Some of the reason we get crappy service is cost, but more of it is culture: as life has gotten "faster" over the last few decades, there's less time to think about how to do things well. In that environment, "crap in a hurry" always beats "thoughtfully designed but later".
Once upon a time, the phone company (Bell Telephone, then AT&T) was led by men with a vision of public service. To be sure, it was a about profit in the provision of public service, but good service was the goal, and profit was a side-effect. Indeed, Theodore Vail embraced regulation because he knew that was how to ensure that AT&T could remain profitable while pursuing that goal. And, yes, regulation had the valuable side-benefit of eliminating most competitors, but that really was a side-effect rather than the goal in those less cynical times. The bad result was that regulation inhibited a great deal of innovation--although, hey, inventing the transistor AND licensing it on reasonable and non-discriminatory terms was just one of many innovative achievements that came out of that regime. I suppose we might count UNIX in there as well.
Today, the telephone companies have completely lost that vision. The modern AT&T has no more relationship to its forebears than any of the other telcos; it's just a wretched creation of Ed Whitacre, and there is no more Bell Labs. Theodore Vail is probably be spinning in his grave, witnessing the current travesty that's called telephone service.
Heck, I wish I got even 99% reliability from modern technology.
One in ten cellphone calls I make or receive is dropped in mid-call--and often not because of traveling though a dead zone (frequently, both participants are stationary). Network congestion? Martians? Who knows. A similar percentage just don't go through to start. The audio quality on half of them is worse than 1950's-era transatlantic cable calls, and they're all only a poor imitation of full duplex.
My ISP has an outage of an hour or more about once every week (OK, maybe that's 99.5%). Their DNS service goes dark more often (but for less time). Their e-mail was sufficiently unreliable (access to servers, not delivery per se) that I moved it all to 1&1.
For me, at least one in ten new e-mail correspondence relationships goes awry in some manner (misspelled, but undiagnosed addresses; aggressive spam filters; mysterious network delays; deleted attachments; etc.). These usually require some telephone calls to fix. Once we figure out how to avoid whatever the problem was, each of those relationships becomes more reliable, but I have to request re-transmission often enough that I doubt it approaches 99.9%.
At least my wireline phone service works reliably. Calls are never dropped; calls to other wired phones are clear, quiet, and intelligible; calls always go through (maybe 1 in 500 fail); and service never goes away. To paraphrase Crocodile Dundee, THAT'S a utility!
I dread fiber-to-the-home. More complexity, more customer premises equipment, more battery backup to wear out, more complex finger-pointing for service relationships. Ooh, I can hardly wait.
This incident should be deeply embarrassing for Virginia Tech, which actually does employ some reputable professors and produces some educated students. However, this nonsense comes from a student in the College of Architecture and Urban Studies, where a grasp of physical reality is clearly not a graduation requirement.
As other posters have observed, the energy generated by a 25 kg mass descending two meters is several orders of magnitude away from the 50 Watt-hours or so needed to generate the claimed light output. A careful reading of the breathless Va Tech press release shows that it's mostly written in the future, a key hint that the device doesn't actually exist.
But that's not important in a DESIGN contest, where the objective is to imagine something that looks cool and makes an uninformed audience coo with delight. Considerations like "can is possibly work?", "can it be manufactured?", or "is its cost plausible?" are far distant from such endeavours.
For fun, let's look at some of the other entries. First place goes to the Ener-Jar. It's an undeniably cute (but clearly not manufacturable) gadget that—get this—measures AC power consumption. Wow. What a groundbreaking idea. Too bad the people who make the Kill-A-Watt have been making something like it—but a lot more useful—for a decade or so. But the EnerJar is a DIY project, so that makes it a cute design winner.
Or this novelty, the Bambus. It's a USB memory stick that's recyclable because, err, it's made of bamboo. I suppose this isn't a bad idea (and it "will age in a nice way and will therefore become more likable over time"), but saving the earth by encasing USB devices in bamboo seems like a pretty slow payoff. Maybe this bamboo cellphone has more appeal.
I think my favorite is the digital tattoo interface. I'm not sure what this implanted device has to do with saving energy, except that it incorporates a "blood-powered fuel cell". The girl "demonstrating" it doesn't look too happy; maybe she's having second thoughts about bio-compatible materials.
We shouldn't be too hard on these ideas—some of them might actually be practical, although they mostly seem to recycle well-understood ambient energy notions in applications that suffer from an orders-of-magnitude mismatch between production and consumption. There are some good industrial designers, who do understand physics and engineering, and maybe one of these kids will grow up to be one.
Actually, Method 1 is not a simple executable that "can do it for you". Rather, it's a download that "includes updated Group Policy Administrative Template files, OPA files, and an updated Microsoft Excel workbook that lists the Administrative Template policy settings and OPA settings", and a set of instructions on using those nifty administrative tools and policy settings to fix the problem.
