Maybe so, but is iPhone really targetting the corporate market, at least initially? Nothing I've seen has suggested that. Why say that your product is better than someone who isn't even targetting in the market you are referring to? Maybe because you've got no advantage over your real competition?
Not to go slightly off topic here, but BPL (broadband over power wires) providers ought to see this as a wakeup call.
Broadband providers aren't, I would imagine, particularly concerned about their user's privacy. If they see it as a wakeup call, it'll be a wakeup call to lobby the government to institute regulations favoring BPL because it is easier to monitor for law enforcement and security purposes, and to impose new barriers on broadband systems less easy to monitor.
What should have been happening is that SSNs should not simply be included in various databases.
No, that's not true. What should be happening is that SSNs should not be useful for identity theft, since (whether or not they are in public databases), SSNs—because they are also tax identifiers for individuals and thus mandatory in a wide number of applications—are not secrets suitable for identification purposes in the first place.
OTOH, a public identifier like the SSN that serves the role of a tax ID would make sense as public key in a more secure identification system; the trick is designing the rest of the sytem.
Even with "minimum disclosure" (something that, mandatory as it may be, seems rather elusive) SSNs aren't secret enough to be relied on the way they are for identification.
So 30,000 SS#'s were exposed, and 150k people might be in trouble?
The person who noticed the SSNs were available identified approximately 30,000 records with SSNs (not sure if that corresponds to 30,000 SSNs, or more -- because each record might have more than one -- or less, because there might be dupes.)
The subsequent review by the Agriculture Department suggested 100,000 to 150,000 people may have been affected, which I would assume reflects the range of social security numbers that may have been exposed.
Here a permanent fix: render SSNs worthless for financial transactions by making it illegal for any entity besides the IRS, SSA, you employer and your bank to ask for a SSN or keep a record of a SSN for any purpose other than tax collection and Social Security. The employer and bank would only be allowed use it for tax reporting purposes. The credit reporting companies, banks, and data brokers might howl, but too bad. They can use other data identifiers, or even better, learn to personally know their customers beyond a mechanically created credit score tied to a SSN.
Certainly, stop easily discernable personal information like name and SSN as if it were a secret password that provides security. There is a need for verifiable identification that doesn't rely on in-person presentation and verification of identifying documents, though, but it needs to be secure, not the current SSN (though a "revised" SSN that worked something like a public key could be part of the system.)
The New York Times is reporting that an Office of Management and Budget website accidentally exposed at least 30,000 social security numbers publicly online.
No, actually, the New York Times is reporting that a publicly-released database from the Census Department related to Agriculture Department contained social security numbers. The connections with the OMB are: 1) Questions about the release were directed to the OMB because the OMB, among other things, coordinates information policies for executive branch departments. 2) The nongovernment website through which the presence of the SSNs in the database was discovered was one run by a group whose parent is "OMB Watch", a public "watchdog" organization.
Everyone gets all huffy that commenters don't RTFA, but how can you be surprised when, apparently, those writing the summaries don't, either?
And let's not even get started on the laughable concept of Slashdot "editors".
Meanwhile, if remote-sensing platforms start getting shot down they'll quickly be upgraded with trace-the-projectile-back sensors to let the cops go after the shooters.
I'd expect acoustic gunfire detection/location systems to be part of the original package on similar platforms deployed by US law enforcement, rather than upgrades.
WotC and D&D may have been big in their time, but they're all but a footnote in history.
D&D has always been the leader of the Tabletop RPG market (even before there was a need to distinguish it with "Tabletop"), and that market itself has always been a pretty small, niche market.
D&D is hardly less dominant now that it has been in the past within that niche.
Of course, one you *stop* subscribing to Pyramid magazine, then your access to that content goes *poof!* as well. If you can't download it in a nice format, then the online model loses a lot of appeal to me.
Its HTML. It can probably be downloaded as complete webpages with the necessary images with the Save As... feature of most browsers, you can make hardcopies of it, and if you have any of the many (some are free or included with popular software packages) print-to-(PDF or other similar document format) utilities, you can archive it that way.
Now if it were some bizarre, locked-down DRM format, I might agree with your concerns.
apes, especially monkeys, are very genetically related to humans
Er, no.
