20 posts • joined Tuesday 24th July 2007 16:30 GMT
If the display had been a kind of e-ink, so that it was always visible and you changed it in that brief moment of power, then i could see that being very useful.
e.g. you could change the price labels on items without needing to print a new label, just wave your rfid programmer over them (with suitable auth to stop cheeky bargain hunters doing it themselves)
I like driving in my car
I'm sure i will not be alone in saying that the only real chance i get to listen to the radio is when i am in the car driving to/from work. I got a brand new large family car less than two years ago, fairly high model, electronic just about everything, and a DAB radio wasnt even listed as an option.
If you want to get the masses to listen to digital radio your going to have to convince the motor industry to fit a DAB radio into -every- car, not just top end, or as a several hundred quid upgrade, but in every car shipped right down to the cheapest billy basic models.
I can just imagine now, in the not so distant future, some not entirely honest vendor in a busy public place using a boosted antenna and subtracting a small fee from every person that passes. The amount deducted, say 50p, would be too small for many people to complain about or even notice, and wouldnt trip the transaction fee limits. now say it was something like a sporting venue, thousands of people could wander past, and that small fee would quickly add up to a tidy profit.
Mine is the coat with the faraday cage woven in.
more proof that patents hurt fair competition
On the one hand, you get the EU and others forcing microsoft to document its APIs and Protocols to allow interoperability, and then there is the various exclusions in bits of copyright law to allow reverse engineering for interoperability purposes. all these attempts to make fair competition happen.
then on the other hand, patents blow it all away, because even if you manage to implement your own version of one of them, they slap you down with a patent on it. so no matter which way around, any form of competition has to pay them.
as such patents like this clearly harm fair competition and innovation and should be abolished.
its a cunning plan
i think its all part of the grand cunning plan, we all know that what the government really want is just the database of everyones details, and in order to get those details they have to convince them to signup for this bogus id card scheme. now they cant get away with just issuing a boring piece of plastic because joe public has become more aware of forgery and id theft, so they have waved the magic wand of "but it has biometrics" and the public swallow the technobabble. they never intended to have card readers, as it wasnt crucial to what they want from id cards.
why would anyone pay MS for last decades tech
wow, where to begin with reasons why not to use microsofts attempt at inventing a 2d-barcode. Oh i know, lets start with that its tied to microsofts servers, and you can bet they will start charging for this just as soon as possible. not to mention the piles of existing, free to use systems that have existed for years, like QR Code (used extensively on japanese mobile phones, and now an ISO standard), or data matrix (seen on many parcels and envelopes and on product labels) to name but a few. all of which have higher data densities and a complete lack of vendor lock in.
Seeing as the thing has a keypad already, i would think it a good idea to use a challenge-response type system, where the website gives you a transaction number, you enter it and get a response back. one thats unique to you and that transaction. this removes the time element, ties it to a specific transaction (so a man in the middle couldnt use it against a different one) and also gives more even wear to the keypad. but then again i guess they dont trust the average user to be able to type more than a 4 digit pin accurately.
At least theyve got one thing right
Ignoring the arguments that an ID card is useless for its claimed purposes, and that biometrics are horribly inaccurate.
This is the right way to do it, and the way that the 'biometric' passports work. You check the person against the data on the card, and you check the card is authentic using run of the mill PKI. All the data on the card would be signed which can be checked against the published public key. no online database accessing required.
as long as someone doesnt break the crypto used for the signatures (e.g. find collisions for the hashes), or somehow obtain the private key, then you cant fake the data on the card as the signatures then wont match.
the problem the passport system seems to be facing at the moment is that the public keys for each country havent been suitably published, so in many cases other countries cant check the validity of the data.
Receiver pays means only one thing... SPAM
Shifting some of the burden of the cost of a call to the receiver, as in the broken american model, will lead inevitably to one thing, junk phone calls.
The difference in cost between calling a landline and calling a mobile is still a reasonably effective barrier to preventing cold calling and other irritating sales spam. Not only would this be highly irritating, it would be a double slap in the face that you end up having to foot the bill for them harrassing you.
I can also see terrible issues with PAYG users, "oh im running out of credit, can you call me back, no wait i cant afford that either" really helpful not, especially say if its a phone youve given to your kids so you can get hold of them easily.
I think the real reason they would love to do this is they can up the total cost of the calls without you noticing, and rake in the cash. as you never see the total cost of the call yourself its hard for you to see if its now costing more in total than it used to.
what kind of app CAN you write
The number of restrictions that come with this SDK are just ridiculous.
You cant even port an instant messenger app that would be worth using as your not allowed to have programs run in the background.
Same goes for pretty much any kind of voip application that could receive incoming calls, as you wouldn't want to have to leave that running in the foreground all the time.
so wtf ARE you allowed to write thats worth having on a phone ?
effort of cracking
Classic mifare cards have several data slots on them, each slot is protected by two encryption keys. one of the choices of mode for a slot is designed for ticketing/emoney applications and has one key that can do read/decrement, and the other key do read/write. so all your turnstiles would have the key to be able to read how much credit you have and deduct some, but only the charging stations would have the write key and be able to up your credit.
if people like oyster have used this standard method, and trusted that the cards are secure, then all it would take is to crack the write key theyve used and you could trivially alter any card or create new ones.
there are of course ways to be more cunning and secure about the whole thing if you use a little thought, but since when have large projects ever done that.
the patents the killer
whats the odds that somewhere in every useful protocol and api they have published there will be a patent. so we can fix up samba, and fine tune openoffice, but then nobody could use those products without having to pay microsoft a patent royalty tax. which is what they have been after for years.
if only it was that easy
UPnP is supposed to be standardised, shame that in reality it isnt, every router has its own little foibles and bugs, many just plain dont work at all, or work once then crash. its been hell trying to write code to work smoothly with as many routers as possible. oh and someone said that the port forwarding vanishes when the application does, wrong, the program would have to explicitly send delete rule commands to the router.
how thin can you go
This new thin client is so thin (cheap) that you can buy a standard desktop system with several times the grunt for less money. Such progress...
