Forgot your password?
typodupeerror

Comment: Re:im happy google took this on (Score 1) 45

by PapayaSF (#47572405) Attached to: Google, Linaro Develop Custom Android Edition For Project Ara

I said it last month, but will say it again:

Size matters. Desktop PCs are easy to make modular (unless you want an iMac). Laptops are harder, and besides removable batteries, only a few had any modular components (like a DVD drive swappable for an extra battery). Phones are much more space-constrained. Every millimeter counts, and modularity takes up quite a bit of space at that scale, because each part needs to be enclosed, securely attach to the others, etc.

In short, a modular phone is possible, but the trade-offs will be severe, and you'll be able to pick one or two things (e.g. speed, battery life, extra features, small size, etc.) but not all at the same time. And the prices won't be good, because manufacturer(s) will lose economies of scale: it'll be hard to compete with Apple and Samsung making millions and tens of millions of identical units.

Android

Old Apache Code At Root of Android FakeID Mess 127

Posted by Soulskill
from the write-once-run-anywhere dept.
chicksdaddy writes: A four-year-old vulnerability in an open source component that is a critical part of Android leaves hundreds of millions of mobile devices susceptible to silent malware infections. The vulnerability affects devices running Android versions 2.1 to 4.4 ("KitKat"), according to a statement released by Bluebox. The vulnerability was found in a package installer in affected versions of Android. The installer doesn't attempt to determine the authenticity of certificate chains that are used to vouch for new digital identity certificates. In short, Bluebox writes, "an identity can claim to be issued by another identity, and the Android cryptographic code will not verify the claim."

The security implications of this are vast. Malicious actors could create a malicious mobile application with a digital identity certificate that claims to be issued by Adobe Systems. Once installed, vulnerable versions of Android will treat the application as if it was actually signed by Adobe and give it access to local resources, like the special webview plugin privilege, that can be used to sidestep security controls and virtual 'sandbox' environments that keep malicious programs from accessing sensitive data and other applications running on the Android device. The flaw appears to have been introduced to Android through an open source component, Apache Harmony. Google turned to Harmony as an alternative means of supporting Java in the absence of a deal with Oracle to license Java directly.

Work on Harmony was discontinued in November, 2011. However, Google has continued using native Android libraries that are based on Harmony code. The vulnerability concerning certificate validation in the package installer module persisted even as the two codebases diverged.
Space

How a Solar Storm Two Years Ago Nearly Caused a Catastrophe On Earth 212

Posted by Soulskill
from the call-ahead-before-dropping-by dept.
schwit1 writes: On July 23, 2012, the sun unleashed two massive clouds of plasma that barely missed a catastrophic encounter with the Earth's atmosphere. These plasma clouds, known as coronal mass ejections (CMEs), comprised a solar storm thought to be the most powerful in at least 150 years. "If it had hit, we would still be picking up the pieces," physicist Daniel Baker of the University of Colorado tells NASA. Fortunately, the blast site of the CMEs was not directed at Earth. Had this event occurred a week earlier when the point of eruption was Earth-facing, a potentially disastrous outcome would have unfolded.

"Analysts believe that a direct hit could cause widespread power blackouts, disabling everything that plugs into a wall socket. Most people wouldn't even be able to flush their toilet because urban water supplies largely rely on electric pumps. ... According to a study by the National Academy of Sciences, the total economic impact could exceed $2 trillion, or 20 times greater than the costs of a Hurricane Katrina. Multi-ton transformers damaged by such a storm might take years to repair." Steve Tracton put it this way in his frightening overview of the risks of a severe solar storm: "The consequences could be devastating for commerce, transportation, agriculture and food stocks, fuel and water supplies, human health and medical facilities, national security, and daily life in general."
Science

Experiment Shows People Exposed To East German Socialism Cheat More 617

Posted by Unknown Lamer
from the roll-high-or-be-sent-to-siberia dept.
An anonymous reader writes The Economist reports, "'UNDER capitalism', ran the old Soviet-era joke, 'man exploits man. Under communism it is just the opposite.' In fact new research suggests that the Soviet system inspired not just sarcasm but cheating too: in East Germany, at least, communism appears to have inculcated moral laxity. Lars Hornuf of the University of Munich and Dan Ariely, Ximena García-Rada and Heather Mann of Duke University ran an experiment last year to test Germans' willingness to lie for personal gain. Some 250 Berliners were randomly selected to take part in a game where they could win up to €6 ($8). ... The authors found that, on average, those who had East German roots cheated twice as much as those who had grown up in West Germany under capitalism. They also looked at how much time people had spent in East Germany before the fall of the Berlin Wall. The longer the participants had been exposed to socialism, the greater the likelihood that they would claim improbable numbers ... when it comes to ethics, a capitalist upbringing appears to trump a socialist one."

Comment: Re:When "free" isn't free (Score 1) 394

by PapayaSF (#47491697) Attached to: Dealing With 'Advertising Pollution'

I'll admit micropayments don't remove the problem of click-bait, which already exists. And there could be fraud, e.g. claiming something is 1 cent to read, but charging $1. But I think a lot of that can be solved be reputation and common sense, i.e. you might not want to click on that .ru link that promises nude photos of Christina Hendricks. I think the negatives would be worth the positives of allowing content providers, large and small, to make money directly, without advertising.

