Re: Two inputs, no output?
Well there's a German word for what would likely happen. It's "Koterbrechen", and for the benefit of the readers I will not translate it.
4850 publicly visible posts • joined 9 Mar 2007
Even if you have a simple gigabit network cable in which the signals travel at roughly 2/3rds of light speed, you end up with many bits in flight even on the cable between your desktop and your switch.
If you had an analogue TV, you could sometimes get multipath reception. You could literally see signals just having a few kilometres more way to get to you.
It's called "Public Relation" or "Think Tank". Essentially if you manage to get yourself into talk shows and just anounce your "truth" over and over again, people will believe it.
In Germany we have organisations that just assert that we somehow really need the US to tap our phone and Internet lines. We have organisations that assert that we need to support companies more and lower the wages even more, even though that would, at best, just increase our import export imbalance.
It doesn't matter if someone spreads lies about a candidate operating a paedo ring out of a pizza parlour, those lies pale in comparison to the big lies that sneak through unchecked.
Well external PCI-E on a PC is a very bad idea, as it allows an external attacker really easy access to your PC.
However PCI-E is already common in some more exotic places like Routers. High performance routers (the kind that needs kilowatts just to drive the fans) already use PCI-E to connect the interfaces. They use a fabric of PCI-E switches there. This might even be the first area we see those new interconnects.
PCI-E already has symmetrical lines which make the problem a bit easier, but those lines are proppely engineered HF transmission lines. As far as I know the lanes don't even have to be the same length electrically, as each lane has it's own sync signal. So though this is HF engineering, a lot has been done to make the problem simpler and therefore more solvable.
However the problem is much more complex with memory interfaces as you have more lines and you need to have all your lines having the same delay.
This was apparently on the Play Store and worked on unmodified devices.
The problem simply is that sandboxes don't work. They may improve security a bit, if you manage to make them without increasing the complexity a lot, but they don't work against malware. We'd probably be better off with a simpler device which features a "mobile touch terminal" that would connect to remote services without actually executing Turing complete code.
I think that screenshot also shows many of the problems with metro nicely.
The right one isn't particularly good, but at least you have a decent amount of information on your screen, as well as some aide to help you distinguish between mime types and protocols.
Whereas the new look wastes lots of space and gives you no clue on what's going on. Does that column with the different "Internet Explorer" Logos have anything to do with what's on the left? How can I disable individual types?
"a slow 3g link and none of the SIP codecs would work reliably."
Well as far as I've seen, most wireless carriers detect VoIP and give it a very low priority on 3G networks. I guess they detect small UDP-Packets coming at regular intervalls as the first second or so usually works. However with LTE that works like a charm.
I guess Skype can also use TCP for voice streams. That's a bit harder to detect.
However, if you are on a 3G link, you might as well use that for telephony. WDCMA/UMTS was designed for isochronous streams.
"The problem with your thesis is that code is ultimately written by humans."
Of course, however as there are huge differences in how safe people drive, there are huge differences in how safe people code. The self driving car industry (or whatever of it already exists) has the great advantage of still having a concept that appeals to people. Therefore they still get good people who are sick of recognizing product images to place more efficient ads.
However in the comming years, as more and more companies enter that market, that might fade, and you only have average or even sub average programmers in such companies. Also programmers will realize that, although self driving cars sound cool, any car-based future is likely to fail, simply because we don't have the resources to sustain everyone having a car.
That's why there are additional security measures. For example in most civilised countries they add a special smell to the gas and if you think you smell something, you have a special hotline which sends you a technician to check it out within an hour or less... no matter if it's day or night.
"Are you sure, or this is just wishful thinking? Do you have actually real, verifiable data about that? Mirai is a "customer modificatiion" of devices as well - and it didn't made them more secure <G>."
No, Mirai was a 3rd party modification, done through actual security bugs, and not via the way a normal customer would modify it. It's not like the people installing Mirai actually bought those devices. They are not customers, so obviously it's not a customer modification.
So far OpenWRT didn't seem to suffer from any of the security problems manufacturers ship their devices with, because they smooth out the attack surface (no TR069, web interface is optional, etc...) and have regular updates. OpenWRT is in most, if not all, cases much more secure than the firmware the manufacturers shipped with their devices.
