"Intel drivers for Linux Just Work(TM). I installed Ubuntu 6.10 on my Acer notebook, with a i915g video adapter, and everything worked without any extra effort. And I'm even able to use Beryl/Compiz as my default window manager, without any stability issues."
This is because Intel's graphics chipsets are crippled and don't implement any of the features covered by other companies' patents which force ATI and NVidia to go closed-source.
You seem to forget that ATI had fully open-source drivers until they were forced to "go closed" due to licensing another company's IP for their chipsets. In that particular case, the first incident was S3 Texture Compression, a feature essentially required by all modern games, and apparently with patent licensing agreements that prohibit closed-source drivers. For a few months, S3TC was why Unreal Tournament 2003 (or was it 2k4?) only ran on NVidia cards under Linux - it wasn't until ATI released binary drivers that supported S3TC that UT2k3 would run on ATI cards under Linux.
The end result is that ultimately, the choice will not be Intel's as to whether to go open-source or not for full functionality, just as ATI had no choice but to "go closed" or simply leave certain critical features disabled/unsupported under Linux.
In a previous post on a different article, I commented that the music industry was stupid not to look at the success of allofmp3.com and learn from it. While allofmp3 was bad for the RIAA in that the revenue stream broke down between the user and the RIAA (it ended at allofmp3), its success proved that users ARE willing to pay for their content if provided conveniently at a reasonable price in a usable format.
In short, they need to make themselves cost competitive with P2P. How do you make yourself cost competitive with something that is free?
The same way people compete with (and/or make money from) freely available open-source software. Don't market the product itself, market convenience associated with that product. For open-source software, that convenience is packaging and tech support/customization contracts. For music, that convenience is selection and a guarantee of quality. allofmp3 succeeded for three reasons: Very low prices (Probably too low for the RIAA's tastes, but even twice the price of allofmp3 would have appealed to many. RIAA could make up for the low per-track revenue via significantly higher volume. e.g. back in the days of pyMusique, I bought quite a few single $1 tracks, but no complete albums. With allofmp3, I frequently would purchase an entire album for $3-$4 even though I was only looking for one track from that album initially.) Convenience - allofmp3 had a great selection that made it far easier to find music than on any P2P network. Only the RIAA has the capability to actually beat that selection. Also, people would be more willing to give credit card info to a "trusted" source rather than a clearly shady Russian company with apparent mob ties. Last, but clearly not least - no DRM. DRM goes way beyond nullifying the above "convenience aspect", and in fact makes P2P the more convenient option, free or not.
"Voice Dialing? My old phone had voice dialing, and it was the most worthless piece of crap technology I have ever used."
Except that it's required on a phone such as the iPhone for the ability to "blind dial" without looking at the phone.
Remember, Apple decided that input technologies that gave tactile feedback were a Bad Thing. Really, the thumbboard is bad! It's horrible, especially that little bump on the "5" key of most phones (similar to F and J on QWERTY keyboards) that lets you find a start point without looking at the keyboard/thumbboard.
(on a less sarcastic note) Apple seems to have missed the fact that phones that didn't have tactile feedback for dialing (it's been done before, most of the early WinCE/Windows Mobile phones were in this category) royally bombed. People said "oh, but you can voice dial!", except that rarely ever actually works. (It did work quite well on my 6035, but required too much setup, it was much easier to just dial from memory) Only smartphones that HAVE had thumbboards (or at the minimum, a numeric dialing pad such as the Kyocera 6035 and 7135) have succeeded in the market.
Without DRM to enforce it, who would use a player that phoned home?
The whole point of the watermarking scheme is to have anti-piracy measures that don't force users to only use "licensed" players with proper decryption keys, one of the biggest complaints people have about DRM in the first place.
"and the people I know who buy digital download media, don't use illegal filesharing sites"
I don't know about you, but I know plenty of people who go to such filesharing sites because they are unable to obtain the media in a usable format if they pay for it. If they can't view the "legal" media for whatever reason (unsupported mobile device, Linux user, etc), then the legal media becomes worth $0.00 to them, and they go the illegal route.
