Use Google's Closure Compiler in ADVANCED_OPTIMIZATIONS mode. It reads various JSDoc hints, and can provide compile-time warnings and errors when you violate type constraints. It doesn't exactly make JavaScript strongly typed, there are a variety of ways you could fool it if i you want, but you'll be writing TIGHT JavaScript code that would be the envy of most web developers. And it'll out-perform anything they can produce because of the additional compile-time optimizations it can offer.
It's part of our build process here now. All JS scripts have to go through Closure. Unfortunately a number of 3rd party libraries won't work in advanced optimizations mode, so we can't use advanced across the board, but those scripts where we control the source, we get substantial size and performance gains, as well as the sanity of a compiler looking over our shoulder making sure we don't make a variety of humdrum simple mistakes.
You also get the advantage of being able to use compiler flags to alter the compiled source (@const declarations are replaced inline, and you can override the value of an @const at compile time, so you can have the equivalent of IFDEF's for different code paths per browser, and so forth - dead code paths are trimmed by the compiler so they don't increase the size of the output or have any performance impact for the end user).
It's true that the red herring volume needs to be your day to day operational drive when using full-disk encryption. But failing to have aligned timestamps on the decoy volume matching ISP level access logs is probably not dangerous for most people in this era. There's well more than a dozen connected Internet devices in my house sharing a single NATted IP address (there's 7 sitting on my desk alone). There's no way they could prove which devices within the house accessed what, and as long as something was powered up other than your secret volume, it's just circumstantial that any given device happened to not be powered up during that time. To add credibility, shut down your decoy volume every day at around the same time (eg, 9pm), and only boot into your secret volume during the normal shut-down periods.
Although mounting the secret volume from your decoy volume is a way to keep your OS booted up and logging events during your secret work, this is also dangerous since you'll likely leave traces of the existence of the secret volume's existence all over the decoy volume.
One thing you might choose to do is have the secret and decoy volumes actually just be TrueCrypt files on your encrypted primary volume. Keep exactly one or the other mounted at all times, use the same mount point for both, and have that mount point just be a subdirectory of your home directory. Your primary OS stays booted up all the time, whatever traces there are left on your OS volume of your secret volume should be indistinguishable from traces of your decoy volume. Use the decoy volume for day-to-day activities.
Another alternative, requires no maintenance, but it is a bit of a gambit, is to have your decoy volume be completely empty except for a single text file dated 1970-01-01T00:00:00Z, containing only the text, "All data on this volume has been erased due to repeated failed password attempts." Although the first thing modern law enforcement does is image the drive, so THEY won't typically have been responsible for such a wipe, they 1) can't prove it hadn't already happened before they got ahold of the drive, and 2) that they really did follow proper protocol and maybe some chucklehead uniform thought he'd try a few local sports team names before the data recovery guys got involved. Unless they conducted a no-knock raid, it's also possible that you mashed a wrong password repeatedly to destroy the contents before they got access to it.
Alan Turing was outright persecuted for failing to conform to society's norm. The government owes Turing's family and the rest of the country, even the rest of the world an enormous apology.
But granting a posthumous pardon does not change the past. We were still robbed of one of history's brightest and greatest minds because of homophobia. I agree with their reasoning, granting the pardon ignores and whitewashes the past. We should remember and tremble at what intolerance and hatred produces, not pat ourselves on the back for being more forward-thinking than our predecessors since as a society I don't think we've actually changed. Sure, it's no longer as popular to hate on homosexual people as it was in the past, but we have all new forms of hatred and intolerance which our modern society deems acceptable, and which will be just as subject to the next generation's ridicule and derision.
If people need daily standups to know what is going on, then your communication sucks.
Or this is how they know what's going on. If you have a team big enough, or more importantly busy enough, they are often so heads-down on their work that they don't have a chance to keep tabs on what the other guys are involved with. Keeping team members heads-down (or rather having an environment where they're able to maintain this focus when they need it) dramatically increases productivity and developer satisfaction.
Seriously, stand-ups are 10 minutes. Sure there's a certain level of awareness of what everyone's working on without it, but when you have 20 very busy developers, they just aren't going to always know what's going on with all the other guys. In the standup they will volunteer things that wouldn't have come up in normal conversation. "Oh, if anyone's using that new FooBarBaz API I wrote a couple of weeks ago, I need to change the prototype to fix a bug, let me know and I'll send you the new one."
You seem to be under the impression that standups are for management to talk to developers. They're not, they're for developers to talk to developers, and management to maybe listen in (no contribution unless asked a question). This is time developers own, nobody else.
The problem with using physical world analogies for software piracy is that the former depletes the available item supply, while the latter does not. Stealing a $60 physical good hurts the creator of that good FAR more than stealing a $60 virtual good. To the point that the cost of the former is the opportunity cost against the thief, plus the opportunity cost against the customer who would have bought it, plus the material cost, plus the distribution cost, which can collectively come pretty close to the overall cost of the good. The cost of the latter is exclusively the opportunity cost against the pirate, who very likely would never have bought the product either way. Trying to make analogies between piracy and theft is like trying to claim a public drinking water fountain is stealing from bottled water distributors.
