I'm not sure where the the article summary got its notion about the costs. The article doesn't address that- instead it spoke to how much could be made selling the service. From the article:

Assuming a selling price of $2 per 1,000 solved captchas, our token harvesting attack could accrue $104 - $110 daily, per host (i.e., IP address). By leveraging proxy services and running multiple attacks in parallel, this amount could be significantly higher for a single machine.

I think the authors of the article were trying to communicate how much money they could make selling this 'service' to other unsavory agents. It could be a lucrative business given the assumed market rates of $2 per 1k, and the mentioned optimizations could make it even more attractive. It makes me wonder if you could set up the whole thing in a cloud computing environment like AWS and come out ahead.

I was curious about your comment, and I think I found the article you were referring to. It was a 7/19/15 NYT article ( http://www.nytimes.com/2015/07... )

Here is a direct quote from it regarding the efficacy of the Zappos holacracy:

"Pressed for instances of Holacracy’s achievements at Zappos, employees could offer only pedestrian examples. Mr. Hsieh had shut the bridge connecting the office to a parking garage, hoping staff would experience more serendipitous encounters if they all used the same entrance.

But that meant employees had to venture onto the seedy streets to get to and from their cars, leaving some, especially those working late shifts, feeling unsafe. So one employee proposed that the bridge be reopened, a motion that was accepted by the circle that controlled campus operations, essentially overriding the C.E.O.

Or as a Zappos spokesman described the process, using Holacratic terms: “An employee (unknown) brought it to the road block role with safety being the tension. The road block role then took it to the grease and disrupt circle where it went through the process and was eventually passed with no objections.”

I went straight to the Market to download the browser for my Android. Fired it up... now I'm stuck at "Request sent. Waiting for response..."

I suspect that every other T-Mobile Android user on Slashdot is doing the same, and the poor guy's SMS gateway is now a smoldering heap of slag.

Interestingly, the Market reported that the download count was "10+". Obviously, there's some latency there...

It's also explicitly noted in the app's Options:

Confirm HTTPS Requests (checked by default)

Prompt for confirmation before sending HTTPS requests (recommended as HTTPS requests sent through Smozzy are not secure)

So I guess you want to forget about any good parties you went to?

I've always heard that the best parties ARE the ones you can't quite remember clearly...

I think for my first Android software project I'm going to come up with a text message like program that uses your data plan. I could make a killing on something like that if it took off. Although I'll probably get my ass sued off by patent trolls so I may not bother.

Right after you build your time machine to go back in time 4 years before the 100+ other people already made apps that do just that for Android / iOS.

Yeah, but he'll still have a niche, in the 45 minutes between when his app hits the Market and when the process server brings the patent lawsuit papers.

Your point is well-constructed... but it also shows that you have a bias towards content over presentation.

The fact that it's all one long paragraph, is missing occasional letters, and may have small grammatical errors is absolutely irrelevant to the point that you are making. You used concrete examples and came to a logical conclusion.

But the rest of the world is biased toward presentation over content. It's sad, sure... but it's been that way since the Eternal September, and it's not going to change. In fact, the short-attention-span web is hurtling forward 140 characters at a time, thanks to look-a-birdy sites like Twitter and Facebook.

And in that web, you have to know what browser your visitor is using, so that you can give them the brain candy they want before they lose interest and look, a birdy.

The cell phone companies are way ahead of the curve on this one. They've been working on ways to screw us over for years now... and the more you know about making the sausage (from sites like HoFo), the more you know how bad you're getting it. Especially in the US.

Just a few days ago, I got a text message from T-Mobile saying, "Texas Recovery Fee now included on monthly bill." Oh for crying out loud. Does the grocery store charge me a "Municipal Services Recovery Fee" to get back the cost of their food service license? Even the tire store doesn't charge the "tire disposal fee" if I tell them to load 'em up in the back seat. I'd drop 'em in a minute if it weren't for two things: 1) Everyone else is just as bad or worse, and 2) T-Mo makes it easy and *cheaper* to stay *out* of a contract, which actually makes me *more* likely to stay.

