I'm shocked that a country which still hasn't got around to chip and pin and still relies on a illegible scrawl on a piece of paper to confirm purchases cannot deal with electronically verification of a passport
736 posts • joined 28 Nov 2007
I'm shocked that a country which still hasn't got around to chip and pin and still relies on a illegible scrawl on a piece of paper to confirm purchases cannot deal with electronically verification of a passport
f its anything like the UK it will take them ten years and cost several billion dollars
I'm willing to help. I can get them a copy of OpenSSL for a snip at £1 million, no questions asked
♫ "The chances of any car hitting the earth are a million to one he said" ♫
"detects 94 per cent of Daesh propaganda with 99.995 per cent accuracy."
Funny way to spell Danish. Still the world will be a safer place with a few less Carlsberg ads
Quis custodiet ipsos custodes?
I used to have a weird problem loading gunship on Spectrum. If I tried to load it all the way it would fail, but I found if I played the tape until there was a pause. Loaded that bit. rewound to start and load the rest it would work.
Also The more expensive the tape deck the less chance of loading. Speccies loved cheap mono tape decks.
I thought home taping killed music...where are all these streaming services getting it from.
The irony here is that the Suffragettes achieved what they did, in part at least, by being abusive and threatening.
There's some truth to that. The initial non-violent campaign gained little traction, while the more activist one kept the issue in the public eye. However the downside was that the government felt they could not support the cause, because it would look like they were kowtowing to violence, so stalemate.
In truth it was the 1st world war, that allowed a suspension of activism and more women in the workforce that enabled women to get the vote. In hindsight it is pretty clear that it would of happened eventually due to the industrialization and universal education. Whether it would of happened sooner without the outbreak of war is another question.
Is that an air leak I'm hearing or 83 plumbers going "ssssss, that'll cost you, can't get the parts anymore guv"
Facts aren't all that easy to come by. Honest scientists and journalists, among others, spend a lot of time trying to make sure of them. The test of a fact is that it simply is so – it has no "alternative"... In most times, most places, by most people, liars are considered contemptible
It is so sad that we live in a world where not only is that no longer the case, but the new norm is that that serial liars get elected to the highest office in the land
CEO Jeff Jacobson, a member of the Xerox “old guard”, is incapable of creating
long-term value for Xerox shareholders short term profit for Icahn and should be replaced immediately:
Fixed it for ya!
@KSM-AZ is asking the correct questions rather than all this, there's an exploit, we're all going to die bullsh*t
The potential exploit is a proof of concept on a processor, but processors run on systems and there is a layered approach to defenses which a potential hacker needs to overcome. This is however a long way from producing a universal exploit on a real system that can actually do some damage
If you are something like a financial organisation, your risks are higher, but so are the safeguards and the difficulties applying the exploit, so same applies.
This is not to underestimate the possible seriousness of the exploit or that fact their appears to be no easy software fix but the basic fundamentals of cyber security have not changed. The risk needle has moved slightly, but not to the point where the world is coming to an end. so keep calm and carry on
1,000 capacity maybe for hub and spoke, could you imagine 1,000 people all waiting for immigration, customs and reclaim?
I guess you've never been through a US airport immigration
"That's because a package weighs fuck all and needs delivering yesterday. If you want anything bigger than an A4 envelope and it's not in a rush you need a boat. Ring UPS and they'll even advise a ship for larger/slower items.
I'll also point out that one of the major freight airports in the UK is East Midlands airport. It doesn't have the room for an A380".
Economies of scale means that it makes sense to move large numbers of parcels in one go. The bigger the aircraft, the more you can send in one go. There are also other items such as gas turbines which makes sense to travel by air.
There are about 160 747 Freighters in operation, so it there is a market
East Midlands will happily support a Antonov-225 or a cargo 747, I know because i live down the road and often see them, so it will cater for a A-380 cargo version, but the bigger business are would be somewhere like the US or China, where infrastructure and distance from the sea makes air transport more attractive
"Because nothing - absolutely nothing - can beat ocean shipping for costs."
