Yeah, PST files are great! I love when I get an email over the weekend using Outlook Web Access, and the email I need to use to respond is sitting on my desktop at work, not accessible through the Web Browser. It was even better when my hard drive failed and I couldn't get to any of that mail until IT had the time to restore those PST files from backups.
This is just another example of the flawed logic of Windows users. That the desktop machine is the right place to store useful data. It makes for horrible loss in productivity when using multiple computers, inside or outside the office.
<rant> Where I work, I often have to work in a lab room, away from my desktop. Rather than set up every lab computer the way I like to work, I end up Remote Desktop-ing to my office computer. This worked okay until the day my drive failed. When I got the computer back I spent nearly a week re-installing applications and still haven't spent the time to get my environment back the way I like it. It's just such a shame to be so tightly tied to a particular piece of hardware in this day. I'm pretty sure Windows provides some type of roaming profile thing to fix part of this, but they really need to get more server-centric and figure out how to execute compiled applications that live on another machine. That way I wouldn't have to install Vim, IAR, Xilinx, and Modelsim on every new lab machine I sit at. </rant>
"The fastest changing field is generally considered to be software engineering"
That can't possibly be true. Not that I have any proof that it isn't, but it just doesn't sound plausible.
In the hardware design world, things have been changing by leaps and bounds. The languages used at the front end don't change much, it's still mostly VHDL and Verilog. But, simulation and synthesis tools have become significantly better over the years, utilizing the leaps in computing power to efficiently speed up development time. Just 5 years ago, synthesizing and routing a 2 million gate Xilinx was an all-night task. This can now be done in an hour or less. On the other hand, mixed-signal ASIC layout is still measured in days and will continue to benefit from increased computing speeds for a long time. Also, with mixed-signal ASICs, simulations typically must be run for quite a while to show processing of human-speed data, like speech or video. Simulations today still have about 1:1000 efficiency, since it normally takes at least one second to simulate 1ms. So for my job, no, productivity hasn't peaked. And it won't until I can synthesize and/or simulate complex designs in seconds.
No, I wasn't directing that towards anyone in particular. I was more directed to the series of comments below yours, but there were a few different threads, so I replyed to your level rather than picking one. Perhaps a bad idea.
Yeah, I was being a bit defensive to your repliers (and others) who were SUV bashing.
I think everyone here is forgetting that a lot of people buy Sports Utility Vehicles for the Utility aspect. I don't think I know anyone who owns an SUV for the safety aspect. For example, I drive a Honda Ridgeline (which they refer to as a Sports Utility Truck, SUT, but I think most put in the SUV bracket). I use it to bring home wood and drywall for my house projects, carry my motorcycle (which I commute with for the mileage) around when it breaks down or needs maitenance, and to drive to work in the snow when I can't use the bike. For me, my large 16mpg vehicle is all about utility. I think that's likely true for most SUV owners.
A friend luggs around his search & rescue gear in the back of his. Another carries his mountain bike that he uses almost daily, and it would be stolen in the city if it were on a car bike rack. Other people probably find themselves carrying home furnature from antiques shops and such. Also, many SUVs today can seat more than 5 people, which may be another valid reason to own one. Granted the some of these examples could be accomplished with a minivan, but no kidless 30-something wants to drive a damn minivan.
When you move out of your mothers basement and own a home or get hobby (other than gaming), you may find you have a need for some utility in your vehicle also.
That's just another of the myth surrounding fingerprint readers. The reality is that a severed finger or hand has drastically different electrical properties than a live one, as well as a sort of deflation problem that makes it tough to get good print anyway. With anti-spoofing techniques like complex impedance, optical dispersion, and pulse (pressure) monitoring, the use of a corpse finger becomes detectable. That's probably little consilation to the security guard whose finger was just chopped off though. Remember too that a fingerprint reader is just detecting the presence of something you have. As with RFID or magnetic cards, this should be coupled with a pin or password.
Most readers cannot be spoofed with Play-Doh[tm] anymore, but many are now susceptable to foil spoofs. There are some pretty interesting anti-spoof techniques being developed by some of the big players these days. I really think in a couple more years, fingerprint reader anti-spoof will be pretty tight and secure. If only patents didn't get in the way of merging concepts together, anti-spoof would be much further along.
