Re: The US work thingy......

Actually, I believe I mentioned B1 several times in these comments. There are many restrictions on B1, including what you intend to do, for how long, for whom, what your job title it, whether or not you are working for a company with offices in the US and what your education is.

Long story short: if you are a Canadian citizen, you can not do IT consulting on a B1 visa. If you find a customs agent willing to grant you entry on a B1 for this purpose, count your blessings, you probably will not receive a B1 the next time you try. They are supposed to require a TN or an H1-B for this purpose.

Believe it or not, NAFTA quite plainly does not allow the provisioning of any professional services on a B1. It must be done as a TN, or an H-class specific to that job type. We face more scrutiny than other nations, not less.

As to Americans visiting the US to do "work" in Canada, I've never had an American client denied entry because they are planning to do TN-class work and only applying for a B1. The same isn't true for those of us seeking to face-to-face with out American clients on their soil.

Re: They call themselves eGeeks but make their clients travel to them, One word...

We use Skype, but actually there are a dozen better programs that don't have Skype's issues. That said, there are several reasons to hold mini-conference-style meetings with clients. A lot of which boils down to doing "bakeathon"-style brainstorming, bashing through code updates in real time or even working with physical hardware tinkering.

I'd say that 90% of our communications are either phone or internet-based. That's bread-and-butter work right there. That 10% that absolutely must be in person – for practical reasons, or for the human need to gauge the other speakers – is the 10% that brings in the real money.

When you do really start doing meetings in the real world, I think you'll find that there are some things you just can't accomplish via telepresence. If the meeting can be done through Skype (or similar,) then it's really not an issue to be aware of, nor is it worth mentioning in an article to a bunch of Register readers, now is it? Mind your audience...

Re: other countries' treaties

Yeah, Canadians, not so much. Advising a company - including software debugging, I checked - is considered "computer systems analysis" and is thus immediately covered under "Trade NAFTA" as opposed to "B1". Goign to a conference is B1. Telling someone how to best set up their business computers is TN.

Sales is grey, and at the discretion of the person you are talking to...in Edmonton they seem hell bent on not granting B1 unless they can avoid it. In Calgary, you'll get a B1 with a smile and an "enjoy your stay." Really depends on which airport you fly out of.

Re: The US work thingy......

Again, if you are a Canadian and you own your business, and this business does not have a US branch then legally you need a visa to attend meetings. My understanding is that this is true of other countries' treaties as well. You can work around this by lying. If you are caught, you may be denied entry forever. Go ask your lawyer, I promise I've done an awful lot of research into this.

More bizzarely, with NAFTA, certain job categories re ieve more scrutiny than others. Canada got a raw deal...

Re: so what is an IT consultant?

That depends on which immigration official you talk to. Some call it management consultant, others "computer systems analyst." For some clients I'm a contractor...pushing buttons and fixing widgets. For others I serve an almost CTO role; setting strategy, handling subcontractors, vendors, etc on their behalf. For other clients, I write content. That runs the gamut of jobs titles, I should think.

We can't

If I am working for a company that has both Canadian and US offices, I can go to the US for meetings. If I have only a Canadian branch...I need a visa.

Re: Ahh

Old complaint, but COMPLETELY VALID. It's my beef with PowerShell as well. PHP.net is the reason I use PHP. The documentation is good, easy to navigate, all in one place, and contains examples on how to accomplish the most frequent tasks.

PowerShell is voodoo requiring Google because Bing isn't good enough to search the web for PowerShell documentation. *sigh*

Re: broken hinge

Apple is curious. Their construction quality is better than your run-of-the-mill Dell, but nowhere near as high as Alienware. It's somewhere in Asus Republic Of Gamers territory. Now, stories of great support and crappy support abound, complicated by weird agreements with resellers that differ not only per reseller, but per jurisdiction.

When you deal with Apple, you aren't really dealing with Apple unless you buy it direct. Even Apple stores are under different agreements and constraints dependant on jurisdiction. The quality of service you get can be incredibly variable. Worse, they are completely immune to bad PR. They don't worry about it; they have zero attack surface.

"You're holding wrong?" Doesn't matter. Crap Maps drove you into an ocean? Feature, not a bug.

