I'm not sure where the the article summary got its notion about the costs. The article doesn't address that- instead it spoke to how much could be made selling the service. From the article:

Assuming a selling price of $2 per 1,000 solved captchas, our token harvesting attack could accrue $104 - $110 daily, per host (i.e., IP address). By leveraging proxy services and running multiple attacks in parallel, this amount could be significantly higher for a single machine.

I think the authors of the article were trying to communicate how much money they could make selling this 'service' to other unsavory agents. It could be a lucrative business given the assumed market rates of $2 per 1k, and the mentioned optimizations could make it even more attractive. It makes me wonder if you could set up the whole thing in a cloud computing environment like AWS and come out ahead.

I was curious about your comment, and I think I found the article you were referring to. It was a 7/19/15 NYT article ( http://www.nytimes.com/2015/07... )

Here is a direct quote from it regarding the efficacy of the Zappos holacracy:

"Pressed for instances of Holacracy’s achievements at Zappos, employees could offer only pedestrian examples. Mr. Hsieh had shut the bridge connecting the office to a parking garage, hoping staff would experience more serendipitous encounters if they all used the same entrance.

But that meant employees had to venture onto the seedy streets to get to and from their cars, leaving some, especially those working late shifts, feeling unsafe. So one employee proposed that the bridge be reopened, a motion that was accepted by the circle that controlled campus operations, essentially overriding the C.E.O.

Or as a Zappos spokesman described the process, using Holacratic terms: “An employee (unknown) brought it to the road block role with safety being the tension. The road block role then took it to the grease and disrupt circle where it went through the process and was eventually passed with no objections.”

I just checked, only 5 months of my checking account could be downloaded. Not sure if this was a transaction limit, or a time limit. (I tried putting in a date in 2006).

I love USAA. I just submitted a 'suggestion' to USAA to increase the time limit. My guess is that they probably only keep ~6 months worth of transactions online accessible.

I haven't used Microsoft Money or Quicken in a while to see if that allows someone to pull more information. If I ever started using one of those tools again, then I'd probably like to be able to pull a few years worth of data.

http://blogs.ajc.com/kyle-wingfield/2009/11/30/obamas-cabinet-this-graph-explains-a-lot/ "the previous low-water mark for private-sector experience since 1900, the JFK administration, was still three times higher than the Obama Cabinet’s level."

If you read the fine print on your bill, you'll see the federal government has stepped in to mandate that carriers must cover the rural areas (and pass the bill on to us.). "Federal Universal Service Fund 12.9% " (If you're on AT&T, choose "change my rate plan" --> "Other Monthly Charges"). Maybe AT&T is just waiting for the government to mandate "get your network up to capacity to handle your customer load" - and then pass it along to us as a tax / surcharge.

Pacemakers have not been wireless hooked up via the a home monitoring system managed by St. Jude (until now), Medtronic, nor BSC. ICD's have been. (I can't speak for OUS companies). TTM monitoring has been hapening for years. (8 second EKG's, and battery strength, etc...)

A key thing that is left out (But what most people have surmised):

    Pacemaker <--MICS Band--> Home monitoring unit (developed by pacemaker company; obtains IP address - typically via dial-up.) <--TCP/IP--> PaceMaker Companies Servers <-- TCP/IP--> Physician Web connection

The 400mhz is considered to be the MICS band - http://en.wikipedia.org/wiki/Medical_Implant_Communication_Service . The great thing about MICS is that it covers not only 'both sides' of the pond, but pretty much all sides. (E.g. Asia, Europe, and the US). The 'challenge' with 400mhz is that it's only a 'few meters' coverage. So you have to have the home monitoring unit (the unit that actually does 'connect' to the internet and the implanted device) within a 'few meters' of the device/patient.

Pacemakers are very small, compared with an ICD (defibrillator). In both cases, battery space is one of the biggest uses of the volume of the CAN. (in a defib you also have a large capacitor). The more energy you use for communication, the faster you drain the battery - and the less power you have for therapy. No one has an 'externally rechargeable' unit - so the only option is to put the patient under for surgery and replace the unit. (Low risk - BUT, there is a risk... and it's a surgery. and these things aren't cheap)

It will probably be a long time before your pacemaker signs on automatically to the local WiFi connection to 'dial home' to the physician. (Power, security, and proprietary data communication formats to name a few reasons).

One commenter early said, "pacemakers have been connected for years" - that's via "TTM" - http://www.google.com/search?q=transtelephonic+monitoring+pacemaker&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a

TTM doesn't provide very much data from the CAN. Basically and EGRAM, battery strength, and maybe a few other items. The at home monitoring unit can pull more data from the can.

The great thing about these systems are the peace of mind from monitoring the pacemaker on a daily/weekly/monthly basis versus once every 6-12 months or 'when the patient feels bad.' And when the patient does 'feel bad' the physician can pull up the latest information from the pacemaker the help determine if the patient should come in or not.

Company Websites:
St. Jude (Featured) - House Call - http://www.sjm.com/devices/device.aspx?name=housecall+plus+remote+patient+monitoring+system&location=us&type=10
Boston Scientific - http://www.aboutlatitude.com/
Medtronic - http://www.medtronic.com/physician/carelink/index.html

Unfortunately, that's a crime even if you didn't already commit one.

It depends what you mean, and I think a lot of people are conflicted about it. If "science" means to make predictive theories about the way the natural world operates, then no, CS isn't science. If "science" means to make claims in a verifiable, empirical, and unbiased fashion (that is, the scientific method), then CS theory proofs and industry debugging seem a lot like science to me.

Frankly, yes. Art of the most beautiful kind.

I don't think the author is making the claim that RFID is the best way to ID Americans. I agree with you that there are much better ways for a human to ID an American. But what about an explosive device, as shown in the video? Modern terrorists use remote explosives to time an attack for most destruction and/or destruction of Americans as opposed to sympathetic locals.

It would be much easier to build a device that will only blow up if X number of Americans are in its kill range. This device could be constructed, dropped, and forgotten about. This means you have no risk of being caught once you plant the device. Sure it could make plenty of collateral damage, but it would always get at least X Americans along with it. The author's claim is that faulty RFID shielding on passports makes this possible to do. I don't have a cost analysis, so perhaps it is still farfetched, but for the right price I think this would be a very practical exploit.

Yes, there are so many textbooks out there with only one author and no sources cited. And find me a Nobel laureate who never collaborated with anyone.

I believe there are states which require you to divulge your legal name and permanent residence, but I don't know about any where you actually have to show ID. That would mean you must be in possession of an ID at all times, which is certainly not true.

You realize our Congress can't raise taxes in other countries, right?

I actually presented a poster next to Ramesh Raskar at CHI earlier this month. While a very interesting project, he seemed to indicate that it was still very much a work in progress.