It works. You have to give them credit - the process is extremely simple. I could see it taking off. From a security perspective, it's not great. But it's also not as bad as some people here are making out. You don't send any information over email other than the email addresses of the sender and receiver, and sender's intent to send $x to seller. Phishers are likely to pattern "you've got money" emails off of these Square emails to people. But these are just another variation on "give me info/money, so I can send you money" scams. Same common sense defenses apply--If you aren't expecting money from somebody, don't give out personal info. And then there are more sophisticated man-in-the-middle attacks combined with spoofing the "you've got money" email or replacing content in it. Those are the ones I'd worry about, but they are also much harder to set up. When you go to your online banking website, do you worry about someone spoofing the whole site (or at least the login) and making the DNS point towards the spoofed site? I do, but not enough to stop using it.

So many times some kid has come up to me and said they wanted to learn to make video games. The trouble is that there's this giant gulf between the multimillion dollar games they play, and what they can actually do with newbie knowledge. When I was a teenager, (80's) I could see a game I loved like say... Ultima or Zork... and understand the steps leading up to me making that game. A little harder to find that maker's connection with Halo, Bioshock, Borderlands, etc. So maybe Minecraft can be a good bridge between the effort of programming and the rewards that are possible. A kid or some coming-up coder might get their feet wet writing some scripting for a game they love. So I'm all for it. Sounds great.

This is actually an Associated Press article by Maria Sudekum. See this link. Indiatimes.com didn't give credit to Maria or AP, which may mean they just snatched and reposted the content. I like to see the original author credited and let her reputation be affected (good or bad) by the quality of her work.

The car/robot is amazing. But Kenji needs to redo the video to use better lighting, camera, or something. Get a pro in there to shoot it.

I don't know the guy's deal, but I wouldn't be surprised if he lived in that car. Hmm. Sometimes, it doesn't sound like a horrible idea to save up six grand and live in my car for a year. I'd have all the time I wanted to work on my own projects instead of working a 60-hour IT job.

Thanks for writing the article. I would have liked it if some concrete examples of patterns were described in the review (like you did for "antipatterns"). That would help me judge if there was much insight offered by the book.

I wouldn't do that. Original poster has described his history with the company. Effectively, he is no longer anonymous. Lawsuits could follow public statements here.

I work on in-vehicle systems and the servers that talk to them. There are plenty of existing, deployed services that combine external information with the location of your vehicle (e.g. concierge, route planning with points of interest, vehicle locator, charge station finder for EVs, geo-fencing, insurance scoring, and many more). For all of these, your location data must be sent to a server. And any in-vehicle system that provides at least some services that need vehicle location, will make a habit of sending the vehicle location along whether the owner is using those services or not, provided some kind of account activation has occured. Generally, the automotive manufacturers consider vehicle location data great for providing attractive services to their customers.

I've noticed restraint from auto OEMs on taking the data and using it for things other than the services offered to the users. And unlike webbish companies like Facebook, Google, or Twitter, the auto OEMs are focused on selling vehicles, not data. But that can all change if you fall asleep.

The networked collision detection stuff is interesting, but doesn't change the nature of the problem. The data is already being collected for boring old services from three years back.

I would stay away from cute ideas like wearing silly ties. People will interpret this as childish and arbitrary corporate policy. Also if someone harasses another person, a public display keeps the story alive and further contributes to the victim's embarrassment. You want to set the expectations of culture when new people are hired. Both that bad behavior will not be tolerated and that there is a safe communication channel for complaints to be made. The second point can't be convincing if you don't have an HR staff member that stays outside of the workings and politics of the company. The other part of the battle is the ongoing culture of the company that happens amongst employees. One person that is willing to complain and object fearlessly will positively make a difference. And I mean informally, person-to-person, e.g. "You just called her a bitch, and I'm not cool with it." If you have 2 or 3 people like this in a group of a hundred, that's enough to win the culture. People will leave their bad jokes and sexy wall calendars at home.

The article (not the original paper) is averaging together all of the people that said "Naw, I wouldn't pay anything extra" along with all the people that said one, two, or five dollars, etc. So of course it's going to be some sad little number, leading to a headline that sounds like people are selling their souls.

A more useful question, "of those willing to pay for privacy, how much would they pay?" Read the original paper (not the cheap little article) and you see things like "A non-negligible proportion of the experiment’s participants (13–83%), however, chose to pay a ‘premium’ for privacy. " The paper is actually supporting the idea that some people are willing to pay enough that it would fit into the business model of different content providers.

I also think that a bunch of us hate the idea of paying for privacy, not because we don't value it very much, but because it is offensive to think we would need to pay for it. So again the article headline gives a false notion of everyone selling out for 65 cents, when the stats are unlikely distinguishing between apathetics and holy rollers that would both decline to pay for privacy.

Yeah, like you, I'm reluctant to say it's a bad thing Google is doing, and its definitely not so onerous as intentionally slowing down other content delivery. But I can imagine a future where the infrastructure spending is poured into special pipes to content partners while general connectivity to everything else is neglected. In that case, Google (or others) hasn't done anything to hamper the general Internet, but as investment in maintaining it goes down, it becomes slower and more unreliable.

This approach illustrates how a company can provide content over favorable bandwitdth/networking conditions without running afoul of typical network neutrality rules. Not saying it is good or bad yet--just noting that building special pipes/signalling systems for certain content seems to be a loophole.

Yeah, but you could use the collected electricity to power your light bulbs!

(Just kidding.)

Windows let light in, which you'd otherwise use electricity to generate. Although the film is see-through, it must reduce the amount of incoming light. I'm not an expert, but wouldn't the effectiveness of the film increase proportionately to the amount of light it absorbed without passing through? It seems like a window is not the best place to put a solar collector, even if it is easier than installing on a roof or other surfaces.

You know that sounds like a solid idea, but I scratch my head at the specific implementation of it. If you say that internet connections for ads are a separate permission, then would Google maintain a white list of ad providers? And then for ad providers, there'd need to be some policing to check that info going to the ad servers doesn't contain personal info.

Maybe the way to handle it is to have a separate Android OS advertising API that manages the request sent to an ad provider, disallowing any possibility of sending app-specified info to the server. And then any ad provider that follows the protocol can be accessed via the advertising API with no risk of sending private info like what HTC is exposing.