Forgot your password?

Comment: Re:If you tried fixing that you did it wrong (Score 1) 92

by tlhIngan (#47522609) Attached to: The Psychology of Phishing

Personally, I like the people who don't understand the difference between Reply and Reply All. When HR sends a company picnic invitation to Everybody, the invitation is immediately followed by a Reply All flood of RSVPs from that crowd. Lately, though, HR seems to have discovered the Bcc: field as a solution to that issue.

Well, given the default to most company emails requires reply-all, it's not a surprise, really. I mean, if you're on a project and you need to send information to others, you probably will put in several people. And the recipient probably uses reply-all so everyone can be aware of the followup as well. Because things get awfully stilted if everyone merely replied to the original sender and they get flooded with dozens of the same question and notes.

So it's natural in a business setting to use reply-all since you expect to share with everyone else. Hitting reply just feels unnatural.

And yes, that's what the BCC field is for, if you really need to break the reply-all chain.

Comment: Re:Best Wishes ! (Score 1) 259

by tlhIngan (#47520765) Attached to: Microsoft's CEO Says He Wants to Unify Windows

I'd love to see a single UI that works across 4" phones and 7" tablets with gorilla glass, and 13" laptops and 10" convertibles with membrane keyboards, and 24" desktops with 101-keyboards, and 60" XBox Ones with controllers but I'm not holding my breath.

I don't think that's even possible because you'd compromise on the UI. Keyboard/mice, controllers and touchscreens have their own special qualities and interactions. A keyboard and mouse is a very precise pointing and data entry device, while a touchscreen is coarser but is able to provide multiple spots (multitouch) for gesture recognition that's far richer and easier to do than trying to use a keyboard/mouse. And a controller makes a poor mouse, but is killer at navigating in cardinal directions, with a few command hotkeys (buttons) for performing various actions.

Even worse, an app designed for one UI interaction works poorly in another UI interaction. About the only compromise possible is that one particular device may employ multiple interactions - e.g. a device with a keyboard/mouse might also have a touchscreen and a controller. But swapping between them is often a pain on the user.

Often the only way to solve the UI problem is to make each UI incompatible - so if you have a touchscreen device, interacting with it requires using a different API set so you can use it as an opportunity to redesign the UI to be more appropriate. Like how Apple redesigned OS X to turn it into iOS so apps have to use a different API to handle touchscreen events.

Comment: Re:Waiting.... (Score 1) 40

by tlhIngan (#47516141) Attached to: CNN iPhone App Sends iReporters' Passwords In the Clear

How many people are going to read this and take advantage of the flaw before Apple approves the release to the AppStore? That's one argument for Android. Not having to wait for releases of App updates.

Apple does allow for emergency updates that get you approved in about a day tops.

Though the big question is what do you get with your login? What does it let you do? Do you have to pay for it or is it free?

I mean, if it's only to submit news to CNN and comment on their posts, then really it's NBD that it's in the clear - not ideal, but really, you get to post news as someone else, whoop-di-do.

Just like how you can log into ./ using a URL. Yay, so it's compromised and someone can post as me. Big freaking deal.

(Oh, and you need to sniff the password while the user is using it, so while it's easy to do, practically speaking, I don't think you're that likely to encounter too many people using it to make it worthwhile).

Comment: Re:bad for standards (Score 5, Informative) 177

by tlhIngan (#47516105) Attached to: Firefox 33 Integrates Cisco's OpenH264

It also still doesn't give anyone permission to generate their own h.264 video files (outside of webrtc "video-chatting" inside the browser) legally without paying someone a patent "poll-tax" for permission, so this is still "consume-only".
I'm also under the impression that there are,absurdly, potential patent-license issues with the .mp4 file format that h.264 video is most often stored in.

Finally, of course unless the usual obstructionist Apple and Microsoft ever implement opus codec support, this also doesn't give you the legal ability to include sound (mp3 or aac, typically, for h.264 videos) with the video. Hope everybody likes silent movies...

If you have a camcorder, the license to create h.264 is present as part of the camcorder. This includes phones and everything else people submit to YouTube, for example.

The only constraint is that if you post content online, you cannot take payment on the content itself - i.e., you can put it online, you can put ads around it, but you cannot force someone to pay to view that content (commercial activity). So those videos on YouTube where you have to pay in order to view them come under a different license.

As for the Mp4 format being patented - it's RAND by Apple ages ago (MP4 is a subset of the QuickTime MOV format). If Apple's asserting any patents on the format, that is. But since people mass-license the h.264 patents through the MPEG-LA, that means any patents Apple has on MP4 are included in the license fee you pay to create or display the content.

