Exposure to radiation from space is probabilistic, and there have been many more living human-hours down here on Earth than up in space. Isn't it reasonable to assume that at least a handful of people have been unlucky enough to just *happen* to get bombarded with an unusually high amount of gamma radiation, having the same thing happen to them?

And then there are all these new-fangled manmade sources of gamma rays that we've been blowing up and/or using for electricity since the 40s...

If you're going to reference a pop song ("haters gonna hate"), you chose the wrong pop diva. Rather, you should have used the more apt "Call Me Maybe" by Carly-rae Jeppsen (which is one letter off of "Jeppesen"):

Hey, I just bought you
And this is crazy
But here's my WiFi
So update me maybe?

The problem isn't that they are relying on a single vendor, nor that they chose iOS over Android, or anything else silly like that.

The problem here is that they are using technology that's functionally tested for basic consumer use in a situation that suggests (and may soon require) a mission-critical level of software and hardware certification.

A lot of people (business people / decision-makers, mostly) don't seem to understand the difference between consumer-oriented hardware/software and safety-critical hardware/software.

Safety-critical hardware/software is designed, developed and tested with security, safety, and stability principles that are not only there "in theory", but are also tested for in practice, with a rigorous validation program that ensures the correct operation of the system. On the hardware front, the device is built to higher standards, such that the core chassis of, say, an iPad-like device would be able to withstand more shock than a consumer-oriented iPad with an Otterbox on.

If an airplane goes into a sudden roll or dive, causes the iPad to go flying across the cockpit and shatters the screen, what then? The pilots need the information in that device to be able to know how to follow the proper procedures to continue flying the aircraft safely. Without it, they can take their best guess and rely on instincts on how to operate the systems, but you cannot expect every pilot to memorize every contingency procedure. That's why the EFBs exist in the first place.

If you can't ensure that your tablet electronic device is at least as rugged as a hardback book, you shouldn't be using them on an airplane.

The problem is that there are few or no vendors of extremely rugged hardware/software solutions that are available in a thin and light form factor akin to an iPad. The safety-critical rugged device sector is 5 to 10 years behind the state-of-the-art consumer device space. That's because it takes many more months to design and ship a device with a much higher level of physical and digital assurance of correct operation. The airlines seem willing to take the risk of failure of these consumer devices, because they would rather have the latest features, like capacitive multitouch, ultra-slim design, retina displays, etc. instead of using something whose technology was state-of-the-art in 2008, but is built like a brick, both physically and software-wise.

We've seen MANY first-hand examples of consumer electronics devices from ALL vendors having extremely dangerous stability and security bugs that would render the device inoperable for the use case the airlines are using it for. We can't take the risk that this important tool will be unavailable when they need it. AA and other carriers need to stop using iPads as replacements for the flight bag, and either pay for the R&D for a proper rugged replacement, or go back to paper.

I'll conclude by saying that the EFB/flight bag is, in my opinion, a safety-critical tool aboard all except the most sophisticated airplanes (e.g. the Airbus A380, which has a computer built into the cockpit on an LCD screen that actually tells the pilots what to do to resolve problems). The airlines are taking a big risk by implementing this with consumer technology. If they "do it right" and work with a vendor that produces rugged industrial mobile devices, it will cost more and have a much longer development cycle than shipping iPads. The devices will almost certainly be heavier, have less "whizzy" displays and UI, have a shorter battery life, and be harder to upgrade if additional features are desired later. But they will have a MUCH higher level of assurance that their correct operation, both hardware and software-wise, will continue to be available in the case of an emergency when they are needed most. It still won't be impossible that they'll break, but it'll be much less likely.

You are right, of course, that it has to be a collective effort. However, your mental mistake was in saying that nothing you do will matter. I absolutely agree with you that bringing our population (globally!) under control is the most important step we can take. I absolutely agree that the rate of growth of our consumption of fossil fuels is going to cause us to hit a "brick wall" in, AT MOST, a handful of generations -- if it doesn't happen to your kids, it'll happen to your grandkids, I'm almost certain.