Yeah, that's what TVs in modern households are like, basically just big monitors optimized for moving pictures. As for watching actual broadcast TV, that's what external tuners are for. In my case that's a dedicated computer running VDR connected to a satellite dish. It records shows without any form of DRM, and if I want to stream I can do so easily.
Back in the 1980s, Sony actually marketed the concept of a "modular TV". You could get individual components (Tuner, VCR, amplifier, etc) and put them together any way you want.
Of course, but that shows the problem is rather complex. It's a purely academic problem though, since you can already manipulate safety devices on lots of machines. If you did that, the manufacturer obviously isn't at fault. That's not a real problem. So far virtually all customer modifications of IoT devices made them more secure.
BTW user-modified devices are commonly inspected and approved in the car industry. Many countries have some sort of "approval" process by which your car needs to be checked every few years. It it fails, you need to fix those problems or remove it from traffic.
Actually we're getting to a point where we neither have good or cheap or fast products. Just look at the FreeDesktop/SystemD people which add buggy feature after buggy feature. The same goes for IoT devices. Just look at a "modern" "connected TV". They get harder and harder to use, more slow and all that because of marketing driven development. Essentially you get devices which are build bad, slow and expensive on purpose.
Compared from our current state, we could easily go into all three directions at the same time. We'd just need people who know their limits and work within them.
Potentially governments could mandate "security theatre" like "secure boot", enabling manufacturers to lock you out of the devices you bought.... while in the meantime they still ship their insecure shit, and patch months to late.
It's a problem requiring more technical knownledge than governments usually want to have, plus it has the potential for more surveillance, which governments like.
What we need are mandatory evidence based minimal security standards. Slowly, but surely those standards get more and more strict, allowing for software manufacturers to adapt to them. Essentially those standards would try to weed out the idiots. If you don't adhere to the standards, you will be accountable for the full damage occuring.
This worked fine for electrical engineering.
It's more like screwed by quality control. In times when they ship Microservers which have a shiny UI BIOS... which fails to boot reliably, with boot loops even long before it even tries to access the OS, it's no wonder people prefer not to buy HP equipment.
HP used to be about quality. If you find an LaserJet 4 from 1992, it's likely to still work. Later models had obvious problems like paper feeds facing upwards... to get that extra load of dust.
What happened there is probably the same thing that happened to Siemens. In the 1990s the managment turned over from engineers and physicists to economists. That prevented good engineers from joining and the good ones alread there gradually retired form the company. So gradually the engineering got worse and worse, often accellerated by idiotic cost cutting strategies. This means additional measures to restrain the engineers which squeezes out even more of the good ones.
HP simply lost that delicate balance between engineering and economics. That's why the products got bad, and that's why they are loosing money now. Not because of some "cloud".
Yes, this is just the serial port. Many of those systems have the ability to load iso-images as CD-ROMs... since Windows automatically mounts new CD-ROMs it sees and executes code from them, that's easily wormable.
Simply put, the more complexity you put into a system the less secure it'll get. Here you even have hidden complexity, as many people will not know about that feature. Since it's also on your main network interface, you cannot even go the sane way and use a dedicated control network. (or in fact have it on a separate switch and just activate the ports you want to do maintainance on)
"How much is London to Edinburgh in Hyperloop going to cost?? And what volume of traffic and fares is going to justify it?"
Just just generate enough hype to get the money from investors... then go bankrupt when the current bubble bursts and buy the assets again for a fraction of the original price.
That's how we got the Iridium satellite system. That's how we got long distance fibre in Germany. (In fact near some Autobahnen you could find fibreoptic cables not yet dug because the company ordering it went bankrupt while it was being layed.
... where we already have such mandatory rules, the job of the "Datenschutzbeauftragter" typically isn't staffed by someone particularly adept with technology. It's more a compliance type of position. You make sure you have an overview about what kinds of data are stored and when they are supposed to be deleted.
It's not an infosec position.
"Metadata" is _much_ more important than the actual data. With it you can automatically track networks and people. And surely the secret services already had access to that....
