Where the rubber meets the road is if the machines are in temperature and humidity specifications for the equipment, so warranties are not voided.

If this is workable, even during the winter or when it is extremely rainy/humid, this might be a useful idea. However, there is only a limited set of climates that this would work in. The PNW with its moderate temperatures makes sense for this. However, if I attempted to do the same thing in Texas, come summertime, I'd have a building full of BBQ-ed servers.

Very true. That site is the weak link in the chain. However, a lot of websites are only allowing people to post using Facebook IDs. If a site is going to use another site to keep the trolls at bay, having this two-tier method provides something. Some anonymity is better than none.

This might be a way a company can run a pseudo-anonymous identity validator.

John Doe would create an account with foo.com. Foo.com would know John Doe's real life info. When John Doe wants to create an account with bar.com, foo.com sends a hash of the user (the user account + a nonce + the hostname, all hashed.)

Bar.com gets the hash, and John Doe creates a user with a handle. Later on, John Doe tries to create another user for a sock puppet. bar.com realizes there is already one person with that hashed userID, so disallows the user creation unless the other account is removed.

Bar.com finally gets tired of John Doe, and bans him. John Doe creates another account, but because foo.com sends a hashed user that is banned, that is stopped.

Never does bar.com know anything about John Doe other than that he has a foo.com account, and a certain hash. However, the info is good enough to block John Doe from creating other accounts unless he manages to fool foo.com into having multiple, real named accounts with them.

Of course, this isn't 100%. Foo.com can have lax identity validation measures which allows duplicate users. Someone can find out the nonce used as part of the username hashing process. This can be mitigated by adding another database tuple with a random number, but this would mean that foo.com would have to have a 128 bit number for every single site a user visits, rather than calculating a hash.

The result is that a person would have privacy... the worst that happens is that they are blocked from accessing the site. Trying to find the person's real identity and coming after them would be difficult.

I feel dumb by asking, but "encryption keys" is sort of vague, IMHO. What type of encryption? Disk level? SAN level (where PowerPath uses RSA keys to decrypt the LUN presented), LVM level with a tool like BitLocker? Database level? Application level (where all tuples are encrypted upstream)?

For example:

1: Take BitLocker for example. For I/O on a drive, it has to have the FVEK (full volume encryption key) in memory at all times. Even if the FVEK is unlocked from somewhere else (TPM chip), if it is slurped out of RAM, the drive can be decrypted.

2: If encryption is used on a database by an application not in China, then there is a bottleneck of all data going through that application.

3: If the Chinese servers are configures with IBM's SAN encryption and the keys for the physical drives are accessed offshore, then compromising of the machines the LUNs are presented to would bypass that.

Encryption is just one piece of a puzzle. Key management and implementation is a huge factor as well. Even something as humble as a tape backup can require infrastructure, both management and technical for adequate security [1].

[1]: Ironically, a lot of companies are well off by just setting a long passphrase on their tape drive silo, and calling it done, assuming the passphrase is stored on paper somewhere secure and well away from the media. I have seen extremely complex appliances that give every tape its own key. The vendor demanded the customer buy two appliances. When I asked the appliance vendor how I back up these tens of thousands of random keys, they said that I had to buy a third appliance to mirror. Way too expensive, complex, and too many moving parts when in a lot of cases, just a simple passphrase is just as good.

I 100% agree there, but companies are based on sales... and even though everyone in a firm may agree on that.. the true people with the whip hand, i.e. the shareholders, want phones that can be sold to Joe Sixpack that are drool-proof and will protect the user from themselves.

One compromise would be to have a "failsafe" ROM on the device, similar to what some B&N Nooks have. If they bootloop eight times, the e-reader will reformat itself and install the "v1.0" ROM... which is enough to get onto the Internet to find updates.

If coupled with some way the user could completely back up their ROM and phone contents via the bootloader (similar to nandroid), it can help greatly with troubleshooting.

This way, a service tech can tell a user to revert to that "v1.0" ROM as part of the troubleshooting process so customizations are factored out.

I'd love these for a solar array where energy stored for unit volume is important, but not critical (like it is in a car or RV) for a number of reasons:

1: Hemp is a lot less nasty for the environment than graphene.

2: This could be used as a buffer for the chemical batteries, since you don't have to worry about limiting amps coming in. Come "shoulder hours", the supercaps can be charging the batteries at exactly the amperage rate they need even after the sun is down, greatly improving the system's efficiency.

3: The lifespan of a capacitor is a lot longer than a battery because electricity is stored physically, not chemically. So, if space is less of an issue, large supercaps can be used without worrying about replacement every 5-10 years (or 2-3 years with Li-ion) batteries.

So, for an off-grid circuit (one that never goes near mains power and pretty much acts as a UPS), having this technology would go far.

There is always going with distributed computing, both tightly coupled (cores) and loosely coupled (different CPUs.)

I wouldn't be surprised to see RAM chips with a part of the die dedicated to CPU/FPU/GPU functions. Add more RAM, add more CPUs.

Eventually the concept of a "central" processing unit may give way to passive backplanes and various speed buses, perhaps with a relatively lightweight chip directing everything.

Another example, is the x86 architecture. Intel has been amazing in keeping it going, but eventually, moving to something like Itanium with 128+ registers for integer, 128+ for floating point, etc. might be how Moore's "law" keeps going.

As for jets, it isn't a matter of "can't", but "why bother". Once commercial airlines got deregulated, good enough was good enough and the race to the bottom began, so there was no interest in trying to continue making progress with better planes, other than military aircraft.

