How does the "or later" clause hinder use? Licensing under GPLv3 might have (I'm not going to argue that either way), but what does the "or later" clause matter?

Because you cannot mix v2-only code with v3/v3+ code. It's actually incompatible - v3 puts additional "restrictions" (from v2's perspective) on the code, making it incompatible (e.g., anti-TiVoization, etc).

So this means all code in that kernel must be either v2 or v2+ (which means the "+" disappears).

For an embedded systems, they typically want GPLv2 or v2+, avoiding v3 as much as possible. "or later" can hinder since if you're not careful, you might accidentally include v3 code (especially if you pull from an upstream source) when you don't want to. v2-only makes that a license violation, while v2+ turns into v3/v3+. One should be careful when pulling patches to make sure the codebase doesn't unexpectedly turn into v3.

I had been wondering about this. A FOAF was a curator at a museum on the West Coast, and when I talked to him about the idea of online displays, he was completely dismissive -- it seemed like anything other than "Maximum Lockdown" didn't even register with him. Then again, this was probably 15 years ago. Was Maximum Lockdown the usual stance before the Internet explosion, or do all three approaches have a well-established history?

I think all three approaches are common. It really depends on the museum. If they have some prized artifact the world knows about (Mona Lisa, David, etc) then it's likely to be "maximum lockdown" because well, they want you to see that item in their collection.

Then there are museums that make money off being exclusive dealers so they tend to put some stuff up.

Finally, there are public museums that have full openness. and intentionally want to spread the collection aroun.

I think it relates to how the museum is funded, as well as how notable its collection is - the lesser known, the more they need to advertise. After all, if you're the Louvre, you don't need to do anything - people come to you so you can lock it down and force people to come in. But if you're a museum on your rapidly dying culture, well, putting it online could mean dying as a footnote or leaving a legacy.

Just because there is a large competitor, you do not quit. Apple didn't and came from behind several times. Now if it is not profitable, let it go, but don't just give up and give it all to App/Goog(le) without a fight. Besides, 1% of a lot of people is still a lot of people.

Heck, when the iPhone was first released, Steve Jobs himself said he didn't expect to do much to the market - if he got 1%, he would be happy.

It's a big market.

Then again, Samsung controls around 90% of the Android market, and probably a majority of the phone market in general.

And yes, Tizen is probably just a threat tool - there was a point in time that it was supposed to be able to run Android applications. Samsung's got enough power in the Android market that Google may try to kick Samsung out of the OHA for trying to sell a non-Android phone that can run Android apps, but Samsung's got countermeasures. First, they are the only OEM who has complete replacements for every closed source app, including their own app store. Second, Samsung's got muscle - owning the majority of the Android marketshare means they can force their way if they have to.

And considering Samsung's got various OSes ready to go, I can't see it as more than a way to keep Google in its place - keep making the OS, we'll let you install your spyware/adware, and don't you dare threaten us.

Well, the available CPU power increased dramatically since the original iPhone was released back in 2007.

Back then, the iPhone and iPhone 3G used ARM11 (ARMv6) processors at 400MHz. The iPhone 3Gs used a Cortex-A8 based CPU running at 600MHz - clock for clock, the A8 was practically twice as fast as an ARM11, and the 50% speed boost doesn't hurt, either (so nearly 3 times faster). Of course, with that added speed, the iPhone 3Gs doubled RAM to 256MB.

The iPhone 4 doubled RAM again to 512MB, and upped the speed to an 800MHz Cortex A8, roughly a 33% increase in speed, but more importantly they also upgraded the GPU to run faster. The iPhone 4s went from a Cortex-A8 based CPU to a Cortex-A9 multiprocessing CPU and upgraded graphics again.

The iPhone 5 upped it to 1.3GHz custom Apple A6 core (faster than equivalent Cortex-A9), just over 50% faster clock for clock, and doubled RAM again to 1GB.

The iPhone 5s went to ARMv8, where running 64-bit code is so much more efficient that 64-bit code can outrun 32-bit code by up to two times. Running 32-bit code, ARMv8 is only marginally faster than ARMv7, but 64-bit code is where ARMv8's speed really shines.

The spread of CPU speeds is probably anywhere from 3-5x for a supported iOS.

Me, I'm running an iPhone 4s with iOS 7. It's snappy enough - the most sluggish times are when I make a phone call and it seems to linger at the contact screen for a second or two, and when I hang up and it lingers at the call screen for a second or two.

It won't be supported on iOS 8, I don't believe. Given it's been 3 years, well, it's probably time to upgrade.

So you're saying that if we combine a Bose and a Beats headset, we might actually get hi-fidelity sound?

