Tell that to the parents that have been arrested because their three year old kid ran into the camera frame while running around naked on a camping trip. Or bath-time photos, etc. You know, all of that stuff that nobody would have thought twice about a decade ago. It can now very easily completely destroy your life, even if you're found not guilty (hell, even if charges are never pressed).
I also believe that airport security has been completely unreasonable for at least the past few years. What's currently happening makes me feel like I'm living in some sort of twisted In Soviet Russia joke (but I'll be sure to let the whole security line know that I normally have to pay extra for the happy ending, and thanks for the great service - might as well make the fondling guards equally uncomfortable).
You can fit usually 4 2.5" drives in the space of a 3.5" drive, if you mount them sideways. A special enclosure that routes the drive connectors around the back might make that feasible. Similarly, you could fit twenty* or so of those Macbook Air "blade" SSDs in an appropriate enclosure, giving you 5TB of SSD in the same space of a 2TB spinning disk at current densities. Build in some sort of native RAID5-like controller (hopefully more Drobo-esque with the drive-swapping abilities) and you've really got a killer storage device.
* a 3.5"HDD is ~100mm wide, the 256GB SSDs are 3.7 mm. Figure a little breathing room plus the physical space for the enclosure (mounting screws,etc) and I figure an average of about 5mm/drive. Maybe that's too dense, but you get the general idea.
Well, RAM is going to be at least an order of magnitude faster (probably closer to two OOM) if you can find a fast enough bus for it (assuming you mean ramdisks as some sort of probably PCIE-based breakout board, rather than some software-based partition which will get the full speed). Depending on what you're doing, that could be easily worth the extra cost. Anything where you're looking for the performance of a memory-based database table without the actual limitations of using a MEMORY table comes to mind.
Google Voice is NOT a VoIP service (at least not the part you interact with), so using it from anything other than the iPhone would be rather difficult. Unless you wanted to use your iPod Touch/iPad as a remote control of sorts to have GV dial out through your home landline. It's akin to asking why there's no phone app on the iPod Touch. Or any other internet-connected, non-phone device out there for that matter.
Well, yes and no. Part of the reason that the rich are rich is because they don't frivolously spend money. They can easily do cost/benefit risk analysis. Say the fine is $1000/infringement. At $1/song, that means it's only worth it to steal it if you expect to be caught less than one in a thousand times.
Except it's not that simple. Rich people value their time. Spending time in court is not something they want to do, and it's time they aren't spending doing something productive. Let's say that if you're caught, you spend a day in court. If they value their time at $200/hr (which is probably low, all things considered), then that $1000 becomes $2600. Plus the headache, paperwork, etc. Even with a chance of getting caught approaching zero, it's worth a dollar as insurance to avoid any potential mess, never mind that $1 as a % of wealth is absurdly low. Heck, it's worth the dollar if it saves them literally just twenty seconds searching on the pirate bay.*
The amount of harm that a fine does directly doesn't change, but the reasoning for wanting to avoid it does. But in the end, it's still a deterrent.
*Of course, getting paid is never that precise, but you get the idea. I've certainly wasted more than that writing this response, to an AC no less.
If you see a lock icon in your browser, you're expecting traffic to be secure. If some of your traffic is over http, not all of your traffic is secure. If that http content is third-party, you're entirely at their mercy - but that's just as true for https third-party content. XSS works just fine over HTTPS.
Maybe browsers should support some sort of directive to disable the warning for certain types of resources (CC#s I care about, stylesheets not so much), but as of now that's not an option.
No, that's not the case. If it says https in the URL, all resources displayed on that page must also come in over https unless you enjoy the warnings. It's possible there's an exception for iframes (I'd have to test) but I don't think so.
Plus, by including content that you don't control, you're giving a third party a potential attack vector. What if a rogue Googler dropped an exploit into ga.js? 90% of the internet would go berserk, https or otherwise.
