"Whites were a bit brighter on the HD DVD, which made the fine blonde hairs on Aniston's arms clearly visible, while on the Blu-ray they blurred together in more of a brown mass."
This is a no-brainer. At least someone is paying attention to detail.
It is one thing to simply point people to infringing material through organic search results. It is quite another to enter into a financial arrangement with an infringing party. Some reasonable due diligence is warranted here by Google and I think that is where Perfect 10 have a legitimate case.
I think Google is quite vulnerable here because they automate so much and would have to have an army of people to police content. Since this is a money making part of their business they need to factor that in just like hosting companies have to factor in the policing of sites and responding to DMCA complaints against parties with which they engage in contractual relationships.
We can argue all night about the level of security afforded by an SSL certificate. I think most people don't have a clue about http vs. https and just follow the links where ever they go. If the artwork looks good, the "rap" sounds good and offers something they would want, they just "give it up" without worrying about the little lock icon. If the phisher is good enough, they won't give it a second thought, even after being fished (e.g. "congratulations you have been enrolled in Verfied by Visa").
The solution to the whole phishing thing should be obvious to us in the technology world. Remember mutual authentication. Yes it still works. Bank of America let's you choose a 'picture' that they promise to always show you before you give up your password. The solution is marginal at present because you only know about it if you use their online services to start with. A serious mutual authentication scheme would involve printing every statement with this picture and drilling into peoples minds that - no picture, no password. It requires a serious PR campaign.
Right now I have no sympathy for the banks who get ripped off (mtnamerica.org - give me a break). I do have sympathy for the innocent people who fall victim to this and for the shareholders of banks who have to put up with the slow uptake on solutions to this problem.
Well I think it really does come down to whether or not the problems are often with their code. I think they are mostly due to their architecture. Sure the code is flawed but if they had the right architecture to start with they would not have to spend so much effort securing every detail of their code.
You have a lock on the front door because you don't want to have to put locks on every door in your house. A web page can run code on your PC (activex) as long as the code is trusted. Many of the security flaws come from exploiting Activex. The code may be trusted but is not always secure. One of the locks on the inner doors was left unlocked.
Other browsers by contrast did not try and get so intimate with the operating system and have much more formal walls between the browser and the OS. The Java sandbox architecture is an example of this but of course Microsoft was scared of Java and killed it.
Sure they have the right to charge for their anti-virus software because all of the problems are not their doing but there certainly is some irony here.
Re:Who Said Anything About a Payments Business
on
PayPal vs Google(Buy)
·
· Score: 1
If Google were to gain the trust of buyers and sellers, have no accounts whatsoever, but just match up buyers and sellers and transact with the banks and credit card companies on their behalf, then they would have access to the data, but not have to store anyone's money.
Well that is sort of what I am getting. The key is that
a) They don't store money (neither a lender nor a borrower be as the Bard once said).
b) They are not the merchant of record on the transaction and therefore are not responsible for chargebacks, disputes or fraud.
They could add value in two ways. First by the secure storage of credit cards for the buyers and secondly by accumulating information that can evaluate the risk of fraud. This could be passed to merchants and would be of great value. Of course this might require a gateway and then they could take a piece of the action without taking a piece of the risk. I am just guessing out loud here.
Matching buyers and sellers is something they can do regardless of the payment method.
Re:Who Said Anything About a Payments Business
on
PayPal vs Google(Buy)
·
· Score: 1
[i]Is PayPal a bank?[/i]
Fully understand your point about how Paypal is regulated or more accurately how they are not regulated. Regulation or not I just can't see how a stored value account fits into the mission of organizing the worlds information.
Prevention of fraud is very hard. The reason Paypal succeeds is because they take a hard line. If it smells like fraud they shut you down in a heart beat (and keep your money while they figure out what happened). It is exactly this kind of thing that makes a lot of people consider Paypal as evil. Does Google want to go there? Could they do it so much better than Paypal? It would be a big reputational risk in my view.
Who Said Anything About a Payments Business
on
PayPal vs Google(Buy)
·
· Score: 2, Insightful
Is it possible Eric Schmidt is telling the truth?
Maybe they are actually going to only be in the business of securley storing and transmitting credit card info. Maybe going as far as being in the gateway business. Being a merchant of record as is Paypal is a huge step and is most unpleasant. Do they really want to be in the business of chasing down fraudsters and dealing with angry customers over chargebacks?
Becoming a bank simply does not fit the mission statement in my view.
While these two formats compete some will wonder whether it makes sense to buy DVDs at all. Hi-def PVRs are starting to roll out and it is just a matter of time before you can get hi-def on demand.
When Bill Gates said ten years ago that the Internet would become an 'Information Appliance' I really did not understand what he was talking about and thought he was a pompous ass. Now I search the internet 20-30 times per day and would be absolutely lost without out it.
So why is Google better? Probably not because their search engine is better. It is their formula - simplicity and relevancy. Their pages are not cluttered and contain only relevant information. Their ads are relevant. Their features are relevant.
What impresses me about this movie review is not how they review movies or the feature itself - which will change. It is the way it fits into the simple/relevant formula - you type the name of a movie or keywords about the plot and that is the way it starts. You don't have to navigate to movie.this or movie.that you just start typing. This is the way the world is starting to work and think and is a subtle but discernable shift from the old way.
This is one question I'm really not sure I have the answer to. Is doing it properly better in the long run. The problem with a hacked bug fix is that it stays a hacked bug fix forever. Period.
Evenutally, that hack becomes a trouble to maintain and I'd bet my bottom dollar that it then takes more time to remove the hack and rework it properly that it would have taken to fix it properly in the first place.
There has to be a middle ground. You don't have to have perfect code but you won't be serving your users if go you around breaking things with quick fixes. The trouble is the more you let code get out of control with quick fixes the better the odds are that one fix will break something else.