I get that software companies, being companies, need to make a profit to exist, and that they tend to feel like each pirated copy is a lost sale like it would be in the physical world where they can only produce so many copies, most of which they eventually sell. It's really not the same in the software space though. Trying to create this sort of scarcity artificially (the goal of all DRM) only hurts their customers. Meanwhile every major DRM-laden software release has a pirated version available anyway, usually within only a few days. Those who wish to pirate still pirate away. Those who wish to pay for the product get something less functional than the free version they could have downloaded. I have previously purchased games, then downloaded them anyway because the DRM interfered with my ability to use what I bought.
you might start seeing cars that needed "permission" to be driven
Funny, it seems like I recall my car possessing some kind of permission enabling device that doesn't involve asking the dealer every time I start it up. I wish I keyould remember what it was keyalled. It also doesn't come with some kind of limit as to how many people are allowed to drive my car, or try to violate first-sale doctrine by preventing me from selling it to someone else when I'm done with it.
I hate this statement as a statement against the pharmaceutical industry.
Marketing 101 is all about Return on Investment. Marketing is an investment from which you expect a return greater than the investment. Very few large companies spend more on marketing than they get back out of it. This is just as true for pharmaceuticals as it is any other industry. That is the POINT of marketing expenditure. Maybe some companies have marketing departments which suck at their job. But that's not a problem with marketing in general, it's a problem with those particular companies.
So all that this statement says about anything is that our society pays too much attention to advertisements. A company that sends all their money into R&D at the expense of marketing will probably produce some pretty useful drugs that no doctors or patients ever hear about and so aren't used, so they don't sell as much, so they don't have as much money to invest into R&D.
It's relatively new, but this kind of attention could really skyrocket the extension forward. It's a great idea at large, there are a variety of situations where you want to defer decisions to your customer. Historically that meant creating a kind of pseudo DSL with a bunch of forms to fill out for the customer, with hopefully most major options covered, but usually failing to satisfy a variety of corner cases.
Another alternative is the V8JS extension (JavaScript). The advantage of JS is that more people know it already, and in may ways, JS is surprisingly elegant (not that Lua isn't). It won't perform as well as LUA though, and requires more resources to maintain the VM.
You know that it's not possible to use a standardized test to determine understanding, right? You can test process and memorization, but you can't test knowledge, only someone who works with individual students can assess that.
then it goes on the test. If not... well WE DON'T CARE
And that's how America is constantly coming up at the tail end of the first world when it comes to the education standard for its students. Some belief that a magical automatically graded test will be able to do a better job than critical analysis by educational professionals.
Kind of a huge exception, eh? Most parts of the USA don't even do that.
No, every part of the USA does, both public and private education. It may not be mandatory for the graduation of the student, but it's done anyway, and it affects funding for the school district. And in Finland, the test is mandatory for graduation, but not the sole marker. You could get 100% on the test, and be rejected for graduation because you are not considered to understand the material and passed instead by rote memorization.
Better neighborhoods will have better schools
Just like in America, where the same thing is true, except the politicians still send their kids to private school. All schools get the same funding in Finland, regardless of the earning potential of that district. Under-performing schools are given more money and access to the most highly trained professionals. Contrasted to the US where an under-performing district loses funding.
The difference between two randomly chosen Finnish kids is tiny compared to the difference between two randomly chosen American kids.
You think genetic heritage has more to do with educational success than a system where the entire country is dedicated to its success?
I have no doubt that the ability to audit manufacturing facilities is part of the contract they strike with a manufacturing company. Do you think Apple has no Q/A presence in the factory? Existing Q/A oversight can be tasked with overseeing working conditions as well, perhaps with additional staff for that purpose.
Company executives might be inclined to pilfer some off the top, but this sort of contract tends to have provisions for penalties when they fail to make expectations. The company risks for more in penalties than the potential reward.
Seriously, making sure your workers are well treated in foreign countries is not a new problem, nor one unique to Apple. If Apple can't figure it out, maybe they can hire someone who can. I've heard they have some remaining discretionary budget available to themselves.
Plus, Foxconn would improve worker conditions in any way Apple was willing to provide funding for. And Apple, being a company who profits $400,000 per employee certainly has the resources to provide funding for better worker conditions. Other companies who have far fewer resources at their disposal may not be able to measurably improve conditions and remain solvent. Apple's only excuse is greed, not survival.
This is completely untrue. In fact, it worsens the problem. Standardized testing leads to teaching for the test. Teachers whose students do well on standardized tests focus superficially on the material that will be tested and gloss over the ancillary knowledge. Meanwhile teachers who focus on making sure the students really understand the subject matter will have kids who test less well. Plus standardized testing is re-evaluated year after year, and changed according to areas where the student body at large over- or under-performs. So grades inflate in the sense that students do better on the test year over year, while understanding less and less. It's the same effect as traditional grade inflation (all kids must pass mentality), only with a different driver.
There's an apparent solution that is a hard pill to swallow for many in the US, and that comes by looking at Finland. Finland's school successes are being attributed to the fact that there are no private schools in Finland. There are some independent schools, but they may not charge tuition, and are publicly funded as well. This is true right into secondary and post-secondary education. They also have no standardized testing with the exception of a single graduation exam. They promote individualized grading. Progress is tracked with a random sampling of students.
