> I'd take issue with them nominating themselves as the one true source

Who else would you trust? Their self-nomination only works because it's not really contested. Even if some support is given begrudgingly, and not everyone likes every campaign or press release, there is general acceptance that their motives are pure.

But more importantly, I don't think there's reason to be so pessimistic. In 1995 they said we'd never have a decent GUI desktop. In 1997, they said we'd never have a free web browser. Then they said we'd never have a free office suite. Then they said we'd never have specialised applications like video editors...

The trend I see, is that we keep surprising ourselves with how far we're getting. There's room for optimism here!

So I've got one person replying to me saying FSF is too "fundamentalist", and I've got you saying they're too lax and are letting too much slip through.

The general theme is that some people will look for even the smallest error just to avoid acknowledging good work.

Why do I say "probably" in my previous post? Because you and I don't know what the firmware in our microwaves do. It's probably fine. There haven't been any big microwave firmware scandals that I'm aware of. (And if I didn't say "probably", you'd say "How can you know?!")

Regarding FSF's statement, they said "no proprietary firmware options". Options. Whatever firmware could be removed has been removed.

Is the HDD firmware a problem? I don't know. I don't know personally, and I don't know what FSF's take on it is.

But even if you did find some flaw, the right thing to do is say "Well, FSF is definitely 95%, and well done to them for their effort, but I'd like some discussion on this other 5%".

haha, someone modded my two comments down because they disagree.

I guess they want FSF to do everything and hand it to them on a plate, free, user-friendly, zero cost.

What this seems to do is take control away from the user, who could swap SIM cards, and give it to some carrier. This looks like something where you beg and plead with your old carrier to let you switch your device to a new carrier. There's a lot of elaborate key management in this system, and compromise of certain keys could break the whole system.

Spec for the system architecture.

People who use an OpenMoko will love this.

There's something to be said for what the FSF is trying to do. The problem is that they're too slow in doing it.

> Is the harddrive running open-source firmware too?

A disingenuous double attack.

First: "Since I can't be perfect, why should I make any effort at all?"

Second: "FSF is has compromised! that makes them insincere"

The answer is that no, the hd firmware isn't open. Like the firmware of a microwave or common wristwatch, it's probably impossible to put new firmware on it, and it's probably not a problem.

A line has to be drawn somewhere, so FSF's line is: if the software (including firmware) can be updated, it must be free. The philosophy is that if it's complex or important, then the vendor will create a way to update the firmware. If the firmware can't be updated, then the code is probably sufficiently mundane as to be ignored, just as circuits are ignored.

> no understanding of the importances of "just works"

That's not their part of the job.

Various entities can label something as user-friendly. FSF is pretty much the only entity that can label stuff as free.

This is one laptop. Hopefully next year there'll be twenty, and then someone can take on the job of announcing which is the most user-friendly of the twenty free laptops.

If you're thinking of the RNG thing, actually some banks did still have the logs which is why they were able to identify the problem in the first place. But yes not all banks are so careful.

Don't get me wrong. It's good that people research EMV, and the task isn't easy. I respect the Cambridge team for that reason. But when they talk to the media or about their work in general, they act as if friendly fraud doesn't exist and EMV is just one giant scam by banks. That's ridiculous. "Friendly fraud" (that's the technical term for it) where the consumer defrauds the bank/merchant is not only a thing, but a highly prevalent and measurable thing. EMV protects sellers by shifting payment security to the buyer, who is typically the one who can most affect it, by keeping their PIN safe. It's not OK that banks don't seem to be pen-testing their own systems aggressively enough, although of course as the system is closed we don't know about the mistakes their own development teams did catch. But it's not useless, and nor is the liability shift. After all, in commerce it takes two to tango.

You mean the system that is processing many, many orders of magnitude more transactions that bitcoin? So many that bitcoin as it currently exists couldn't even begin to handle them without major overhaul?

The amount of mining done is irrelevant to transaction loads, it essentially controls the risk ratios for any given specific transaction that might be reversed. You get the same level of security for the same amount of mining regardless of whether that mining protects 100,000 transactions or 10 million.

Bitcoin can fairly easily scale to loads experienced by existing payment networks. PayPal only handles about 40-50 transactions per second, it's not very much. Visa does more like 10,000 per second, which a solid multi-core server could easily chew through with good optimisation of the software: processing a Bitcoin transaction is a lot cheaper than rendering your average PHP-driven, complicated database backed webpage. You can read a back of the envelope analysis of how Bitcoin scales here.

It's hilarious how its proponents have zero sense of perspective about their favourite little toy.

I think it's rather sad (not hilarious) how its detractors have zero understanding about how the system actually works, but decide to trash it anyway.

AFAIK with Chip-and-PIN, you would need a lot more time with the card, some expensive hardware, and some reverse-engineering skills instead of just click-the-copy-button skills.

