DISQUS

It's really rather clever. I expect one of the solutions would be a minor tweak to WPA-enabled networks to have WEP checksum flood control. This crack doesn't work if an access point wouldn't allow a massive number of bad WEP checksums. That's outside both the WEP and TKIP specifications, but it could be a security patch that wouldn't break TKIP if you had TKIP turned on!

Screenflow is fairly awesome. I used an early version, loved it, made some screencasts. Haven't had a chance in months to revisit latest updates to the software: http://www.flip4mac.com/screenflow.htm

Nice dissection. AppleInsider seems to be equating an initial authentication with subsequent security. Even if MobileMe connects you via SSL/TLS to provide credentials, the system then uses a token that cannot be cryptographically bound in the browser to the browser. This is why Google and other sites have overhauled how they handle token generation and communication, and why Gmail now offers an SSL/TLS option. Sidejacking was well explained by Errata Security in 2007; no one should be developing a service in 2008, like Apple, that relies on an initial secure authentication as the basis of subsequent communication.

Fantastically interesting post, but there's no link. And if I click Matasano Chargen at the top of the blog page, it doesn't take me to your site. (And don't get me started on how there's no link on your site that just takes you to the main current blog aggregation page.)

So...what's the product? Where is it?

The problem, of course, is that they're repurposing @ in a way that redefines it; and @ is a hard character to type except on a US English full-sized keyboard (many times). The @ sign is already so full of meaning based on position in sendmail configuration files, that adding more meanings to it in a text stream seems rather tricky. If they'd had to do it over again, they might have chosen something more mobile friendly, like .. or : or whatever. Something that could be easily tapped and not confused.

That's a lot of anger you have there, Ed. I guess the name carries it all. Apple, in fact, listens to its customers, and makes changes to its hardware and software based on what they hear, despite their statement that they create everything out of whole cloth. They just don't ACKNOWLEDGE these contributions.

This implies a) we're all reading you, and b) that writing an original composition from one's own ideas, which may happen to have a similarity to other people's ideas means you're ripping someone off.

Since I know Adam well and was privvy to seeing the drafts of the article, "rip off" is inappropriate.

As others have noted, blocking a user prevents spam after a single attempt. While I have hundreds of followers now, and some have obviously spammy/SEO names, I don't get bothered by them. And, when a colleague I happen to not really be interested in either following or having follow me tried to follow me recently, I simply blocked them. (The colleague uses their real name, so they could set up another twitter account under another name and follow me there [if they knew I blocked him or her], but that would mean having two different accounts being monitored in different ways.) Twitter is largely passive about things that are actively anti-social in social networking systems. When I block someone, they don't know they've been blocked. I just disappear off their field of vision.

Couple things: "spanks" is Jacqui's assessment, and the numbers are that it's a 40% improvement. But that's really the only score in which the better processor in the model she tested isn't mostly responsible for a better benchmark. Booting is faster, though; by more than 10 seconds over a regular 4,800 rpm drive in an Air, but not as fast as a MacBook Pro.

The other thing is that it's not a $1,300 improvement -- that includes the upgraded processor. You can get the SSD for a cheap $999.

That's the machine I've wanted for a long time, F. Steve! I'll buy a dozen when they're ready.

(Some company has been advertising a virtual laser keyboard for a long time; I figured you quietly bought them, killed the public product, and had the media report it didn't work.)

Scott, great idea. I received product from a company I will not name, and as a freelance journalist who writes for many outlets and my own sites, I could not keep them. The company did not want them back. So I auctioned them on eBay, and sent several hundred dollars to charity (including an extra amount to cover the tax benefit to me since I was also giving additional cash).

To those on this forum and elsewhere who think Scott is doing something wrong, remember that unsolicited merchandise received by you is yours. This is a long-standing law in regards to the US Mail, and I expect that other carriers qualify. There was apparently a time in which companies would ship products and then demand payment without having received an order from a person. So Scott is basically in the position of having received an unsolicited product coupled with email that explicitly states that it is his. IANAL, and I can still tell that there's no possible way that he could be compelled to return that laptop.

As for ethics -- there's no good way for a journalist (which Scott doesn't accuse himself of being) to accept free products or services from a company. Scott's certainly in a better position since he doesn't (I believe) write or contribute to publications or participate in organizations that specifically tell their contributors or members to not accept gifts from companies.

There was a whole kerfuffle a few months ago when an article appeared about NY Times columnist David Pogue having accepted free hard drive restoration from Drivesavers. While Pogue had disclosed that he had received the service for free in his regular NY Times email newsletter, he had not told NPR and CBS, where he discussed the service, about that element. This was tricky because before this point, the Times didn't necessarily require that services be paid for or reimbursed. And what Pogue received was a service and he disclosed that fact. To be squeakier clean about it, the Times now pays for any service that they cover. Times policy doesn't allow hardware sent for review to be kept.

Actually, that's Jeff Barr's post at Amazon. I merely left a comment.

Remember that Motorola's acquisition XtremeSpectrum already had signed consumer electronics deals. Unless those were bogus, those companies may come to market even if Motorola's house brand solution does not.

Now I see why you thought I was confused. I'm not saying that Motorola and 80 companies are on even footing. Rather, that Motorola will bring its products to market and so will the MBOA. Even positing this early that the MBOA's technology will win, you will still have a market potentially full of Motorola and XtremeSpectrum technology.

Another factor. Xtreme has many patents in this field. In the IEEE process, patents for standards must be licensed on reasonable and customary terms to all parties. With the MBOA out of the IEEE process, the likelihood of patent lawsuits dramatically increases with Motorola funding it as an effort to maintain a disruptive marketplace in which they can maintain their hold on manufacturing partners.

Of course Motorola bet early and long on HomeRF, too.

I'm not confused. The MBOA is 80 companies, but I think it's premature to say that Motorola's intended UWB specification will lose. There are too many variables in this. My main intent is note that the MBOA has entirely exited the IEEE process.