Combined with an idea like Hashcash (although not a direct copy), you could send a computationally-intensive hash of the message body combined with the recipient's e-mail address. When the receiver picks up the message, the client can verify the notification hash with the message hash. If they don't match, throw the message away (or notify the user, etc).
Helium is extracted from natural gas. As Natural Gas is a limited resource, relying on Helium is not wise. The only other reliable source of helium is from alpha particles in radioactive decay. Unfortunately, it just doesn't produce enough to be very viable.
Hot air, on the other hand, could be produced easily through future portable renewable sources (batteries, solar cells, etc).
While a hot air craft may not be viable now, that doesn't mean it won't become viable in the next decade or two.
Do you really think those same non-tech savvy customers can configure microphones (or even have them)?
Honestly, I don't see a real use for this. If a company wants to leverage their telephony infrastructure, they can post their phone number in an easy to find location. If they want to cut down on costs, they can simply post a direct number and not a toll-free number (which cost extra).
Real phones have the advantage of not disconnecting if a user closes their browser window, their laptop suddenly goes into standby, Windows decides its time to reboot for updates, or Spyware decides to show 20 popup windows.
Cool idea, I just don't see much application for this.
I work with dozens of journalists and videojournalists (TV). While yes, some people do send in video news for us to use, most of the time it sucks. Horribly. Probably the largest use of user-contributed content to-date (with success) is CNN's iReport. However, not even all of the iReport stuff is end-user information -- much of it comes from the other newspaper and television stations that work with CNN.
Intelligent people or not, the population does demand a certain amount of traditional news. Some things can easily be covered in the future by freelancers or bloggers (like concerts and local events), but a blogger has nothing riding on being wrong. Journalists, at least, have their credibility--and whole career--on the line with big stories. If they are grossly factually incorrect, their career (at least in the big, large-pay markets) will be completely destroyed.
What does a freelancer or blogger have to lose? Nothing. A blogger "journalist" can simply get a new domain and start all over again, possibly using their old content to backdate content to make themselves look established as their new identity.
Sure, a journalist can simply change markets to escape criticism, but they can't change their name. What they say and what they do follows them forever.
While traditional mediums may be on the slow decline (Newspaper and local television), that doesn't indicate that they will become useless. Do you really trust these up-and-coming "journalists" to, say, explain to your grandmother why her voting location changed? Which "journalist" would she believe? They could all be wrong, for all she knows.
Most people will come to realize that non-professionals can hold a much stronger, and covert, bias than traditional journalists could ever hope to hold.
I don't think he was talking about running the Java application in the browser, but more in terms of servlets.
And to answer that question, look at the target market of Java. Java is not intended for mom'n'pop websites, or for novice web builders, nor bloggers. Hosting support isn't widespread and is quite expensive. PHP hosts are a dime-a-dozen.
If you can afford large scale Java hosting, you likely are developing your application from scratch using your own development team.
The amounts of money required to cover some disasters are astronomical, and even then, money alone cannot solve the damage.
If one of your system admins, say, sells a database of 2 million social security numbers, how much is that worth?
Ideally, it would a be a mix of the two systems. Some positions do require security and background checks. Bond them, too -- the security check should lower the cost to bond them (and in a high-bond instance, the bonding company would likely do their own background check anyway).
This was Washington State only. If there are $1 million in profits remaining, it is up to other states to go after these guys if their respective laws permit it.
The difference is that Wikipedia is anonymous, even if you have an account there.
This system would be tied to the reviewer and submitter. A librarian should be less likely to try and submit a pornography website if he or she knows that her name will be tied to that request, something future employers will likely review. Likewise, a reviewer should be less likely to approve a bad site if he knows that the media will come after him like blood hounds if it comes out that he approved a site about donkeys and grandmothers.
There is an easy solution to the problem. Blocking software with a central, and public, white list. Using a central process (with local overrides) allows small libraries to benefit and not have to maintain their own white lists, and opens the process to review. And by public/open, I mean that any citizen could look at approvals and rejections, time & date, and who is responsible for the white list request and who's decision it was to ultimately approve or deny it.
And you must allow the white list process to come from both directions, for instance, that breast cancer website could request to be added, perhaps with small fines if they are approved and subsequently change their content such that they would have been denied (changing breast cancer to breast porn, for instance).