Cost is not the only factor. Often customers are willing to pay for speed of delivery, especially with JIT manufacturing.
Also not everywhere is next to a ocean port. If you want to move a large item to say the central United States, you can ship it by sea, but will still require road transport which adds cost.
I live next to a large air distribution center, which is busy and i often see 747 cargo aircraft and even large Russian built aircraft such as the impressive Antonov-225, so to suggest there is no market is rather short sighted
I'm surprised that there is not a A380 cargo version yet.
This was the saving of the 747 line and there is always demand for aircraft which can take large items or huge bulk loads
About 11 billion planets in this galaxy meet the first four of your conditions. Add in red dwarfs and we are up to 40 billion. I do not even have a figure for moons of gas giants with a reasonable chance of having had surface water for billions of years.
Multiply that by at least 100 billion galaxies in the observable universe and life becomes something we should expect (although possibly too far apart to stand a reasonable chance of contact).
We have a limited supply of planets for counting large moons, but if you look at trans-Neptunian objects, large moons are quite popular.
Sure there a lot of planets, but if you filter out those that are to larger/small, wrong location, do not have molton cores or the parent suns are to violent, that number comes down a lot.
Is a red dwarf a good candidate for complex life? Firstly the habitable zone would be a lot closer so the planets would be tidally locked, meaning an atmosphere is unlikely to survive. Also Dwarfs tend to be highly variable in output
Is a large gas giant moon suitable for complex life? They tend to suffer from bombardment of other bodies due to the pull of the main body and again get tidally locked.
I have no doubt that there is simple life somewhere else in our galaxy and complex life somewhere else in the universe. However the chances of complex life being around in our galaxy, at this point in time, never mind being detectable seems highly improbable
I thought the Drake Equation was more about "how to" estimate likelihood of life rather than actually generating 'accurate' estimates of likelihood.
True, its just informed speculation, but it can produce upper and lower limits of probability
On the one hand, yes the various probabilities may be quite small, on the other N is really really big. So nothing is clear because we don't have a good handle on many of the variables.
True, its only speculation., but the likelihood seems to go down as we learn more about lifes biology and our local cluster. Also I am talking about the likelihood of complex life being around within our time frame which increases the odds
> plus the likelihood of eukaryotic cells being created
This one in particular, we don't know if it's actually inevitable given time and the right conditions (or even if complex life has to take that particular path). If it turns out there's primitive life on Europa or Enceladus then odds are good it's elsewhere.
What we do know is that it appears to of happened once during the time life has been on Earth, which seems to indicate that it is very rare. of course there may be ways that complex life could occur without that event, but that is speculation.
I believe that simple life is common, but complex life that we can interact with? Seems very unlikely considering the odds
The more we study the universe, the more we find that our solar system is almost unique in the galaxy
1. Rocky planet in the habitable zone (i.e liquid water can exist)
2. Size and therefore gravity large enough to retain atmosphere
3. Relatively stable sun (Allows the development of complex life)
4. Large moon (So ensuring molten core and plate tectonics plus magnetic field protection against cosmic rays)
5. Larger outer gas giants that help ensure that large asteroids and comets are swept up before impacting us
If we factor these into the Drake equation (plus the likelihood of eukaryotic cells being created), it seems clear that the chances of complex life appearing twice in our galaxy at the same point in its history is incredible unlikely (That is not to say simple life could not occur or that complex life does not exist elsewhere in the universe)
It just reinforces how incredible rare and precious all life here is.
or as Carl Sagan put it
As I recall, Identity Theft was a thing BEFORE the Internet came along.
It is not so much a question of identity theft, but the a ability to prove your own identity.
It used to be under your own control with the various forms of physical documentation you held. In the virtual world however you are dependent on 3rd parties to maintain, control and secure your online identity. If this fails, then how do you then correct the issues?