A society where we try to eliminate 100% of the wrongness-- I mean honestly TRY-- is a horrible society. We have to accept some loss; at a level we must take some serious steps to curb that loss, but below that we have to accept it as a price of living in a pleasant, civilized society with something we like to call "freedom." Those of us who are upstanding citizens are essential to maintaining this "freedom," and even those of us that aren't but only occasionally lean across the ethical barriers we normally respect are keeping the system healthy by not building our house over on that side or making regular visits.

Agreed. That's why I'd rather "the authorities" focus on the actual bad guys, selling counterfeit merchandise, than on a bunch of college students who will some day want to get paid themselves.

In reply to the increasing number of posts that claim I'm a tool for linking "piracy" with "drug running" -- you haven't *been* to an inner-city flea market, have you? But I can see his point... the maf-IAA will make that linkage without the caveat, and extort a few thousand bucks from some suburban kid with a lot of bandwidth.

So... this prevents someone copying a BD disk with a VCR? Or a TV capture card?

I'm actually confused here. Do people actually copy digital media this way any more? What does this prevent?

The only experience I've had with actual "piracy" is from my kids' friends, who don't know or care about "digital rights" or their "management". I'm very picky -- I obtained every movie and .mp3 file I have legally, because as a content generator (computer programmer) I kinda like getting paid. My kids' friends... not so much.

There was one particularly memorable experience, when my daughter's friend brought over her DVD of the "Freaky Friday" remake... the weekend after it opened in theaters. Her mom got it at the local flea market.

It was an obvious bootleg, and darn near unwatchable (even if you liked the movie). It really did look like it was the result of a guy with a cheap digital camcorder set up in the back of a movie theater, with scratchy sound patched in. It wasn't HD quality... heck, it wasn't even VHS-on-the-car-dashboard quality. But the teens thought it was great.

That's the sort of "piracy" I'd like to see the maf-IAA focusing on, because it has actual consequences for real people. Those bootleg DVDs, their little brothers the bootleg CDs, their cousins the bootleg shoes, and their close friends the stolen goods, fund the same underground economy that supports drug running and other nasty social ills.

Applying strongarm tactics there would be good for society... but probably wouldn't generate as much profit as shaking down college kids.

So eight out of 10 browsers running the test failed it? That's not terribly surprising, since I have to install a plugin to run the test.

I don't know Qualys from Quantas, so I'm highly unlikely to install their plugin just to find out whether my browser has vulnerabilities. In fact, I'm not terribly likely to install any plugins at all (though I'm enjoying Ghostery immensely).

Now, let's assume for a moment that I'm the type to install any plugin that asks nicely and looks shiny. Gee, is it any surprise that Qualys' plugin isn't the first one I've accepted? And is it any surprise that I've got other issues?

This test suffers from a terrible self-selection bias. Those most likely to take the "test" are the ones most likely to fail it.

Sorry, please apply the following to the above:

s/John Murphy/Alex Murphy/g

Though to be fair, the Wikipedia article is unclear about what the middle initial "J" stands for...

As the user/owner of a non-self aware device, it should obey me, even if my intention is to use it to destroy itself, or others.

The problem is that this is the situation we already have. Our machines obey us, even if we have been socially engineered to instruct our machines to perform tasks that are malicious. A zombie PC damages itself, its owner, other machines, and their owners.

This application of the mythical "Three Laws" seems designed to protect us from ourselves.

Now, this is going to annoy the living crap out of me, and I will definitely want to find a way to disable the directives. Especially that Fourth Directive. Oh, sorry, I keep thinking of John Murphy's Prime Directives:

1. "Serve the public trust"
2. "Protect the innocent"
3. "Uphold the law"
4. (Classified)

Was that what it was? I would have sworn I first read about the remote-controlled dragonfly in a Hardy Boy's novel, in the '70s. But I was just a kid, so it could have easily been some other Boy Genius novel.

West Texas?! Childress is almost in Oklahoma...

Yeah... too bad I didn't have a GPS. [/rimshot]