Never used eBay have you?

The apple accounts can be disabled. That still falls well within their control.

1 billion combinations is hard to brute force these days?

I'm a bit confused here or maybe I missed it in your links, I saw no reference to windows or a large cluster / data analysis on windows.

I too am curious, I figure just out of sheer numbers there must be at least one outlier.

I guess as a supporting argument to your second point (seeing as the case brought up was the state of affairs in the business world), allot of businesses have gone to some sort of CRM almost all of which have a business intelligence module.

Heck, I was recently asked by someone if they should learn "advanced" Excel. I asked them what they wanted to use it for and the response was analysis of sales records, I spent about 10 minutes firing up Access instead and showing them some simple select queries (apparently I blew their mind when they saw what GROUP BY could do). They knew enough excel already to import their Access reports to the appropriate points on the spreadsheet but that was far from "advanced" excel.

IMHO, Excel is a good presentation tool which has some data processing / simple analysis tools (don't NEED to fire up an external too to do a sum on a column) but really shouldn't be used for heavy data analysis. Reason I care about this is now when this employee has really big data to analyze (Its just a matter of time) we can load the data up on one of the servers and point a ODBC connection over to that database instead of Access. If the solution was purely Excel, I've been told by my manager "You should have tried to be more helpful" after telling (a different) employee "I really can't help you, that amount of data won't fit in Excel" (this was pre-2007, but it won't be long before 1 million rows starts becoming a limiting factor).

IMHO, for last mile and some access layer backhaul I think wireless will win out, core backhaul will remain wired.

My reasons:
- Once wireless's speeds become "good enough", the focus will be more on reliability and security.
- Given that its now near impossible to knock a RC plane out of the sky with interference unless you blanket the entire 2.4 band (while not impossible, still somewhat difficult to do over a wide area, plus tracking down such a large transmission source would be extremely easy and consume allot of power, only really possible for a government).

It will take some time to reach this point so I guess these are medium to long term predictions.

Books I understand, the people who bought iDevices paid a premium fully knowing cheaper "viable" alternatives existed. I don't follow why they should get anything back, those were fully informed decisions.

P.S. I prefer android personally.

I think you are arguing something different to GP, you are arguing that the transistor count specified by Moore's Law is increasing, GP is arguing that it doesn't matter as much of today's software is single threaded and hence single threaded performance dominates most PC performance today.

If it didn't then OpenCL / CUDA (heck everyone would be going nuts over a 6 or 8-core and dumping their quad cores, most seem happy with dual-cores) should have blown everyone's mind (It does for some people but most of those are in specialized fields), most software isn't even multi-threaded so sure there may be more transistors but for 90%+ of the tasks a normal computer performs only a fraction are in use at a particular time.

Until you know everything that is going to go into it and more importantly the usage patterns that are common, you can't determine energy consumption.

Until you know the realistic energy consumption you can't determine what size battery to put into it to give a runtime of at least X hours.

Can I get your SSN, bank account numbers and e-mail passwords?

Hmm, this person is hiding these details from me, he must be doing something wrong...

Just so I understand your point, which person is being identified by the wifi cafe's public ip address? Assuming the ISP keeps those type of logs, which person is being identified by the public address given by your ISP?

"Personally Identifiable Information (PII), as used in information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context" - This is the definition from wikipedia, if you are happy with this definition then all of the above case are quite valid as they fail to identify a single person.

I am aware that the wikipedia page points to a NIST document that identifies ip addresses as PII but a read of the actual NIST document shows the circumstances under which such an conclusion is reached (example 2 on page 22). It revolves around having the equivalent of a domain access system (or at the very least 802.1x) which keeps track of all ips and which users were logged into them at the times which allow ip data to be co-related (typical of an enterprise network). Both NAT and an unlogged DHCP server break those assumptions (even if the DHCP server is logged the mac can still be spoofed, something not easily doable in an enterprise environment).

Google is the only company that violates your privacy?

A bit late for that IMHO...

I can't find the article now but didn't either one of these PVR services or a music storage service get in trouble over de-dup?

If memory serves, the court ruled that because it was reading exactly the same locations & sequence of bytes for all the users with the same file it equated to a public performance.

Yes, its called Reverse path forwarding http://en.wikipedia.org/wiki/Reverse_path_forwarding for this specific case you would want the unicast version (uRPF).

The concept boils down to a simple question,

"I just got a packet from A.B.C.D on interface ethX, if I had to send a packet to A.B.C.D would I use ethX?"

If the answer is yes, then the packet goes along its merry way. If the answer is no, then the packet is most likely spoofed and is dropped.

The performance impact is negligible as such lookups for the destination are already fully optimized by ASICs (hence a cisco 7600 with a measly 300Mhz processor can still route gigabit at wire speed), multi-path is a non-issue (assuming a non-brain dead implementation) as if multiple paths exist the answer to the question would still be yes as long as it came from one of the valid paths.

There might be valid reasons for asymmetric traffic which may prevent this from being universally deployed (say some satellite providers which only send download via satellite and upload is over something else) but for the vast majority of ISPs its safe to deploy.

At the ASN level each ISP is assigned a block of ips, if you are not a transit its a simple matter of just filtering to ensure nothing leaving your network is saying otherwise. Once you hit transit links both this scheme and RPF lose their power as depending on the failure almost any transit link can be a valid path. For such a scheme to work it has to be implemented as close to the end point as possible (which is the general structure of the Internet, intelligence sits near the edge where traffic volumes are reasonable, core is dedicated to just high speed movement of traffic).