secure Boot sucks insofar as it's another firmware mechanism for the firmware engineers to fuck up, but it's not like we're _short_ of those.
Everyone locks down ARM. It sucks when Microsoft does it, but no more than when Google does it (you can't boot whatever you like on ARM Chromebooks), or Samsung, or Apple, or...
If you want to run Linux on an ARM machine, don't buy one with Windows on it, sure.
"That a Microsoft-signed Linux secure boot key could be used to hack systems. Microsoft could disable the key, which would then disable *Linux* systems. We can argue about whether Microsoft would actually do this, but understandably, Linus isn't excited about placing that kind of power in anyone else's hands."
Howells and Garrett argue that revocation is a significant possibility, _therefore_ we (distributions) need to do kernel module signing (because unsigned kernel modules are an attack vector against a Windows install on the same system). One strand of Torvalds' argument is that MS is never going to revoke any keys anyway, therefore we (distributions) don't need to bother. There are other strands to his argument, but that's how the revocation one goes. That's what http://marc.info/?l=linux-kernel&m=136185309010028&w=2 is about: key revocation is what he describes as an 'unlikely and bogus scenario'.
"Mandatory. On non-ARM systems, the platform MUST implement the ability for a physically present user to select between two Secure Boot modes in firmware setup: "Custom" and "Standard". Custom Mode allows for more flexibility as specified in the following:
It shall be possible for a physically present user to use the Custom Mode firmware setup option to modify the contents of the Secure Boot signature databases and the PK. This may be implemented by simply providing the option to clear all Secure Boot databases (PK, KEK, db, dbx), which puts the system into setup mode.
If the user ends up deleting the PK then, upon exiting the Custom Mode firmware setup, the system is operating in Setup Mode with SecureBoot turned off.
The firmware setup shall indicate if Secure Boot is turned on, and if it is operated in Standard or Custom Mode. The firmware setup must provide an option to return from Custom to Standard Mode which restores the factory defaults. On an ARM system, it is forbidden to enable Custom Mode. Only Standard Mode may be enabled."
It's surprisingly easy to buy lossless outside of iTunes these days, I'm finding. I had the same experience as the article submitter - I stopped buying music for a while because online services all seemed to be lossy and storing CDs is such a PITA (and I was starting to worry about the huge waste of resources in manufacturing and shipping CDs and cases around just so I could rip them to FLAC then never touch them again). But recently I've found all sorts of good stuff available in lossless format from various places.
hdtracks.com gets some flak from the audiophiles because apparently sometimes its 'HD' tracks (above 44.1Khz/16-bit) are upsampled CD-resolution stuff, but as a source of lossless-encoded CD-resolution things it can be useful, I've bought some Andrew Bird and Sigur Ros albums there. The download system is some hideous Windows thing, but works in a VM or wine.
As the submitter notes, quite a lot of good stuff is on bandcamp these days, including Amanda Palmer and Sufjan Stevens (his whole huge Christmas release is on bandcamp in FLAC format for a ridiculously small amount of money).
The new My Bloody Valentine album is available to buy direct from the site in 24/96 lossless.
The new Atoms For Peace (Thom Yorke) album's available in FLAC from XL Recordings' site.
I even got a FLAC copy of Nü Sensae's 'Sundowning' from somewhere or other - their label's site, I think. In general, most of what I've wanted to buy lately has turned out to be available legally in FLAC, some way or another.
You can pay a maximum of $50 by 'waving a card in the air', and any 'wave-a-card' transaction you challenge will just be resolved in your favour.
They don't _claim_ there's anything particularly secure about PayPass etc. They're just playing a numbers game. They have figured that the revenue increase that results from the increase in security is greater than the loss that results from a) actual fraudulent usage of such systems and b) fraudulent *claims* of fraudulent usage of such systems.
It's exactly the same calculation Starbucks ran when they stopped asking people to sign credit card slips: the amount of money they have to pay out to people whose cards are stolen by people who then buy a latte, or to people who *claim* someone stole their card to buy a latte in order to scam $3, is smaller than the amount of money they ultimately make because people don't have to line up for their coffee for so long.
So, you just completely contradicted yourself. First you tell an anecdote about how easy it is to teach people not to respond to phishing requests. Then you tell a story about how your idiot users thought your email about a phishing request was a phishing request, and happily responded to it.
That's the whole point: you cannot rely on user education. There will always be a couple of idiots who send out their password. You can't go around every single flipping one of them and do the spoofing illustration in person, and even if you could, some of them would forget it a week later, or just not pay attention in the first place.