First, monkeys are not a subset of apes. Monkeys and apes are different subsets of primates. Of the two, apes, not monkeys, are most closely related to humans (and of apes, chimpanzees are most closely related to humans.)
Never, EVER, give your wife your password! What the heck are you smoking?!?!
This would be a perfectly good idea if every information system provided ways to delegate access to your access privileges to other users, especially if they had fine-grained access controls that allowed you to do so with any part of your privileges that you wanted to delegate, and excluding any privileges you wanted to exclude.
Unfortunately, very few of the information systems I interact with allow delegation at all, and even fewer do so with fine grained access controls—those that do allow delegation usually allow only one very specific level of delegated access.
Also, if we assume the total resources needed to run the simulation is O(N), and each user is running their own copy, then the total computing resources being used is O(N^2). More importantly, since a typical client machine is certainly far less powerful than a typical MMO serving cluster, and since it has to do other computationally-intensive things like render graphics, it's clear that this strategy cannot scale to typical MMO player counts.
I'm not sure that's as clear as you think it is. The suggestion that "typical" MMOs or SL are O(N) seems to be based on the model that the client is O(1) since the complexity there is based on the number of objects in close proximity, which doesn't vary with the number of users in the overall simulation, and that the server complexity is O(N) in the number of users. This, of course, suggests that the amount of virtual real estate must scale with the number of users, and clearly breaks down in the case of places where everyone wants to be (unless there are users-per-area caps imposed).
OTOH, Croquet "Islands", which seem to be O(N^2) with the number of local clients, are not necessarily closed universes. They can communicate with external objects, including other Croquet Islands. Assuming a complete MMO universe is made up of a set of Croquet Islands which each correspond roughly to a land area, communicating with the neighbors to provide continuity, but not passing "broadcast" messages beyond their neighbors, you would seem to get a system that is overall O(N) in number of users, segmented into a number of Islands proportional to the total number of users. And, while it faces potentially dramatic slowdown if the user (or, perhaps more generally, object) load isn't distributed equally among Islands but instead concentrated in popular Islands, regular MMOs seem likely to face the same problems.
I don't think there is any practical solution to the environments where users interact being O(N^2) fundamentally, and only avoiding that through some kind of segmentation—each observer has to have their own rendering of the environment, and that rendering is likely to be at best O(N) in the number of objects in the environment, which in turn is probably proportional to the number of users in the environment. Any MMO solution has to segment the environment so that each users environment isn't really all that massively multiplayer to get effective O(N) scaling. But that seems to be possible in Croquet, though the method of segmentation may be different than in other MMO systems.
It makes Croquet incapable of handling player counts as large as Second Life.
Certainly, assuming (as someone has since guessed) that Second Life is effectively O(n) in number of players, that would certainly be true at some number of participants, and would seem likely to be true at a level that would be practically significant, too, though there is no guarantee of that. When I said no one had presented reason to believe SL was superior, I particularly meant that no one presented or linked to an overview of the SL architecture to make the comparison.
I believe the PC & Mac do it at the system call level--if someone makes a system call and doesn't have the privilege, the system compensates by prompting.
That's my understanding of Vista, I thought the Mac used sudo like Linux (OTOH, applications designed for Mac OSX, unlike applications designed for Linux, know what to expect.)
Doing at the system call level would be one reason for more frequent popups on Vista, and certainly is a way to grandfather in legacy apps.
Problem is, most linux apps are expected to be able to run without a GUI, so you don't want a system call attempting to pop up a dialog.
Well, no, if you wanted to add support for that kind of behavior in Linux, I'd expect you'd want to build hooks in the kernel that would allow applications with root permissions themselves to setup callbacks that could gather credentials and request escalation after inadequate access was for a system call but before it fails. Then your UI program would register a callback which would popup the password dialog. I don't know enough about linux system programming to know how practical it would be to add that to linux, and I'm not sure its really necessary, anyhow, since its mostly an issue for non-tool packaged end-user GUI apps, and its simple enough to correct by the application vendor or packager without any changes to the underlying OS.
No, that doesn't appear correct. From the very page you linked to "In Croquet, each simulation has one router designated on the network. All inputs are sent to the router, and never directly to the simulation running on the machine on which the input is made. The router puts its own timestamp on the message and sends it out to everyone." I'm pretty sure that makes it O(n), not O(n^2). Twice as many clients means twice as many packets on the network, not four times as many.
