I know the Octopus (similar system being used in Hong Kong, available on all public transport, 7-Eleven and all convenient store, most supermarkets, McDonald's, KFC, etc.) does exactly this.
It has a requirement that the endpoint must sync up at least once everyday (the one installed in subway may sync in minutes, but some remote access point with no data connection might only sync once per day). Which also means that for a fraud to be detected to the blacklist being updated, it might take as long as one day. [1]
Though we have a card limit of $999.99 HKD (translate to ~$128 USD), so you can only get at most $999.99 to spend, after may be taking months cracking the private key of the card. (The card data is reportedly guarded by private-public key mechanism).
So at least, you need a strong private key that stands at least for 10-20 years (assume we don't have quantum computer within 10-20 years). And server-client sync is a must.
Oh by the way, the Octopus is based on one of the card system from Sony. (I forgot the name)
[1] This is probably also the fact why if credit card auto recharged is enabled, it take up to 48 hours to stop your credit card from being charge after a octopus card lost report.
if I could beam some strong IR light to the plate to blind the camera or mess with the recognition (only to the point that it doesn't recognize this is actually a plate is enough), while it stays looking perfectly fine to a human eye.
I grew up in Hong Kong and have been working in Shanghai for a while.
The first thing the Chinese don't trust are the officials. The media that we all think shitty is CCTV and Xiahua. I can say most educated people (read: those live in city) know and aware that the officials are doing a shitty jobs.
We all think it's bullshit to holding up and postponing all surgeries that requires potential blood transfser, in order to keep the blood for the Olympics' potential incident.
We hate how they erect the great firewall, blocking Chinese Wikipedia, while almost everyone know how to find a backdoor/proxy or use Tor.
Why they are doing all these kinds of stuff? Erecting stupid policy? It's all for the official own personal interest. It's better to follow the rule and tradition, even if it's stupid, and crossing the finger that nothing will go seriously wrong.
Ya it's stupid, but if they stick to the rule, their manager won't complain, or at least, they could keep their job. Just as simple as that.
Losing face country-wide and international-wide? The Chairman might care, but probably not those district-level officials.
From the TFA, it's not talking about lossing the last minute incoming data, but in fact that the integrity could be doomed and corrupted (means potentially need to mkfs again), this is the case even if you have FS journal turned on, and/or using the database transaction, and/or using RAID.
The most interesting idea is that the DMA controller and Harddrive could lives a milliseconds longer than your RAM, so garbage in the RAM (because if there is no refresh current for more than a second, everything in the RAM will be garbaged) could make their way into the harddrive, corrupting the journal.
At least you can use OpenID to comment a blog on Blogger. Setting up a WordPress with OpenID enabled is also very easy, by installing a plugin.
It may be not looking good today, but as soon as they start seeing supporting OpenID as a mean of authentication means opening the business to potentially many more people, they will make a change someday.
If you are so skeptical, you can make a OpenID provider by yourself. Just buy a domain and host it somewhere (or your home), and then put whatever authentication process you want (from auto authenticate to two-factor + bio + OTP).
This is the power of OpenID! It liberates the ID! The domain owner control the actual authenication way, OpenID just care about how this ticket is transferred between the provider and the client.
If you don't trust any provider, you just make up your own, there is a lot of php script out there to implement a simple password based authenication, it's just that easy.
As a bonus, your OpenID will be identified as you@your-cool-domain.com
Childs, according to payroll records, earned $126,735 in base pay in 2007 and additional premium pay of $22,534, for a total of $149,269. Vinson said the extra money was apparently compensation for being on-call as a trouble-shooter.
I was thinking if he could create the trouble...then shooting them by himself.
Couldn't they just make a high res panorama CCTV instead? Like a camera shooting at a dome shaped mirror hanged on top. They could save some motors by making this too. With transformation algorithm, the footage could also be easily converted back to a regular 2D view.
which is thinner and smaller than a penny. With increasingly more laptop equipped with SD Slot, such card can be used in Laptop, your Digital camera, your cell phone, your Wii...
A SD Micro->USB card reader isn't much bigger either.
What's your most valuable thing in the system? Probably the data (documents, emails), or system resource (like CPU and Internet connectivity) for spammer.
Exploiting these require no admin privilege, UAC won't be able to block that. If you just double-click any executable, you are giving full-trust and exposed to this risk. period.
Is Linux, Mac, <Insert your favorite OS name> better protected in this case? I honestly don't think so.
May be you can get away with managed code like.NET/Java to sand boxing every application, but that's not common to sandbox the local application, yet.
