Forgot your password?
typodupeerror

Comment: Re:Equally suspect (Score 1) 112

by hey! (#47571271) Attached to: Amazon's eBook Math

Yes, publishers and middlemen have all kinds of rationalizations for trying to kill e-books, but calling any of them "legitimate" is shilling so hard you could pence a crown.

All the arguments based on classical economic theory only work if the assumptions of classical economics hold, particularly the assumption that there is a free market.

Amazon is arguing for its freedom to set prices it charges in its ebook store; that would be no concern of the publishers if we lived in a world where ebook users could simply buy books in non-proprietary formats from any Internet storefront they wanted. But we don't live in such a world. We live in a world where most ebook readers are controlled by Amazon and inextricably linked to its store. It wouldn't have been hard for Amazon to build the Kindle that way. Define some public book trading protocols, bootstrap the standard by building those protocols into the Kindle and Amazon's online store, and instantly the world is a better place for everyone except printers and bricks-and-mortar bookstores with no Internet presence. But Amazon didn't do that, because the Kindle is designed to tie the user to Amazon, the way the iPad is designed to tie the user to Apple.

So what we're looking at is a maneuver by Amazon to corner the market on books *in general* by killing off the traditional paper book trade. Preserving the ability to buy most books from someone other than Amazon seems like a legitimate reason to me.

Comment: Re:Maybe the author needs to get out more (Score 2) 112

by hey! (#47571143) Attached to: Amazon's eBook Math

No dude, your books are not so incredible that people will buy them no matter what the price.

Nobody's book is so incredible that people would buy them no matter what the price. If my only way to get Shakespeare was to pay a ten thousand dollar license fee I'd find a way to do without.

Authors/publishers/developers/etc need to get over this idea of their digital goods being "worth" a certain amount. No, you need to figure out what you need to do to maximize your profits since there is zero per unit cost. Usually, that is going to mean selling cheap, but selling lots.

You really shouldn't assume that anyone who disagrees with you does so because they're stupid. Publishers know their marginal and fixed costs and certainly have a pretty good idea of the price elasticity of their books. The situation is more complicated than you know.

You can't compare Hachette to Valve, because Valve owns the whole Steam ecosystem, and delivers its services to users' commodity PC hardware with no intermediaries (other than Internet service). In the case of Hachette v. Amazon, we're looking at a situation where Amazon owns the point of sale, and has more control over the users' devices than the user himself has. And yes, you can read ebooks on a PC but few people will want to do that. And yes you can download ebooks in non-proprietary formats like epub from sources other than Amazon, convert the format to .mobi, and use file transfer to move the converted file onto the kindle; but that's a significant barrier for most people.

So what we're looking at is a move by Amazon to take control of the book market in a way it cannot as long as paperback and hardback sales remain strong. Amazon *looks* like a friend of the consumer because they're calling for lower prices. If they get what they want, then ebooks may well make a significant market share headway against paper books.

You might think that's fine, but it's not *generic* formats and *commodity* hardware we're talking about. It's formats and hardware controlled by an inextricably linked to *one* company. And that may mean lower prices today, but what will it mean ten years down the pike when Amazon corners the market on books?

Comment: Re:Stop the idiocracy (Score 1) 331

by hey! (#47570891) Attached to: Jesse Jackson: Tech Diversity Is Next Civil Rights Step

It's urban black culture that disparages intellect.

I'd be interested in your source for this particular tidbit, particularly how it shows blacks are any worse than whites in this regard.

I went to high school with a lot of tough white guys from South Boston and Charlestown in Boston, back when Whitey Bulger was still a big deal in Southie. Let me tell you most of them didn't see intellect as their path into the middle class. A few did, but not many. I've also worked with PhD scientists who were black and came from urban black neighborhoods. You get a mix of attitudes everywhere, whether it's in a black ghetto or white ghetto or a middle-class white neighborhood, but usually being academically advanced doesn't make you popular unless you live in town with a big Jewish population.

Speaking of Whitey, his people used to spread the myth that he kept drugs off the street in Southie. In fact he was kicking the Italian mob out of Southie so he could have the drug trade all to himself. Whitey wasn't a hero, he was a parasite. So why did people believe the lie? Wishful thinking. The people who got education and became professionals moved out of the neighborhood, so the one example of guys who rose in life that you saw every day were the mob. And you had to hope they were good lads at heart, because they had the neighborhood by the balls.

There's often a "we're all in this together" thing going on in poor, downtrodden neighborhoods. Part of that is a resentment of anyone who acts like their above the rest, and that includes people who flaunt their education or sophistication. But that's because intellectual accomplishments don't seem to be within the reach of everybody. You don't get that attitude in cultures which believe in self-improvement.

So let's *not* talk race. Let's talk education and economic opportunity. If people have a way up, see that way, and believe they can do it, they will rise.

Comment: Re:performance (Score 1) 307

Connection tracking can be expensive. If you need that, it's going to cut into the performance of your server, so it can be beneficial to do that on a separate box.