There is absolutely no legitimate use for a Google Docs form for the username and password of an external mail system. Go on, try and think of one. I'll wait.
"don't see the point in going up to even 22" on a desktop. To compensate for the slight increase in view distance maybe a 19", but no more"
You can't get 1920x1080 at 19" or 20", unfortunately. At least not that I've found. Standard res at 19" and 20" is 1600x900. Basically, it's just about impossible to buy a desktop monitor higher than around 100dpi: it's a barrier. If you look at where the resolution jumps happen, it's _always_ at around 100dpi. The smallest monitor you can usually buy these days is 18.5", some of which come at 1600x900, which is 99.23dpi. The jump to 1920x1080 comes at 21.5", that's 102.46dpi. The next standard jump is to 2560x1440 at 27", which is - oh hey! - 108.79dpi. Everything around 100-110dpi. You just can't buy higher on the open market. http://members.ping.de/~sven/dpi.html is a neat site I like - it has the DPIs of common sizes and various 'notable' displays. It's somewhat frustrating, though, as it provides details and links to various crazy professional high-res displays which cost thousands of dollars and were all discontinued years ago anyway. I had a Vaio P a while back, which was the champion of that list at 221dpi until the Retina displays started showing up...
It's difficult to get a really high quality 19" or 20" monitor. I picked the U2211 because it's the smallest of Dell's high-end line, with IPS panels and good build quality, color management, rotation etc. If they had a 20" model at 1920x1080 I'd go for it like a shot, but they don't, sadly.
Still: you're reviewing the car of a company that has proven itself extremely prickly to negative press coverage. You call the company regularly and do what they tell you to do, so they can't accuse you later of not reviewing it right. And then they accuse you of not doing it right.
Imagine if Mr. Broder had *not* done what the Tesla person said, on the basis that he thought it was silly - it doesn't seem unreasonable to imagine there'd be a blog post from Elon Musk in which he says the NYT is wrong because it didn't do what the people from Tesla told it to do. Seems rather like a no-win situation for the journalist, if the company gives you ridiculous advice. Take it, you're screwed. Ignore it, you're screwed.
This seems rather like a 50/50 thing to me, to be honest. I think Musk is going in way too hard and should have gotten his ducks in a row first; he can't just post a graph and declare what the journalist ought to have done, if his _own employees_ were telling the journalist to do something else. But on the other hand, regular drivers aren't likely to be taking advice from Tesla on the phone 24x7; if I'd bought a Tesla and wanted to drive 60 miles and the range remaining indicator was saying 30 miles, I wouldn't call up Tesla and then drive it away if the moron on the phone said 'yeah, 30 really means 60, go for it!', I'd just wait for the thing to read 60. Or 80.
So eh, swings and roundabouts. On pure approach though, I gotta say the journalist's coming off better than Elon so far. He's refusing to sling mud and sticking to a consistent and not obviously falsifiable narrative about what happened.
Slashdot Mirror
Ditto AC, been using tt-rss for years, it works great. Has a good Android app too, though I don't think there's an iOS one. I don't know if there are any public shared installations of it out there for those who don't run their own servers, though, and if there are, they're probably getting killed right now...
Shaw only throttles *upstream* P2P, so being a selfish ass, I don't care. I throttle it harder than Shaw does myself. :P
Shaw's published caps are clearly better than Telus'. I can't speak to enforcement any more, though. I actually used to work in Shaw's AUP team (which was like five people in the Vancouver office) and we'd just do the top X% of worst offenders from overloaded routers and they got an assload of warnings and phone calls before any enforcement, but that was years back (when the caps were actually kinda crappy, like 50GB on Xtreme) and things will likely be different now. And I've never been on Telus, so I have no experience there.
Shaw serving copyright infringement warnings? You got any links on that? Never heard of it before.
I'm often unsympathetic to speed camera moaners, but "Optotraffic installed the Elmwood Place cameras and administered their use, in return for 40 percent of ticket revenue" is a giant warning flag. It doesn't take a genius to figure out the dangers of revenue generation issues when you run the systems like that...
Oh, and I should have included that there were zero spelling errors, which pretty much disqualifies it as a phishing attempt on its own. :) The Venn diagram of 'phishers' and 'people in possession of working spell check' seems to have no overlap.
Indeed not, but it is a rhetorical flourish. It's a semi-common usage to denote an incredulous response to a wrong assertion. The idea, I think, is that both a question and an incredulous response rise in pitch at the end.
