How many photos are in the universe of possible photos? How long would it take for outsourcing the process to tag all photos so a script could then do the matching?
Is the whole point of this to encourage hackers to get working on this AI challenge of identifying similar photos?
Either they need to hire a lot of people to sit around making these sets or they have an automated way of creating these sets which can be reversed. It would seem to be an arms race where google is paying people, but attackers can have people break it at a cost less than creating them (takes less time to match them up then to find good photos, clean them up, tag them, etc.).
An attacker would also just target the database where this is all stored. With the text recaptcha, it would seem that they have all of these photos and scanned books and you have 8+ character strings of [a-zA-Z0-9], random guessing would not be good enough, so the attacker needed to solve the OCR problem.
However, given the option to select x of 9 images, if you assume that the extremes are less likely of 1/9, 2/9, 8/9, 9/9- then I can hope to get lucky picking 4 or 5 each time, the order does not matter. If you distribute the attack to get around rate limits, etc. - perhaps just picking the first through fifth images gives you a sufficiently high success rate.
I think a good chunk of the images are captured by way of Google's Streetview vehicles [1]. I'm seeing blurry images of house and apartment numbers all the time. So I'd imagine there are always new images popping up that Google can feed into the recaptcha system that haven't been seen before.
Correct, I am referencing the new nocaptcha system. Those images would get stale as opposed to those in the traditional scanned book, street signs, house numbers in the recaptcha.
At a macro vantage point, this is cool and great. On a micro-economic standpoint I don't need the convenience and I don't want the privacy risk. I would rather download all of wikipedia weekly and pay $500 for the voice recognition software under my control. I think there is some great first world problem potential, but it auto updates and I have little control. If something went screwy on Windows, people would notice it very quickly - there are suits in corporations watching and reviewing these things. On consumer grade electronics only enthusiasts and security researchers would know if something went funny.
Check out my Cubby example. I saw the accepted answer and the others and then added mine. Thought the others were still pretty technical or too long. [http://security.stackexchange.com/a/53912/36538]
You should add a page with these benefits and also some information on industry experience you or your team have so customer's know its not just some IT guy with no understanding of their business.
Past performance is not an indicator of future results. If you want to look at the future, you need to combine previous results with possible future scenarios. Is business to a particular restaurant different based on the season, are there cash flow problems to consider? Regression or historic modeling is not that great - this includes where it is frequently used such as network analysis, stocks, etc. However, some of the drill down type things might be useful to monitoring food cost or helping to do future modeling. It depends on what features you have when you are near an MVP.
I am also not sure what this dones that a spreadsheet template couldn't do at this point. For the rainy day scenario, are you asking them to put this in, or will you take their location with weather data to automate this analysis?
I recently used Car Woo as part of my car buying process. I wouldn't rely upon these numbers or those from TrueCar, Edmunds, etc. I have been using my bank's car buying service, TrueCar, and direct emailing of dealers. New Car pricing is highly variable on the dealer, dealer's stock, sales, per-dealer deals from, hold back, quota-bonuses, per salesman specific bonuses etc.
It is important to remember that a middleman service operates either on a flat fee or a commission. This is money the dealer cannot use to negotiate down with you. I do not know CarWoo's sales structure, but TrueCar makes 300-400[1][2] per sale. So if this is data based on CarWoo deals it will not reflect the best deals, because the cars all had to include this price. Now, that said most people are not prepared or comfortable buying a car or negotiating. Given that you get some degree of anonymity and can haggle back and forth online is nice and you are paying for the convenience. Many people will likely save more money than if they tried to do it on their own.
This is an application of the wisdom of crowds to determine a market price. It is a good indication of what the market is willing to pay, but not the best deal you can get. Savings as a representation of MSRP are misleading; think about how many things you buy off the shelf and the price is usually much less than MSRP for any number of per-store pricing or sales, coupons, etc. Car buying is no different.
In the case of the model I am looking for, the CarWoo price is close to the two offers I got on CarWoo, but the offers I got directly or through my bank are much lower( Best Direct quote I received was through my Bank's no haggle direct car buying service, which is about 7% lower than the CarWoo average).
Mean averages on their own are not very helpful in evaluating offers, perhaps if we saw a distribution or standard deviation? Prices over time (later in the model year should higher prices be used in the average, are they still relevant or should they at least be weighted?) would also be good for the car buyer.
I also have a hard time believing CarWoo would publish this information if it were not in the best interest of their customers (the dealers, car buyers are the product). Therefore, I would be lead to believe that this data only serves to keep buyers from trying to negotiate lower rates based on the average. Then again, maybe a tech startup has not yet considered this and just thought it would be cool to share data and be transparent.
It's a cool service and it's probably a good fit for many people. You could also just create a new email address and use a google voice number for privacy reasons. At any rate, I would advise you to do your research and try every tactic and service you can to optimize your wallet spent and time spend.
We recently switched over from Paypal to Stripe, due to Paypal's increasingly destructive behavior wrt integrating into a website. Thanks for pointing out the Paypal text, I was able to fix that this morning. Also, we added SSL this morning. There's an insecure image on the page right now giving Chrome browsers a problem but we're addressing that atm. egsec, I'd like you to come give the site another try. If not, please contact me on twitter - @joebalfantz - and we can discuss other, and potentially more transparent, means of pledging.
The video was down for me, but maybe the uploader makes it easier then some other systems? When I try to teach non tech people to use a db-less CMS with no online admin, they get Markdown (they can at least copy and paste my example pages). But uploading files, WinSCP, FileZilla, etc and opening its NOT in word... this blows their minds. So if anyone has seen the uploader and it makes it super simple, it might be worth checking out.
Is the whole point of this to encourage hackers to get working on this AI challenge of identifying similar photos?
Either they need to hire a lot of people to sit around making these sets or they have an automated way of creating these sets which can be reversed. It would seem to be an arms race where google is paying people, but attackers can have people break it at a cost less than creating them (takes less time to match them up then to find good photos, clean them up, tag them, etc.).
An attacker would also just target the database where this is all stored. With the text recaptcha, it would seem that they have all of these photos and scanned books and you have 8+ character strings of [a-zA-Z0-9], random guessing would not be good enough, so the attacker needed to solve the OCR problem.
However, given the option to select x of 9 images, if you assume that the extremes are less likely of 1/9, 2/9, 8/9, 9/9- then I can hope to get lucky picking 4 or 5 each time, the order does not matter. If you distribute the attack to get around rate limits, etc. - perhaps just picking the first through fifth images gives you a sufficiently high success rate.