Remotely? I bet the security office watching the screen at remote place...is operating by themselves? How easy could he be holding a cellphone and recording all this?
Tell me next time when there is kiddie porn leaked from the video feed of scanner like this.
> * In fact, virtualize the entire filesystem so a bad program can't screw up your install. I think there is a Shadow Copy (Snapshot) and System Restore already?
> * Instead of babysitting the user with endless "Cancel Allow" dialogs, allow some programs (administrator-defined) to run as administrator (i.e. root) by adding a popup dialog to ask the password. Add the possibility of remembering the password FOR THIS SESSION ONLY. You can just assign the user to Power User. Then every program requires admin privilege will ask for password. There is no way to remember the pwd though.
> * Make Windows non-primary-partition tolerant. Allow it to run in other partitions so it doesn't try to get hold of my entire hard disk. You can install to other primary partition, it doesn't have to be on the first partition.
> * Here's an idea: Make (or use) a "/home" partition so users can put their configuration and files in a directory of their own, so advanced users can either boot Windows or Linux and still have their important documents unmodified. You can redirect the "My Documents" folder if needed.
> * Virtualize the registry so bad programs can modify hkeylocalmachine but it'll only affect them. It's not just configuration does matter...but do you want to fire up a virtualized system that use the virtualized configuration when a program is executed? Oh, it sounds so like a VM.
> * Make (or adopt) a decent partitioner that can resize partitions without requiring to buy third party products. Already doable in Vista. Enlarge works great. For Shrink you need some luck though.
You should look China when you are talking about Scooter.
They have a wide selections in Carrefour, or whatever Supermarket. Price tag: ~1200RMB (150USD). Probably can goes up to 30MPH.
May be not as stylish as the MIT one, but definitely cheap, usable and actually are all over the streets. And there are more scooter than bicycle on the street.
Some models looks just like more than a hack of Bicycle + Motor + Battery pack, but works! Most design with battery pack can be swap out, and can be plugged to the main directly for charging. I have seen the janitor in Office bringing her pack upstair for charging.
Please let me know when we have Exchange functionalities like Email, Contact & Calendar (Accept/Deny response) working on Desktop and Mobile device, without using Microsoft.
Do it ourselves? It would take months to bind all the OSS together, if not forever. At the end, you can only blame yourself. With Microsoft's deployment, you can blame it, and you can tell your boss to blame it, which is a good thing.
the girl's immune system had almost totally been replaced by that of the donor, meaning she no longer had to take anti-rejection drugs. If her system will attack her body minus the liver from now on?
You still have to install windows (going through all its specific hurdles too), and configure it.
No. The HP is already selling the box, just very much like an those Linux installed harddrive enclosure. The hardware should be similar, those just with network output with no monitor output, expect a low power x86 CPU.
But this HP box is with Windows Home Server (WHS) pre-installed.
The enclosure themselves are ready to use : buy it, throw some drives inside (or have the computer parts shop do it), plug it into your network:
So does the WHS. Installation wise, it would be the same as those Linux harddrive enclosure.
Everyone knows Windows has great hardware support. Ok sorry, I mean Hardware vendor has great support with Windows. With Linux, you still risk of finding an appropriate CUPS driver for your shinny Laserjet (I know zero-Postscript support shouldn't really be count as a Laserjet, but HP is selling some of those), or have to do ton of research to get a right one. Windows? To John doe, it just works.
Also I completely fail to see the point on having a full blown graphical interface on a *file server*.
It just a added bonus in case you want to use it to do something else with it. Like hosting a few more BitTorrent session wouldn't hurt. Not necessary.
Windows Home Server also comes with an interface for remote file management over web.
There are numerous solution for backup that exist on Linux. Some research may be important.
Yes. Research. Which I like to do, I love the power of customization. If it doesn't totally fits, I will make it fits. But 90% (a wild guess) of computer users aren't like that. They want something just works! While Microsoft at the same time providing a It-Just-Works solution for 90% of common scenario. Then it would make a perfect fits for them.
Talking about the software bundled by those Hardware enclosure 3rd party. Will you trust them? I mean if you bought an average Linksys/DLink/Buffalo box, not those very expensive one, between WHS and them, I would trusted the WHS more (See Disclaimer below).
You even mention PartImage, Amanda...I have digged into those too, don't you think it's too hard for an average user to set them up? While WHS, it could backup your Client machine in File-to-File accessible basic, also provide Symantec-Ghost-like total client machine recovery, all accessible with just One Click (Ok, could be a few...).
