How can you fail with that?
It's not a huge amount of money but I bet you could survive fairly well on it assuming you cooked in bulk and took advantage of discounted items (e.g. those close to sell-by).
3691 posts • joined 18 Jul 2007
It's not a huge amount of money but I bet you could survive fairly well on it assuming you cooked in bulk and took advantage of discounted items (e.g. those close to sell-by).
Chernobyl was perhaps the worst nuclear accident in the world with chronic levels of radioactive material. The wildlife is still thriving there. Probably because exposure to humans was more fatal to an animal's wellbeing than the background radiation levels.
Google haven't been that hostile to Cyanogenmod. They told Cyanogenmod to stop distributing their apps in the image but that's about it. So now the CM kernel is Google apps free and you have to install gapps via a bootloader after flashing a phone. Slightly inconvenient but not hugely so.
If Google really wanted to be hostile they could simply stop releasing Android source code, or dump it out as a monolithic tarball with no change history on a 6 month schedule.
Anyway CM wouldn't be the first company to take a hatful of money from Microsoft and find out that they've done a very foolish thing. In this case it's likely MS bunged them cash simply to sour relations between CM and Google and fragment the android market. Google may well retaliate in ways as such as I described and everyone will be the poorer for it. And I suspect that's Microsoft's goal all along.
Goodwill could easily go flying out the window if they are seen to be fragmenting the platform for the sake of a hatful of money.
"Pure prejudice from someone who has probably never actually set foot in a Walmart."
Straw man noted. I've set foot in plenty of them. And their fruit / veg / meat / "deli" sections are best described as perfunctory and small compared to the size of the food section.
"Although to be fair, that applies to pretty much any chain of supermarkets."
Visit a Walmart and say that! So much of what they sell is a snack, or a ready meal, or an "EZ" style meal (e.g. Rice-a-roni, Mac-n-cheese, Chef Boyardee etc.). Aisle upon aisle of it. No UK supermarket comes anywhere close. Nor most other US supermarkets for that matter.
Dear god, so many of the clientele are FAT. Slovenly blobs who can barely dress properly shuffling around with carts full of snackfoods in giant portion sizes. I think that's what Walmart appeals to - not price (since it's not really as cheap as some may think), but pure laziness. It pushes buttons in people who want to buy a gallon of milk, a giant pizza, a super wide toilet seat and a pair of stretch pants all in one shop.
If you're the sort of person who expects a supermarket to serve lots of fresh meat, veg, fruit, bread and other produce then you'll seriously depressed here. 80% of what it serves falls strictly into the junk food category.
"What about government MITM using the actual key, which they can co-opt? They can flood a web of trust and spoof any lighthouse sites, too."
With far greater difficulty. If I sign a key with one CA they just have to subvert that CA to spoof my cert. If my key is signed with multiple CAs, or with other sites then they have to subvert all those sites.
If they don't then my browser will complain the key looks different from the last time. Or it will complain that it looks different to the one on the lighthouse. Someone will notice.
It'd probably be best if the lighthouses were federated and there were many to choose from across geographic boundaries. Even an unsigned keys would benefit from fingerprint checks and it could offer a measure of protection from MITM attacks.
Nothing is perfect of course so it would be vital to go through every use case and attack angle - key creation, issuance, expiration, fingerprinting, signing, verification, revocation etc.
And that's the thing. It shouldn't cost money, or time, or production of government papers to create a site cert.
I don't need to do any of those things to create a PGP key. I just create a key. If I want people to trust my key I can have it signed by other people with whom I have some kind of relationship. I could even pay a CA to sign my key if I wanted.
I think the web needs something similar. Even an unsigned key is still better than plain text if it's presented as such.
At least not in its current form where a key is either signed by a CA which the browser trusts or it isn't. Because we all know how limited a CA's trust is to begin with. It also means security is held to ransom by CAs who impose onerous, usually financial penalties on sites that want security.
At the very least a site should be able to roll a self signed cert without scary popups. It might not stop MITM but it's still better than plain text even if the browser shows the site with an amber warning. Secondly a site cert should be able to be signed by multiple signatories which could be CAs, or other organisations or individuals that have a relationship with the site. Build a web of trust in other words. Thirdly, the browser should cache the key fingerprint and throw danger warnings if the fingerprint or the signatories change. Fourthly, the browser should compare fingerprints to lighthouse sites to see if the client's key is the same as other samples gathered from the site and throw danger warnings.