The types of rolled ink fingerprints captured for security clearance purposes, and used in IAFIS, are very different from how a fingerprint reader at a door would work. Door lock fingerprint readers are generally pretty good about being insensitive to such issues. Most use some type of capacity array to read your print beyond your first layer of skin, so that things like scrapes, dust, etc are not factors. Some use optical arrays, which are pretty horrible though.
I'm not advocating using fingerprint readers as a single source of security though. The technology isn't really quite there yet, but there's been a lot of progress in recent years. Even with a perfect non-spoofable fingerprint reader, to be really secure there has to be the "what you know" aspect used in conjuction.
Re:Seems an obvious patent
on
Talking iPods
·
· Score: 1
And the fact that it took someone all of 21 minutes to think of that demonstrates just how obvious it is.
I lived in Melbourne FL for the last couple years. The newer neighborhoods there mostly do have buried power lines, but the main grid is above ground. One reason I heard for this is that being so close to sea-level is an issue for buried lines, so they only do it in small areas that are high enough. Even then, everyone has to have a green box on their front yard for the juctions that can't be submerged in the wet ground.
Another consideration is that reparing downed lines doesn't take all that long or even cost all that much. The real costs from storm damage, with regard to power, is replacing blown transformers and juctions. These things would still be above ground, and still be blown regardless if the lines were above or below ground.
The city isn't supposed to be looking for a profit from the parking meters. Meters are typically priced to balance between just enough to annoy you and make you not park too long, and enough to cover the cost of maintaining and patrolling the meters. The way the city benefits from the meters is that they induce more flow throughout the streets, helping businesses see more customers because there is a place to park and run in. The city gets the tax benefits of the boost in consumer business.
He gave "have him holy hell about vandilizing" his car with the chaulk. So, it isn't about the guy doing his job, is about the method that was employed. How is it okay for the meter person to draw on your tires like that? If I spent time cleaning my tires and wheels just to have chaulk on them for NOT VIOLATING anything, I'd be miffed also. Granted, I'd probably just forget about, but I understand where the GP's comming from.
In Boston, they use the big yellow locks on the wheels (can't recall the name) for serious parking offenses. That kinda bugs me too because they must really destroy the wheels. Gives me real incentive to just use a gargage.
So, you're giving credit for the Alpha to HP? Hmmm, that might get some people in Shrewbury miffed.
Re:Or as the rest of the computing world describes
on
Linux Annoyances For Geeks
·
· Score: 2, Insightful
You missed his point. He isn't saying that being "done" makes something a Product, but that being together and ready to use does. To continue his analogy, when you buy a car, you're handed a key. If that car were some linux distros, you'd be handed a large box of parts and told there's a manual online somewhere to put it all together, and no key.
Okay, since I know that slashdotters are such big fans of the Trusted Computing Platform concept....
Lets have a trusted perifrial, say a fingerprint sensor, that can return a password or print directly to the platform, encrypted by a session key based on a previously established root of trust from boot. Then, the dialog box simply needs to instruct the user to authenticate itself to the system, without that dialog ever getting to see the authentication data.
All this leaves is the possibility that some malware will get the user to authenticate and run it, but at least it won't be able to capture the authentication data and its authorized session would eventually expire.
This could also work with a trusted keyboard that has an indicator light to show the user when it is in trust mode. This indicator light would be controllable only by the hardware TPM and thus the user couldn't be fooled into giving his password to a piece of software.
Note: I'm not trying to pass this off as my original idea. Just illustrating that the Trusted Computing Platform concepts do make some sense.
So, what happens when a malware program copies that "slick gui that (sudos or sus???) and asks for a password"? That malware program can now go ahead and do anything it wants. I've used both RedHat and Ubuntu and they both have a similar concept. While I'm a fan of Ubuntu, I think this slick gui concept is timebomb.
For now, I think the best practice is to open the command line and use the sudo command manually. That way, you know exactly what program is asking for your password.
Windows users would say they can do this by shift-right-clicking and using Run-As. But, a new dialog box is envoked to ask for your password, which introduces a possible hole IMHO.
