Too true - one reason I moved to a Mac and didn't look back. Sure, I have to make a few compromises in my "ideal" environment, although far fewer than I would have guessed; in exchange, I get to ignore my environment and focus on using my computer to actually "do stuff." Works for me. Obviously, though, others are different:)
Only if done correctly (and your mirrors have backups). But really, how often do you back up that which you're mirroring? Pretty much never, if you're most people. And if the source deletes a file, generally all the mirrors do as well... Backups are still needed to help protect you against yourself.
true dat, i have driven a LPG car for a while (petrol car with LPG installation added), and while it still ran on petrol and the combined range was around 900-1000 km, the LPG range was only 350 km before needing a fill-up. Now given that it was a company car i was forced to drive on LPG 95% of the time, resulting in very very frequent tank-stops. For this reason alone i would prefer not to drive LPG again.
Now halve that range and change the fill-up time from 5 minutes to 8 hours and you have a typical electric car.
The big difference being that you're unlikely to have an LPG tank in your garage, whereas with the electric you can pretty much guarantee that you'll start every day with a full "tank." Obviously if you drive more than the electric range per day, you're not a good candidate for one. Luckily for them, almost everyone drives far less.
They want their FRIENDS typically to know where they are (or, for bragging rights, have been); usually not realising the other potential uses of such information, and how much it reveals about them for outsiders. They don't realise it also reveals where they live, where they work, and when they're usually not at home.
Let's see. My workplace is fairly easy to find if you know me. My home ownership is public record (on the county tax rolls) and while I might own an investment house and live elsewhere... I don't. Neither do most other people who own only one house. Heck, for most people their current address is in the phone book anyway. Since I have a white collar job I'm generally, but not always, at work during normal business hours.
And all this information comes as a surprise to who, exactly?
Alternately, if I post a photo of my location on a public site like Flickr set for the world to see, maybe I (gasp!) don't mind that people know where I took it? Especially since the caption is often similar to, "Look, great tulips at the Dallas Arboretum sunken garden this weekend" anyway?
[T]he world does include some very creepy people
The world also includes some very normal people who either don't mind if other folk know where they are, or are smart enough not to post photos of their activity to Flickr during times when they want a little privacy. Its not an invasion. Its not necessarily that we don't know what information is out there. Its that to many (most?) people, it really, honestly, isn't that big of a deal.
Actually right now, renewables have significantly higher risks - http://nextbigfuture.com/2011/03/deaths-per-twh-by-energy-source.html for the detailed statistics. Once you get into the much larger-scale construction projects that wind and solar farms have, there are surprisingly high injury rates compared to most nuclear energy.
Still almost nothing for either approach compared to coal, of course.
The main issue is that you can't look at numbers in a vacuum. Any talk of "safety" that's not comparing any power generation method to other methods is misleading at best.
In the US, being a roofer is the 7th most dangerous career you can choose. Most solar installations (although this is changing) involve people having panels installed at their house. The linked article goes into some detail, but laborer-falling-off-roof-and-dying is one of those job hazards you never hear about on the news that happens all the time (at least in comparison to nuclear meltdowns).
Look, I'm sure the risk is small; it may even be "infinitesimal" but it isn't zero. Consider for example a situation where the containment vessel is cracked (as has already happened) and that crack leads to the uranium going down into one particular area of the vessel. Consider also the situation where the bottom of the vessel has been filled in with other material (dried up salt from sea water?) forcing a change in configuration.
There are reasons to believe that a stable critical mass will not be reached; it's incredibly difficult to do and the uranium will tend to blow it's self apart immediately that happens meaning that no real nuclear explosion will happen. However, a little more humility and a whole bunch more circumspection would really help you maintain credibility for when you want to persuade people that the modern "safe" nuclear plants really are safe.
That's the trouble. Nuclear plants are held to a massively high standard of "safe" already.
Did you know, for example, that Coal kills 4,000 (not a typo) more people per wattHour than Nuclear does? But its a slow, boring kind of killed, like the 40,000+ who die every year in automobile accidents in the US alone, not the fun exciting kind of killed that you get every couple of years when an airliner crashes and kills 200 folk halfway around the globe, making national news.
