156 posts • joined 16 May 2007
It's always the public key crypto used for key exchange that is the bottleneck
Re: Industry has had IoT for quite a while
Yes, and those SCADA systems are notoriously insecure despite their high prices and the fact they control critical infrastructure and are managed by professionals . Even air gapping is insufficient, cf. stuxnet. What hope does cheap semi-disposable consumer equipment run by people without a clue have?
Apple hyping this release as the biggest ever is ridiculous, as the user-visible improvements are minor. There are 2 I was eagerly awaiting, however: Duckduckgo as default search engine, and reporting which apps are battery hogs.
Re: Watch this space
Technically, it's mercantilism, not chauvinism (although the two are closely related).
Every major economy did it: the UK against the Netherlands in the 17th century, the US against Britain in the 19th (this was one of the drivers for the Civil War, the North wanted mercantilist policies, whereas the commodities-driven export economy of the South was against), Germany in the 19th as well, Japan after WWII. It's only after mercantilism has succeeded that the countries who used it successfully to wrest economic leadership suddenly turn into ardent free-marketers urging emerging powers not do do the same.
That said, China is close to the shifting point - Huawei's R&D budget and yearly patents are among the highest in its industry, for example, and they have other world-leading companies like Haier.
"Google-powered devices will be equally attractive to those who value their privacy."
Google is the #1 threat to privacy, even ahead of the NSA. No one who values their privacy uses their services. The single greatest feature in iOS 8 is DuckDuckGo as a search engine option.
Re: Apple NFC
NFC is for Apple Pay only.
Apple wants you to use Bluetooth Low Energy (BT 4.0 Smart) for all the use cases you describe. You can pair your phone with your AppleTV that way, for instance. They probably put in NFC under duress as that was the only way to interoperate with payment terminals already out there, which support NFC but not BLE.
Re: Well there you go
Their market share of attractive (i.e. spendthrift) demographics is huge, however, and that's what matters most for merchants.
Re: Help me out here...
The issue is cellcos, banks and handset manufacturers were all angling for the pie. If they couldn't succeed, they would make sure the others failed. Net result: stalemate. Verizon disabled NFC and the Secure Element in the phones they sell, for instance (they want the SE to reside in the SIM card where they can control it, not in the phone where the handset manufacturer is).
Apple clearly has cut a deal with the banks where they agreed not to take a cut or collect data, so they have a better chance of getting adoption on the merchant terminals because banks won't actively sabotage their efforts the way they did with Google, Samsung or Verizon.
On the flip side, this system is built on a foundation of quicksand, the terminally insecure credit card number. It's not clear how it will handle the 2015 transition to EMV.
Yay for 4K
I just bought a 50-inch Samsung HU8550 for $1800 (after $700 instant rebate) to replace the ancient 42-inch analog 720p plasma set that came with my new house (burn-in and crazy pixels galore). This unit is certified Netflix 4K compatible, but I fully expect the primary 4K content will be from projecting photos. A 4K TV has 8 megapixels and is ideal for that purpose. The price is about double what an equivalent 1080p unit costs today, and most likely the price will fall down to the current level within a year or two, at which point no one will buy a 1080p model, just like no one buys SD or 720p today.
The key is to buy a set with HDMI 2.0, HDCP 2.2 and HEVC/H.265, which only became available in 2014. To qualify for the UHDTV 4K label, TVs also need 10-bit color, which is not yet widespread.
Re: "If you want to listen to great-sounding music"
You can buy musician's earplugs like Etymotics to reduce sound levels without altering the frequency response.
Ghafoor has known about this for a while, and has been at the forefront of exposing warrantless surveillance, hence the retaliation. Here is his lawyer six years ago recounting the Kafkaesque process of suing the government for it:
I just tried it
It's like the Netflix of music. Exceedingly limited collection, even for music older than 6 months.
Re: So let me get this straight...
If they have 34% of the market, 34% of $30M is $10M, not $6M or $5M.
Amazon has 80% market share in eBooks in the US, and higher internationally. Apple is hardly the monopolist in books (the only industry they are one is music downloads).
What Amazon is asking publishers to do is subsidize the predatory pricing it will engage in, to kill off competitors like Barnes & Noble, and thus make the publishers even more dependent on Amazon's monopsony. Kind of how the Chinese government charges the families of executed people for the price of the bullets...
Re: bully boy, more like pushover...
"Shows how much you know, there has never been a recent trade agreement that has worked out for the US."
Whether those trade agreements work for the US as a whole is debatable, but they certainly work very well as designed for those in power. Just like how the Iraq war was an unmitigated disaster that will cost anything from $2 Trillion to $4Tn when all the costs are tallied, but helped make Dick Cheney and his cronies billions in war profiteering. The net total is highly negative for the US as a whole, but it's all upside for those who made the decision.