I use Ubuntu on one of my machines at home and the sudo password prompt dialog scares me a bit. It's not a real concern now as I'm always expecting it to show up when it does, and I consider myself to know what I'm doing. But it would seem easy to me that a program could use a look-alike dialog box to fool a user into typing thier password. Then, that program could sudo anything it wants.
So, how is the user supposed to authenticate the dialog box that's asking for the password? The only means I see right now is whether you expected it or not, but I don't think that works well for beginners.
I really don't think any designer would be some dumb as to implement things such that you can't even channel surf. They would probably only freeze on the commercial if a timer indicates that you've been watching that channel for a prescribed amount of time. The point of this is to make you watch the commercial because you watched the show. The obvious implementation involves making sure you actualy are watching the show.
In the context of his issues, not really. His main problem seemed to be that he was humiliated at school and on the street, both of which are local. So, the fact that the rest of the world knew about didn't add much. Now, if he had been forced to "drop out of the world" or "drop out of the internet", that would be different.
I agree with the use-it-or-lose-it concept. IMO, getting a patent shouldn't require a product. Patents are supposed to be about ideas. But, a company should be required to show that they are at least in development of a realization before being able to sue someone for patent infringement. Of course, the problem there would be defining "development". Is working on it one day month enough?
Additionally, a company with no marketed product of their own should never be allowed to get an injunction against someone else's product.
For me, the value has nothing to with getting more of anything, in fact my OTA HDTV gives me much less than cable, and generally nothing additional than I already have on my cable. The value is that I personally enjoy watching the shows I like with a better picture and digital suround sound. Call me nuts, but after spending ~12 hours on the computer at work with my mind racing to create hardware designs, I typically enjoy a couple hours zoning out in front of a TV. That said, I like my experience to be the best it can, especially if it's free or for a small one-time cost (the cost of the HDTV tuner rolled into the price of my TV)
As far as the savings, I really don't give a shit. I could also spend my entire evening with no lights nor heat and save money that way. But, I choose to endulge in the modern luxuries, and am even willing to pay for it.
So, that must mean you've never acutally watched HDTV signals on an HDTV set. If you had, there's no way you would think it is not perceptibly different.
I currently have a tv with built-in HDTV tuner and a plain-old VHF antenna. I also have cable from comcast. Whenever I can, I watch over-the-air HDTV instead of the cable (which I'm paying for) just because the quality is so much better.
(Why do I pay for cable then? 2 reasons, bundled with internet service, it's pretty cheap, and I get more stations than currently available over-the-air)
Getting out of sync isn't an issue. Anything that uses rolling codes generally creates look-ahead codes to prevent this. This is how current garage door openers handle the accidental hitting of the transmitter button when out of range.
Not if you use a decent finger print sensor. Many companies offer very affordable sensors that are very secure. Aside from unpopular optical scanners, most use passive of active capacitive technology to read the finger print in a manner that is very difficult to spoof with a lifted print (granted, it has been done, but it usually takes a professional in a controlled lab and a cooperative victim). Some use technology that reads into the sub-surface layer to read your true finger print. Therefore, they can't be spoofed easily like an optical scanner, and they can read you print in the presense of dirt, cuts, abraisions, etc. Some also use other techniques to determine that the material presented is a human finger, but some of that is not public.
(Disclaimer: I used to work for a finger scanner company)
Typically, locks like this are supposed to be adding convenience more than security. Here they have done niether.
I go from having to carry a small, lightweight key to a larger, heavier one. I have to enter a pin on the key. This takes two hands probably, while I'm carrying who knows what. Then, I have to hold the key up to the door for some time. They've added steps, required a second hand, and made what I carry heavier. Also, they key has active circuitry, so I probably have to leave it with my towel if I want to go swimming (I don't like this fact about modern car keys also)
Why do I say it isn't any more secure?
They seem to be confusing a basic priciple of increasing security. They've managed to create a system which uses two authentications, what you have, and what you know. This is good, but then they tied the two together, eliminating the benefit. The what you have is the key, the what you know is the pin. The place they went wrong is putting the "what you know" into the "what you have". In the end, it comes back down to "what you have" (a knocking key that is activated). The only minor way they may have increased security is by hiding the mechanical interface, assuming you don't keep that as a backup.