...it's just that secret services are not the police. They are not responsible for stopping crime, their tasks are, obviously, secret. Usually they are supposed to work more or less like a news organisation, but keeping their findings secret. More and more they seem to be occupied with trying to find some justification in a time when they fail more and more often. (apparently US secret services were completely surprised by the fall of the Berlin Wall)
Also they assume that there was some "network" behind it, giving orders and commands. There doesn't seem to be any indication of that.
... they look at the top 100(00) sites their ads are already shown on manually, and then whitelist those which seem to be OK. That's feasible for any ad company.
If you have a business model based on selling ad spots, that puts you in a difficult situation. Unless you are already among the top sites you'll never be able to run any ads and therefore have no or less income.
I mean those leaks are politically opportune. The US constantly claims that the Russians are meddling with them. Then someone leaks supposed evidence in a highly incompetent way.
I wouldn't be surprised if this turned out to be some sort of false flag operation.
Well the main point was, that the cost of a call now is so low that you can just make one... even internationally.
A far bigger problem are closed numbering schemes, where it's easy to predict telephone numbers. In Germany, for example, there are open numbering schemes. So your area code can have anything in between 3 and 6 digits, and your subscriber number can have anything over 3 digits. I have a 7 digit number, but the next door butchery has a 3 digit one, both in the same area code. Therefore you cannot guess telephone numbers.
"Carriers that fail to do this, get dropped from the interconnects."
That's essentially non-enforceable.
1. Interconnects are contracts and cost money. There's even billing involved, so it's card to break those contracts.
2. The telephone network is far from being star- or tree-shaped. If someone gets a telephone call from an odd number, there is no way of knowing if it's a legitime call from abroad or just a wrong number.
3. It's virtually impossible to find companies that do send wrong Provider-Asserted Numbers. We've tried that, and so far we could only go one other company, they then say, that they already got those numbers from another carrier who is abroad.
People act as if this would be a big problem. It's not. For decades telephone networks were electromechanical. There it was utterly impossible to trace a call without putting lots of work into it.
There's the "User Preferred ID" and there's the "Network Asserted ID". In Germany you usually get both, unless it's blocked, but 0800 providers or emergency services will always get all of them. That's because when they introduced ISDN, they moved the analog subscribers to something called "ANIS" (Analoge Nebenstelle am ISdn). This provided ISDN-features on your analogue telephone. However since they wanted to continue to charge money for caller-ID, ANIS lines blocked it by default.
The "Network Asserted ID" should be tightly controlled by the carrier... however many of them don't. White you can send any "User Preferred ID" you want (even on ISDN when you paid for the CLIP No Screening feature), the Network Asserted ID always should point to some real number that really belongs to you. Again, some carriers either send garbage there (like German calls to Germany via some foreign country... but starting with +41 instead of +49), or even let you send your own number. This shouldn't happen, but it does. Just like CAs should check who requests a certificate.
If you have a youth without any hope, they are going to do such things, no matter what religion or other ideology they believe in. Austerity simply is wrong, and it will look wrong from many viewpoints.
So create a financial transaction tax, tax capital (at least the one noe invested) and take all of that money to kickstart the economy. Make a "New Deal" or a highly restrained form of capitalism. Invest in schools and universities, scrap tuition fees, perhaps even create a basic income.
Much of the workstation market directly moved from proprietary unixes to Linux or MacOSX. The areas that went to Windows typically don't need much power, so you'd typically still run them on 10 year old computers. At one company I was working at, we still had a CAD package called "Protel 98". It's still being developed under the name "Altium Designer"... but seriously you don't need a powerful computer for it.
In any case, those are all just cut down versions of the same operating system.
LEDs are an output device, so obviously you can output any data via it. And before you ask, you can also 'leak' data via soundcards, printers or screens, just like you can do it via power consumption.
The point is, if an attacker can execute code on your computer, you probably have lost. That's why things like office macros, Javascript, or any of the successors are so problematic. They break down the barrier between data and code.
He did have a case when somebody wrote some code and offered it to Linux. Linux politely rejected it, but he was misunderstood as if that code could be in the kernel if it was only polished, so the person worked on it for some months and offered it again... where it was of course rejected again. The coder then took his life. That's why it can be problematic to be to polite to people.