Now, if the legal media were usable to them, then it would actually have some value to them. Why pay for something when you can get it for free? Convenience and selection. Back in the days of pyMusique I bought more music in a week than I did in 3-4 YEARS, none of which has ever been copied to a device I don't personally own. Same with allofmp3. While allofmp3 had its own issues in that the money flow from the user to allofmp3 broke down there rather than flowing to the RIAA, the RIAA were incredibly stupid not to look at allofmp3's success as proof that people WILL pay for music they can get for free if you offer them convenience and compatibility. If you can't beat em', join em'. The RIAA could have made a killing by creating a site with:
Better selection than allofmp3 (somewhat difficult, but not really for the copyright holders themselves) Better convenience than allofmp3 (accept more credit cards, and simply be a "trusted" vendor people are comfortable providing CC information to) Double the price of allofmp3 (still quite reasonable) No DRM
Re:Hiding the iPhone
on
iPhone Roundup
·
· Score: 2, Informative
"I know Verizon will blacklist the ESN of a phone that has been reported stolen, and they don't have to share these numbers around, as there are only 2 CDMA carriers that I know of (can you unlock a phone between Sprint/Verizon?)."
You used to be able to unlock the programming mode of Sprint phones and reset the access codes to 0000, which allowed you to activate the phone with Verizon.
You couldn't go the other way - In addition to a stolen phone blacklist, Sprint keeps an ESN whitelist of phones they have sold. Sprint will refuse to activate anything not on that whitelist. I have heard rumors that Verizon has recently started doing this too, but back in the days before Verizon sold the Treo 650, unlocked Sprint phones were a common way to combine the 650 and Verizon service.
BTW, there is a third CDMA carrier (Alltel), but they're small.
Due to rising unemployment of sharks in their country, China was forced to begin developing weapons that could be mounted on the sharks' heads so they could have a job again.
Or you can patent one of the production processes for it.
Someone mentioned the inventor of insulin trying to ensure a "no-monopoly" situation, but since the advent of human insulin produced by genetically engineered bacteria (as opposed to from the pancreas of slaughtered cows/pigs), a select few companies (Eli Lilly and Novo Nordisk and that's about it with one exception) have dominated the insulin market since the 1970s (Insulin was discovered in the early 1920s, by the way) due to patents on:
Methods of producing insulin (specifically recombinant DNA origin insulins) Methods of tweaking insulin to be absorbed/used by the body over a longer period of time by adding stuff to the injected mixture (Lente, Ultralente, NPH, etc) Methods of producing insulin with "faster than natural" activity profiles by tweaking the molecular structure itself (Humalog and Novolog) Methods of producing insulin with extremely long "peakless" activity profiles by a combination of the above two techniques (Lantus and Levemir) - BTW this is where the one exception to the Lilly/Nordisk dominance is. Lantus is made by Aventis.
From one "unpatented" drug that according to this article will not have an interest from big pharma, history shows that global market dominance can still be established. I have a feeling drug companies right and left will be racing to tweak this new drug to make a better version or better production process (which happens to be patentable).
While inconvenient, nothing prevents someone from splitting the file into 4.7 GB chunks for later reassembly.
At around $0.25-$0.50 per high-quality DVD-R, that comes to around $1.25-$2.50 per movie.
$250 in media for 100 movies.
As others have pointed out, the "convenient" solution comes to around $576 now, and that price is constantly dropping. I spent that much for half as much storage a year ago.
How long was AGP around? At least 6 years in the mainstream (starting around 1998 when I built my first system for school, ending 1-2 years ago.). Yes, in many cases you would get better performance when upgrading GPU and CPU at once, but you could make a system last MUCH longer by swapping out video card only and not CPU.
I think my desktop's first incarnation went through 3 different graphics card iterations before a CPU upgrade, my current desktop incarnation will be going through its second graphics upgrade w/o CPU change.