To John Doe, it's unbeatable that no research is needed, not to mention setting up his computer with an unfamiliar OS. And you want to tell him setup the Soft RAID with Mdadm/Evms/LVM just with non-user-intuitive Text mode, and there is no obvious way to know the Health/Update status of the server? He will say "You must be kidding."
Linux still has a lot of room to grow, in terms user friendless / UI area.
If they are a little bit more computer savvy or if you have some time to help them
I do and already did. Yes our friends and I like Fon, we like re-freshing WRT54G to OpenWRT, we run Ubuntu for server at home. But spreading that idea to an average Uncle/Aunt? It's not the time yet. Firefox, TugZip, Thunderbird, OpenOffice may be more than enough for them at this moment. Putting a Ubuntu Live CD into their machine, telling them that sorry you couldn't draw on the Pidgin-MSN is a painful process.
Disclaimer: I work in Microsoft. The WHS team is just sitting next to my office. But I do love Linux and running Asterisk at home, not going to convert to WHS anytime soon.
I wonder if they are going to employ the same compression thingy on TV commercial video signal. i.e. making the stuff brighter than normal. The same might apply on Internet AD too, it will be interested to see how it affect (good or bad?) the end results.
I heard you say "plugins", "almost", "no" difficult for additional features like 3rd party Software, Print Server, Webcam, blahbalh... The best part is - Windows Home Server - as a Server 03 double, those would just work out of box. With Remote Desktop, user can get to their familiar desktop immediately.
Also, Windows Home Server could backup networked windows client. How a John Doe could do that on Linux? Tell them to install rsync on their Windows box...Or Use offline files?
Personally, I am using two Ubuntu box, one as mythtv+router+"whatever-you-can-think-of"-server, one as backup using rsync every morning. But am I going to suggest this to my average friends and relatives? Surely not...It's far too "good" for killing my personal time for support.
, recall that it comes with Ad-hoc Wireless capability, a thousands of them could easily be transformed into a very capable Linux cluster.
And you are shipping thousands (if not millions) to developing country.
Bush, do you see now why the developing country are placing order to buy millions of XO? Now it is very clear - a very cheap Linux supercomputer that could run by hand cranking!...Think of the children!
Slashdot Mirror
obligatory comment: http://xkcd.com/303/ Compiling!
I know the Octopus (similar system being used in Hong Kong, available on all public transport, 7-Eleven and all convenient store, most supermarkets, McDonald's, KFC, etc.) does exactly this.
It has a requirement that the endpoint must sync up at least once everyday (the one installed in subway may sync in minutes, but some remote access point with no data connection might only sync once per day). Which also means that for a fraud to be detected to the blacklist being updated, it might take as long as one day. [1]
Though we have a card limit of $999.99 HKD (translate to ~$128 USD), so you can only get at most $999.99 to spend, after may be taking months cracking the private key of the card. (The card data is reportedly guarded by private-public key mechanism).
So at least, you need a strong private key that stands at least for 10-20 years (assume we don't have quantum computer within 10-20 years). And server-client sync is a must.
Oh by the way, the Octopus is based on one of the card system from Sony. (I forgot the name)
[1] This is probably also the fact why if credit card auto recharged is enabled, it take up to 48 hours to stop your credit card from being charge after a octopus card lost report.
if I could beam some strong IR light to the plate to blind the camera or mess with the recognition (only to the point that it doesn't recognize this is actually a plate is enough), while it stays looking perfectly fine to a human eye.
Not true.
I grew up in Hong Kong and have been working in Shanghai for a while.
The first thing the Chinese don't trust are the officials. The media that we all think shitty is CCTV and Xiahua. I can say most educated people (read: those live in city) know and aware that the officials are doing a shitty jobs.
We all think it's bullshit to holding up and postponing all surgeries that requires potential blood transfser, in order to keep the blood for the Olympics' potential incident.
We hate how they erect the great firewall, blocking Chinese Wikipedia, while almost everyone know how to find a backdoor/proxy or use Tor.
Why they are doing all these kinds of stuff? Erecting stupid policy? It's all for the official own personal interest. It's better to follow the rule and tradition, even if it's stupid, and crossing the finger that nothing will go seriously wrong.
Ya it's stupid, but if they stick to the rule, their manager won't complain, or at least, they could keep their job. Just as simple as that.
Losing face country-wide and international-wide? The Chairman might care, but probably not those district-level officials.
It's symmetric, ...rotational symmetric. ;P
That's one machine for simulating one eye. That's why they need 2 * 8 for simulating human-level vision, or else you won't get the 3D vision.