Leaving aside the more fundamental question of why a bleedin' word processor needs administrative policy mechanisms (I know, I know, it's important to ensure career longevity for enterprise IT staff), it's not at all clear that it's any easier for a desktop user to learn how to use those administrative mechanisms than it is for them to edit the registry. At least, if they're experienced Windows users, this probably won't be the first time that they've had to change the registry to fix some mysterious instance of MSBD.
Microsoft has been pretty good about supporting old formats forever. And they still do—the support is just disabled, not eliminated. Like 'em, or not, that support has been a good thing for users. Is the OpenOffice converter code as good as Office's? I don't know, but as OpenOffice is much newer than those bits of Office (I mean, Java is much newer than some of those converters), it's less likely to have been developed when knowledge of those old programs and formats was more widespread.
The security reason isn't preposterous, either: there has been malware distributed in the past as down-rev Office documents, and as other posters have observed, the converter code is likely difficult to analyze, test, or fix for a variety of good reasons (e.g., no living human understands what it's supposed to do).
The real problem is the implications of this sad implementation of a "security fix". Microsoft is making a serious effort to make their software more secure across the whole product like. Examples like this, however, suggest that the effort is guided by poorly-understood rules, rather than sound principles and good engineering judgment—and that makes it hard to have much confidence in the effort's long-term success.
This happened to me early this year: I looked up a bunch of domain names, went through the focus-group thing, then came back to register the chosen one in both.COM/.ORG/.NET variants and in several different spellings. I got halfway through the set of variants before discovering that one of them (in.COM) had been registered hours earlier by one of these scumbag companies, and I felt sick. I knew about the risks, and I thought I'd followed the rules, only using Google and domaintools, and I had no idea what happened. Had I accidentally typed it into an address bar, maybe while using the wrong ISP (e.g., Verizon Wireless)? Had one of my colleagues checked it in an unsafe manner?
Of course, I never found out, but a week later, I looked again, and that domain had been released, so I snapped it up and finished the process. Obviously it was completely automated, and stupid besides, because anyone who'd bothered to look would have found I'd registered all those other variants.
Nonetheless, I think tasting is a scourge and should be eliminated. Mining query results is just plain wrong.
Lithium batteries can burn or explode, due to manufacturing defects, mechanical stress, accidental short-circuits, and just plain cussedness. I sure don't want that to happen while I'm on a plane. In-flight fires are a terrible hazard, and they've killed a fair number of passengers. I know I stopped carrying spare batteries after I started thinking about it.
But, let's try to imagine the TSA mind-set behind this announcement. Hey, since we've known about this risk for year, let's make up some arbitrary rules, ignore any distinctions among battery technologies, give passengers no useful guidance about how to follow the rules, expect our crack force of baggage screeners to enforce the rules effectively, avoid any public comments or interaction with device manufacturers, and then give everyone four days notice over a holiday weekend before compliance is mandatory. Could TSA have handled this more ineptly? I'd say "no", but this is TSA we're talking about; their reserves of ineptitude seem to dwarf the national debt.
But underneath it all, this ham-handed roll-out of not obviously sound rules has a sensible premise: if we don't carry as many lithium batteries, especially uninstalled spares that are subject to additional mechanical stress and accidental short circuits, we will reduce the risk of in-flight fires. At least here, we're deailing not with an intelligent "terrorist" adversary (which can and will adapt to bypass the rules), but essentially random processes that aren't malicious, just dangerous.
Still, I guess it's just too bad for the people who were on a trip over the weekend, and now will have their batteries confiscated then they return. At least I can put my pen knife into my checked luggage if I get caught with it.
ISBNs might be the publisher's IP (although they actually aren't), but they certainly aren't the STORE's.
In any case, the excerpt of the publisher's putative IP that is represented by an ISBN unquestionably comes under the "fair use" defense. First of all, it is a negligibly-sized component of the book, and more importantly, it is clearly being used for purposes of reviewing the book (i.e., expressing an opinion about the relationship of the book's content to its price).
It's also absurd for a store to eject people doing competitive research. To be sure, some businesses explicitly forbid picture-taking (on the argument that their "trade dress", as represented by the store's design overall, is protected intellectual property)--but preventing people recording prices and descriptions seems like it would fall afoul of various consumer protection laws, even if the restriction were explicitly posted and uniformly enforced (which it apparently is not).
Harvard "Co-Operative Society", we hardly knew ye. Next time, take a voice recorded and a concealed mic. That's faster than taking notes, anyway.
Seems like you've run into a bunch of purists here. In reality, you can easily get started with astronomy as a hobby for under $1000.
The most important advice is to a telescope that is easy for you to use. If it takes 30 minutes to drag it out, assemble it, and set it up (and another half-hour to tear it down), regular use is less likely.
Another good starting point is reading. A subscription to Sky & Telescope is a great way to be exposed to many different facets of the hobby.
Telescopes are important, but good eyepieces even more so. Invest in some high-quality wide-field eyepieces--they'll be a significant improvement over what typically comes with the scope, and they'll follow you through any number of scopes you may get in the future.