The one that is probably the biggest contributor though, and the one least frequently talked about is the publicization of their schools. It means that every wealthy and powerful individual sends their kids into the same system that every dirt farmer's kids go into. Most US politicians send their kids to private schools that most US citizens wouldn't be able to afford (and it's pretty likely that a large chunk of those kids get a free ride because of who their parents are). Public education doesn't matter to policy makers in the US, because policy makers don't use public education.
Sure, physical security offers plenty of advantages over electronic security. But using both is even better. Defense in depth. A physically hidden device can be discovered with no involvement on your part, while an encrypted device with a sufficiently strong key cannot reasonably be accessed without your involvement even if discovered.
The way hidden volumes work, you don't have to try to pretend the card is a different size than it is. Digital forensics won't be fooled by that (they probably won't even look at size on the sticker, the first thing they do is image the device, creating a byte-for-byte copy of the data across the entire space without regard for partitions or other volume information). Hidden volumes occupy the same space as primary volumes. You can have a 16GB drive which consumes all 16GB of space for the primary volume. The hidden volume will occupy some subset of that space, usually writing from the end of the device toward the start of the device, and it can also be 16GB. Of course you can't write 32GB of data to this, if the sum of your primary and hidden volume exceed 16GB, writes will start destroying data on the alternate volume. But without the encryption key, that hidden volume just looks like randomized data in the primary volume's space (it's not possible to distinguish otherwise with any publicly known technique).
I called it a toy because it is designed both from a technical and a legal perspective to support Apple's store exclusively. If you're a serious book publisher you can't accept that limitation. The technical advantages of iBooks Author over InDesign are minimal if they exist at all - though the learning curve is presumably gentler. But the point is that since it's neither possible, nor permissible by the license to use iBooks Author to publish anywhere but Apple's store, you're going to need to use something else anyway.
Low-budget productions (those which would be attracted to free authoring software) aren't going to find it attractive to have to independently produce and maintain multiple versions of a book for different stores. High-budget productions (which can afford to maintain multiple publications) probably already own InDesign.
So essentially the only people who will find the technical and legal limitations of this software attractive are those who are ok with limiting their sales exposure to a single market when for basically the same effort they could have targeted all modern markets. This mostly means non-serious home publishers. People who are playing with the software (hence toy). Maybe they have something interesting to say; I'm sure there'll be some diamonds in the rough there. But most people who are publishing because they have a story to tell or information to share will care more about reaching the widest possible audience than with being provided pre-canned templates and a dumbed down authoring interface.
The links GP provides don't really support GP's proposition (certainly I was surprised at his claims since they differed from the other reports I'd seen). For one thing, this talks ONLY about Q4 sales, not market share per GP's claim. Of course sales is a leader of market share, and if you can be dominant in sales, market share follows eventually. However, owning one quarter's worth of dominance can't exactly be called a pattern, particularly when there's a demonstrated strong pattern of customers holding out for the new product launch that happened for iOS in this quarter.
Apple certainly had a good quarter, and made up some of the gap between themselves and Android, but still 51% of Q4 new smartphone sales belonged to Android (compared to 37% for iOS). This is according to GP's own link. Another of GP's links has iOS at 43% of the new sales compared to Android's 47% of new sales, but still Android is outselling iOS by that report; just not by as wide of a margin. The only report to actually support GP's claim of the three provided by GP has a difference in sales of 0.1% - far, far less than any margin of error could have been, so at best it could be claimed by this report that it can't be shown that iOS is still losing market share to Android; no claim that one or the other is dominant could be made from such a narrow margin.
It still has jack squat to do with an interesting hardware/software hack between a phone, a projector, and a Kinect. A little more responsive, and something like this would make a fantastic presentation platform.
If this new iBooks Editor becomes the defacto standard for eBook publishing
That really won't happen. iBooks Author is good for (as the name suggests) authoring books for iBooks. Although under the hood, superficially, the output is an ePub3 book with a different extension, in practice, it's riddled with -ibooks- css extensions and <objects> of type application/ibooks. Only Apple's software can display these books correctly.
Even without this clause, if you want to separately target ANY other book store, you're going to need to re-author your book with a different tool. Adobe InDesign comes to mind since it supports all the major platforms, including iBooks.
Basically iBooks Author is a toy Apple released so they'll be able to boast "X hundred thousand books exclusive to our store," without any qualitative examination that almost all of them are junk. Just like the App store.
The police are getting better. Digital forensics is a new field for police work though, so there are plenty of departments without much experience. It doesn't really take much training though for them to understand that when it comes to encrypted drives, you can have two passwords, one which unlocks a dummy drive, and one which unlocks the real data, and that the easiest way to detect that is seeing if the data you unlocked has anything recent in it. It's probably not the cops you have to worry about on this front, but the prosecutors. If you're in front of a judge who is compelling disclosure, then a prosecutor is involved. They are more likely to understand the situation, or more likely to contract with someone who does.
I would not be surprised if the digital forensics software they use for a lot of this stuff now doesn't have an indicator for that built in. "Red flag: the data on this drive appears to be most recently accessed on or before X date. If this precedes the date the drive was collected, this is probably dummy data." or "Red flag: the data on this drive appears to have been most recently accessed in the future - this is probably a forgery" (to compensate for future dating data to make it look more recently used). System logs, browser cache, and lots of temp files written by various programs can each give away the actual date of most recent use.