Teksavvy seems to be getting worse. I check them every so often, and last time I checked, their AUP now specifically says you can't run servers; I'm pretty sure it didn't used to say that. They don't appear to offer static IPs for residential accounts any more. Their business pricing isn't very competitive. Distributel's AUP looks similar to Teksavvy's and Shaw's. I can't really see much to recommend any of the resellers over just using Shaw directly any more unless you really need the 'unlimited' data. That's still an advantage, but I think that may be going away soon, with the recent legal settlement. Shaw's caps aren't really that terrible either, they're way higher than Telus' - I think 250GB for 25Mb/sec, and 400GB for 50Mb/sec. And they do offer unlimited accounts, though at higher prices.
It's worth noting that some of Shaw's business services are weirdly well priced. I'm on their 50Mb/s business account; it sounds expensive, but then you see that it includes TV, and you'd think there'd be a catch, but there really isn't. The business 50Mb/sec service gives you basically the same services you'd get in the home 50Mb/s internet + basic cable TV bundle, for the same price (or $10 cheaper, I forget), you get a static IP address, the AUP on business accounts permits servers, you get a higher bandwidth cap and your uplink speed is faster. So...yeah, there's absolutely no reason not to get it. I did.
"To top it off, when Shaw did send out notices about this, they looked so much like every day phishing spam that many people deleted them unread."
Erm. No they didn't? I'm looking at one right now and it doesn't look remotely like 'every day phishing spam'. It doesn't offer me anything, threaten me with anything, or ask me to click on anything. It doesn't include any links except to a forum thread, which the text doesn't make any special effort to make you click on. It didn't trigger my mental 'phishing detector' in the slightest.
I got the email notification late Saturday, two days after the event happened, I guess. That's not a horrible delay. I also saw a bunch of delayed mails come through around that time - 10 or so - and they notified me of the sender and subject line of three mails that were lost, so looks like they managed to recover quite a lot.
I dunno, I guess I'm not TOTALLY OUTRAGED at this. As another commenter said, you know, admins screw up sometimes. Lord knows I have. The fact that they're at least able to identify the subject lines of all the lost mails makes a big difference; you could get any really vital ones re-sent.
"Or just buy a used model M. All the ones ever made likely still work. Some of them might be in the dump but even those likely still work."
Not the one I spilled a Coke on. If the Model M's ever rise up against their human masters, bring a fridge pack with you.
"On the other hand, Card seems to have kept his personal views out of his fiction"
Er. You may have missed his five book novelization of the Book of Mormon, which quite prominently features a gay character who practices abstinence (with clear authorial approval).
(I'm gay, married, and Ender's Game and Speaker of the Dead are two of my favourite books ever. Makes it a bit hard to know what to think, really. I would love to meet Scott and attempt to gently talk some sense into him...)
Factual note:
"Network manager is far from perfect. Try setting a static IP address for you wired adapter with network-manager. Or getting a working bridge going. Or having a wi-fi connection active upon booting a computer but before logging in."
You can kinda do all those things with NM. Okay, bridging support only showed up very recently - I don't think it's in a stable release yet, but it's landing in master ATM - but the other two have worked fine for years. You can set static addressing info for a wired connection in nm-connection-editor or GNOME's Network settings applet. As for wireless connections, they often get set up as per-user connections because, well, you set them up as a user. NM respects the multi-user model, it doesn't assume all users want to use the connections and settings of one user. All you have to do to have a wireless connection be systemwide (and hence started at boot time rather than user login time) is set a single property, again in nm-c-e or the GNOME Network applet (or probably any other NM config frontend). It requires root authorization, obviously.
Microsoft chose to provide SB keys because it wants to. Anyone can provide SB keys. You can, if you like; knock yourself out. The trick is in persuading hardware manufacturers to ship with firmwares that trust your keys.
Anyone could step up and offer to provide SB keys for other operating systems, and try to get hardware vendors to ship them. So far, no-one has done so. Red Hat does not want to because a) we don't want to be seen to be in a position of privilege versus other distribution vendors, and b) Red Hat as a company is not really set up to act as a trustworthy CA. (Neither is Microsoft, which is why they outsource a lot of the work to Verisign, but I don't think we can afford that).
The logical entity to do so for Linux would be the Linux Foundation. My understanding, second hand from pjones and mjg59, is that the LF looked into the possibility and said 'thanks, but no thanks'.
SB, per se, is just a mechanism for doing key verification, defined as part of the UEFI spec. The SB part of the UEFI spec doesn't say anything about Microsoft or anyone else providing keys, or make any requirements as to who should trust who else's keys. All of that is an implementation detail so far as the spec is concerned. The implementation that exists in the real world is that MS is providing keys for itself and offering to provide them for others for a nominal fee, MS has succeeded in getting hardware vendors to go along with Windows certification requirements that they enable SB by default and trust MS's key, and that no-one else is offering to act as a key provider to third parties. This reality could change, but it shows no immediate signs of doing so.