Graphics chipsets have typically had a release cycle of 6 months or so between major revisions, (I think it's longer nowadays), as compared to 6+ YEARS for major compatibility-breaking bus changes, and maybe 1-2 years for "minor" bus improvements that don't necessarily warrant a "full blown" upgrade (i.e. AGP 4x vs. 8x, and PCIe 1.1 vs. 2.0)
Other than being a "bump" of PCI Express, it is no different from PCI Express. It is most definately no different in terms of licensing and implementation in the O.S.
Actually, the nice thing is that even PCI Express was no different from PCI at the OS level. To an operating system, PCI Express peripherals just appear as really fast PCI peripherals - at that level of abstraction they are the same.
PCIe 1.0 and 1.1 are perfectly supported under Linux, why would 2.0 be any different?
Except that with multiprocessor systems, you had to have matched processors in almost all cases. The result was that if you upgraded one processor you were basically forced to upgrade all (with a few possible rare exceptions).
So moving them into a single package had no disadvantage - you couldn't upgrade them individually anyway.
Integrated graphics (GPU + CPU) is a different story, two components with a LONG history of being upgraded independently of each other.
Heck, even motherboard-integrated graphics (GPU + chipset) never fared well outside of the mobile, server, and super-lowend markets.
While the electrical interface has changed significantly, the basics of the protocol have not changed much at all, at least at a certain layer.
The end result is that at some layer of abstraction, a PCI-Express system appears identical to a PCI system to the operating system (as another poster mentioned). BTW, with a few small exceptions (such as the GART), AGP was the same way. Also, (in theory) the migration path from PCI to PCI Express for a peripheral vendor is simple - A PCI chipset can be interfaced with a PCI Express bus with some "one size fits all" glue logic, although of course that peripheral will suffer a bandwidth penalty compared to being native PCIe.
Kind of similar to PATA vs. SATA - Vastly different signaling schemes, but with enough protocol similarities that most initial SATA implementations involved PATA-to-SATA bridges.
Not necessarily. They may be independent of each other, but are dependent on $N million per year in R&D funding and equipment.
It's entirely possible for two research teams to put forth years of effort independently of another one if they are in a corporate environment. - http://en.wikipedia.org/wiki/Bessemer_process , although in that case there isn't any explanation for why Bessemer got the patent (the only reason I can think of is that Kelly didn't have the inclination/money to file for a patent, and didn't have the inclination/money to dispute it either, showing that "first to invent" doesn't always wind up being reality for a patent because it's such a pain to prove, or maybe in that era it was "first to file")
And "first to file/first to invent" only covers when two people/companies file a patent at around the same time without any previous public disclosure of their work. (e.g. they both developed the same thing independently) Previous (patented or unpatented) publically disclosed work trumps a patent.
"First to invent" can often be hard to prove though, so in reality it's usually "first to file" unless you were VERY careful in documenting your invention process and have lots of money for lawyers.
"Either the patent system will be proven rotten, or DRM will be halted! It's a win-win!"
Or the patent system will work and the patent won't be granted (prior art). Or the patent system will work and the patent will be granted because it is narrow in scope (only covers a specific type of DRM) which won't hurt DRM in general because no one implements it in the patented way. (If they do, prior art kills the patent)
"I concur. My MCE Remote works its way through a pair of rechargable 2500mah AA cells every ~6 weeks or so."
While the original poster said 6 months for self-discharge, IMO NiMH self-discharge is worse than that. I believe NiMHs are worse than NiCDs for self-discharge.
Those batteries probably would have discharged themselves significantly in those 6 weeks anyway, inside a device or not.
AA core in C/D "shell" is common practice for consumer-targeted batteries.
True C/D cells exist, you usually have to go to a specialist store or order online. (Quite a few have linked to Thomas Distributing, one such online specialty store. There's another online distributor that offers bulk discounts for industrial NiMHs, I forget their name at the moment.)
"the device really needs an onboard controller just to keep them safe"
In fact, in the United States, a manufacturer is legally required to include protection circuitry (against short circuit, overcharge, and over-discharge) in any Lithium Ion battery pack sold in the United States.
