"unless you've been wise enough to install a plugin that blocks access for unauthenticated users"
I thought I had implied that by saying security best practices were to be followed.
429 posts • joined 25 Oct 2007
"unless you've been wise enough to install a plugin that blocks access for unauthenticated users"
I thought I had implied that by saying security best practices were to be followed.
Nope. With Flash, fixes took up to a month to appear. Just keep your WP sites up to date, and you're relatively safe. Security best practices assumed to have been followed, of course, such as not having an admin account with the username "admin" and "pa55w0rd" for a password. But that is hardly something one could blame on Wordpress.
The judge clearly does not understand this basic principle. Unfortunately, in the U.S., that seems to be a common problem.
The way I understand it, the Li-Ion cells used for the ISS are not of the kind used for most mobes or the Boeing 787. There are two basic technologies, one saving some weight (which is why Boeing used it, only to have several planes go up in flames) and the other being more stable. I will assume the latter technology is being used to resupply the ISS.
In that case, I'm not available.
But that would, most likely, be illegal to print. Or at least certain people in the U.S. would say so, whether they have a legal basis to stand on or not.
I read in the article that NASA was aggregating "[...]all of its published research[...]"
So, if the research was previously published, how can aggregating it in one place (which constitutes not a new publication, but a mere convenience for other researchers) be in breach of regulations? The original publications would have been in breach already in that case, but this is not mentioned to be the case here. Can anybody enlighten me?
"I expect you know this, but use an admin user just to install (okay, copy) software to the /Applications directory and a standard user to run them."
That is SOP for me. Unfortunately, not for my customers.
"Wouldn't messing with the Applications filesystem require root?"
Not for user-installed applications; those are usually not system-level protected. Which is why a ransomware application could merrily encrypt a bit of anti-ransomware--which would reside in the Applications filesystem--without that very anti-ransomware noticing itself being encrypted, if the Applications filesystem is not being watched.
Fine-graining is all very nice with the permissions, but root needs to be root (in case of a seriously banged-up system, you need to have an account capable of fixing it. Trust me on that. Been there.) I'm all for more dexterous permissions, but that's hardly likely to happen in a consumer OS. Granted, the system-level filesystems on MacOS are safeguarded relatively well (compared to certain other players), but the problem remains that the Applications filesystem has mixed permissions depending on who installed what, so remains vulnerable with most user-installed apps being part of Userland.
Yes, I know I'm borderline paranoid. Which I figure is a good thing if you're a sysadmin.
I had commented here:
that that earlier effort seemed a little half-arsed to me because it did not watch the Applications filesystem (and got downvoted for that, thank you!) and could not be configured to do so.
This approach sounds a little more holistic to me. I'll give it a try once it's in beta.
"[...] but you can't fault the design or materials. Makes the Apple kit look dated."
I agree with you that Dell mobile kit has come a long way in the last few years in materials and quality both, and I did intentionally overstate my sarcastic remark (that's why I put the tags around it...). Still, my point really was that Dell kit looks nothing like Apple kit (and I am not putting a preference on that, just pointing out they look vastly different). Hence my statement that a sticker across the logo isn't going to fool anybody.
<sarcasm> Right. Because what the guys from Cupertino have banged together in China looks absolutely identical to what the guys from Texas have banged together in China, with its cheap plastics and overweight chassis. </sarcasm>
Put a little less sarcastically, not gonna work.
Business as usual.
It's Friday. Pint of Doom Bar, please.
Nope. This is being made not by those interested in knowing where, when and what you buy, but by those interested in others not knowing. It's a rather big difference.
I was about to say the same thing... have an upvote.
These are Li-ion cells, i.e., salts of Lithium in solution. There is no metallic Lithium anywhere in or near those batteries. While the other chemicals involved are pretty volatile, what you get in a battery fire is not a "metal fire" but a pretty much self-sustaining, rapid exothermic reaction of the components of the battery. Since it is self-sustaining (i.e., does not need external oxidisers), pouring water onto the ongoing mess will not add significantly to the reaction. As noted by others already, it will cool down the mess and thereby reduce the total amount of damage.
Oops! Sorry... (that's what I get for hacking my comment in on-the-go)
Also, as opposed to the opinion of the article here, FW was not an Apple-goes-alone, but a collaboration between Apple, Sony (who call it iLink... go figure) and Intel. Thunderbolt is another Intel idea which was adopted early by Apple, just as USB was initiated by IBM, Microsoft, DEC, Intel and a few others, and though 1997 IBM PCs had a USB interface on the mainboard, Apple were the first to include external USB connectivity, to my best knowledge.
IEEE 1498 (aka iLink, aka FireWire) still is the definitive interface in most professional video and audio settings, though slowly being displaced by 10GBit Ethernet.
That said, I always found Apple's displays rather pricey for what they offer, so I'm not really touched either way by them being discontinued. Never had one.
The way I understand what was announced by Canonical, containers will share identical libraries, so the storage overhead will be greatly reduced. At the same time, different versions of libraries will be used by the appropriate applications, so there will be fewer problems with library updates.