If we must block content, at least do it intelligently. We have the technology and the means to build an infrastructure to support this model. We do not, and will not ever, have the means to enforce something like COPA. Our court systems are already full enough, thank you very much.
Yes, Yahoo! actually used Google results up through the beginning of 2004. They dropped Google and went with a derivative of the Inktomi search engine which they had acquired through the beginning of 2003.
You may not be able to disclose this, but how many zones do you support and under what type of operating environment (OS, DNS software)? You often see debates of statistics of which DNS can more easily handle a lot of traffic, but your service has another problem on top of bandwidth: volume of zones. Have you experimented with the various packages and setups?
That's not the goal, though, of the foundation. The goal is to invest, but not invest in traditional stock markets. They are investing in human lives and the betterment of mankind as a whole, which is a much stronger investment, where the returns do keep on giving for generations even after the actual money runs dry.
Also, as the foundation proves that it is working, more and more high-power donations will probably pour in, albeit not as large as Gates'. The plan is based on their current funding level and their expected contributions from the Gates family.
You don't want a transparent election. While times are not tough now, they may be in the future, and you never know what kind of trouble those around you could create if they knew or could find out who you voted for. Voting is a anonymous and deniable for a reason.
Tell that to the working class poor who don't make enough money to bother with banks, or to the inner city poor who have to pay rent with cash or those living out of week-stay live-in motels.
Want to see something sad? Next time gas prices are near $3/gallon, go inside a convenience store. Don't pick a nice one... pick one that you normally wouldn't go to. Now watch the stream of people file in and pull a single $5 out of their wallet and pre-pay for their gasoline. None of those people have a debit card.
This is no surprise at all. Keyloggers will be a thing of the past soon enough for the major hackers.
More scary is the fact that adding a simple network device will allow a virus to log all Internet traffic. Look at HTTPLook (a small app used to sniff HTTP traffic). It comes with a small HTTPS module that intercepts HTTP traffic transmitted via HTTPS.
Using such a device will also help cut down on the amount of data hackers can get -- HTTP traffic is useless to them. Why do they care you went to Google and searched for "hot gay wrestlers"? They don't. HTTPS, on the other hand, will set off alarm bells -- if a server is worried enough about security that it pays for certificates, the data must be worth something, right?
The solution is that logging into secure systems needs to require a physical presence. An older system I maintained a few years ago for the Mortgage industry used a username, password, and a key from a small business card in their wallet. Each month users received a new card, and each card had about 50 numbers on it. The system knew which numbers each user had and only allowed each number to be used once. Logging in with a wrong number would flag your account, repeated attempts would lock it. Yes, it increased support load when someone lost their card (the cards were unmarked so if someone found it, the numbers are useless), but it was fairly secure and generally a lower cost alternative to biometrics (and much more portable).
This combines the "something you know" authentication scheme (username, password) and the "something you have" scheme (password card). The third type is "something you are" -- biometrics.
(Failure point: person gets kidnapped. If a user gets kidnapped, security is the least of the worries until they are recovered. Failure point: if the database with the numbers is compromised, the system is no longer secure. If the database is compromised, they no longer need to log in, and no secret numbers will stop them.)
The data in question isn't HTML data, traditional linking doesn't really apply.
The data available through Google is not free-as-in-beer. There's no usage fee, but Google doesn't own the data, and they are only defending what they paid for. I would suspect that if these third-party data providers saw that Google wasn't defending their license agreement, they would jack Google's data fees or revoke their license altogether, thus ruining it for everyone, not just those of the Gaia project. Sometimes killing one project is worth it, even if it sucks for some of us.
I'm sure if Google had their own satellites and collected the data themselves and could use it any way they pleased, we would be in a slightly different situation: Google would simply hire the Gaia developers and make a slick product out of it.
If my manager doesn't know the technology that I'm using, he will inevitably agree to something that cannot be done (either impossible or not feasible). Haven't we all had bosses come down and dish out a nearly impossible task that sounds simple when he explains it, but really isn't? When that happens, a few things can happen: a) you get stuck doing it anyway, putting other projects behind schedule b) you fail to do it and look bad (and your boss is insulated from it: "I thought he could do it!") or worse.
I don't expect my bosses to know how to program Python, but they at least have to know what the technology is, how it works, and preferably at least how to read/interpret it.