Well I am a geek and I use IE.
However I strongly recommend Firefox to all of my non-geek friends. I am tired of cleaning up the mess left behind when they use IE. You know the drill. You go over to someone's house for dinner and before long you are downloading spybot for them.
Slashdot Mirror
It is one thing to simply point people to infringing material through organic search results. It is quite another to enter into a financial arrangement with an infringing party. Some reasonable due diligence is warranted here by Google and I think that is where Perfect 10 have a legitimate case.
I think Google is quite vulnerable here because they automate so much and would have to have an army of people to police content. Since this is a money making part of their business they need to factor that in just like hosting companies have to factor in the policing of sites and responding to DMCA complaints against parties with which they engage in contractual relationships.
We can argue all night about the level of security afforded by an SSL certificate. I think most people don't have a clue about http vs. https and just follow the links where ever they go. If the artwork looks good, the "rap" sounds good and offers something they would want, they just "give it up" without worrying about the little lock icon. If the phisher is good enough, they won't give it a second thought, even after being fished (e.g. "congratulations you have been enrolled in Verfied by Visa").
The solution to the whole phishing thing should be obvious to us in the technology world. Remember mutual authentication. Yes it still works. Bank of America let's you choose a 'picture' that they promise to always show you before you give up your password. The solution is marginal at present because you only know about it if you use their online services to start with. A serious mutual authentication scheme would involve printing every statement with this picture and drilling into peoples minds that - no picture, no password. It requires a serious PR campaign.
Right now I have no sympathy for the banks who get ripped off (mtnamerica.org - give me a break). I do have sympathy for the innocent people who fall victim to this and for the shareholders of banks who have to put up with the slow uptake on solutions to this problem.
OK. I get off soapbox now.
Cheers.
And of those 2 billion how many have posted the offending pictures?
When you take the intersection of that number (which is unknown but presumably quite small) it is alarming.
Is it just me or is the real story here how 900 websites managed to have lax security? That really scares me.
Well I think it really does come down to whether or not the problems are often with their code. I think they are mostly due to their architecture. Sure the code is flawed but if they had the right architecture to start with they would not have to spend so much effort securing every detail of their code.
You have a lock on the front door because you don't want to have to put locks on every door in your house. A web page can run code on your PC (activex) as long as the code is trusted. Many of the security flaws come from exploiting Activex. The code may be trusted but is not always secure. One of the locks on the inner doors was left unlocked.
Other browsers by contrast did not try and get so intimate with the operating system and have much more formal walls between the browser and the OS. The Java sandbox architecture is an example of this but of course Microsoft was scared of Java and killed it. Sure they have the right to charge for their anti-virus software because all of the problems are not their doing but there certainly is some irony here.
If Google were to gain the trust of buyers and sellers, have no accounts whatsoever, but just match up buyers and sellers and transact with the banks and credit card companies on their behalf, then they would have access to the data, but not have to store anyone's money.
Well that is sort of what I am getting. The key is that
a) They don't store money (neither a lender nor a borrower be as the Bard once said).
b) They are not the merchant of record on the transaction and therefore are not responsible for chargebacks, disputes or fraud.
They could add value in two ways. First by the secure storage of credit cards for the buyers and secondly by accumulating information that can evaluate the risk of fraud. This could be passed to merchants and would be of great value. Of course this might require a gateway and then they could take a piece of the action without taking a piece of the risk. I am just guessing out loud here.
Matching buyers and sellers is something they can do regardless of the payment method.
[i]Is PayPal a bank?[/i] Fully understand your point about how Paypal is regulated or more accurately how they are not regulated. Regulation or not I just can't see how a stored value account fits into the mission of organizing the worlds information. Prevention of fraud is very hard. The reason Paypal succeeds is because they take a hard line. If it smells like fraud they shut you down in a heart beat (and keep your money while they figure out what happened). It is exactly this kind of thing that makes a lot of people consider Paypal as evil. Does Google want to go there? Could they do it so much better than Paypal? It would be a big reputational risk in my view.
Is it possible Eric Schmidt is telling the truth? Maybe they are actually going to only be in the business of securley storing and transmitting credit card info. Maybe going as far as being in the gateway business. Being a merchant of record as is Paypal is a huge step and is most unpleasant. Do they really want to be in the business of chasing down fraudsters and dealing with angry customers over chargebacks? Becoming a bank simply does not fit the mission statement in my view.
While these two formats compete some will wonder whether it makes sense to buy DVDs at all. Hi-def PVRs are starting to roll out and it is just a matter of time before you can get hi-def on demand.
If you don't like it don't read it.
When Bill Gates said ten years ago that the Internet would become an 'Information Appliance' I really did not understand what he was talking about and thought he was a pompous ass. Now I search the internet 20-30 times per day and would be absolutely lost without out it.
So why is Google better? Probably not because their search engine is better. It is their formula - simplicity and relevancy. Their pages are not cluttered and contain only relevant information. Their ads are relevant. Their features are relevant.
What impresses me about this movie review is not how they review movies or the feature itself - which will change. It is the way it fits into the simple/relevant formula - you type the name of a movie or keywords about the plot and that is the way it starts. You don't have to navigate to movie.this or movie.that you just start typing. This is the way the world is starting to work and think and is a subtle but discernable shift from the old way.
There has to be a middle ground. You don't have to have perfect code but you won't be serving your users if go you around breaking things with quick fixes. The trouble is the more you let code get out of control with quick fixes the better the odds are that one fix will break something else.
Well I am a geek and I use IE. However I strongly recommend Firefox to all of my non-geek friends. I am tired of cleaning up the mess left behind when they use IE. You know the drill. You go over to someone's house for dinner and before long you are downloading spybot for them.