It's not a fix-all, but it sounds sensible to me so far. Let's see how it works in real life.
Agreed, there, up to a point. To me, "more like Windows" through long experience means less user-friendliness (that's starting with Windows 1.0 here, as a sysadmin). I strongly prefer an OS where I have a choice of features I can enable (and not a bunch of "features" that I need to dis-able (hello, Ubuntu!) to protect my privacy).
For a highly user-friendly GUI (most Operating Systems could run it easily, what most people see from any OS is the GUI and they tend to confuse both, due to Microsoft marketing Windows as an OS while it actually is a GUI running on top of NT...). I am still highly impressed with IBM's Workplace Shell as demonstrated on the OS/2 v. 4. Clean, lean, and to this day not improved upon.
"And there was me thinking that, pre unity, [...]"
Unity is Ubuntu's failure to create its own GUI, (and the reason I no longer use Ubuntu -- for a power user, Unity just sucks: like Windows 8, a smartphone GUI on a workstation). Mint is based in part on the need to have something with the out-of-the-box-ity of Ubuntu with a GUI people can actually use. Do not confuse these two projects, even though Mint is derived from Ubuntu. But there's a very good reason why it is derived...
"The developers should be making it more Windows like"
Er... NO!!!! Most definitely not! Windows is why I use Mint! (and several other distributions, and a couple of flavours of BSD...)
Thanks to the madness included in modern "smart"phones and tablets with cameras, all images taken with them include in their metadata GPS data of where each image was made. Also, these are "personalised" devices which tend to have real-life user data available to malware like Bacefook and similar "apps." On some devices, you can turn that off. If your device uses Android, you're... er... starts with an "f"...
I want that same judge for my various grievances against Google etc....
Is it running Windows? Just a guess...
Funny idea here... the ransomware might just encrypt the blocker's binaries, wait for the next reboot, then go on its merry way, since the app binaries are not stored inside user directories. So Ransomwhere would be easily encrypted (user-installed apps not being write protected nearly as well as Apple's bunch of cruft that comes with the OS) without itself noticing, making it unable to be loaded on reboot.
So the ransomware blocker should probably also be looking in the Applications folder, at least.
I do appreciate the effort here, but it looks rather half-assed to me.
I wonder whether these congresspeople ever think their ideas through to the end. If they insist on weakened encryption, this encryption will not only be broken by law enforcement, but by criminals ranging from individual to corporate.
Which would put a stop to most high-value technological development.
Think about it. Boeing and Airbus would know exactly what the other company is developing. The 787 came out before the A350 in part because of industrial espionage by Boeing; with no secure encryption available, this kind of thing would not be a single occurrence but a constant one. So both companies would stop doing any high-risk development out of fear that they invest the billions into R&D only for the other company to file the patents first. You may replace "Airbus" and "Boeing" with the names of any other high-tech duopoly you like, there are quite a few. Think space booster development and defense contractors.
The same goes for scientific progress. In the higher academic circles, he who publishes first gets the Nobel Prize, not necessarily he who did the actual work. So work would get slowed significantly, because top-notch scientists would be unable to use electronic media for communication for their work any longer, lest another team grab the laurels of years of work they didn't do themselves. It has happened before, many times, just so far through negligence letting papers lying around and not by default decreed by law.
Those are only the two most obvious considerations, but I somehow doubt the congresspeople (and the many other legislators the world over demanding encryption be banned outright!) ever thought things through even this far.
Also, not understanding proper procedure in international investigations is a bit of a hindrance. A U.S. subpoena is only legally effective within the jurisdiction of U.S. courts. Though it seems some U.S. courts think otherwise, as in the case of Microsoft's Irish dependency, this does not extend to any place outside the U.S. and its embassies abroad.
The same goes, of course, for all other courts internationally.
Even more strictly speaking, Adobe acquired Macromedia, which had acquired FutureSplash.
Adobe had been offered FutureSplash in 1995, but was uninterested at the time.
Nope... according to the kind of mentality working in personnel departments, you are a number, data of which is to be collected, collated, cross-referenced, and, if possible, sold at a profit. And I've seen that happen at a company with a total of less than 20 employees.
Er... is there a reason you're removing kb2952664 twice, or is that a typo and a different update is supposed to get removed?
Now to enforce the ruling...
Sorry for the bad pun, but this just re-confirms my decision to never, ever, get a Bacefook account. My privacy is worth more to me than the convenience of just about everything Mark Z's service offers. Have something important to tell me? I've got a phone. Something not quite that important? Got an email address. I have no need to spread out my private life for the whole world including various secret services to peruse, and if I have something to tell a buddy... I have their phone number or email address. And public keys.
Plus, honestly? I don't have the time to check in with I don't know how many services online; Facebook, Xing, whatever else certain people expect me to be on. I'll stick with what I can reliably encrypt, thank you very much.