To have a meaningful discussion you need to compare nuclear safety to other power-generation mechanisms (more people fall off roofs installing solar panels and die every year than have been killed by nuclear power generation disasters). And then scale them to account for the power generated. Once you do so, you realize just how unsafe many of the alternatives actually are.
And those thyroid cancers - while exceedingly unpleasant - killed about 40 people.
Nuclear is not 100% safe. Nothing is. It does happen to be about 4,000 times as safe as Coal though, measured in terms of human deaths per megawatt generated.
All of our traffic is HTTPS - we simply terminate the SSL session at our load balancers and then handle the data normally from then on. I thought it was a fairly common practice.
You're not supposed to store the entire strip, since that would allow you to process card-not-present transactions as card-present. You are allowed to store information from the strip. There is a difference. Admittedly its a fine difference, as is the distinction between "illegal" and "against policy", but both are significant in this case.
FWIW, we don't store cardholder data (in the PCI sense) anyway - I use gateway tokenization for that - but if we wanted to, there are well-established encryption and access requirements around it. Which is how gateways (which are themselves required to be PCI compliant following the same set of rules) handle vault storage.
Some museums are art within themselves. Some books too - fabulous works that live a life far beyond their contents. But I agree in principle - those are few and far between compared to the number of galleries and paperbacks that, while pedestrian, contain art far beyond themselves.
Storing your credit card numbers when you use them via a magnetic swipe is actually illegal, see here for example. So, supermarkets actually cannot store your credit card information.
Not actually illegal - just difficult. And generally a bad idea. But totally legal. Giving that information out again can get you in big trouble, of course, and storing it for longer than it takes to hand it off to the next level can be quite painful.
Additionally, its generally not needed. In this case, doing something like a one-way hash of the card as it passes through the system would be enough - you don't actually care about the card numbers themselves, just if and when a particular known card is associated with a known shopper. As long as you don't need to get the card tracks back, a hash is more than enough to give you that data.
Disclosure : I am the chief architect for a PCI-DSS Level 1 provider
How many people are willing to put that same information into a "reply" card at their favorite shopping mall in exchange for a minuscule chance at winning a timeshare vacation package?
Some information is just not seen by many as all that private, personal, or valuable. Deal with it.
Maybe they shouldn't be, the last 4 digits of the social security, the ones they typically ask for are typically completely unguarded on bank websites, mother's maiden name frequently used as a way of confirming ones identity is easily looked up in most cases online.
True... but your SSN and mother's maiden name are also easily looked up offline, and have been for decades.
The trouble with that is that it gets into the discussion of data ownership, which is far from clear.
Let's say that your buddy Jeff takes a picture and tags you in it. He has copyright over the picture, and the right to put whatever text he wants with it.
You may sue him for libel if he tags you in a harmful picture that is not you - probably. IANAL. But I don't believe you can prevent him from listing the fact that you're in a photo that he took if you are. The fact that Facebook &c make it easy to follow a tag chain doesn't change the fact that the information is allowed to exist; Facebook's allowing you to remove yourself from a tag list is actually already giving you more power than you'd have on Jeff's blog or Flickr site. Or in his newspaper, for that matter.
You see, in your scenario you would indeed be a customer. But so would Jeff.
Historically the powerful (think newspaper owners) have always had the ability to broadcast whatever facts they chose about whomever they wished (with possible legal consequences to those actions). Now everybody does, admittedly with far narrower readership by default, but potentially with a worldwide reach.
Then why not send everyone a message saying, "Hey, you chose to install this app, and that's cool and all, but its doing bad things, would you like to remove it? [Yes] [No]" That would be completely reasonable and in full keeping with their advertised goals. The fact is that either platform allows someone else to decide (at their total discretion) that you don't need an app you've chosen to install, and lets them remove it without your consent.
It's a bit more clear-cut than that. The applications are advertised as doing something. They also happen to exploit a vulnerability in the OS, in a way that can't possibly have to do with advertised functionality. There is very little chance that users installed the software for these "extra features," especially because they have just about no way of even knowing they exist.
So why not patch the vulnerability instead of removing the software that's currently using it?