All of these measures would make security far better than it is right now. At the moment, CA signing is just a tax on security.
Perhaps but what does it say of the maps I downloaded a few days before arriving here?
I'm on holiday in Lanzarote at the moment and while it works pretty well, some of its directions are frankly extremely dodgy. Yesterday it told me to turn the wrong way up a one way street, flagged a restaurant I searched for as being in the ocean, kept saying "turn right and then right" instead of "turn right" and chose some very dodgy routes up mountains when straighter main roads were available. It also pronounced all the places with an English accent - Arrecife became arse-e-ife.
Another time when I was in the US it got stuck in a loop - it told me to do a U turn, which I did and then it told me to do another U-turn. I had to drive off a bit to get any sense back into it.
That said, it's free and it has offline support so it's still a very valuable app to have on a phone. The Android version also has a far better UI than the Windows Phone version though it still has some annoyances.
"...streaming. If people having better broadband is a problem now, a solution in which quality of broadband is the only relevant factor really isn't going to help. "
Maybe read what I said in the first comment eh?
"Nonsense. Connection latency is a problem in keeping clients and servers properly synchronised to each other so everyone sees the same things happening at the same time. The price of your PC is utterly irrelevant to that."
I didn't say "connection latency". I said latency. Latency is lots of things.
"Fuck everyone else in the game. If I can afford a better PC that can display better graphics and higher framerates, why should I be punished just because other people can't? "
Yeah, that's the ticket - the person who spends the most should have the advantage right? Screw all those other people expecting to play a game on a fair and level playing field. With that attitude maybe EA should sell aimbots for $1000.
Frankly you're the reason multiplayer sucks right now.
"And why when you have a ps4 do you want to stream it and add latency and use controls not designed for the game (GAIKAI)"
Latency is already a fact of life for multiplayer and that's why things can suck for someone caught on a bad connection or who didn't spend a fortune on a top end PC.
So saying "because latency" misses the point that it's already a problem. Yes, streaming introduces its own latencies but it removes them in other areas. It's also transparently obvious to anyone watching the scene that it's not just Sony who have an eye on streaming. Steam do too, first "in-home" although it's not hard to see that expanding to out of home as well.
"Everyone can have an equally poor experience..."
Not necessarily at all.
"Game will never get moded so everything will be like them dead games - titanfall & evolve as opposed to the moddable CS:S and L4D".
That doesn't counter my points at all. And nor was I arguing that streaming was better than local play in all aspects, just in particular ones.
There's nothing more frustrating than to play a game and be constantly picked off by someone not because of skill on their part but simply because they've got better broadband or a PC which lets them get a higher frame rate.
A relatively thin client software could ensure that everyone in the game gets the same graphics, the same framerates and has similar latencies.
And of course it stops cheats.
Make sure to do it on a blustery or rainy day.
... assuming the key is long as the message and random. That's how a one time pad operates.
The problem of course is you still have to store the key somewhere to read the message out again (e.g. between an embassy and its country) and so otp only works in certain scenarios. In a phone it doesn't help at all.
Anyway, this app sounds like snakeoil. It's amazing it's so incompetent - I'm sure that every single phone OS is capable of providing hardware assisted crypto with very little effort at all.
Assuming people get their apps from the Play store then they're likely fairly safe. Malware doesn't rise to the top of charts so the rate of infection is self limiting. Even if some people come across "sexy girl screensaver" and click through the permissions, they will be a tiny minority.
On top of that Google have monitoring which occurs client and server side. I wouldn't be surprised if they have a few canaries in their client side software which detects phones which are rooted or checksums changing and can correlate that to malware. They also have the ability to remove apps from the store and remote kill apps.
It's probably the dodgy sites where the most risk lies. Doubtless many of the free APKs on these sites are actually malware, particularly where the app is something that costs money on the Play store.
"You are incorrect. Invalid SSL certificates (irrespective of the reason that they are invalid, such as expiration) can and do facilitate seamless MITM attacks, and leaving them expired is suicidally stupid."
Don't be silly. The cert is still signed, it's just expired. The risk is the astronomically small chance that someone might have used the extra few days to crack the key in some manner to impersonate it and the much larger risk that someone reporting a crime might be detered by a scary dialog box in the browser..
Certificate expiration and CA signing is simply a protection racket. If the Met had created their own cert with an expiration 30 years from now and had it signed by government departments, Scotland Yard, and various other courts, police forces etc. it would have been a far more trustworthy token of the site's authenticity. But they can't do that because CA based SSL certs are broken by design for the enrichment of the companies that issue them.