From the TFA, it's not talking about lossing the last minute incoming data, but in fact that the integrity could be doomed and corrupted (means potentially need to mkfs again), this is the case even if you have FS journal turned on, and/or using the database transaction, and/or using RAID.
The most interesting idea is that the DMA controller and Harddrive could lives a milliseconds longer than your RAM, so garbage in the RAM (because if there is no refresh current for more than a second, everything in the RAM will be garbaged) could make their way into the harddrive, corrupting the journal.
At least you can use OpenID to comment a blog on Blogger.
Setting up a WordPress with OpenID enabled is also very easy, by installing a plugin.
It may be not looking good today, but as soon as they start seeing supporting OpenID as a mean of authentication means opening the business to potentially many more people, they will make a change someday.
If you are so skeptical, you can make a OpenID provider by yourself.
Just buy a domain and host it somewhere (or your home), and then put whatever authentication process you want (from auto authenticate to two-factor + bio + OTP).
This is the power of OpenID! It liberates the ID! The domain owner control the actual authenication way, OpenID just care about how this ticket is transferred between the provider and the client.
If you don't trust any provider, you just make up your own, there is a lot of php script out there to implement a simple password based authenication, it's just that easy.
As a bonus, your OpenID will be identified as you@your-cool-domain.com
Childs, according to payroll records, earned $126,735 in base pay in 2007 and additional premium pay of $22,534, for a total of $149,269. Vinson said the extra money was apparently compensation for being on-call as a trouble-shooter.
I was thinking if he could create the trouble...then shooting them by himself.
Couldn't they just make a high res panorama CCTV instead? Like a camera shooting at a dome shaped mirror hanged on top. They could save some motors by making this too.
With transformation algorithm, the footage could also be easily converted back to a regular 2D view.
which is thinner and smaller than a penny.
With increasingly more laptop equipped with SD Slot, such card can be used in Laptop, your Digital camera, your cell phone, your Wii...
A SD Micro->USB card reader isn't much bigger either.
What's your most valuable thing in the system?
.NET/Java to sand boxing every application, but that's not common to sandbox the local application, yet.
Probably the data (documents, emails), or system resource (like CPU and Internet connectivity) for spammer.
Exploiting these require no admin privilege, UAC won't be able to block that. If you just double-click any executable, you are giving full-trust and exposed to this risk. period.
Is Linux, Mac, <Insert your favorite OS name> better protected in this case? I honestly don't think so.
May be you can get away with managed code like
Remotely? I bet the security office watching the screen at remote place...is operating by themselves? How easy could he be holding a cellphone and recording all this?
Tell me next time when there is kiddie porn leaked from the video feed of scanner like this.
I don't see why those on the list are not suing the government for the damage...
I think some of them are already implemented?
> * In fact, virtualize the entire filesystem so a bad program can't screw up your install.
I think there is a Shadow Copy (Snapshot) and System Restore already?
> * Instead of babysitting the user with endless "Cancel Allow" dialogs, allow some programs (administrator-defined) to run as administrator (i.e. root) by adding a popup dialog to ask the password. Add the possibility of remembering the password FOR THIS SESSION ONLY.
You can just assign the user to Power User. Then every program requires admin privilege will ask for password. There is no way to remember the pwd though.
> * Make Windows non-primary-partition tolerant. Allow it to run in other partitions so it doesn't try to get hold of my entire hard disk.
You can install to other primary partition, it doesn't have to be on the first partition.
> * Here's an idea: Make (or use) a "/home" partition so users can put their configuration and files in a directory of their own, so advanced users can either boot Windows or Linux and still have their important documents unmodified.
You can redirect the "My Documents" folder if needed.
> * Virtualize the registry so bad programs can modify hkeylocalmachine but it'll only affect them.
It's not just configuration does matter...but do you want to fire up a virtualized system that use the virtualized configuration when a program is executed? Oh, it sounds so like a VM.
> * Make (or adopt) a decent partitioner that can resize partitions without requiring to buy third party products.
Already doable in Vista. Enlarge works great. For Shrink you need some luck though.
You should look China when you are talking about Scooter.
They have a wide selections in Carrefour, or whatever Supermarket.
Price tag: ~1200RMB (150USD). Probably can goes up to 30MPH.
May be not as stylish as the MIT one, but definitely cheap, usable and actually are all over the streets. And there are more scooter than bicycle on the street.
Some models looks just like more than a hack of Bicycle + Motor + Battery pack, but works! Most design with battery pack can be swap out, and can be plugged to the main directly for charging. I have seen the janitor in Office bringing her pack upstair for charging.
