In order for Gravatar to work, the algorithm has to be publicly known. Which means every site uses the same salt (pointless) or each domain has its own salt, which can be determined from the referrer header (not only also pointless since a potential attacker knows what site they're on, but it would also make the service pretty much impossible to implement). The only other option would be two-way encryption with some sort of per-domain shared key, but given that most of the point of Gravatar is simplicity of implementation, that's just not going to happen.
Granted, those are basically very unsophisticated databases that just store lookup values, but it's relatively easy to bruteforce an MD5 hash down into one of the possible original strings (obviously with any algorithm that has a fixed output size with limitless inputs like MD5 there are infinite inputs that will hash down to a single md5sum, but when you're trying to get a valid email address out of a hash it's easy to pick the right one). Couple that with the fact that in this situation, you know that the entire string is lowercased and probably 60% of the gravatar emails (probably more like 90% actually) are going to come from one of four or five domains... reversal becomes quite easy. If you're bored, you could spin up a few Amazon EC2 or Rackspace Cloud Server instances to dump out some large tables. One each for gmail, yahoo, msn, aol, whatever else; it'd be a very simple script to make. You could probably cover every alphanumeric email address under 12 characters overnight, at a cost of about a dollar and ten minutes of scripting.
The thing to realize here is that gravatar doesn't md5 emails to hide them from people who want to obscure their identity, just to obscure them from spambots. So it's really a non-issue. If you're that concerned, leave your blog comments with a fake email address.
Most consumer GPSs are accurate to within several feet, and even the cheaper models now announce street names in addition to the distance to turn. Five years ago those were valid concerns, but not really today.
In my experience, road construction and other detours tend to be the biggest issue. But then again, I treat my GPS more like a road sign than a HUD, so I'm not too concerned about it distracting me.
That's assuming an equivalent product. The crunchpad is, as far as I'm aware, just a browser. While everything about Apple's future product is speculative, it's safe to assume it'll fit somewhere between iPhone and desktop OS (probably more iPhone-like) in terms of capabilities.
Yes, that comes down mostly to software differences. But it works to get people paying a premium for Macs which are using standard PC hardware, so no reason it wouldn't also work with a tablet.
The UI would be fine if a) it worked correctly cross-browser, or at least among standards-compliant browsers and b) the javascript that powers most of it wasn't some of the slowest ever written. Honestly, the whole lot of it could be replaced in about 5kb of code that works 10x better and 50x faster, in about two hours worth of work. Well, if half of slashcode hadn't been eaten by a grue years ago.
Under trademark law? Probably nothing. But he'd have been grossly negligent to be this far along in the development cycle without some sort of contract in place between himself (or TC) and Fusion Garage (I've heard that there were mostly verbal agreements in place, which wouldn't hold up in court, but Arrington is/was a lawyer and should know better). Presumably, something happened that would have been in breach of that contract and would constitute a valid lawsuit.
For what it's worth, plenty of people simply don't have the budget to deal with a shock month or two over the course of a year, even if it averages out to being cheaper overall.
> this begs for network infrastructure improvement that they are not willing > to do.
Are you prepared to pay for it?
The cell companies need to be if they intend to keep their customers. They certainly have the money - they're just choosing to spend it on corporate bonuses rather than improving their infrastructure and making their customers happy.
Unfortunately with a barrier to entry measured in the billions of dollars and enough red tape to cover a small country, they're not likely to get competition any time soon. Or else their failure to deliver what they advertise and promise would actually kill them. As it stands, they can get away with not reinvesting profits into improving infrastructure because their customers have no other options. Which sounds counter to my first point - and it is. But it sounds like the FCC is starting to get sufficiently annoyed, if only because their employees are having feeling the effects of the crappy networks as much as the rest of us. And what the lack of competition can give, the FCC can take away.
Then all the money you're no longer spending on booze must be part of the promotion!
But in all seriousness, on-call means different things to different companies. For some places, it means that your phone is on at all times and you'll answer it. For others, it means that you'll be expected to fix things via ssh at 2am if the need arises. And sometimes, it means showing up to the office in person. Know the expectations, because you'll probably either end up wasting a ton of effort going beyond the call of duty, or get fired for not going far enough.
Indeed - and for this reason, it's a "zoom" button rather than "maximize" (which is just being pedantic, but I figured it's worth pointing out). Anyways, when I first switched over to the Mac platform that drove me insane. After a couple of weeks I got used to the change, and after a couple more weeks found it far more useful than having a single window fill the screen. Since windows aren't taking more space than they need, it allows me to either have more windows visible (on a large monitor, anyways) or have at least some of the other apps I'm working with partly exposed so I can click to them more easily.