The issue with maintaining two volumes is that each will report lower capacities than the total drive capacity reported through the BIOS or via the label on the drive
This is not how secret volumes work. For one thing, both volumes look like randomized data since everything is encrypted. You can only examine them if you have the decryption key. With the decryption key, both volumes will report their size as the entire allocated space. The primary volume writes data start->end, while the secondary (secret) volume writes end<-start.
For example if you encrypted a 20GB physical drive, both volumes report that they are 20GB. Indeed if you write 20GB of data to either volume, you will OVERWRITE the alternate volume. It's up to you to know how much data you have on each volume and be careful not to write enough data so that the sum of both volumes exceeds the total volume size. You can mount both volumes at the same time, and the encryption software will reject writes to either volume which would overwrite data on the alternate volume.
A single hidden volume is good enough, maybe better than multiples (I'm not sure there is software which supports more than 2 volumes total, you get into trouble with volumes potentially overwriting each other's contents since they each have to not know about the others). A single hidden volume creates plausible deniability, because the default configuration is no hidden volume.
Now here's the problem with secondary volumes. In order for it to be plausible, you need to keep the red herring volume up to date. It needs to have files with recent timestamps on it and so forth. If they look in there and all the files are out of date and haven't been modified in 6+ months, it's not credible and threatens the plausibility of the denial. It works poorly for whole-disk encryption unless you're very good about doing most of your work in the primary volume, and only booting into the secret volume for short periods of nefarious activity.
It's possible to mount both volumes at once, and just be careful about sticking all the evidence on the secondary volume, but in most modern OS's, there'll be problematic artifacts indicating the secondary volume exists in the form of "Recent Files" lists in applications or in the OS level. You'll also have to worry about program caches being written out to the primary volume and being recoverable from free space on the drive; so as part of shut-down you'll need a script which writes random data to the empty space and knows how to destroy the internal cache files of all your applications - even ones you don't use for nefarious purposes since a cache file may not be zeroed out when it's allocated (thus capturing sensitive data). Basically keeping both mounted at the same time is a sure fire way to accidentally leave behind some evidence on the "safe" drive.
The only safe way to do this is to dual-boot sensitive and non-sensitive volumes. Boot into the sensitive volume only for secret activities, and otherwise be booted up on the non-sensitive volume for everything else. You can see why maintaining multiple red herrings is problematic, and since the plausibility of the denial does not significantly increase, while the chances of leaving behind some indicators of a tertiary volume increases significantly, you're better off with a single hidden volume. As a final note, if you do maintain two red herring volumes, your secondary volume needs to have a reason you'd keep it secret. If there's nothing sensitive on there, it's too obvious of a distraction; you might as well label the volume "red herring."
Around here, AT&T's 3G is slower than AT&T's 2G (EDGE), even with full bars - to the point where I sometimes have trouble successfully sending an email. I'm not sure I'd consider them a good benchmark of what the capability of the technology is. 4G definitely supports more bandwidth than 3G, as long as the carrier can provide a wide-enough pipe to the cell tower.
You can afford your own house, right? Or at least an apartment? You're not paid a low enough salary that the only way you can survive is to stay in company dormitories and give most of your paycheck back to the company store for little things like rations, right? Do you get vacation time? Do you work six 12 hour days each week?
No, obviously your job is as exploitive as a factory worker job in China.
If you give up the encryption code, you've waived your right WRT self incrimination. If you don't and they find it another way, then you haven't self-incriminated.
All it means is that you can't be forced to cough up the encryption code. Except that's proving to not be true; it's considered akin to being asked for the key to a house. The principal is that with enough dedication, law enforcement will find the information. Inevitable discovery: not "will probably," but "will" (even if that "will" may not be before the heat death of the universe). So courts have started to consider (rightly or not) that witholding encryption keys is akin to either contempt or obstruction of justice, and doesn't fall under the 5th amendment (US). Other countries have key disclosure laws, and failure to provide the keys carries its own penalty. You can and will be jailed for refusing.
In the US and elsewhere, if witholding keys is considered contempt (and all they have to do for this to attach is ask you for them in the presence of a judge), due process does not attach; jail for contempt it is often said that you hold the keys for your release (usually figuratively, but for encryption, literally). So you don't get a trial, you get put in jail for as long as you refuse to hand over the keys. There is no upper limit since it's considered that you're there only for as long as you choose to be. You could spend the rest of your life in jail unless you hand over the keys.
If you wish to protect yourself, you need plausible deniability. TrueCrypt offers this; it'd be great if there was a network protocol equivalent.
It's all the more disgusting from a company boasting $400,000 profit per employee. It's not like improving working conditions will break their bank, the only reason they exploit other humans like this is pure greedy profit.
So essentially Apple is saying, "We can't have these jobs in the US because the Standard Of Living in the US is too high, and we want to profit from a lower SOL."
Seriously, the workers are woken up in the middle of the night from their dormitories, given "a biscuit and a cup of tea" (as though this is some magnificent reward), then faced a 12 hour shift, before being overworked for a week straight. All because Apple made a bad design decision, and obviously their product's street date is more important than the health and well-being of 8,000 workers.
This is sweat-shop mentality. Apple shouldn't be boasting about this, they should be apologizing.
