2022 posts • joined Wednesday 10th June 2009 16:31 GMT
...but what about the old games? They still have the old broken signature system, and you can't apply the new signature system to them (since they exist on read-only media) without a (pretty big) whitelist. So how do you keep hackers from simply using the old signature system?
The firmware update needs the root key in order to run. Otherwise, to quote Spike Milligan, you'd be trying to "open the box with the crowbar you will find inside". Which means someone savvy enough can DISASSEMBLE the update (and it has to be offline because it's going into discs as well) and tear it apart. The new key will be in there somewhere. Once they learn that new key, it's back to square one.
Plus you can't retire the old keys. Otherwise, you can't run old games. And whitelisting can be prohibitive considering how many games and apps already exist for the PS3. Not to mention a rooted PS3 can simply "fake it".
...to upgrade 3.55 (which HAS been taken apart top to bottom), you need to authenticate it with 3.55's key. Basically, you need the old key to put in the new one, but doing so allows the new one to be extracted, doesn't it?
Broadcast MPEG-2 has limits.
According to HDTV specifications, the MPEG-2 broadcast stream is limited to 19Mbit/sec. That's only enough for a 1080i60/30 stream. You can handle a 1080p film (at 24Hz) OK, but anything faster than 30Hz is beyond using broadcast HDTV. Not to mention the most likely candidate to break that limit, gaming, will probably involve timing issues (because it'll take time to encode MPEG2, even on the fly) that could affect the gaming experience.
Actually, I AM entitled.
You see, your example of backing over someone is covered by OTHER LAWS. As long as I don't mess around DIRECTLY with anyone, I should not be held criminally responsible for ANYTHING. My toys, my rules. If I wake up the neighbors with an overdriven amp, that's Disturbing the Peace. If I monkey with my well and mess up the neighbors' as well, that would likely be Criminal Negligence. If I back into someone and hurt them, that's either Criminal Negligence or Vehicular Assault, depending on the severity. But if the only person I affect is myself, then it's none of your business. Or would you like your fundamental right to property compromised further?
Probably just waiting for the next generation.
As experience shows, the first generation of a new popular form factor leaves a few holes. In this case, the iPad doesn't read well in daylight and hasn't got the best working life in the world. I'm pretty sure they're waiting for the second generation of tablets with Mirasol/electrowetting/other form of quick-refresh color e-Ink displays which make them more daylight-readable and easier on the battery when they're not being pushed.
So, basicaly, it's win or die.
Capitalism (what I call "Winner Economics") at its most cutthroat. Though I favor Android at the moment, I won't show long-term favortism towards any of the mobile companies, seeing as how things are moving too fast for any loyalties to mean anything for long.
Real birds can be scared off.
Most birds know better than to stick idly around when particular noises abound...such as a sound that might occur when a bird's about to be grabbed from above. Point is, there are ways to humanely make birds scatter--usually through the application of sound or directed air.
Directed air would divert even a bird bomb (since it'd have to behave like a bird), and since it would ignore a sound-based chaser, it could be distinguished from a real bird.
Then ban the human body as well.
Or lest we forget that people can train themselves to be lethal even while completely unarmed. That's right, the human body can itself become a lethal weapon (from something as simple as the ol' unscrew-the-neck to a martial arts kick placed in just the right spot).
"I don’t know about you, but I think everyone everywhere should be allowed to own a gun. I also think that they should not be allowed to carry it in public, concealed or otherwise. I believe that it must be stored in a locked container, with it’s ammunition in a separate locked container that uses a separate key (or combination.) Transport within a vehicle must be in a locked container with the ammunition in a separate locked container. That’s called safety. It prevents accidents. It prevents children getting their hands on it. It prevents people who haven’t had gun safety training from getting their hands on it."
Thing is, unlike your plasma cutter or the like, there come times when you need to whip it out on a moment's notice. That's why police sidearms are loaded when they're on duty--safe one moment, facing an armed assailant the next. Now, before you say they're professionally trained and assigned to do their duty, remember that they're only so many of them and so much territory to cover. Thus the several minutes between calling for them and them arriving. I don't know about you, but those few minutes can seem like an eternity if your house has been broken into...or worse, if some assailant has his sights locked on you--IOW, you can face the same problem as the cops. Sure, you'll have accidents, but accidents are a fact of like. After all, you'll also have precocious children who learn about how locks are opened (just as I learned that I could use the chair to climb up to the kitchen counter--I was only five when I learned how to open combination locks and which key to put into the car's ignition).