So Apple trundles along; mostly in favour of the milled masses because – overall – the RMA/end user support issues are the exception proving the rule. They can afford to ignore the existence of the support issues through sheer largesse, but also because these issues are reasonably rare.

What will be interesting is to see what becomes of Apple's retail and RMA support situation now that the exec responsible for so many bad incidents has been canned.

Re: "I advocate them for professionals"

We'll have to agree to disagree then. I've found plenty of things that those "mobile workstations" just aren't up to. I agree they have the docks that the Alienwares don't. That said, I've found plenty of apps that run far better on "consumer grade cards" than "workstation class cards." It's all about which apps you need to run. For many of the uses of my clients, the need for high-powered graphics, 2 disks and scads of RAM outweighs the dock.

Milspec is nice, but non-requisite. The M18x line copes with everything we throw at them just fine. That's really the hard part of all this though. Making absolute judgements about any product is going to be stepping in it. Proclaiming that you'd never advocate an Alienware to a professional client blocking out as significant chunk of the market as saying "Alienware solves all problems." Neither is true.

That said, I believe that the true market for "mobile workstation" class products is significantly reduced thanks to Alienware. Unless you need something very specific about the mobile-workstation class hardware specs, there is no compelling reason to go that route over Alienware. Alienware's support will meet or beet the best Dell has to offer anywhere else…and the total package will be far lower TCO for the performance.

Re: "I advocate them for professionals"

Except that I loathe the precision line. They are too expensive for the build quality, don't offer the graphics options I want...basically, they aren't the "well rounded" system my M18X is. That M18X *IS* a workstation. It does everything I need it to. The precisions...don't.

Re: You call that reliable?

I really do. There were a rash of bad hinges on the M15x and M17X that affected some low single-digit percentage of shipped systems. Alienware took care of all of them.

There are failed units shipped with any product. What percentage fail - and how they are delt with - are the determining factors of reliability in my mind. But yeah, that XPS is still going strong, and I still use an old 386 beater notebook as my personal journal system to this day. I fully expect my M18x to match or exceed those records.

Re: Dell

I can get a 10" tablet with a resolution higher than 1080p for $399. A 27" or better monitor with a resolution better than 1080p? $750 at least. #asdf

You know, the 2005/2006 Alienwares were gaudy. I agree with you wholeheartedly that they needed to "grow up." But I have zero qualms about my Alienware M18X as regards "professional" appearance.

Have you honestly given the new lineup a look?

I wouldn't be ashamed to be seen using an Alienware X51 with the lights off: http://www.dell.com/ca/p/alienware-x51/pd

Personally, I rather like my M18X compared to most 17" notebooks: http://www.dell.com/ca/p/alienware-m18x-r2/pd

With the lights off, I just don't understand what doesn't look "professional" about them. So yes, I advocate them for professionals. Case design and all. Tastes, of course, will vary.

Re: Flawless operation? Not a chance...

@easyk: 2005 was 7 years ago. Also, everyone had problems with Pentium 4s back then. You can hang on to predjudice if you'd like, but I think you're cutting out a good supplier for no reason excepting pride.

Re: Article reads like Paid Corporate Blogging and at odds with the comments on Dell's website!!

I don't think I qualify as "passionate about the brand." I like it because I don't have to fix the fucking things. Look, I do computers for a day job, right? The last bloody thing I want to do when I get home is futz around with some computer that's acting up. I want my video games to just work. I want my media to just play. I want all the little bits to work, out of the box, and keep doing that for years.

That's why I buy Alienware.

If I am passionate about something - other than abject lazyiness, which is a very important topic for me - it is the bullshitology of "consumer reviews." The hard science of the matter is that people bitch easily but rarely pay a compliment. If you are seeing a bunch of positive reviews about a product amidst the frantic whinging, then pay attention. This means either heavy astroturfing, or people who actually like the product so much they are overcoming the inertia of human nature to say nice things about a product.

I don't care if that's Alienware, Apple, Windows 8 or Science Barbie. There are entire PhDs full of science about group dynamics, cognitive dissonance and various individual cognitive biases. I'm not making this crap up (check Wikipedia for an actually decent overview https://en.wikipedia.org/wiki/Cognitive_bias,) but I do study this stuff.