Magnification isn't the most important thing: often, the view through a 42mm eyepiece (50x for a typical 8-inch compact scope) can be more visually appealing than the more detailed view through a 7mm. That's especially true when seeing is poor, and the high-resolution view at high power is just bigger and fuzzier, not more interesting.
Astrophotography can be explored at many levels. For example, you can do some very cool planetary photography by using an inexpensive webcam adapted to an eyepiece tube, then using software to select the best images and "stack" them to improve resolution. You can do this without an equatorial mount, by the way, although you do need a clock drive--the exposure times are short enough that image rotation isn't an issue, and the individual images can be de-rotated on the computer.
Making observatory-quality color photos with long exposure times and millions of pixels is certainly possible for an amateur, but it requires a lot of skill and equipment and practice. Explore options and find out what interests you.
Building a telescope is very educational and satisfying, and it can save you money (if you don't count value for your time), but you won't learn much about astronomy from doing it--optics, engineering, even electronics, yes, but not astronomy. Telescopes are simply not very expensive today, and I'd recommend that you gain some experience before you start thinking about building one. The great thing about building a scope is that it's an opportunity to escape the limited range commercially available stuff and explore novel designs, mounts, and optical paths. Personally, I hope someday to build a long-focus offset reflector, but it's a big project, and I have a family and a day job.
What do you want to do with your scope? Is this a hobby you expect to be sharing with friends and family? If so, I'd strongly advise getting a computer-driven "go-to" mount, because that largely eliminates the boring intervals when you're trying to find something by star-hopping. Even if it's strictly a solitary pursuit for you, a "go-to" mount can substantially increase the likelihood of actually using the scope. Although I firmly believe that I've learned a lot about the sky by groping around with setting circles and a sky atlas, I find I get more enjoyment from my computerized 5-inch Meade than from my traditional 8-inch Celestron simply because it's so easy to set up and point at something.
Without knowing more about you and your interests, I'd recommend getting a Sky & Telescope subscrption, a 5-inch Celestron or Meade with a computerized mount, a 40-mm wide-field eyepiece, and a video eyepiece or adapted webcam. You can see and do a lot of cool stuff with that rig, and learn where you want to extend your capabilities. You can get some excellent deals (e.g., on eBay) on used equipment, too, although it tends to be older and less computerized.
After you've spent some time with it, think about what needs improvement. Do you really want better views of dim distant galaxies? Then maybe you want a big Dobsonian "light bucket". Do you want to make incredible nebula photos? That might mean a permanent in-ground pier with a serious equatorial mount (and a bigge
Full disk encryption (FDE) is simple, is easy to use, is readily available, imposes negligible user-visible performance penalties on Windows laptops, and is completely effective in solving "theft of laptop" problems. Not using it should be automatic evidence of gross negligence.
I've deployed both PointSec and DriveCrypt Plus Pack for over five years on a large number of machines, and even for heavy-duty software development, where "rebuild world" takes many minutes, the actual impact--in terms of effect on end-user activities--is negligible.
Sure, if you imagine performance is an issue, you can try any of the vastly more difficult to manage solutions that try to "encrypt only sensitive data", or the even sillier solutions that "delete sensitive data" when the laptop connects to the Internet after it's stolen, but why bother? Try it yourself, and you'll find that performance is NOT an issue in the vast majority of real-world situations. As long as you don't use FDE on heavy-duty I/O-bound database servers and such, you'll rarely notice a difference. Modern computers are so fast that encryption just isn't an issue.
Yes, key management requires some attention. For example, as system administrator, you can just generate some reasonably long passphrases, write them on little cards, and give them to your users to carry in their wallets--and explain the rules. Don't allow users to change them, and keep a copy along with other critical corporate records, and key management is a solved problem. Worried about users losing wallet and laptop simultaneously? Take the cards back after a week, and obfuscate their contents to begin with. Worried about backup? Keep two copies. And so forth. Sure, it could be stronger, and some users will always work around the system, but users will lie, cheat, and steal in other ways, too. In the corporate world, at least, your goal is risk management, not perfection.
Too hard to type a password when you boot the machine? Gosh, fifteen characters at one character per second is, yes, fifteen whole seconds--and anyone will learn to type it more quickly over even a short period of use. Don't change the passwords, either: they're not shared, and not transmitted over networks, so there's virtually no risk of interception--just pick a good one and stay with it.
Backup and recovery also requires some thought. I've actually recovered encrypted drives occasionally, but most recovery is done from file-level backups, where the data is backed up in the clear, over a secured network, and stored on other encrypted volumes. That's really no different when using FDE as not.
If computer theft is the problem, full disk encryption is the answer. It's not the whole answer, and it's not perfect, but it sure goes a long way toward solving the problem. Heck, even Microsoft is offering it in Windows Vista, only a decade or so too late.
