I wonder if the hardware based security can be used in addition to splitting the passphrase that mounts /data into the long phrase that unlocks the device, and the short PIN to unlock the screen. This way, even though there is protection against brute forcing similar to what Apple has, I am still packing my own parachute with a very long passphrase.

There is also the fact that the crystal on a watch has different properties as the glass on a phone or tablet. A watch crystal needs to be a lot harder to resist scratches, while a larger display needs to be more resilient to deter shattering.

If GT does a good job on the Apple Watch, they will have a permanent niche in the market.

It really depends on the school. A lot of schools teach nothing else but the three Cs (confirm, comply, consume), and the really bright kids are pretty much threatened by the Handicapper Generals with juvenile detention if they don't toe the line and don't show that they are better than the average students.

Take computers for instance. If a kid in the US shows "mad skillz", they will get hauled off by the local school PD. Same kid in China, Russia, or another BRIC country will likely have a career ahead of them. This is why you don't see the tinkering/hacking (hacking as in creating) mentality in the US as much as it once was, a decade or two ago... it just gets stomped out early on.

There is also the fact that cartoons were not obviously just advertisements for products. Yes, there was merchandising... but a Bugs Bunny cartoon stood alone... it wasn't something made to sell a Bugs doll or an Elmer-Fudd styled blunderbuss.

There is also the quality difference. The 1950s backdrops that were painted by hand versus crap where the characters barely move when dialog happens. It is nice to see a mouth move, not a square or triangle flash when a character makes dialog. Mainstream animation is junk for the most part.

The sad thing, there are still quality artists out there. You just don't see their animation work on TV because their work isn't selling something or is part of a merchandising campaign to get kids whining to their parents for yet another made-in-China toy that ends up tossed in the trash in less than a few months.

Here is the problem rearing up with two nasty heads:

The first is that security has no ROI, and has a relatively trivial financial cost. A major breach happens, a company feeds a PR firm some cash, says they boosted security [1], they toss all affected a year's subscription to some monitoring service, and that is that. Come a lawsuit, there isn't much to sue because they can easily throw their hands up and say that the hackers would get through anything.

Which brings up the second point. In the 1990s, a rogue Internet site could be pulled from the net. Now, doing that is tantamount to an act of war, similar to blockading a port with a naval force. So, no matter what, there is no shutting down blackhats. IP blocks can be worthless since it just takes a compromised computer to bypass them. So, eventually the bad guys will find a way in.

Want an actual solution to the hacking problem? Banks need to create a separate network that uses dedicated physical links that is not connected to the Internet, and if it is, it is connected via application firewalls. Machines are keyed to only be able to connect with other boxes in a pre-arranged manner. If box "A" wants to connect to box "B", it needs to be registered beforehand, or the central switch fabric will deny it. Built into the fabric would be the ability for the central switching fabric to completely lock a box out at the L1 level, so a DoS is stopped.

Yes, this sounds Draconian, and puts power into a central place... but this isn't the Internet we are looking at, but a private network between banks, banks and credit card processors, and other entities. With this in mind, the actual machine NICs could be made with tamper-resistant chipsets, public keys, and authorization can be done via a PKI system.

Higher layers could be controlled by the individual institutions, so that even though L1/L2 traffic is handled by a central authority, application permissions can be controlled on a per machine basis with whitelists. That way, if the central authority is compromised, machines are still secured. Spoofing is protected, since public key fingerprints would be used as a part of a box's IP and stored on a HSM on the interface.

This is nowhere near 100%, but what it means is that there is not just an open network for someone to go after a site. To access a bank, it would require a compromise of an extremely hardened CA and a L1 ISP (both the keys authorizing machines to communicate and the actual WAN switching fabric, which could be kept completely separate from each other.) If a breach happens, it can be fixed fairly rapidly, and a site failing to address it would be disconnected from the WAN.

In general, not a 100% secure solution, but this gives three benefits. The network is separate, so for any mischief to occour, it require compromise of the core fabric. Then, individual hosts will have to be attacked, and with contract stipulations mandating a high level of security, this would be difficult. Finally, sites that are too lazy to keep current with security advisories would have their access pulled as part of being on this network.

This is pretty much done with NIPRNet and SIPRNet, so why not a similar WAN mechanism for businesses and finance.

[1]: The security "boost" could be another checkbox ticked off in a GPO object applied to the ass end of the company, so that passwords are needed to be changed every 60 days instead of every 90. Yep, a security boost.

I have a shed on a friend's property which has a number of LED lights on it which are glowing quite well, and it is definitely night.

What is desperately needed is a form of energy storage technology. We get within an order of magnitude of energy by volume of gasoline for energy density, and transportation will be fundamentally changed. Even basic power grid design would be changed by such a discovery.

There is also the cost of burning coal and oil that isn't seen. Climate change is controversial, but it is pretty obvious that it is happening, and really bad stuff is going to happen unless we stop putting CO2 in the atmosphere at the rate that it is going in.

Coal and oil should be the last thing looked at for anything other than a stopgap measure. Short term, maybe, but medium term really belongs to nuclear (thorium reactors or later gen reactors), med-long term belongs to high capacity batteries and solar, and of course, fusion from there on out.