Blow himself up?
The gun massacres of the last twenty years pale in comparison to two or three (IIRC Natural Born) Americans with a truck, access to fertilizer, and enough knowledge on how to improvise ANFO. Plus, like I said, Black Powder has been around for ages and involves just three common ingredients.
Put it this way. Would a homicidal maniac be less inclined to go on a rampage if he/she had less access to firearms? Or rather, does the prevalence of firearms simply make it the implement of choice?
Thing is, the stable door isn't all the way open.
IOW, the horse hasn't escaped yet. It still isn't possible to install custom applications onto a stock PS3 without hacking it in some way. The big problem is there are only two avenues for installation normally, and neither one has been hacked yet (Game discs have a hardware lock, and downloads are protected by Sony's SSL key, which is still unknown). All Sony needs to do is release a new firmware that reinforces this restriction by making sure no other installation method can ever be opened again. Don't be surprised if they remove the firmware-by-USB route (thus killing the jailbreak keys), make all future firmware updates go through SSL (thus killing the man-in-the-middle approach), and prevent any form of downgrading, even by Sony itself, once installed (thus killing using Service Mode to downgrade it to a hackable version).
Much easier solutions.
ATMs can simply poll for time when they phone home for a transaction or whatever. And you've already mentioned NTP for those who connect to the Internet (and some do--these usually connect home by a VPN tunnel or employ a separate but still IP-based intranet). As for detecting theft, precise movement knowledge isn't needed to detect that; it would be easier to install an accelerometer.
It's property rights vs. copyrights.
Sure, the PS3 is yours, but the code within isn't (that's only licensed, as is any form of software). The code (and that includes the secret keys) still belongs to Sony and, according to the suit, was never GeoHotz's to redistribute. It's a case of property rights butting right up against copyrights because a piece of copyrighted information is encapsulated in an object that can only be described as property. Given the implications, this case could go all the way to Washington (either to the Copyright Office or to the Supreme Court) so as to finally draw the line.
Not if the amp's still good.
There are times when the TV is changed out before the amp. In which case, the TV supports HDMI while the receiver doesn't. Most TVs support an audio out of some form, which you can then rig to the amp. Not the best solution in the world, but when it's the picture you're concerned about more than the sound, it's better than nothing.
What about gaming consoles and PCs?
Those two sets of devices don't rely on prerecorded material and generate their footage (especially gaming footage) on the fly. Not only that, some of them can be very timing-sensitive (to the point that many TVs now have a no-frills Gaming Mode to trim the display lag) or produce high-intensity scenes that may not compress very well.
If not guns, then something else.
Think over in the middle east, where explosives seem to be the massacre device of choice. Remove guns, and homicidal maniacs will simply switch to something else. If not an up-close-and-personal knifing rampage, than a car (or truck) packed with homemade explosives (and since most of the recipes--especially black powder--are common knowledge, good luck getting them out of everyone's hands).
Taken into consideration.
The article does note that Flash and other SSD usage is also increasing at the Enterprise level (that is to say, businesses, including server farms). Flash's higher MTBF has a positive influence on the TCO, especially on read-heavy jobs where Flash's shortcomings aren't as prevalent. The only stumbling block at the moment is the initial price premium, but enterprises may be more willing to put in a premium initial investment for a better TCO.
Controlling points of failure...
...sounds like a sound business practice to me. Moving away from storage-capable machines helps remove a number of potential security breaches in a security-oriented environment. Simplifying the leaves of the network tree makes repair jobs simpler (just have a few spare devices handy). Increased virtualization (already seen in the commercial world) smacks of better utilizing existing hardware: almost always a Good Thing.
Not saying this is the be-all end-all, but they're steps in the right direction.
Reflection doesn't work that way.
Mirrors do indeed reflect light, and they do so for ALL angles of incidence. That's why you can see a reflection--the light reflected on you carries essentially the same characteristics (albeit altered in one direction) as if you were looking directly at someone else. The light rays just bounce off the mirror (at whatever angle it takes) before they get to your eye.
Not so slow.
There are already several persistent color displays being developed, all of which can refresh quickly enough for multimedia applications. There's Qualcomm's Mirasol tech which relies on mirrors (and we should be seeing the first devices this year), there's an electrowetting system Reg itself talked about, and there's at least one other that has similar benefits. They're working on it, and it's going to be a matter of sooner rather than later.