Sound is licensed under a separate agreement - MP3 or AAC. Again, your typical MPEG-LA license for h.264 will probably include use licenses for AAC (most typical format) so you can have a soundtrack.

If not, there's always PCM as well - handled by the format just fine.

Comment: Re:But.. but... how can this be... (Score 1) 52

by tlhIngan (#47516019) Attached to: Amazon Fire Phone Reviews: Solid But Overly Ambitious

This phone from Amazon has the rounded rectangle look ad feel.... How can this be? It violates the patents of Apple. Only genii like Steve Jobs could imagine a rounded rectangle. Now Jeff one-click-patent Bezos is ripping off the intellectual property of Apple...

Well, it's utterly possible that Amazon pre-emptively chose to license the patent. But unlikely.

Because it's a design patent. Which aren't really patents in the normal sense. A "normal" patent is a utility patent - it describes a machine that does something that usefully transforms part A to part B by some series of processes.

A design patent covers aspects of the non-utility parts of a device - a pattern, a design, stuff that is there for aesthetic purposes than for utility.

In the case of the rounded rectangles, the device In question must not only have rounded rectangular case, but also a grid of icons with a smaller subgrid of icons along an edge. The main grid lets you page through it while the subgrid remains static.

Samsung got in trouble because TouchWiz emulated exactly that, while everyone else used the standard Android home screen (which fails because it's not a grid of icons when you have widgets, and the grid of icons (app launcher) doesn't have the subgrid).

In effect, Google worked around the patent.

Comment: Re:liability? (Score 1) 56

by tlhIngan (#47515851) Attached to: EFF Releases Wireless Router Firmware For Open Access Points

Who's liable when they roll into the parking lot of the local Best Western and do the same thing?

The fact it's usually traceable back to you?

A lot of those free wifi things require actually staying at the hotel where they'll happily give you a login and password (tied to your account, of course).

Though, I welcome the move - no more bandwidth limitations! I mean, the problem with all the wifi provided by ISPs Is you have to log into them and they often charge your account for bandwidth.

But if you can have free wifi using someone else's account, well, that makes torrenting all those Blu-ray's (at 50GB a pop) much easier. Suddenly 250GB doesn't seem so limiting anymore.

Comment: Re:Why? (Score 1) 241

by tlhIngan (#47515803) Attached to: Google Offers a Million Bucks For a Better Inverter

Bah, just use the chassis as return; the frames might only be steel, but there's a good amount of it. That and I suggest 600V for truly limiting the amount of power lost through cables. ;)

You'd end up with servers welded to the rack.

Power losses increase with the square of the current - going from 5A to 10A means your cable losses quadruple. These are known as IIR losses (or I^2R losses).

Steel (iron) is an OK conductor of electricity - not great, but OK, so you'd have large losses of energy from the chassis itself (if you thought your racks were hot, well, now imagine the rack itself emitting heat!).

And unless the servers are contacted on practically every surface evenly, point-heating will take place that will weld the chassis to the server.

In fact, that's how an electrical welder works - a low-voltage high current source is all you need. Pass that current through a steel rod and it'll heat up and melt. (You want high current - voltage doesn't really matter - IIR remember? Double the current, quadruple the power).

Heck, it's a nifty physics demonstration when you take a step down transformer that takes line voltage of 120V and step it to 1.2V - that can get you 100A easily (with only a 1A draw at the other end) and that's sufficient for a demonstration. Remember, in welding, you're really creating a dead short.

it's why big racks often do get 208V, 240V or more into them - it's much easier to use thinner cables.

Comment: Re:Pft (Score 2) 879

by tlhIngan (#47513285) Attached to: The Daily Harassment of Women In the Game Industry

Which is nothing but a blight on software development. I mean, why is it that a bunch of supposedly well educated, knowledgeable people are so anti-social enough that they cannot raise their level of communication above an adolescent?

I develop software, and about the most immature it gets is the sparingly placed curse (the f-bomb is even more rare). No one's calling in death threats, or trying to intimidate others. Emails, forums, etc., are all kept at a high level of professionalism, yet are still casual communications with developers sharing ideas, hints, and providing help. Don't know perl? Well, here's a perl script you can use, how it works so you can try implementing it in your favorite language.

Those sort of messages on forums get deleted and banned purely as the entire audience is adult enough to be able to communicate clearly without resorting to childish attacks.

Hell, I would expect it if gamers were mostly teenagers, but the average gamer is in the mid 30s and the age has been rising steadily. Or is there something about video games that can turn an adult into a blubbering 12 year old with maturity to match?

Comment: Re:110 or 240v (Score 5, Informative) 241

by tlhIngan (#47511245) Attached to: Google Offers a Million Bucks For a Better Inverter

Except it requires more wires. 220/240V split phase requires 3 wires.