This brick wall is basically the point beyond which, obtaining cheap fossil fuels for electricity production and transportation at a rate that meets demand is impossible. In 5 year old terms, "everything will start getting extremely expensive." I have no idea what is going to happen at that point. Resource wars? Massive investments in nuclear power and electric cars shore up "business as usual" for another few decades? Fusion power becomes economical and saves us for the long haul, provided that we're all willing to convert to electric cars? I don't know. I just know that it's going to be bad, especially in the short term, as food prices spike and people can't pay their gas bill to get to work (if the gas station even *has* any gas).

When it comes to matters like this, every little bit DOES help. Every person who is convinced that they need to do their part by conserving as much energy as they can is setting an example for the rest who are happy to keep rollin' coal.

In your situation, by far the greatest damage you've done to the planet and our collective resource supply was to bring those three children into the world. United States citizens consume more fossil fuels per capita than all but 12 countries, but most of those countries have extremely small populations with high median income, so they're hardly a drop in the bucket. I guess you could have done worse by raising them in Qatar, but it's still pretty bad.

Honestly, I could care less about your SUV. I'm not one of those wackos who would try to force you into an abortion when you had more than 2 kids, and I certainly wouldn't want any harm to come to them now that they're a part of the world.

All I want is for you to *accept responsibility for your own choices and actions*. If you're willing to man up and admit that you *could have*, in retrospect, contributed less to the world's problems by *not* having 3 kids (and having, instead, 2, 1, or 0), and if you're willing to carry forward the message to others that the need is urgent to ensure that *everyone* contributes a little bit to making the population problem better, and NOT worse (which is unfortunately what you've done, whether you think it's significant or not), then you're on the right path, SUV or not.

I know that we can't all be ideologues and that sometimes we can't practice what we preach because of the realities of life. I don't know you, and for all I know your children were "a coincidence" (not planned) and were triplets, which can happen to anybody. But taking responsibility for yourself is a necessary prerequisite before you can start telling other people (such as the China you harp on about -- and rightly so) that *they* also need to quit reproducing like rabbits and cut down on fossil fuel consumption. Otherwise they'll just laugh at you, point at your 3 kids, and go get their wife preggers tonight to make the problem worse.

No, I live in a place where most people have Verizon or AT&T with limited data, because the alternatives have horrid coverage. They pay huge monthly bills for ant-fart-sized data plans, like 5 or 10 GB per month for an entire family.

They have unlimited data or extremely high caps on their home Internet connection, sure, but I haven't seen any of them unraveling 25 miles of structured cabling with them as they drive from their house to work.

I had a huge response typed up here that I was ready to send, but I realized it was laced with ad-hominem, and I wasn't able to find a way to write it that would be free of statements that could be interpreted that way. It is very, very hard to write about someone else's lifestyle -- especially when you disagree with some of their choices -- without being offensive. So I'm not even going to try.

Instead, I would like for you to take a deep breath, change gears, open your mind, and watch this lecture by the late and great Professor Emeritus Albert Allen Bartlett of University of Colorado at Boulder. Remember that he was a very distinguished and respected scholar, whose statements in this lecture are completely fact-based and inevitable consequences of mathematics. Please do not let any opinion in this thread, mine especially, distract you from the message of knowledge that Professor Bartlett wishes to deliver to you posthumously with this lecture.

https://www.youtube.com/watch?...

RIP Professor Bartlett, and may you learn something useful from this very insightful Professor of Physics.

You are assuming that the standard image deployed to every employee contains all of the desired software solutions, and that no one could ever conceive of or imagine a world where a new piece of software might exist that could make their work more productive.

That's an assumption that I've found to be false in 4 out of the 4 jobs I've ever worked, over a career of 12+ years.

Can't tell you how many times my coworkers, who have limited data but know I have unlimited data, have asked me while we're out and about if I could google something, or ask me to turn on my wifi hotspot.

There is a definite and obvious use case for unlimited or very cheap data when "anywhere" (where my specific definition of "anywhere" means, typically, on the road, or at any number of random retail establishments or private office complexes in the Baltimore metro area / suburban sprawl). Landline-backed WiFi is rarely available, and where it is, it's not free, or too slow to be useful.

The telcos can give us excuses all day about why we can't have unlimited or very cheap data, but eventually they're going to have to figure it out. There is a ridiculous amount of pent-up demand for cheap cellular data, or any alternative that gives you instant broadband-speed data at your fingertips almost anywhere. WiFi, WiMax, and all the other alternatives that have tried to be it, have utterly failed to come even close because of a lack of coverage. The only alternative we have today is grandfathered unlimited on Verizon & AT&T if you need tethering, or Sprint/T-Mo if you don't need tethering.