Of course, in smaller teams, your manager is probably coding with you. Not every group can have a hands-off manager. However, if this is the case, the manager does need to ensure his role is maintained as manager, and not simply a developer. Managers need to insulate their team from stupid ideas, demands, and pet projects from higher levels of management.
Best of all, a manager that really does know the underlying technology will protect his job better. He might not have to program, but he could if he wanted to. Then he is telling the truth when he tells a manager that the "Project was possible, we just didn't have the talent for it."
Ideally managers should be very blunt, too, but that's just a personal preference. Where I work now, for instance, the managers are all-but-silent except during your yearly review. They then present a binder (not just a folder...) of your performance through the year. You may have sucked for 8 months, but they won't tell you til that review, and by then it is probably too late. I'd rather know that I suck sooner than later. Tech-savy managers could make that happen easier.
The money comes from them trying to keep their operating system "safe" for consumers. While consumers don't know and probably don't care that most phishing e-mails come from compromised Windows systems, consumers will eventually associate "windows == spam". The less spam that large e-mail servers have to serve, the less congested Windows servers will be, and the less likely they will be to go through a large-scale conversion to Linux (or any other platform other than Exchange/AD).
I applaud Microsoft's efforts, actually. They are targeting countries that don't have advanced laws to protect against this, and hopefully will help countries adopt legislation that will make these offenses highly illegal. While it would be nice to see an open, non-profit campaigning for law adoption, sometimes that just isn't feasible. Who would a government or politician trust about computers: Microsoft (who they probably already know since they run Windows, etc) or some Canadian guy who says spam is bad?
At least countries can use the Microsoft ideas as a starting point.
Do you trust websites to have anything more than a few ASCII characters? While I'm all for more secure banking websites and securing authentication to a network server or secure authentication to my workstation, I don't trust websites with much more than what they absolutely need to serve me.
What would you give them? Fingerprint? SSN? Photo? Voiceprint? Those are all things you cannot change. With an ASCII password, at least you can change it or throw it away.
Slashdot Mirror
Combined with an idea like Hashcash (although not a direct copy), you could send a computationally-intensive hash of the message body combined with the recipient's e-mail address. When the receiver picks up the message, the client can verify the notification hash with the message hash. If they don't match, throw the message away (or notify the user, etc).
Was it the phallic shape or the piss color that turned you off more?
I think for maximum effect they should build two miniature Epcots at the base.
Helium is extracted from natural gas. As Natural Gas is a limited resource, relying on Helium is not wise. The only other reliable source of helium is from alpha particles in radioactive decay. Unfortunately, it just doesn't produce enough to be very viable.
Hot air, on the other hand, could be produced easily through future portable renewable sources (batteries, solar cells, etc).
While a hot air craft may not be viable now, that doesn't mean it won't become viable in the next decade or two.
How do you figure? He's storing the public-facing IP, not the private address.
How does this break?
(Of course it does break for anyone using anonymizer-type services)
Do you really think those same non-tech savvy customers can configure microphones (or even have them)?
Honestly, I don't see a real use for this. If a company wants to leverage their telephony infrastructure, they can post their phone number in an easy to find location. If they want to cut down on costs, they can simply post a direct number and not a toll-free number (which cost extra).
Real phones have the advantage of not disconnecting if a user closes their browser window, their laptop suddenly goes into standby, Windows decides its time to reboot for updates, or Spyware decides to show 20 popup windows.
Cool idea, I just don't see much application for this.
Just shows that MySpace users value their virtual presence more than corporate users value their jobs.
I work with dozens of journalists and videojournalists (TV). While yes, some people do send in video news for us to use, most of the time it sucks. Horribly. Probably the largest use of user-contributed content to-date (with success) is CNN's iReport. However, not even all of the iReport stuff is end-user information -- much of it comes from the other newspaper and television stations that work with CNN.
Intelligent people or not, the population does demand a certain amount of traditional news. Some things can easily be covered in the future by freelancers or bloggers (like concerts and local events), but a blogger has nothing riding on being wrong. Journalists, at least, have their credibility--and whole career--on the line with big stories. If they are grossly factually incorrect, their career (at least in the big, large-pay markets) will be completely destroyed.
What does a freelancer or blogger have to lose? Nothing. A blogger "journalist" can simply get a new domain and start all over again, possibly using their old content to backdate content to make themselves look established as their new identity.
Sure, a journalist can simply change markets to escape criticism, but they can't change their name. What they say and what they do follows them forever.