Look, I'm not trying to stand up for malware, just pointing out that in each case its the OS/appstore vendor making a determination that you, the user, don't actually want the application that you, the user, installed. The difference is that one vendor has been very up-front about telling the userbase that they're going to do this, and the other one has had some of its fanatical userbase choose it because they'd never do such a thing.
And sure, this example is an easy one to choose - of course they're doing the "right thing." What if the next one is less clear-cut, and less well conveyed? The precedent has been set, after all.
Not quite. You did choose to install it. It just does something that Google (or Microsoft or whoever) feels that you probably don't want it to do. Or at least, it's doing something that they don't want it to do. So they delete it.
All good, right? Well, as long as you trust their opinion of what software should do more than your own. Which is a point always brought up by Android fans to stomp on the Apple store. Except when google does it because... um... they said they wouldn't? And that's...better?
So don't install the H.264 codec. But don't install it once. Problem solved - and its entirely under your control. If you want to view H.264 video though, that codec is needed... somewhere. Viewing it "in flash" just means that the codec is downloaded as part of the flash plugin rather than discreetly. But its still there.
...just as each browser might come with its own routines to generate a stream of decoded frames that it uses the operating system's facilities to send to the video card.
It could do this. But it doesn't. It uses OS-level graphic libraries. Or are you honestly suggesting that you want to have to rebuild your browser whenever you change video cards?
I've been inside my Mac Pro as well as my homebuilt i7/1366 and they've got pretty much the same components. I'm not doubting you, just asking for clarification regarding the laptops.
Oh, come on. I could buy that argument on the laptops, but the Mac Pro? I've personally never seen such a well-designed and -constructed enclosure. Machined aluminum tracks for everything, swappable sub-assembelies, etc. I wouldn't claim that the components themselves are superior, but the case is phenomenal - easily the equal of the average well-built rackmount server from most companies.
Slashdot Mirror
Or you can pay ~$3 per month and get no ads whatsoever, and much higher bitrates available to you. Its not a bad deal, actually.
Too true - one reason I moved to a Mac and didn't look back. Sure, I have to make a few compromises in my "ideal" environment, although far fewer than I would have guessed; in exchange, I get to ignore my environment and focus on using my computer to actually "do stuff." Works for me. Obviously, though, others are different :)
Only if done correctly (and your mirrors have backups). But really, how often do you back up that which you're mirroring? Pretty much never, if you're most people. And if the source deletes a file, generally all the mirrors do as well... Backups are still needed to help protect you against yourself.
true dat, i have driven a LPG car for a while (petrol car with LPG installation added), and while it still ran on petrol and the combined range was around 900-1000 km, the LPG range was only 350 km before needing a fill-up. Now given that it was a company car i was forced to drive on LPG 95% of the time, resulting in very very frequent tank-stops. For this reason alone i would prefer not to drive LPG again.
Now halve that range and change the fill-up time from 5 minutes to 8 hours and you have a typical electric car.
The big difference being that you're unlikely to have an LPG tank in your garage, whereas with the electric you can pretty much guarantee that you'll start every day with a full "tank." Obviously if you drive more than the electric range per day, you're not a good candidate for one. Luckily for them, almost everyone drives far less.
They want their FRIENDS typically to know where they are (or, for bragging rights, have been); usually not realising the other potential uses of such information, and how much it reveals about them for outsiders. They don't realise it also reveals where they live, where they work, and when they're usually not at home.
Let's see. My workplace is fairly easy to find if you know me. My home ownership is public record (on the county tax rolls) and while I might own an investment house and live elsewhere... I don't. Neither do most other people who own only one house. Heck, for most people their current address is in the phone book anyway. Since I have a white collar job I'm generally, but not always, at work during normal business hours.
And all this information comes as a surprise to who, exactly?
Alternately, if I post a photo of my location on a public site like Flickr set for the world to see, maybe I (gasp!) don't mind that people know where I took it? Especially since the caption is often similar to, "Look, great tulips at the Dallas Arboretum sunken garden this weekend" anyway?
[T]he world does include some very creepy people
The world also includes some very normal people who either don't mind if other folk know where they are, or are smart enough not to post photos of their activity to Flickr during times when they want a little privacy. Its not an invasion. Its not necessarily that we don't know what information is out there. Its that to many (most?) people, it really, honestly, isn't that big of a deal.