Over the last two years, I've scanned about 200,000 pages using several low-cost desktop duplex scanners. I particularly like the Xerox/Visioneer Documate 262 (street price around $800) and the Fujitsu ScanSnap fi-5110EOX2 (street price around $500). Earlier, lower-end versions of these (DM252, f1-4110) are still available, nearly as good, and significantly less expensive.
These units scan both sides of the document in the same pass, at between 4 and 30 monochrome sheets per minute depending on resolution (up to 600 DPI) and model. They can also do color (and grayscale), but that tends to be slower and the files MUCH bigger. The Xerox is faster, but more persnickety; the Fujitsu is unflappable and optimized for one-step desktop use. With either one, you can just drop a stack of pages, checks, receipts, or whatever into the sheet feeder, press a button, and PDF files appear on your disk. This is VASTLY more convenient than feeding, or photographing, one sheet at a time, and the scanners are small--footprint is not much bigger than a sheet of paper.
Speed isn't as important as you might think: unless you're scanning huge stacks of paper, the time spent fussing with the paper itself tends to dominate the process, and it's easy to do something else productive while the sheets are whirring through the auto-feeder. I've used them for everything from manuals to business cards, and I think they're the ideal solution to getting rid of all that paper. The software is idiosyncratic and not extremely stable (I occasionally have to reboot the machine that the Xerox unit is connected to), but it gets the job done.
During the Cryptographer's Panel at the RSA conference, Adi Shamir made a short reference to this vulnerability. He confirmed in subsequent e-mail that of course he had a working implementation, or he wouldn't have mentioned it in public, and that a presentation would be forthcoming at the Eurocrypt 2005 rump session next week in Denmark.
I was sore disappointed that the press didn't pick it up then, because I thought it was the most interesting item in any of the keynote talks at RSA (although the hash function flaw announcements came a close second).
Cache contention as a covert timing channel has been explored at least since 1983/84 (when I encountered an instance of it during a TCSEC project and was gently shooed away from exploring such a "sensitive" topic). The precision targeting of this particular attack is really slick.
Another thing to consider as a Lone Coder is somehow tying your product to an on-line service (or, more to the point, thinking of products for which such a service is essential).
Customers are more willing to pay for something when it is clear to them that it's costing the supplier something to supply it. Downloading software looks "free" because it only happens once, but if it's clear that an ongoing service is required, that's easier to justify paying for.
That said, with today's hosting and communication costs, services can be pretty darn cheap to provide: even factoring in the need for reserve capacity to handle unpredictable demands, the gross profit margin can be huge.
This model fits as well with GPL software as with proprietary, and it scales much better than the "support services" model. To provide support, you have to have actual people doing work, but to expand an automated service, you just need more hardware.
YMMV: This is not a trivial model to set up: it just can't work for many types of applications. If the cost is too high, or if it's not clear why the service is an essential and valuable component of the offering, customers will resent it. If the service is essential, but unreliable or overloaded, customers won't much like that, either. And so forth. From a technical and cost perspective, however, it's highly practical.
jaoswald's post about how little actual patent risk there is to the lone developer is dead-on. The patent game is only an issue when at least one party has millions at stake, and there are LOTS of outcomes that are at least not undesirable.
Actually, that's not quite true: if you want to start a VC-funded business, you MUST have a collection of patent applications showing how well-protected your technology will be. This is because patents are something like trading cards: if you don't have any, everyone will assume you're a hopeless loser, but if you do, you can use them to negotiate mutual non-destruction treaties, increase the value of your business for future financing or sale, etc. Either that, or the VCs need the paper to help hold down their desks. I've never known for sure.
Will your patents have any actual value if matters come to litigation? Almost certainly not: the large party will squash you like a bug, err, excuse me, you will unfortunately end up in a position where your resources are stretched too thinly from the costs and efforts of defending your legal rights to be able to continue operating your business successfully. A pity, that, but sometimes those things just can't be helped.
Actually, as insurance goes, patents are pretty cheap. You can file a provisional ($80), then a year later (if you still have the business) file a utility application ($395), then wait 3 years or so for a first office action, and only then get the lawyers involved (again, if you still think the patent will be useful) to define meaningful claims for the patent. In the meantime, you have applications on file at the USPTO, even published after 18 months, and they make your business look more substantial if you're looking for partners, acquirers, or funding. If you decide actually complete the process (4-5 years minimum), you'll probably have spent at least $10K, but by then you'll certainly be in a position to know whether that kind of investment would be worth while for the business.
There is negligible risk that you will be unable to obtain a patent if you actually want it, given the essentially useless review performed by the PTO. If you try to finish the process on your own, you may end up with some rather convoluted claims--getting the best claims is where skilled legal help is really important. This is not just about legal skill, either--for example, a lawyer who has worked with your particular patent examiner may have valuable insight into what kind of claims will and won't be allowed. This is one of the important things that the specialist firms can provide.