Wha? You can send caching headers in https requests, and CDNs can still keep content close to the edge. I'm 100% SSL (finance industry) and getting stuff stuck in browser caches that shouldn't be is always a problem. I've even seen odd stuff like Safari using a locally cached version of a *completely different file* because it somehow thought it was the same (minified CSS, where the filename itself - not a querystring - was timestamped with the time of last change). Cacheable, cookieless (sub)domains are standard practice everywhere, but it still needs to be served over https unless you want big scary warnings in your users' browsers.
Of course, you're going to screw up squid servers, but that's another matter entirely. I for one am not a huge fan of having yet another centralized, easily-monitored machine that all my traffic goes through.
I agree that Facebook users don't generally care about privacy (rather defeats the purpose of the site, no?). But session sidejacking attacks they most certainly would care about, if they understood the risk. It's that "Oh shit, I left my facebook logged in on the library computer" thing, except that it's an active attack, probably malicious (most people that just want to screw with their friends a bit aren't technical enough to find and install a firefox extension like this).
Getting all of FB on HTTPS would be quite unpleasant though. Not only do all of their load balancers need 100% of their traffic secured (plenty of overhead), but so does all of their CDN content, which is billions of images among the usual stylesheets and js. Plus their apps, which is all based on third-party content. Good luck getting a hundred thousand third-party programs running over https, when half of them are probably vulnerable to xss or sql injection attacks.
Putting something in the TOS to "not [be] underhanded" is, in itself, being underhanded. Or perhaps you're that one non-crawler in my server logs with the request to/about/terms, in which case I take that back.
It's a fairly complex storage mechanism, designed to get around a user's preferences. In the wrong hands, it's very dangerous. I'd certainly call it closer to malware than, for example, the recent iPhone jailbreaks - which are so kind as to patch the security flaw that let the software run in the first place. Yet by your reasoning, jailbreaking is malware and evercookies are harmless. If you think that ad retargeting (ads that basically follow you around the web) is creepy, wait until they know with 100% certainty that you're a known user in some known demographic.
Gah, that should be 3.4x10^38, not 3.4x103^8. But you get the idea. Maybe once we get IPv6 deployed, we can work on getting superscript text to stay as such on the clipboard.
I think the number of IPv6 addresses is supposed to allocate something like 2^34 IPs per atom in the universe, or some equally absurdly large number. I think we'll be OK for a while if that's actually the case.
From Wikipedia:
The very large IPv6 address space supports a total of 2^128 (about 3.4×103^8) addresses—or approximately 5×10^28 (roughly 2^95) addresses for each of the roughly 6.8 billion (6.8×10^9) people alive in 2010.[13] In another perspective, this is the same number of IP addresses per person as the number of atoms in a metric ton of carbon.
They spent HOW long advertising those free-or-highly-subsidized digital converter boxes and people still threw away perfectly functional TVs?
Regardless, no. Both WinXP (unless you're seriously out of date on your software updates) and OS X 10.5 support IPv6 just fine. Of course that's separate from hundreds of badly-coded apps that somehow shoehorned themselves into the IPv4 stack, but that's hardly OS-dependant.
If databases were implemented correctly, they'd take care of the load distribution themselves. Of course we'd all still be perfectly capable of writing stupid queries, but a lot of the bullshit we have to deal with when it comes to databases stems from rotational hard drives being so ill-suited to the random seeks that databases are so useful for.
As far as I'm concerned, running your database on solid-state drives just amounts to a bug-fix in the database software. Stuff like data denormalization, avoiding joins, and sharding are effectively hacks around bugs, even if those bugs exist at a hardware level.
A quick check on some Cupertino real estate says that'll get you a home around 3500 sq. ft. on around 1/5 of an acre. Most land I saw in that price range was about 1/2 an acre. I expect commercial real estate is significantly higher.
That's just the nature of flat subscriptions, and insurance in general - the people that rarely or never use it end up subsidizing the heavy users. Same with any other kind of insurance. With my driving history, paying for insurance has been as useful as simply burning that money. But should I ever be in a situation where I need it, my previous payments in addition to the payments of others who are not actively benefitting from the service will cover what otherwise would have amounted to a massive cost to me.