Slashdot Mirror
Yeah, PST files are great! I love when I get an email over the weekend using Outlook Web Access, and the email I need to use to respond is sitting on my desktop at work, not accessible through the Web Browser. It was even better when my hard drive failed and I couldn't get to any of that mail until IT had the time to restore those PST files from backups.
This is just another example of the flawed logic of Windows users. That the desktop machine is the right place to store useful data. It makes for horrible loss in productivity when using multiple computers, inside or outside the office.
<rant>
Where I work, I often have to work in a lab room, away from my desktop. Rather than set up every lab computer the way I like to work, I end up Remote Desktop-ing to my office computer. This worked okay until the day my drive failed. When I got the computer back I spent nearly a week re-installing applications and still haven't spent the time to get my environment back the way I like it. It's just such a shame to be so tightly tied to a particular piece of hardware in this day. I'm pretty sure Windows provides some type of roaming profile thing to fix part of this, but they really need to get more server-centric and figure out how to execute compiled applications that live on another machine. That way I wouldn't have to install Vim, IAR, Xilinx, and Modelsim on every new lab machine I sit at.
</rant>
"The fastest changing field is generally considered to be software engineering"
That can't possibly be true. Not that I have any proof that it isn't, but it just doesn't sound plausible.
In the hardware design world, things have been changing by leaps and bounds. The languages used at the front end don't change much, it's still mostly VHDL and Verilog. But, simulation and synthesis tools have become significantly better over the years, utilizing the leaps in computing power to efficiently speed up development time. Just 5 years ago, synthesizing and routing a 2 million gate Xilinx was an all-night task. This can now be done in an hour or less. On the other hand, mixed-signal ASIC layout is still measured in days and will continue to benefit from increased computing speeds for a long time. Also, with mixed-signal ASICs, simulations typically must be run for quite a while to show processing of human-speed data, like speech or video. Simulations today still have about 1:1000 efficiency, since it normally takes at least one second to simulate 1ms. So for my job, no, productivity hasn't peaked. And it won't until I can synthesize and/or simulate complex designs in seconds.
No, I wasn't directing that towards anyone in particular. I was more directed to the series of comments below yours, but there were a few different threads, so I replyed to your level rather than picking one. Perhaps a bad idea.
Yeah, I was being a bit defensive to your repliers (and others) who were SUV bashing.
I think everyone here is forgetting that a lot of people buy Sports Utility Vehicles for the Utility aspect. I don't think I know anyone who owns an SUV for the safety aspect. For example, I drive a Honda Ridgeline (which they refer to as a Sports Utility Truck, SUT, but I think most put in the SUV bracket). I use it to bring home wood and drywall for my house projects, carry my motorcycle (which I commute with for the mileage) around when it breaks down or needs maitenance, and to drive to work in the snow when I can't use the bike. For me, my large 16mpg vehicle is all about utility. I think that's likely true for most SUV owners.
A friend luggs around his search & rescue gear in the back of his. Another carries his mountain bike that he uses almost daily, and it would be stolen in the city if it were on a car bike rack. Other people probably find themselves carrying home furnature from antiques shops and such. Also, many SUVs today can seat more than 5 people, which may be another valid reason to own one. Granted the some of these examples could be accomplished with a minivan, but no kidless 30-something wants to drive a damn minivan.
When you move out of your mothers basement and own a home or get hobby (other than gaming), you may find you have a need for some utility in your vehicle also.
I hate to keep hitting a dead horse, but.....
That's just another of the myth surrounding fingerprint readers. The reality is that a severed finger or hand has drastically different electrical properties than a live one, as well as a sort of deflation problem that makes it tough to get good print anyway. With anti-spoofing techniques like complex impedance, optical dispersion, and pulse (pressure) monitoring, the use of a corpse finger becomes detectable. That's probably little consilation to the security guard whose finger was just chopped off though. Remember too that a fingerprint reader is just detecting the presence of something you have. As with RFID or magnetic cards, this should be coupled with a pin or password.
Most readers cannot be spoofed with Play-Doh[tm] anymore, but many are now susceptable to foil spoofs. There are some pretty interesting anti-spoof techniques being developed by some of the big players these days. I really think in a couple more years, fingerprint reader anti-spoof will be pretty tight and secure. If only patents didn't get in the way of merging concepts together, anti-spoof would be much further along.
