Choice is not always for the best. Consider Decision Paralysis.
7665 posts • joined 10 Jun 2009
Choice is not always for the best. Consider Decision Paralysis.
My beef with Epson is that carts and nozzles are separate: a real problem when you don't use them for a while and then dry up and clog. I stopped buying Picture mates because of that. At least with HP, you get fresh nozzles with each cart.
"A short-term solution would be enable computationally-expensive anti-reflection features on the various public services that are used in reflection attacks. But secure end devices is the only solution."
Then there's no solution since "In this corner, we have Dave." So we need another plan.
On the other hand, they could just vanish and leave you in the lurch, if the Internet was the ONLY thing keeping the service alive. Since local service costs money that may not be there, which way do you think it'll go?
"The only solution to DDoS is to ensure that a website's capacity is greater than that of the capcity of the attackers."
But that sounds like a losing battle to me. Pretty sure at some point someone's going to cook up the mother of all DDoS attacks with a traffic magnification not in the thousands but in the millions, with traffic in the exabyte per second range: such that anyone that needed to defend against an attack that massive probably couldn't afford it in any event. THEN what?
"How about one hardened smart controller and a host of utterly stupid devices that know their own function and no other."
Those are CUSTOM jobs. Custom jobs are EXPENSIVE...to expensive to make it worthwhile, so it MUST be generic or bust. And who cares about the law? They can just vanish in the night when the time comes...
"It only works well if what you want is what it does. If you want something else then it doesn't. However one of the good things about open source OSs is that you have a choice."
It's also the BAD thing about getting simple users to use your OS. Think decision paralysis. And they outnumber you.
"I think an ideal solution would be to skin applications to have a techie mode and a dummy mode...hide all the functionality under the covers and build two user interfaces. You have to have both - computers and phones are no longer the exclusive geek toys they were. Personally, I'd love to see simplistic terminal UIs come back where it made sense...IBM midrange and mainframe come to mind due to their ease of understanding what to do even if you've never seen the system before."
But remember Murphy's Law. Inevitably, a dumb user will switch the app to Expert Mode and get hopelessly lost. You just can't win, but since the stupid users outnumber the smart users, guess who wins?
But remember that Microsoft has to cater to STUPID. And by that I mean people who keep asking the help desk, "What's a mouse?" yet are expected to use these things to do important stuff...like benefits filing or taxes. And since you can't fix stupid, teaching them is pretty much a lost cause, so stooping to their level is the only way to get through to them.
"A knob that you turn to set the cooking time is a far more appropriate interface. And why does there have to be a clock? The whole point of microwaves is that they cook stuff quickly."
The catch being that something that cooks stuff quickly also means you can OVERcook something quickly. And if you're nuking something enclosed, like a sausage, you DO NOT want to overcook it or you'll be spending the night cleaning the innards out of the innards of your microwave. Clocks allow for precision, which is pretty important in fast jobs with little margin for error.
It's an intersection, one of the few places where cars naturally tend to bunch up because they're speeding up or slowing down. Besides, to avoid the crossing vehicle would probably require more than a car length of acceleration room, and there's little hope of avoiding the accident if it (or any car, for that matter) was "boxed in".
"The human system works because we correct each others' errors."
But can't a computer do the same, only with a smaller reaction time?
"Most US intersections have the green come on as soon as the opposing side goes red."
Actually, most intersection insert a second or two of all red before changing the other side to green. Those that change the instant the other side is red is rare and probably tend to have more T-bones because of cars with bad brakes coming onto the intersection at the judgment call area (right as the lines turn solid, right as the light turns yellow) and decide it's better to rush through than to try to stop and probably end up over the line and nailed for running red anyway.
And if there's no money and the executives aren't interested? And it's like this throughout the industry? AND they pay off the regulators?
"That's where the industry is at right now, and will continue to be until some way of understanding "good" security vs. "bad" security can be automatically and easily computed."
But the human factor always gets involved which is why computers can't do it and why you need human actuaries; it takes one to know one, basically.
"Freedom of speech isn't one of their strengths. It would appear that their students are so emotional crippled that any words either written nor oral with any "perceived" bias is a grounds for disciplinary action. Yet these emotional and psychological cripples are allowed to vote."