3-phase generally requires 4.

And unless you really need 3-phase, split phase is easier to deal with - with 3-phase you need to monitor all three phases to ensure they are working (failure of one phase is a common failure mode that requires immediate shutdown of the other two phases lest any dangerous currents develop).

Though, one thing I don't get about this challenge - they're using they want 2kVA output, but then demanding 50W/in^3 with a max size of 40in^3, meaning you have to provide 2000W.

And 2000W can mean providing way more than 2000VA. (The reason we use VA for inverters instead of watts is VA captures virtual power. 2000VA requires just as much power handling components (transformers, transistors, etc) as supplying 2000W at a 1.0PF (i.e., all resistive). Even if you have a really bad power factor and your real power draw is only 1000W - the hardware has to be able to instanteously supply the current and voltage for 2000W at periods in the cycle. The virtual power is virtual, because it's "given back" during another part of the cycle, but that means all the equipment has to handle it.

A lot of electric companies will have a power factor surcharge because of it - if your power factor can't be corrected to within limits, they charge more because they have to install bigger equipment.

The only real saving grace is that the input voltage is 450VDC, so you're really just doing a buck converter.

Comment: Re:Slashvertisement? (Score 1) 92

by tlhIngan (#47511143) Attached to: Buying New Commercial IT Hardware Isn't Always Worthwhile (Video)

Not what this guy is saying is wrong, but there are other unaddressed issues. They cover issues like "power savings", but not the much more important issue of buying an unknown piece of hardware from an unknown vendor, without a warranty. Aside from that, sometimes there are issues of physical constraints-- like I have limited space, limited ventilation, and one UPS to supply power. Do I want to buy 5 servers, or one powerful one? ...

And sometimes, buying "new" is more about getting a known quantity with support, rather than wagering on a crap-shoot.

And that is the main reason why people buy new. To get the support contract because they know if the equipment goes down, they can start losing money fast. Sure they can do redundancy and stuff, and they often do, but they generally want both units to be under service contracts so when one fails and the other one is handling the load, the failed one is getting prompt service to minimize the likelihood of complete stoppage should the other fail.

I've seen perfectly functional equipment force-upgraded because the company making them stopped supporting it. Essential equipment like filers and such? They actually see end of complete support 6 months ahead and plan on migration way before the contract expires for good so they can revert to hardware still under support.

Running old servers is perfectly fine, especially for home use where the user can benefit from the low cost of what was very expensive equipment a few years ago. But until those companies are willing to provide support in case of failure that's better than "here's a spare, fix it yourself", well, there are very valid reasons to go with new. Even if new is barely an upgrade from the old.

Comment: Re:Rounding differences (Score 2) 182

by tlhIngan (#47508247) Attached to: A New Form of Online Tracking: Canvas Fingerprinting

Maybe it should. Providing an API and saying "it kinda work like this, most of the time, your mileage may vary" doesn't sound very good.

That already exists already - many formats specify practically subpixel accurate designs. E.g., PDF.

The thing is, HTML was never designed that way - it's a content-plus-format standard that says the content is marked up, and to provide some hints as to how to display it as the creator intended. But the user is free to override such choices as they see fit in case they don't have certain fonts, have display limitations, etc.

It's why ebooks generally use a limited form of HTML internally, and why most ebook readers display PDFs crappily. The reader wants to reformat the text to fit its screen better, but PDF isn't designed for that - it's design so one document can be displayed identically wherever you view it regardless of if the use has a font, has a 300/600/900/100 dpi printer, prints on A4 or Letter, etc.

Comment: Re:Money (Score 1) 601

by tlhIngan (#47508185) Attached to: Experiment Shows People Exposed To East German Socialism Cheat More

Someone who will cheat for $6 can rationalize it by saying "everybody does this; it's only $6". In fact, the lower the amount, the less anyone would feel like they did something amoral. Which is exactly the opposite of what you implied.

And the rationalization the other way is "why cheat, it's only $6". As in, it's not worth the effort to cheat just to have $6. Now, $10k, that might be worth cheating for.

Basically balancing risk and reward - people don't rob banks much these days because the risk is high (security, cameras, etc), while rewards are low (typically $2-5000 each heist). However, rob a store and the rewards can be just as much, but the risk is often lower (less witnesses, older/crappier camera, practically nonexistent security).

it's just like there are people who will drive across town to save $0.10 on gas, while others simply don't bother as the time/gas/effort of doing so outweighs savings. But if they're likely to drive across town to save a dime per unit, they'd practically jump over the opportunity to drive across town to save $5 off some item. (Even at $5, it's likely not worth it taking time/gas/effort into account).