Slashdot Mirror
Use Google's Closure Compiler in ADVANCED_OPTIMIZATIONS mode. It reads various JSDoc hints, and can provide compile-time warnings and errors when you violate type constraints. It doesn't exactly make JavaScript strongly typed, there are a variety of ways you could fool it if i you want, but you'll be writing TIGHT JavaScript code that would be the envy of most web developers. And it'll out-perform anything they can produce because of the additional compile-time optimizations it can offer.
It's part of our build process here now. All JS scripts have to go through Closure. Unfortunately a number of 3rd party libraries won't work in advanced optimizations mode, so we can't use advanced across the board, but those scripts where we control the source, we get substantial size and performance gains, as well as the sanity of a compiler looking over our shoulder making sure we don't make a variety of humdrum simple mistakes.
You also get the advantage of being able to use compiler flags to alter the compiled source (@const declarations are replaced inline, and you can override the value of an @const at compile time, so you can have the equivalent of IFDEF's for different code paths per browser, and so forth - dead code paths are trimmed by the compiler so they don't increase the size of the output or have any performance impact for the end user).
It's true that the red herring volume needs to be your day to day operational drive when using full-disk encryption. But failing to have aligned timestamps on the decoy volume matching ISP level access logs is probably not dangerous for most people in this era. There's well more than a dozen connected Internet devices in my house sharing a single NATted IP address (there's 7 sitting on my desk alone). There's no way they could prove which devices within the house accessed what, and as long as something was powered up other than your secret volume, it's just circumstantial that any given device happened to not be powered up during that time. To add credibility, shut down your decoy volume every day at around the same time (eg, 9pm), and only boot into your secret volume during the normal shut-down periods.
Although mounting the secret volume from your decoy volume is a way to keep your OS booted up and logging events during your secret work, this is also dangerous since you'll likely leave traces of the existence of the secret volume's existence all over the decoy volume.
One thing you might choose to do is have the secret and decoy volumes actually just be TrueCrypt files on your encrypted primary volume. Keep exactly one or the other mounted at all times, use the same mount point for both, and have that mount point just be a subdirectory of your home directory. Your primary OS stays booted up all the time, whatever traces there are left on your OS volume of your secret volume should be indistinguishable from traces of your decoy volume. Use the decoy volume for day-to-day activities.
Another alternative, requires no maintenance, but it is a bit of a gambit, is to have your decoy volume be completely empty except for a single text file dated 1970-01-01T00:00:00Z, containing only the text, "All data on this volume has been erased due to repeated failed password attempts." Although the first thing modern law enforcement does is image the drive, so THEY won't typically have been responsible for such a wipe, they 1) can't prove it hadn't already happened before they got ahold of the drive, and 2) that they really did follow proper protocol and maybe some chucklehead uniform thought he'd try a few local sports team names before the data recovery guys got involved. Unless they conducted a no-knock raid, it's also possible that you mashed a wrong password repeatedly to destroy the contents before they got access to it.
Alan Turing was outright persecuted for failing to conform to society's norm. The government owes Turing's family and the rest of the country, even the rest of the world an enormous apology.
But granting a posthumous pardon does not change the past. We were still robbed of one of history's brightest and greatest minds because of homophobia. I agree with their reasoning, granting the pardon ignores and whitewashes the past. We should remember and tremble at what intolerance and hatred produces, not pat ourselves on the back for being more forward-thinking than our predecessors since as a society I don't think we've actually changed. Sure, it's no longer as popular to hate on homosexual people as it was in the past, but we have all new forms of hatred and intolerance which our modern society deems acceptable, and which will be just as subject to the next generation's ridicule and derision.
If people need daily standups to know what is going on, then your communication sucks.
Or this is how they know what's going on. If you have a team big enough, or more importantly busy enough, they are often so heads-down on their work that they don't have a chance to keep tabs on what the other guys are involved with. Keeping team members heads-down (or rather having an environment where they're able to maintain this focus when they need it) dramatically increases productivity and developer satisfaction.
Seriously, stand-ups are 10 minutes. Sure there's a certain level of awareness of what everyone's working on without it, but when you have 20 very busy developers, they just aren't going to always know what's going on with all the other guys. In the standup they will volunteer things that wouldn't have come up in normal conversation. "Oh, if anyone's using that new FooBarBaz API I wrote a couple of weeks ago, I need to change the prototype to fix a bug, let me know and I'll send you the new one."
You seem to be under the impression that standups are for management to talk to developers. They're not, they're for developers to talk to developers, and management to maybe listen in (no contribution unless asked a question). This is time developers own, nobody else.
The problem with using physical world analogies for software piracy is that the former depletes the available item supply, while the latter does not. Stealing a $60 physical good hurts the creator of that good FAR more than stealing a $60 virtual good. To the point that the cost of the former is the opportunity cost against the thief, plus the opportunity cost against the customer who would have bought it, plus the material cost, plus the distribution cost, which can collectively come pretty close to the overall cost of the good. The cost of the latter is exclusively the opportunity cost against the pirate, who very likely would never have bought the product either way. Trying to make analogies between piracy and theft is like trying to claim a public drinking water fountain is stealing from bottled water distributors.
