Hardly. AirBnb and PayPal are both good examples of this sort of thing. PayPal got raided a lot and got sent C&D letters by various state regulators when they were rolling out across the USA. Eventually they had to sell to eBay (their primary competitor) to get enough money and political immunity to survive. There's a book about it called the PayPal Wars that goes into more detail on this.

eBay and paypal were never competitors.

eBay and Paypal are synergistic - eBay needed a low-friction payment platform. Prior to the Paypal acquisition, an auction listing might only take money orders for payment (thought many sellers took Paypal because it was way more convenient). And money orders in the age of the Internet really goes back - I mean, telling the buyer to go to a post office, buy a money order, then stamp and send it off the seller and hopes it all goes alright? If you were a buyer out to screw the seller, you could win a bunch of time-sensitive auctions, then hang them up for weeks waiting for money orders. (You have to remember they will take roughly a couple of weeks for the buyer to get one and mail it off, and perhaps you can claim "lost" and take another couple of weeks). If it was a time-sensitive material, that could span a couple of months and render the product worthless.

Then there was the seller who might receive and claim it as not paid still.

Paypal offered something no one else did (or still do) - the ability for Joe Random to take a credit card payment irregularly. Merchant accounts are expensive and often have conditions. Paypal did not - if you only did 1 $100 sale in a year, that was fine for Paypal. Most merchant accounts would've charged you several hundred dollars if you did that. And credit cards ensured payments could be sent instantly and quickly, more in line with traditional online shopping.

Sure it probably took eBay's might to sort out all the financial and banking issues, but eBay and paypal are not competitors. They're not even just two random companies - they're companies that realize each has a product or service that works really really really well together. Even post eBay/Paypal split the relationship is more than that of two companies.

Actually, I think you're speaking for yourself when you don't have a clue what I have running in my home.

8 kWh computer (just mine, not including the other laptops and my SO's own computer.)
3 kWh in LED grow lights.
7.2 kWh A/C (this is California.)

And so on...

And you are the 0.05% of households. Tesla's solution is basically the 95-99% of use - the average home really is budgeted to use 1-2kW average over the entire day.

Most people don't use 4x 2kW supplies, because running 4 20A circuits for a computer is unheard of in a residential setting. Even the modern building codes which dictate 1 20A circuit per outlet in the kitchen often only provide 4-5 outlets for the entire kitchen (besides regular 15A circuits for the microwave and fridge, and 240V circuit for the stove). That's because people have a nasty habit of plugging their toasters, kettles, and other appliances in at once.

Why does every solution need to fulfill oddball out of the way requirements? Just like an electric car might not work for 10% of the driving population makes them completely unusable? Or for the once-a-year time you need to haul away some stuff you're willing to toss away a solution?

If that was the case, we'd all be using desktop PCs because laptops compromise too much, tablets would be completely useless because you couldn't "create" on them, and don't get me started on smartphones - they can't run top end games or browse full websites, or anything.

Just because something doesn't work for you doesn't mean it's a stupid idea. If your needs fall so far outside the realm of average use, then move on. Meanwhile, everyone else can have their batteries that either charge themselves off the grid during off-peak cheaper times and deliver the power inside the house during expensive peak times, or charge themselves off a solar array to provide night-time power.

Cough, cough, IBM did the work, M$ just ran off with the benefits due to a very, very shonky contract.

At the time, the IBM PC project was a lightly funded "get it out there quick" project. This was IBM using an off-the-shelf processor and common every day parts to make their PC, after all. This WAS IBM, and generally NIH was verboten. But IBM needed a PC quick and cheap.

The only bit that was truly IBM's was the BIOS, and IBM figured that since DOS was tied heavily to the BIOS that no one would clone it, so Microsoft retaining the rights wouldn't mean that much since every sale of MS-DOS was for an IBM PC.

On Windows it gets even more fun. They like to piggy back spyware with cracked games. So for your unwillingness to spend $50 on a game, you have some creep electronically playing out the plot of Porky's with your PC.

Actually, not really. The games themselves are generally distributed verbatim in order to keep all the code signing signatures intact (this includes the installer). In fact, they're typically the same as if you bought the downloadable version of the game. This is handy for those of you who lose the original disc but have the keys and whatnot around. Or if it's a steam game, it keeps the original signatures as if you got it from steam.

Instead, the infected part is the unsigned code - i.e., the crack or keygen. No one expects those to be signed, so they wrap them with a dropper utility that will install the malware before running the real code.

Or, there are also a bunch of fake cracks and keygens that do nothing other than install malware.

Why would I bother with the used one?

It's actually a reflection on the odd fact that a brand new Tesla is often *cheaper* than a used one.