How is this new?
People have been using Skype and other VoIP tools for over a decade and a half from WiFi hotspots. Skype will even let you log on to Boingo and pay for the access using Skype credits.
As for KPN, yes, it is one of the worst telcos in Europe, with rotting infrastructure and a disdain for customers seldom seen West of the former Iron Curtain.
That's because those devices are based on Linux, not Darwin
And thus probably using OpenSSL as its SSL/TLS stack (the main alternatives being GnuTLS, which has security issues of its own, or PolarSSL).
One of the little secrets Apple would rather keep to itself...
Re: arm -> low power. POWER -> ?
Better single-thread performance is a valid answer. I'm sure there are algorithms even Google's PhD's haven't been able to parallelize yet, and need the fastest cores it can get. CPU power consumption is only a small part of server power utilization, and I find it hard to believe POWER can match the throughput per dollar of x64, but then again neither will x64 match server ARM64 when it starts shipping in volume in a couple of years' time.
It has to do with the economics of processor R&D and fab investment. Intel (and AMD) server processor R&D rides on the coat-tails of the much larger desktop/laptop processor market with its huge economies of scale. Niche processors like POWER have much smaller shipments to amortize the R&D on, or build a use-case for hugely expensive leading-edge fabs. There is thus a chicken-and-egg effect that prevents them from reaching the price/performance point of Intel processors.
Even Intel is feeling the pinch, as shown by Krzanich's recent moves to open Intel fabs to third-party designed chips. AMD couldn't keep up, despite having invented x64, and had to spin off its own fabs.. Even Intel and HP couldn't make Itanium succeed in the marketplace, despite access to Intel's fab prowess and HP's server market share, it's hard to see how a hollow shell of a company like IBM could achieve that. Google might, but just how strong is its commitment to the platform? Enough to fund ongoing R&D into the platform? Seems doubtful - their hardware investments this far have concentrated on cutting margins and middlemen, e.g. building their own switches from Broadcom parts.
ARM has even higher volumes than Intel, if not fat juicy margins to fund R&D from, and is thus the more likely disruptor, something Intel is keenly aware of, as ARM's strategy is essentially the same one Intel used with great success to kill off RISC architectures.
Another step in the wrong direction, stagnation and irrelevance
Mozilla is rich due to the advertising fees Google pays it for being the default search engine in Firefox. Paradoxically, this comfortable situation means they are not experiencing a sense of urgency commensurate with their slow Yahoo-like slide towards irrelevance as mobile (Webkit/Blink-based) browsing is usurping the desktop.
The search referral wealth is also funding a lot of useless claptrap like Open Badges that are a distraction from the radical changes Mozilla needs to make if it is to survive. The organization will need strong technical leadership to make this happen, and it isn't going to come from wishy-washy liberal arts or marketing types like Beard or Mitchell Baker. Losing Eich is a terrible blow, however unpalatable his opinions may have been, and replacing an engineering-background CEO with a marketer makes it less likely that a replacement will accept the job.
ICANN is mostly a failure
They failed to wrest control of the dot-com zone back from Verisign, and have mostly tacked on additional fees on domain name registrations. Indirectly that means the Department of a Commerce has failed in its oversight. The organization is opaque and unaccountable (google "Karl Auerbach ICANN). There are a few bright spots like DNSSEC and IDN, but they are few and far between.
Putin, Erdogan, Iran or the Chinese Communist Party don't need control over ICANN to enforce Net censorship. The only question is about fighting for the gravy train.
That use case makes sense, but getting more notifications is the last thing you should want. Without getting all Zen or Walden-esque about it, interruptions break your flow and hinder your ability to get things done. Frittering your attention onto what your phone or smartwatch thinks is important means you are ceding the control of your most important resource to someone else, e.g. advertising companies and their business need to turn us into Pavlovian dogs awaiting their next hit of notification so we can be exposed to more ads.
Rich nerds wear expensive Swiss mechanical watches
It's one of the few articles of jewelry a man can wear without appearing tasteless, along with cufflinks.
Most of these are automatic and don't need recharging or rewinding.
Micro-USB is too flimsy
The Micro-USB connector was designed by Nokia and is the flimsiest piece of garbage imaginable, being much less robust in practice than the Mini-USB connector it replaced. Interestingly, the USB-IF is now working on a Lightning-inspired replacement (in terms of mechanical design, not necessarily the dynamic pin assignment or DRM).