I get that software companies, being companies, need to make a profit to exist, and that they tend to feel like each pirated copy is a lost sale like it would be in the physical world where they can only produce so many copies, most of which they eventually sell. It's really not the same in the software space though. Trying to create this sort of scarcity artificially (the goal of all DRM) only hurts their customers. Meanwhile every major DRM-laden software release has a pirated version available anyway, usually within only a few days. Those who wish to pirate still pirate away. Those who wish to pay for the product get something less functional than the free version they could have downloaded. I have previously purchased games, then downloaded them anyway because the DRM interfered with my ability to use what I bought.
you might start seeing cars that needed "permission" to be driven
Funny, it seems like I recall my car possessing some kind of permission enabling device that doesn't involve asking the dealer every time I start it up. I wish I keyould remember what it was keyalled. It also doesn't come with some kind of limit as to how many people are allowed to drive my car, or try to violate first-sale doctrine by preventing me from selling it to someone else when I'm done with it.
They spend more on advertising then [sic] R&D.
I hate this statement as a statement against the pharmaceutical industry.
Marketing 101 is all about Return on Investment. Marketing is an investment from which you expect a return greater than the investment. Very few large companies spend more on marketing than they get back out of it. This is just as true for pharmaceuticals as it is any other industry. That is the POINT of marketing expenditure. Maybe some companies have marketing departments which suck at their job. But that's not a problem with marketing in general, it's a problem with those particular companies.
So all that this statement says about anything is that our society pays too much attention to advertisements. A company that sends all their money into R&D at the expense of marketing will probably produce some pretty useful drugs that no doctors or patients ever hear about and so aren't used, so they don't sell as much, so they don't have as much money to invest into R&D.
I'm sure they did. It's got to somewhere among the 76 individual <script src="..."> includes or 73 inline <script> ... </script> tags.
Looking at this source code... it makes me cry on the inside just a little bit.
There is a LUA PHP PECL extension: http://pecl.php.net/package/lua
It's relatively new, but this kind of attention could really skyrocket the extension forward. It's a great idea at large, there are a variety of situations where you want to defer decisions to your customer. Historically that meant creating a kind of pseudo DSL with a bunch of forms to fill out for the customer, with hopefully most major options covered, but usually failing to satisfy a variety of corner cases.
Another alternative is the V8JS extension (JavaScript). The advantage of JS is that more people know it already, and in may ways, JS is surprisingly elegant (not that Lua isn't). It won't perform as well as LUA though, and requires more resources to maintain the VM.
You know that it's not possible to use a standardized test to determine understanding, right? You can test process and memorization, but you can't test knowledge, only someone who works with individual students can assess that.
then it goes on the test. If not... well WE DON'T CARE
And that's how America is constantly coming up at the tail end of the first world when it comes to the education standard for its students. Some belief that a magical automatically graded test will be able to do a better job than critical analysis by educational professionals.
Kind of a huge exception, eh? Most parts of the USA don't even do that.
No, every part of the USA does, both public and private education. It may not be mandatory for the graduation of the student, but it's done anyway, and it affects funding for the school district. And in Finland, the test is mandatory for graduation, but not the sole marker. You could get 100% on the test, and be rejected for graduation because you are not considered to understand the material and passed instead by rote memorization.
Better neighborhoods will have better schools
Just like in America, where the same thing is true, except the politicians still send their kids to private school. All schools get the same funding in Finland, regardless of the earning potential of that district. Under-performing schools are given more money and access to the most highly trained professionals. Contrasted to the US where an under-performing district loses funding.
The difference between two randomly chosen Finnish kids is tiny compared to the difference between two randomly chosen American kids.
You think genetic heritage has more to do with educational success than a system where the entire country is dedicated to its success?
I have no doubt that the ability to audit manufacturing facilities is part of the contract they strike with a manufacturing company. Do you think Apple has no Q/A presence in the factory? Existing Q/A oversight can be tasked with overseeing working conditions as well, perhaps with additional staff for that purpose.
Company executives might be inclined to pilfer some off the top, but this sort of contract tends to have provisions for penalties when they fail to make expectations. The company risks for more in penalties than the potential reward.
Seriously, making sure your workers are well treated in foreign countries is not a new problem, nor one unique to Apple. If Apple can't figure it out, maybe they can hire someone who can. I've heard they have some remaining discretionary budget available to themselves.
Plus, Foxconn would improve worker conditions in any way Apple was willing to provide funding for. And Apple, being a company who profits $400,000 per employee certainly has the resources to provide funding for better worker conditions. Other companies who have far fewer resources at their disposal may not be able to measurably improve conditions and remain solvent. Apple's only excuse is greed, not survival.
Standard tests solve the grade inflation problem
This is completely untrue. In fact, it worsens the problem. Standardized testing leads to teaching for the test. Teachers whose students do well on standardized tests focus superficially on the material that will be tested and gloss over the ancillary knowledge. Meanwhile teachers who focus on making sure the students really understand the subject matter will have kids who test less well. Plus standardized testing is re-evaluated year after year, and changed according to areas where the student body at large over- or under-performs. So grades inflate in the sense that students do better on the test year over year, while understanding less and less. It's the same effect as traditional grade inflation (all kids must pass mentality), only with a different driver.
There's an apparent solution that is a hard pill to swallow for many in the US, and that comes by looking at Finland. Finland's school successes are being attributed to the fact that there are no private schools in Finland. There are some independent schools, but they may not charge tuition, and are publicly funded as well. This is true right into secondary and post-secondary education. They also have no standardized testing with the exception of a single graduation exam. They promote individualized grading. Progress is tracked with a random sampling of students.