That is exactly where electric motors shine. When a vehicle is stopped, an electric motor requires zero energy to function except for cab climate control and computer devices. If one drives a hybrid or EV, stop and go traffic sucks a lot less with one of those than a gas or diesel engine which is chugging away at idle burning fuel. (Yes, one can start/stop the engine, but that may be more trouble than its worth, especially if it is very hot or cold outside.)

It only will get better. Once we get battery technology within 1/10 of energy by volume as gasoline, the Otto engine is history.

Part of it is that the soul of innovation has been beaten out of people here in the US in the past decade or so. The seeds of this were sewn back in the 1990s with Operation Sun Devil which drove the hacking community underground, and long term, caused it to move to Europe and Russia. Even now, if a kid shows hacking experience, in other countries, it would be encouraged. In the US, they would be tossed in jail until age 21 because most public schools are more interested in "teaching" the three "C"s here (conform, comply, consume) than trying to bring out talents in their students that would be useful later on.

I just confirmed that. Here in the US, EMV cards can be used without a PIN. So, all it will take is an unscrupulous person to run the card in two EMV readers, the legit transaction, then another for another charge, and the customer wouldn't know until it hits the monthly statement.

I hope that if a PIN is set, an EMV transaction does not move foward, period... but we already have PINless debit transactions, so I wouldn't be surprised to see such a basic security upgrade like EMV gutted.

Russia, China, Middle East, etc. Unlike the Internet when there was a threat of having the upstream pull the connection, so there was incentive of minding the store when it came to attacks, there is none now. In fact, some countries encourage it, since they dislike the West and view any place there as open season.

Realistically, the only solution is to do like the US Government with SIPRNet and NIPRNet, and have dedicated wires (not VPNs or stuff running over existing Internet connections) for a financial network that is completely disconnected from the Internet.

Perhaps a protocol can be designed from layer 1 up with public/private key encryption in the NIC hardware (preferably in a tamper-resistant case) so that a machine that is not expressly added to the core fabric is completely ignored. Since this network is not public, it can be designed from the ground up to be secure, with a strict central party being the gatekeeper of which machines can and cannot communicate with each other. With this in mind, plus the fact that the central authority has the ability to pull access if a member of machine gets compromised, it would boost security tremendously. Not 100%, as there will always be ways to bridge things, even air gaps, but will be far better than just having it accessible to the Internet if the internal firewalls get turned off.

This is "all eggs in one basket" syndrome, and it is only going to get worse as more people move to the cloud, LEOs of various countries (the example of countries demanding access to Blackberry's BIS servers comes to mind) getting their backdoors (and thus a database of keys to them), and more data in general is stashed in one place.

To boot, there is no real financial gain by companies in general to actually bother with more than token security. They lose nothing by a major compromise, as they will have zero consequences if someone's personal info or medical records get compromised. Same with cloud data. There are no laws securing it. Even in the financial sector, Visa will just do a light hand slap if PCI-DSS3 is completely ignored on all but the smallest merchants. HIPAA is lightly enforced in the medical sector, if that. FERPA as well.

In the past, banks had to worry about regulators and the threat of more laws if they didn't run a tight ship. Now, there is no incentive either way, be it a carrot for being secure, nor a stick for not taking basic security precautions. Bank customers may complain, but most of the clients would have to change too much stuff to move to another financial institution, so they won't have that many people stop doing business overall, especially if there is some vague promise of "we will do better next time".

I can see two ways PV can grow.

The first is when space is precious and every single watt is needed. This can be urban areas, applications in space, even things like a weather monitor in an extremely remote area. Here, it matters less of currency per watt than watts obtained.

The second is where currency per watt matters, and there are large surfaces that can be covered, be it a rooftop solar array, a tent, windows, and other surfaces where a couple watts here and there lost isn't critical. There are a lot of surfaces that can be used for solar so just getting any amount of energy coming in is important.

There is room for improvement, especially with charge controllers. Charge controllers are more for off-grid, but there is still room for improvement. Cheaper MPPT [1] charge controllers would be useful, as well as ones that are better equipped for higher voltages (so thinner gauge wires can be used or more panels stacked up in series.) Controllers able to handle higher amperages don't hurt either, since we are getting to the point where it doesn't take many solar panels to hit amp limits on a lot of controllers.

[1]: maximum point power tracking... they take a higher voltage, and change it to a voltage/amperage best for the batteries, as opposed to a PWM charger which doesn't use any energy above the voltage level it chooses for the batteries. With a PWM charger, a 100 watt solar panel putting out 24 volts will only function as a 50 watt panel (assuming the controller is using 12.0 volts just for example's sake), while a MPPT charger will step down the voltage and step up the incoming amperage.

Even with current advances, there are still a bunch of links with the solar chain. For example, micro-inverters are one innovation which minimize the effect of shade on a panel (where just shading one cell causes the whole panel's incoming energy to drop by half or more.)

Once solar roof shingles become inexpensive and standardized to the point where replacing those is as easy as conventional shingles, this will dramatically increase energy gain. Similar with solar window tint on south (or north depending on what hemisphere one is in) facing buildings.

Of course, is always a use for installs that can be used in an on-grid manner (inverters feeding the grid), off-grid (batteries charged), and being able to transition between the two states. The advantage of having a set of batteries always charged up and ready means that a circuit or two would have UPS-like power protection, and a low-draw circuit could be completely kept on the batteries.