There's an easier way to slow down spammers... generate a random string with some bit of known plaintext, save it in session context, generate a random 40-bit encryption key, save it in session context, encrypt the random string with that random key, deliver it to the user's client app, and make the client app bruteforce the encryption key & submit the decrypted value as a formvar along with the new message. Even phones are fast enough now to bruteforce a 40-bit key within a few seconds if you give them a hint or two so they can attack the problem intelligently. The biggest drawback is that ARM is so much slower than x86 or AMD64, even a shit PC can bruteforce something in a few seconds that would take an Android phone or iPhone a minute or more (ARM is about half the effective speed as an x86 of a given speed in megahertz/gigahertz with mainstream apps, but when the big boys pull out the heavy artillery and start involving lots of floating point math, matrix calculations, and huge integers, the gap between ARM and x86 widens considerably).
Example: a few months ago, I did a proof of concept experiment for a group of developers at my company. Given a list of ~500,000 real-world passwords obtained from compromised popular web sites, a ~2GHz Thnkpad T61 can iterate through the list, do a single round of PBKDF2 key stretching, attempt to decrypt a short pdf document that might have been weakly-encrypted with AES using that as a key in ECB mode, and rip through about 100,000 keys per minute. Of course, in real life, you'd never use ECB and you'd do at least 1,000 (if not many, many more) rounds of key-stretching, but the example just goes to show how fast even mediocre computer hardware is now at bruteforce cracking. In fact, the hardest part is finding a supported encryption algorithm that's suitably weak to make cracking it be (statistically) a 15-30 second job on a high-end Android phone or iPhone.
Just wait until captchas turn into 30-second flash videos, followed by freeform text answers with questions like, "How many cups of ___'s delicious Mountain Roast coffee did Jane buy?", followed by "What color was the scarf of the elderly woman behind her" and "what is the 800 number you can call to send a gift certificate for CoffeeCo's tasty rich dark coffee to a cherished friend?".
Before you argue that the number questions would be small, remember... advertisers will be shooting loads on their computer screens at the thought of being able to force users to watch, re-watch, and watch their commercials another 7 times to answer the captcha questions their marketing department will be submitting to Google along with the ads themselves. The more inane questions they come up with to submit (and by extension, the more ad views they can wring out of a single exposure payment to get him to be able to answer their questions), the happier they'll be. Mark my words, two or three years down the line, they'll be sending you on scavenger hunts to the advertiser's website to look up SKU numbers and specs from the users manual. Don't believe me? Sites offering downloads of pirated software and mp3s were doing the same thing YEARS ago... to download some file, they'd literally send you out to a hundred sites where you had to view ads and answer questions about them to prove you did it.
(note: this applies as written to the US and Canada... it would absolutely need changes for use elsewhere in the world)
The whole way that boosters work is just fundamentally wrong. Instead of using the mobile network's frequencies for the phone-booster link, they should act like a mini cell tower that operates on the old 900MHz cordless phone band (902-928MHz), allocated as follows:
My back of the envelope calculations suggest that CDMA and HSPA will need 25MHz, leaving 3MHz for up to 15 channels of legacy GSM. In Canada (which, AFAIK, has the same frequency bandplan for 902-928MHz as the US), the device could optionally hijack the pair of EVDO channels for an additional 2.5Mhz of legacy GSM channels.
Ideally, the FCC would grow balls, define this as an objective standard that can be independently certified, then require carriers to provide autoconfiguration data and accept traffic from any device that passes the required certification when relaying traffic from one of their customers. The key point is that it would remove the carrier itself from the equation so they can't muck things up, charge additional fees, or gimp the whole thing into uselessness.
Carriers would be allowed to ignore signals from malfunctioning personal cells (providing occasional response beacons making it known that they were refusing to communicate with them and why), tell them to quit broadcasting or reduce power if they cause interference, or file a complaint with the FCC asking them to contact you to resolve problems involving conflicts between them and another carrier involving your personal cell, but if everything is working as designed, the FCC would tell them to piss off, handshake with your cell like they're supposed to, and quit harassing you.
As an end user, you'd mount it on a mast like an old TV antenna (or put it on your balcony), power it up, watch it do a site survey, then ask you which carriers you want to enable it for, and whether you want to restrict use (which would also limit its max power... share it with your neighbors, and you get to use higher power because otherwise you'd just be stomping on THEIR personal cells). If it saw other personal cells, it would negotiate with them to mutually reduce 902-928MHz transmit power more aggressively if you had yours in 'private' mode, or mesh with them and locally exchange traffic if they determined that one had a better view of a network's tower than the other if you had yours in 'public' mode.
The nice thing about a personal tower device like this is the fact that it's semi-transparent to the phone and mobile network itself. The phone just happens to see that there's a 902MHz "tower" nearby that has better connectivity to ${your-carrier} that the phone itself (after handshaking and autoconfiguration, your cell basically becomes a seamless local tower for every network you decide to enable), and relays its traffic to the proper network on the network's own frequencies under its own identity. The personal cell isn't spoofing a phone, nor is it leeching your own internet connection (and in fact, would work as a MEANS of connectivity if you were in some rural area with decent wireless, but no viable broadband).
For users in ultra-rural areas, they could expose an expansion bus that allowed you to add one or two LTE or Wimax modules and/or additional tuned directional antennas if desired. They could also allow you to add additional units that consisted only of the local 902-928MHz side, and wire them all together with cat5e (either giving them at least 2 dedicated pairs of their own so they could do ATM, using them with a QoS-enabled switch, or just tolerating random jitter) so they can share a single outdoor backhaul link.
AT&T and Verizon are prohibited from leasing phones to customers. In theory, Sprint, T-Mobile, MetroPCS, and US Cellular aren't (they aren't bound by the consent decree that ordered AT&T's breakup & prohibited lease arrangements going forward... AT&T and Verizon are.) The prohibition against leasing was reaffirmed multiple times against BellSouth Mobility in the early 90s (back when a Motorola DynaTac used to cost $3,995).
Not quite... if you travel to Asia and have sex with a 12 year old prostitute while you're there, the US *will* in fact prosecute you for it if it finds out. California arrests 18-20 year old adults for alcohol possession all the time -- even if the actual consumption occurred in Mexico -- if it can legally get its hands on a blood or breath sample somehow, and determines that they have alcohol in their bloodstream (in CA, Florida, and quite a few other states, having detectable alcohol in your bloodstream constitutes 'possession' if you're under 21.)