This is a bit different since a fire will always cause a good amount of damage if it's to the point where you can't handle it with a kitchen fire extinguisher - enough that you'll almost certainly be making a claim with your homeowner's insurance company, so it's really a cost on top of a cost. As you say, it would make more sense for the insurance company to cover that $75 fee and bundle it into the costs. But if you're really going to miss that $6/month when it comes to protecting your single most valuable asset...
Interesting. The IKEA I frequent (Palo Alto) also has 8 self-checkout lines, but they're reasonably well staffed (so people too dumb to use them still move through reasonably quickly). More to the point, the machines actually work. I can use the hand scan-gun and run through items as quickly as I can find barcodes, which may not be as fast as an employee since they know where to look but is certainly faster than the usual 5-second-per-item delay that you get with the self-checkout terminals. I assume this is because they've disabled the weight checking. The slowest part tends to be the actual purchase process - their "hit cancel on the keypad to run this as credit" always confuses the hell out of people. They do have plenty of normal checkout lanes too, so the self-checkouts aren't horribly overcrowded.
Yes, I've been to the local IKEA a couple of times.
My experience is also the total opposite at Home Depot. All-time, I probably have about a 40% trouble-free checkout rate there. Their stupid weight sensors never pick up on stuff like small bags of screws, etc. Honestly, who would bother stealing an 80 item? Likewise on most grocery stores.
Slashdot Mirror
It's actually RockMelt (lowercase "L", not capital "I"). Not that it makes a damn bit more sense, but it at least explains their icon.
Good email systems *allow* you to block content. Big difference.
Tell that to the parents that have been arrested because their three year old kid ran into the camera frame while running around naked on a camping trip. Or bath-time photos, etc. You know, all of that stuff that nobody would have thought twice about a decade ago. It can now very easily completely destroy your life, even if you're found not guilty (hell, even if charges are never pressed).
I also believe that airport security has been completely unreasonable for at least the past few years. What's currently happening makes me feel like I'm living in some sort of twisted In Soviet Russia joke (but I'll be sure to let the whole security line know that I normally have to pay extra for the happy ending, and thanks for the great service - might as well make the fondling guards equally uncomfortable).
You can fit usually 4 2.5" drives in the space of a 3.5" drive, if you mount them sideways. A special enclosure that routes the drive connectors around the back might make that feasible. Similarly, you could fit twenty* or so of those Macbook Air "blade" SSDs in an appropriate enclosure, giving you 5TB of SSD in the same space of a 2TB spinning disk at current densities. Build in some sort of native RAID5-like controller (hopefully more Drobo-esque with the drive-swapping abilities) and you've really got a killer storage device.
* a 3.5"HDD is ~100mm wide, the 256GB SSDs are 3.7 mm. Figure a little breathing room plus the physical space for the enclosure (mounting screws,etc) and I figure an average of about 5mm/drive. Maybe that's too dense, but you get the general idea.
Well, RAM is going to be at least an order of magnitude faster (probably closer to two OOM) if you can find a fast enough bus for it (assuming you mean ramdisks as some sort of probably PCIE-based breakout board, rather than some software-based partition which will get the full speed). Depending on what you're doing, that could be easily worth the extra cost. Anything where you're looking for the performance of a memory-based database table without the actual limitations of using a MEMORY table comes to mind.
Google Voice is NOT a VoIP service (at least not the part you interact with), so using it from anything other than the iPhone would be rather difficult. Unless you wanted to use your iPod Touch/iPad as a remote control of sorts to have GV dial out through your home landline. It's akin to asking why there's no phone app on the iPod Touch. Or any other internet-connected, non-phone device out there for that matter.
Well, yes and no. Part of the reason that the rich are rich is because they don't frivolously spend money. They can easily do cost/benefit risk analysis. Say the fine is $1000/infringement. At $1/song, that means it's only worth it to steal it if you expect to be caught less than one in a thousand times.