Re: as one of those unicorns
We ran on AWS for about a year, with terrible performance and availability, and switched as soon as we could hire a top-flight sysadmin. The tipping point for where it makes more sense to build than rent is about $20K/month in cloud fees.
Other factors at play
In addition to the factors listed in the article, it also has to do with:
1) Moore's law running out of steam in terms of single-thread performance and the fact most software is still not optimized for multicore. Why upgrade when you will hardly get any performance benefits? Swapping out a SSD for a hard drive is the only upgrade that makes sense for most, and it doesn't require replacing the whole PC.
2) Versions of Windows since XP have been more reliable thanks to the NT underpinnings, and thus suffer less from the bit-rot older Windows experienced. They take longer to get unusable, and thus one of the main spurs to replacing the PC has gone.
3) Software ani-piracy measures like activation have made it more of a chore to migrate to the new PC.
4) PCs are not subsidized like smartphones in exchange for 2-year contract lock-in. That leaves less money for marketing and in-store placement.
5) Mobile Internet connectivity has improved (the AT&T LTE I get at home in San Francisco is much faster than the AT&T DSL I have to endure). This reduces the necessity of using a home computer. At the same time, most laptops ship without a wireless WAN adapter, and even when they include one, carriers won't offer plans as attractive as those available on smartphones and tablets, the assumption being laptop users will consume more bandwidth.
At some point they will run out of disk space and collection will stop.
Latency arbitrage for high frequency trading is leading to a rebirth in microwave vs. fiber, notably between New York and Chicago. Microwave data mom is an exceedingly robust and mature technology, unlike free space optics, though.
Perkins is merely describing how the US political system works in practice, if not in theory.
I think in-browser editing means use wiki or HTML CMS to host data in a form directly accessible from a browser instead of using a format that requires launching a separate app like OpenOffice or Word when a browser will do.
Re: "Optional" sounds just right.
Your smug, narcissistic, self-righteous and self-indulgent generation has caused enough damage already. That's why it's Millennials like Snowden who have to clean house.
Chaff is the solution
The Silicon Valley privacy monetization industry and the NSA/FBI surveillance-industrial complex may be equally dangerous to privacy, but conflating them is simplistic. They are culturally, generationally and geographically thousands of miles apart. If you look at who has been eagerly cooperating with the NSA (as opposed to complying under duress with National Security Letters), it is Telcos, who are centered primarily on the East Coast and Texas.
Curbing the NSA's unconstitutional abuses is going to be difficult, will take years and will require working through the political process - there is no other way, technological countermeasures alone can't make a difference against an opponent whose R&D budget probably eclipses the entire tech industry's.
The way to fight against the privacy-infringement industry is technological: better cookie-filtering software like disconnect.me, along with as-yet-to-be-written big data sabotage tools that poison the well for data brokers by pumping fake data into their user profiles, thus rendering them worthless. I can easily imagine browser plugins that click on random links in the background to obscure what you are really interested in. People tend to overestimate the power and robustness of statistical techniques, they are actually very vulnerable to noise and deliberate info-chaff. Legislative and administrative approaches like Do Not Track won't work because there is no practical way for the government to monitor compliance, just see how Do Not Call failed to curb the most egregious telemarketers.
TLS needs to be fixed first
TLS/SSL needs to be fixed before making it mandatory, otherwise it's just more security theater.
The NSA can simply order a CA to issue them certificates suitable for man-in-the-middle attacks, or they can order a website operator to disclose their private key, as they did with Lavabit. Given that most TLS cipher suites do not provide perfect forward secrecy, this means they can easily retroactively decrypt your communications.
The question is, what value does Intel really bring to the table? It sounds more like Brian Krzanich cleaning house and divesting himself of a money sink on one side, and Verizon on the other hand making an acqui-hire:
I wouldn't be too hard on Fastmail. IMAP is a spectacularly poorly-specified protocol, and it doesn't help when some like GMail implement it in an even more spectacularly crackpot way. It was a fairly plausible assumption that changes in Mavericks Mail.app's IMAP implementation was causing problems.
Re: Android @Version 1.0
Within living memory, J Edgar Hoover tried to blackmail Martin Luther King into committing suicide, by threatening to expose MLK's extramarital affairs.
No one can be entrusted with this unfettered power, unless we want our democracy to turn into a Putinesque siloviki state.
Re: Good thing I live in the USA!
The US has a total area and population comparable to the EU. The whole point of the Single Market is to make intra-European commerce as streamlined as the US so it can gain similar economies of scale. Of course, language barriers won't go away any time soon, but telecoms and financial networks need to be made geography-neutral for that vision to be achieved.