> If you paid full price for a phone, and don't have a contract, why would a corporation get to tell you what > you can and can't do with the phone after you've paid for it?
Sprint's usual excuse is that the firmware on the phone was licensed for use only on Sprint, so using the phone on Verizon, MetroPCS, US Cellular, or BSNL (in India) is tantamount to software piracy. Of course, the only reason the firmware license specifies that the license is only for use on Sprint is because Sprint *itself* insisted upon it, and Qualcomm doesn't give two shits where you use the phone, as long ad you don't pester them for support...
As a practical matter, it's *impossible* to buy a brand new Sprint phone from an authorized dealer with no strings attached -- at *any* price, subsidized or not. They literally aren't allowed to let you walk out the door with a new phone that isn't activated and associated with a current Sprint account. The official excuse is that the phone's firmware is exclusively licensed from qualxomm & others for use on Sprint, so they can't sell it to use on MetroPCS or US Cellular -- not even at full price.
That's not to say nobody has ever tried and succeeded... but when it happens, it's because an employee screwed up.
It's not quite the same thing, though, because there's no battery-charging involved. AFAIK, you couldn't charge a moving bus by induction, because the magnetic field would act like the regenerative braking system in a Prius.
There's also the problem that zoning departments (in Miami, at least) have this fetish with imposing street-level boutique retail that's economically non-viable due to small size and limited parking. You can walk all over downtown Miami and see buildings with street-level boutique-sized retail spaces that can't get leased (or stay leased, because the tenants go bankrupt within months). But if a developer planning a square-block skyscraper wants to configure the space for one huge urban big-box store in the basement with 6 floors of free parking for shoppers stacked above it and the tower's ground-floor lobby, the New Urbanists get all bitchy about it (example store from New York: http://www.trbimg.com/img-4f897067/turbine/chi-best-buy-20120414/600 )
^^^ What killed them was themselves, when Microsoft literally abandoned it when it was finally becoming good.
WinMo 6.5 was fine... as a pocket laptop & PDA with built-in wireless data.It was utterly dysfunctional for making voice calls, but that was just the deal those of us who used it made with the devil. Given a month or two of hardcore tweaking & thirdparty enhancements, it blew away both iPhone AND the first year or two of Android.
Really, 90% of its real-world usability problems were caused by HTC's last-minute ill-conceived decision to eliminate the menu & ok hard buttons from most of their phones around 2008 (which caused endless misery when a missed call or unnoticed text msg activated the touchscreen in your pocket).
If Microsoft had made "phone" just another app with first-class API support (allowing thirdparty phone apps instead of treating "phone app" as HTC's private domain), and rolled out an open, Android-like app market, they would have been a strong force keeping the fire lit under Google's feet. They would have absolutely lost marketSHARE to Android (& iOS), but would probably have twice as many users today as they had in 2008 (due to the market itself growing).
WinMo wasn't "open" in the purest Android sense, but with a few improvements to strengthen its API for "phone" apps, it would have been more de-facto open & hackable by end users than a non-rooted Android phone is today.
Sealing a building's envelope might pay for itself if you look only at energy cost, but it's NOT necessarily consequence-free. Just ask anybody who owns a home built before 1970, superinsulated sometime later, and would now end up classified as an EPA biohazard zone due to mold if someone were ever to do an official test with legal consequences inside. Or anybody who owns a house built in the 1980s or 1990s that gets its roof or exterior damaged by a hurricane or tornado, ends up with water infiltration, and something that would have been a minor "shit happens" repair 50 years ago turns into a $40,000 reconstruction saga due to moisture trapped by the same vapor barrier. Supertight buildings generally do OK for 10-20 years, but in terms Slashdot users will understand, they tend to be very "brittle", and ANYTHING that officially isn't supposed to happen, but happens anyway, ends up setting off a chain reaction that's insanely expensive to fix.
> You can use nuclear fuel to get electricity, but what do you do with the left-overs?
You run it through a breeder reactor, recursively wring about 6,000% as much total energy from it as you'd get from a single run, and end up with a much, much smaller volume of waste to warehouse.
It's kind of like cleaning up a hoarder's mess by throwing out only the uncontested garbage, expired food, and animal feces, scrubbing everything else down, setting aside high-value items for immediate sale on eBay, and packing the remaining stuff into boxes stacked from floor to ceiling in a spare bedroom (with clear 3-foot paths from the door to the window(s)). There's still arguably a long-term problem, but it's one that's enormously easier to deal with.
Taking the hoarder analogy further, reprocessing spent fuel is like sending off crates and crates of old papers for bulk scanning so the monthly rent for the storage unit needed to store them can be eliminated. The scanning isn't free, but it's a one-time charge that eliminates otherwise-eternal recurring charges by massively consolidating dozens or hundreds of cubic feet into a hard drive and a blu-ray backup or two that can be stored on a shelf.
^^^ Argh. 10 minutes editing and proofing, and still I somehow managed to miss the middle-button reference. Ignore any reference to "middle" button in the post above. Or know that I really want three buttons... with button #3 centered along the top edge so I can add additional context to multiclicks of the other two buttons...
At least two tactile buttons (so you can feel the click in the dark), one in the lower-left edge, and one in the upper-right edge (so you can easily press them between the thumb and index finger of your right hand while wearing the watch on the left).
The buttons should be 100% user-definable, be able to shift each other, and support double/triple/quadruple-clicks.
Example: press lower-left button with thumb and keep it pressed; press and release upper-right button with index finger three times, then release lower-left button.
Example: press and release middle button twice, press and release upper-right button twice, then press and release middle button once.
The nice thing about two buttons that can shift each other is the staggering number of gestures you can create by allowing double/triple clicks prior to shift. For example:
triple-click lower left, keeping it pressed down after the third, then press and release upper right button twice before releasing the lower left button.
Personally, I'd want to add a third button, centered along the upper edge, to add further user-defined context to shifted multiclicks of the two diagonal buttons.
Make the screen touchable, and you can even add variants with diagonal thumb-swipes while holding one of the buttons (before or after one or more shifted multiclicks, of course). And Graffiti. Graffiti-1, specifically, including the single-stroke alternates that I'm crippled without.