We have to understand that there are areas we cannot afford inclusion. It's like making sure only qualified people are in an operation room during a surgery. Infrastucture projects must be maintained by qualified people, not by people who believe that, just because they came up with all the bad ideas of the 1990s again, you could work in operating system development.
Free Software has the problem of a huge influx of bad coders. People who, like in the 1990s, build hugely complex architectures without ever getting to the point where they offer any use.
It was the common hardware platform which was easy to clone and extend without sacrificing basic compatibility that made the PC so important.
Once SoC manufacturers create a common ARM-platform, they will conquer the PC business. However that's unlikely to happen, as vendor lock-in is more important to them than setting a few million more chips.
Actually all of that can be done with ZFS easily. Things like making a "snapshot" of your filesystem get done in sub-seconds. That's not quite a backup, but something to save you from the occasional "oops".
BTW rsync's main features is to compare 2 files. So in case your local file, or the backup gets corrupt, it'll make another copy.
Obviously, you'd still want to store your old snapshots as full backups to some external medium like tape. At least in a professional environment.
Reviewer have a weird view of the world. Devices lacking headphone sockets, SD-cards, replacable batteries or even keyboards seem acceptable to them. Instead they focus on minor details like CPU power or how the display looks like in a totally black room. This device is optimized for that.
Typically companies are entrenched in the way they work. Even if you know where the problems are, you cannot change them.
Typically problems get hidden from the that could, in theory, change something, but even if they want to change something, it usually fails.
Well there are some problems which prevent ideas from emerging.
First of all, it's comparatively hard to develop for such watches, regardless of manufacturer. Typically you need to install some kind of development environment on a separate computer. Adding to that may be the time you need to get aquanted with that. That process is to slow to hack together a prototyle to satisfy an immediate need. Therefore most good ideas get lost.
Then there are some dogmas, like having a TFT or OLED display, both needing far to much power... and having a fully blown operating system which is then cut down to displaying a clockface and some notifications. That also takes lots of power. The Pebble approach is much more sane.
If I was to design such a device, I'd include a simple development environment, like an old school BASIC Interpreter, and make that accessible via ssh or telnet. Essentially you'd enable that on your phone, it would display its IP-Address as well as a security token you can use as a one time password. Since most applications that solve a problem can work in less than 100 LOC, that's still managable.
systemd
-free Devuan hits stable 1.0.0 status
"Maybe people who have actually used (as opposed to just flaming) a systemd-based system for some time, and got used to it?"
I have, and I regularly have weird behaviour that's annoying. I don't know how much of that is due to systemd, and how much of it is due to all that Freedesktop crap, but it's certainly another step down for me.
Well actually, as a German, I have never seen my government defending me against the US, or US companies. (see NSA scandal) However there might be a tiny little chance they might do something against the Chinese.
BTW economic wars typically aren't between countries, but between the ultra-rich and the rest.
It's not like you have much choice in the mobile world. Location tracking via WIFI over a central server is, unfortunately, standard by now. It's just that Apple doesn't yet have an advertisement branch... yet.
Unfortunately you cannot simply run something like Debian on your mobile phone, removing all that crap the manufacturer put on there.
Essentially in the long run, we're probably better off with mobile terminals connecting to our own servers. Essentially you'd make something about the form factor of a "Pocket CHIP" with WIFI and a separate simple microcontroller running the terminal. You'd then use an LTE router to connect to the Internet. For telephony you'd use a simple "dumb-phone", yes those still exist!
I mean last time I checked, there were apparently no concepts or demonstrators for that kind of power plant. If this was actually a way towards the future, you'd expect some little demo reactors being built to find out what problems you get when scaling it up. It's just common engineering practice.
Actually that "Something you are" part is very bad, as in reality you want to give up your security in certain situations, i.e. when you face actual danger to yourself. It's much easier to give someone your password than having your finger cut off, or your eye removed. Stupid attackers may do that.
To any smart attacker, Biometrics is not a hurdle at all, particually the stupid things like scanning irises.