It's part and parcel of being interested in journalism. If I am going to offer objective an impartial news, reviews or analyses, I need to be aware of the various research into cognitive bias and be able to spot it in myself. (Self examination on this level borders on stumbling into Dunning-Kruger, but we'll bypass that for now.)

At the end of the day who is doing the reviewing matters far more than the volume, pitch or tone of the review. Is the individual capable of making judgements about hardware, software, etc? Do they have the expertise and experience, or – as per true Dunning-Kruger – do they lack the experience, but in lacking that experience also lack the knowledge to identify their own lack of knowledge?

What about business decisions? Are these people capable of understanding representative samples, making judgements about failure rates, total cost of ownership and so forth? Or are you seeing – as I deeply suspect – people deep in buyer's remorse, having overextended themselves and wished for something magical that never truly can be?

I have worked with hundreds of models of gaming notebook from about a dozen suppliers over the past 15 years. The Alienware systems coming out of that company today are the best of the lot I've ever had the pleasure to use, with the possible exception of those old Gen 2 XPSes.

You can try to call me "passionate" about a brand if you want. You'd be wrong. What I am passionate about is separating signal from noise. Amazon – no matter how invested you may be in it for your personal decision making – is nearly all noise. The statistical analysis you need to do on that site to extract signal is mind warping.

Far better to find people who shift these units in the hundreds and thousands and start talking about deployment strategies, failure rates and so forth. You get a far clearer picture, not only of the product and brand, but of human nature as pertains to bitching about things on the internet.

Re: Article reads like Paid Corporate Blogging and at odds with the comments on Dell's website!!

So you are basing your entire argument here off the fact that "only angry people post on a company website." Well holy crap, batman! Talk about a fundamental aspect of human nature! People complain loudly whenever they feel slighted, but most don't take the time out to heap praise upon a working product!

So yeah, I expect that if I say anything nice about any product, it would go against the bulk of the reviews written about it, especially in that company's forums. To say nothing of "why the hell are we discussing reviews on Amazon for a product that almost always ships from the Alienware.com website?"

Any product is going to have DOAs. Any product is going to have bad components. The relevant questions are "how many," and "how do they deal with them?" With Alienware, the answers are "low single digits of shipped units" and "excellently."

Remember also that Dell's consumer side has nothing at all to do with Alienware. They have different support teams, different corporate ethos, different build qualities and so forth. That is the entire point of this article: Alienware kept it's corporate ethos, but gained all of Dell's corporate oomph, supply chain, etc.

Their success and profitability by doing exactly what Dell themselves don't do is starting to turn heads at Dell and make people look at different approaches.

If you go out of your way to find something bad about a product or company, you'll find it. If you objectively compare Alienware to the competition, however, you'll find that they are first-class.

I'm glad you like your Samsung; first hand experience with them has taught me that they have awful customer service for that line of products. RMAs are like pulling teeth and I've had ~10% dead after one year. I think you might be engaging in some post-purchase rationalisation here, whereas I am attempting to discuss gaming notebooks as a function of sheer volume of units shipped and the helpfulness of support.

Anyone can have a bad experience or two. How a company handles those bad experiences is what determines their value as a supplier.

I like my LEDs. And they ship with a control panel software widget to turn them off...

Between my personal systema and the corporate deployments of these units, I've worked with over 2000 Alienware notebooks. There have been 3 RMA-class incidents (dead mobo), 2 stiff-hinge-death incidents, and a life lesson learned about AMD's inability to make good dual-GPU drivers.

Compared to every other system I've worked with - the $400 Samsung netbooks my wife and I have being the only exception - these Alienware boxes have had the lowest incidence of "it's dead, Jim." Hardware or software. That includes Dell's disposable consumer goods, HP, Asus, MSI, Sager, Samsung, Fujitsu, Sony, Eurocom, Acer, Lenovo...

I think I can speak from some experience on this one.

Re: Dell

Agree 100%. Dell notebooks are ****ing ass. Alienware, however, is not. While Alienware is starting to bleed into Dell at the high end, changing how they oprerate...I still wouldn't buy a Dell-branded notebook. Limited-time tat!