Not that I've given the matter much thought, of course... or spent hours poring over Android's source trying to come up with some way of grafting low-latency hardkeys onto a case through the USB jack so I can have real tactile buttons even if the @#*$&@( manufacturers are determined to ram laggy, delayed touchscreens down our throats...
In general terms, the idea is to break up the supply rail into short segments, and only energize the segment that's directly below the vehicle at that instant in time so there's no electrocution risk.
is called "hydroxyl acid", the substance is the major component of acid rain.
contributes to the "greenhouse effect".
may cause severe burns.
is fatal if inhaled.
contributes to the erosion of our natural landscape.
accelerates corrosion and rusting of many metals.
may cause electrical failures and decreased effectiveness of automobile brakes.
has been found in excised tumors of terminal cancer patients.
Despite the danger, dihydrogen monoxide is often used:
as an industrial solvent and coolant.
in nuclear power plants.
in the production of Styrofoam.
as a fire retardant.
in many forms of cruel animal research.
in the distribution of pesticides. Even after washing, produce remains contaminated by this chemical.
as an additive in certain "junk-foods" and other food products.
^^^ IMHO, Diet Mtn Dew tastes BETTER than the regular version. I love Diet Mtn Dew, but if you gave me a choice between the regular version & Crystal Light (any flavor) reconstituted with charcoal-filtered piss, I'd probably grit my teeth and say "pass the piss".
Actually, I kind of wish Diet Mtn Dew had about 2/3 the caffeine it does now... I wouldn't want it to be caffeine-free, but I could do without the tachycardia-inducing bulk quantity of caffeine it currently has.
Things that "Use" the Windows key aren't a problem. The post to which I replied seems to indicate that you literally MUST have a Windows key in order to log in to Windows 8. Hence, its characterization as "deal-breaking". If the opportunity cost of Windows 8 is being forced to give up my M13 (or clutter my desk with a second keyboard whose only purpose is to give me a Windows key to press so I can log in), Microsoft can rot in hell. At least, until the day somebody makes a mechanical keyboard with both a Windows key *and* a REAL Trackpoint.
> Really, the biggest change in Windows 8, is that I have to press the windows key when I login.
Anything that requires a "Windows" key is a big, HUGE deal-breaking fatal flaw for people with Lexmark Model M13 keyboards (the ones with both buckling-spring keys AND a real Trackpoint), because they pre-date the Windows keys by a couple of years.
Yes, the Unicomp EnduraPro has a Windows key, buckling spring keys, and a pointer stick. Unfortunately, the EnduraPro is built with an inferior pointer stick that isn't a genuine TrackPoint.
#1. manufacturers who don't provide updates, and are insane enough to think that if they frustrate customers into buying a new phone before their 2-year contract is up, the new phone they buy WON'T be from just about any manufacturer EXCEPT them.
#2. Locked bootloaders that cause #1 to be a problem that end users can't politely laugh at and do an end-run around anyway.
#3. Non-opensource loadable kernel modules that get broken by every new version of Android -- a problem that plagues nearly every Android phone in existence... even those whose bootloaders AREN'T locked (including non-GSM Nexi, like the CDMA Nexus S). Most of Samsung's phones for the past 3 years have had de-facto unlockable bootloaders, but thanks to Linux's ABI problem, it barely matters unless you don't care about having a working camera, LTE, GPS, gyro, NFC, and/or accelerated/3D graphics.
#3 is politically the toughest problem to solve, because there's really only one way for Google to solve it in short order: fork Android's kernel from the Linux mainline, and commit to maintaining a stable ABI for as long as sanely possible... reserving compatibility-breaking ABI changes for truly epic and profound upgrades, or those necessary to fix some horrific security vulnerability with profound real-world consequences. People in the Linux community will freak, but let's be honest... how many ABI-breaking changes that come from the Linux mainline *really* matter to Android, vs how many happen just because nobody in kernel-land even bothers to TRY keeping the kernel ABI stable?
Android's kernel is ALREADY de-facto forked (or at least was, as of a few months ago). Officially forking it, with new attention given to maintaining ABI compatibility (so end users could just build new versions of Android, and keep using them with the binary.ko modules that shipped with their phones), would really just be a public acknowledgment of the status quo, and bring a tiny bit of order and stability to the clusterfuck mess that currently makes every new release of Android feel like yet another round of having to scrap everything and reinvent the wheel all over again.
So, can the Z10 run arbitrary software, written by anyone, and obtained by downloading a file directly from somebody's website, without having to get permission from anybody besides the owner of the phone? If not, it's going to flop even harder than Windows Phone. If RIM imposes even the slightest barrier to entry (especially one that costs money or requires RIM/carrier approval), developers won't bother with it. If it's good AND as open to uncensored apps as Android, it just might make things interesting. It won't be a threat to Android or IOS, but might mess up Microsoft's business plan a bit.
USPS Saturday delivery of packages (and weekend sorting/transportation of mail sent Friday) is basically what keeps Amazon from having a de-facto monopoly by virtue of being the only company in America with its own vertically-integrated logistics.
Take it away, and it instantly becomes almost impossible for any small business (or even larger ones the size of Newegg, for that matter) to compete with Amazon Prime between Wednesday afternoon and Monday morning. Order from Amazon on Thursday, and you can get it shipped for free by Saturday & have it the same weekend. Order from anybody else, and getting the same item before Monday or Tuesday ends up costing a much as the item itself... or more.
Amazon might be non-evil NOW... but let's face it: American corporations that manage to acquire some competitive advantage based upon vertical integration of semi-monopoly resources in a capital-intensive manner have a really bad habit of milking it for all it's worth at the first opportunity. The government should never have a MONOPOLY over things like mail delivery, but I see nothing wrong with allowing it to compete with and undercut (with subsidies, if necessary) private competitors, as long as it's open about it. If $50/year per American ($15 billion divided by 300 million) in subsidies to USPS keeps Amazon from having a de-facto monopoly, and forces UPS & FedEx to work harder at lower cost to compete, so be it.