Of course, there are some situations where I want maximized windows for distraction-free work, but that's pretty limited in nature (reading or writing, in the English not code sense) and many of the apps that are very text-heavy have the zoom button do a typical maximize for that precise reason.
And still, if it bothers you that tremendously, you can always drag the window to the full screen size.
And if you look at the iPhone's top grossing apps*, you'll see an average price of $30.69 with 3 of the 10 at or above $79.99 (all GPS apps, the rest with one exception are games). If you went through the top 25 that drops to $14.55, which is not insignificant.
For what it's worth, I've bought more titles for my iPhone than any other gaming platform; quite possibly more than all of them combined. Plenty were free and not all were games, but apps that cost only a few bucks are certainly less of a gamble than games ranging from $30-60+. Overall, people do tend to pay less for iPhone apps than most other platforms, but they also pay for more of them. And with a huge audience, that lower price can be made up for in volume. I don't know whether that works out better for publishers overall, but that's at least a slightly different discussion.
*As of posting, according to the App Store's built-in top grossing list
Many facebook games (Farmville included) have eliminated the need for gold farmers by selling the currency (or other in-game items) themselves. In fact, it's one of if not the largest revenue stream for many of them, in addition to ad sales. They figured out what Blizzard et al haven't - people are willing to pay cash for game currency, so it might as well be the game developers who are doing the selling.
You probably should be able to - both games are run by the same company.
Of course, you should also be able to order hits on all of your friends playing FarmVille, so this cross-game thing may not be the best idea after all.
If competition keeps the price down, then why does the cost of sending a text message keep increasing? And - what a surprise! - these rates all seem to increase very close to the same time and by the same amount across all carriers.
It's price fixing, plain and simple.
I'm a strong believer of the concept of a free market, but I'm also quick to acknowledge that as companies increase in size and power (and more importantly, buy up their competition), they need at least some level of regulation. If telcos were actually competing, then yes - prices would drop (texting probably to free; I think unlimited voice and data would end up somewhere in the $30-40/mo range), but between inconsistent service and two-year subsidy contracts it simply doesn't happen.
Think about it - if a smaller wireless provider offered much cheaper plans, would you switch? Could you switch? I'm currently going month-to-month on my iPhone plan via AT&T. T-Mobile offers a slightly better plan than what I have now for the same price (+50 minutes, unlimited texting, and I assume the unlimited data is 3G - overall, this is of no benefit to me), but my handset is locked and their coverage is worse than AT&T's (though since it's the same frequency I should be able to roam and get the same service). I refuse to do business with Verizon, but I know their plans are more expensive than what I have now - and generally with fewer features. Sprint's closest equivalent is an extra ten bucks a month (less than the cost of adding unlimited texting to my current plan, but that would go unused; extra minutes are also a truly obscene 45 per, not that I use a tenth of what I have now).
Point being that what's presented as competition really isn't, since there are so few options and they all seem to collude with each other. True competition DOES bring about either lower prices or improved service, and in the long run generally a combination of both (and in the cellular industry, we clearly have neither). I think the FCC stepping in and applying some smackdown might help - there was at least some improvement starting in the mid-80s until all the baby bells started buying each other back up. If they were any more free, they'd end up merging solely into AT&T and Verizon (eating up their respective competition that share networks/frequencies), and one of them would eventually buy the other as we grow into a unified 4G network and start abusing that monopoly like it's nobody's business.
That's not uncompressed, that's just not double-compressed. That being said, the studios probably send out a signal that's compressed just enough to get it down to a reasonable size while avoiding any crazy-obvious artifacting. As noted above, uncompressed HD takes a truly absurd amount of bandwidth (1920x1080x3x24 Bps ~ 142MBps ~ 1.1Gbps, and that's just for 24p material - multiply by 2.5 for 60p. Give or take, as video has all sorts of weird formatting stuff that math doesn't account for)
How so? If a company banned me from a subscription service, the LAST thing I would do is go out and buy new hardware so I can continue paying monthly fees. Anyone that would do otherwise either has way too much disposable income or needs to get their head on straight.
And the fact that I'm not running a company doesn't change the fact that everyone who is running a company only offers one-sided, unfair, and unconscionable TOSs. And it doesn't change the fact that an individual's choice to "not give this company any money" will not change TOSs one bit unless every consumer decides to stop consuming anything and everything.