No, you'd be missing the treble. Which is fine I suppose if you're over 40 or 50.

They both don't have highs - "no highs, no lows, must be Bose" and "no mids, no tweets, must be Beats" (a tweeter reproduces high-frequency audio).

They get enough to be able to provide a man in the middle attack.

If you can do that with a CA, I say you have far more interesting technology than signing a cert.

A certificate is basically a signed public key. You give the CA the public key, they sign it, which says "I, the CA, certify that this public key belongs toe XYZ Inc".

That's it. You don't sign private keys (they remain on your server, after all), and your server hands out the certificate during initial security setup. The client looks at the certificate and extracts the public key it'll use to talk to the server.

No, the way you MITM with a CA is you have to be in the middle, and with a forged cert. Basically you intercept the client's request, hand out your certificate of your public key. The client transmits data to you using that public key, which you decrypt using your private key, log the data, then re-encrypt using the real server's certificate (i.e., public key).

No, a CA does not need your private key. Unless you ask it generate a keypair for you. If a CA could spy on other traffic, you'd think they'd all be doing it. No, a "compromised" CA really means they have no qualms about issuing a duplicate certificate - e.g., a certificate for *.google.com even though they aren't Google's CA.

Let's see this list of spyware. Will Google kick them out of the Android store? Will the FBI prosecute the developers for "exceeding authorized access" under the Computer Fraud and Abuse Act? If not, why not?

Easy, the summary says they analyzed the top 50 downloaded apps. So your list of spyware will be those.

As for Google, well, Google owns online marketing advertising market, so those apps really are helping Google in the end...

He's being a bully, pure and simple - using his popularity to shove around others. That should not be tolerated, full stop.

If it was pure abuse. maybe, but history if full of abusive assholes who did amazing things, purely because the abuse isn't by some ignorant asshole, but one who actually knows what they're talking about.

Now, if there's something you don't know about, being abusive is just being abusive. But if you do know your shit inside and out, being abusive can get your point across.

Steve Jobs, Theo De Raadt, and Linus Torvalds are basically the few who are abusive assholes, but everyone also knows that they do know what they're talking about. (In Job's case, the RDF is basically a mirror that says "is that REALLY the best you can do? You can't do it any better if you tried?").

Oh yeah, it's a terrible environment - there are plenty of people who packed up and left Apple after meeting Jobs (many really good people too). Just like there's plenty of kernel devs put off by Linus, and likewise for OpenBSD. Unfortunately, the truth is, they do get results.

And no, MBA types, you can't do it. Only a very limited few can be assholes and get away with it. Chances are, if you're not one of the three people I listed (of which one is deceased), you won't succeed.

You (and Greyfox) do not seem to understand what Google Ads are. They are, for the most part, not the display advertisements one tends to see on websites. Instead, they are textual only and associated with search or with websites that open up space on their site for text ads.

Ad Blocking software allows them to show and always has. And that is because they are unobtrusive and not annoying.

No, those are the Google-braned ads. Google Ads encompasses ALL of Google's ad products. Including most of the malware laded ones since well, Google owns like 98% of the online ad market.

And Google distances themselves for some reason - Google owns AdMob, DoubleClick and many other "irritating ads" and "malware ad" networks. And other than Google, I haven't seen a Google text-style ad in ages. (And surely not ones where Google pretends to be part of the search results).

There's no difference anymore, because Google owns it all. Sure they don't WANT you to know that, but all those ads you see in apps and on websites are almost all by Google or a Google-owned company.

Any marketer worth their salt knows why Google doesn't put their branding on DoubleClick and AdMob, but they also know that those are the kind of ads Google makes most of their money on.

Bose and Beats are both highly brand-focused. Bose targets the more mature quality-seeking crowd, while Beats targets the bass-hungry and fashion-conscious youth. There's some overlap, but generally I'd say their targets kept competition to a minimum, and they've pretty much cornered those targets

They're both over-EQ'd POS. Beats are for bass. while "no highs, no lows, must be Bose".

The only thing is, the markets are different - Beats are for the young "trendy" kids who listen to nothing but bass-heavy music (typically called rap). You know, the kind who come down the road and you can hear them blocks away because the windows on the stores are rattling.

Bose is more for the middle-aged family. You know, the kind where the wife generally runs things and she sees a traditional stereo or home theatre system with its big ungainly speakers and big black boxes, or she sees a Bose and it "sounds good enough" but damn it looks good.

Of course, at least the Bose does sound better than the beats any day of the week. (Heck, I saw a Instructable a few years back turning a Bose headphone into a Beats one. Probably the best sounding Beats on the planet).

