Forgot your password?
typodupeerror

Comment: Re: It's not just the refund (Score 1) 133

by Todd Knarr (#47390637) Attached to: Amazon Fighting FTC Over In-App Purchases Fine

Amazon is confusing users by making it so that setting the parental controls to "no in-app purchases allowed" leaves the game in a condition where in-app purchases are still allowed. If I get in a car, put the car into Reverse to back out of a parking spot, then put it in Drive to go forward, a reasonable person would expect the car to go forward. They wouldn't expect it to continue to act as if it were in Reverse for another few minutes before the Reverse setting expired and it began to act in accordance with the gearshift setting. Similarly when you set the parental controls in an app you'd expect the app to act according to the controls, not to ignore your setting for several more minutes because you've entered the password recently (as part of setting the parental controls, not to authorize purchases).

Comment: It's not just the refund (Score 4, Insightful) 133

by Todd Knarr (#47389401) Attached to: Amazon Fighting FTC Over In-App Purchases Fine

I think Amazon's problem is going to be that just refunding the purchases doesn't help the parents. If the kid maxes out the credit-card on in-app purchases, the parents have to deal not just with those purchases but the fees and interest from over-limit charges on the card and/or the additional costs associated with any declined charges (eg. if I pay a bill on-line using my card and the charge is declined, I get hit for late fees and possibly service disconnections). Having this happen when you're out-of-town (eg. the kid does this while the family's on vacation, and when you go to check out of the hotel you can't pay your hotel bill and you have to figure out why without being able to check your accounts on-line to see what unexpected charges are there). The only acceptable way of handling things is what Amazon should've done from the start: once parental controls are turned on in an app, all actions that would cause a charge or affect parental controls always require a PIN (and ideally there'd be an option to say "don't allow charges period until parental controls are turned off again").

Comment: Because dead people don't view ads... yet. (Score 2) 186

Given that people are essentially Google's product, or the source of it in terms of information, it makes business sense the Google would be interested in protecting the flock so the company can continue to shear the sheep regularly.

It would be more worrisome if Google found a way to have the dead be more profitable than the living and decided it should go into the mutton business.

Comment: Management botched it again (Score 5, Insightful) 128

by Todd Knarr (#47296253) Attached to: Prisoners Freed After Cops Struggle With New Records Software

Sounds like a typical bollix-up: the system was a drastic change from the existing one and difficult to use, and has performance problems on top of that, but management still sent it live and turned the old system off without making sure everyone had thorough training. On top of that they didn't have any extra resources on hand to help with the extra workload as people learned the new program on the job and didn't have anybody familiar with the program on hand to help the users. End result: the entirely predictable train wreck occurred. But of course the management responsible for this will never be held accountable for it. Instead the blame will be put on "the software", instead of the management who signed off on the software being acceptable when it manifestly was not.

Comment: Buyer beware (Score 3, Insightful) 431

by Todd Knarr (#47255439) Attached to: Chinese-Built Cars Are Coming To the US Next Year

I'm minded from earlier cases of problems with Chinese-sourced products that the Chinese attitude is very much "It's the buyer's responsibility to make sure they're getting what they ordered and paid for. If they don't check, it's their fault for being so gullible.". Not exactly the attitude I'd be looking for out of a manufacturing center.

Comment: Naturally, they've done it before (Score 4, Insightful) 218

by Todd Knarr (#47186953) Attached to: Microsoft Fixing Windows 8 Flaws, But Leaving Them In Windows 7

This is just an extension of the kind of coerced upgrade Microsoft's attempted before. With Vista and then with Win7, when they didn't take off on their own MS tried to force the issue by making the latest versions of IE and DirectX and such only available for Vista/7, not XP. This is the same thing: "Upgrade to Win8 or take the heat for running a vulnerable OS.". Thing is, it'll backfire the same way the "no latest DirectX on XP" did. Win7's such a large base that developers can't afford to write code that won't run on it, so they won't be able to use the new Win8-only safe functions. Which means applications will remain vulnerable on Win8, just like on Win7 where they also run.

Comment: Push payments? (Score 3, Interesting) 228

by Todd Knarr (#47173455) Attached to: AT&T To Use Phone Geolocation To Prevent Credit Card Fraud

If they're going to track your cel phone, that means they're assuming you have your cel phone on you. So why not send the authorization code to your cel phone and let you give it to the merchant? That way it doesn't matter if the card's stolen, the merchant can't get an auth code if you aren't present with your phone. Or better yet, have an app that'll let you punch in the merchant's ID and transaction number and initiate the payment from your end, rather than having the merchant handle your card? That makes stealing the card pointless, because just having the card isn't enough to let you make a charge.