I'm pretty sure its O(n^2): while all the messages get sent to the router, the router then sends them to everyone. The number of messages received by the router is proportional to the number of users, the number of copies of each it has to send out is equal to the number of users, so the total traffic is O(n^2) with the number of users.
OTOH, no one, here at least, has presented any reason to think that having network traffic that is O(n^2) in the number of users makes Croquet worse than Second Life.
Also, by the way, it's really annoying that you can't actually enable root from the GUI level. Both Windows and Mac have a prompt if root access is requested by any app,
Uh, yeah. This is true on Linux as well. Many Linux apps, however, don't "request root access", they assume you know what access you need and are running as root if you need it (note that not all Linux uses sudo at all, so this is, while an increasingly outdated assumption, not a completely baseless one.) This isn't a problem of Linux, its a "problem" of the particular application, solvable by modifying the GUI shortcut to use the appropriate graphical launcher (such as gksudo).
but in Linux it's a real BITCH if you are running a program from a menu (you don't have any idea what the name of the program is or where it is located) and that program then wants root access.
The problem there is that some Linux-based systems use the sudo model and some don't. Many programs—even GUI programs for Linux—aren't sudo-friendly. There are nice GUI ways to launch programs needing root access on sudo-using systems (gksudo and kdesu).
Also, I'm not around my Linux box right now, but isn't it fairly easy to determine where menu shortcuts lead in both Gnome and KDE menus? Is this really a problem?
I understand what you are saying, I wasn't talking about XP style permissions. What I was talking about was Vista's attempt to restrict admin access to only be asserted when required. Suddenly you are getting popups all the time asking for admin access.
This makes sense, however, as does the way you explained sudo. But the problem is that many people who complained about Vista's continual prompting, aren't realizing that typing sudo all the time is the same exact thing.
As I understand (I haven't used Vista and have yet seen no compelling reason to touch it), Vista uses a finer grained access request system which results in more frequent responses than the model used in sudo-using systems; I don't think any Linux user on Slashdot complaining about Vista doesn't realize that sudo and Vista's security model have general conceptual similarities.
I think the online model offers a lot of additional potential than dead-tree formats for gaming: when Steve Jackson Games took Pyramid online, giving subscribers access to a a searchable archive of articles from previous issues (including the print issues), discussion forums (which have somewhat faded, though, since SJGames opened public forums), etc., it was a big improvement.
But if they make the money selling XP does it really matter?
No, and yes. No, in that money is money. OTOH, if Microsoft, after all the money spent developing Vista, is finding that lots of consumers are demanding XP instead, it may hurt Microsoft, because it will me that the target for competitors is stationary, rather than Microsoft moving the target.
HOWEVER, it begs another question for us in the West: If Microsoft can make this suite available to the developing world for only $3, why not make it available in the US (and other western markets) for only $25, or even $50.
Differential pricing on the Microsoft product line is often about market segmentation and getting the most out of each segment of the market, not about the costs associated with particular products. (This is particularly true when different versions with different prices are distributed on the same media, and distinguished only by what kind of license key you've paid for.)
Office Home and Student isn't cheaper for a multiseat license than a single seat license of other versions of Office because it is cheaper to make, or even because it has less features. Its cheaper because people who want an "office suite" for noncommercial use have less money available to spend on it, and if charged what Microsoft charges for commercial licenses, would choose a less expensive (or even free) competing product, but with the price set low enough, the value of better compatibility with commercial-use Microsoft products they might use at work or, who people they want to exchange files with might use, makes Home and Student worthwhile.
You are missing the fact that every single microsoft product except for Windows and Office loses money. They HAVE to charge a lot for Windows and Office to support that fact.
I'm not sure whether or not that's true, but even if it is, it doesn't contradict what I said, so I'm not sure why, as I response to what I wrote, you would claim I'm missing that.
Maybe so, but is iPhone really targetting the corporate market, at least initially? Nothing I've seen has suggested that. Why say that your product is better than someone who isn't even targetting in the market you are referring to? Maybe because you've got no advantage over your real competition?
