Based on the species of the active participant, isn't it humaniality?
1605 posts • joined 12 Jun 2009
Re: Sticky FRONT
Attach it permanently to the user's head!
Alternatively, just use a nail.
Re: @ Ian Joyner
Sorry about the long delay - I only looked back at this thread today.
Responding to your responses...
iOS and MacOS are based on Mach, but they aren't microkernels: "However, in OS X, Mach is linked with other kernel components into a single kernel address space. This is primarily for performance" https://developer.apple.com/library/content/documentation/Darwin/Conceptual/KernelProgramming/Mach/Mach.html
How this affects their security compared to Linux, I don't know.
Were we restricting the discussion to "how microkernels make IoT secure", or "how to make IoT secure"? My point is that it isn't all about microkernels. Yes, insecurity at a lower level affects all higher levels, but it is also possible to "bolt on" insecurity, To steal an analogy from cryptography, you need strong algorithms and good key lengths, but if your crypto is like a 1 mile stake in the ground - infeasible to get through or over, increasing the key length to make it a 10 mile stake doesn't improve your security - the attackers still go around the stake instead. Securing your IPC messages against an obscure attack doesn't fix a hole elsewhere. As an example of "bolt on" insecurity, SMTP email was a mostly harmless protocol until someone (Microsoft) decided to add a programming language (VBS) to their email client, and have it autorun scripts in messages on preview... then we got Loveletter. All the inherent insecurities of the underlying protocol made no difference to how the catastrophe spread, it was the add-on scripting that made the difference.
How does a precise definition of malware help? I'm saying we can't really have one, but the idea of securing everything from the microkernel depends on it. We can't really have one because the classification depends on intent: format is a useful program, but a trojan with the same function is highly destructive. So, we'll ask the microkernel, "which of these two programs that overwrite the disc should be allowed to run?", perhaps it will refer to a signature: who wrote the program? Then, who do we trust? Has the key been compromised? We're back to dancing on quicksand.
"well most servers (at least ones of any scale) are set up by experts" - Then why do we see news stories like https://www.theregister.co.uk/2016/09/22/yahoo_500m_email_accounts_hacked/ ? I would say that most servers are secured to a cost, and an expert will make a rational choice between meeting an unreasonable constraint and loosing their job.
Spend too much on a secure microkernel, and there's not enough left to identify or fix gaping holes elsewhere.
Re: @ Ian Joyner
My first reaction to what you said was also "claptrap", but, on reflection, I think it lacks context. You're saying Linux is insecure and unsuited for the challenges in, "the wilds (at the edge) of the Internet"? So what alternatives have seen massive deployment in that area? Perhaps Windows, iOS, OS X? They certainly don't represent a different level of security, so I'm missing your meaning.
I took a look at your previous posts... are you thinking more in terms of formerly-defined systems, with provable behaviour? In that case I have a few criticisms:
i) Even "simple" IoT devices are too complex for easy formal definition
ii) Your concept of "security" is restricted to technical considerations. Security should encompass confidentiality, integrity and availability, and the trade-off between them is determined by the application.
iii) You say that software can come packaged with malware... but how do you define malware? I tend to use the definition, "software that does bad things", but that requires assessment of intent, which is a human quality not amenable to formal definition. Actually, this is the flip side of my point (ii)...
iv) Costs are being driven down, we don't have very controlled servers in locked data centres (and even when we do, someone's fitted an IoT lock, "for efficiency"), tended by perfect experts.
So, take a look around the real world, it is more complicated and messy than a formally-defined microkernel can cope with.
Re: He'd be shit out of luck in the UK
"novelty 10' plywood cheque" - I recall a news story about a cheque written on a 10' shark, by a fishmonger to the local council, IIRC.
If that's a mouse's brain...
Their mice a descended from The Brain! (0:07 in the video)
"where's the rest of the material?"
From the article:
"allegedly found a Mac, an iPhone and a hard drive storing images of underage sex"
Is it credible evidence? Let the jury decide.
I thought the US military were quite fussy in the Vietnam era too... citation: Alice's Restaurant https://www.youtube.com/watch?v=m57gzA2JCcM
"the Sun is not hidden from us by 3,000 km of rock"
Hah! It's four times that, at night!
@pauleverett - would it be smart enough not to call the cops if it hears a TV show, or one of those dinner party murder mystery games?
"Amazon Echo here - Reporting a conspiracy to steal plans for a top secret military project called 'the Death Star'."
Re: Two things bothered me
"Now, let the management types of the Empire run the Death Star with no designers and no plans."
I recall from ANH that the Empire completed an analysis and also discovered the weakness, so therefore they still had the plans. Therefore, there was an offsite backup, or DR site, for the archives on Scarif.
I'm guessing that the consultants who completed the analysis made sure they were safely on a shuttle for home before the project team delivered the unfavourable report to top management...
Re: Clothing related malfunction
@Anonymous IV - It's up to us to supply possible endings:
1. and that's how he met my Mum.
Re: Bigger jumps in Version numbers
"Now according to my roman numerals chart, X is 10, and P means Million... so XP = 10,000,000"
No, XP = 999,990 , just like IV = 4
Edit: upvote to druck, I'm late by XV hours.
Magic chip or method...
I'm patenting a thin plastic shim that can rest between the contacts of the power button, in combination with a warning label, "No user serviceable parts inside".
I'll rent them out... I'll only need one per computer shop, and I get paid every time they're removed.
Where's the "bundles of cash" icon?
"Galileo can be blocked for civilian use in an emergency"
1. Wait until every car, lawnmower and bulldozer is self-driving and dependant on Galileo
2. Trigger an emergency
3. Enjoy the chaos...
Am I on the watchlist now?
Re: Economies of scale?