Nolo Press's wonderful book, "Patent it Yourself", explain all about the process as it's supposed to work. However, it doesn't talk much about the end-game and the value of skilled help, nor about how to draft specifications that are sufficiently broad to support a wide variety of claims when the time comes.
Slashdot Mirror
Some of the reason we get crappy service is cost, but more of it is culture: as life has gotten "faster" over the last few decades, there's less time to think about how to do things well. In that environment, "crap in a hurry" always beats "thoughtfully designed but later".
Once upon a time, the phone company (Bell Telephone, then AT&T) was led by men with a vision of public service. To be sure, it was a about profit in the provision of public service, but good service was the goal, and profit was a side-effect. Indeed, Theodore Vail embraced regulation because he knew that was how to ensure that AT&T could remain profitable while pursuing that goal. And, yes, regulation had the valuable side-benefit of eliminating most competitors, but that really was a side-effect rather than the goal in those less cynical times. The bad result was that regulation inhibited a great deal of innovation--although, hey, inventing the transistor AND licensing it on reasonable and non-discriminatory terms was just one of many innovative achievements that came out of that regime. I suppose we might count UNIX in there as well.
Today, the telephone companies have completely lost that vision. The modern AT&T has no more relationship to its forebears than any of the other telcos; it's just a wretched creation of Ed Whitacre, and there is no more Bell Labs. Theodore Vail is probably be spinning in his grave, witnessing the current travesty that's called telephone service.
Heck, I wish I got even 99% reliability from modern technology.
One in ten cellphone calls I make or receive is dropped in mid-call--and often not because of traveling though a dead zone (frequently, both participants are stationary). Network congestion? Martians? Who knows. A similar percentage just don't go through to start. The audio quality on half of them is worse than 1950's-era transatlantic cable calls, and they're all only a poor imitation of full duplex.
My ISP has an outage of an hour or more about once every week (OK, maybe that's 99.5%). Their DNS service goes dark more often (but for less time). Their e-mail was sufficiently unreliable (access to servers, not delivery per se) that I moved it all to 1&1.
For me, at least one in ten new e-mail correspondence relationships goes awry in some manner (misspelled, but undiagnosed addresses; aggressive spam filters; mysterious network delays; deleted attachments; etc.). These usually require some telephone calls to fix. Once we figure out how to avoid whatever the problem was, each of those relationships becomes more reliable, but I have to request re-transmission often enough that I doubt it approaches 99.9%.
At least my wireline phone service works reliably. Calls are never dropped; calls to other wired phones are clear, quiet, and intelligible; calls always go through (maybe 1 in 500 fail); and service never goes away. To paraphrase Crocodile Dundee, THAT'S a utility!
I dread fiber-to-the-home. More complexity, more customer premises equipment, more battery backup to wear out, more complex finger-pointing for service relationships. Ooh, I can hardly wait.
Theodore Vail, please come back!
This incident should be deeply embarrassing for Virginia Tech, which actually does employ some reputable professors and produces some educated students. However, this nonsense comes from a student in the College of Architecture and Urban Studies, where a grasp of physical reality is clearly not a graduation requirement.
As other posters have observed, the energy generated by a 25 kg mass descending two meters is several orders of magnitude away from the 50 Watt-hours or so needed to generate the claimed light output. A careful reading of the breathless Va Tech press release shows that it's mostly written in the future, a key hint that the device doesn't actually exist.
But that's not important in a DESIGN contest, where the objective is to imagine something that looks cool and makes an uninformed audience coo with delight. Considerations like "can is possibly work?", "can it be manufactured?", or "is its cost plausible?" are far distant from such endeavours.
For fun, let's look at some of the other entries. First place goes to the Ener-Jar. It's an undeniably cute (but clearly not manufacturable) gadget that—get this—measures AC power consumption. Wow. What a groundbreaking idea. Too bad the people who make the Kill-A-Watt have been making something like it—but a lot more useful—for a decade or so. But the EnerJar is a DIY project, so that makes it a cute design winner.
Or this novelty, the Bambus. It's a USB memory stick that's recyclable because, err, it's made of bamboo. I suppose this isn't a bad idea (and it "will age in a nice way and will therefore become more likable over time"), but saving the earth by encasing USB devices in bamboo seems like a pretty slow payoff. Maybe this bamboo cellphone has more appeal.
I think my favorite is the digital tattoo interface. I'm not sure what this implanted device has to do with saving energy, except that it incorporates a "blood-powered fuel cell". The girl "demonstrating" it doesn't look too happy; maybe she's having second thoughts about bio-compatible materials.
We shouldn't be too hard on these ideas—some of them might actually be practical, although they mostly seem to recycle well-understood ambient energy notions in applications that suffer from an orders-of-magnitude mismatch between production and consumption. There are some good industrial designers, who do understand physics and engineering, and maybe one of these kids will grow up to be one.