Broadband providers aren't, I would imagine, particularly concerned about their user's privacy. If they see it as a wakeup call, it'll be a wakeup call to lobby the government to institute regulations favoring BPL because it is easier to monitor for law enforcement and security purposes, and to impose new barriers on broadband systems less easy to monitor.
Or, rather, no one publicly announced it.
I doubt if the NSA, for instance, had discovered this vulnerability years ago, they would have trumpeted it publicly.
No, that's not true. What should be happening is that SSNs should not be useful for identity theft, since (whether or not they are in public databases), SSNs—because they are also tax identifiers for individuals and thus mandatory in a wide number of applications—are not secrets suitable for identification purposes in the first place.
OTOH, a public identifier like the SSN that serves the role of a tax ID would make sense as public key in a more secure identification system; the trick is designing the rest of the sytem.
Even with "minimum disclosure" (something that, mandatory as it may be, seems rather elusive) SSNs aren't secret enough to be relied on the way they are for identification.
The person who noticed the SSNs were available identified approximately 30,000 records with SSNs (not sure if that corresponds to 30,000 SSNs, or more -- because each record might have more than one -- or less, because there might be dupes.)
The subsequent review by the Agriculture Department suggested 100,000 to 150,000 people may have been affected, which I would assume reflects the range of social security numbers that may have been exposed.
Certainly, stop easily discernable personal information like name and SSN as if it were a secret password that provides security. There is a need for verifiable identification that doesn't rely on in-person presentation and verification of identifying documents, though, but it needs to be secure, not the current SSN (though a "revised" SSN that worked something like a public key could be part of the system.)
No, actually, the New York Times is reporting that a publicly-released database from the Census Department related to Agriculture Department contained social security numbers. The connections with the OMB are:
1) Questions about the release were directed to the OMB because the OMB, among other things, coordinates information policies for executive branch departments.
2) The nongovernment website through which the presence of the SSNs in the database was discovered was one run by a group whose parent is "OMB Watch", a public "watchdog" organization.
Everyone gets all huffy that commenters don't RTFA, but how can you be surprised when, apparently, those writing the summaries don't, either?
And let's not even get started on the laughable concept of Slashdot "editors".
I'd expect acoustic gunfire detection/location systems to be part of the original package on similar platforms deployed by US law enforcement, rather than upgrades.
Yeah, but the Predators don't carry subtly menacing slogans, so they're completely different...
D&D has always been the leader of the Tabletop RPG market (even before there was a need to distinguish it with "Tabletop"), and that market itself has always been a pretty small, niche market.
D&D is hardly less dominant now that it has been in the past within that niche.
Its HTML. It can probably be downloaded as complete webpages with the necessary images with the Save As... feature of most browsers, you can make hardcopies of it, and if you have any of the many (some are free or included with popular software packages) print-to-(PDF or other similar document format) utilities, you can archive it that way.
Now if it were some bizarre, locked-down DRM format, I might agree with your concerns.
Er, no.
First, monkeys are not a subset of apes. Monkeys and apes are different subsets of primates. Of the two, apes, not monkeys, are most closely related to humans (and of apes, chimpanzees are most closely related to humans.)
This would be a perfectly good idea if every information system provided ways to delegate access to your access privileges to other users, especially if they had fine-grained access controls that allowed you to do so with any part of your privileges that you wanted to delegate, and excluding any privileges you wanted to exclude.
Unfortunately, very few of the information systems I interact with allow delegation at all, and even fewer do so with fine grained access controls—those that do allow delegation usually allow only one very specific level of delegated access.
Worst case, though, in that case is O(n^2), not O(n), unless you have an O(1) algorithm for reassigning users "perception area" based on crowding.
I'm not sure that's as clear as you think it is. The suggestion that "typical" MMOs or SL are O(N) seems to be based on the model that the client is O(1) since the complexity there is based on the number of objects in close proximity, which doesn't vary with the number of users in the overall simulation, and that the server complexity is O(N) in the number of users. This, of course, suggests that the amount of virtual real estate must scale with the number of users, and clearly breaks down in the case of places where everyone wants to be (unless there are users-per-area caps imposed).