While traditional mediums may be on the slow decline (Newspaper and local television), that doesn't indicate that they will become useless. Do you really trust these up-and-coming "journalists" to, say, explain to your grandmother why her voting location changed? Which "journalist" would she believe? They could all be wrong, for all she knows.
Most people will come to realize that non-professionals can hold a much stronger, and covert, bias than traditional journalists could ever hope to hold.
I don't think he was talking about running the Java application in the browser, but more in terms of servlets.
And to answer that question, look at the target market of Java. Java is not intended for mom'n'pop websites, or for novice web builders, nor bloggers. Hosting support isn't widespread and is quite expensive. PHP hosts are a dime-a-dozen.
If you can afford large scale Java hosting, you likely are developing your application from scratch using your own development team.
The amounts of money required to cover some disasters are astronomical, and even then, money alone cannot solve the damage.
If one of your system admins, say, sells a database of 2 million social security numbers, how much is that worth?
Ideally, it would a be a mix of the two systems. Some positions do require security and background checks. Bond them, too -- the security check should lower the cost to bond them (and in a high-bond instance, the bonding company would likely do their own background check anyway).
This was Washington State only. If there are $1 million in profits remaining, it is up to other states to go after these guys if their respective laws permit it.
The difference is that Wikipedia is anonymous, even if you have an account there.
This system would be tied to the reviewer and submitter. A librarian should be less likely to try and submit a pornography website if he or she knows that her name will be tied to that request, something future employers will likely review. Likewise, a reviewer should be less likely to approve a bad site if he knows that the media will come after him like blood hounds if it comes out that he approved a site about donkeys and grandmothers.
There is an easy solution to the problem. Blocking software with a central, and public, white list. Using a central process (with local overrides) allows small libraries to benefit and not have to maintain their own white lists, and opens the process to review. And by public/open, I mean that any citizen could look at approvals and rejections, time & date, and who is responsible for the white list request and who's decision it was to ultimately approve or deny it.
And you must allow the white list process to come from both directions, for instance, that breast cancer website could request to be added, perhaps with small fines if they are approved and subsequently change their content such that they would have been denied (changing breast cancer to breast porn, for instance).
If we must block content, at least do it intelligently. We have the technology and the means to build an infrastructure to support this model. We do not, and will not ever, have the means to enforce something like COPA. Our court systems are already full enough, thank you very much.
Yes, Yahoo! actually used Google results up through the beginning of 2004. They dropped Google and went with a derivative of the Inktomi search engine which they had acquired through the beginning of 2003.
I'll have to check again when this has passed, I couldn't get pages to load at work. Thanks.
You may not be able to disclose this, but how many zones do you support and under what type of operating environment (OS, DNS software)? You often see debates of statistics of which DNS can more easily handle a lot of traffic, but your service has another problem on top of bandwidth: volume of zones. Have you experimented with the various packages and setups?
That's not the goal, though, of the foundation. The goal is to invest, but not invest in traditional stock markets. They are investing in human lives and the betterment of mankind as a whole, which is a much stronger investment, where the returns do keep on giving for generations even after the actual money runs dry.
Also, as the foundation proves that it is working, more and more high-power donations will probably pour in, albeit not as large as Gates'. The plan is based on their current funding level and their expected contributions from the Gates family.
You don't want a transparent election. While times are not tough now, they may be in the future, and you never know what kind of trouble those around you could create if they knew or could find out who you voted for. Voting is a anonymous and deniable for a reason.
Tell that to the working class poor who don't make enough money to bother with banks, or to the inner city poor who have to pay rent with cash or those living out of week-stay live-in motels.
Want to see something sad? Next time gas prices are near $3/gallon, go inside a convenience store. Don't pick a nice one... pick one that you normally wouldn't go to. Now watch the stream of people file in and pull a single $5 out of their wallet and pre-pay for their gasoline. None of those people have a debit card.
Blind people come in all walks of life.
This is no surprise at all. Keyloggers will be a thing of the past soon enough for the major hackers.
More scary is the fact that adding a simple network device will allow a virus to log all Internet traffic. Look at HTTPLook (a small app used to sniff HTTP traffic). It comes with a small HTTPS module that intercepts HTTP traffic transmitted via HTTPS.