Even if code was whitelisted, exploiters have been known to find ways to turn good programs bad (look up Return-Oriented Programming).
Have you tried using one Standing Up?
Keyboards are an encumbrance when you're standing. You're better off without one, able to walk around with the thing held in your left hand (or better, cradled in you left arm) and your right hand free to touch away. Makes the device usable in more situations than without. Now, maybe a slider keyboard, able to go all the way out and hinge might work, but I hear the mechanics on such a design are tricky (thus why they haven't been tried more than once or twice).
Okay, since you asked...
...subways can be crowded. Good chance you'll be standing, so the keyboard becomes an encumbrance. Better to go WITHOUT in this case. Cradle in your left arm and touch away with the right hand; easy peasy even while standing up. As for the EasyJet flight, on the last flights I've been, the tray tables have been a MINIMUM of 20cm--easily enough to accommodate the keyboard. Besides which, a 10cm tray table would again be awkward even for a 25-cm-screen netbook--odds are passing fair they'll tend to go over the edge, so you're better off going without. And the lap? If the tray table's that short, I imagine the SEAT's not much better, putting the (fixed) armrests in the way of your forearms.
So what happens...
...when a tablet comes along with a color e-ink display? Then the two will REALLY converge since you'll have an all-readable display capable of doing a lot more than just reading (if you choose). All in the same common form factor shared between the devices.
The USA won't sell.
The GPS satellite STILL carry the high-resolution encrypted signals. They're considered a key American military asset (since they allow for precision-guided long-distance smart weapons--saves money and lives), so the USA will never give it up.
That's the reasoning behind Galileo. If you can't buy the tech, build your own.
So you'd pack along an easy-to-setup keyboard (either bluetooth or cradle), rest your pad down, and get back to work. Meanwhile, you can take the tablet with you and still look at things from places where trying to use a keyboard would be awkward...like standing up (think e-Readers for your spreadsheets). You can still touch, select, and do mouse-related actions without a keyboard and even use a quick pop-up virtual keyboard for the odd punch-in. That's why tablets (now that they actually last a decent amount of time) are on the way in--keyboards are optional, but they can still be added. And their usefulness will only grow once the colour e-ink displays come on the market. Now you can even do this outdoors (something which netbooks--and current tablets like the iPad with their LCD displays--have trouble).
That can be addressed.
Once a new official firmware is released, they can push it onto PS3s by network updates and new game discs. They'll do the following things:
1. Disable firmwares by USB (killing the dongles).
2. Change the network update mechanism to go through secure connections (thus disbling the MiTM attack).
3. Find some way to make the update one-way so that not even Service Mode (the preferred method for downgrading firmwares) can reverse the process.
Once all that's done, there'll be no way to get unofficial applications onto the PS3, not even signed ones, since the default software doesn't allow for that unless it goes through official channels (which can be hardened because they don't use the compromised key).
The trouble is that if you make the overland route unsavory, they'll just move underground like they do towards California. One reason for the occasional wall proposal is that a wall can be sunk below ground (like they do in prisons), to discourage tunneling.
As for immigration itself, there are those of a mind to stop ALL immigration for the immediate future on the grounds that America is simply overcrowded. The supposedly-open door has overloaded the country and the house that freedom built needs to be aired out. Unfortunately, truly desperate people aren't willing to wait for all that to happen. People do not like the idea of being hopeless.
Premeditated murder is just that--planned and carried out as planned. That's why it's considered among the most serious crimes in most criminal codes. Manslaughter is a lesser crime, usually considered as having been committed in an out of control state, either because of a rage (voluntary, "heat of passion") or because of lack of care or attention (vehicular manslaughter--running over someone by accident).
In between are things like second-degree murder: usually the result of an attempted premeditated murder gone wrong (as in you don't hit the "hit") or a reckless disregard for life (waving around a gun and it goes off).
Good luck. You'll need it.
If what I read is correct, the legal immigration process is not only lengthy but also very low in success rate (thus why they sometimes call it the "Immigration Lottery). Many of these Mexican/Central American immigrants are too desperate to wait. Many of these people are at "Go For Broke" moments in their lives, so they'll try to cross the border no matter what it takes.
At least you have access.
For many Americans, medical access, which should be as essential as a military (since both defend and protect Americans), becomes a dilemma. There are those who have to decide where their money goes (food or pills) because they can't afford both. And I'm not just talking about those without any insurance (because they're declared uninsurable or the like) but those for which the price of medical care, *even with insurance*, would be crippling.