And here we see a real world potential consequence of that racket.
An expired cert means exactly that - an expired cert. While it's certainly a mistake to have allowed it to happen, it doesn't make a site any less or more secure than it was before. The cert is the same, it's just expired and that throws up a warning in a browser that says something to that effect.
The danger is not that some hackers will replace the real site without anyone noticing but that the extra warning that people have to confirm and click through might deter someone from reporting a crime.
So in that sense it's bad. Because the cops forgot to pay their "security tax" on time, real crime might go unreported. It also demonstrates why CA signing and short cert expiration is such a bad idea to begin with. Buying a new cert doesn't make the site more secure - it just makes the scary popup go away.
The software isn't illegal (there are plenty of taxi hailing apps). It's the person who arrives to pick you up who is acting illegally.
High resolution in laptops is vastly overrated. The higher DPI is something that most desktop software hasn't been written to cope with so the OS upscales the windows. Upscaling usually makes the window look blurry too. Some apps that do claim to be high DPI aware still suffer from fiddly little buttons or other issues. So the OS and GPU is doing more work and consuming more memory without substantially improving the experience.
It probably explains why more laptops haven't bothered, although it'd be nice if they offered at least 1920x1080 displays for 14" and 15" models.
"...and because—equally utterly pointlesy every phone nowadays seemingly must have a lovely smashable glass back as well as a smashable glass front—so the case I have to put on it has something to grip onto."
All the glass / metal is just for show and has zero functional benefit. In some cases it can affect the function - glass has less grip / friction to grip a surface so it adds risk of the phone falling and external metal can interfere with radio signal and must be shielded.
It's doubly pointless because the first thing most people do with their phone is shove it into some ugly cover / bumper anyway. It's just an excuse to jack up the price of the device and command a hefty premium.
The pics make it look like a really good solution. I could see it being popular for a range of uses, not just emergency sheltering - anywhere you'd want a semi permanent building put up to house people or stuff. I wonder how it stands up to wind, rain and the cold though.
"Nothing to do with the writers of Actionscript and Typescript being in the standards group for ECMA???"
So you mean this was all a conspiracy and a mere 12 years later they sprung the steel trap shut?
More likely it was to do with the general craptitude of JS in browsers at the time and concerns about implementing a new radical version of it while still supporting older versions.
Google spooked devs as soon as they started talking of separate runtimes and integration into Chrome. I'm sure many developers had flashbacks to the days of VBScript where Microsoft tried to fragment the web by shoving their own scripting language in their own browser.
Ironically Microsoft seems to be the winner this time around with Typescript. Typescript is a compiler that outputs JS but adds keywords for classes, static typing and modules. So it's familiar to JS (and Actionscript) devs while still adding useful functionality.
I don't rate JS or TS much as a language (binding and scope rules are a minefield) but sometimes pragmatism trumps idealism. TS has mature tools, thousands of definition files for calling popular JS libraries and has become a mainstay in many projects.
In this order:
1) The site doesn't post to international addresses, even in the EU
2) Or if it does, the cost of P&P is silly expensive
3) Or the address details doesn't let you enter a foreign address
4) Or there is a problem processing the payment.
Ironically for small items it's often easier to order stuff from Hong Kong than it is from somewhere else in the EU.
Herbalife is an MLM that sells supplements. It means members have set up thousands of virtually identical sites selling essentially the same horribly overpriced products, and frequently shill these wares and suppress criticism of them. I would not be surprised ifthem probably take it up a notch and spam too.
Herbalife isn't exactly an innocent in all this. It has a long history of legal brushes with the law and comparisons to pyramid schemes. The difference being how much money a person makes from selling product to actual end customers as opposed to how much they make from recruiting their own downline (and cajoling them to buy their own product).
There are a number of MLMs (barely legal pyramid schemes) and food supplement spammers who peddle crap like African mango, mangosteen, acai berries, raspberry ketone, green coffee etc.
They have no qualms about lying about the efficacy of this stuff (zero), or it its health benefits (zero) because there is a rich seam of gullible and desperate people who'll buy it at vastly inflated prices. It's rich pickings. Some people really do think that eating a few pills of dust cancels out cakes and biscuits.
It doesn't help that the US food and drug administration is emasculated - supplements have to be proven to cause harm, rather than proven to do good which means snake oil and quackery rules the day. As long as producers don't claim their products cure cancer or some other tangible illness they can slather all kinds of vague beneficial claims over their products and website and they don't have prove any of them.