Using such a device will also help cut down on the amount of data hackers can get -- HTTP traffic is useless to them. Why do they care you went to Google and searched for "hot gay wrestlers"? They don't. HTTPS, on the other hand, will set off alarm bells -- if a server is worried enough about security that it pays for certificates, the data must be worth something, right?
The solution is that logging into secure systems needs to require a physical presence. An older system I maintained a few years ago for the Mortgage industry used a username, password, and a key from a small business card in their wallet. Each month users received a new card, and each card had about 50 numbers on it. The system knew which numbers each user had and only allowed each number to be used once. Logging in with a wrong number would flag your account, repeated attempts would lock it. Yes, it increased support load when someone lost their card (the cards were unmarked so if someone found it, the numbers are useless), but it was fairly secure and generally a lower cost alternative to biometrics (and much more portable).
This combines the "something you know" authentication scheme (username, password) and the "something you have" scheme (password card). The third type is "something you are" -- biometrics.
(Failure point: person gets kidnapped. If a user gets kidnapped, security is the least of the worries until they are recovered. Failure point: if the database with the numbers is compromised, the system is no longer secure. If the database is compromised, they no longer need to log in, and no secret numbers will stop them.)
What about companies?
The data in question isn't HTML data, traditional linking doesn't really apply.
The data available through Google is not free-as-in-beer. There's no usage fee, but Google doesn't own the data, and they are only defending what they paid for. I would suspect that if these third-party data providers saw that Google wasn't defending their license agreement, they would jack Google's data fees or revoke their license altogether, thus ruining it for everyone, not just those of the Gaia project. Sometimes killing one project is worth it, even if it sucks for some of us.
I'm sure if Google had their own satellites and collected the data themselves and could use it any way they pleased, we would be in a slightly different situation: Google would simply hire the Gaia developers and make a slick product out of it.
If my manager doesn't know the technology that I'm using, he will inevitably agree to something that cannot be done (either impossible or not feasible). Haven't we all had bosses come down and dish out a nearly impossible task that sounds simple when he explains it, but really isn't? When that happens, a few things can happen: a) you get stuck doing it anyway, putting other projects behind schedule b) you fail to do it and look bad (and your boss is insulated from it: "I thought he could do it!") or worse.
I don't expect my bosses to know how to program Python, but they at least have to know what the technology is, how it works, and preferably at least how to read/interpret it.
Of course, in smaller teams, your manager is probably coding with you. Not every group can have a hands-off manager. However, if this is the case, the manager does need to ensure his role is maintained as manager, and not simply a developer. Managers need to insulate their team from stupid ideas, demands, and pet projects from higher levels of management.
Best of all, a manager that really does know the underlying technology will protect his job better. He might not have to program, but he could if he wanted to. Then he is telling the truth when he tells a manager that the "Project was possible, we just didn't have the talent for it."
Ideally managers should be very blunt, too, but that's just a personal preference. Where I work now, for instance, the managers are all-but-silent except during your yearly review. They then present a binder (not just a folder...) of your performance through the year. You may have sucked for 8 months, but they won't tell you til that review, and by then it is probably too late. I'd rather know that I suck sooner than later. Tech-savy managers could make that happen easier.
The money comes from them trying to keep their operating system "safe" for consumers. While consumers don't know and probably don't care that most phishing e-mails come from compromised Windows systems, consumers will eventually associate "windows == spam". The less spam that large e-mail servers have to serve, the less congested Windows servers will be, and the less likely they will be to go through a large-scale conversion to Linux (or any other platform other than Exchange/AD).
I applaud Microsoft's efforts, actually. They are targeting countries that don't have advanced laws to protect against this, and hopefully will help countries adopt legislation that will make these offenses highly illegal. While it would be nice to see an open, non-profit campaigning for law adoption, sometimes that just isn't feasible. Who would a government or politician trust about computers: Microsoft (who they probably already know since they run Windows, etc) or some Canadian guy who says spam is bad?
At least countries can use the Microsoft ideas as a starting point.
Defense? Who said anything about defense? Pre-emptive strikes are where it's, baby!
This bio-attack brought to you by IBM.
Do you trust websites to have anything more than a few ASCII characters? While I'm all for more secure banking websites and securing authentication to a network server or secure authentication to my workstation, I don't trust websites with much more than what they absolutely need to serve me.
What would you give them? Fingerprint? SSN? Photo? Voiceprint? Those are all things you cannot change. With an ASCII password, at least you can change it or throw it away.