That's why I didn't make it. And yes, I have noticed that, but SB doesn't really seem like the logical place to make your glorious stand on the issue, to me.
Microsoft can refuse to sign a UEFI binary for any reason they choose. Signing other people's binaries is an offer they are making voluntarily, not something anyone else is requiring them to do, therefore they set the terms.
Sorry, you're right. I had somehow got the idea that dev mode wasn't available on the Samsung, but it is.
Chrome OS dev mode is more restrictive than MS' x86 Secure Boot requirements - see http://mjg59.dreamwidth.org/22465.html - but it is indeed less restrictive than MS's *ARM* SB requirements. So indeed an ARM Chromebook is relatively a better choice than an ARM Windows RT device.
Hardware ships with terrible firmware! Film at 11!
It is my previously stated opinion that the firmware engineers' union lists 'deep familiarity with a crack pipe' as a minimum baseline requirement for joining, so this shouldn't really _surprise_ anyone. Secure Boot sucks insofar as it's another firmware mechanism for the firmware engineers to fuck up, but it's not like we're _short_ of those.
Everyone locks down ARM. It sucks when Microsoft does it, but no more than when Google does it (you can't boot whatever you like on ARM Chromebooks), or Samsung, or Apple, or...
If you want to run Linux on an ARM machine, don't buy one with Windows on it, sure.
"That a Microsoft-signed Linux secure boot key could be used to hack systems. Microsoft could disable the key, which would then disable *Linux* systems. We can argue about whether Microsoft would actually do this, but understandably, Linus isn't excited about placing that kind of power in anyone else's hands."
You're actually reading Linus' argument exactly backwards.
Howells and Garrett argue that revocation is a significant possibility, _therefore_ we (distributions) need to do kernel module signing (because unsigned kernel modules are an attack vector against a Windows install on the same system). One strand of Torvalds' argument is that MS is never going to revoke any keys anyway, therefore we (distributions) don't need to bother. There are other strands to his argument, but that's how the revocation one goes. That's what http://marc.info/?l=linux-kernel&m=136185309010028&w=2 is about: key revocation is what he describes as an 'unlikely and bogus scenario'.
"Sure, MS give lip service to this but there's nothing that guarantees it will be available. Nothing at all."
Yes, there is. I quote http://msdn.microsoft.com/en-US/library/windows/hardware/jj128256, "Windows Hardware Certification Requirements for Client and Server Systems":
"Mandatory. On non-ARM systems, the platform MUST implement the ability for a physically present user to select between two Secure Boot modes in firmware setup: "Custom" and "Standard". Custom Mode allows for more flexibility as specified in the following:
It shall be possible for a physically present user to use the Custom Mode firmware setup option to modify the contents of the Secure Boot signature databases and the PK. This may be implemented by simply providing the option to clear all Secure Boot databases (PK, KEK, db, dbx), which puts the system into setup mode.
If the user ends up deleting the PK then, upon exiting the Custom Mode firmware setup, the system is operating in Setup Mode with SecureBoot turned off.
The firmware setup shall indicate if Secure Boot is turned on, and if it is operated in Standard or Custom Mode. The firmware setup must provide an option to return from Custom to Standard Mode which restores the factory defaults. On an ARM system, it is forbidden to enable Custom Mode. Only Standard Mode may be enabled."
It's surprisingly easy to buy lossless outside of iTunes these days, I'm finding. I had the same experience as the article submitter - I stopped buying music for a while because online services all seemed to be lossy and storing CDs is such a PITA (and I was starting to worry about the huge waste of resources in manufacturing and shipping CDs and cases around just so I could rip them to FLAC then never touch them again). But recently I've found all sorts of good stuff available in lossless format from various places.
hdtracks.com gets some flak from the audiophiles because apparently sometimes its 'HD' tracks (above 44.1Khz/16-bit) are upsampled CD-resolution stuff, but as a source of lossless-encoded CD-resolution things it can be useful, I've bought some Andrew Bird and Sigur Ros albums there. The download system is some hideous Windows thing, but works in a VM or wine.
As the submitter notes, quite a lot of good stuff is on bandcamp these days, including Amanda Palmer and Sufjan Stevens (his whole huge Christmas release is on bandcamp in FLAC format for a ridiculously small amount of money).