The types of rolled ink fingerprints captured for security clearance purposes, and used in IAFIS, are very different from how a fingerprint reader at a door would work. Door lock fingerprint readers are generally pretty good about being insensitive to such issues. Most use some type of capacity array to read your print beyond your first layer of skin, so that things like scrapes, dust, etc are not factors. Some use optical arrays, which are pretty horrible though.
I'm not advocating using fingerprint readers as a single source of security though. The technology isn't really quite there yet, but there's been a lot of progress in recent years. Even with a perfect non-spoofable fingerprint reader, to be really secure there has to be the "what you know" aspect used in conjuction.
And the fact that it took someone all of 21 minutes to think of that demonstrates just how obvious it is.
I lived in Melbourne FL for the last couple years. The newer neighborhoods there mostly do have buried power lines, but the main grid is above ground. One reason I heard for this is that being so close to sea-level is an issue for buried lines, so they only do it in small areas that are high enough. Even then, everyone has to have a green box on their front yard for the juctions that can't be submerged in the wet ground.
Another consideration is that reparing downed lines doesn't take all that long or even cost all that much. The real costs from storm damage, with regard to power, is replacing blown transformers and juctions. These things would still be above ground, and still be blown regardless if the lines were above or below ground.
The city isn't supposed to be looking for a profit from the parking meters. Meters are typically priced to balance between just enough to annoy you and make you not park too long, and enough to cover the cost of maintaining and patrolling the meters. The way the city benefits from the meters is that they induce more flow throughout the streets, helping businesses see more customers because there is a place to park and run in. The city gets the tax benefits of the boost in consumer business.
He gave "have him holy hell about vandilizing" his car with the chaulk. So, it isn't about the guy doing his job, is about the method that was employed. How is it okay for the meter person to draw on your tires like that? If I spent time cleaning my tires and wheels just to have chaulk on them for NOT VIOLATING anything, I'd be miffed also. Granted, I'd probably just forget about, but I understand where the GP's comming from.
In Boston, they use the big yellow locks on the wheels (can't recall the name) for serious parking offenses. That kinda bugs me too because they must really destroy the wheels. Gives me real incentive to just use a gargage.
So, you're giving credit for the Alpha to HP? Hmmm, that might get some people in Shrewbury miffed.
You missed his point. He isn't saying that being "done" makes something a Product, but that being together and ready to use does. To continue his analogy, when you buy a car, you're handed a key. If that car were some linux distros, you'd be handed a large box of parts and told there's a manual online somewhere to put it all together, and no key.
Cygwin terminal supports drag-and-drop of filenames into the shell window.
Okay, since I know that slashdotters are such big fans of the Trusted Computing Platform concept....
Lets have a trusted perifrial, say a fingerprint sensor, that can return a password or print directly to the platform, encrypted by a session key based on a previously established root of trust from boot. Then, the dialog box simply needs to instruct the user to authenticate itself to the system, without that dialog ever getting to see the authentication data.
All this leaves is the possibility that some malware will get the user to authenticate and run it, but at least it won't be able to capture the authentication data and its authorized session would eventually expire.
This could also work with a trusted keyboard that has an indicator light to show the user when it is in trust mode. This indicator light would be controllable only by the hardware TPM and thus the user couldn't be fooled into giving his password to a piece of software.
Note: I'm not trying to pass this off as my original idea. Just illustrating that the Trusted Computing Platform concepts do make some sense.
So, what happens when a malware program copies that "slick gui that (sudos or sus???) and asks for a password"? That malware program can now go ahead and do anything it wants. I've used both RedHat and Ubuntu and they both have a similar concept. While I'm a fan of Ubuntu, I think this slick gui concept is timebomb.
For now, I think the best practice is to open the command line and use the sudo command manually. That way, you know exactly what program is asking for your password.
Windows users would say they can do this by shift-right-clicking and using Run-As. But, a new dialog box is envoked to ask for your password, which introduces a possible hole IMHO.
The command line is good. Learn, use it, love it.
