Yeah, the lack of status is exactly why no one uses SMS for messaging.

If I didn't want to know if the recipient was currently online and could chat idly, I'd use SMS.

(My brain short-circuited there for a moment when trying to form a reply to a comment that was both extremely sarcastic and ludicrously wrong. Hopefully the above meets all our expectations.)

Hangouts is realtime and shows "now typing" indicators, which aren't present in SMS. It's hard to see whether someone left, in which case better asynchronous communication should be used, or whether it's a lull in conversation.

Pattern unlock has 9 spots, and you need to select at least 4. So the possible number of patterns is:

9!/5! + 9!/4! + 9!/3! + 9!/2! + 9!/1! + 9!/0!

Which is just 985,824. And you could certainly search the more likely combinations first -- people almost always select adjacent spots consecutively.

That assumes you can go directly from any spot to any other spot, which you can't. Given a grid that looks like this:

    123
    456
    789

you can't go directly from 1 to 3 unless 2 has been selected. I also don't think you can immediately backtrack, as in 213; you have to go 2513, for instance.

With that in mind, I wrote a quick search:

    Adjacent only (can't go from 1 to 6 or 8)
    1 9
    2 40
    3 160
    4 496
    5 1208
    6 2240
    7 2984
    8 2384
    9 784
    total: 10305
    total with length >= 4: 10096

    Non-adjacent (knight-moves) allowed (can go from 1 to 6 or 8)
    1 9
    2 56
    3 304
    4 1400
    5 5328
    6 16032
    7 35328
    8 49536
    9 32256
    total: 140249
    total with length >= 4: 139880

    Pass through previous spots, no immediate backtracking (2513 but not 213)
    1 9
    2 56
    3 304
    4 1464
    5 6136
    6 21344
    7 57184
    8 105376
    9 100928
    total: 292801
    total with length >= 4: 292432

    Pass through previous spots, with immediate backtracking allowed (213)
    1 9
    2 56
    3 320
    4 1624
    5 7152
    6 26016
    7 72912
    8 140704
    9 140704
    total: 389497
    total with length >= 4: 389112

So, I believe the correct number is 292432. For comparison, that's less secure than a 6-digit PIN, or a 4-lowercase-letter password.

More importantly, though, if you're using an unlock pattern, you can't be using disk encryption, so anyone who has physical possession of your phone need not bother brute-forcing the unlock pattern.

Pattern unlock leaves a body fat trail on the screen that is trivial NOT to see & exploit.

Exactly - if you hold my phone up to a light, you can easily see my unlock pattern in the fingerprints left on the screen.

doesn't that assume you can only select each pad once?

Yea and you can only select an adjacent spot so that also limits combinations.

You can actually select spots not adjacent to the current one.

Consider the "spots" labeled in rows from left to right as 1 2 3, 4 5 6, and 7 8 9.

If I start at 1, I can go to 2, 4, 5, 6, and 8 directly. Also, if I have used all spots except 1 and 9, I can go to 1 then directly to 9.

Yep, and the fact that the above calculation doesn't even allow for combinations greater than four... Overall not a reliable number :)

My Galaxy S4 seems to only allow one direction for each node.

You can in fact only select each pad once.

It may be dumb, but it's not laugh-out-loud crazy. In fact, it's specifically one of the things that the DMCA does. Here's a whole ton of information about the law: http://chillingeffects.org/reverse/faq.cgi

And here's an article from the EFF with a few citations of cases where DMCA article 1201 has been used: https://www.eff.org/es/wp/unintended-consequences-under-dmca

> In fact, it's specifically one of the things that the DMCA does.

Well, the specific thing the DMCA does is to stop circumvention of an "effective technological protection measure". The crazy thing here is that there is no such measure: no use of encryption or scrambling -- or even passwords! -- that I can see, just simply using a network service's exposed command set. That makes it different to most (if not all) of the case law your link mentions.

A private (that is, not published) API Key sure sounds like a protection measure to me.

It doesn't sound like the published API key is the problem here. They can revoke the key, and other users of Snaphax can put their own in the code. I think the larger issue is the reverse engineering of their protocol.

So they can revoke the key.

Just to add to everyone's knowledge: this Street View wifi snooping was a) three years ago, b) accidental, and c) only known by the public because Google voluntarily revealed that it had been doing it (and immediately deleted all of the collected data).

Not necessarily (and actually that would be a terrible answer. The highest rent in Monopoly with a hotel is $2000, and I would hardly call that a "fortune".

The point of the question is to establish how well you gather additional information when the initial description is unsatisfactory. Anyone who's been an engineer knows you have to do this every single day.

(Not that it's a good interview question.)

Monopoly was first published in 1935 and the prices haven't increased since. That makes the cost of a stay at the most expensive hotel $34,000 in today's money, which is far more than I'd ever pay to stay at a real hotel...

Ignoring inflation, you can compare the price of staying at that hotel with buying the land it's built on for a relative estimation of the cost.

Note to self: Do this to my brother for April Fool's Day next year

Minor correction: the Chaos Monkey was Netflix's innovation. It just happened to be implemented on Amazon's cloud. It would have been just as useful if they had their own colocated servers or used a different cloud computing provider.