If I recall correctly, manufacturers of Li-Ion cells are not allowed to sell bare cells to anyone who is not licensed to work with Li-Ions. Any company you see selling "bare" cells to the general public most likely has a disclaimer somewhere that it is included in a pack with protection circuitry with undocumented/unknown functionality. They know you're using it as a "bare" cell for projects, but they've satisfied the law by selling it in a pack with a protection circuit.
Li-Ion batteries simply cannot be used as a generic replacement in most devices for a variety of reasons, the first of which is that their nominal voltage (3.6 volts) is not anywhere close to the nominal voltage of normal alkaline or NiCd/NiMh cells. They also have quite a bit of output voltage variability. (They are charged at 4.1 or 4.2 volts depending on the exact cell chemistry, and slowly drop to slightly below 3.6 as they discharge.)
BTW, NiCd/NiMH cells have a far lower nominal voltage (1.2 volts) than alkalines (1.5 volts), which makes them perform worse in some devices. They have a far lower internal resistance, which makes them superior to alkalines in any device that has high drain and can deal with the lower voltage, for example a device that contains an internal switching regulator to convert 2.4-3.0 volts to 3.3 volts, or from 4.8-6.0 volts to 3.3 like many digital cameras.
I think early versions had problems with ESD in extreme environments. The documentation has some comments to that regard, saying what the symptoms are and to return your fob for a new one if that happens.
That said, the SecurID card I have is subject to large amounts of abuse (it's on my keychain) and still works perfectly.
As to being difficult to deploy - you can't have security AND convenience. The emailed matrix described by the submitter falls more into a "what you know" category than "what you have". You can memorize a 2D table, you can't memorize a smartcard or SecurID fob. In my opinion, the approach the submitter's bank took is horribly insecure for many reasons, the least of which is that it is distributed via email. (It's easily copied/cloned, for example.)
Slashdot Mirror
"Intel drivers for Linux Just Work(TM). I installed Ubuntu 6.10 on my Acer notebook, with a i915g video adapter, and everything worked without any extra effort. And I'm even able to use Beryl/Compiz as my default window manager, without any stability issues."
This is because Intel's graphics chipsets are crippled and don't implement any of the features covered by other companies' patents which force ATI and NVidia to go closed-source.
You seem to forget that ATI had fully open-source drivers until they were forced to "go closed" due to licensing another company's IP for their chipsets. In that particular case, the first incident was S3 Texture Compression, a feature essentially required by all modern games, and apparently with patent licensing agreements that prohibit closed-source drivers. For a few months, S3TC was why Unreal Tournament 2003 (or was it 2k4?) only ran on NVidia cards under Linux - it wasn't until ATI released binary drivers that supported S3TC that UT2k3 would run on ATI cards under Linux.
The end result is that ultimately, the choice will not be Intel's as to whether to go open-source or not for full functionality, just as ATI had no choice but to "go closed" or simply leave certain critical features disabled/unsupported under Linux.
In a previous post on a different article, I commented that the music industry was stupid not to look at the success of allofmp3.com and learn from it. While allofmp3 was bad for the RIAA in that the revenue stream broke down between the user and the RIAA (it ended at allofmp3), its success proved that users ARE willing to pay for their content if provided conveniently at a reasonable price in a usable format.
In short, they need to make themselves cost competitive with P2P. How do you make yourself cost competitive with something that is free?
The same way people compete with (and/or make money from) freely available open-source software. Don't market the product itself, market convenience associated with that product. For open-source software, that convenience is packaging and tech support/customization contracts. For music, that convenience is selection and a guarantee of quality. allofmp3 succeeded for three reasons:
Very low prices (Probably too low for the RIAA's tastes, but even twice the price of allofmp3 would have appealed to many. RIAA could make up for the low per-track revenue via significantly higher volume. e.g. back in the days of pyMusique, I bought quite a few single $1 tracks, but no complete albums. With allofmp3, I frequently would purchase an entire album for $3-$4 even though I was only looking for one track from that album initially.)
Convenience - allofmp3 had a great selection that made it far easier to find music than on any P2P network. Only the RIAA has the capability to actually beat that selection. Also, people would be more willing to give credit card info to a "trusted" source rather than a clearly shady Russian company with apparent mob ties.