Actually, Method 1 is not a simple executable that "can do it for you". Rather, it's a download that "includes updated Group Policy Administrative Template files, OPA files, and an updated Microsoft Excel workbook that lists the Administrative Template policy settings and OPA settings", and a set of instructions on using those nifty administrative tools and policy settings to fix the problem.
Leaving aside the more fundamental question of why a bleedin' word processor needs administrative policy mechanisms (I know, I know, it's important to ensure career longevity for enterprise IT staff), it's not at all clear that it's any easier for a desktop user to learn how to use those administrative mechanisms than it is for them to edit the registry. At least, if they're experienced Windows users, this probably won't be the first time that they've had to change the registry to fix some mysterious instance of MSBD.
Microsoft has been pretty good about supporting old formats forever. And they still do—the support is just disabled, not eliminated. Like 'em, or not, that support has been a good thing for users. Is the OpenOffice converter code as good as Office's? I don't know, but as OpenOffice is much newer than those bits of Office (I mean, Java is much newer than some of those converters), it's less likely to have been developed when knowledge of those old programs and formats was more widespread.
The security reason isn't preposterous, either: there has been malware distributed in the past as down-rev Office documents, and as other posters have observed, the converter code is likely difficult to analyze, test, or fix for a variety of good reasons (e.g., no living human understands what it's supposed to do).
The real problem is the implications of this sad implementation of a "security fix". Microsoft is making a serious effort to make their software more secure across the whole product like. Examples like this, however, suggest that the effort is guided by poorly-understood rules, rather than sound principles and good engineering judgment—and that makes it hard to have much confidence in the effort's long-term success.
This happened to me early this year: I looked up a bunch of domain names, went through the focus-group thing, then came back to register the chosen one in both .COM/.ORG/.NET variants and in several different spellings. I got halfway through the set of variants before discovering that one of them (in .COM) had been registered hours earlier by one of these scumbag companies, and I felt sick. I knew about the risks, and I thought I'd followed the rules, only using Google and domaintools, and I had no idea what happened. Had I accidentally typed it into an address bar, maybe while using the wrong ISP (e.g., Verizon Wireless)? Had one of my colleagues checked it in an unsafe manner?
Of course, I never found out, but a week later, I looked again, and that domain had been released, so I snapped it up and finished the process. Obviously it was completely automated, and stupid besides, because anyone who'd bothered to look would have found I'd registered all those other variants.
Nonetheless, I think tasting is a scourge and should be eliminated. Mining query results is just plain wrong.
Lithium batteries can burn or explode, due to manufacturing defects, mechanical stress, accidental short-circuits, and just plain cussedness. I sure don't want that to happen while I'm on a plane. In-flight fires are a terrible hazard, and they've killed a fair number of passengers. I know I stopped carrying spare batteries after I started thinking about it.
But, let's try to imagine the TSA mind-set behind this announcement. Hey, since we've known about this risk for year, let's make up some arbitrary rules, ignore any distinctions among battery technologies, give passengers no useful guidance about how to follow the rules, expect our crack force of baggage screeners to enforce the rules effectively, avoid any public comments or interaction with device manufacturers, and then give everyone four days notice over a holiday weekend before compliance is mandatory. Could TSA have handled this more ineptly? I'd say "no", but this is TSA we're talking about; their reserves of ineptitude seem to dwarf the national debt.
But underneath it all, this ham-handed roll-out of not obviously sound rules has a sensible premise: if we don't carry as many lithium batteries, especially uninstalled spares that are subject to additional mechanical stress and accidental short circuits, we will reduce the risk of in-flight fires. At least here, we're deailing not with an intelligent "terrorist" adversary (which can and will adapt to bypass the rules), but essentially random processes that aren't malicious, just dangerous.
Still, I guess it's just too bad for the people who were on a trip over the weekend, and now will have their batteries confiscated then they return. At least I can put my pen knife into my checked luggage if I get caught with it.
ISBNs might be the publisher's IP (although they actually aren't), but they certainly aren't the STORE's.
In any case, the excerpt of the publisher's putative IP that is represented by an ISBN unquestionably comes under the "fair use" defense. First of all, it is a negligibly-sized component of the book, and more importantly, it is clearly being used for purposes of reviewing the book (i.e., expressing an opinion about the relationship of the book's content to its price).
It's also absurd for a store to eject people doing competitive research. To be sure, some businesses explicitly forbid picture-taking (on the argument that their "trade dress", as represented by the store's design overall, is protected intellectual property)--but preventing people recording prices and descriptions seems like it would fall afoul of various consumer protection laws, even if the restriction were explicitly posted and uniformly enforced (which it apparently is not).
Harvard "Co-Operative Society", we hardly knew ye. Next time, take a voice recorded and a concealed mic. That's faster than taking notes, anyway.
Seems like you've run into a bunch of purists here. In reality, you can easily get started with astronomy as a hobby for under $1000.
The most important advice is to a telescope that is easy for you to use. If it takes 30 minutes to drag it out, assemble it, and set it up (and another half-hour to tear it down), regular use is less likely.