Quash it, don't pardon it
A pardon implies admission of guilt by the pardoned. Turing did nothing wrong to begin with, it's the law itself which was wrong. A pardon would semi-legitimize the law by implication. In France, for instance, Captain Dreyfus was pardoned in 1899 as a matter of expediency to free him from prison, until his conviction could be quashed in 1906. Accepting the pardon implied admission of guilt, and he only did it because he was exhausted by 4 years of hard labor. In the case of Turing, there is no such practical or humanitarian consideration, and thus the principled thing to do is to wait until the conviction itself is overturned.
The proper course of action would be to abrogate the law he was convicted under, with retroactive effect, and cancel his conviction. Not sure how that would work in UK law, in the US the law would be found unconstitutional by the Supreme Court and any convictions under it vacated.
Re: Was this news?
If a tinpot dictatorship like Iran does this regularly (google "comodo iran" for more details), you can rest assured our benevolent voyeurs do so as well.
Better done at the OS level
The semantics of block devices are not rich enough for them to do a good job of caching. This is better done at the OS' filesystem layer, as with ZFS' logzilla/cachezilla hybrid storage pool approach, Apple's Fusion or Microsoft's ReadyBoost.
Given the dismal failure of the network management software industry (I'm looking at you, HP OpenView) to solve even basic network management problems, I doubt they will ever deliver on the vision. They will, however, be successful at selling boatloads of overpriced shelfware to clueless & gullible IT managers.
The book "The Innovator's Dilemma" by Clayton Christensen, which describes how incumbents get disrupted even though they know it's coming, was based on case studies from the hard drive industry.
Is “as dumb as possible” the best answer to the question “how smart should the office phone be?”
Yes, because business phone UIs are terminally horrendous (I have a Polycom unit at my desk, that is blinking red, I have no idea why, nor can I be bothered about fixing the darn thing, even though I am a Telecoms engineer by training).
Of course, the real answer, as any Millennial can tell you, is the best office phone is no phone, you should be using IM (or email for this old fogey) instead.
There's a name for it
It's called the Dunning-Kruger effect.
Remote PDUs + serial console won"t help if the system is aborting in the middle of the boot sequence, e.g. due to fsck.
The reason Google, Facebook and other hyperscale companies don't provision LOM on their servers is not so much cost as the fact their ops model treats individual servers like cattle vs. pets. If a server dies it is automatically failed over and the FRU is the server itself.
Kindles are not the issue
Tax-dodging or Kindle lock-in is not the worst transgression. Amazon's abuse of its near-monopoly status in books is. For a few examples:
Typical cellco scum
The great thing about Apple is that they don't cave to carriers' demands to put crapware all over the phone, unlike Google's supine attitude (even though there are bad signs like allowing AT&T to misrepresent HSDPA as "4G" and allowing the carrier to restrict FaceTime over the wireless connection).
The problem is not authentication or lack thereof
but rather the bugginess of embedded systems, Internet-connected or otherwise, manufacturers' unwillingness to expend engineering work to issue patches, and the logistic intractability of managing patches for all the devices out there. We've seen makers of expensive SCADA controllers wash their hands of the problem, and even lowly printers have turned out to be attack vectors.
Authentication won't solve the problem. Strict product liability laws that force manufacturers to fix bugs would be a first step, and it's encouraging the FCC recently compelled HTC to release Android security updates for phones they'd just as soon not want to support.
One option could be to require devices to disable themselves 6 months after their last autoupdate, and to require manufacturers to support devices for 7 years after EOL just as they are required to for spare parts.
Practice safe browsing
Apple (or Microsoft) can't really be blamed for security vulnerabilities in third-party software, Adobe Flash and Java being egregious culprits.
That's why I disable Flash and Java in my primary browser (Chrome) and only have them enabled on my secondary browser (Safari) that I use to visit sites that absolutely require either, and then only under duress (normally I will just ditch a site that requires Flash or Java, or won't work with cookies disabled, as that is not acceptable in the 21st century). I also make sure the bug-ridden Adobe Reader never makes it onto my computers.
The best approach would be for browsers to run all plugins in a virtualized sandbox where they cannot do any harm, but the engineering effort to do something like this would be daunting, essentially duplicating the functionality of VMware, and non-portable to boot.
- +Comment Trips to Mars may be OFF: The SUN has changed in a way we've NEVER SEEN
- OnePlus One cut-price Android phone on sale to all... for 1 HOUR
- MARS NEEDS WOMEN, claims NASA pseudo 'naut: They eat less
- Back to the ... drawing board: 'Hoverboard' will disappoint Marty McFly wannabes
- Vid Google opens new Inbox – email for people too dumb to use email