Comment: Re:This is just a repeat (Score 1) 275

It's just the new strategy to right-size, right-shore and right-fit. In laymans terms, fire employees like crazy, and then complain that there are no qualified engineers available as they can't find any (because they can't rehire the ones they fired*) to fill the void, so more H1B visas are critically needed in the IT sector.

* Omitted from congressional declaration

Except they can be re-hired. It's simply Microsoft policy that says they can't be hired, and there's nothing that the employee does that prevent them from working with Microsoft prior to the 6 month cooling off period.

The policy affects the employees more (they can't work at Microsoft for 6 months), than it affects Microsoft (who is free to hire them prior to 6 months, all they need is to strike that policy away with a stroke of the pen).

I don't think Congress would be too happy to be told there is nobody around because their company policy prohibits it. After all, it's like saying you can't hire anyone because you don't hire anyone who wears glasses, and the only people applying for jobs are people who wear glasses.

It's a policy decision that really could hurt Microsoft in the end when Congress comes up and asks why they can't rehire some of those 18.000 people instead. If Microsoft answers that company policy prohibits re-hiring within 6 months of dismissal, they'd be laughed out of the capital.n Basically they'd be shooting themselves in the foot - you want people and your company policy prohibits it for a period of time? Either change policy, or wait because hey, that situation will resolve itself!

Comment: Re:Secure pairing is hard (Score 2) 131

by tlhIngan (#47503963) Attached to: The "Rickmote Controller" Can Hijack Any Google Chromecast

This is a general problem with devices that are "paired". How do you securely establish the initial connection, when neither side knows anything about the other?

The secure solutions involve some shared secret between the two devices. This requires a secure transmission path between the devices, such as typing in a generated key (like a WPA2 key) or physically carrying a crypto key carrier to each device (this is how serious cryptosystems work).

Semi-secure systems involve things like creating a short period of temporary vulnerability (as with Bluetooth pairing). There's a scheme for sharing between cellphones where you bump the phones together, and they both sense the deceleration at close to the same time.

Or, given the nature of the device as it's physical, it can be a sticker on the device itself. Or given that it has to be connected to a TV, the security pairing code can be displayed on the TV as well and the user enters that code in.

The nature of the Chromecast means there is a secure physical channel to allow such communications to take place.

Comment: Re: "the market" = biz managers (Score 1) 191

by tlhIngan (#47501101) Attached to: Amazon Isn't Killing Writing, the Market Is

Take the example of Firefly, amazing critical response, 9.2 imdb rating (#23 by user rating, #28 by number of votes, etc), an absolute fanatic fanbase that actually got the show to break Amazon's top 30 dvd sales list 196 weeks after release.

Average viewers? 4.7 million - 98th on the Nielsen list. Cancelled before the first season ended.

Meanwhile NCIS, one of the most predictable middle of the road bore fests gets 17 million average viewers 11 seasons, 2 spinoff series (5 seasons of NCIS:LA averaging 16.5 million viewers) all 3 are ongoing.

A bit apples and oranges, because Firefly was on Fox and NCIS on CBS. Firefly was forced on Fox (by Joss Whedon, who did Buffy) by tying the next season of Buffy with Firefly - if Fox wanted another season of ever-popular Buffy, they needed to take on Firefly.

It was doomed from the start - Fox execs basically did everything to kill it (the only obligation was to do barely enough to get Buffy).

NCIS, meanwhile, appeals to CBS viewers who skew old. Just because it gets 20+M viewers every week (30M combined) doesn't mean squat - the Neilson ratings on it aren't that high and other shows with smaller viewerships do often beat it. NCIS (and CBS in general, actually) tends to skew old, which means shows like NCIS don't actually get that high a rating (the ad price is midrange for a prime-time show), at least in the 18-49 market to which Neilson (and thus advertisers) care about. Ratings wise, it really means the "core audience" that they care about is about 1/3rd to 1/4th the number of viewers.

The Big Bang Theory is one of the highest rated shows on TV these days. And Firefly getting 4M viewers weekly would be considered quite good these days (well within the top rank, had Fox not decided to really just shit on the series as payback).

And the vast majority of people don't care about literature - they rather go for pulp fiction rather than say, Shakespeare or other literary figure. Because books, movies, TV shows, they can serve multiple roles. From enlightenment, contemplation, to just plain old entertainment and escapism.

So what if Transformers sells? (To be honest, the original TV series and movie weren't great to begin with - they were really half hour long ads and the movie was a way to force everyone to buy new toys). There's actually more depth in the remakes than the original.

For God's sake, stop researching for a while and begin to think!