No, $10/GB is not insanely cheap. $0.10 per GB is closer to the order of magnitude I'm willing to pay, with $0.01 as the ideal. I think the telcos haven't unlocked pricing on this level for the masses because they're too busy swimming in their $10 bills, not because there is an engineering brick wall that would prevent them from doing this.

I have nothing against paying by the gigabyte. I'm not at all married to the idea of unlimited. I just refuse to accept paying such an outlandish fee for a gigabyte of data, when 1 GB is almost nothing with today's content-rich web apps (auto-playing 1080p videos, images, huge .js applications, etc.) In fact, some websites can easily make you spend $1 or more in a couple seconds by just visiting a company's homepage, and while the page is rendering and you're fumbling around trying to tap the close button, you've downloaded more than 100 MB of video, and spent upwards of a dollar. Not cool, but it happens.

I think, to determine the price per gigabyte, we should back into it by determining a reasonable price for one second of saturated average throughput (SAT), which should be set to the expected downstream you'd get if you're downloading at "saturation speed" (as fast as the LTE modem can go with the current bandwidth available) for one second.

For Verizon LTE, SAT would currently be something like 20 Mbps. So that means you would be downloading 20 Megabits in one second. To download one gigabyte, you would have to download continuously at 20 Mbps for 400 seconds. If we set our one-second SAT target price at $0.0001, this means you could currently charge $0.04 per gigabyte, which I think is a great price.

However, the price per gigabyte should go down the higher the bandwidth. The goal is to prevent any one second of SAT from costing too much. So if they doubled the LTE bandwidth to 40 Mbps SAT, to maintain our target one-second price of $0.0001, we'd have to charge $0.02 per gigabyte. By measuring the user's bill according to what we consider to be a reasonable price for 1 second of SAT, the carriers will be adjusting the price per gigabyte to be lower and lower the more bandwidth is available. This is something consumers want (and need) to see.

Compare this to the current model, where 1 GB of data has been the same since 3G days. Even though we have many times more bandwidth and capacity on the mobile networks than we used to in 2003, we're still billing customers $10 per GB. That, I think, is completely unreasonable. The only reason this has happened is that the carriers are trying to get their customers into the hundred-millions, so they're dividing their limited resources by a great deal more handsets than they had on the network in 2003. I don't agree with this model one bit. It means that us early adopters are now effectively subsidizing the cost of the network to provide service to millions of new customers, because our data is not getting cheaper even though capacity is skyrocketing to never-before-seen heights. If that capacity had been reserved for us, data *would* be $0.01 per GB today. And to add insult to injury, each of their *new* customers are *also* paying this outlandish fee.

The telcos are making money hand over fist, posting record profits every quarter, with an accelerating profit curve. They are riding the gravy train while the rest of us get to eat cake (in the "let them eat cake" sense). It's an extremely unfair distribution of wealth and resources.

And yet, despite all this, Google Fi plays right into the hands of the carriers, offering absolutely nothing new or noteworthy in the pricing department. Indeed, it seems like Google is trying to take a sip from the gravy train, rather than offering a few drops of it to the little people.

Don't be ridiculous. The *core* of Linux can run fine on anything, but to actually do something useful, you need more hardware. "Can run" and "can do what I need to do with it after it's booted" are two different things.

The people saying that Linux can run on anything are right. So are the people who are wishing that the Compute Stick would come with at least the same hardware as the Windows version. What if they want to do a little more than just browse the web? Linux definitely has the programs available to do something a little more resource intensive. It seems unnecessary to tie the hardware to the software.

No -- modern web browsers (IE 8+, Firefox since a long time, and Chrome since its initial public release) are sandboxed off from the native platform to such an extent that you cannot access the native code environment or the local filesystem from JavaScript. Even if you tell the browser that you trust the site, a modern browser is not going to allow you to access the filesystem or call Windows APIs from JS.

You can do a lot of useful things with JavaScript and HTML in a browser like Chrome, but there are still a great many tasks that are desirable and important which can't be done in this environment. For example, automating a workflow in Microsoft Office.

