One of the biggest issues right now, is that we have a community (doctors, scientist, researchers) who need to backup their claims with actual proof's or risk loosing their license/reputation vs a community of "gurus"/"self-healers" who don't have to backup any of their claims at all. Thus the "gurus" can make HUGE claims, that to someone sick sound much better than the conservative claims made by doctors.
Give both groups the same voice & reach, and guess who wins.
For security, the commit command will use one-time passwords. This way, even if someone gets the ordinary password of a user, they can't modify the catalog that actually appears at the site.
Yet, it was another era....:
Secure server software ($5000). This does not seem to be an absolute necessity; there are a lot of sites on the web where you can send your credit card number unencrypted, and to date there have been no reports of the numbers being stolen.
I'll explain. Most people who criticize contemporary are, usually use a combination of its just a bunch of random lines or a "5 year old could have painted that" - as if the complexity of difficulty of an art piece its what makes it valuable. But nothing is further from the truth, a simple piece, with a strong composition such as Number 17a, could look simple but its quite powerful and complex.
Let me use an analogy you can better understand. I am sure you can appreciate music. Most people who listen to the Marriage of Figaro by Mozart, can understand it's a master piece. Yet, it isn't the most difficult balad Mozart composer and many other musicians have created far more complex balads. Also a gifted 5 year old could probably learn to play it and reproduce it quite accurately. Does that diminish its value because a 5 year old can play it? It's even possible for an average 5 year old to invent a similar balad after listening to it. But could an average 5 year old create something like the Marriage of Figaro from scratch without ever hearing it? It takes a pretty special 5 year old, like Mozart to produce something like that. And its the whole composition that matters, not just a few notes - anyone can play a few notes.
The same happens with Pollock. He was the first drip painter. And while an average 5 year old could drip some paint in a canvas (play a few notes), they won't be able to create a powerful composition of colors that mirrors a full Pollock composition. Sure, there are amazing reproductions of Pollock made by very trained art forgers - yet that doesn't diminish the value of Pollock just because someone else after analyzing his technique is able to reproduce it.
The value is another story. It's worth $200M because of its size and scarcity. Pollock wasn't a big art producers and thus there aren't many paintings around. Yet there are many people who love his work and want to buy it. Supply and demand dictates the price. Sure you can buy something similar from an art forger, but its not the same, the same way that listening to a album on a set of speakers is not the same as having the artist play live for you.
Although most people will read this and think, oh more shenanigans from UBER, the reality is (and as a Colombian I know), that the government has failed for years to regulate this industry, which is regarded by all consumers as incredibly positive, and continuously has fought against this platforms in an effort to keep the taxi mafia content.
Yet, taxis in Colombia are incredibly dangerous. As a passenger you are exposed to express kidnappings, drivers that are aggressive, adultered fares systems and drive unsafely in cars that don't meet any security guidelines (a large number of passengers have died on rear-collisions given that the most common Bogota taxi has no rear-reinforcement). For decades the taxi mafia's have provided an unsafe & horrible service, when Uber & other platforms arrived, users flocked, yet by means of aggressive protests where they pretty much block the city, the taxi's have forced some parts of the government to try to curve Uber.
Uber however has fought to continue providing the service that the consumers demand, and has otherwise tried to complied with every law. This fine comes from the industry of commerce regulators, who have tried to convince the technology ministry to shut Uber down, with them refusing. I hope Uber continues to operate in Colombia and use their legal means to fight this regulators who are not operating from a consumer benefit standpoint, but rather a political fight to protect a mafia that needs to be dismantled.
Founder of Authy here. I've been thinking a lot about this lately and came to the conclusion that the only sensible way to do 2FA are U2F hardware key's. Here's why:
First, SMS 2FA. People think SIM port is uncommon, its not (i saw thousands of cases). Your cellphone number its public information - pretty much - and its not a technically difficult attack, you just need to convince a carrier to do it. Once the your SIM is migrated to the hackers possession he will hack into all your accounts before you even realized what happened.