Re: Flawless operation? Not a chance...

m9700 sounds like a rebadged Clevo. Designed and deployed before the merger. Alienware didn't quite have the resojrces then that they do now. It sucks you had a bad experience, but that would have been 6 years ago. If you want to bear a grudge forever, you'll run out of vendors, eventually!

They are worth another look.

Re: Article reads like Paid Corporate Blogging and at odds with the comments on Dell's website!!

I've worked with - and continue to - every single brand of "gaming notebook" out there. They all have issues with the video drivers. That can't be laid at the vendor's feet; nobody is immune. If it makes you feel better, Alienware tries very hard to bring Dell's influence to bear on video card vendors to get them to fix their buggy crap. Some times they are more successful than others.

Overall, howevrer, Alienware has been a far more solid brand than any other I've worked with.

Re: "the closest thing you can get to indestructible"

The M11X was something Frank was really proud of. I suspect it will return, probably with Haswell's launch.

As to my "indestructable" claim: the new, magnesium-alloy-case ones pretty much are. That m18x of mine has taken a beating; it is bordering on "as much punishment as my XPS gen 2." Yeah, the older m15x and m17x systems had hinge issues. As the article says, however, they are good about replacements. Brand means more to them than recouping costs on 3-4% dead units. That's an attitutde I can get behind; few tech vendors care.

Re: XPS extinct?

You're joking, right? Modern XPS notebooks have almost nothing in common with their elder brethren, nor are they even close to Alienware specs. X40/X450- class video cards? Single hard drive? These aren't "gaming class notebooks," they're abominations that don't fit anywhere. They aren't "just business" - Intel i tegrated is fine for that and uber-casual gaming - and they aren't gaming rigs either.

No, the modern XPS notebooks do not deserve to bear that proud name.

Re: ... Sorry. Did I misread this as an article or piece of news?

One of the cool parts about writing for El Reg is that you get to talk to the people wbo make the products you use. Sometimes I talk loudly and with great irritation. Sometimes I have to restrain the fanboy.

Alienware is one of the few "brands" I like; and I like them not because they pay me to, but because they make great stuff. I'm odd that way.

Re: Agree entirely

Eurocom. Man, I remember those. There were a corporate staple notebook for us in the early aughties. Then Canadian distribution channels dried up and we started shipping Asus Republic Of Gamers boxes. Those things were awesome. I miss them.

Re: Now you've done it

What's wrong with posting nice things about the touch side of Windows 8? It's what the OS was designed for. After nerfing the workstation portion of the OS, the touch side had damned well better bring me to climax!

Re: Are you sure?

I'm positive. We're not just talking phones. We're talking drones, self-driving cars, and any appliance that is "install once, and walk away." Frankly, that's the majority of computers deployed today. In the near future, this will explode growing to completely dwarf extant PCs, Mainframes and Mobiles.

Re: Metro for business?

Which is exactly why I have been buying up as many Windows 7 licences as I possibly can. My clients will be demanding them.

Re: Now here's an idea

Actually, Microsoft have serveral research projects underway to make Windows more modular. The question is simply "do they ever see the light of day." That depends entirely on how much "status quo" they manage to ship, methinks.

Re: Oh god, save us from...

Aw, muffin! Did I hurt your feelers? Do you need a time out to have a manly cry in the corner? That's okay, we won't watch...at least not until it's done uploading to YouTube.

I understand that you have incorporated your favourite brand into your personal concept of "tribe." It's normal; it's natural! There's a lot of good science that explains the process; you shouldn't be ashamed that it occurs, only that you allow it to rule your interactions with the rest of the world. It's okay, there's still hope. If you visit a proper therapist, one day you'll be able to disassociate your sense of self worth from the products other people choose to use and advocate. You may be able to live a life where you only tie your sense of personal valuation to the products you personally choose to use!

It may be difficult for you to understand – but please try, I'm having my minions work up a colour-by-numbers book just for you – but I don't have any moral or ethical obligation to push your favourite products on the world. I don't have any moral or ethical obligation to tell people to do what "the majority" does, nor to stick with the status quo merely because it's the status quo.

If you want someone who will advocate Microsoft, teach you how to incorporate all things Microsoft into your life and otherwise champion the status quo over all comers, please don't read my articles. Instead, I heartily recommend the indomitable Peter Bright at Ars Technica. He's a far better writer than I, and completely, utterly infatuated with Microsoft.