It's just cheap!
Please let me know when we have Exchange functionalities like Email, Contact & Calendar (Accept/Deny response) working on Desktop and Mobile device, without using Microsoft.
Do it ourselves? It would take months to bind all the OSS together, if not forever. At the end, you can only blame yourself. With Microsoft's deployment, you can blame it, and you can tell your boss to blame it, which is a good thing.
You can use ".\Username" to login locally. ".\" will do the job.
and someone should already have done it already?
As this story is talking about Windows Home Server, I would just stick to the topic.
May I point you to the home server official site http://www.microsoft.com/windows/products/winfamily/windowshomeserver/default.mspxNo. The HP is already selling the box, just very much like an those Linux installed harddrive enclosure. The hardware should be similar, those just with network output with no monitor output, expect a low power x86 CPU.
But this HP box is with Windows Home Server (WHS) pre-installed.
So does the WHS. Installation wise, it would be the same as those Linux harddrive enclosure.
Everyone knows Windows has great hardware support. Ok sorry, I mean Hardware vendor has great support with Windows. With Linux, you still risk of finding an appropriate CUPS driver for your shinny Laserjet (I know zero-Postscript support shouldn't really be count as a Laserjet, but HP is selling some of those), or have to do ton of research to get a right one. Windows? To John doe, it just works.
It just a added bonus in case you want to use it to do something else with it. Like hosting a few more BitTorrent session wouldn't hurt. Not necessary. Windows Home Server also comes with an interface for remote file management over web.
Yes. Research. Which I like to do, I love the power of customization. If it doesn't totally fits, I will make it fits. But 90% (a wild guess) of computer users aren't like that. They want something just works! While Microsoft at the same time providing a It-Just-Works solution for 90% of common scenario. Then it would make a perfect fits for them.Talking about the software bundled by those Hardware enclosure 3rd party. Will you trust them? I mean if you bought an average Linksys/DLink/Buffalo box, not those very expensive one, between WHS and them, I would trusted the WHS more (See Disclaimer below).
You even mention PartImage, Amanda...I have digged into those too, don't you think it's too hard for an average user to set them up? While WHS, it could backup your Client machine in File-to-File accessible basic, also provide Symantec-Ghost-like total client machine recovery, all accessible with just One Click (Ok, could be a few...).
To John Doe, it's unbeatable that no research is needed, not to mention setting up his computer with an unfamiliar OS. And you want to tell him setup the Soft RAID with Mdadm/Evms/LVM just with non-user-intuitive Text mode, and there is no obvious way to know the Health/Update status of the server? He will say "You must be kidding."
Linux still has a lot of room to grow, in terms user friendless / UI area.
I do and already did. Yes our friends and I like Fon, we like re-freshing WRT54G to OpenWRT, we run Ubuntu for server at home. But spreading that idea to an average Uncle/Aunt? It's not the time yet. Firefox, TugZip, Thunderbird, OpenOffice may be more than enough for them at this moment. Putting a Ubuntu Live CD into their machine, telling them that sorry you couldn't draw on the Pidgin-MSN is a painful process.
Disclaimer: I work in Microsoft. The WHS team is just sitting next to my office. But I do love Linux and running Asterisk at home, not going to convert to WHS anytime soon.
I wonder if they are going to employ the same compression thingy on TV commercial video signal. i.e. making the stuff brighter than normal. The same might apply on Internet AD too, it will be interested to see how it affect (good or bad?) the end results.
I heard you say "plugins", "almost", "no" difficult for additional features like 3rd party Software, Print Server, Webcam, blahbalh...
The best part is - Windows Home Server - as a Server 03 double, those would just work out of box. With Remote Desktop, user can get to their familiar desktop immediately.
Also, Windows Home Server could backup networked windows client. How a John Doe could do that on Linux? Tell them to install rsync on their Windows box...Or Use offline files?
Personally, I am using two Ubuntu box, one as mythtv+router+"whatever-you-can-think-of"-server, one as backup using rsync every morning. But am I going to suggest this to my average friends and relatives? Surely not...It's far too "good" for killing my personal time for support.
, recall that it comes with Ad-hoc Wireless capability, a thousands of them could easily be transformed into a very capable Linux cluster.
...Think of the children!
And you are shipping thousands (if not millions) to developing country.
Bush, do you see now why the developing country are placing order to buy millions of XO? Now it is very clear - a very cheap Linux supercomputer that could run by hand cranking!