The First Amendment can ONLY be legally applied in regards to government action. Hofstra University is NOT a government-funded institution, so like any private business can implement their own rules.
PS. The ONLY way to prevent stupid people from voting is to implement some kind of test or standard, which immediately raises issues of corruption. You lose either way.
If that were true, Faraday cages would be illegal. The FCC can only regulate active interference. Passive interference is another matter altogether.
"I am curious, everyone who says they did not do this refers to the fact that they used no active electronic means to accomplish their goals. But does this "intentional block or disrupt" only apply if someone uses active electronic means to block access to other WiFi networks."
That's exactly the point. Jammers are illegal (the Marriot case amounted to a jammer), but shunts (which are passive and simply redirect radio waves away from an area) are NOT. That's why it's legal to build a Faraday cage.
"Private property still not give license to commit an illegal act, in this case, the blocking of users right to their own paid-for signal of their choice."
If it's a right, then it must be enumerated somewhere. Where in the law does it say one is guaranteed access to their subscribed service? Last I checked, it's not illegal to create a passive not-spot like a Faraday cage.
A paper from 2009 which goes on to cite documents dating back to 1984, BEFORE the Internet went mainstream.
It helps to check the footnotes on page 157. Here's one cited work: "The Design Philosophy of the DARPA Internet Protocols" from the Proceedings of SIGCOMM 88 (meaning it dates back to 1988).
"What about carrier-grade NAT? It's trivial to STUN through it. I've done it regularly. And both ends are frequently NATted when you're using STUN. This is an everyday occurrence. Your objection makes as much sense as someone saying "Oh? And what about if someone's using 110V to power their PC?"; it's a total irrelevance."
Not as trivial as you think (especially if one end is multiple-NATted such would be the case with a CGN), plus there's performance penalties. It's all noted in RFC 7021: "Assessing the Impact of Carrier-Grade NAT on Network Applications".
"Perhaps you'd like to provide a reference for that statement, since it's never been true to my recollection."
"Despite its origination in the IETF, many in the Internet's standard-setting community have criticized increased NAT usage because it violates the end-to-end architectural philosophy which has underpinned the Internet (and precursor networks) since its inception. Internet engineers first articulated this philosophy in the mid-1980s and later formalized this Internet principle in the IAB's "Architectural Principles of the Internet" document."
Protocol Politics: The Globalization of Internet Governance, Laura DeNardis, p157-8
So like I said, end-to-end accessibility is part of the fundamental nature of the Internet, which NAT violates in one-to-many mode. NAT66 and other one-to-one NATs are fine, however, because they still allow endpoints the ability to be accessed at their discretion (and perhaps that's the thing we need to consider--granting the ability but expecting the responsibility to say no, much like allowing people the vote even if they (like dumb Internet devices) may be too stupid to use it properly).
"It doesn't matter that, in the short term, consumers like the product. In the long term it's against their interests."
But as the comedian once said, you can't fix stupid.
Ever heard of the Offhand Backhand? PC just means haters couch their language and listeners pick up on it. That which we call an N-word by any other name would sting as bad and so on...
I thought critics were MORE likely to complain and answer these things with 1's.
Thing is, the deal wasn't CLOSED yet (the deal been declared but not tendered), so by doing this now they've practically torpedoed the deal, as Verizon IINM is still in a position to back out. Because both companies are public, the deal also has to be cleared by the SEC as well. Indeed, withholding the breach for as long as this could run afoul of disclosure and fiduciary duty laws.
But then you just pwn the GATE. Or just end-run around it and find a way to attack a kernel-level process, if not the kernel itself.
The trouble is that it's a dilemma. With the first, you MAY have a crack team running the place...or you could have a bunch of idiots who couldn't be asked to fix a breach on a weekend. With the second, when something happens, you can nip on down yourself and work on it...if you have the time and wherewithal to do it.
As for limiting scope, guess what's one of the hottest things in the exploit trade? Privilege escalation. With them, it doesn't matter how limited the entry point is, it becomes like the proverbial foot in the door: all they need to bust the pinata wide open no matter how hard you set things up. Use a VM? Red Pill. Separated machines? Gather credentials then traverse the intranet. Quite simply, if there's a door, someone can kick it down, and because physical presence is not required unlike your front door, everyone's going to come knocking eventually.