OTOH, Croquet "Islands", which seem to be O(N^2) with the number of local clients, are not necessarily closed universes. They can communicate with external objects, including other Croquet Islands. Assuming a complete MMO universe is made up of a set of Croquet Islands which each correspond roughly to a land area, communicating with the neighbors to provide continuity, but not passing "broadcast" messages beyond their neighbors, you would seem to get a system that is overall O(N) in number of users, segmented into a number of Islands proportional to the total number of users. And, while it faces potentially dramatic slowdown if the user (or, perhaps more generally, object) load isn't distributed equally among Islands but instead concentrated in popular Islands, regular MMOs seem likely to face the same problems.
I don't think there is any practical solution to the environments where users interact being O(N^2) fundamentally, and only avoiding that through some kind of segmentation—each observer has to have their own rendering of the environment, and that rendering is likely to be at best O(N) in the number of objects in the environment, which in turn is probably proportional to the number of users in the environment. Any MMO solution has to segment the environment so that each users environment isn't really all that massively multiplayer to get effective O(N) scaling. But that seems to be possible in Croquet, though the method of segmentation may be different than in other MMO systems.
Certainly, assuming (as someone has since guessed) that Second Life is effectively O(n) in number of players, that would certainly be true at some number of participants, and would seem likely to be true at a level that would be practically significant, too, though there is no guarantee of that. When I said no one had presented reason to believe SL was superior, I particularly meant that no one presented or linked to an overview of the SL architecture to make the comparison.
I'm pretty sure its O(n^2): while all the messages get sent to the router, the router then sends them to everyone. The number of messages received by the router is proportional to the number of users, the number of copies of each it has to send out is equal to the number of users, so the total traffic is O(n^2) with the number of users.
OTOH, no one, here at least, has presented any reason to think that having network traffic that is O(n^2) in the number of users makes Croquet worse than Second Life.
"Most popular" with whom?
Uh, yeah. This is true on Linux as well. Many Linux apps, however, don't "request root access", they assume you know what access you need and are running as root if you need it (note that not all Linux uses sudo at all, so this is, while an increasingly outdated assumption, not a completely baseless one.) This isn't a problem of Linux, its a "problem" of the particular application, solvable by modifying the GUI shortcut to use the appropriate graphical launcher (such as gksudo).
The problem there is that some Linux-based systems use the sudo model and some don't. Many programs—even GUI programs for Linux—aren't sudo-friendly. There are nice GUI ways to launch programs needing root access on sudo-using systems (gksudo and kdesu).
Also, I'm not around my Linux box right now, but isn't it fairly easy to determine where menu shortcuts lead in both Gnome and KDE menus? Is this really a problem?
As I understand (I haven't used Vista and have yet seen no compelling reason to touch it), Vista uses a finer grained access request system which results in more frequent responses than the model used in sudo-using systems; I don't think any Linux user on Slashdot complaining about Vista doesn't realize that sudo and Vista's security model have general conceptual similarities.
I think the online model offers a lot of additional potential than dead-tree formats for gaming: when Steve Jackson Games took Pyramid online, giving subscribers access to a a searchable archive of articles from previous issues (including the print issues), discussion forums (which have somewhat faded, though, since SJGames opened public forums), etc., it was a big improvement.
No, and yes. No, in that money is money. OTOH, if Microsoft, after all the money spent developing Vista, is finding that lots of consumers are demanding XP instead, it may hurt Microsoft, because it will me that the target for competitors is stationary, rather than Microsoft moving the target.
Differential pricing on the Microsoft product line is often about market segmentation and getting the most out of each segment of the market, not about the costs associated with particular products. (This is particularly true when different versions with different prices are distributed on the same media, and distinguished only by what kind of license key you've paid for.)
Office Home and Student isn't cheaper for a multiseat license than a single seat license of other versions of Office because it is cheaper to make, or even because it has less features. Its cheaper because people who want an "office suite" for noncommercial use have less money available to spend on it, and if charged what Microsoft charges for commercial licenses, would choose a less expensive (or even free) competing product, but with the price set low enough, the value of better compatibility with commercial-use Microsoft products they might use at work or, who people they want to exchange files with might use, makes Home and Student worthwhile.
I'm not sure whether or not that's true, but even if it is, it doesn't contradict what I said, so I'm not sure why, as I response to what I wrote, you would claim I'm missing that.