The most depressing part about all of the above is that even "trusted" retailers like Walgreens, Amazon, Walmart, CVS are in on the act and peddle this shit and even own brand versions. Visiting a US pharmacy is thoroughly depressing.
"limit sign was on the motorway, slip-road, or adjacent road so kept on reminding me that I should be doing 30 on the motorway."
And this of course will be one of a multitude of problems that self drive cars would face too - green light says go, oops wrong green light, crunch. Or the graffiti / shaded / unlit / part covered signed means car thinks it's still 70MPH instead of 50MPH oops speeding ticket.
It would probably be better if the car had a satnav or wireless link which inferred the speed limit from the prevailing traffic flow and then used the distance between the car in front and behind to adjust that to the local conditions.
I can see massive potential for a Windows 10 phone running an Intel chipset. If Microsoft is telling the truth and unifying their product lines then its entirely possible that a phone could become a full desktop if you dock it. That's an awesome concept. They're really not far off already with Windows 8.1 which runs on cheap tablets so it's basically the phone stack and the ability to switch modes that's missing.
But if it's just ARM then it suffers the same problem as RT - lack of apps, a useless desktop and little reason for choosing it over another phone OS. Windows Phone isn't bad, but a handset running ARM will still be left out compared to handsets running Intel so it will still end up being sidelined.
They just have to abide by the laws and standards that all their competition must follow. It doesn't stop them from making money.
Fuel cell rechargers have existed for a long time and I'm sure they're plastered with patents.
"That's a bold claim."
No it isn't.
"It's far more likely to do it reliably and regularly than a human. It will take statistically proven decisions, and it will do that from a much broader array of sensing inputs than a human could."
The problem is that the things you encounter during a drive are far from regular.
"I struggle with seeing how people who work in computing could see this as unsolvable. "
It's called experience. See aforementioned voice recognition. Or OCR. Or AI. Or robotics. All began with lofty claims and then it turns out turning the analog world into something a computer understands turns out to be damned hard.
"It's simply an engineering problem - the right inputs processed at the right time, matched against a statistically driven decision tree. How is any of that impossible?"
Not one problem, an infinite set of problems, many of which are intractible.
Here's some trivial problems your hypothetical self drive car would encounter:
- The lights are out at the crossroads ahead. Does your car know how to negotiate the crossroads in a safe way which gives gives priority to other drivers according to the time they arrived and prevailing traffic? Can it establish basic signals to other drivers to indicate intent. Or does it just nudge out like an asshole and hope for the best? Or does it annoy the driver by giving up? How does it know to give up? Naturally it would have to do the right thing however many lanes, rights of way, trucks, buses, bicycles, motorbikes and cars (self drive and otherwise) there were.
- A man is standing in the road by the traffic lights. A police man. How does your car know to obey his signals instead of the traffic lights?
- A man is standing in the road by the traffic lights directing traffic. This man is a loony. How does your car know NOT to obey his signals instead of the lights?
- A big truck ahead is stopped and a guy hops out to halt traffic each way so the truck can reverse into some entrance. How far away does your car stop from this? How does it know not to try and overtake this obstacle?
- Your car encounters a stationary bus in your lane. Is the bus broken down? Is the bus stopped at a bus stop or stopped at lights? If it's stopped at a bus stop how long is it likely to be there picking up passengers? When if ever is it safe to pull into the oncoming lane to overtake this obstacle?
- The road has a big pot hole in it. Can your car see this? Can it see it when it's filled with water? Or does it just smash straight through it?
- A road is closed and there is a diversion in place. Does your car follow the signs or just keep driving until it falls into a hole the council just dug?
- You're going up a country lane. 50m ahead you see an oncoming car. Does your car know it has to pull into the verge NOW because there is no verge ahead?
- Your car goes into place with terrible radio coverage, or no GPS like a tunnel, underground carpark or simply a built up area. What does it do? Dead reckoning? Revert to the driver? What?
I could go on but the point is there are too many variables, particularly in urban / country environments for it possibly to do the right thing all of the time. If it's constantly nagging the driver to intervene because it doesn't know what to do then it will become annoying and useless. I expect that even when it does appear in closed loop environments that there will still be some guy in a booth there to remotely extricate the car if it gets confused or confounded by something.