I wouldn't mind the ability to sideload apps (one can do this in a limited fashion already)... but what will happen is that a Dancing Pigs 0-day will happen, Joe Sixpack and Jane Sertraline will follow the directions that the rogue website gives to download the .ipa file, load it in, then one can view the bouncing bunnies.

Some websites which are set up to exploit any device they can already try this with apk files for Android and .deb files for jailbroken iPhones. I'm sure there are people who will download them because they are called "security updates", enable sideloading, and then install the files.

Of course, after the sideload, their phone gets compromised, and they then hit the lawyers and press and blame Apple for allowing them to step out of the walled garden.

Cisco isn't perfect, but I wouldn't be surprised to see their stock remain strong. IPv6 rollouts, security issues, and future IPv6 items [1] will ensure that existing customers will be buying new equipment.

Cisco also benefits from the fact that fiber channel is getting tossed for FCoE. With FCoE or iSCSI, it just takes one fabric to handle both storage and networking, while FC requires a separate switching network to handle zoning and I/O. With 40gigE around the corner, fiber channel is going to be left in the dust until faster HBAs come in 2016.

Would I consider Cisco stock a "buy"? I'm not going to give investment advice, but I wouldn't consider their stock tanking anytime soon. They are the biggest player in a core industry that isn't going away anytime soon.

[1]: IPv6, while getting deployed, still has yet to go through the real-world torture testing the IPv4 stack went through back in the late 1990s with land, teardrop, ping of death, smurf, and other packet based attacks which would drop machines.

Most of the people I know (and I say most) would take a position like this serious and do the best they can.

I am comparing this to jury duty. Yes, there are horror stories, but juries seem to have made their place as something that passes for "working". Our elected system obviously isn't showing the values of the US because Congress has had lower approval ratings than herpes, especially around this time last year when both sides managed to get the government shut down.

Take Slashdot for example. I would probably say that virtually anyone reading this, yes, even the goatse poster, would be a better representative and have a higher approval rating to the people of the US than most of Congress (and this applies to both parties.)

Yes, the rules are waived... for now.

However, how easily can that waiver be pulled? Is Tesla standing with a just flick of a governor's pen between them and having to shutter the entire factory, or is there some due process in place so they can't be shut down if they don't toe the politicians' line exactly?

We really need different organizations. As above, the military needs to be strictly hierarchical. However, the civilian leadership needs to be representative of the people's wants. Here is my proposal:

Instead of elections, why not have all representatives be picked from a lottery of all citizens, similar to jury duty. Instead of a jury picking a foreman, they nominate and elect a president.

This way, the elected people are truly a cross section of the governed, voter fraud isn't an issue, and with proper enforcement of bribery laws, the big "campaign donations" that plague the US wouldn't be an issue. After four years, a new lottery takes place, and a new bunch of people get into office.

It can be a tough job:

1: Without an active moderator, it can get pointless.
2: Forcing people to register or means people will create fake accounts and then troll the living heck out of the board.
3: Forcing people to log in with FB seems to help, as one can't create those accounts willy-nilly. However, I don't want FB to be my authentication provider. I don't trust them with private stuff, why should I with the key to the gates?
4: Having registering then having people pay for their account to be activated is another tactic, but unless the forum had a following, this wouldn't be viable.

I've wondered about someone setting up an authentication business. Users would register with them, then can get a handle to use at member websites. The member websites would not know the user's real name or other info (unless explicitly provides), but the website can do a ban by that person's name and any attempts at creating a second account to log on would be blocked. That way, people have privacy when posting, but yet there is some accountability, and bans mean something.

There is a "good enough" point. What SSDs bring to the table is the fact that any number of processes can access the drive at virtually the same time without queuing up for the drive head to get in line with the data wanted, or hopefully find the data in the cache.

What I see that may become more common are drive units that have 256 gigs or so of SSD space and several terabytes of HDD, presenting themselves to the OS as two separate volumes. This allows the OS and core applications to boot and quickly while still having a lot of space for documents and other files, perhaps even backups. So far, I've seen one drive do this, and I wouldn't be surprised to see other models follow.

The advantage of SD cards is that in a pinch, the manufacturer can always ship a SD card to the customer (especially if the item is a more expensive appliance like a CNC mill.) As for a SD card reader, those are not too difficult to find (most modern laptops except MacBook Air models tend to have them built in.)

I do agree that a USB flash drive would be better, but a SD card reader is fairly static. One knows that it will have the same device ID (in Linux) or drive letter (in Windows) no matter what, while one can attach a hub and all sorts of devices to a USB port, trying to exploit any possible faults in the USB controller or the OS wondering why it is seeing another keyboard when it is expecting a drive.

SD cards are not perfect, but for a relatively high-value device, they are decent. If a device manufacturer is worried about physical attack, they could always ship SD cards using the built in signing/encryption (CPRM) and secure area to ensure that the ROM on the card hasn't been tampered with.

Of course, for something uber cheap where the only thing that matters is price, one can just have the device be a USB destination, and just allow the user to copy the updated firmware via PTP or MTP to a space on the device, then power cycle. However, this assumes the device is small and portable.

With a SD card and signed firmware, it definitely isn't 100%, but it will keep most attacks at bay. If more security is needed, the manufacturer can ship update SD cards out using the copy-protected region so the data on the card can't be tampered with, and it would provide another security layer against even physical tampering.