You didn't read what I wrote. I was not about to buy anything, nor was my former colleague's company. But Microsoft putting the pressure on for everybody to downgrade to W10 lost them a mid-sized customer with good standing in the scientific community and a certain amount of representativeness. Others will most likely follow. Extrapolate from there, if you will.
"In a "oh god is this really the final push I need to switch to Linux full time" kind of way."
I just heard from an old colleague, who is on the admin team of a science outfit that still has approx. 800 virtualised Windows machines; most on W7. He told me that this thing finally convinced their board to switch to Linux.
Given the distance, and signal deterioration due to the magnetic fields and solar irradiation in between New Horizons and Earth, as well as (where the probe is currently travelling) the significantly higher-than-near-Earth amount of cosmic radiation, I find 1 kbps to be a pretty amazing achievement. Not to forget the constantly changing amount and speed of the charged particles of the Solar Wind, which is also detrimental to the type of WiFi being used here.
One might reciprocally conclude, as some other commentards have already noted but not spelled out as such, that rural England must be somewhere in the Kuiper Belt, rendering the entire effort having gone into the extended mission of New Horizons redundant. Just plonking down the probe somewhere in the Midlands should have done the job.
Pint of Proper Job, please...
...the Burt Rutan touch in the design? The project's website seems to be very careful not to mention who built the aircraft, but this certainly looks like a Scaled Composites job.
" was a witness to the Nagasaki bomb" -- the Nagasaki bomb was not a thermonuclear explosion, just a simple fission bomb, though.
That was not a miscalculation, but ignorance. At the time, nobody knew that Li-7 (a 60 % part of the secondary charge) was highly reactive, hence the runaway reaction: Li-7, being fed Neutrons by the primary charge, more or less amplified what had been intended, by fissioning into fusion fuel. Had they used mostly Li-6, the calculated result would have been achieved.
Before the Castle Bravo test, nobody had known this, hence nobody could calculate the effects correctly. So... OK, a miscalculation, but due to missing data. I would say that makes it a case of ignorance over a miscalculation, since a miscalculation is usually what happens when you have correct data input and still get a wrong result.
I'm thankful that I can sit here and talk about such grand failures of engineering (because that was more or less an engineering problem, not a physics one; the phyiscs underlying the process had been worked out a decade earlier...) and have a beer while not being at undue risk of being incinerated. Pint of Doom Bar, please...
Nah, the layering of frozen gases that allowed the planet-sized catastrophe in the short story seems highly unlikely at this time. Mind, Niven was writing from the state of knowledge at the time.
"That's still smaller than Earth's moon, at 3,475 km – so sorry, Pluto fans, you still won't persuade academic astronomy to upgrade it back to being called a planet."
Even if it were larger than Jupiter, Pluto would not be a planet by the IAU definition, not having cleared its orbit of other objects. On the other hand, of course, any object with the mass of Jupiter would have done so pretty early on. The IAU definition also has no definition based on size as such, only that the object to be called a planet would have to be in near hydrostatic equilibrium, i.e., shaped near-spherically due to the gravity induced by its own mass.
I am somewhat saddened by the many people who insist on categorising Pluto as a planet, when the reason the IAU formed a group to hammer out a binding definition of the term "planet" for the first time was the discovery not only of many approximately Pluto-sized objects beyond Neptune (the TNOs or Trans-Neptunian Objects, most of which turned out to be part of what is now called the Kuiper Belt), but also that there are several objects co-orbiting with Pluto which are not orbiting Pluto at the same time.
The IAU did not, as I once heard from a fellow hobby astronomer, "vindictively downgrade Pluto," but they for the first time defined what a planet actually is. Pluto, if you so will, was unlucky in falling through the grid by not fitting one of the three criteria. Case closed, get over it.
All that said, I am following the incoming data on the first TNO ever explored at relatively close range with high anticipation. This is already very interesting, and will become more so as New Horizons will continue sending the data being gathered during the Pluto encounter over the next two years.
He famously said that so long as you get telemetry about the failure, it's not a failure. We're talking about rocket science here, which often is edge-of-the-art and not just state of it. It's a high-risk business.
So long as they get data as to what went wrong, and how, they can improve on it. That's how progress is made. So, scratch a few million US$ right now if this goes wrong, but in the long run, once the wrinkles have been ironed out, things become more reliable and far cheaper.
Many people these days seem to have forgotten that big things don't happen overnight... big development takes big time, and in space technology, just about everything is big. Musk is sticking with it (like von Braun did, and many others during that crucial period in space travel development). I hope he will continue to do so.
"What can be patched is the underlying security hole in Windows or IE" -- you do realize, of course, that many a sysadmin regards Windows as being the underlying security hole?
@Shadow Systems: beautifully put. Have an upvote.
When the probe was proposed, the mission was considered a little daring—not too daring, but borderline. Considering the amount of data gathered, I am very happy they managed to get it on its way. So, goodbye MESSENGER. You did a great job. May many more probes follow you to refine what you found. RIP (Rust In Pieces), and thanks for a job well done.
That also goes for the people at NASA having planned and realised this mission, of course :)
Biting the hand that feeds IT © 1998–2017