A better solution and compromise would be to have home delivery on Monday-Wednesday-Friday and Tuesday-Thursday-Saturday (using the same vehicles and rotating work shifts to service half the addresses each day), combined with expanded late-night and weekend (including Sunday) hours allowing customers to pick up packages (if they know the tracking number) before even the first delivery attempt is made (and 7-day sorting/transportation). This would make everyone happy by eliminating much of the expensive "ground work", while reducing operating expenses to a level that's not much higher than their fixed expenses of just existing at all & enabling people who are dying to get some package on a non-delivery day anyway.
On one hand, I think the site owners deserve the traffic. On the other hand, it seems like at least a quarter of the pages end up being dead when I click on them, or redirect to sites attempting to install malware on old versions of Firefox, or seemingly have nothing whatsoever to do with the image that's supposedly there.
A compromise might be to allow users to open the referring page in context immediately, open the cached page (with live content) after a 2-second delay, and allow users to grab the full-sized image directly from Google's cache after a 10-second CAPTCHA-guarded delay. Then, users would have every incentive to try viewing the page in context, falling back to the cached page if the original page ends up being down/borked/whatever, and being able to grab the cached image if all else fails.
Going a step further, Google could come up with some free digital watermarking scheme that allows a 48-bit (give or take) payload to be encoded into the image at a user-selected strength (allowing him to balance robustness, file size, and visibility... pick any two of the three).
The upper few bits (let's say, 4) would indicate the version. Initially, it would be 0001.
The next 40(give or take) bits would be globally-unique, and allow somebody who knows the value to obtain meta info about you in a sensible manner. If they're all 0, it means you're using a generic permissions watermark that doesn't identify ownership, but simply restricts use.
The lower 4 bits specify explicit restrictions
* do not contextually-index * do not cache full-sized image * do not perform face recognition of any kind * do not index for similarity to other images
A value of "0000" would allow search engines to index the image, unless you restricted them in some industry-standard way via metadata referenced to your unique id. For the generic value with all 0s, 0000 means "go ahead and index this".
A value of "1111" would indicate that the image, when encoded with a 4-bit watermark, should not be indexed in any way, shape, or form, regardless of future extensions to the standard that might define additional permissions, and regardless of what any indirectly-referenced meta-info might or might not say. Let's call this the "Stop Facebook from Permissions Creep in a GPLv3-like manner" anti-permission.
> When I meet someone who's enamored by IDE's it is always someone who's grown up in the Windows era.
Congratulations... you've just met someone who grew up in the Amiga era (which pre-dates the "Windows era" by a couple of years). It's called "Hisoft Devpac Amiga" -- syntax-aware editor, machine language monitor (it was an assembler), and all. Here's a video (not me) of it in use that I found on Youtube (from 1993, but I can assure you I was using it LONG before 1990). http://www.youtube.com/watch?v=dhUEhscsZK0
We also had AmigaBasic out of the box, which was kind of like the very, very early prequel to Visual Basic. And of course, GFA Basic, which was the first real (and useful) compiled Basic for Amiga (ABasiC was too slow to be useful, AmigaBasic was still slow, and TrueBasic bent over backwards to be as maximally-useless for any real development as possible). I'm pretty sure that both Manx & Lattice (later SAAS) C would have met the modern definition of "IDE" as well.
Compared to the development tools you could get for both Amiga and the Atari ST, PC tools were absolutely stone age by comparison (Borland's tools were powerful, but to Amiga owners, they didn't even bother to pull the "redefine VGA fonts on the fly to render a mouse pointer into a 3x3 block of text surrounding it" trick used by ImpulseTracker, and I believe later by MSDOS6.0 itself (for the shell).
That's mostly because so many computers -- even computers that are fairly new -- don't have the slightest clue how to deal with a 3+ terabyte hard drive. We're stuck on the same plateau like we were a decade ago, when drives jumped from ~1.6gb up to 30gb almost overnight... then stagnated for at least another year or two, slowly creeping up to 40gb (with jumper to make it look like 32gb) before they started getting bigger again. Simply put, 3tb+ drives have an astronomical return rate because people install them, they don't work, and people assume they're broken, so retailers are afraid of them. To retailers, 1 and 2TB drives are commodities... 3TB drives are a return problem waiting to happen, and 4TB drives cost twice as much as two 2TB drives.
There's also the fact that modern drives have shit reliability. I've had more goddamn drives fail over the past 3 years than I've had fail in the ~25 years or so since my Amiga 2000 got its first 40mb Quantum SCSI hard drive back in 1988. I went for 10 years (~1999-2010) basically never powering down my computer and leaving it running 24/7. Now, hard drives die after 6 months if you try that. In 3 years, I've lost two 300GB WD Velociraptors, a 1.5TB Seagate, a 1TB Hitachi, and a 2TB WD. Come to think of it, every goddamn drive I've bought over the past 2 years and used for anything besides occasional backups has died after about 14-20 months of regular use (fingers crossed on the 500gb Momentus Hybrid I bought 13 months ago). And I'm not even counting my suicidal OCZ Vertex2, which mangled itself so many times, I threw it in a drawer in rage and swore I'd never soil my computer with a SSD again (at least, not for a REALLY long time).
IMHO, the biggest single problem with new drives is the fact that they die without warning, for no obvious reason, and when it happens, they take an UNHOLY amount of data down with them. A year ago, I spent almost a week in frustrated rage, on the verge of tears the whole time, because it seemed like my drives were dropping like flies & dying faster than I could cleam up the mess from the PREVIOUS drive's death. At one point, I went out and threw down almost $800 for 4 2TB drives just so I could make 4 complete backups of the files I cared about the most & hope one of them survived long enough to get me through the hard drive plague with my files (some going all the way back to middle school in the 1980s) intact. OK, maybe I overreacted, but I was really freaking out last November & feeling like I could literally lose my life's work any day. Losing 3 hard drives in 7 months will do that to you.
Slashdot Mirror
There's an easier way to slow down spammers... generate a random string with some bit of known plaintext, save it in session context, generate a random 40-bit encryption key, save it in session context, encrypt the random string with that random key, deliver it to the user's client app, and make the client app bruteforce the encryption key & submit the decrypted value as a formvar along with the new message. Even phones are fast enough now to bruteforce a 40-bit key within a few seconds if you give them a hint or two so they can attack the problem intelligently. The biggest drawback is that ARM is so much slower than x86 or AMD64, even a shit PC can bruteforce something in a few seconds that would take an Android phone or iPhone a minute or more (ARM is about half the effective speed as an x86 of a given speed in megahertz/gigahertz with mainstream apps, but when the big boys pull out the heavy artillery and start involving lots of floating point math, matrix calculations, and huge integers, the gap between ARM and x86 widens considerably).