Actually right now, renewables have significantly higher risks - http://nextbigfuture.com/2011/03/deaths-per-twh-by-energy-source.html for the detailed statistics. Once you get into the much larger-scale construction projects that wind and solar farms have, there are surprisingly high injury rates compared to most nuclear energy.
Still almost nothing for either approach compared to coal, of course.
FWIW, the word "stats" at the top of "This Seth Guy's" comment was a link to this page: http://nextbigfuture.com/2011/03/deaths-per-twh-by-energy-source.html which has all of the supporting documentation used, &c.
The main issue is that you can't look at numbers in a vacuum. Any talk of "safety" that's not comparing any power generation method to other methods is misleading at best.
In the US, being a roofer is the 7th most dangerous career you can choose. Most solar installations (although this is changing) involve people having panels installed at their house. The linked article goes into some detail, but laborer-falling-off-roof-and-dying is one of those job hazards you never hear about on the news that happens all the time (at least in comparison to nuclear meltdowns).
There is zero risk of supercriticality.
Look, I'm sure the risk is small; it may even be "infinitesimal" but it isn't zero. Consider for example a situation where the containment vessel is cracked (as has already happened) and that crack leads to the uranium going down into one particular area of the vessel. Consider also the situation where the bottom of the vessel has been filled in with other material (dried up salt from sea water?) forcing a change in configuration.
There are reasons to believe that a stable critical mass will not be reached; it's incredibly difficult to do and the uranium will tend to blow it's self apart immediately that happens meaning that no real nuclear explosion will happen. However, a little more humility and a whole bunch more circumspection would really help you maintain credibility for when you want to persuade people that the modern "safe" nuclear plants really are safe.
That's the trouble. Nuclear plants are held to a massively high standard of "safe" already.
Did you know, for example, that Coal kills 4,000 (not a typo) more people per wattHour than Nuclear does? But its a slow, boring kind of killed, like the 40,000+ who die every year in automobile accidents in the US alone, not the fun exciting kind of killed that you get every couple of years when an airliner crashes and kills 200 folk halfway around the globe, making national news.
To have a meaningful discussion you need to compare nuclear safety to other power-generation mechanisms (more people fall off roofs installing solar panels and die every year than have been killed by nuclear power generation disasters). And then scale them to account for the power generated. Once you do so, you realize just how unsafe many of the alternatives actually are.
And those thyroid cancers - while exceedingly unpleasant - killed about 40 people.
Nuclear is not 100% safe. Nothing is. It does happen to be about 4,000 times as safe as Coal though, measured in terms of human deaths per megawatt generated.
That assumes that the whole system (including GPU) is running at full load, 24 hours a day.
All of our traffic is HTTPS - we simply terminate the SSL session at our load balancers and then handle the data normally from then on. I thought it was a fairly common practice.
You're not supposed to store the entire strip, since that would allow you to process card-not-present transactions as card-present. You are allowed to store information from the strip. There is a difference. Admittedly its a fine difference, as is the distinction between "illegal" and "against policy", but both are significant in this case.
FWIW, we don't store cardholder data (in the PCI sense) anyway - I use gateway tokenization for that - but if we wanted to, there are well-established encryption and access requirements around it. Which is how gateways (which are themselves required to be PCI compliant following the same set of rules) handle vault storage.
Some museums are art within themselves. Some books too - fabulous works that live a life far beyond their contents. But I agree in principle - those are few and far between compared to the number of galleries and paperbacks that, while pedestrian, contain art far beyond themselves.
Storing your credit card numbers when you use them via a magnetic swipe is actually illegal, see here for example. So, supermarkets actually cannot store your credit card information.
Not actually illegal - just difficult. And generally a bad idea. But totally legal. Giving that information out again can get you in big trouble, of course, and storing it for longer than it takes to hand it off to the next level can be quite painful.
Additionally, its generally not needed. In this case, doing something like a one-way hash of the card as it passes through the system would be enough - you don't actually care about the card numbers themselves, just if and when a particular known card is associated with a known shopper. As long as you don't need to get the card tracks back, a hash is more than enough to give you that data.
