...at the very least use VPN!

That would be too much like right. In fact, I would wager that the result of this will be that instead of a relatively unknown flaw on all of these systems, there will be a well-publicized flaw on most of them as their admins fail to patch them properly or in a timely manner.

I know that this is a recurring theme in network and system security, but it would seem to me that a vendor could gain a reputation for security simply by implementing and promoting its willingness and ability to update its systems in much the same way many apps and OSes currently do: automatically. We see a lot of stories involving appliance, SCADA, and embedded systems not being updated because admins are just not getting the job done. How many systems out there get the job done painlessly and consistently?

Re: Deep breath now...

Things you cannot do in the "modern" interface...Switch apps with two keystrokes...

I emphatically do not like the new GUI, but ALT-TAB still works. In fact, it was one of the few familiar things I found when using a friend's new laptop. Not so sure about the rest of the comments as I stopped using the machine as quickly as possible. She said it took her about a week and a half to get used to it. She is a non-IT type.

Re: Fail

Time to invoke Godwin's law...

Re: Ice cream for starving millions

Don't teach a man how to fish just send some organic ice-cream.

Don't teach a man how to fish, just send some organ ice-cream.

There, fixed it for you.

Re: I just realised something

Our internet connection crapped out briefly when I first tried to read the article.

More of a demigod, then.

Re: The accountants are better than the lawmakers

Perhaps not...

:START

CALL check_process

IF /i .%process%.==.illegal. GOTO PROSECUTE

GOTO START

:PROSECUTE

CALL legal_beatdown

GOTO START

REM It never ends, but let's put it here just for form's sake

:END

Re: Vulnerability fixed last year.

The trouble is what sort of operation does everyone else run? Unless your network is completely disconnected from other sites and other organizations you're as vulnerable as the least secure of those entities.

I'll give you a hint: if you throw in laptops and allow people to work from home, you will be lucky to achieve 90% compliance within 1 month. As far as physically disconnecting networks from the rest of the world, even that isn't enough. I am sure everyone has heard of Stuxnet and how it made it past an air-gap. Also, mention the word "spillage" to IA types in the US and watch their reaction - it's great fun. The greatest vulnerability cannot be patched: people.

Re: It's only one study...

@Turtle, at least you admit your bias and are interested to see more information. Congrats! You have just outdone a large number of researchers.

In one counterexample, a researcher found that simply giving kids access to information through the application of technology really improved their education. I have read others with mixed results (e.g. the One Laptop Per Child initiative). From what I have been able to gather, a good result is not based on tech alone, but fits into the existing environment. The success or failure depends on how good that fit is. There is no one size fits all solution.

Re: Ya think?

However the Press representative also made the point that too many arrests are currently made on extremely flimsy suspicions

That is why in the US it is no longer legal to ask on a job application if someone has been arrested. Applicants may be asked about convictions now, but not arrests, as it was shown that arrests could be used as a proxy for racial discrimination.

Re: No mention of Windows?

Well, it tries to first attack svchost.exe, so that would be Windows... oh, wait!

Re: Much Better

No, no, no... whales to oil.

Re: Do these guys not understand copyright?

And it is not up to the judges to decide as to whether to revoke the right, at least not until it hits the SCoTUS. So the authors have the rights, Google is doing as it will and making money with it on the way, hoping that it will all pan out in the end. Unlike YouTube (seems like a good analogy with similar legal issues surrounding it), they are going out and grabbing content themselves, not directly paying content owners, and not providing an easy method for those owners to have their content taken down if they want.

They have already established that they understand these issues and are not acting in the same manner in the two instances. This might make for interesting play in court.

Re: Four sprung duck technique

...the internet connection will only be required to 'phone home' to check licensing...

Their previous products did this on install and when, I think, pulling updates. Did this approach up revenues to the extent that doing it a lot more is going to improve them? More likely it they drive away their less profitable users - not those that were pirating the software, but those who would skip versions. The likely outcome is going to be a shrinking user base with very little change in profits in the short term. I would guess that those "lower-value" customers will eventually be picked up by a competitor who will surpass Adobe's product line. Just give it a few years.

Re: Really...

I can somewhat understand why some products cost different amounts in different countries, but where in the world does the greater than 50% mark up come from in the price of a piece of software that is downloaded and not shipped? Wait... let me guess: the UK gets the "virtual hardcover" edition while we in the US have to make do with the paperback version.

Re: MSFT the Value Destroyer

MS don't have the ability to deliver anymore, so they buy buy buy. And the result is, predictably, a complete mess, with each camp fighting internal political battles for turf.

Microsoft has a long history of buying up companies, both to quash competition and to expand its portfolio. Once upon a time, a viable business model was to create a startup, catch the Beast of Redmond's eye, sell the business, and retire. This works so well that other companies do it, too, even in the tech industry (e.g. Google, Facebook, Intel). In fact, I cannot imagine MS being the first to run this strategy, but they certainly made it work. Sure, there were some clunkers in the mix, but that is the price of business.

BTW, Eadon, do you do stand-up as well as written comedy? Good stuff!

Re: Time for an end to verbal skeumorphism

So a "verbal skeuomorph" would be a "lexiomorph?" We are not dealing with pottery here.

Re: Air bearing?

I think the "frictionless" portion needs some work. It is dependent on the fields of the two magnetic sets which are not uniform. You could see this in the video when the disks maintained their relative position to each other; when one turned, the other moved to stay in the same relative position. This can be used in things like regenerative braking and magnetic suspension can be used to reduce friction, but that does not seem to be what is going on in the video.