If anyone seen the film Brazil, you will know what I mean
The problem is more than just smartphones, it is the fact that all that personal information is stored on the cloud somewhere making it in theory a) accessible to persons other than you and b) Impossible to verify
One of the consequences of this came home to roost recently when I was required to act as guarantor of my daughters rented house. To do this I needed a utility bill less than 3 months old.
5/10 years ago this would be easy , as virtually every week a bill would drop through the letter box. Today, it took 2 days of hunting for something that would meet the requirements, with virtually all the providers gone online.
The question then begs itself is when we will reach the point where the only way we have to identify ourselves and all our information is some bio-metric indicator tied to the cloud, and what happens when either (maliciously or accidentally) this goes wrong . Does it mean you will forever be shut out of your life, incapable of proving your identity to the world that will only believe what the computers say is true and has lost the ability to verify in any other manner?
and all could potentially be defeated with cellophane tape to lift a print, and some superglue and graphite to re-construct it (so it can be 'scanned')
I think you underestimate the ability and intelligence of your average burglar. Most will just put a brick through your window.
Nothing like a $700 dollar lock to advertise you have a lot of nickable stuff
Was it copyrighted? It also became an ANSI standard in 1986, and ISO/EC a year later...
Copyright law does not work like that. There is "sweat of the brow" clause, which basically says that things have automatic copyright protection just through the effort of being produced. The protection is automatic, but you have to defend it if impinged. Its just that Copyright law has never been applied to code API's because...well it would be self defeating and stupid...not that has stopped Oracle
Oracle produced there version in 1979. 7 years before the standard. However IBM understood the benefits of standards over propriety solutions , as did Sun, which is why it encouraged Googles uptake of the Java syntax
"Anyway the issue here is not the use of Java syntax - is the copying of the Java libraries and APIs..."
I'm not sure it is possible to separate the two in that way. The API's and syntax are basically the same side of the coin
On that basis when a small company called Oracle ripped off IBM's SQL syntax, IBM could of taken them to the cleaners and where would Mr Ellison be finding the pocket change to buy a new island.
It amazing how when small companies grow to be big companies they complain about the same thing which allowed them to grow in the 1st place
11000 lines. Sounds a lot doesn't it? What Andew conveniently forgets to mention that there over 15 million lines in Java. Now assuming the 11000 are actual API calls, it seems hard to define this was large scale copying.
Consistently through this case, it appear Andrew is fighting Oracles corner. I do miss the days of Groklaw when we actually find informed legal opinion rather than uninformed bias and hearsay
Industrial control networks are notoriously easy to compromise. because security has never been a top concern. Money, making money now, is the #1 concern, fuck what may happen in the future.
That's not totally true. The reason why security has not been the number one concern is 3 reasons. 1) Until recently PLC's were air-gapped and therefore the risks of remote exploit was seen as low 2) They used to run proprietary OS, meaning exploits were less likely to be found 3) The processors were low power meaning things like encryption services were difficult to run on them
However with the rise of IOT, PLCs move to linux or <shuffer> embedded windows the risks are increased and the power of low end processors mean that there is no excuse for low encryption services
However problems remain. 1st PLC systems last for 25-30 years. Unlike a PC you cannot just rip them out. Even upgrading them is a challenge since most PLC systems are custom tuned and a simple thing like changing a timing loop could cause an issue. Customer understanding of cyber security is lagging and based on the IT world. We often get cyber security tenders which talk about running anti-virus software on PLC's, which is just not possible. There are also challenges in terms of long term maintenance and spares replacement
Saying that things are getting better and there is a greater understanding of the threats on PLC networks and customers are taking things more seriously. If a customer requests it the industry will follow
"Hoping to encourage the development of more robust defences for SCADA-based systems is laudable and is as old as SCADA systems themselves. No one familiar with SCADA systems think they are in difficult to hack, particularly if only to create chaos, and those concerned about technical issues have always wanted better security."