That's simply not true, provided that you make your reasons clear to the company. Of course when you're dealing with companies as monolithic as Microsoft it's easy to feel ignored. But you get ten thousand people who cancel their Xbox Live subscriptions and indicate their reasons for doing so, MS will start to listen. I'm not talking about signing an online petition, but actually sending an email (or, gasp!, a letter) to Redmond. Obviously this applies beyond MS/XBL, and the number of people needed to make change is proportional to the total number of users. But even a tenth of a percent is going to get at least some notice.
Hell, companies are starting to get a lot more helpful simply by having your complaints reaching a large audience. Whining on your blog (do people still blog?) isn't going to get much done these days, but Twitter seems to be the latest trend in making at least a vague attempt at improving customer satisfaction. Got me a call from customer service and a $10 refund when trying to go through normal email support was a dead-end. (Of course, I'm certainly not impressed that I have to complain in front of hundreds of people to get one to actually help me out, but it DID get me the result I wanted)
Also, for what it's worth, the reason TOSs are so absurd is because companies have to cover their asses against every situation that's ever been tested in a court of law. 95% of that stuff is generic boilerplate that's been refined to legal perfection, and that same 95% will go unused by 99% of the companies in 99% of the situations. What their intentions are and what has to get covered in the TOS to keep the lawyers happy are pretty much unrelated.
At the end of the day, companies want your money. If you tell them why they can't have it and/or what they can change to get it, they'll listen. But if all you do is cry in a corner about it, you'll accomplish absolutely nothing.
They're already scanning your email to build up an advertising profile of you. They may lose out on a couple of ad views when in offline mode, but the extra data they're provided by you continuing to use their service instead of switching to a competitor is more than worth it.
Having all of the goods together like that would also make them more of a target. And it would leave a hell of a mess behind, since you now have armed guards going against pirates who stockpiled weaponry for the big heist.
Slashdot Mirror
In order for Gravatar to work, the algorithm has to be publicly known. Which means every site uses the same salt (pointless) or each domain has its own salt, which can be determined from the referrer header (not only also pointless since a potential attacker knows what site they're on, but it would also make the service pretty much impossible to implement). The only other option would be two-way encryption with some sort of per-domain shared key, but given that most of the point of Gravatar is simplicity of implementation, that's just not going to happen.
I disagree.
Granted, those are basically very unsophisticated databases that just store lookup values, but it's relatively easy to bruteforce an MD5 hash down into one of the possible original strings (obviously with any algorithm that has a fixed output size with limitless inputs like MD5 there are infinite inputs that will hash down to a single md5sum, but when you're trying to get a valid email address out of a hash it's easy to pick the right one). Couple that with the fact that in this situation, you know that the entire string is lowercased and probably 60% of the gravatar emails (probably more like 90% actually) are going to come from one of four or five domains... reversal becomes quite easy. If you're bored, you could spin up a few Amazon EC2 or Rackspace Cloud Server instances to dump out some large tables. One each for gmail, yahoo, msn, aol, whatever else; it'd be a very simple script to make. You could probably cover every alphanumeric email address under 12 characters overnight, at a cost of about a dollar and ten minutes of scripting.
The thing to realize here is that gravatar doesn't md5 emails to hide them from people who want to obscure their identity, just to obscure them from spambots. So it's really a non-issue. If you're that concerned, leave your blog comments with a fake email address.
Most consumer GPSs are accurate to within several feet, and even the cheaper models now announce street names in addition to the distance to turn. Five years ago those were valid concerns, but not really today.
In my experience, road construction and other detours tend to be the biggest issue. But then again, I treat my GPS more like a road sign than a HUD, so I'm not too concerned about it distracting me.
I take it you hate PHP because there are a lot of lousy coders using it, too?
I'll agree that the licensing is muddy, but everything else you troll about is the result of using the tool wrong.
That's assuming an equivalent product. The crunchpad is, as far as I'm aware, just a browser. While everything about Apple's future product is speculative, it's safe to assume it'll fit somewhere between iPhone and desktop OS (probably more iPhone-like) in terms of capabilities.
Yes, that comes down mostly to software differences. But it works to get people paying a premium for Macs which are using standard PC hardware, so no reason it wouldn't also work with a tablet.
32, obviously. Someone forgot to convert out of binary.