Yes, you heard that right - you can pick up a new Tesla cheaper - Tesla's got a continual backlog of at least 3 months or more...

I doubt it. I think it is far more likely that the pharmacy sells this information to insurance, pharmaceutical, and marketing companies. Big data is big business these days. So long patient confidentiality.

That being said, it is unconscionable how lax PillPack.com security procedures were.

Exactly.

First off - is a full name and DOB a unique enough identifier? For something as vital as a prescription, it doesn't seem like it. I would presume for patients, there's a real unique identifier involved for electronic prescriptions or using a real scrip.

The fact that there's no other identifier involved seems to imply sold records that only have your name, DOB and prescription. Not good enough to actually uniquely identify people, but good enough to pre-fill information about you, and if there's a collision, just merge the records and hopefully it'll never come up, or the user will pick the right meds (not that it matters since they still need a real prescription to get the meds).

I think what PillPack.com revealed is the extent to which your drug purchases are sold around. Though aren't such things covered by medical privacy laws?

No. This is a "What the f* were you goofballs thinking when you wrote this code? And if this is all the better you can do, what other gotchas are hiding in there?"

Well, most of the case would be that they didn't realize it might be an issue.

Early Linux suffered from this issue a lot - device drivers could not be counted on to survive if jiffies overflowed. Modern day Linux implements a bunch of utilities to compare jiffies with an elapsed time (that handles overflows), as well as starting the jiffies counter 3 minutes before overflowing so it overflows early and bugs are detected.

Of course, in this case, it was discovered in a lab setting - not only is it unlikely to happen in the real world (no, making a change to cause the roll over early will not happen as it turns working code into an untested state), but it also relied on someone pretty much leaving the equipment on the whole period then noticing it died.

I don't know about you, but finding out the reason why something died 250 days later is difficult and probably only was discovered accidentally because someone left it set up at their desk the whole time.and forgot about it.

Hell, it's probably a given the bug exists in plenty of other things as well, just they're normally cycled long before it's a problem and no one actually ran it long enough to test.

If you find that interesting, you may also be interested in the VMWare install script, which starts as a shell script but has a compressed binary attached to the end.

That's not interesting at all - there's something called a shell archive, or "shar" which is what it implies. GNU has "sharutils" which is used to create and extract files from shar files (or you can run the script - it IS just a regular shell script).

The benefit is, of course, you can embed a binary inside it and it self-extracts, and is transmissible over text-only media without having to use uuencode/base64 or other utility.

Of course, they aren't standard, and often are limited because they rely on external installed programs you should have in your system, and often there's version dependency on the programs it relies on, enough so that older shar files might not work on newer systems.

Or, say, Azure. It's a money maker, despite playing catch-up with AWS.

Actually, doesn't Apple use Azure to power iCloud? Rather than Apple trying to do their cloud thing themselves, they rely on a cloud provider, and the one they chose was Microsoft...

Sure, sometimes keygens are trojans as well, but those are covered under the heading "virus". Most anti-virus software also detects perfectly harmless keygens these days, supposedly to "protect" the user from "accidentally" generating a key and pirating software.

Actually, most keygens people run into are infested with malware - Trojans and viruses and all that. Usually they're wrapped with a "dropper" application - run the keygen, and the dropper downloads the malware then launches the keygen.

The reason for this is infecting installations is a bit more difficult these days - since a lot of software is already downloadable the companies behind them sign the executable. So when you launch the installer, Windows pops up the nice message about the file and it's all signed and everything. Of course, since keygens are rarely signed, if they've been altered it's impossible for the user to tell.

The money involved in the malware trade is sufficient enough that they basically crowd out the sites that actually offer clean keygens.

Cracks, too. At least with keygens you can reasonably run them in a VM to get a serial number without infecting your PC, but cracks have to be run on the live installation, making them an ideal target for malware authors.

Stuff like drive-by-downloads generally aren't used much - between enhanced browser security, elimination of Java or Flash plugins, it's a lot harder to spread malware. But a good keygen or crack for a popular application and you can easily spread CryptoWall around and get $500 from a lot of users.

You may never use iMovie, for example, but there it is, included with your Mac, whether you like it or not.

Not since Mavericks, actually. Since Mavericks, all the iLife and iWork apps are now separate (free to new Mac owners) downloads from the Mac App Store, so if you don't want iMovie, you don't download it. There was a mild amount of downloading when it was discovered pirated versions of iLife would automatically give you a legitimate version (because iLife/iWork was only "free with a new Mac purchase")

iTunes is always included, as is QuickTime, because well, people generally expect their OS to be able to play music and movies from the get-go.