I frankly think this'll come to a head and start asking existential questions about the Internet: questions about whether or not we need to start over using a whole different model of statefulness and (dis)trust. Kinda like how open season eventually gives way to necessary regulation.
"His type is why I carry a small squeezy bottle of Chinese chilli oil - the darker the better! Works wonders in focusing people's attentions."
Oh? What if the person you're talking to is accustomed to chili oil...or so plastered as to no longer feel pain?
"I would say Valve *is* convincing developers to support Linux, they recommend and support Vulkan ahead of DX12, put funds into the Khronos group and sponsor tools such as Lunar, present a lot of info at GDC and the like."
And they've been at it for years, and what have they to show for it? Most games coming out, be they indie, small-studio, or big-name, are Windows-ONLY. They've had plenty of time to push SteamOS, and they could've always provided migration tools, WINE layers for older games, and discount incentives, and so on. Why haven't they have anything really significant to show for it despite all that time?
I've taken a look at the gamingonlinux.com, and as I suspected, almost all of them are made by indies with little to hold them back. And while most engines these days are multiplat, developers still don't put forth the effort to make the actual games (which are more than just those engines) multiplat. Why is it that not even Valve can convince the major developers or publishers to support Linux? Take EA, for instance. Sure, the Frostbite engine is multiplat, but where's the latest Madden or FIFA or whatever for Linux? It would have to take something serious to make gaming devs take Linux seriously, and so far not even the backlash of Windows 10 is doing that (probably because Win10 is practically a two-fer: developing for Win10 makes developing for the Xbox One a lot easier). And Valve won't help with that since they know which platform has the most Steam installs (not to mention the largest supported library--compare them for yourself). So it's not like we're going to see a major title come to PC but only to Linux; it would be fiscal suicide.
Assuming they're not already on razor-thin margins or in razor-margin industries where there's no room to spare for testing...
"Maybe not an "appreciable migration", but there is a continuous trickle, and a slow bleed in the right place can be as bad as an open wound."
You're lucky. Many other businesses are locked in to Windows, not because of Microsoft itself but because their critical, irreplaceable, custom application was built exclusively for Windows by a company that probably went out of business and has no direct replacement; either that or getting a new version would kill the business faster than a crash would.
"I certainly hope Linux will take some serious market share away from MS and if some serious AAA Vulkan games in Linux could be released then who knows !"
Good Luck. Bethesda (makers of one of the recent AAA's, Fallout 4) went on record swearing off Linux as too difficult to develop because it doesn't have a united user front (IOW, will be Red Hat or Ubuntu or whatever). Not even Valve's SteamOS is making any headway, and for whatever reason WINE (even a self-contained type a la DOOM using DOSBox) isn't even being considered.
The argument being that you're starting to see similar kinds of software being used all the time. If you have a particular job being done again and again, it becomes practical to push this function into an ASIC to (a) speed up the turnaround on that process, and (b) to offload work so that the CPU can concentrate on more generalized tasks. That's one reason SIMD/vector computing instructions were introduced: to better deal with common math functions that were used in programs of the day. It's recent Intel CPUs include AES-NI: because an increased need for security has pushed the use of AES so much we end up using it all over the place.
"A transistor in a circuit dedicated to video decompression for example sits doing nothing when you are not decompressing video."
But if the times when it's NOT decompressing video (or compositing a UI or whatever task it is dedicated to perform) are few and far between, then odds are you get a net benefit for it. That's part of what's happening now. They're taking a look at what things CPUs have to do all the time and offloading them so that the CPU has more time for more generalized workloads, much like having a specialist for handling particular jobs that happen to come up quite frequently.
His mother, apparently. Under the Immigration and Nationality Acts in effect at the time of his birth, you can gain jus sanguinis citizenship if you have at least one US Citizen parent who's lived in the US for at least ten years after turning 14. His mother was a citizen, and (last I read) she met the ten-year requirement because she didn't leave for Canada until she was around 28.