So just update it.
Just include the update that FORCES using SSL for future updates. Once that one update goes in (via network or game discs), the update gets locked down. The update can also look for and scrub clean backdoors and frontends.
"Think about it - otherwise, the iPhone/Android "h.264 chip" would need to be connected directly to the orientation sensor, and would be doing the animation AND resizing when you turn the device from one orientation to another."
Think back to the old days of PC DVD video decoder cards. Now, some piggybacked on the VGA signal, but that's not what I'm talking about. I'm talking about decoder chips that fed into the video chip's Frame Buffer, a special space specifically meant for video playback. The chip could then deal with the frame buffer as it could.
Modern video chips still rely on that technique: transferring the decoded frames into the video chip's memory--usually to the frame buffer--where the video chip would take over.
Now, in running with your line of thinking, yes, modern PC video cards do not carry codec-specific hardware. They either let the CPU or special GPGPU code handle the decoding, but in a mobile environment where space and power are limited, the chips could still come into play. That said, both nVidia and AMD seem eager to add the support, which probably means it won't take too much of a stretch to take an H.264 chip and add on the bits needed to let it handle VP8 as well.
Google owns YouTube
The only thing keeping Google from converting every last video they possess to WebM is time and the need to support Flash (which currently doesn't support WebM--yet). What do you think Google would do if push came to shove?
They'd simply have to lock out ALL forms of firmware upgrade that cannot be authenticated (meaning update-by-USB would be killed). That means updates would come either through game discs (and the PS3 contains HARDWARE lockouts to prevent BD-Rs being used--only official PRESSED discs would work) or through PSN (which will have separate authentication channels--without Sony's SSL certificate, you can't MiTM an SSL-based online update).
But it can bite back.
Since Google now OWNS the On2 patents, they have their own pool of stuff that MPEG-LA could potentially be in violation. That's why MPEG-LA hasn't made any overt moves: because unlike small fry, Google can put up a fight and actually possesses the means to counterattack (some of On2's patents PREDATE MPEG-4 and H.264). If MPEG-LA sues for patent infringement, Google could COUNTERsue for patent infringement by MPEG-LA. The inevitable result would be a patent war, and since no one knows the full extent of either side's patent pools, MPEG-LA could potentially lose.
Agree to Disagree
Since Microsoft and Apple are both members of MPEG-LA and have monetary interest in pushing H.264, they'll NEVER agree to support WebM. It'd be like shooting themselves in the foot, especially in front of their shareholders.
Therefore, we have two irrevocably conflicted sides, with each side having a reason to win. That's why the agreement for the HTML5 codec collapsed. The only way it would be settled permanently is in a browser war. And there's likely no predicting the winner(s) should a browser war heat up now.
Don't you know?
Most phones put in escape clauses (in molecular print only visible to electron microscopes) that their phones are only guaranteed to work between the hours of 7:55PM and 8:00PM on the last day of any month between January and March, exclusive (and only if the day is odd), during a hailstorm and a lunar eclipse.
Unless Mr. Assange takes it into consideration.
Perhaps in future he'll collect enough secrets to form an "insurance policy" and keep the Chinese/Russians at bay simply with the threat of releasing it in the event of his death and/or something permanent happening to Wikileaks. And I'm pretty sure they're familiar with dead-man's-hand-type plans--they've practiced them themselves and know that, set up right, nothing short of a "nuke-em-all" type of move, with associated consequences, would silence such an "insurance policy." Maybe that's all they're waiting for: enough secret material to protect themselves.
Here's what you have to ask.
Can a content PROVIDER be expected to act in all fairness when it can also (like Comcast and Time Warner, who both own television networks) be a competitive content PRODUCER? Since being a common carrier would crimp its own products, why wouldn't Comcast or Time Warner put a crimp on competitor companies like Netflix? It's like demanding a railroad carrier (by law a common carrier) not discriminate when it also happens to own mines or timber plots.
Supposedly, Net Neutrality is meant to address what looks like an inherent conflict of interests.
- Product Round-up Smartwatch face off: Pebble, MetaWatch and new hi-tech timepieces
- Geek's Guide to Britain BT Tower is just a relic? Wrong: It relays 18,000hrs of telly daily
- Geek's Guide to Britain The bunker at the end of the world - in Essex
- Review: Sony Xperia SP
- Dell's PC-on-a-stick landing in July: report