Disclosure : I am the chief architect for a PCI-DSS Level 1 provider
Even if it wasn't....
How many people are willing to put that same information into a "reply" card at their favorite shopping mall in exchange for a minuscule chance at winning a timeshare vacation package?
Some information is just not seen by many as all that private, personal, or valuable. Deal with it.
Maybe they shouldn't be, the last 4 digits of the social security, the ones they typically ask for are typically completely unguarded on bank websites, mother's maiden name frequently used as a way of confirming ones identity is easily looked up in most cases online.
True... but your SSN and mother's maiden name are also easily looked up offline, and have been for decades.
The trouble with that is that it gets into the discussion of data ownership, which is far from clear.
Let's say that your buddy Jeff takes a picture and tags you in it. He has copyright over the picture, and the right to put whatever text he wants with it.
You may sue him for libel if he tags you in a harmful picture that is not you - probably. IANAL. But I don't believe you can prevent him from listing the fact that you're in a photo that he took if you are. The fact that Facebook &c make it easy to follow a tag chain doesn't change the fact that the information is allowed to exist; Facebook's allowing you to remove yourself from a tag list is actually already giving you more power than you'd have on Jeff's blog or Flickr site. Or in his newspaper, for that matter.
You see, in your scenario you would indeed be a customer. But so would Jeff.
Historically the powerful (think newspaper owners) have always had the ability to broadcast whatever facts they chose about whomever they wished (with possible legal consequences to those actions). Now everybody does, admittedly with far narrower readership by default, but potentially with a worldwide reach.
Then why not send everyone a message saying, "Hey, you chose to install this app, and that's cool and all, but its doing bad things, would you like to remove it? [Yes] [No]" That would be completely reasonable and in full keeping with their advertised goals. The fact is that either platform allows someone else to decide (at their total discretion) that you don't need an app you've chosen to install, and lets them remove it without your consent.
Yay openness.
To clarify, I meant in terms of pushing a minor OS patch, not in rolling the device up to 2.2.x or wherever the trunk fix lies.
It's a bit more clear-cut than that. The applications are advertised as doing something. They also happen to exploit a vulnerability in the OS, in a way that can't possibly have to do with advertised functionality. There is very little chance that users installed the software for these "extra features," especially because they have just about no way of even knowing they exist.
So why not patch the vulnerability instead of removing the software that's currently using it?
Look, I'm not trying to stand up for malware, just pointing out that in each case its the OS/appstore vendor making a determination that you, the user, don't actually want the application that you, the user, installed. The difference is that one vendor has been very up-front about telling the userbase that they're going to do this, and the other one has had some of its fanatical userbase choose it because they'd never do such a thing.
And sure, this example is an easy one to choose - of course they're doing the "right thing." What if the next one is less clear-cut, and less well conveyed? The precedent has been set, after all.
Not quite. You did choose to install it. It just does something that Google (or Microsoft or whoever) feels that you probably don't want it to do. Or at least, it's doing something that they don't want it to do. So they delete it.
All good, right? Well, as long as you trust their opinion of what software should do more than your own. Which is a point always brought up by Android fans to stomp on the Apple store. Except when google does it because... um... they said they wouldn't? And that's...better?
So don't install the H.264 codec. But don't install it once. Problem solved - and its entirely under your control. If you want to view H.264 video though, that codec is needed ... somewhere. Viewing it "in flash" just means that the codec is downloaded as part of the flash plugin rather than discreetly. But its still there.
...just as each browser might come with its own routines to generate a stream of decoded frames that it uses the operating system's facilities to send to the video card.
It could do this. But it doesn't. It uses OS-level graphic libraries. Or are you honestly suggesting that you want to have to rebuild your browser whenever you change video cards?
Oh, never mind...
I've been inside my Mac Pro as well as my homebuilt i7/1366 and they've got pretty much the same components. I'm not doubting you, just asking for clarification regarding the laptops.
Oh, come on. I could buy that argument on the laptops, but the Mac Pro? I've personally never seen such a well-designed and -constructed enclosure. Machined aluminum tracks for everything, swappable sub-assembelies, etc. I wouldn't claim that the components themselves are superior, but the case is phenomenal - easily the equal of the average well-built rackmount server from most companies.