Forgot your password?

Comment: no rest no peace (Score 1) 65

These 3D whizmos, like for example LEAP motion (incredibly cool), all work great.... for about 20 minutes. Then you put them in the drawer because they require too much muscle coordination and energy to operate. in contrast when you REST your finger on a scroll wheel or REST your hand on a mouse it is not merely not moving, it is at rest in 3 dimensions. it only takes a small effort to move it, but you are not having to run a whole lot of muscles in coordination to keep the hand or finger in a constant position. it's hard to poise your hand in empty space. In the old days, good typists could do this with hands poised over the KB and fingers hovering above the keys. Most people now days use palm rests or put pressure on the keys. those old time secretarial pool typists had to sit up straight and brace their feet on the floor to pull that off. Girdles probably helped!

the first successful mouse replacement will have that feature. Perhaps something with haptic feedback to support your finger a little till you really want to move it.

personally I suspect the some sort of eye motion or maybe a joystick like thing will be the first 3D controller that people can use for long periods.

Comment: Python is better overall but R is more like SAS (Score 4, Insightful) 143

R has more single function high level commands devoted to stats, these are done right internally and are self consistent with other functions for further processing. But its not as general a programming language as python. if you want something different than the canned functions in R then you will need to write them yourself at which point you might as well be using python. however if you like SAS then chances are R will seem more like what you are hoping for.

Comment: Re: two factor ID based on cell phones is crap (Score 1) 47

by goombah99 (#47316749) Attached to: Trivial Bypass of PayPal Two-Factor Authentication On Mobile Devices

It's better than nothing,

To the extent that this fig leaf is accepted in place of having real security via the simple expedient of a secondary e-mail address for password recents means this is getting baked into the system and hard to unwind later.

to see what I mean look at the silly "application specific password" kludge Google introduced to let you collect e-mail bypassing two-factor ID, and password storage vulnerabilities. nuts.

it should be baked in that all sites that use 2-factor also allow (or require) a 2nd address for all password resets.

Comment: two factor ID based on cell phones is crap (Score 1) 47

by goombah99 (#47316545) Attached to: Trivial Bypass of PayPal Two-Factor Authentication On Mobile Devices

currently the paradigm is if someone has control of your cell phone your two factor ID becomes zero factor ID. This is because nearly all cell phones can collect e-mail, allowing a password reset to be performed. Likewise cell phones display text messages with the second factor. So you are hosed. Even if you have a screen lock on your phone, have you ever lent your phone to a stranger to "make a call" or take a photo?

The workaround for this is to have a second e-mail address that you don't have associated with your phone's e-mail program. Then you can send all your finanical accounts to the e-mail address. But that's not really very convenient (e.g. amazon and google wallet would be awkward to use that way).

What needs to be done is to have financial companies send all non-critical e-mails (e.g. paypay receipts and notices) to your general e-mail, but require a second e-mail address for all critical transactions where money is movable.

or even better, they could simply require that all password resets go to a secondary e-mail address. this would be even more convenient.

until then two factor ID using cell phones is just a very vulnerable layer of the security onion.

Comment: Re:What happens if (Score 3, Interesting) 281

by goombah99 (#47243827) Attached to: Bitcoin Security Endangered By Powerful Mining Pool

Also if the bit coin miners get concentrated into just a few, what happens if these 3 were to get DDOSed? if the big miners are off line then would the next largest miner have a window of time where they controlled more than 50% of the mine? Would they be able to pull off some shenanigans in that time?

Comment: What happens if (Score 4, Interesting) 281

by goombah99 (#47243817) Attached to: Bitcoin Security Endangered By Powerful Mining Pool

I wonder what happens if someone with more than enough CPU power to get 99% of the mining jumps in one night. What kind of Damage could they do in a short interval before people notice? What if their goals were not to steal bitcoins but rather to snatch all the coins from, say, Kim Jong Un, or Al Queda. E.g. for example the NSA or Samsung or Saudi arabia. They would not care about the loss of value in their stolen coins, the point is to deprive an adversaries use of them.

Does the Amazon or Azure networks have enough rentable time to pull this off?

Comment: Adults are the carriers (Score 1) 387

by goombah99 (#47240573) Attached to: California Whooping Cough Cases "an Epidemic"

Having had had family members with whooping cough I looked into this. Adults are believed to be carrier's with silent symptoms. This year (2014) when adults get their physical they will very likely be offered an immunization for whooping cough. I just got mine since I was exposed to it. Although vaccines after the fact may not be useful for protection, the wisdom apparently is that the vaccine helps your body supress the silent infection. Not sure I understand why.

Comment: why there is no competition (Score 3, Interesting) 76

by goombah99 (#47197241) Attached to: Amazon Launches Subscription-Based Billing And Payments Service

There's two reasons

first Visa and MC both require merchants not to charge extra fro using their card. Thus there's no reason for consumers not to use the most widely accepted cards.

second, even though Visa is a franchise of issuers, the master company avoids putting them in competition.

Thus there's just no easy way for competition to breakout since merchants don't want to just restrict their sales to AMEX holders anymore.

It's also likely it's an illegal price fixed cartel but I don't have any evidence for that.

"No matter where you go, there you are..." -- Buckaroo Banzai