Ironically, Beats probably do sound better than what Apple currently calls a headphone.

A CME is not an EMP event.

CME are dangerous because the stream of charged particles interacts with Earth's magnetosphere. The interaction causes the magnetic field to vary, and the changing magnetic field as everyone knows results in induced currents. Earth's magnetic field is weak, but the charged particles cause it to vary, and because of the variance, long lines (like power transmission lines) are the ones most affected.

Or telegraph lines, where the operators suddenly get shocked when the induced currents cause a large potential difference to build up (voltages of 50+V during the Carrington event).

Now, the problem is that the grid has enough circuit breakers to actually handle this - they're sensitive enough that disruptions will cause them to open. The issue is that once you start having grids, loads and generators islanding themselves, it causes further disruption down the line. Like the blackout of 2003 where one power generating plant caused the whole east coast to lose power for 3 days.

Having the grid shut down - it might actually be difficult to restart it since it's never happened before.

So any online criticism of any company has to be a "happy" criticism? The "truth" is no longer welcome? What a screwed up world.

Or you find a more appropriate time and place for it. You can exercise your free speech rights in front of the TSA agent, but don't be surprised that your bomb joke got taken literally and you find yourself in a holding cell.

I suppose part of the problem is the immediacy of it all - people use twitter on every thought without thinking things through - basically thinking if you don't say it in front of a person's face, they don't know. I'm fairly certain he would've gotten kicked off had he simply said it aloud rather than cower behind a tweet.

Same effect. The time to do it is not when the person who can make your life miserable still has power over you. And to treat every tweet as if you said it aloud right then and there - if your target is right there, don't assume they won't hear about it.

Hell, perhaps the other side isn't so rosy either - we just hear this guy bitching. How would he like it if she tweeted "just met the most demanding self-entitled asshole for a customer" at the same time?

Personally, I like the people who don't understand the difference between Reply and Reply All. When HR sends a company picnic invitation to Everybody, the invitation is immediately followed by a Reply All flood of RSVPs from that crowd. Lately, though, HR seems to have discovered the Bcc: field as a solution to that issue.

Well, given the default to most company emails requires reply-all, it's not a surprise, really. I mean, if you're on a project and you need to send information to others, you probably will put in several people. And the recipient probably uses reply-all so everyone can be aware of the followup as well. Because things get awfully stilted if everyone merely replied to the original sender and they get flooded with dozens of the same question and notes.

So it's natural in a business setting to use reply-all since you expect to share with everyone else. Hitting reply just feels unnatural.

And yes, that's what the BCC field is for, if you really need to break the reply-all chain.

I'd love to see a single UI that works across 4" phones and 7" tablets with gorilla glass, and 13" laptops and 10" convertibles with membrane keyboards, and 24" desktops with 101-keyboards, and 60" XBox Ones with controllers but I'm not holding my breath.

I don't think that's even possible because you'd compromise on the UI. Keyboard/mice, controllers and touchscreens have their own special qualities and interactions. A keyboard and mouse is a very precise pointing and data entry device, while a touchscreen is coarser but is able to provide multiple spots (multitouch) for gesture recognition that's far richer and easier to do than trying to use a keyboard/mouse. And a controller makes a poor mouse, but is killer at navigating in cardinal directions, with a few command hotkeys (buttons) for performing various actions.

Even worse, an app designed for one UI interaction works poorly in another UI interaction. About the only compromise possible is that one particular device may employ multiple interactions - e.g. a device with a keyboard/mouse might also have a touchscreen and a controller. But swapping between them is often a pain on the user.

Often the only way to solve the UI problem is to make each UI incompatible - so if you have a touchscreen device, interacting with it requires using a different API set so you can use it as an opportunity to redesign the UI to be more appropriate. Like how Apple redesigned OS X to turn it into iOS so apps have to use a different API to handle touchscreen events.

How many people are going to read this and take advantage of the flaw before Apple approves the release to the AppStore? That's one argument for Android. Not having to wait for releases of App updates.

Apple does allow for emergency updates that get you approved in about a day tops.

Though the big question is what do you get with your login? What does it let you do? Do you have to pay for it or is it free?

I mean, if it's only to submit news to CNN and comment on their posts, then really it's NBD that it's in the clear - not ideal, but really, you get to post news as someone else, whoop-di-do.

Just like how you can log into ./ using a URL. Yay, so it's compromised and someone can post as me. Big freaking deal.

(Oh, and you need to sniff the password while the user is using it, so while it's easy to do, practically speaking, I don't think you're that likely to encounter too many people using it to make it worthwhile).