Comment: When "free" isn't free (Score 3, Interesting) 394

by PapayaSF (#47490827) Attached to: Dealing With 'Advertising Pollution'

This is because most or all website revenue comes from advertising. CBS has ads, but Netflix doesn't. Books don't, and newspapers and magazines have a limited amount, because part of their revenue comes from selling their publications to consumers. (Without ads, a copy of something like National Geographic or Playboy would cost $20 or more.)

The problem is that we don't have a good way of buying small amounts of content online. You can subscribe to some sites by the month or year, or perhaps buy limited access via PayPal, but the cost tends to be $ or $$ or $$$, and nobody wants to subscribe to CNN or YouTube. They want to see that video now, with no registration and commitment. The answer is the great lost Internet opportunity of 15 years ago: micropayments. If there was an easy and universal system for paying (say) a few cents to watch a video, why not? It'd be trivial for viewers, but could add up to real money for sites.

If I were a huge content provider, I'd figure out a way to make it happen, perhaps through ISPs. Subsidize them to give every user maybe $10/month credit. Offer content providers a great deal to install a one-click "Read/Watch Now for 1 cent" buttons. Get people used to paying tiny amounts of money to view content. If something like this could get going, it'd benefit content providers of all sizes. E.g. a comedian who writes one joke a day could make a living with 10,000 readers paying 1 cent per day ($100/day = $36,500/year).

Bitcoin

New York State Proposes Sweeping Bitcoin Regulations 121

Posted by samzenpus
from the we've-got-some-rules-around-here dept.
An anonymous reader writes On Thursday, Benjamin M. Lawsky, the superintendent of financial services, announced proposed regulations for virtual currency companies operating in New York. The "BitLicense" plan, which includes rules on consumer protection, the prevention of money laundering and cybersecurity, is the first proposal by a state to create guidelines specifically for virtual currency. "We have sought to strike an appropriate balance that helps protect consumers and root out illegal activity—without stifling beneficial innovation," he said in a statement.
Medicine

More Forgotten Vials of Deadly Diseases Discovered 55

Posted by Unknown Lamer
from the keep-a-few-handy dept.
schwit1 (797399) writes FDA officials now admit that when they discovered six undocumented vials of smallpox in a facility in Maryland they also found 327 additional vials that contained dengue, influenza, and rickettsia. "FDA scientists said they have not yet confirmed whether the newly disclosed vials actually contained the pathogens listed on their labels. The agency is conducting a nationwide search of all cold storage units for any other missing samples. Investigators destroyed 32 vials containing tissue samples and a non-contagious virus related to smallpox. Several unlabeled vials were sent to the Centers for Disease Control and Prevention for testing and the remaining 279 samples were shipped to the Department of Homeland Security for safekeeping." The FDA's deputy director is quoted with what might be the understatement of the year. "The reasons why these samples went unnoticed for this long is something we're actively trying to understand."

Comment: Re:Et tu, Lenovo? (Score 1) 126

The question going through my mind, is what does this mean for Lenovo? Lenovo acquired IBM's Personal Computing Division in 2004, and announced at the beginning of 2014 that they had reached an agreement to acquire IBM's x86 server business. The fact that IBM chose not to partner with Lenovo for developing all these apps and services for Lenovo's Windows and Android tablets and smartphones is downright bizarre.

On the contrary. Selling things to someone is different from marrying them. And who would IBM rather have a relationship with? An unstable trio (a Chinese maker of undistinguished hardware plus two rival OSes), or the one most profitable and popular maker of phones and tablets and the OS that runs on them? How many of IBM's customers and even employees prefer Lenovo Windows and Android tablets and smartphones to iPhones and iPads?

Comment: Re:You think? (Score 1) 385

So, to be clear, if Obama got on TV and announced that no taxes would need to be paid on corporate or personal income from renewable energy sales, you would NOT consider that a form of subsidy? And he would get no resistance from the right, because it would just be "taking less of someone's money"?

No, that would be a subsidy, if it wasn't applied to all businesses equally. My point was that some people claim a tax cut, usually in the form of a rate cut, is "the same thing as spending." E.g., if a tax cut is expected to reduce revenues by $100 million, they will say it's the same as the government spending $100 million. It's not, for various reasons too off-topic to go into.

Comment: Re:You think? (Score 1) 385

Today on /. we find out who doesn't know the difference between subsidies, tax deductions, tax breaks, and taxes.

You'd have a mod point if I had one right now. You could have added "spending," because I've seen people argue that tax cuts (i.e. taking less of someone's money) is the same thing as more government spending.

Government

Comcast Executives Appear To Share Cozy Relationships With Regulators 63

Posted by timothy
from the how-totally-amazing dept.
v3rgEz (125380) writes A month before Comcast's announcement of a $45B takeover of rival Time-Warner, Comcast's top lobbyist invited the US government's top antitrust regulators to share the company's VIP box at the Sochi Olympics. A Freedom of Information Act request from Muckrock reveals that the regulators reluctantly declined, saying "it sounds like so much fun" but the pesky "rules folks" would frown on it, instead suggesting a more private dinner later.

Comment: Re:Great... Instead of CO2 we get CO (Score 1) 133

Only by increasing the forest footprint of the world, or causing massive algae blooms in the oceans can you really sequester CO2 in vegetation.

I imagine some sort of GMO supertree that grows as fast as bamboo, for carbon sequestration and a cheap building material.

Assembly language experience is [important] for the maturity and understanding of how computers work that it provides. -- D. Gries

Working...