The UI would be fine if a) it worked correctly cross-browser, or at least among standards-compliant browsers and b) the javascript that powers most of it wasn't some of the slowest ever written. Honestly, the whole lot of it could be replaced in about 5kb of code that works 10x better and 50x faster, in about two hours worth of work. Well, if half of slashcode hadn't been eaten by a grue years ago.
I haven't gotten mod points in quite a while either. That's why it's successful!
Wait a second...
Under trademark law? Probably nothing. But he'd have been grossly negligent to be this far along in the development cycle without some sort of contract in place between himself (or TC) and Fusion Garage (I've heard that there were mostly verbal agreements in place, which wouldn't hold up in court, but Arrington is/was a lawyer and should know better). Presumably, something happened that would have been in breach of that contract and would constitute a valid lawsuit.
For what it's worth, plenty of people simply don't have the budget to deal with a shock month or two over the course of a year, even if it averages out to being cheaper overall.
> this begs for network infrastructure improvement that they are not willing
> to do.
Are you prepared to pay for it?
The cell companies need to be if they intend to keep their customers. They certainly have the money - they're just choosing to spend it on corporate bonuses rather than improving their infrastructure and making their customers happy.
Unfortunately with a barrier to entry measured in the billions of dollars and enough red tape to cover a small country, they're not likely to get competition any time soon. Or else their failure to deliver what they advertise and promise would actually kill them. As it stands, they can get away with not reinvesting profits into improving infrastructure because their customers have no other options. Which sounds counter to my first point - and it is. But it sounds like the FCC is starting to get sufficiently annoyed, if only because their employees are having feeling the effects of the crappy networks as much as the rest of us. And what the lack of competition can give, the FCC can take away.
Then all the money you're no longer spending on booze must be part of the promotion!
But in all seriousness, on-call means different things to different companies. For some places, it means that your phone is on at all times and you'll answer it. For others, it means that you'll be expected to fix things via ssh at 2am if the need arises. And sometimes, it means showing up to the office in person. Know the expectations, because you'll probably either end up wasting a ton of effort going beyond the call of duty, or get fired for not going far enough.
Indeed. But it was early employee Paul Buchheit that came up with the term, not Brin.
It's only price fixing if they all go up in price to/by the same amount at the same time (see: text messaging).
Indeed - and for this reason, it's a "zoom" button rather than "maximize" (which is just being pedantic, but I figured it's worth pointing out). Anyways, when I first switched over to the Mac platform that drove me insane. After a couple of weeks I got used to the change, and after a couple more weeks found it far more useful than having a single window fill the screen. Since windows aren't taking more space than they need, it allows me to either have more windows visible (on a large monitor, anyways) or have at least some of the other apps I'm working with partly exposed so I can click to them more easily.
Of course, there are some situations where I want maximized windows for distraction-free work, but that's pretty limited in nature (reading or writing, in the English not code sense) and many of the apps that are very text-heavy have the zoom button do a typical maximize for that precise reason.
And still, if it bothers you that tremendously, you can always drag the window to the full screen size.
And if you look at the iPhone's top grossing apps*, you'll see an average price of $30.69 with 3 of the 10 at or above $79.99 (all GPS apps, the rest with one exception are games). If you went through the top 25 that drops to $14.55, which is not insignificant.
For what it's worth, I've bought more titles for my iPhone than any other gaming platform; quite possibly more than all of them combined. Plenty were free and not all were games, but apps that cost only a few bucks are certainly less of a gamble than games ranging from $30-60+. Overall, people do tend to pay less for iPhone apps than most other platforms, but they also pay for more of them. And with a huge audience, that lower price can be made up for in volume. I don't know whether that works out better for publishers overall, but that's at least a slightly different discussion.
*As of posting, according to the App Store's built-in top grossing list
Many facebook games (Farmville included) have eliminated the need for gold farmers by selling the currency (or other in-game items) themselves. In fact, it's one of if not the largest revenue stream for many of them, in addition to ad sales. They figured out what Blizzard et al haven't - people are willing to pay cash for game currency, so it might as well be the game developers who are doing the selling.
This number reflects reported monthly active users. Or more accurately, monthly active accounts - plenty of those accounts share a single warm body.
You probably should be able to - both games are run by the same company.
Of course, you should also be able to order hits on all of your friends playing FarmVille, so this cross-game thing may not be the best idea after all.
If competition keeps the price down, then why does the cost of sending a text message keep increasing? And - what a surprise! - these rates all seem to increase very close to the same time and by the same amount across all carriers.
It's price fixing, plain and simple.