Self drive is not a problem solved. There are so many variables that can occur during a normal journey (particularly in urban environments) that a self drive car cannot possibly arrive at the correct solution every time.
It'll end up like voice recognition. Even if it gets things right 90% of the time, that remaining 10% will be so annoying that people will turn it off or only use it in places where it works well. It's trivial to envisage situations where self drive would utterly screw things up or do something annoying for the driver, other road users or pedestrians.
"Like we are going to open up our ATM communications to the cloud."
ATMs basically operate in the cloud already - you ask for money, the ATM asks the central bank computer to authorise the transaction and you get your money. The ATM is a sophisticated but basically dumb front end to the bank already.
Of course the bank owns that cloud so that's where the issue lies here. Banks aren't in a million years let their data be stored on someone else's machine unless it satisifies a million and one regulatory and security issues.
Okay, getting kids to program is a good thing. But kids will need a computer to program this board, so why not let them program on the computer and forget about the board altogether? There are some pretty good sites for doing this already - scratch, codeproject etc. Even the BBC has some decent browser based programming apps.
Thanks for the thumbs down - pulling me towards Pi instead of away
From my profile - "In total, your posts have been upvoted 8716 times and downvoted 2742 times."
Sadly I'm still a little out but I'm trying to get closer by employing irrational and circular logic.
Lots of apps bundle their own JRE which is basically just a few folders including the version of Java they need. Minecraft used to not bother doing this and now they do. It probably solves some QA / administration headaches to have people using the same tried and tested version of Java powering the experience.
"Which OS is that, then?"
Any OS which was built around the most robust operating system kernel ever.
"Then make one. I'm sure you could detect a button push and trigger shutdown."
So I can't comment on a shortcoming in a device that prevents it functioning well in a certain role unless I produce a workaround that solves my personal need but doesn't do anything for anyone else?
Why not just accept it'd be nicer if it had a soft power button built into it.
The Pi could do with a proper soft power button to be properly useful as a media centre. At present you have to shut the OS down and pull the plug or turn the power off. A soft power could do the shutdown automatically and put it in a low power state.
The new Pi is likely fast and useful enough in other regards to power a UI and video playback.
I had an awesome Casio watch at school - clock, date / time, alarm clock, stop watch, timer AND calculator. And a battery which lasted years. This was over 3 decades ago.
Anyway, Casio have a G-shock watch which probably qualifies as the only smart watch to be worth a damn at this time. It has low power bluetooth and an app for phones that can make it vibrate and display a text message and other than that it's just a fancy LCD watch. So the battery lasts ages.
It's shiny. It says Apple. It's a prestige object. I'm sure the general public will weigh up the practical benefits of owning such a smart watch (few) and the disadvantages (many) and buy it anyway.
"Here use our platform. This is for completely altruistic reasons and certainly not so we can shut out the competition and skim our cut from the top of every fare."
I used to drive a Nissan Almera which had a central dash with buttons numbered 1 to 6. Two buttons either side set the mode for what they did. If you were in radio mode they changed the radio station. If you were in air conditioning mode they controlled the fan speed. This meant at any given time there was a 50% chance they were in the wrong mode and it screwed up the action. Such a stupid system may have saved Nissan £1 for a couple of extra buttons and caused untold confusion and frustration for me.
IMO every basic function in the cabin space should be controlled with a button, dial or switch which are grouped sensibly with the most important functions closest to the driver's line of sight. If there is a computer / tablet interface, save it for the extraneous stuff. And make damned sure that it is predictable and navigable with only the briefest of glances.
I remember the first few versions which were lean and mean little clients for downloading. Then I used an update and it was laden down with crapware in the installer and ads in the client. Yeah they've got to make money but there is a line between making money and being obnoxious.
Anyway there are free and open source clients for this sort of thing - deluge is quite good although the GTK widgets look a bit weird on WIndows.
Yes there are problems but look at how it is now.
If I run a site and want secure communication I have to apply for and usually pay some nonentity to issue me with a "signed" cert. Not just once but every year. I don't gain anything from this process and neither do my visitors. It's just a tax on security to make a scary popup go away and to deter casual evil doers.
I should be able to roll my own cert. I could register the fingerprint with a lighthouse site if I wanted some protection from MITM attacks. Or I could get other sites to sign my key. e.g. maybe Amazon offers a key signing service for affiliates. Or I might know some other site owners and have a key signing party. Or I could pay a CA. Or all of those things according to my needs.
The more signatories the better of course but even none is protection from eavesdroppers.