The one that is probably the biggest contributor though, and the one least frequently talked about is the publicization of their schools. It means that every wealthy and powerful individual sends their kids into the same system that every dirt farmer's kids go into. Most US politicians send their kids to private schools that most US citizens wouldn't be able to afford (and it's pretty likely that a large chunk of those kids get a free ride because of who their parents are). Public education doesn't matter to policy makers in the US, because policy makers don't use public education.
When this happens, I'm coming to find you for planting the idea in their heads.
Sure, physical security offers plenty of advantages over electronic security. But using both is even better. Defense in depth. A physically hidden device can be discovered with no involvement on your part, while an encrypted device with a sufficiently strong key cannot reasonably be accessed without your involvement even if discovered.
The way hidden volumes work, you don't have to try to pretend the card is a different size than it is. Digital forensics won't be fooled by that (they probably won't even look at size on the sticker, the first thing they do is image the device, creating a byte-for-byte copy of the data across the entire space without regard for partitions or other volume information). Hidden volumes occupy the same space as primary volumes. You can have a 16GB drive which consumes all 16GB of space for the primary volume. The hidden volume will occupy some subset of that space, usually writing from the end of the device toward the start of the device, and it can also be 16GB. Of course you can't write 32GB of data to this, if the sum of your primary and hidden volume exceed 16GB, writes will start destroying data on the alternate volume. But without the encryption key, that hidden volume just looks like randomized data in the primary volume's space (it's not possible to distinguish otherwise with any publicly known technique).
I called it a toy because it is designed both from a technical and a legal perspective to support Apple's store exclusively. If you're a serious book publisher you can't accept that limitation. The technical advantages of iBooks Author over InDesign are minimal if they exist at all - though the learning curve is presumably gentler. But the point is that since it's neither possible, nor permissible by the license to use iBooks Author to publish anywhere but Apple's store, you're going to need to use something else anyway.
Low-budget productions (those which would be attracted to free authoring software) aren't going to find it attractive to have to independently produce and maintain multiple versions of a book for different stores. High-budget productions (which can afford to maintain multiple publications) probably already own InDesign.
So essentially the only people who will find the technical and legal limitations of this software attractive are those who are ok with limiting their sales exposure to a single market when for basically the same effort they could have targeted all modern markets. This mostly means non-serious home publishers. People who are playing with the software (hence toy). Maybe they have something interesting to say; I'm sure there'll be some diamonds in the rough there. But most people who are publishing because they have a story to tell or information to share will care more about reaching the widest possible audience than with being provided pre-canned templates and a dumbed down authoring interface.
The links GP provides don't really support GP's proposition (certainly I was surprised at his claims since they differed from the other reports I'd seen). For one thing, this talks ONLY about Q4 sales, not market share per GP's claim. Of course sales is a leader of market share, and if you can be dominant in sales, market share follows eventually. However, owning one quarter's worth of dominance can't exactly be called a pattern, particularly when there's a demonstrated strong pattern of customers holding out for the new product launch that happened for iOS in this quarter.
Apple certainly had a good quarter, and made up some of the gap between themselves and Android, but still 51% of Q4 new smartphone sales belonged to Android (compared to 37% for iOS). This is according to GP's own link. Another of GP's links has iOS at 43% of the new sales compared to Android's 47% of new sales, but still Android is outselling iOS by that report; just not by as wide of a margin. The only report to actually support GP's claim of the three provided by GP has a difference in sales of 0.1% - far, far less than any margin of error could have been, so at best it could be claimed by this report that it can't be shown that iOS is still losing market share to Android; no claim that one or the other is dominant could be made from such a narrow margin.
It still has jack squat to do with an interesting hardware/software hack between a phone, a projector, and a Kinect. A little more responsive, and something like this would make a fantastic presentation platform.
If this new iBooks Editor becomes the defacto standard for eBook publishing
That really won't happen. iBooks Author is good for (as the name suggests) authoring books for iBooks. Although under the hood, superficially, the output is an ePub3 book with a different extension, in practice, it's riddled with -ibooks- css extensions and <objects> of type application/ibooks. Only Apple's software can display these books correctly.
Even without this clause, if you want to separately target ANY other book store, you're going to need to re-author your book with a different tool. Adobe InDesign comes to mind since it supports all the major platforms, including iBooks.
Basically iBooks Author is a toy Apple released so they'll be able to boast "X hundred thousand books exclusive to our store," without any qualitative examination that almost all of them are junk. Just like the App store.
The police are getting better. Digital forensics is a new field for police work though, so there are plenty of departments without much experience. It doesn't really take much training though for them to understand that when it comes to encrypted drives, you can have two passwords, one which unlocks a dummy drive, and one which unlocks the real data, and that the easiest way to detect that is seeing if the data you unlocked has anything recent in it. It's probably not the cops you have to worry about on this front, but the prosecutors. If you're in front of a judge who is compelling disclosure, then a prosecutor is involved. They are more likely to understand the situation, or more likely to contract with someone who does.
I would not be surprised if the digital forensics software they use for a lot of this stuff now doesn't have an indicator for that built in. "Red flag: the data on this drive appears to be most recently accessed on or before X date. If this precedes the date the drive was collected, this is probably dummy data." or "Red flag: the data on this drive appears to have been most recently accessed in the future - this is probably a forgery" (to compensate for future dating data to make it look more recently used). System logs, browser cache, and lots of temp files written by various programs can each give away the actual date of most recent use.