And for heaven's sake, if you're an IT administrator and reading this, please, please, PLEASE stop forcing users to run IE 6/7/8 and nothing else. At a bare minimum, install and support Firefox ESR. It is not in your job description to take pleasure in your users' suffering. ;)

First, let me say that I totally agree that "regular" users -- those who are not programmers or testers or system administrators -- do not typically need administrative rights, nor do they, in the ideal case, need the ability to run unauthorized third-party programs.

HOWEVER, my concern is that there will be many inappropriate and heavy-handed uses of this technology called "Device Guard" by IT departments that are not effectively satisfying the needs of their users.

Firstly, every IT department would, in an ideal world, be willing to get over themselves and accept the fact that software development can, and should, happen in departments other than the official IT department. The larger and more diverse your organization is, the truer this statement is. An employee shouldn't have to be within the reporting chain of the CIO or IT Director in order to be able to develop software as part of their official responsibilities. And yes, if an employee's management chain officially assigns them software development duties, and these responsibilities are accepted as legitimate by a corporate officer who isn't in IT, then this software development *is* official, even if IT isn't aware of it.

The next thing is, IT organizations need to assign appropriate permissions and trust (e.g. local admin rights) to these external development organizations. Trust them to do their job correctly, and only crack down if there is an actual violation. If you're worried about compliance, give them your security policies and make them provide a compliance report before deploying the software. Come up with some *minimally-invasive* hoops they'd have to jump through to get approval to deploy their finished software. *Don't* try to take ownership of their product lifecycle.

In an IT shop meeting these simple minimal criteria, I think this Device Guard feature would be mostly harmless. Jane the Executive Assistant tries to run an .exe screensaver with cat pictures and is blocked; too bad. Tom the software developer who doesn't work for IT submits a ticket and gets local admin rights within 48 hours so he can get his job done. Before deployment, he gets IT to roll out a patch to all their workstations whitelisting his codesigning cert, which was purchased on his (non-IT) department's dime. Everybody is happy (except Jane, but she'll live).

My concern is that there are hundreds of IT shops out there in the wild which do NOT have the political or social intelligence to enact policies like these, and would rather bury their heads in the sand and pretend there's not a problem. They are so averse to risk and change that they would rather see their company stagnate due to the unavailability of necessary tools and technologies, instead of working through the growing pains of becoming an organization that can accommodate the realities of the fast-paced 21st century business culture, such as the necessity of software development done locally to the people who will be using the software (advantages: reduced cost, shorter lifecycle, more relevant and accessible to the end-users, faster response to change requests, etc.)

These same shops without the above will be all too happy to turn on Device Guard for its security benefits, without making the required accommodations for the many existing Shadow IT organizations in their company, half of whom are afraid of IT's potential overreaction to their project and have thus never come forward and told IT what they're doing.

Mark my words: the day that IT departments roll out Windows 10 and turn on Device Guard, the shit is going to hit the fan. You'd better have already worked out the proper preparations with *all* the software developers in your user base -- not just the IT department -- to support their production software, or random pieces of your mission-critical software are just going to stop working one day, and an angry CxO is going to want to know why IT broke their systems.

If some of the IT departments I've had to tangle with in the past were doing their jobs correctly, anyone doing software development -- whether an "official" part of the IT department or not -- would be able to easily obtain local admin rights on their workstation.

If they were doing their jobs correctly, it wouldn't take 2-3 years to develop, test and deploy a simple productivity enhancement or workflow automation solution that might take 40-80 hours to actually code, and maybe another 100 hours to design, test and document. Not to mention, anyone who's actually gone through the whole 2-3 year lifecycle often ends up paying way more than they wanted to, for a way over-engineered solution that tries to solve every problem anyone's ever had, instead of just solving the problem at hand.

Also, IT departments never have any free bandwidth for new requests, which is why it takes at least a year for them to even start looking at a problem someone comes to them with. This is not entirely their fault: the CFO will often demand the IT director to keep all of their staff 100% utilized on required projects, so if the IT director tried to keep some staff semi-available for new requests that come in, the CFO would just reduce their head count until they had just enough people to work the projects that are already in development.