Except it's not that simple. Rich people value their time. Spending time in court is not something they want to do, and it's time they aren't spending doing something productive. Let's say that if you're caught, you spend a day in court. If they value their time at $200/hr (which is probably low, all things considered), then that $1000 becomes $2600. Plus the headache, paperwork, etc. Even with a chance of getting caught approaching zero, it's worth a dollar as insurance to avoid any potential mess, never mind that $1 as a % of wealth is absurdly low. Heck, it's worth the dollar if it saves them literally just twenty seconds searching on the pirate bay.*
The amount of harm that a fine does directly doesn't change, but the reasoning for wanting to avoid it does. But in the end, it's still a deterrent.
*Of course, getting paid is never that precise, but you get the idea. I've certainly wasted more than that writing this response, to an AC no less.
If you see a lock icon in your browser, you're expecting traffic to be secure. If some of your traffic is over http, not all of your traffic is secure. If that http content is third-party, you're entirely at their mercy - but that's just as true for https third-party content. XSS works just fine over HTTPS.
Maybe browsers should support some sort of directive to disable the warning for certain types of resources (CC#s I care about, stylesheets not so much), but as of now that's not an option.
No, that's not the case. If it says https in the URL, all resources displayed on that page must also come in over https unless you enjoy the warnings. It's possible there's an exception for iframes (I'd have to test) but I don't think so.
Plus, by including content that you don't control, you're giving a third party a potential attack vector. What if a rogue Googler dropped an exploit into ga.js? 90% of the internet would go berserk, https or otherwise.
if (!user.subscribed && request.protocol == 'https') header('Location: http://slashdot.org/current/path');
Not terribly complicated in psuedocode. Even in the perl scripts in which slashdot is kludged together, it can't be that bad.
Dunno what you're talking about... we're 100% SSL and have no warnings. Here are the headers sent for a request to one of our images:
Cache-Control:max-age=315360000, public
Connection:close
Date:Thu, 28 Oct 2010 06:55:53 GMT
Expires:Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified:Thu, 28 Oct 2010 02:20:20 GMT
You only get the scary browser warnings by letting some http content slip through when the main page request is https.
Wha? You can send caching headers in https requests, and CDNs can still keep content close to the edge. I'm 100% SSL (finance industry) and getting stuff stuck in browser caches that shouldn't be is always a problem. I've even seen odd stuff like Safari using a locally cached version of a *completely different file* because it somehow thought it was the same (minified CSS, where the filename itself - not a querystring - was timestamped with the time of last change). Cacheable, cookieless (sub)domains are standard practice everywhere, but it still needs to be served over https unless you want big scary warnings in your users' browsers.
Of course, you're going to screw up squid servers, but that's another matter entirely. I for one am not a huge fan of having yet another centralized, easily-monitored machine that all my traffic goes through.
I agree that Facebook users don't generally care about privacy (rather defeats the purpose of the site, no?). But session sidejacking attacks they most certainly would care about, if they understood the risk. It's that "Oh shit, I left my facebook logged in on the library computer" thing, except that it's an active attack, probably malicious (most people that just want to screw with their friends a bit aren't technical enough to find and install a firefox extension like this).
Getting all of FB on HTTPS would be quite unpleasant though. Not only do all of their load balancers need 100% of their traffic secured (plenty of overhead), but so does all of their CDN content, which is billions of images among the usual stylesheets and js. Plus their apps, which is all based on third-party content. Good luck getting a hundred thousand third-party programs running over https, when half of them are probably vulnerable to xss or sql injection attacks.
And having a stalled car at a busy intersection also can never be a good thing. Pick one.
Or get a bicycle. Which neither stalls nor burns fuel while stopped, though it's certainly impractical in that kind of weather.
Isn't that called... HTML5? Such as
<video>
<source src="file.mp4" type="video/mp4"/>
<source src="file.ogv" type="video/ogg"/>
<embed>fallback flash player</embed>
</video>
Putting something in the TOS to "not [be] underhanded" is, in itself, being underhanded. Or perhaps you're that one non-crawler in my server logs with the request to /about/terms, in which case I take that back.