Example: a few months ago, I did a proof of concept experiment for a group of developers at my company. Given a list of ~500,000 real-world passwords obtained from compromised popular web sites, a ~2GHz Thnkpad T61 can iterate through the list, do a single round of PBKDF2 key stretching, attempt to decrypt a short pdf document that might have been weakly-encrypted with AES using that as a key in ECB mode, and rip through about 100,000 keys per minute. Of course, in real life, you'd never use ECB and you'd do at least 1,000 (if not many, many more) rounds of key-stretching, but the example just goes to show how fast even mediocre computer hardware is now at bruteforce cracking. In fact, the hardest part is finding a supported encryption algorithm that's suitably weak to make cracking it be (statistically) a 15-30 second job on a high-end Android phone or iPhone.
Just wait until captchas turn into 30-second flash videos, followed by freeform text answers with questions like, "How many cups of ___'s delicious Mountain Roast coffee did Jane buy?", followed by "What color was the scarf of the elderly woman behind her" and "what is the 800 number you can call to send a gift certificate for CoffeeCo's tasty rich dark coffee to a cherished friend?".
Before you argue that the number questions would be small, remember... advertisers will be shooting loads on their computer screens at the thought of being able to force users to watch, re-watch, and watch their commercials another 7 times to answer the captcha questions their marketing department will be submitting to Google along with the ads themselves. The more inane questions they come up with to submit (and by extension, the more ad views they can wring out of a single exposure payment to get him to be able to answer their questions), the happier they'll be. Mark my words, two or three years down the line, they'll be sending you on scavenger hunts to the advertiser's website to look up SKU numbers and specs from the users manual. Don't believe me? Sites offering downloads of pirated software and mp3s were doing the same thing YEARS ago... to download some file, they'd literally send you out to a hundred sites where you had to view ads and answer questions about them to prove you did it.
(note: this applies as written to the US and Canada... it would absolutely need changes for use elsewhere in the world)
The whole way that boosters work is just fundamentally wrong. Instead of using the mobile network's frequencies for the phone-booster link, they should act like a mini cell tower that operates on the old 900MHz cordless phone band (902-928MHz), allocated as follows:
1.25MHz: CDMA2000 voice & 1xRTT uplink
1.25MHz: CDMA2000-EVDO uplink
5MHz: HSPA uplink #1
5MHz: HSPA uplink #2
(some chunk for legacy GSM)
1.25MHz: CDMA2000 voice & 1xRTT downlink
1.25MHz: CDMA2000-EVDO downlink
5Mhz: HSPA downlink #1
5Mhz: HSPA downlink #2
My back of the envelope calculations suggest that CDMA and HSPA will need 25MHz, leaving 3MHz for up to 15 channels of legacy GSM. In Canada (which, AFAIK, has the same frequency bandplan for 902-928MHz as the US), the device could optionally hijack the pair of EVDO channels for an additional 2.5Mhz of legacy GSM channels.
Ideally, the FCC would grow balls, define this as an objective standard that can be independently certified, then require carriers to provide autoconfiguration data and accept traffic from any device that passes the required certification when relaying traffic from one of their customers. The key point is that it would remove the carrier itself from the equation so they can't muck things up, charge additional fees, or gimp the whole thing into uselessness.
Carriers would be allowed to ignore signals from malfunctioning personal cells (providing occasional response beacons making it known that they were refusing to communicate with them and why), tell them to quit broadcasting or reduce power if they cause interference, or file a complaint with the FCC asking them to contact you to resolve problems involving conflicts between them and another carrier involving your personal cell, but if everything is working as designed, the FCC would tell them to piss off, handshake with your cell like they're supposed to, and quit harassing you.
As an end user, you'd mount it on a mast like an old TV antenna (or put it on your balcony), power it up, watch it do a site survey, then ask you which carriers you want to enable it for, and whether you want to restrict use (which would also limit its max power... share it with your neighbors, and you get to use higher power because otherwise you'd just be stomping on THEIR personal cells). If it saw other personal cells, it would negotiate with them to mutually reduce 902-928MHz transmit power more aggressively if you had yours in 'private' mode, or mesh with them and locally exchange traffic if they determined that one had a better view of a network's tower than the other if you had yours in 'public' mode.
The nice thing about a personal tower device like this is the fact that it's semi-transparent to the phone and mobile network itself. The phone just happens to see that there's a 902MHz "tower" nearby that has better connectivity to ${your-carrier} that the phone itself (after handshaking and autoconfiguration, your cell basically becomes a seamless local tower for every network you decide to enable), and relays its traffic to the proper network on the network's own frequencies under its own identity. The personal cell isn't spoofing a phone, nor is it leeching your own internet connection (and in fact, would work as a MEANS of connectivity if you were in some rural area with decent wireless, but no viable broadband).
For users in ultra-rural areas, they could expose an expansion bus that allowed you to add one or two LTE or Wimax modules and/or additional tuned directional antennas if desired. They could also allow you to add additional units that consisted only of the local 902-928MHz side, and wire them all together with cat5e (either giving them at least 2 dedicated pairs of their own so they could do ATM, using them with a QoS-enabled switch, or just tolerating random jitter) so they can share a single outdoor backhaul link.
AT&T and Verizon are prohibited from leasing phones to customers. In theory, Sprint, T-Mobile, MetroPCS, and US Cellular aren't (they aren't bound by the consent decree that ordered AT&T's breakup & prohibited lease arrangements going forward... AT&T and Verizon are.) The prohibition against leasing was reaffirmed multiple times against BellSouth Mobility in the early 90s (back when a Motorola DynaTac used to cost $3,995).
Not quite... if you travel to Asia and have sex with a 12 year old prostitute while you're there, the US *will* in fact prosecute you for it if it finds out. California arrests 18-20 year old adults for alcohol possession all the time -- even if the actual consumption occurred in Mexico -- if it can legally get its hands on a blood or breath sample somehow, and determines that they have alcohol in their bloodstream (in CA, Florida, and quite a few other states, having detectable alcohol in your bloodstream constitutes 'possession' if you're under 21.)