Of course. But putting your servers behind a separate firewall isn't the same as putting them on the same network as the clients with *no* firewall.

In any case, we're talking about an in-store POS system with TWO clients. We're not talking about an Internet facing server that has to handle thousands of connections per hour. Even if the server had FIFTY client terminals the impact on performance would be nil.

Comment: Re:Such a Waste (Score 1) 145

by hey! (#47568341) Attached to: The Hobbit: the Battle of Five Armies Trailer Released

Well, I think the first two films are a mixed bag. I rather liked getting meet Radagast, and to see what Gandalf was up to in Dol Guldur.

A screenplay adapted from a book has to stand on its own as well as live up to the book. Where the movies have fallen down is living up to the book. The consensus of my writer friends is that the screenwriting team (Walsh, Boyes, Jackson and del Tormo) doesn't trust Bilbo to carry the story, which deeply undercuts the themes of THE HOBBIT. Lack of respect for THE HOBBIT novel is pretty common among LotR fans. They often dismiss it as "just" a fairy-tale -- an attitude which would have disgusted Tolkien himself. It would have been better if writing this screenplay had been entrusted to someone who loved THE HOBBIT for itself, and understood it better.

Surprisingly, I thought the non-canonical character Tauriel was one of the best parts of the movies. Yes, she was there to give the story a so-called "strong female character", but that's a silly objection. Writers always put characters in stories for some reason; the question is whether they fit in and come to life. I think adding a strong non-canonical character is better than giving so much screentime to a weak but canonical one: Legolas. No disrespect to Orlando Bloom, but the writers dont' give him much to work with. The part could have been played by the CGI model they used in the action scenes.

One of the reasons I'm accepting of the whole Tauriel subplot is that it carries a deeply Tolkienian theme: the love between mortal and elvenkind. That was a profound part of Tolkien's personal mythology. On the gravestone he shares with his wife Edith, he added "Luthien" to her name and "Beren" to his. So I don't view weaving that theme into a dramatic treatment of the HOBBIT story as disrespectful to the author at all.

Comment: Re:as opposed to the other kind of corporation? (Score 1) 221

by hey! (#47567637) Attached to: Comcast Confessions

Here's the interesting thing, though. Let's agree that bottom-feeding is the natural ground state of a corporation; what that means is that nearly everybody is doing it, which means bottom-feeders on average don't make any more profit than you'd get investing in a mutual fund, but involve a lot more risk.

If you want to make *more* profit, you have to be about something *in addition to* profit. A great company has an identity which has value. This, by the way, is how Carly Fiorina ruined HP. She re-imagined HP as something more generic.

Comment: Re:Why? (Score 1) 167

Air gapping the sensitive information is one of those things that looks easy on paper but runs afoul of the fact that people don't like to work that way. It's inefficient. It's not like people have *two* jobs, one sensitive the other not. They have one job in which sensitive bits are intertwined with regular bits, so in practiced people tend to cheat and do *some* sensitive work on the non-sensitive network.

Even if the users are unrealistically conscientious about never doing anything sensitive on their non-secure PCs, this intertwining of sensitive with ordinary information means that you can probably deduce a lot from apparently innocuous data. Imagine you discover the following information from poking around on an engineer's "non-sensitive" computer:

(1) He is exchanging email with certain university researchers setting up face to face meetings.
(2) He has downloaded datasheets for several families of exotic electronic components.
(3) He has telephone appointments in his calendar with salesmen from Unobtanium Corp.
(4) His browsing history shows he's been reading up on certain mathematical topics on Wolfram Alpha.

Now put this all together and another expert in his field might be able to deduce a lot more than you'd expect than if you looked at any one of these factors. The interconnected nature of an engineer's work means that if you remove all the sensitive bits it leaves a hole of a characteristic shape.

Comment: Re:It Depends (Score 3, Insightful) 307

Until someone install something else on the network segment. Like a wireless access point. Or until malware takes over one of the trusted hosts.

Security vulnerabilities always involve violations of some assumptions you make, e.g. that anything coming from a certain set of hosts is benign, or that if a process on a server opens up an IP port it's *supposed* to do that. You want the security of a system to depend on as few assumptions as possible. If it does no harm in day to day operations and offers protection when your assumptions fail, why *not* run a software firewall?

Comment: Re:Appalling (Score 5, Informative) 125

by swillden (#47562755) Attached to: Old Apache Code At Root of Android FakeID Mess

I don't know the fine details of this bug, but am I the only one appalled at how obvious this bug sounds? It doesn't even properly check the certificate? I mean buffer overflows and such are one thing, but not properly testing your certificate code seems unforgivable.