You'll also like Ed Bott, so completely "on-message" that he just declared Windows 8 to be the new Windows XP. You should also follow The Register's own Tim Anderson on his personal blog.

These are the people you need to read. They will tell you things you want to hear. They will comfort you on a cold, CVE-2013-XXXX night. These are members of your tribe.

Whatever you do, do not under any circumstances read Mary Jo Foely, and for your own sanity don't read anything by me. You'll find my blogs clearly labelled. They say sysadmin blog. You don't even have to click. It is, in fact, your choice.

Until you can disconnect your sense of identity from the brands you have incorporated into your tribe, you need to avoid authors that raise your blood pressure. It's for your own health and safety, after all.

Cheers, and good night.

Re: What are the "under the hood changes that make it a fantastic improvement over Windows 7"?

Off the top of my head, this is what's in Windows 8 worth considering making the jump for:

1) Faster boot

2) Faster shutdown

3) Better hybrid resume support

4) Way - way - fewer IOPS in VDI mode.

5) Native USB 3 support makes me happy

6) Multimonitor support that is on par with the ATI widget in the CCC from ten or so years ago

7) Mobile broadband as a "first class" networking type. (Long time coming.)

8) Hyper-V

Obviously, they weren't enough to entice me, but they might be for others. From a raw tech side, Win 8 is a solid upgrade. It is critical if you are a VDI implementer.

Re: Agree largely, but...

Let me answer a question with a labratory test.

Hold you arms in front of you for 8 hours and make wild jesticulations. When you feel you can do this from 9-5 every single day, you're ready to use Windows 8 on the magical touch screen replacement of my 17" + 2x24" + 47" monitor setup.

Please try holding your arms out in front of you for 8 hours. Just for one day.

You'll have my answer when the excercise is completed.

Re: Here is how to get rid of the "Metro" design and return to the old-fashioned desktop

I concur; this doesn't work on my RTM VMs or physical system.

Re: Productive work

I get paid to know the latest OS. That way when my clients start deploying, I'm ready.

Re: Here is how to get rid of the "Metro" design and return to the old-fashioned desktop

Must try this...

Re: "since Netscape, when has Microsoft actively tried to prevent applications from working?"

That is a whole other story. Microsoft is a little pile of warring fiefdoms...

I'm starting to like Mountain Lion a lot. I also have Fedora 17 with Cinnamon as a potential candidate, and I am trying to learn Mint with Cinnamon. (There's a lot more mainstream support for Debian than RHEL.) Android ont he desktop is a real possibility if the x86 version ever gets born. I rather like Android, and can do all my legacy Microsoft stuff through RDP.

Overall, it's Windows XP/7 for now, with my next desktop likely a Mac and my next ultrabook likely Android.

Re: Bad Apple cultists

"Apple cultist?" How about people wanting an "ultrabook" with more than 1333x768? I don't care what you sell, if it isn't a MINIMUM of 1440x900 you can GTFO.

Re: Sounds like

I work four fucking jobs, mate. 16+ hours a day, 7 days a week. That includes running my own business where I am responsible for the incomes of two other people. I own my own home, so I pay corporate taxes, municipal property taxes, provincial taxes and federal taxes. All of which I do without trickery or tomfoolery to try to declare myself some sort of "in need" charity case to the government to get a negative tax rate, despite being capable of paying my fair share.

You do not, and fuck you very much to boot. There are people in this world who don't give a fig and mooch off the system, it's true. They are however a pretty goddamned small percentage of the populace, all told. There are people who genuinely need help; from the unfortunates born with disabilities, to folks who just ran into a bad patch and need a leg up. I am proud to live in a society morally and ethically advanced enough to provide an organised – and mandatory – system for providing assistance to these people.

Only sociopathic assholes and the very young truly believe that we all get what we deserve according to how hard we work. That's complete bullshit. We get what we get by pure fluke as much as anything else. I could have been born with any interesting combination of genetic disorders worse than those I have today. I wasn't. I could have been born to a poorer family, or one where one of the breadwinners got killed/disabled to the point of being a burden when I was young. I didn't.