> If you paid full price for a phone, and don't have a contract, why would a corporation get to tell you what
> you can and can't do with the phone after you've paid for it?
Sprint's usual excuse is that the firmware on the phone was licensed for use only on Sprint, so using the phone on Verizon, MetroPCS, US Cellular, or BSNL (in India) is tantamount to software piracy. Of course, the only reason the firmware license specifies that the license is only for use on Sprint is because Sprint *itself* insisted upon it, and Qualcomm doesn't give two shits where you use the phone, as long ad you don't pester them for support...
As a practical matter, it's *impossible* to buy a brand new Sprint phone from an authorized dealer with no strings attached -- at *any* price, subsidized or not. They literally aren't allowed to let you walk out the door with a new phone that isn't activated and associated with a current Sprint account. The official excuse is that the phone's firmware is exclusively licensed from qualxomm & others for use on Sprint, so they can't sell it to use on MetroPCS or US Cellular -- not even at full price.
That's not to say nobody has ever tried and succeeded... but when it happens, it's because an employee screwed up.
> GE once patented a system where an entire lane had transformers
I believe it's called a Linear Induction Motor ( http://en.wikipedia.org/wiki/Linear_induction_motor ), and you can see the demo they built for Disney World in Tomorrowland (assuming it hasn't been destroyed to make room for yet another ride based on Toy Story or Cars) -- The WEDway People Mover ( http://en.wikipedia.org/wiki/WEDWAY_People_Mover )
It's not quite the same thing, though, because there's no battery-charging involved. AFAIK, you couldn't charge a moving bus by induction, because the magnetic field would act like the regenerative braking system in a Prius.
There's also the problem that zoning departments (in Miami, at least) have this fetish with imposing street-level boutique retail that's economically non-viable due to small size and limited parking. You can walk all over downtown Miami and see buildings with street-level boutique-sized retail spaces that can't get leased (or stay leased, because the tenants go bankrupt within months). But if a developer planning a square-block skyscraper wants to configure the space for one huge urban big-box store in the basement with 6 floors of free parking for shoppers stacked above it and the tower's ground-floor lobby, the New Urbanists get all bitchy about it (example store from New York: http://www.trbimg.com/img-4f897067/turbine/chi-best-buy-20120414/600 )
^^^ What killed them was themselves, when Microsoft literally abandoned it when it was finally becoming good.
WinMo 6.5 was fine... as a pocket laptop & PDA with built-in wireless data.It was utterly dysfunctional for making voice calls, but that was just the deal those of us who used it made with the devil. Given a month or two of hardcore tweaking & thirdparty enhancements, it blew away both iPhone AND the first year or two of Android.
Really, 90% of its real-world usability problems were caused by HTC's last-minute ill-conceived decision to eliminate the menu & ok hard buttons from most of their phones around 2008 (which caused endless misery when a missed call or unnoticed text msg activated the touchscreen in your pocket).
If Microsoft had made "phone" just another app with first-class API support (allowing thirdparty phone apps instead of treating "phone app" as HTC's private domain), and rolled out an open, Android-like app market, they would have been a strong force keeping the fire lit under Google's feet. They would have absolutely lost marketSHARE to Android (& iOS), but would probably have twice as many users today as they had in 2008 (due to the market itself growing).
WinMo wasn't "open" in the purest Android sense, but with a few improvements to strengthen its API for "phone" apps, it would have been more de-facto open & hackable by end users than a non-rooted Android phone is today.
Sealing a building's envelope might pay for itself if you look only at energy cost, but it's NOT necessarily consequence-free. Just ask anybody who owns a home built before 1970, superinsulated sometime later, and would now end up classified as an EPA biohazard zone due to mold if someone were ever to do an official test with legal consequences inside. Or anybody who owns a house built in the 1980s or 1990s that gets its roof or exterior damaged by a hurricane or tornado, ends up with water infiltration, and something that would have been a minor "shit happens" repair 50 years ago turns into a $40,000 reconstruction saga due to moisture trapped by the same vapor barrier. Supertight buildings generally do OK for 10-20 years, but in terms Slashdot users will understand, they tend to be very "brittle", and ANYTHING that officially isn't supposed to happen, but happens anyway, ends up setting off a chain reaction that's insanely expensive to fix.
> You can use nuclear fuel to get electricity, but what do you do with the left-overs?
You run it through a breeder reactor, recursively wring about 6,000% as much total energy from it as you'd get from a single run, and end up with a much, much smaller volume of waste to warehouse.
It's kind of like cleaning up a hoarder's mess by throwing out only the uncontested garbage, expired food, and animal feces, scrubbing everything else down, setting aside high-value items for immediate sale on eBay, and packing the remaining stuff into boxes stacked from floor to ceiling in a spare bedroom (with clear 3-foot paths from the door to the window(s)). There's still arguably a long-term problem, but it's one that's enormously easier to deal with.
Taking the hoarder analogy further, reprocessing spent fuel is like sending off crates and crates of old papers for bulk scanning so the monthly rent for the storage unit needed to store them can be eliminated. The scanning isn't free, but it's a one-time charge that eliminates otherwise-eternal recurring charges by massively consolidating dozens or hundreds of cubic feet into a hard drive and a blu-ray backup or two that can be stored on a shelf.
^^^ Argh. 10 minutes editing and proofing, and still I somehow managed to miss the middle-button reference. Ignore any reference to "middle" button in the post above. Or know that I really want three buttons... with button #3 centered along the top edge so I can add additional context to multiclicks of the other two buttons...
At least two tactile buttons (so you can feel the click in the dark), one in the lower-left edge, and one in the upper-right edge (so you can easily press them between the thumb and index finger of your right hand while wearing the watch on the left).
The buttons should be 100% user-definable, be able to shift each other, and support double/triple/quadruple-clicks.
Example: press lower-left button with thumb and keep it pressed; press and release upper-right button with index finger three times, then release lower-left button.
Example: press and release middle button twice, press and release upper-right button twice, then press and release middle button once.
The nice thing about two buttons that can shift each other is the staggering number of gestures you can create by allowing double/triple clicks prior to shift. For example:
triple-click lower left, keeping it pressed down after the third, then press and release upper right button twice before releasing the lower left button.