The new My Bloody Valentine album is available to buy direct from the site in 24/96 lossless.
The new Atoms For Peace (Thom Yorke) album's available in FLAC from XL Recordings' site.
I even got a FLAC copy of Nü Sensae's 'Sundowning' from somewhere or other - their label's site, I think. In general, most of what I've wanted to buy lately has turned out to be available legally in FLAC, some way or another.
Sigh. I meant 'increase in convenience', not 'increase in security'. Damn you, lack of an edit button.
You can pay a maximum of $50 by 'waving a card in the air', and any 'wave-a-card' transaction you challenge will just be resolved in your favour.
They don't _claim_ there's anything particularly secure about PayPass etc. They're just playing a numbers game. They have figured that the revenue increase that results from the increase in security is greater than the loss that results from a) actual fraudulent usage of such systems and b) fraudulent *claims* of fraudulent usage of such systems.
It's exactly the same calculation Starbucks ran when they stopped asking people to sign credit card slips: the amount of money they have to pay out to people whose cards are stolen by people who then buy a latte, or to people who *claim* someone stole their card to buy a latte in order to scam $3, is smaller than the amount of money they ultimately make because people don't have to line up for their coffee for so long.
At that scale, it's always a numbers game.
So, you just completely contradicted yourself. First you tell an anecdote about how easy it is to teach people not to respond to phishing requests. Then you tell a story about how your idiot users thought your email about a phishing request was a phishing request, and happily responded to it.
That's the whole point: you cannot rely on user education. There will always be a couple of idiots who send out their password. You can't go around every single flipping one of them and do the spoofing illustration in person, and even if you could, some of them would forget it a week later, or just not pay attention in the first place.
There is absolutely no legitimate use for a Google Docs form for the username and password of an external mail system. Go on, try and think of one. I'll wait.
"don't see the point in going up to even 22" on a desktop. To compensate for the slight increase in view distance maybe a 19", but no more"
You can't get 1920x1080 at 19" or 20", unfortunately. At least not that I've found. Standard res at 19" and 20" is 1600x900. Basically, it's just about impossible to buy a desktop monitor higher than around 100dpi: it's a barrier. If you look at where the resolution jumps happen, it's _always_ at around 100dpi. The smallest monitor you can usually buy these days is 18.5", some of which come at 1600x900, which is 99.23dpi. The jump to 1920x1080 comes at 21.5", that's 102.46dpi. The next standard jump is to 2560x1440 at 27", which is - oh hey! - 108.79dpi. Everything around 100-110dpi. You just can't buy higher on the open market. http://members.ping.de/~sven/dpi.html is a neat site I like - it has the DPIs of common sizes and various 'notable' displays. It's somewhat frustrating, though, as it provides details and links to various crazy professional high-res displays which cost thousands of dollars and were all discontinued years ago anyway. I had a Vaio P a while back, which was the champion of that list at 221dpi until the Retina displays started showing up...
It's difficult to get a really high quality 19" or 20" monitor. I picked the U2211 because it's the smallest of Dell's high-end line, with IPS panels and good build quality, color management, rotation etc. If they had a 20" model at 1920x1080 I'd go for it like a shot, but they don't, sadly.
Still: you're reviewing the car of a company that has proven itself extremely prickly to negative press coverage. You call the company regularly and do what they tell you to do, so they can't accuse you later of not reviewing it right. And then they accuse you of not doing it right.
Imagine if Mr. Broder had *not* done what the Tesla person said, on the basis that he thought it was silly - it doesn't seem unreasonable to imagine there'd be a blog post from Elon Musk in which he says the NYT is wrong because it didn't do what the people from Tesla told it to do. Seems rather like a no-win situation for the journalist, if the company gives you ridiculous advice. Take it, you're screwed. Ignore it, you're screwed.
This seems rather like a 50/50 thing to me, to be honest. I think Musk is going in way too hard and should have gotten his ducks in a row first; he can't just post a graph and declare what the journalist ought to have done, if his _own employees_ were telling the journalist to do something else. But on the other hand, regular drivers aren't likely to be taking advice from Tesla on the phone 24x7; if I'd bought a Tesla and wanted to drive 60 miles and the range remaining indicator was saying 30 miles, I wouldn't call up Tesla and then drive it away if the moron on the phone said 'yeah, 30 really means 60, go for it!', I'd just wait for the thing to read 60. Or 80.
So eh, swings and roundabouts. On pure approach though, I gotta say the journalist's coming off better than Elon so far. He's refusing to sling mud and sticking to a consistent and not obviously falsifiable narrative about what happened.