Re: Users Manual

Sounds like a controversial problem to me.

Re: I'd quite like a PC built out of diamonds.

Fricking lasers just sweeten the deal.

Now, if they make it in the shape of a shark, it would be perfect.

Re: It's worse than you think.

Having to deal with it in an enterprise implementation is at least as bad. What I don't understand is why folks persist in using Adobe's products for Flash and PDF. Besides the dubious assertion that it cannot be updated by a third party (how do you think most large enterprises handle their updates?), they pump out updates too fast to evaluate without managing to fix the underlying issues. I switched to a non-Adobe PDF reader a while back. There are some non-Adobe Flash implementations out there, at least according to the interwebs. I am going to have a go with them.

If this approach would become more acceptable in corporate environments, life would be good.

Re: Bait

I was taught this sort of thing in wilderness survival training. You left off using bugs for added protein, though. And roof rabbit.

Mmm... tasty!

Re: Stupid question

Homeopathy does not work

Well, it does, but you have to choose your victims patients carefully. As homeopathy's effectiveness is equivalent to that of a placebo, it should be administered only to hypochondriacs and other true believers in order to properly "treat" what ails them.

Re: the wrong way?

Well, reporting is great, but you might occasionally want to do something with your stuff. You might send a trigger to unlock the door for a legitimate guest. This sort of ad hoc request would not work well with autonomous devices. Integration has at least the potential for other benefits, to, not the least of which is ease of management. So in that sense, at least, the set-up sounds OK.

I would be more concerned with things like privacy issues and creating a single point of failure. AT&T is as capable as any other faceless corporation of selling all sorts of data about our personal lives... and this service would be very personal indeed. It has the potential for gathering and tracking an enormous amount of information (a complete and ongoing household inventory matched to individual members cross-referenced by buying habits, et cetera).

So the point of the central hub would be similar to other data gathering efforts: offer something that is convenient, swear to the people who will provide the data that you are going to sell that their privacy will be protected, then sell to the highest bidder. Extra points for getting the product to pay for the privilege of being sold.

Re: That sounds useful if I only want to read the document

Not tried Word Viewer (from MS)?

That was my first thought, too. One advantage, I suppose, is that this should provide the same functionality on non-Windows boxes. It might also be a step (or at least a feint) toward offering the ability to edit from within the browser.

Re: third-party attacks?

How many of these attacks are from organizations working for the Chinese government, and how many are from poorly secured residential machines that are being controlled by parties unknown?

From a practical perspective, it really does not matter unless pursuing the perps. If all you are concerned about is defending against the attacks and blocking these addresses stops that without causing problems, then this is the way to go.

Re: All the news that fits the agenda

Quite aside from the debate on CO₂ causing or contributing to climate change, it seems to be having an adverse effect on our oceans.

Re: CISPA needs to pass

Let me help you out there, AC:

"Think of the children, then use them to do something that is completely against their best interests."

Re: Perfect...

Careful Identity! You might set the spill on fire with that flame.

@AC Space elevators in the land of science fiction

Some might point out that space elevators could be useful on lower-mass objects like Mars, the Moon or big asteroids. The problem there is that their GEO orbits are still proportionally far away - if GEO is close enough to use a space elevator, gravity is weak enough to use a simple maglev launch sled.

I had not heard of a space fountain before; I had always assumed the elevator portion of the space elevator would use magnetic lifting rather than mechanical. Also, setting up a space elevator on the moon might make sense in as much as it provides a lower bar to get over in developing the technology for use on(ish) Earth - plus, you get a nifty moon base as part of the package. Of course there would be other problems not covered by this model (e.g. wind sheer), and it would require getting there with all of the materials needed to build it or starting a mining operation locally...

Re: bad example

Now they call that sort of set up "data entry." I am pretty sure it is with us still.

Re: Well that couldn't have gone wrong anyway...

You think the Japanese and American military get their intel from twitter? What a twit.

Of course they do and from every other online source they can find. Not that the physical defense system is tied directly to a Tw*tter feed... at least not that I am aware of such.

Re: This could be an amazing development

Don't focus only on HIV/AIDS. This equipment is not limited to a single test and is very affordable. That is the big news in this story, not its potential to improve HIV/AIDS treatment.

Re: Dinosaur resurrection out of the question!

They are all chicken!

They all taste like chicken!

... Fixed that for you.

Re: Knew It Was Coming

To paraphrase T. H. White, if it is not completely bulletproof, it will be exploited. Just because I cannot think of a reason that someone might want to exploit a particular flaw does not mean that someone else will not come up with one, even if it amounts to sheer bloodymindedness. To take the given reasons apart

A) Where there is money, there is a way.

B) Because no state entity has ever gone after non-military targets or used civilian tech to go after the same?

C) Left off: non-state actors. There may be a few of these out there.

Re: Nope...

Well, yes, but that "almost" can count for a lot. For example, an experiment on the ISS might have to account for frame-dragging, but one conducted at sea level not so much.

Re: Steaming greenhouse

But the greenies ignore this, because they are instinctively aware that most water vapour in the atmosphere is due to the sun shining on the oceans, and all their nanny-state busybodying cannot change that.

Yes they can! With parasols... lots of parasols... on rafts... all over the oceans of the world...

Re: @adnim

Please provide an example of what you would consider an 'inherently secure' OS.

OK, I'll bite: one that does not allow a user to log on?

Re: Or perhaps America is the source of the DDOS

The economics of the attack are simple: the greater the value, the greater the incentive for attack.