I'm a strong believer of the concept of a free market, but I'm also quick to acknowledge that as companies increase in size and power (and more importantly, buy up their competition), they need at least some level of regulation. If telcos were actually competing, then yes - prices would drop (texting probably to free; I think unlimited voice and data would end up somewhere in the $30-40/mo range), but between inconsistent service and two-year subsidy contracts it simply doesn't happen.
Think about it - if a smaller wireless provider offered much cheaper plans, would you switch? Could you switch? I'm currently going month-to-month on my iPhone plan via AT&T. T-Mobile offers a slightly better plan than what I have now for the same price (+50 minutes, unlimited texting, and I assume the unlimited data is 3G - overall, this is of no benefit to me), but my handset is locked and their coverage is worse than AT&T's (though since it's the same frequency I should be able to roam and get the same service). I refuse to do business with Verizon, but I know their plans are more expensive than what I have now - and generally with fewer features. Sprint's closest equivalent is an extra ten bucks a month (less than the cost of adding unlimited texting to my current plan, but that would go unused; extra minutes are also a truly obscene 45 per, not that I use a tenth of what I have now).
Point being that what's presented as competition really isn't, since there are so few options and they all seem to collude with each other. True competition DOES bring about either lower prices or improved service, and in the long run generally a combination of both (and in the cellular industry, we clearly have neither). I think the FCC stepping in and applying some smackdown might help - there was at least some improvement starting in the mid-80s until all the baby bells started buying each other back up. If they were any more free, they'd end up merging solely into AT&T and Verizon (eating up their respective competition that share networks/frequencies), and one of them would eventually buy the other as we grow into a unified 4G network and start abusing that monopoly like it's nobody's business.
That's not uncompressed, that's just not double-compressed. That being said, the studios probably send out a signal that's compressed just enough to get it down to a reasonable size while avoiding any crazy-obvious artifacting. As noted above, uncompressed HD takes a truly absurd amount of bandwidth (1920x1080x3x24 Bps ~ 142MBps ~ 1.1Gbps, and that's just for 24p material - multiply by 2.5 for 60p. Give or take, as video has all sorts of weird formatting stuff that math doesn't account for)
How so? If a company banned me from a subscription service, the LAST thing I would do is go out and buy new hardware so I can continue paying monthly fees. Anyone that would do otherwise either has way too much disposable income or needs to get their head on straight.
And the fact that I'm not running a company doesn't change the fact that everyone who is running a company only offers one-sided, unfair, and unconscionable TOSs. And it doesn't change the fact that an individual's choice to "not give this company any money" will not change TOSs one bit unless every consumer decides to stop consuming anything and everything.
That's simply not true, provided that you make your reasons clear to the company. Of course when you're dealing with companies as monolithic as Microsoft it's easy to feel ignored. But you get ten thousand people who cancel their Xbox Live subscriptions and indicate their reasons for doing so, MS will start to listen. I'm not talking about signing an online petition, but actually sending an email (or, gasp!, a letter) to Redmond. Obviously this applies beyond MS/XBL, and the number of people needed to make change is proportional to the total number of users. But even a tenth of a percent is going to get at least some notice.
Hell, companies are starting to get a lot more helpful simply by having your complaints reaching a large audience. Whining on your blog (do people still blog?) isn't going to get much done these days, but Twitter seems to be the latest trend in making at least a vague attempt at improving customer satisfaction. Got me a call from customer service and a $10 refund when trying to go through normal email support was a dead-end. (Of course, I'm certainly not impressed that I have to complain in front of hundreds of people to get one to actually help me out, but it DID get me the result I wanted)
Also, for what it's worth, the reason TOSs are so absurd is because companies have to cover their asses against every situation that's ever been tested in a court of law. 95% of that stuff is generic boilerplate that's been refined to legal perfection, and that same 95% will go unused by 99% of the companies in 99% of the situations. What their intentions are and what has to get covered in the TOS to keep the lawyers happy are pretty much unrelated.
At the end of the day, companies want your money. If you tell them why they can't have it and/or what they can change to get it, they'll listen. But if all you do is cry in a corner about it, you'll accomplish absolutely nothing.
They're already scanning your email to build up an advertising profile of you. They may lose out on a couple of ad views when in offline mode, but the extra data they're provided by you continuing to use their service instead of switching to a competitor is more than worth it.
Having all of the goods together like that would also make them more of a target. And it would leave a hell of a mess behind, since you now have armed guards going against pirates who stockpiled weaponry for the big heist.