"Just because something is bad, it does not mean that something opposed to it is good. The world turns out to be complicated and trying to reduce stuff to simple narratives where 'good guys' take out 'bad guys' usually doesn't work very well. The world would be a considerably better place if the general citizenry of most Western democracies realised that."
But of course, the average human (Western or otherwise) is pretty stupid about stuff like that and simply want to see tomorrow (there have been studies mentioned on El Reg about this). You have to take Stupid into consideration. That also explains how the likes of Cruz get into office in the first place.
The general understanding (supported by SCOTUS decisions) is that the primary condition is that citizenship was granted upon birth. This also implies that no procedure was taken to affirm this (no oath taken like in Naturalization). This happens to be consistent with English Law prior to the US's independence. Only jus soli is explicitly mentioned in the Constitution via the 14th Amendment (and reinforced in US v. Wong Kim Ark, 1898). Since jus sanguinis is neither allowed nor disallowed, under Article I, Section 8, it's left to Congress to clarify, which is does with the Immigration and Nationality Acts, amended over the years (and no document other than the Constitution itself can make the call for them, as Article VI explicitly states the Constitution stands alone as ultimate authority in the US).
"Until you manage to clear out all of the lobbyists, power-brokers, and pork-barrelling that is so prevalent in the US political scene, I think you should avoid calling other institutions "corrupt"."
And that'll never happen.
1) It's impossible to remove lobbyists completely. Even if you take the money angle out, there's still the "nice cushy job after you leave" angle as well as other, non-monetary, post-position influences that are pretty much protected on First Amendment grounds, as well as influence from actual constituents who can't be blocked without interfering with their primary duties. Finally, there's the family angle. How do you block lobbyists if they're spouses, who MUST be able to talk in order to raise their families?
2) Politics is a power magnet; it simply comes with the territory. And as long as there's power, there WILL be power brokers due to the human condition.
3) As for pork-barrelling, recent Congressional experience has demonstrated it to be a necessary evil. Part of the reason for the "Do Nothing" Congress' reputation is that they voluntarily limited themselves in the name of ethics but found their hands tied when it came to big bills. Smaller representatives basically have nothing to lose with voting against the grain because the communities they represent are too insular for greater politics to affect them. You need something close to home to sway them, and that means give-and-take, and the only things that will influence them enough is pork-barrel projects. In other words, pork is pretty much the only thing that can "grease" smaller representatives into getting on board broader projects that need their vote to pass.
So in the end, if you want a better government, you're going to need a better HUMAN first.
I don't think it was ever sold. I had it for years until it was disabled: the function being integrated into the Google Search app instead (with a couple widgets available to take their place). Problem is unlike the old widget, I can't find a Music Search history, so I endup up back at SoundHound.
Sure it can, if its subject matter is racist. An opinion can be racist even after the speaker changes his/her mind (or dies).
You'd be better of legally contracting for a customized phone so you can disable that kind of stuff at low level. Otherwise, Google Play Services will always hold the final call, which can be problematic in the face of Doctor/Patient Confidentiality laws.
Except SHAZAM has an interest in limiting access to its services to human eyeballs. And since neither Siri nor Cortana have comprehensively passed a Turing Test, there WILL be ways to tell them apart, meaning it will NOT have access to everything willy-nilly to answer the question transparently for you. An assistant can't well do its job if the sign on the door clearly reads "NO PROXIES."
That would be something if malware will only infect if it detects another malware in the system, at the risk of missing pristine systems.
Lower risk, yes, but higher reward as well, so there will be blokes out there trying to escape the honeypots.
But each program you're forced to add in raises the threat envelope, because each app could itself become a vector, raising the chance the VM can jump the tracks and get pwned in a way the researcher doesn't detect, even to the point of possible hyperjacking (Red Pill attack).
"Once the penalties for leaking PII are reset to sane (ie,. expensive) levels, and a few companies have gone down in flames after a BEC or other financial fraud, the calculation will shift and more orgs will be motivated to do it properly - or at least try to."
It'll probably prove cheaper to bribe the governments that set the regulations when that happens...
Oh? What about war casualties or those born with bad legs?
Hmm, considering that these pipes would have to accommodate some 350 million people, then these look about right.