If 'thin' systems cost more like a one-laptop-per-child system (you dont even need to include the lcd, harddisk, and battery which are the expensive bits) then they would be a much more interesting toy.
how to do it
There are some potential benefits to having a secure id card, but those benefits are not given by central databases and biometrics and all the other (hugely expensive) crap the government keeps trying to say is needed.
What they really need to do is add a chip to existing forms of id, like driving license, and possibly create a stand alone id card for those with nothing suitable. the chip would contain an electronic version of your details.
To use it, put the card in a reader, just like a chip and pin card, type in your pin number, and the data is then available to the hospital/ job centre/ whatever to read, and their computers also verify the crypto signature on the card to know that the data isnt a forgery.
that way the authority can be happy its an authentic unforged card thus proving my identity, i know exactly who is getting a copy of my details because it needed my pin number, and the data they get is only what was already available via existing identity documents.
Its all in the ratio
One thing they always seem to forget when "improving" chocolates is the ratio of chocolate to filling. The wispa was far nicer than dairy milk bubbly because of the size of air bubbles. Spira is nicer than say a freddo, same chocolate, different thicknesses and air ratio. dairy milk caramel is not a patch on the old 'cadburys caramel' bars because the choclate to caramel ratio is all wrong. The same goes for many of the different size variants they now do for products like creme eggs, same ingredients, different ratios, so they taste wrong, but i shall stop there.
Why cant cadburys try hiring some taste testers than actually have a sense of taste, heck, i would even pay them to join a tasters club to try out the new stuff before they rolled it out.
Secure, Open, DRM choose any two
"...When the open source coders produce a reliable antipiracy DRM system for Linux, the content providers will allow the production of players like the BBC's iPlayer."
ah well, theres your problem you see. theres no such thing as a secure software DRM system, as the software has to include everything needed to decrypt the media in order to play it. Things like the microsoft solution depend upon security through obscurity to hide the relevant crypto details and to limit what can be done with the output. If you write an OSS version, you no longer have the obscurity as the source is openly available, so you also have no security, it would be trivial for someone else to read/edit/extended the source and build a version that gave them the unencrypted data in a format of their choice. game over.
The illusion of security that closed source DRM gives will only last as long as it takes until some bored windows hacker finds the part in the code needed to extract the keys or the decrypted data.
a potential use for DRM ?
If this had been a music track instead of personal details you just know that it would have been riddled with DRM which would mean that the raw data could not be got at, and it could only be used in the correct authorised programs etc etc.
I think the mistake was in letting it be possible to get hold of the data in an unencrypted form to begin with, obviously users cant be trusted with it despite company policies, the same way that the MAFIAA dont trust users with unencrypted media despite laws forbidding copying.
So why doesnt someone apply the same kind of principles to data files too, maybe openoffice could get ahead here by implimenting something like this. Have a way to mark a document/spreadsheet/db file, whatever, as 'must be encrypted' and enforce that once loaded it cant be saved, or cut and paste out of the application in an unencrypted way.
It doesnt have to be majorly secure, there will always be the 'analog hole' of screen scraping etc, but if all the basic operations are covered then the average idiot user (they must be idiots otherwise they wouldnt have needed this) wont end up with unencrypted data on a stealable device.
they have their place
as i see it there are three things that rfid could give you in the distribution business.
1. a longer serial number than a traditional barcode, so that each item can be uniquely numbered rather than just batch/type numbers. (think ean numbers on products, it tells you the product type, but theyre all the same one)
this can be addressed just by using more dense barcodes, like any number of the 2d barcodes that exist and are seeing increasing use by postal couriers.
2. storing data with the product itself. well the storage involved is pretty limited, typically a few kilobits of data. you could just keep slapping on extra barcode labels at each stage ;)
3. reading the data from a (short) distance and many at once. Now this you cant do with barcodes, and is a massive boon to the likes of airports. it could massively cut the time it takes to locate that one passengers bags from an entire aircraft full. especially when traditionally they had to not only physically see each bag, but locate its tag and orient it in order to read the name. medium range rfid tags could allow the elimination of entire packing crates full in seconds.
the other field where rfid is obviously a boon, is the places where smartcards were previously useful but not always practical, in say transport charging systems, door access systems etc. where the continual make/break of physical contacts leads to errors and damage.
- Xmas Round-up Ten top tech toys to interface with a techie’s Christmas stocking
- Xmas Round-up Ghosts of Christmas Past: Ten tech treats from yesteryear
- Review Hey Linux newbie: If you've never had a taste, try perfect Petra ... mmm, smells like Mint 16
- NSFW Oz couple get jiggy in pharmacy in 'banned' condom ad
- Analysis Microsoft's licence riddles give Linux and pals a free ride to virtual domination