Apple has been reducing the amount of 3rd party stuff they ship with the OS - between security issues (when bundling Java and Flash with the OS) as well. Kinda sad since my older Macs came with a bunch of not-trialware software. I suppose when Apple started shipping them with Mac Office trials was when they stopped asking 3rd parties for bundled software...

The thing is, most people likely to consume their services would rather have them operating just as they are than otherwise. It is a bit of an irony given that we're a democracy, but stuff like this happens all the time. We have speed limits that almost nobody follows, and yet they aren't changed. The issue is that laws often do not reflect the political will of the population.

The problem is when something inevitably happens, and the user gets screwed. E.g., an Uber driver getting in an accident without a fare, but heading to pick up one. Technically, the Uber insurance doesn't apply, and it's up to the driver's insurance to figure out if they cover it or not.

If not, then if you're the one they hit, it's YOUR insurance that covers the bill under "underinsured party". Your insurance may try to recover the money from the other driver (who has no insurance) but there's no guarantee. Meanwhile, YOUR insurance goes up even though it wasn't your fault - the Uber guy ran into you. So you're screwed. You can try to sue to the other driver.

And that's when the big crackdowns happen. It's all a big party until someone gets screwed over. If it's someone in power, then Uber may have to pay up themselves (the principle to go after those with money).

And we're seeing the effects of no regulation slowly - depending on your location, taxi companies may be forced to pick up anyone, including handicapped, and if they cannot, they may be forced to actually wait for a replacement. (Some jurisdictions say if a taxi driver cannot pick up a fare, they must wait with the passenger until a replacement taxi arrives who can pick up the fare - you're not allowed to say "he's black, I don't want him" and drive off).

Uber's small enough now it doesn't matter because they're only going after the folks with money...

Do we really need a story about ham radio after every disaster? I'm sure it's being used, but not to the extent of official radio communication. "People communicating by any means possible," is not news.

Yes, because everyone not affected seems to assume that stuff like the Internet and cellphones will kill ham radio. Yet I'm pretty sure that while in normal circumstances you could get access to the Internet, and yes, the vast majority of people have cellphones, well, guess what? That stuff's not working now, so now what? Bit hard to use the Google or Facebook "I'm safe" feature when you can't get online now...

Call a friend, or text? Pretty hard when the towers are overloaded and maybe even in states that would appear to work, but not.

And that's a problem because people assume that because in the normal case it's not needed, it's obsolete. I'm sure a lot of people on /. wonder about AM/FM radios given that you can stream Pandora and other stuff off the internet.

And yes, ham radio is often official radio communications methods - many rescue groups use hams to provide communications between teams on the ground and HQ, or even to provide a way to tell someone else outside the country to relay messages onwards. And local government also often uses hams for emergency communications - the ham radio infrastructure may often be better than what their official radios have.

While you do have a good point, I think that any disaster that requires ham radio for communication would also likely have taken out the local power grid leaving consumer power line networking inoperable.

There are in general two kinds of operation of ham radio. First is local communications - local rescue groups using hams to help communicate and coordinate between groups on the ground and HQ.

There's also the longer distance communications - these guys get the signal out so someone in an area not affected by the disaster can pass on messages and whatnot. Think more along the lines of "I'm safe and sound" type messages being passed on to family.

The problem is power line broadband basically makes the long-distance communications less reliable. I mean, given Nepal's economic conditions, sending out "I'm safe" messages usually mean transmitting to India, where the infrastructure works fine. Powerline broadband would be working as well, which means your message will not be received because the receiver can't hear your message over the noise.

Power line networking or broadband generally affects long-distance HF communications more so than short-range VHF/UHF comms. And that's bad because short range would mean the power and infrastructure is down so it's not a problem. But you want to pass your message to places unaffected by the disaster where there IS working infrastructure, and then you have interference.

And that's the beauty of ham radio that blows people's minds away - it's not just about people talking to people in a city, but around the world - it spans the ability to talk to people from your neighbourhood or city to around the globe. Most people are fascinated because most of them only see extreme short range communications - a few miles at most for a cellphone to the tower, to a few tens of feet for wifi and Bluetooth. Telling them that it's possible to actually go around the world on wireless...

Wait...the pope is a creationist...

Sorta.

He believes God created the universe, yes, but not that it's 6000 years old or whatever - rather, God created the conditions to which things like science and evolution can take place. The Big Bang happened because God didn't create the universe, He created the conditions for the universe to exist. God didn't create Man, he created the environment to which evolution could take place to create Man.

Effectively, he believes in evolution, but also in that God didn't wave a "magic wand" and Man suddenly popped out of nowhere. God created the conditions to which Man could evolve.

It's a partial cop-out, but given science really cannot explain what happened before the Big Bang, or what's outside the universe, well, that is God's domain.