It's a fairly complex storage mechanism, designed to get around a user's preferences. In the wrong hands, it's very dangerous. I'd certainly call it closer to malware than, for example, the recent iPhone jailbreaks - which are so kind as to patch the security flaw that let the software run in the first place. Yet by your reasoning, jailbreaking is malware and evercookies are harmless. If you think that ad retargeting (ads that basically follow you around the web) is creepy, wait until they know with 100% certainty that you're a known user in some known demographic.
Gah, that should be 3.4x10^38, not 3.4x103^8. But you get the idea. Maybe once we get IPv6 deployed, we can work on getting superscript text to stay as such on the clipboard.
I think the number of IPv6 addresses is supposed to allocate something like 2^34 IPs per atom in the universe, or some equally absurdly large number. I think we'll be OK for a while if that's actually the case.
From Wikipedia:
The very large IPv6 address space supports a total of 2^128 (about 3.4×103^8) addresses—or approximately 5×10^28 (roughly 2^95) addresses for each of the roughly 6.8 billion (6.8×10^9) people alive in 2010.[13] In another perspective, this is the same number of IP addresses per person as the number of atoms in a metric ton of carbon.
They spent HOW long advertising those free-or-highly-subsidized digital converter boxes and people still threw away perfectly functional TVs?
Regardless, no. Both WinXP (unless you're seriously out of date on your software updates) and OS X 10.5 support IPv6 just fine. Of course that's separate from hundreds of badly-coded apps that somehow shoehorned themselves into the IPv4 stack, but that's hardly OS-dependant.
If databases were implemented correctly, they'd take care of the load distribution themselves. Of course we'd all still be perfectly capable of writing stupid queries, but a lot of the bullshit we have to deal with when it comes to databases stems from rotational hard drives being so ill-suited to the random seeks that databases are so useful for.
As far as I'm concerned, running your database on solid-state drives just amounts to a bug-fix in the database software. Stuff like data denormalization, avoiding joins, and sharding are effectively hacks around bugs, even if those bugs exist at a hardware level.
Cost != price.
A quick check on some Cupertino real estate says that'll get you a home around 3500 sq. ft. on around 1/5 of an acre. Most land I saw in that price range was about 1/2 an acre. I expect commercial real estate is significantly higher.
So by their standards, it's a hell of a bargain.
That's just the nature of flat subscriptions, and insurance in general - the people that rarely or never use it end up subsidizing the heavy users. Same with any other kind of insurance. With my driving history, paying for insurance has been as useful as simply burning that money. But should I ever be in a situation where I need it, my previous payments in addition to the payments of others who are not actively benefitting from the service will cover what otherwise would have amounted to a massive cost to me.
This is a bit different since a fire will always cause a good amount of damage if it's to the point where you can't handle it with a kitchen fire extinguisher - enough that you'll almost certainly be making a claim with your homeowner's insurance company, so it's really a cost on top of a cost. As you say, it would make more sense for the insurance company to cover that $75 fee and bundle it into the costs. But if you're really going to miss that $6/month when it comes to protecting your single most valuable asset...
Interesting. The IKEA I frequent (Palo Alto) also has 8 self-checkout lines, but they're reasonably well staffed (so people too dumb to use them still move through reasonably quickly). More to the point, the machines actually work. I can use the hand scan-gun and run through items as quickly as I can find barcodes, which may not be as fast as an employee since they know where to look but is certainly faster than the usual 5-second-per-item delay that you get with the self-checkout terminals. I assume this is because they've disabled the weight checking. The slowest part tends to be the actual purchase process - their "hit cancel on the keypad to run this as credit" always confuses the hell out of people. They do have plenty of normal checkout lanes too, so the self-checkouts aren't horribly overcrowded.
Yes, I've been to the local IKEA a couple of times.
My experience is also the total opposite at Home Depot. All-time, I probably have about a 40% trouble-free checkout rate there. Their stupid weight sensors never pick up on stuff like small bags of screws, etc. Honestly, who would bother stealing an 80 item? Likewise on most grocery stores.