Did he include his PA's time in the pricing?
Re: First one
There is a reason why sailors stopped using larboard/starboard.
Legitimate/Bastard would be a readily-recognisable terminology.
"So, that's the procedure I'll be using, do you have any questions?"
Yeah, what's your favourite music?
Re: What's wrong with a CLI?
@Flocke Kroes "Although PHB's from the 80's could do something constructive with the command line"
Really? I thought they were too busy asking their secretaries to print their emails. OTOH, their secretaries were probably doing quite a lot from the command line, or using obscure key combinations.
"it may provide a new way to translate speech into other languages"
Or, more likely, humorous and deadly anecdotes of mis-translation...
Consider descriptions of a cow being slaughtered in Hindi and Texan.
"My hovercraft is full of eels"
Re: The last "ship" to bear the name HMS Tamar
@SkippyBing - The Tamar government HQ was opened in 2011, it didn't exist in 1997. You're thinking of the former Prince of Wales Building, now the Chinese People's Liberation Army Forces Hong Kong Building: http://gallery.moeding.net/AroundTheWorld/Asia/China/HongKong/Prince_Of_Wales_Building.jpg
which is just next to Tamar:
which is built on the filled-in ship repair basin. Both were part of HMS Tamar.
The PLA went to the Prince of Wales Building first because all the military sites were transferred to them at the handover. Government House is owned by the civil government, though the first Chief Executive chose not to live there, probably to emphasise the difference from colonial times.
The last "ship" to bear the name HMS Tamar
Was the shore station and headquarters of the British forces in Hong Kong. Tamar is now the name of the new Government headquarters on the same site.
"Any naming scheme will end in duplicates, it's unavoidable."
You've obviously never visited Hilbert's Hotel.
Re: That's all very well...
"If they cannot be fixed, I'm sure that most people with one of these will just junk it."
Why? Even if they see the warning, as long as it's still functioning, many people will just keep using it, completely unaware or uncaring of the DDoS or other nastyness running in the background.
@Dog11 - "How else to make a front panel with lettering that looks silkscreened?"
Mirror-image print on acetate sheet?
@MNGrrrl: "Nobody has tried something like this before"
Well, not since Atlantis, you can find the original engineer's report and planning permission buried in soft peat at the local planning office.
@jake - I think we need to know the size of a qualifying earthquake first, we don't want you dropping a feather next to your seismograph and running off with the pot...
"Sssh!, not so loudly."
Too late, HAL's already reading your lips on the webcam.
I'll get my spacesuit... with the helmet.
Re: Wrong way round
Or they changed from the default locale, but it silently resets on every update... or possibly, whenever it feels like it.
Re: Vote Fraud? Are you CRAAAZY?
You've missed the point - it's not the Democrats that are calling "Vote fraud", it's some academic saying, "this looks odd". It's been shown that many of the machines can be hacked, he's asking, were they hacked?
The underlying question is why the USA tolerates insecure voting machines, but Trump it seems is also uninterested in this when the results favour him.
Re: Only just saw proof they are bunch of cowboys
On a bicycle? What happened to his horse?
Re: Witless idiots
"Error messages should be short enough and clear enough to be remembered."
Ah - like "PC LOAD LETTER" then?
Re: Can you hold down the power button
@Terry 6 - "drivers have no idea how to top-up the jets" either you have some seriously overpowered cars where you are, or you're looking for the word "pilots".
Hoist by your own petard - you did say not to use jargon terms.
A fine tradition...
Nice to see KCL getting back to the vision of their founders, but perhaps a little more emphasis on the other half of their motto is required: Sancte et Sapienter "With Holiness and Wisdom". The backups are certainly holey, but where's the wisdom?
Disclosure: I'm a UCL Grad.
Re: And after Brexit...
Not to mention the paperwork for importing/exporting weapons components...
Re: Election night live...
@Oengus - First comedy channel to hand out nuclear launch codes... watch out for the punch line!
If they come from France, do they use tiny guillotines?
Leaks password, check. Leaks Wi-Fi password, check. Can be spoofed, check. Ding! We have an Internet of S**t winner
Re: Which is exactly why I build mine out of Raspberries and Bananas
AC, IanRS - you two are a right pear.
And Spinach Harvester now outranks Alligator Wrestler on the World's Most Dangerous Jobs list.
"automatically orders spare parts"
If that includes printer ink, they might have some really big bills...
"Scammers also watch out for registrars bulk discounts"
Am I just being terminally dim? Who has a legitimate need for bulk registration of domains?
Recalling "some of the products it had sold in the US"
More to do with lawsuits than actually solving the problem.
Re: Fundamental point of blockchains
Wait - someone trusts the banks and government?
Mine's the one with the tinfoil hat and barter goods in the pocket.
Re: An immutable record, you say...
Where can I get their music?
Re: Not being old
"Most are the opposite" - I'm not sure about "most", which leads to the next problem, we've got all these bloody coloured lights, flashing or not flashing (at indeterminate intervals so sometimes you're waiting, trying to decide whether or not it is flashing), trying to TELL US SOMETHING, but I DON'T KNOW WHAT and the sodding things are "labelled" as a raised black plastic icon on a BLACK BACKGROUND that I don't recognise even after I've used an oblique light to highlight the shape.</rant>
I think I'll go and lie down, my charger is signalling in morse that my phone is about to catch fire and my router is flirting with with my air conditioner.
Re: Image of "Here Nelson Fell 21st Oct 1805" on HMS Warrior
Bloody hell... you say the HMS Warrior crew have stolen the deck from HMS Victory! Keelhaul the blaggards!
(HMS Warrior was only launched in 1860, Nelson never stood on it. It is also iron-hulled and still afloat, not far from HMS Victory's dry dock)