Last, but clearly not least - no DRM. DRM goes way beyond nullifying the above "convenience aspect", and in fact makes P2P the more convenient option, free or not.
"How are you supposed to give tactile feedback on a touch screen?"
Um, that was exactly my point, how stupid are YOU not to understand it?
As far as the click wheel - how is that in any way relevant to dialing a phone?
"Voice Dialing? My old phone had voice dialing, and it was the most worthless piece of crap technology I have ever used."
Except that it's required on a phone such as the iPhone for the ability to "blind dial" without looking at the phone.
Remember, Apple decided that input technologies that gave tactile feedback were a Bad Thing. Really, the thumbboard is bad! It's horrible, especially that little bump on the "5" key of most phones (similar to F and J on QWERTY keyboards) that lets you find a start point without looking at the keyboard/thumbboard.
(on a less sarcastic note) Apple seems to have missed the fact that phones that didn't have tactile feedback for dialing (it's been done before, most of the early WinCE/Windows Mobile phones were in this category) royally bombed. People said "oh, but you can voice dial!", except that rarely ever actually works. (It did work quite well on my 6035, but required too much setup, it was much easier to just dial from memory) Only smartphones that HAVE had thumbboards (or at the minimum, a numeric dialing pad such as the Kyocera 6035 and 7135) have succeeded in the market.
Stop trying to run your mailing list from a consumer-grade DSL connection from which servers are most likely banned then.
Without DRM to enforce it, who would use a player that phoned home?
The whole point of the watermarking scheme is to have anti-piracy measures that don't force users to only use "licensed" players with proper decryption keys, one of the biggest complaints people have about DRM in the first place.
"and the people I know who buy digital download media, don't use illegal filesharing sites"
I don't know about you, but I know plenty of people who go to such filesharing sites because they are unable to obtain the media in a usable format if they pay for it. If they can't view the "legal" media for whatever reason (unsupported mobile device, Linux user, etc), then the legal media becomes worth $0.00 to them, and they go the illegal route.
Now, if the legal media were usable to them, then it would actually have some value to them. Why pay for something when you can get it for free? Convenience and selection. Back in the days of pyMusique I bought more music in a week than I did in 3-4 YEARS, none of which has ever been copied to a device I don't personally own. Same with allofmp3. While allofmp3 had its own issues in that the money flow from the user to allofmp3 broke down there rather than flowing to the RIAA, the RIAA were incredibly stupid not to look at allofmp3's success as proof that people WILL pay for music they can get for free if you offer them convenience and compatibility. If you can't beat em', join em'. The RIAA could have made a killing by creating a site with:
Better selection than allofmp3 (somewhat difficult, but not really for the copyright holders themselves)
Better convenience than allofmp3 (accept more credit cards, and simply be a "trusted" vendor people are comfortable providing CC information to)
Double the price of allofmp3 (still quite reasonable)
No DRM
Three words: New SIM card.
"I know Verizon will blacklist the ESN of a phone that has been reported stolen, and they don't have to share these numbers around, as there are only 2 CDMA carriers that I know of (can you unlock a phone between Sprint/Verizon?)."
You used to be able to unlock the programming mode of Sprint phones and reset the access codes to 0000, which allowed you to activate the phone with Verizon.
You couldn't go the other way - In addition to a stolen phone blacklist, Sprint keeps an ESN whitelist of phones they have sold. Sprint will refuse to activate anything not on that whitelist. I have heard rumors that Verizon has recently started doing this too, but back in the days before Verizon sold the Treo 650, unlocked Sprint phones were a common way to combine the 650 and Verizon service.
BTW, there is a third CDMA carrier (Alltel), but they're small.
Due to rising unemployment of sharks in their country, China was forced to begin developing weapons that could be mounted on the sharks' heads so they could have a job again.
I should have said discoverer of insulin. It was discovered, not invented.
I had my mind focused too much on the subsequent developments, which WERE invention as opposed to discovery.
Methane, for one. Every time you eat chili, you're harming the planet.