The issue with maintaining two volumes is that each will report lower capacities than the total drive capacity reported through the BIOS or via the label on the drive
This is not how secret volumes work. For one thing, both volumes look like randomized data since everything is encrypted. You can only examine them if you have the decryption key. With the decryption key, both volumes will report their size as the entire allocated space. The primary volume writes data start->end, while the secondary (secret) volume writes end<-start.
For example if you encrypted a 20GB physical drive, both volumes report that they are 20GB. Indeed if you write 20GB of data to either volume, you will OVERWRITE the alternate volume. It's up to you to know how much data you have on each volume and be careful not to write enough data so that the sum of both volumes exceeds the total volume size. You can mount both volumes at the same time, and the encryption software will reject writes to either volume which would overwrite data on the alternate volume.
A single hidden volume is good enough, maybe better than multiples (I'm not sure there is software which supports more than 2 volumes total, you get into trouble with volumes potentially overwriting each other's contents since they each have to not know about the others). A single hidden volume creates plausible deniability, because the default configuration is no hidden volume.
Now here's the problem with secondary volumes. In order for it to be plausible, you need to keep the red herring volume up to date. It needs to have files with recent timestamps on it and so forth. If they look in there and all the files are out of date and haven't been modified in 6+ months, it's not credible and threatens the plausibility of the denial. It works poorly for whole-disk encryption unless you're very good about doing most of your work in the primary volume, and only booting into the secret volume for short periods of nefarious activity.
It's possible to mount both volumes at once, and just be careful about sticking all the evidence on the secondary volume, but in most modern OS's, there'll be problematic artifacts indicating the secondary volume exists in the form of "Recent Files" lists in applications or in the OS level. You'll also have to worry about program caches being written out to the primary volume and being recoverable from free space on the drive; so as part of shut-down you'll need a script which writes random data to the empty space and knows how to destroy the internal cache files of all your applications - even ones you don't use for nefarious purposes since a cache file may not be zeroed out when it's allocated (thus capturing sensitive data). Basically keeping both mounted at the same time is a sure fire way to accidentally leave behind some evidence on the "safe" drive.
The only safe way to do this is to dual-boot sensitive and non-sensitive volumes. Boot into the sensitive volume only for secret activities, and otherwise be booted up on the non-sensitive volume for everything else. You can see why maintaining multiple red herrings is problematic, and since the plausibility of the denial does not significantly increase, while the chances of leaving behind some indicators of a tertiary volume increases significantly, you're better off with a single hidden volume. As a final note, if you do maintain two red herring volumes, your secondary volume needs to have a reason you'd keep it secret. If there's nothing sensitive on there, it's too obvious of a distraction; you might as well label the volume "red herring."
Around here, AT&T's 3G is slower than AT&T's 2G (EDGE), even with full bars - to the point where I sometimes have trouble successfully sending an email. I'm not sure I'd consider them a good benchmark of what the capability of the technology is. 4G definitely supports more bandwidth than 3G, as long as the carrier can provide a wide-enough pipe to the cell tower.
You can afford your own house, right? Or at least an apartment? You're not paid a low enough salary that the only way you can survive is to stay in company dormitories and give most of your paycheck back to the company store for little things like rations, right? Do you get vacation time? Do you work six 12 hour days each week?
No, obviously your job is as exploitive as a factory worker job in China.
If you give up the encryption code, you've waived your right WRT self incrimination. If you don't and they find it another way, then you haven't self-incriminated.
All it means is that you can't be forced to cough up the encryption code. Except that's proving to not be true; it's considered akin to being asked for the key to a house. The principal is that with enough dedication, law enforcement will find the information. Inevitable discovery: not "will probably," but "will" (even if that "will" may not be before the heat death of the universe). So courts have started to consider (rightly or not) that witholding encryption keys is akin to either contempt or obstruction of justice, and doesn't fall under the 5th amendment (US). Other countries have key disclosure laws, and failure to provide the keys carries its own penalty. You can and will be jailed for refusing.
In the US and elsewhere, if witholding keys is considered contempt (and all they have to do for this to attach is ask you for them in the presence of a judge), due process does not attach; jail for contempt it is often said that you hold the keys for your release (usually figuratively, but for encryption, literally). So you don't get a trial, you get put in jail for as long as you refuse to hand over the keys. There is no upper limit since it's considered that you're there only for as long as you choose to be. You could spend the rest of your life in jail unless you hand over the keys.
If you wish to protect yourself, you need plausible deniability. TrueCrypt offers this; it'd be great if there was a network protocol equivalent.
It's all the more disgusting from a company boasting $400,000 profit per employee. It's not like improving working conditions will break their bank, the only reason they exploit other humans like this is pure greedy profit.
So essentially Apple is saying, "We can't have these jobs in the US because the Standard Of Living in the US is too high, and we want to profit from a lower SOL."
Seriously, the workers are woken up in the middle of the night from their dormitories, given "a biscuit and a cup of tea" (as though this is some magnificent reward), then faced a 12 hour shift, before being overworked for a week straight. All because Apple made a bad design decision, and obviously their product's street date is more important than the health and well-being of 8,000 workers.
This is sweat-shop mentality. Apple shouldn't be boasting about this, they should be apologizing.