Comment: No master key (Score 2) 475

by Todd Knarr (#47144741) Attached to: The Sudden Policy Change In Truecrypt Explained

Unlike with Lavabit, there's no single master key for TrueCrypt that can be gotten from the developers that'll decrypt any TC partition. The best the NSA could get is the ability to create their own signed binary package with their own modifications and have it appear as the official package on TC's site. The problem with that is that the TC code's open so anybody can build from source and compare with the official build and see that they aren't the same. And any compromise of the source (eg. weakening the cryptography) would be instantly revealed in the diffs. The whole NSL thing sounds dodgy, and doesn't quite fit. It seems more likely that, with Win7 and later moving to supporting only GPT disks, the TC developers found they can't add that support and decided to throw in the towel.

In any case, the version of TC from before this change is still available and as far as anyone can tell is still secure. I'd be leery of switching to other encryption software that's known to be less secure until someone comes up with a definitive vulnerability in 0.71.

Comment: Problem with antivirus (Score 2) 225

by Todd Knarr (#47104417) Attached to: Google Starts Blocking Extensions Not In the Chrome Web Store

Kaspersky AV installs it's extensions in Chrome, and frankly I a) don't want to depend on the Chrome Store for them since I can only trust them if they come directly from Kaspersky and b) don't want them disabled since I installed Kaspersky specifically for this purpose. I can see refusing to enable local extensions until the user confirms they ought to be there, but Chrome isn't the only source of browser components on my computer.

Comment: Energy density lower (Score 1) 432

by Todd Knarr (#47088201) Attached to: Has the Ethanol Threat Manifested In the US?

Ethanol's got a lower energy density (less energy per gallon) than gasoline. That's chemistry and there's no known way around it, to deliver a given amount of power you have to burn more fuel and the more ethanol in the mix the greater the difference. I do see a hit to gas mileage, it's not significant for highway driving (steady high speed) but it really starts to show up in city driving (lots of stop-and-start, lots of time in low gears for power getting the car moving). Ethanol's also got an oxygen atom in it's structure, which the components of gasoline mostly lack. That results in the same problem as with oxygenated gas: it looks like a leaner mix (more air per unit fuel) to the sensors in the engine, which results in the ECU setting the injectors to run richer (inject more fuel per cycle) to get the programmed ideal air/fuel mixture resulting in higher fuel consumption. Oxygenated gas was a great idea for carbureted engines, but it doesn't play well with modern EFI engines and I don't think there's been a model sold in the US since 2000 that isn't EFI.

Comment: Read Asimov (Score 1) 165

by Todd Knarr (#47026481) Attached to: US Navy Wants Smart Robots With Morals, Ethics

Before the Navy goes this route, they need to sit down and read the short story collection "I, Robot" by Isaac Asimov. Everyone's familiar with Asimov's 3 Laws of Robotics. They seem reasonable. Yet, every story in that collection (and in fact most of Asimov's robots stories) is about how the 3 Laws fail in practice. If you want to try doing a better job of writing ethical rules for robots than Isaac, you'd better be familiar with how to work through all the ways those rules can backfire on you. For instance, that question of the soldier who needs traction to avoid death. If you write the rules to allow the robot to inflict pain to prevent worse, what happens when a unit's ordered into a situation that'll result in a lot of them dying and the robot decides that inflicting the pain of broken legs (which can be repaired) will prevent those deaths? That's entirely in line with the rule you gave it, after all...

Comment: Re:Pointless (Score 4, Interesting) 64

by Todd Knarr (#47015359) Attached to: Ten States Pass Anti-Patent-Troll Laws, With More To Come

I think in these cases it'd be even simpler: the letters don't actually spell out what part of the patent is infringed or how the recipient infringes it. It'd be the equivalent of sending a letter saying the recipient's violated a contract and has to pay penalties or face a lawsuit, without saying what contract, with who, or how the recipient's violated it. The state should be able to deal with that aspect of it without going anywhere near the patent itself, that kind of behavior should constitute bad faith even if the underlying patent's valid.

A lot of trolls do send out letters without any basis, because a lot of people will take a cheap settlement rather than spend the money to fight it, go through discovery and all it's costs, and get the suit dismissed. Take a look at the SCO v. IBM lawsuit, where the SCO executives were fairly explicit about not caring whether their claims would stand up or not because it'd cost IBM more to fight and win than to settle so they figured IBM would just settle. Anti-patent-troll laws aimed at this sort of vague accusation help because it forces trolls to be explicit up front about what they're accusing their victims of which gives their victims more opportunity to knock the accusations down early on before it gets expensive.

One of the most overlooked advantages to computers is... If they do foul up, there's no law against whacking them around a little. -- Joe Martin

Working...