Personally, I'd want to add a third button, centered along the upper edge, to add further user-defined context to shifted multiclicks of the two diagonal buttons.
Make the screen touchable, and you can even add variants with diagonal thumb-swipes while holding one of the buttons (before or after one or more shifted multiclicks, of course). And Graffiti. Graffiti-1, specifically, including the single-stroke alternates that I'm crippled without.
Not that I've given the matter much thought, of course... or spent hours poring over Android's source trying to come up with some way of grafting low-latency hardkeys onto a case through the USB jack so I can have real tactile buttons even if the @#*$&@( manufacturers are determined to ram laggy, delayed touchscreens down our throats...
Embed ground-level power supply rails into the pavement. ( http://en.wikipedia.org/wiki/Ground-level_power_supply )
In general terms, the idea is to break up the supply rail into short segments, and only energize the segment that's directly below the vehicle at that instant in time so there's no electrocution risk.
He should have reported that Dihydrogen Monoxide has been detected in the city's water system. :-D
For the uninitiated (see http://dhmo.org/
Dihydrogen monoxide:
is called "hydroxyl acid", the substance is the major component of acid rain.
contributes to the "greenhouse effect".
may cause severe burns.
is fatal if inhaled.
contributes to the erosion of our natural landscape.
accelerates corrosion and rusting of many metals.
may cause electrical failures and decreased effectiveness of automobile brakes.
has been found in excised tumors of terminal cancer patients.
Despite the danger, dihydrogen monoxide is often used:
as an industrial solvent and coolant.
in nuclear power plants.
in the production of Styrofoam.
as a fire retardant.
in many forms of cruel animal research.
in the distribution of pesticides. Even after washing, produce remains contaminated by this chemical.
as an additive in certain "junk-foods" and other food products.
^^^ IMHO, Diet Mtn Dew tastes BETTER than the regular version. I love Diet Mtn Dew, but if you gave me a choice between the regular version & Crystal Light (any flavor) reconstituted with charcoal-filtered piss, I'd probably grit my teeth and say "pass the piss".
Actually, I kind of wish Diet Mtn Dew had about 2/3 the caffeine it does now... I wouldn't want it to be caffeine-free, but I could do without the tachycardia-inducing bulk quantity of caffeine it currently has.
Things that "Use" the Windows key aren't a problem. The post to which I replied seems to indicate that you literally MUST have a Windows key in order to log in to Windows 8. Hence, its characterization as "deal-breaking". If the opportunity cost of Windows 8 is being forced to give up my M13 (or clutter my desk with a second keyboard whose only purpose is to give me a Windows key to press so I can log in), Microsoft can rot in hell. At least, until the day somebody makes a mechanical keyboard with both a Windows key *and* a REAL Trackpoint.
> Really, the biggest change in Windows 8, is that I have to press the windows key when I login.
Anything that requires a "Windows" key is a big, HUGE deal-breaking fatal flaw for people with Lexmark Model M13 keyboards (the ones with both buckling-spring keys AND a real Trackpoint), because they pre-date the Windows keys by a couple of years.
Yes, the Unicomp EnduraPro has a Windows key, buckling spring keys, and a pointer stick. Unfortunately, the EnduraPro is built with an inferior pointer stick that isn't a genuine TrackPoint.
There, FTFY:
The biggest security issues with Android are:
#1. manufacturers who don't provide updates, and are insane enough to think that if they frustrate customers into buying a new phone before their 2-year contract is up, the new phone they buy WON'T be from just about any manufacturer EXCEPT them.
#2. Locked bootloaders that cause #1 to be a problem that end users can't politely laugh at and do an end-run around anyway.
#3. Non-opensource loadable kernel modules that get broken by every new version of Android -- a problem that plagues nearly every Android phone in existence... even those whose bootloaders AREN'T locked (including non-GSM Nexi, like the CDMA Nexus S). Most of Samsung's phones for the past 3 years have had de-facto unlockable bootloaders, but thanks to Linux's ABI problem, it barely matters unless you don't care about having a working camera, LTE, GPS, gyro, NFC, and/or accelerated/3D graphics.
#3 is politically the toughest problem to solve, because there's really only one way for Google to solve it in short order: fork Android's kernel from the Linux mainline, and commit to maintaining a stable ABI for as long as sanely possible... reserving compatibility-breaking ABI changes for truly epic and profound upgrades, or those necessary to fix some horrific security vulnerability with profound real-world consequences. People in the Linux community will freak, but let's be honest... how many ABI-breaking changes that come from the Linux mainline *really* matter to Android, vs how many happen just because nobody in kernel-land even bothers to TRY keeping the kernel ABI stable?
Android's kernel is ALREADY de-facto forked (or at least was, as of a few months ago). Officially forking it, with new attention given to maintaining ABI compatibility (so end users could just build new versions of Android, and keep using them with the binary .ko modules that shipped with their phones), would really just be a public acknowledgment of the status quo, and bring a tiny bit of order and stability to the clusterfuck mess that currently makes every new release of Android feel like yet another round of having to scrap everything and reinvent the wheel all over again.
So, can the Z10 run arbitrary software, written by anyone, and obtained by downloading a file directly from somebody's website, without having to get permission from anybody besides the owner of the phone? If not, it's going to flop even harder than Windows Phone. If RIM imposes even the slightest barrier to entry (especially one that costs money or requires RIM/carrier approval), developers won't bother with it. If it's good AND as open to uncensored apps as Android, it just might make things interesting. It won't be a threat to Android or IOS, but might mess up Microsoft's business plan a bit.
USPS Saturday delivery of packages (and weekend sorting/transportation of mail sent Friday) is basically what keeps Amazon from having a de-facto monopoly by virtue of being the only company in America with its own vertically-integrated logistics.
Take it away, and it instantly becomes almost impossible for any small business (or even larger ones the size of Newegg, for that matter) to compete with Amazon Prime between Wednesday afternoon and Monday morning. Order from Amazon on Thursday, and you can get it shipped for free by Saturday & have it the same weekend. Order from anybody else, and getting the same item before Monday or Tuesday ends up costing a much as the item itself... or more.