I grew up in a household of relative privilege; provided a decent middle class life and opportunities to both succeed and fail in an environment that had numerous safety nets. I was provided an education, a chance to schmooze and meet the right people. I was gifted with early access to computers, and educators who taught me to express myself through writing.

I worked hard some times, slacked off at others, but to say that I earned my place in the world – as though all my successes were mine alone, having occurred in a vacuum without the support and care of others – is bullshit of the highest calibre. Yes, I worked my ass of. Yes, I still do. But there are others out there working just as hard and earning incomes below the poverty line.

Some aren't gifted with my intelligence; an unfortunate happenstance of genetics. Some merely lack my education, or the contacts I earned growing up. Some were injured, born addicted to substances, brutalised during their lives or psychologically traumatised by war, disease or other things I cannot contemplate.

What kind of human being would I be – what kind of human being are you - to trumpet a sense of personal entitlement celebrating an ownership of privilege while simultainiously disclaiming responsibility to those less fortunate? There are people in this world who need our help, goddamn it; people willing to work hard for a better life. We can't yet help all of them, but we damned sure have the responsibility to help those in our own nation.

So…noblesse oblige, motherfucker. Now get down off your high horse before the proles rightfully shoot you off. You don't speak for "those with jobs" at all.

Re: Code signing is not a security feature!

You are wrong. What you are describing is a phone that you, the end user, can "verify" is secure by running whatever software you want on it. This is the exact opposite of a secure device, from the perspective of people who own those devices, but have to have other people using them. For people who have classified data, or "tamper proof" requirements on devices they absolutely cannot have people hacking and cracking, then signed everything – along with many other features – is the only way to go.

Allowing end users to have any control whatsoever of their devices benefits a very small group of end users. It doesn't benefit the people who are trying to keep information secure and secret. It doesn't benefit governments or the "populace at large" who absolutely must have cars running known software so that you don't have your self-driving robocar running anything except obscenely over-tested self-driving software. It benefits ideologues, not those who need control over the endpoint.

Fully locked down systems can be designed to require multiple authentication vectors, even to freak out of - as with your example - someone replaces a screen or battery. Your descriptions of how to crack a "secure device" are based on common operating systems which are not designed by paranoid people. A secure device should (and would) freak out if you swapped the battery. Bricking the phone, reporting it's location to the authorities and wiping all local data. Same with the screen, they keyboard or any of a dozen other things.

A secure phone with heuristics software in silicon or firmware would look for attempts to fuzz the system for a buffer overflow and....brick the phone, reporting back the location and wiping the data. In fact, anything out of the ordinary, expected operating procedure should result in bricking the phone, calling home with location, and wiping the data. The secure device doesn't belong to the end user. The secure device belongs to the organisation that purchased it. Any attempt to modify or alter the application loadout, hardware or so forth should result in a useless phone and an arrest. (Depending on the context, charges of treason and a bullet.)

In today's world, "hardened" systems are not a reality for mass production. That was fine and good when we were making a handful of industrial control systems and mainframes. We're going to be talking here about building nearly everything that humans use except (possibly) cutlery as compute-enhanced appliances. They have to be tamper-proof and cheap. Cheap means not paying a programmer to custom design software for every single one.

Instead, it means taking generic, well understood software that a huge security machine is involved in continually testing for issues and locking it down as much as humanly possible. In some cases you can do basic hardening (pulling out unnecessary kernel elements, etc.), but you aren't going to do real ground-up custom OSes and minimalist designs for each new unit and variant.

Even if you did, that "hardened", unique phone would still contain bugs and exploits. Worse, it would be a special flower, unique like all the others and only the programmer who built it would (maybe) know how it was different from all the other special flowers. Trying to secure and render "tamper proof" thousands or millions of unique branches of the code base (which is ultimately what we're talking about in the next 20 years of computing, and the explosion of appliances that we are on the cusp of,) is lunacy.

Even if you could find the manpower for it, the cost would be incomprehensible. Programmers are expensive. Silicon is not. By removing choice and control over the endpoints from the end user – using methods that even Apple wouldn't dare – these systems can be rendered secure. Apple doesn't have Intel's full suite of tech. Even if it did, it wouldn't use this level of paranoia, because it would probably violate several laws to prevent you so utterly from altering your device.