Second, TOTP. I founded Authy with the idea that TOTP was strong enough and it is, technically, but in the wild deployments have lots of issues. Biggest one is people constantly change/loose their phones. So you end up with a update issue. At Authy we solved it by encrypting the seeds and storing them on the cloud. But today most users just copy the QR-Code, or store their TOTP key along with their passwords in the password manager. Storing your TOTP in your password manager completely defeats the point of TOTP, it just provides you with a false sense of security. Lastly, because it generates a lot of support issues when people loose their phones, services have added ways to bypass 2FA in their account recovery flows. You'll see backup codes or simply SMS as a recovery mechanism. This means your TOTP is as safe as SMS if your recovery allows it. TOTP today is so misused its just providing a false sense of security.
Third, U2F Hardware tokens. Its finally possible to do U2F to the iphone via Bluetooth and Feitan now has a key that supports it (Google sells one for project Titan). You can buy 2 keys for $50 dollars. It's impossible to missuse U2F tokens - you can't unsafely back-them up, you can't "screenshot them", etc, hardware enforces their security. They are 100% un-phishable, its impossible to trick a user into signing a login on a fake site - the key will simply not sign it, and there is no way for the user to make an "exception"(like you can if the SSL cert is invalid.). Also given the price and form factor is easy to buy 2 or 3 and have a few stored as backups. In my case I have 4 keys, 2 that I use on daily basis, and 2 I stored as safe backups. If I were to loose 2, there is no way of knowing they belong to me and tie them back to my account and I would just use the backup keys to logon, remove the lost keys and buy 2 more. No unsafe recovery keys, no unsafe backups. All my 4 keys are the exact same level of security.
Lastly, now Android allows you to use your android as 1 U2F key(new androids have secure hardware enclave specifically for this), so essentially all that users would need to do is buy 1 hardware key as backup.
If you are a service provider, I hope you consider about offering the ability to use U2F keys as secure login mechanism and enforce minimum 2 keys need to be registered - then you disable any other recovery mechanisms. THIS IS THE RIGHT WAY TO DO 2FA in 2019.
This unfortunately is useless. Account recovery will still allow the hacker to use the phone number that has just been swaped to logon to the email. The weakest link is what matters and in this case you are just putting a bigger door lock on the front door while leaving your back door open.
another shocker. The smell of "Chlorine" in the pools is not caused by "chlorine" but by the urine. Chlorine has no smell when mixed with water. Add urine, and you get the "Chlorine" smell thats typical of pools.
No assumption here. The expected return of an asset class like shares and bonds is higher than the annuity, which is always $60,000 and nothing more - this is a fact.
But as you said just because the expected is higher doesnt mean the actual will be. But you still should always pick whatever has higher expected
No assumption here. The expected return of an asset class like shares and bonds is higher than the annuity, which is always $60,000 and nothing more - this is a fact.
But as you said just because the expected is higher doesnt mean the actual will be. But you still should always pick whatever has higher expected
You chose the wrong one. No matter what the article says, the $1M is more valuable. First, the safe withdrawal method of 4% is actually not safe - the safest method of withdrawal is called variable percentage withdrawal and not only takes into account the principle, but also the results year after year.
But more importantly, $1M lump vs $5,000 monthly annuity, always take $1M. Why? Because you are taking an asset class that can be converted into shares/bonds which has a higher expected returns than an annuity because it can compound.
What I mean is while the $5,000 annuity is guaranteed, it will remaing $5,000 year-over-year, which means it's actually decreasing in purchasing power year-over-year (unless there is deflation, which it's very unlikely). Wereas the $1M cash, if moved to bonds and shares, even if it performed at 5% annually, it will mean on the first year break even, but on the second year it will compound (unless you spend all the money). You could say you invest the monthly savings from the $5,000 but simply put it, $1M in shares has a much higher expected return than $5,000 monthly in perpetuity.
I wanted to take a quick second to dispel this myth. Although I collect watches and I have several high end pieces, including grand complications - none of them are good "investments". You will likely loose money on 99% of watches you can buy and it certainly applies 100% to all new Rolex watches. There is just a small amount of watches that actually appreciate like Patek application pieces or the Vintage Rolex Daytona ('Paul Newman) or 1980's Milgause. The chance you buy one of this is 0% unless you know what you are doing.