Amazon might be non-evil NOW... but let's face it: American corporations that manage to acquire some competitive advantage based upon vertical integration of semi-monopoly resources in a capital-intensive manner have a really bad habit of milking it for all it's worth at the first opportunity. The government should never have a MONOPOLY over things like mail delivery, but I see nothing wrong with allowing it to compete with and undercut (with subsidies, if necessary) private competitors, as long as it's open about it. If $50/year per American ($15 billion divided by 300 million) in subsidies to USPS keeps Amazon from having a de-facto monopoly, and forces UPS & FedEx to work harder at lower cost to compete, so be it.
A better solution and compromise would be to have home delivery on Monday-Wednesday-Friday and Tuesday-Thursday-Saturday (using the same vehicles and rotating work shifts to service half the addresses each day), combined with expanded late-night and weekend (including Sunday) hours allowing customers to pick up packages (if they know the tracking number) before even the first delivery attempt is made (and 7-day sorting/transportation). This would make everyone happy by eliminating much of the expensive "ground work", while reducing operating expenses to a level that's not much higher than their fixed expenses of just existing at all & enabling people who are dying to get some package on a non-delivery day anyway.
On one hand, I think the site owners deserve the traffic. On the other hand, it seems like at least a quarter of the pages end up being dead when I click on them, or redirect to sites attempting to install malware on old versions of Firefox, or seemingly have nothing whatsoever to do with the image that's supposedly there.
A compromise might be to allow users to open the referring page in context immediately, open the cached page (with live content) after a 2-second delay, and allow users to grab the full-sized image directly from Google's cache after a 10-second CAPTCHA-guarded delay. Then, users would have every incentive to try viewing the page in context, falling back to the cached page if the original page ends up being down/borked/whatever, and being able to grab the cached image if all else fails.
Going a step further, Google could come up with some free digital watermarking scheme that allows a 48-bit (give or take) payload to be encoded into the image at a user-selected strength (allowing him to balance robustness, file size, and visibility... pick any two of the three).
The upper few bits (let's say, 4) would indicate the version. Initially, it would be 0001.
The next 40(give or take) bits would be globally-unique, and allow somebody who knows the value to obtain meta info about you in a sensible manner. If they're all 0, it means you're using a generic permissions watermark that doesn't identify ownership, but simply restricts use.
The lower 4 bits specify explicit restrictions
* do not contextually-index
* do not cache full-sized image
* do not perform face recognition of any kind
* do not index for similarity to other images
A value of "0000" would allow search engines to index the image, unless you restricted them in some industry-standard way via metadata referenced to your unique id. For the generic value with all 0s, 0000 means "go ahead and index this".
A value of "1111" would indicate that the image, when encoded with a 4-bit watermark, should not be indexed in any way, shape, or form, regardless of future extensions to the standard that might define additional permissions, and regardless of what any indirectly-referenced meta-info might or might not say. Let's call this the "Stop Facebook from Permissions Creep in a GPLv3-like manner" anti-permission.
> When I meet someone who's enamored by IDE's it is always someone who's grown up in the Windows era.
Congratulations... you've just met someone who grew up in the Amiga era (which pre-dates the "Windows era" by a couple of years). It's called "Hisoft Devpac Amiga" -- syntax-aware editor, machine language monitor (it was an assembler), and all. Here's a video (not me) of it in use that I found on Youtube (from 1993, but I can assure you I was using it LONG before 1990). http://www.youtube.com/watch?v=dhUEhscsZK0
We also had AmigaBasic out of the box, which was kind of like the very, very early prequel to Visual Basic. And of course, GFA Basic, which was the first real (and useful) compiled Basic for Amiga (ABasiC was too slow to be useful, AmigaBasic was still slow, and TrueBasic bent over backwards to be as maximally-useless for any real development as possible). I'm pretty sure that both Manx & Lattice (later SAAS) C would have met the modern definition of "IDE" as well.
Compared to the development tools you could get for both Amiga and the Atari ST, PC tools were absolutely stone age by comparison (Borland's tools were powerful, but to Amiga owners, they didn't even bother to pull the "redefine VGA fonts on the fly to render a mouse pointer into a 3x3 block of text surrounding it" trick used by ImpulseTracker, and I believe later by MSDOS6.0 itself (for the shell).
That's mostly because so many computers -- even computers that are fairly new -- don't have the slightest clue how to deal with a 3+ terabyte hard drive. We're stuck on the same plateau like we were a decade ago, when drives jumped from ~1.6gb up to 30gb almost overnight... then stagnated for at least another year or two, slowly creeping up to 40gb (with jumper to make it look like 32gb) before they started getting bigger again. Simply put, 3tb+ drives have an astronomical return rate because people install them, they don't work, and people assume they're broken, so retailers are afraid of them. To retailers, 1 and 2TB drives are commodities... 3TB drives are a return problem waiting to happen, and 4TB drives cost twice as much as two 2TB drives.
There's also the fact that modern drives have shit reliability. I've had more goddamn drives fail over the past 3 years than I've had fail in the ~25 years or so since my Amiga 2000 got its first 40mb Quantum SCSI hard drive back in 1988. I went for 10 years (~1999-2010) basically never powering down my computer and leaving it running 24/7. Now, hard drives die after 6 months if you try that. In 3 years, I've lost two 300GB WD Velociraptors, a 1.5TB Seagate, a 1TB Hitachi, and a 2TB WD. Come to think of it, every goddamn drive I've bought over the past 2 years and used for anything besides occasional backups has died after about 14-20 months of regular use (fingers crossed on the 500gb Momentus Hybrid I bought 13 months ago). And I'm not even counting my suicidal OCZ Vertex2, which mangled itself so many times, I threw it in a drawer in rage and swore I'd never soil my computer with a SSD again (at least, not for a REALLY long time).
IMHO, the biggest single problem with new drives is the fact that they die without warning, for no obvious reason, and when it happens, they take an UNHOLY amount of data down with them. A year ago, I spent almost a week in frustrated rage, on the verge of tears the whole time, because it seemed like my drives were dropping like flies & dying faster than I could cleam up the mess from the PREVIOUS drive's death. At one point, I went out and threw down almost $800 for 4 2TB drives just so I could make 4 complete backups of the files I cared about the most & hope one of them survived long enough to get me through the hard drive plague with my files (some going all the way back to middle school in the 1980s) intact. OK, maybe I overreacted, but I was really freaking out last November & feeling like I could literally lose my life's work any day. Losing 3 hard drives in 7 months will do that to you.