In the context of devices sold to be "tamper proof," there is no such legal consideration. Quite the opposite, most nations have laws that explicitly state trying to crack such a device leads to big time jail time. A "tamper proof" secure device doesn't belong to the end user.

So let's agree to disagree on the definition of secure in this context. Your definition is not the definition used by the people who will be buying the Intel Inside super spyphones and appliances.

Re: RE: being an infomercial

I've worked with Good's MDM. It's still just "using software to try to get other software to behave in a mostly useable fashion. It doesn't come close to "tamperproof;" it is still as vulnerable as the operating system, bootloader, etc underneath. This isn't a hardware + software solution, it's just a series of band-aids, one on top of the other trying to contain the bleeding. What's needed is to open the patient up and repair the artery itself.

This means – as I said in the article – security in silicon that works in conjunction with a well coded OS. Sealed storage, curtained memory, signed bootloaders/OSes/apps/patches, centrally monitored communications, secured heuristics (anti-malware in silicon/firmware) and remote bricking at a bare minimum. You just can't do that all in software. You need that security silicon to pull this stuff off.

This comments thread is full of folks saying "but you can just use MDM, or use an off-the-shelf OS!" Yes, you can. For corporate level security. For classified security – or to meet "tamper proof" requirements for critical appliances – this simply isn't good enough. The contents of your executive's e-mail might lose a corporation a few million dollars. Maybe it even knocks the share price down a few cents. It doesn't cost lives.

A malfunctioning or captured UAV, the contents of certain classified documents, minehunters or self-driving automobiles gone mad…these can most certainly cost lives.

Every other day I'm reading about some new "secure" industrial control system compromised. iOS and Android compromised before the units even hit general availability. The top of the top of browsers, operating systems, etc cracked within hours when there is real money on the line…

…and you want to tell me you are going to solve this problem entirely in software?

I'll cheerily call up Good and see if they feel they can do "tamper proof" entirely in software. Anyone else who feels they can too. I'll need to see it to believe it.

Re: politically damaging = classified

I don't know that this is true. Far more than "classified smartphones," the tech is useful for "smart appliances." Think of "smart radios" in an ambulance. Converging your GPS, communications, various flavours of application that require them to run a PC inside the vehicle today, etc. This is a perfect example of a situation where you need the power and flexibility of a "general purpose computer" (or a smartphone), but you absolutely don't need the end user loading apps, changing data, or sucking off patient records.

A centrally provisioned/verified/etc OS/application stack on a completely locked down device would be a good fit.

What about automated buoys for scientific research? Minehunting subs or landmine hunting automated ground vehicles? Autonomous cars are becoming "a thing," what if we start building automated snow plows, street sanders/sweepers or other such robots to pick up the drudge work. These should be run on general purpose PCs that are rootable, or on which we can reasonably easily change applications/move around data?

None of these applications are "science fiction" any more. I have seen the Google self-driving car with my own eyes, I have built UAVs with my own two hands. I have loaded software on to automated buoys and worked with a team to design automated landmine hunters.

Every one of these devices will need the same tech we would use to build a secure smartphone. Some – like the "smart radio" ambulanceputer – are designed for human interaction with the device. Others are automated. The point is that they are appliances. Appliances that need to do very complicated things which we still need "general purpose computers" for. Unlike a proper consumer-level general purpose computer, however, these appliances absolutely must be tamper-proof.

Today – and for the foreseeable future – that means Intel. For all those irked by this, call up AMD, your favourite ARM manufacturer, and anyone else good at putting things into silicon. Scream at them and get them put some competing products into the field. I think it's a terrible thing that what promises to be the next wave of computing – billions of devices with "tamper proof" requirements – looks set to be dominated by one company.

I don't want that. You don't want that. Probably even Intel doesn't want that. (The critical antitrust eye of ultimate scrutiny is not your friend.) Unfortunately, nobody except Intel has the right mix of stuff to pull it off. So yes, it does mean "Intel Inside" our automated and tamper-proof robotic overlords. For several product cycles worth of "kick the tires and working the bugs out" on behalf of Intel's competitors, at the bare minimum.

The reason it is so bad is that this doesn't just apply to the military death machine. The potential addressable market here is far, far bigger than that.