Save the chili, save the world!
Or you can patent one of the production processes for it.
Someone mentioned the inventor of insulin trying to ensure a "no-monopoly" situation, but since the advent of human insulin produced by genetically engineered bacteria (as opposed to from the pancreas of slaughtered cows/pigs), a select few companies (Eli Lilly and Novo Nordisk and that's about it with one exception) have dominated the insulin market since the 1970s (Insulin was discovered in the early 1920s, by the way) due to patents on:
Methods of producing insulin (specifically recombinant DNA origin insulins)
Methods of tweaking insulin to be absorbed/used by the body over a longer period of time by adding stuff to the injected mixture (Lente, Ultralente, NPH, etc)
Methods of producing insulin with "faster than natural" activity profiles by tweaking the molecular structure itself (Humalog and Novolog)
Methods of producing insulin with extremely long "peakless" activity profiles by a combination of the above two techniques (Lantus and Levemir) - BTW this is where the one exception to the Lilly/Nordisk dominance is. Lantus is made by Aventis.
From one "unpatented" drug that according to this article will not have an interest from big pharma, history shows that global market dominance can still be established. I have a feeling drug companies right and left will be racing to tweak this new drug to make a better version or better production process (which happens to be patentable).
While inconvenient, nothing prevents someone from splitting the file into 4.7 GB chunks for later reassembly.
At around $0.25-$0.50 per high-quality DVD-R, that comes to around $1.25-$2.50 per movie.
$250 in media for 100 movies.
As others have pointed out, the "convenient" solution comes to around $576 now, and that price is constantly dropping. I spent that much for half as much storage a year ago.
Interface upgrades don't happen too often.
How long was AGP around? At least 6 years in the mainstream (starting around 1998 when I built my first system for school, ending 1-2 years ago.). Yes, in many cases you would get better performance when upgrading GPU and CPU at once, but you could make a system last MUCH longer by swapping out video card only and not CPU.
I think my desktop's first incarnation went through 3 different graphics card iterations before a CPU upgrade, my current desktop incarnation will be going through its second graphics upgrade w/o CPU change.
Graphics chipsets have typically had a release cycle of 6 months or so between major revisions, (I think it's longer nowadays), as compared to 6+ YEARS for major compatibility-breaking bus changes, and maybe 1-2 years for "minor" bus improvements that don't necessarily warrant a "full blown" upgrade (i.e. AGP 4x vs. 8x, and PCIe 1.1 vs. 2.0)
How is that?
Other than being a "bump" of PCI Express, it is no different from PCI Express. It is most definately no different in terms of licensing and implementation in the O.S.
Actually, the nice thing is that even PCI Express was no different from PCI at the OS level. To an operating system, PCI Express peripherals just appear as really fast PCI peripherals - at that level of abstraction they are the same.
PCIe 1.0 and 1.1 are perfectly supported under Linux, why would 2.0 be any different?
Except that with multiprocessor systems, you had to have matched processors in almost all cases. The result was that if you upgraded one processor you were basically forced to upgrade all (with a few possible rare exceptions).
So moving them into a single package had no disadvantage - you couldn't upgrade them individually anyway.
Integrated graphics (GPU + CPU) is a different story, two components with a LONG history of being upgraded independently of each other.
Heck, even motherboard-integrated graphics (GPU + chipset) never fared well outside of the mobile, server, and super-lowend markets.
It has more to do with PCI than you think.
While the electrical interface has changed significantly, the basics of the protocol have not changed much at all, at least at a certain layer.
The end result is that at some layer of abstraction, a PCI-Express system appears identical to a PCI system to the operating system (as another poster mentioned). BTW, with a few small exceptions (such as the GART), AGP was the same way. Also, (in theory) the migration path from PCI to PCI Express for a peripheral vendor is simple - A PCI chipset can be interfaced with a PCI Express bus with some "one size fits all" glue logic, although of course that peripheral will suffer a bandwidth penalty compared to being native PCIe.
Kind of similar to PATA vs. SATA - Vastly different signaling schemes, but with enough protocol similarities that most initial SATA implementations involved PATA-to-SATA bridges.