I'm not saying *all* IT Administrators do their jobs poorly or take too long to get things done. I'm saying that the processes and bureaucracy in place -- which, let's face it, most of the IT folks hate just as much as their "customers" -- make the IT organization very inefficient for handling anything that needs a quick turnaround. They are good for managing general use computer rollout with bog standard Office software and Internet access. Beyond that, if a manager or director wants something different, and they want it done *this* year, they are probably going to have to hire their own software folks, interns, or tap internal talent of people who happen to know software development (whether or not it's in their job description). At that point, they've just created a Shadow IT organization.

My point is that Shadow IT isn't a bad thing if the people working it know what they're doing, and can avoid pitfalls like downloading malware, pirating commercial software, etc. One good way to go about it is to develop your solution in an open source environment (e.g. Java, a GCC language, Ruby, etc.) and to only pull in third-party libraries that are MIT-licensed. It's very, very hard to run afoul of the three-clause BSD license or MIT license; you just create a LICENSE.txt that fulfills the attribution obligations, and off you go.

This "Device Guard" feature, as I understand it, will actively block non-administrators from being able to compile and run their own executable code, or to install third-party software or runtimes that might enable the same. They then have one of two options: either talk to IT, or try to get around it by using runtimes that already exist on the computer.

If they try to talk to IT, chances are good that IT will ask that the entire shadow IT project be canceled, and that they be allowed to develop (or buy, COTS) the solution themselves. Once you're in that trap, you automatically know it's going to take 2 years at a minimum. The project you're working on may not even be relevant that far down the road. If you don't agree to letting them work it into their pipeline, then they likely won't agree to give you admin rights. These talks very rarely go over well, unless you're in a very progressive company; but if you were, you'd probably have admin rights in the first place, or at least a separate computer or VM with a sandboxed subnet without access to any sensitive stuff on the LAN, where you have full admin rights.

This is why shadow IT organizations often just choose to write their stuff in VBA or VBScript. Java is usually a viable option too, but if you need native libraries or any third-party components that need native libraries, you're probably out of luck with this new Device Guard technology.

You can call shadow IT the "worst of the worst users", but just remember that there are many of us out there in the wild who get things done, on time and with a razor-thin budget. Without us, the daily operations of large enterprises and governments would be even more inefficient and dysfunctional than they already are.

Not sure what you're on about with the intelligence thing, though. It's really not about intelligence. Shadow IT folks are often *not* particularly intelligent. We're just at the right place, at the right time, with the right skills to solve a problem. The "official" IT organizations, on the other hand, traditionally have too much bureaucracy to be agile enough to do the same. That's all.

This is true for home users, but anyone connected to an enterprise domain who doesn't work for the help desk probably knows the pain of not having an administrator account. Even people who fall under the auspices of "IT" often don't have administrator accounts, if they aren't part of the team that holds the keys to the castle.

I know many software engineers who don't have admin rights on their PCs. It'll be interesting to see the tug of war over this, between paranoid IT guys and the rest of the people who are just trying to get their work done, whether by installing third-party software, or by compiling executable code themselves.

When Corporate America IT organizations start deploying this with Windows 10 rollouts in, oh, 2020 or so, a whole slew of things that are necessary to keep companies operational are just going to stop working.

IT "administrators" will be unable to resist the temptation to enable this "feature", surmising that any user running an .exe that wasn't signed by a shortlist of vendors must be doing something illegal.

So that business process automation workflow that saves thousands of hours every year? It depends on, say, Ruby, or 7-zip .exes. Poof; gone.

How about that little Office add-in that the CFO really likes because he can rubber stamp all the incoming requests in one batch? Well, it'll probably block .dlls too, so that's gone.

That customer deliverable that people have been pulling 16 hour shifts to get done, which is due tomorrow? It depends on a complicated .NET app written in C# using heavy Excel automation. Now they have to rewrite it in VBA, or maybe your deliverable just won't get delivered.

This is bad, bad news for the skunkworks that keep the world spinning. Better start rewriting everything in Java (make sure it's compatible with the ancient version of Java that comes preinstalled on every system) and calling into native land via JNA. Uhh, provided that Windows will let you dynamically load the JNA .dll into the Java process, that is...

Actually, that probably won't work because of the aforementioned JNA .dll. Let's just rewrite everything in VBA forever and ship our "applications" as Word documents. Who needs proper threading or actually good performance, anyway?