Another good starting point is reading. A subscription to Sky & Telescope is a great way to be exposed to many different facets of the hobby.
Telescopes are important, but good eyepieces even more so. Invest in some high-quality wide-field eyepieces--they'll be a significant improvement over what typically comes with the scope, and they'll follow you through any number of scopes you may get in the future.
Magnification isn't the most important thing: often, the view through a 42mm eyepiece (50x for a typical 8-inch compact scope) can be more visually appealing than the more detailed view through a 7mm. That's especially true when seeing is poor, and the high-resolution view at high power is just bigger and fuzzier, not more interesting.
Astrophotography can be explored at many levels. For example, you can do some very cool planetary photography by using an inexpensive webcam adapted to an eyepiece tube, then using software to select the best images and "stack" them to improve resolution. You can do this without an equatorial mount, by the way, although you do need a clock drive--the exposure times are short enough that image rotation isn't an issue, and the individual images can be de-rotated on the computer.
Making observatory-quality color photos with long exposure times and millions of pixels is certainly possible for an amateur, but it requires a lot of skill and equipment and practice. Explore options and find out what interests you.
Building a telescope is very educational and satisfying, and it can save you money (if you don't count value for your time), but you won't learn much about astronomy from doing it--optics, engineering, even electronics, yes, but not astronomy. Telescopes are simply not very expensive today, and I'd recommend that you gain some experience before you start thinking about building one. The great thing about building a scope is that it's an opportunity to escape the limited range commercially available stuff and explore novel designs, mounts, and optical paths. Personally, I hope someday to build a long-focus offset reflector, but it's a big project, and I have a family and a day job.
What do you want to do with your scope? Is this a hobby you expect to be sharing with friends and family? If so, I'd strongly advise getting a computer-driven "go-to" mount, because that largely eliminates the boring intervals when you're trying to find something by star-hopping. Even if it's strictly a solitary pursuit for you, a "go-to" mount can substantially increase the likelihood of actually using the scope. Although I firmly believe that I've learned a lot about the sky by groping around with setting circles and a sky atlas, I find I get more enjoyment from my computerized 5-inch Meade than from my traditional 8-inch Celestron simply because it's so easy to set up and point at something.
Without knowing more about you and your interests, I'd recommend getting a Sky & Telescope subscrption, a 5-inch Celestron or Meade with a computerized mount, a 40-mm wide-field eyepiece, and a video eyepiece or adapted webcam. You can see and do a lot of cool stuff with that rig, and learn where you want to extend your capabilities. You can get some excellent deals (e.g., on eBay) on used equipment, too, although it tends to be older and less computerized.
After you've spent some time with it, think about what needs improvement. Do you really want better views of dim distant galaxies? Then maybe you want a big Dobsonian "light bucket". Do you want to make incredible nebula photos? That might mean a permanent in-ground pier with a serious equatorial mount (and a bigge
Full disk encryption (FDE) is simple, is easy to use, is readily available, imposes negligible user-visible performance penalties on Windows laptops, and is completely effective in solving "theft of laptop" problems. Not using it should be automatic evidence of gross negligence.
I've deployed both PointSec and DriveCrypt Plus Pack for over five years on a large number of machines, and even for heavy-duty software development, where "rebuild world" takes many minutes, the actual impact--in terms of effect on end-user activities--is negligible.
Sure, if you imagine performance is an issue, you can try any of the vastly more difficult to manage solutions that try to "encrypt only sensitive data", or the even sillier solutions that "delete sensitive data" when the laptop connects to the Internet after it's stolen, but why bother? Try it yourself, and you'll find that performance is NOT an issue in the vast majority of real-world situations. As long as you don't use FDE on heavy-duty I/O-bound database servers and such, you'll rarely notice a difference. Modern computers are so fast that encryption just isn't an issue.
Yes, key management requires some attention. For example, as system administrator, you can just generate some reasonably long passphrases, write them on little cards, and give them to your users to carry in their wallets--and explain the rules. Don't allow users to change them, and keep a copy along with other critical corporate records, and key management is a solved problem. Worried about users losing wallet and laptop simultaneously? Take the cards back after a week, and obfuscate their contents to begin with. Worried about backup? Keep two copies. And so forth. Sure, it could be stronger, and some users will always work around the system, but users will lie, cheat, and steal in other ways, too. In the corporate world, at least, your goal is risk management, not perfection.
Too hard to type a password when you boot the machine? Gosh, fifteen characters at one character per second is, yes, fifteen whole seconds--and anyone will learn to type it more quickly over even a short period of use. Don't change the passwords, either: they're not shared, and not transmitted over networks, so there's virtually no risk of interception--just pick a good one and stay with it.
Backup and recovery also requires some thought. I've actually recovered encrypted drives occasionally, but most recovery is done from file-level backups, where the data is backed up in the clear, over a secured network, and stored on other encrypted volumes. That's really no different when using FDE as not.