No, it's not that it doesn't check certificates generally, it's that if there's an additional, extra certificate of a particular form in the list that forms an app's certificate chain (but isn't actually in the chain) then that extra certificate gets included in the list of signatures associated with an app... making other apps that query the signature list believe that the app is signed by a certificate it's not. This doesn't, for example, fool the Play store into believing an app is from developer A when it's really from developer B. But it can fool other apps. There are some apps that load others as plugins, and make decisions about which plugins to load based on whether they're signed by a particular key. This flaw allows malicious apps to subvert that, convincing the plugin-loading apps to execute them, thereby giving the malicious app the same permissions as the plugin-loading app.

It's a serious security flaw, no doubt. But it's a little more subtle and less obvious than the summary makes it appear. Also, it appears that no app in the Play store, nor any of the other apps that Google has scanned, attempt to exploit the flaw. It's very easy to identify them by scanning the certificates in the package.

I've implemented tests for certificate chain validation code several times (not in Android), and it never once occurred to me to test for this particular odd construction, nor, I think, would anyone else think to test for it without some specific reason. This sort of bug requires inspection of the code.

(Disclaimer: I'm a member of the Android security team, but I'm not speaking in an official capacity, just summarizing what I've read of the vulnerability -- which isn't a great deal. Others on my team are well-informed, but I haven't followed this issue closely.)

Comment: Re:Bullshit.... (Score 1) 133

by hey! (#47558273) Attached to: A Fictional Compression Metric Moves Into the Real World

It doesn't have to be linear to be useful. It simply has to be able to sort a set of choices into order -- like movie reviews. Nobody thinks a four star movie is "twice as good" as a two star movie, but people generally find the rank ordering of movies by stars useful provided they don't read to much into the rating. In fact the ordering needn't be unique; there can be other equally useful metrics which order the choices in a slightly different way. *Over certain domains of values* minor differences in orderings may not matter very much, especially as your understanding of your future requirements is always somewhat fuzzy (e.g. the future cost of bandwidth or computing power).

The problem with any metric occurs outside those domains; some parameters may have discontinuities in their marginal utility. A parameter's value may be good enough and further improvements yield no benefit; or the parmater's value may be poor enough to disqualify a choice altogether. In such cases such a metric based on continuous functions will objectively misorder choices.

For example Suppose A is fast enough but has poor compression ratios; B is not quite fast enough but has excellent compression ratios. There's really only one viable choice: A; but the metric may order the choices B,A.

On the other hand suppose A has better compression ratios than B; B is faster than A, but A is already so fast that it makes no practical difference. The rational ordering of choices is A,B but the metric might order them B,A.

This kind of thing is always a problem with boiling choices down to a single composite number. You have to understand what goes into that number and how those things relate to your needs. You have to avoid making your decisions on one number alone. But some people *will* fasten on a single number because it makes the job of choosing seem easier than it does. Just don't be one of those people.

Comment: Re:Arneson (Score 1) 177

by hey! (#47557795) Attached to: How Gygax Lost Control of TSR and D&D

After Gygax's treatment of Arneson and the way he attempted to attack other games in the roleplaying hobby, I find it hard to feel much sympathy for him.

Well, if you put yourself in his shoes you might well play hardball with other games in the hobby.

D&D as a system wasn't really all special; there were competing systems back in the days he was at TSR which were every bit as enjoyable and arguably easier to play. But D&D had two big things going for it. First, when the three basic manuals for AD&D were published it had by far the best organized and written materials. The Monster Manual was particularly useful. Second it had the network effect: it was the best system to learn to play because everyone else knew how to play it. You could start a campaign at a drop of a hat -- no need to bring everyone up to speed on yet another set of rules.

So put yourself in his position. The future success of D&D is contingent on no other game reaching critical mass. You're completely dependent on D&D, you have no other marketable skills or assets. You have a company with over a hundred employees (which is surely a mistake on your part), and that company has nothing else bringing in cash *but* D&D products. You've made D&D your life work. It's not a situation to bring out the best in people.

Comment: Re:Trivial observation (Score 1) 133

by swillden (#47556973) Attached to: A Fictional Compression Metric Moves Into the Real World

some bullshit "universal compresser"

Not a universal compressor, a standard compressor, such as gzip. The metric is ultimately just a comparison between the compressor being evaluated and the compressor chosen as the standard, and it is unitless.

That said, I agree with you that the scaling constant has no reason to be present. As for using the logs of times... I don't know. It's essentially a base change, expressing the time of the compressor being evaluated in the base of the standard compressor, which is then multiplied by the ratio of the compression ratios. Handling the time relationship as a base change may have some useful properties, but I can't see what they would be.

Comment: Re: What alternative could be built? (Score 2) 143

The internal "SD Card" is formatted with a Unix-style file system that provides access controls to keep apps from being able to access one anothers' data. External SD Cards are formatted with FAT32, because that's what the whole world expects. Unfortunately, FAT has no concept of ownership or permissions, so the path-based restriction is necessary to ensure that apps can't muck with each others' data.

"We learn from history that we learn nothing from history." -- George Bernard Shaw

Working...