Actually it's better than that. Nobody knows how hard it is to clone an EMV card because I'm pretty sure it's never been done (by the non-banking industry). All the attacks on EMV that have been mounted are things like obscure protocol attacks that could be detected by the bank, attacks on very old first generation cards that didn't have CPUs inside them, attacks on weak random number generators inside ATM's and the other sorts of attacks you'd expect to see on an enormous and widely deployed cryptographic system. There have been a few amusingly convoluted social engineering schemes as well.

Some say EMV is the largest crypto system in history, larger even than SSL, and that would not surprise me. But what nobody has reported so far is cloned cards (at least not cloned DDA cards which is what most of the industry is using now for some time already).

The idea that EMV is broken or security theater is an idea pushed by exactly one group, AFAIK, the research group at Cambridge. They've done great work researching flaws in the system and ensuring public sector bug research keeps up with the criminal worlds research, but they also love making dramatic press releases and getting their names on TV, so every time they discover a new (invariably patchable) weakness, they declare it's game over and the entire system is worthless. Not so.

It could go down either for porn or "hate speech", which Cameron is wasting no time adding to the filters. The lulz will be heavy then.

You're just making stuff up to suit your argument. There is no evidence that BTC will ever be stable. The very nature of it's inability to be centrally regulated will guarantee that it can never be stable. Regulation is a stabilising force, it's why prosperous, healthy and wealthy countries all have the most regulations. Don't get caught in the Tea Party anarchist hype. If you want anarchy go take a holiday in Mogadishu or Kabul and then come back and tell us how well that works out.

What a ridiculous load of nonsense. Firstly, I'm not making stuff up to suit my argument. There really have been periods of stability. For instance I remember that when Bitcoin was at about $5 it stayed there for around 6 months or so, iirc, and after that it spent another six months floating around $10-$12 mark, which is the sort of volatility associated with national currencies. The reason is that back then it wasn't in the media much, governments weren't paying attention and so on. When I argue that in future it will be stable again, it's an argument based on both common sense and historical experience.

Regulation is a stabilising force? Regulation is an ossifying force. If you confuse "stagnant " with "stable" then it might superficially appear that way, but all it really does is lock in the status quo. The global recession of 2008 started in America, it was triggered by subprime US housing loans, and the USA has probably the most heavily regulated financial sector in the entire world. It's also got one of the most backwards. The USA still uses cheques, it still uses 1970's era magstripe credit cards, most online banks don't even seem to use two-factor authentication, internal wire transfers take days and are not free: all these things are commonplace outside the USA. If regulation is so great, why is the financial system in the USA such a mess despite vast, sprawling financial regulatory bureaucracies?

Finally, your belief that I'm a tea-partier is hilarious. I'm not even American. I think the tea party are a bunch of nutters. They're certainly not for small government, that would require them to heavily slash military spending, something they are very visibly not doing. I certainly don't want to live in Somalia. However Somalia's problem is not lack of financial regulation (there aren't even any banks there), it's very recent and massive wars that wrecked any semblence of civilisation.

In fact, it's funny you bring up Somalia, because badly thought out financial regulations (around making bankers liable for the crimes of their account holders regardless of whether the bankers knew anything) are about to start killing large numbers of innocent Somalis. Somalia relies heavily on the diaspora sending back money to their families, in particular from the UK. Many of those families use money from family members who work abroad to buy food. British banks have all terminated the accounts of money transmitting firms who send money into Somalia because they're afraid the US government will accuse them of aiding al Shabab. Barclays was the last bank to allow these companies to have an account, and the threat of the Somali diaspora being cut off from their families was so great that 45 MP's wrote to Barclay's, begging them to not comply with the governments own financial regulations! Barclays didn't listen of course, nor would you if you faced jail sentences for the actions of account-holders-of-account-holders, and a UK court had to force them to keep the accounts open via injunctions. God knows how that will play out.

If you investigate what it takes to be compliant with US state money transmitter laws you will see there's no possible way for Caldwell to ever comply. Most estimates I see say it takes several years and between 3-10 million dollars to come into compliance with these regulations. He'd have to have his fingerprints be taken 47 times. Effectively, being labelled this way (it's a vague set of rules) is a death sentence for any small company. So no the difference is no "as subtle as a nuclear weapon". Given a set of laws so absurdly hard to comply with that basically only one new company in living memory has succeeded (PayPal), and that is the subject of a book called "The PayPal Wars", there's practically little difference between that and being explicitly banned.

Hi.

the Nyquist limit of the audio sampling hardware of a cell phone over instruction rate of a modern CPU is a pretty small fraction.

The "audio" in question is most likely all below 24 kHz, that being the Nyquist limit for the 48 kHz sampling hardware, unless it happens that some phones can actually sample faster, and have microphones that can respond to higher frequencies.

The instruction rate of the CPUs in question is many times that frequency.

It doesn't sound likely.