If computer theft is the problem, full disk encryption is the answer. It's not the whole answer, and it's not perfect, but it sure goes a long way toward solving the problem. Heck, even Microsoft is offering it in Windows Vista, only a decade or so too late.
These units scan both sides of the document in the same pass, at between 4 and 30 monochrome sheets per minute depending on resolution (up to 600 DPI) and model. They can also do color (and grayscale), but that tends to be slower and the files MUCH bigger. The Xerox is faster, but more persnickety; the Fujitsu is unflappable and optimized for one-step desktop use. With either one, you can just drop a stack of pages, checks, receipts, or whatever into the sheet feeder, press a button, and PDF files appear on your disk. This is VASTLY more convenient than feeding, or photographing, one sheet at a time, and the scanners are small--footprint is not much bigger than a sheet of paper.
Speed isn't as important as you might think: unless you're scanning huge stacks of paper, the time spent fussing with the paper itself tends to dominate the process, and it's easy to do something else productive while the sheets are whirring through the auto-feeder. I've used them for everything from manuals to business cards, and I think they're the ideal solution to getting rid of all that paper. The software is idiosyncratic and not extremely stable (I occasionally have to reboot the machine that the Xerox unit is connected to), but it gets the job done.
During the Cryptographer's Panel at the RSA conference, Adi Shamir made a short reference to this vulnerability. He confirmed in subsequent e-mail that of course he had a working implementation, or he wouldn't have mentioned it in public, and that a presentation would be forthcoming at the Eurocrypt 2005 rump session next week in Denmark.
I was sore disappointed that the press didn't pick it up then, because I thought it was the most interesting item in any of the keynote talks at RSA (although the hash function flaw announcements came a close second).
Cache contention as a covert timing channel has been explored at least since 1983/84 (when I encountered an instance of it during a TCSEC project and was gently shooed away from exploring such a "sensitive" topic). The precision targeting of this particular attack is really slick.
Customers are more willing to pay for something when it is clear to them that it's costing the supplier something to supply it. Downloading software looks "free" because it only happens once, but if it's clear that an ongoing service is required, that's easier to justify paying for.
That said, with today's hosting and communication costs, services can be pretty darn cheap to provide: even factoring in the need for reserve capacity to handle unpredictable demands, the gross profit margin can be huge.
This model fits as well with GPL software as with proprietary, and it scales much better than the "support services" model. To provide support, you have to have actual people doing work, but to expand an automated service, you just need more hardware.
YMMV: This is not a trivial model to set up: it just can't work for many types of applications. If the cost is too high, or if it's not clear why the service is an essential and valuable component of the offering, customers will resent it. If the service is essential, but unreliable or overloaded, customers won't much like that, either. And so forth. From a technical and cost perspective, however, it's highly practical.
jaoswald's post about how little actual patent risk there is to the lone developer is dead-on. The patent game is only an issue when at least one party has millions at stake, and there are LOTS of outcomes that are at least not undesirable.
Actually, that's not quite true: if you want to start a VC-funded business, you MUST have a collection of patent applications showing how well-protected your technology will be. This is because patents are something like trading cards: if you don't have any, everyone will assume you're a hopeless loser, but if you do, you can use them to negotiate mutual non-destruction treaties, increase the value of your business for future financing or sale, etc. Either that, or the VCs need the paper to help hold down their desks. I've never known for sure.
Will your patents have any actual value if matters come to litigation? Almost certainly not: the large party will squash you like a bug, err, excuse me, you will unfortunately end up in a position where your resources are stretched too thinly from the costs and efforts of defending your legal rights to be able to continue operating your business successfully. A pity, that, but sometimes those things just can't be helped.
Actually, as insurance goes, patents are pretty cheap. You can file a provisional ($80), then a year later (if you still have the business) file a utility application ($395), then wait 3 years or so for a first office action, and only then get the lawyers involved (again, if you still think the patent will be useful) to define meaningful claims for the patent. In the meantime, you have applications on file at the USPTO, even published after 18 months, and they make your business look more substantial if you're looking for partners, acquirers, or funding. If you decide actually complete the process (4-5 years minimum), you'll probably have spent at least $10K, but by then you'll certainly be in a position to know whether that kind of investment would be worth while for the business.
There is negligible risk that you will be unable to obtain a patent if you actually want it, given the essentially useless review performed by the PTO. If you try to finish the process on your own, you may end up with some rather convoluted claims--getting the best claims is where skilled legal help is really important. This is not just about legal skill, either--for example, a lawyer who has worked with your particular patent examiner may have valuable insight into what kind of claims will and won't be allowed. This is one of the important things that the specialist firms can provide.
Nolo Press's wonderful book, "Patent it Yourself", explain all about the process as it's supposed to work. However, it doesn't talk much about the end-game and the value of skilled help, nor about how to draft specifications that are sufficiently broad to support a wide variety of claims when the time comes.