I use Ubuntu on one of my machines at home and the sudo password prompt dialog scares me a bit. It's not a real concern now as I'm always expecting it to show up when it does, and I consider myself to know what I'm doing. But it would seem easy to me that a program could use a look-alike dialog box to fool a user into typing thier password. Then, that program could sudo anything it wants.
So, how is the user supposed to authenticate the dialog box that's asking for the password? The only means I see right now is whether you expected it or not, but I don't think that works well for beginners.
Just to play devil's advocate here:
I really don't think any designer would be some dumb as to implement things such that you can't even channel surf. They would probably only freeze on the commercial if a timer indicates that you've been watching that channel for a prescribed amount of time. The point of this is to make you watch the commercial because you watched the show. The obvious implementation involves making sure you actualy are watching the show.
In the context of his issues, not really. His main problem seemed to be that he was humiliated at school and on the street, both of which are local. So, the fact that the rest of the world knew about didn't add much. Now, if he had been forced to "drop out of the world" or "drop out of the internet", that would be different.
I agree with the use-it-or-lose-it concept. IMO, getting a patent shouldn't require a product. Patents are supposed to be about ideas. But, a company should be required to show that they are at least in development of a realization before being able to sue someone for patent infringement. Of course, the problem there would be defining "development". Is working on it one day month enough?
Additionally, a company with no marketed product of their own should never be allowed to get an injunction against someone else's product.
For me, the value has nothing to with getting more of anything, in fact my OTA HDTV gives me much less than cable, and generally nothing additional than I already have on my cable. The value is that I personally enjoy watching the shows I like with a better picture and digital suround sound. Call me nuts, but after spending ~12 hours on the computer at work with my mind racing to create hardware designs, I typically enjoy a couple hours zoning out in front of a TV. That said, I like my experience to be the best it can, especially if it's free or for a small one-time cost (the cost of the HDTV tuner rolled into the price of my TV)
As far as the savings, I really don't give a shit. I could also spend my entire evening with no lights nor heat and save money that way. But, I choose to endulge in the modern luxuries, and am even willing to pay for it.
So, that must mean you've never acutally watched HDTV signals on an HDTV set. If you had, there's no way you would think it is not perceptibly different.
I currently have a tv with built-in HDTV tuner and a plain-old VHF antenna. I also have cable from comcast. Whenever I can, I watch over-the-air HDTV instead of the cable (which I'm paying for) just because the quality is so much better.
(Why do I pay for cable then? 2 reasons, bundled with internet service, it's pretty cheap, and I get more stations than currently available over-the-air)
Getting out of sync isn't an issue. Anything that uses rolling codes generally creates look-ahead codes to prevent this. This is how current garage door openers handle the accidental hitting of the transmitter button when out of range.
Not if you use a decent finger print sensor. Many companies offer very affordable sensors that are very secure. Aside from unpopular optical scanners, most use passive of active capacitive technology to read the finger print in a manner that is very difficult to spoof with a lifted print (granted, it has been done, but it usually takes a professional in a controlled lab and a cooperative victim). Some use technology that reads into the sub-surface layer to read your true finger print. Therefore, they can't be spoofed easily like an optical scanner, and they can read you print in the presense of dirt, cuts, abraisions, etc. Some also use other techniques to determine that the material presented is a human finger, but some of that is not public.
(Disclaimer: I used to work for a finger scanner company)
Typically, locks like this are supposed to be adding convenience more than security. Here they have done niether.
I go from having to carry a small, lightweight key to a larger, heavier one. I have to enter a pin on the key. This takes two hands probably, while I'm carrying who knows what. Then, I have to hold the key up to the door for some time. They've added steps, required a second hand, and made what I carry heavier. Also, they key has active circuitry, so I probably have to leave it with my towel if I want to go swimming (I don't like this fact about modern car keys also)
Why do I say it isn't any more secure? They seem to be confusing a basic priciple of increasing security. They've managed to create a system which uses two authentications, what you have, and what you know. This is good, but then they tied the two together, eliminating the benefit. The what you have is the key, the what you know is the pin. The place they went wrong is putting the "what you know" into the "what you have". In the end, it comes back down to "what you have" (a knocking key that is activated). The only minor way they may have increased security is by hiding the mechanical interface, assuming you don't keep that as a backup.