Not necessarily. They may be independent of each other, but are dependent on $N million per year in R&D funding and equipment.
It's entirely possible for two research teams to put forth years of effort independently of another one if they are in a corporate environment. - http://en.wikipedia.org/wiki/Bessemer_process , although in that case there isn't any explanation for why Bessemer got the patent (the only reason I can think of is that Kelly didn't have the inclination/money to file for a patent, and didn't have the inclination/money to dispute it either, showing that "first to invent" doesn't always wind up being reality for a patent because it's such a pain to prove, or maybe in that era it was "first to file")
Not in the U.S.
And "first to file/first to invent" only covers when two people/companies file a patent at around the same time without any previous public disclosure of their work. (e.g. they both developed the same thing independently) Previous (patented or unpatented) publically disclosed work trumps a patent.
"First to invent" can often be hard to prove though, so in reality it's usually "first to file" unless you were VERY careful in documenting your invention process and have lots of money for lawyers.
"Either the patent system will be proven rotten, or DRM will be halted! It's a win-win!"
Or the patent system will work and the patent won't be granted (prior art).
Or the patent system will work and the patent will be granted because it is narrow in scope (only covers a specific type of DRM) which won't hurt DRM in general because no one implements it in the patented way. (If they do, prior art kills the patent)
"I concur. My MCE Remote works its way through a pair of rechargable 2500mah AA cells every ~6 weeks or so."
While the original poster said 6 months for self-discharge, IMO NiMH self-discharge is worse than that. I believe NiMHs are worse than NiCDs for self-discharge.
Those batteries probably would have discharged themselves significantly in those 6 weeks anyway, inside a device or not.
AA core in C/D "shell" is common practice for consumer-targeted batteries.
True C/D cells exist, you usually have to go to a specialist store or order online. (Quite a few have linked to Thomas Distributing, one such online specialty store. There's another online distributor that offers bulk discounts for industrial NiMHs, I forget their name at the moment.)
"the device really needs an onboard controller just to keep them safe"
In fact, in the United States, a manufacturer is legally required to include protection circuitry (against short circuit, overcharge, and over-discharge) in any Lithium Ion battery pack sold in the United States.
If I recall correctly, manufacturers of Li-Ion cells are not allowed to sell bare cells to anyone who is not licensed to work with Li-Ions. Any company you see selling "bare" cells to the general public most likely has a disclaimer somewhere that it is included in a pack with protection circuitry with undocumented/unknown functionality. They know you're using it as a "bare" cell for projects, but they've satisfied the law by selling it in a pack with a protection circuit.
Li-Ion batteries simply cannot be used as a generic replacement in most devices for a variety of reasons, the first of which is that their nominal voltage (3.6 volts) is not anywhere close to the nominal voltage of normal alkaline or NiCd/NiMh cells. They also have quite a bit of output voltage variability. (They are charged at 4.1 or 4.2 volts depending on the exact cell chemistry, and slowly drop to slightly below 3.6 as they discharge.)
BTW, NiCd/NiMH cells have a far lower nominal voltage (1.2 volts) than alkalines (1.5 volts), which makes them perform worse in some devices. They have a far lower internal resistance, which makes them superior to alkalines in any device that has high drain and can deal with the lower voltage, for example a device that contains an internal switching regulator to convert 2.4-3.0 volts to 3.3 volts, or from 4.8-6.0 volts to 3.3 like many digital cameras.
I think early versions had problems with ESD in extreme environments. The documentation has some comments to that regard, saying what the symptoms are and to return your fob for a new one if that happens.
That said, the SecurID card I have is subject to large amounts of abuse (it's on my keychain) and still works perfectly.
As to being difficult to deploy - you can't have security AND convenience. The emailed matrix described by the submitter falls more into a "what you know" category than "what you have". You can memorize a 2D table, you can't memorize a smartcard or SecurID fob. In my opinion, the approach the submitter's bank took is horribly insecure for many reasons, the least of which is that it is distributed via email. (It's easily copied/cloned, for example.)