So your friend has a 25 year old Air King? This is not a vintage piece, it's just an old piece. Worth? $1500 - $2000 depending on condition. Secondly, in 25 years he had to service it at least 3 times. Each service cost? $400 - $800 depending on the issues. If he polished it, $500 more.
So all in he's put in $1,200 + ~$1,500 = $2,700.
Now had he place $1,200 in the S&P 500 on 1991 (exactly 25 years ago), he would have at the end of December 31 exactly $13,588 dollars (~9.78% on average per year).
I don't understand how you can say he beat the S&P many times over.
I'll go the opposite of most of the comments here.
Assuming a NO attitude right from the start is probably not the way to go. Telling them to "Pound Sand" or just plain NO is not in your best interest. First, you should let the B investors know about this - ASAP. Second, you should start by emailing the GP at firm A and asking him to clarify why they think "you should pay" their legal fees.
With this information, you should consult your legal counsel on how is best to proceed. Most likely the A VC firm feels like you didn't negotiate in good faith and you made them spend money with no intention to accept their offer. You should in this case talk to the GP at that firm and show him that you wanted to close a deal with them and you even made them aware of another offer and asked them to reconsider the terms.
Most of this issues are easily solved if you discuss things with the other party. Assuming a NO attitude from the start, just brings everyones worst character and might land you in a legal dispute.
The premise is that having this on the cloud is supposed to make it easier and not require this complex setups. For instance, not needing a recording station in the house that can be stolen or a Telco chipset with an alternative power source.
If you do this on the cloud, you can call from a cloud provider and record outside the house. Nest could easily call you from Twilio after 1 minute of being disconnected and it will achieve the same.
It would require me to back-up the ISP router, the Apple Wifi router and 3 cameras - so 5 UPS. Yet even if I did that, given that my Internet connection comes via fiber, if they cut the Fiber, I am still out-of-luck.
It's as if an alarm company said, we will notify you after 30 minutes if someone comes into you house.
One of the biggest issues with Nest is that they pretend to be a serious company that takes cares of your home needs (security/monitoring, fire & gas prevention and heating) but their products are toy like in that respect.
However I own 3 cameras and the fire alarm. The fire alarm, is worthless, I eventually disconnected it given the large amount of false positives.
Then there are the cameras. I travel a lot so wanted a system that allowed me to monitor my home remotely for security purposes. However, I soon found out they are pretty much gimmick and any burglar will by-pass their security. If you own a nest cam, be aware that if the cam is disconnected from your Wifi, it will take 30 MINUTES FOR NEST TO NOTIFY YOU.
What did I learned? Burglars will power off the electricity in you house upon entry - to prevent alarms etc from sounding. This will bring you Wifi and your cameras down. Don't worry, 30 minutes later, or approximately 20 minutes after burglars have left, you'll know.
You'll also only be able to set notifications via email and push, so if you are sleeping you're out of luck. I was thinking of hacking a system with Twilio to do an automated call upon the email being received, but after finding out that it would take 30 minutes to even be notified I gave up.
Nest is cool, easy to setup and the cameras look nice, but they are toys. Other products might be hard to setup, look uglier but work. I'd rather they did both, but if I have to chose between ugly and works, and beautiful but doesn't - i'll take the first.
I just read both complains. This one is frankly ridiculous. The fact is that Kyle incorporated the company before he met Jeremy. And from Jeremy's complain, he is trying to build the case by saying he was more competent than Kyle. Yet why didn't he continue with the idea by himself if he was so competent?
The only proof he is using to say he was a co-founder is a YC application. This is I hope a non-binding document. I hope judge agrees that the only way to get equity in a company is if its granted in the form of shares. Jeremy was never granted any shares so he own's 0 shares.
He also acknowledges he did no provide any IP to the company. So if he didn't provide any IP and didn't receive any shares he should be entitled to 0.
I really hope Kyle wins and Jeremy is found guilty of tortorous interference and is obligated to pay for Kyle legal fees.