SCADA tend to be based on windows, so the challenges are the same as for a standard PC and nothing special in terms of what is required. The weaknesses are the ones inherent in windows
"The basic problem is that no one in charge of the money really cares about security. If they did there would be no lowest bidders, no endless traffic of poorly trained and poorly paid, untrustworthy workers with access during and after construction. Sure, sometimes, there is a pretense of security but that's all that is ever required. Far more important is completion on time and under budget. Let the future deal with any results, that'll be a different time, different crew, different CIO, CEO, different board and most importantly a different budget."
That hasn't been my experience. Although to be fair, it has taken some education of customers to understand what and how cyber security applies within the industry
"BTW many of those " air-gapped" SCADA systems are not. IME most get connected so the contracting company, sometimes employees, can further reduce costs by not having to travel to site or by sub-contracting work to off site companies, companies that do not have to meet site security requirements. Sometimes that wifi adapter gets install by site personnel who would rather work from their comfy, and quiet, company vehicle which makes it much easier the next time wifi access is required, or so I've heard. ;)"
True, basically because adding security we are making their life more difficult. It is no different to the IT world where IT cyber security policy is worked around by people who just want to get the job done. Thats no excuse not to have the cyber security controls as part of the PLC, but we cannot control or be responsible if they are not used or worked around
"If society was really concerned about such security they would make companies, and those that profit from those companies pay far more for failure. When there can be no profits without security, no ability hide profits and cash behind deniability or claims of ignorance there will be security. Until then security is little more than an illusion waiting to be exposed. Not that it matters to those that profited, they are well insulated and may even ride back on white horses to fix the very problem they created, cost plus of course."
Not sure how that would work. Better would be to mandate that all PLC's meet a common security standard. Government contracts should start the ball rolling with this one (to be fair most defence contracts already do)
While interesting, it appears the exploit only benefit is the ability to extract data from a PLC network.
The question is therefore what data on a PLC is worth this level of effort to extract it?
For example there will be no credit card numbers, sensitive documents, or blackmail porn.
It seems the researchers have said PC's are hard, hey look PLC's have microprocessors lets try it here. However even in the cyber criminal world there is a cost benefit equation and this doesn't fly. If you are going to go to tne effort of compromising a air-gapped PLC system there are far better reasons such as industrial sabotage.
That is not to underestimate the risks to PLC and the distance the industry has to go to improve, but I will file this one under 'intresting, but not a applicable'
Basically a IFF for drones (err a DIFF). Most commercial drones can be locked down to stop flying near restricted airspace, so I can see no reason why the same rules would not apply if the IFF is not functioning.
Of course you can't legislate for hackers or own-build types. Also what about RC aircraft?
Also the CAA is the wrong organisation for this. They are used to dealing with 100's of registration, not thousands. Need a separate organisation totally funded by registration fees
I'll get the popcorn......
Well there were the BBC Dirk Gently TV series starring Stephen Mangan . Although loosely based, personally I think they are grossly under-rated and probably the best small/large screen representation of DNA's work
I have had two e-readers, a Sony which died after 3 weeks of frustrating usage and an original kindle.
My original purpose was to read technical PDF's on something other than a laptop screen. However you quickly find the limitations. Not only do diagrams rarely render well, but they are poorly designed for random access.
My other reason was the whisper net which I reasoned I could use instead of a (then) expensive phone on camping trips for weather forecasts. However the experience was much akin to the WAP experience and the experiment quickly faded. It did however introduce me to the idea and benefits of the always connected experience.
Still when i go on holiday, I dump 10 Sci Fi novels on it and work my way through them. For that it is great
On the other hand I am still looking for a way to read my vast collection of PDF's. Tablets are power hungry, and illuminated screens are not the most restful. PC screens are the wrong form factor. I'm still waiting for a A4 e-reader with high resolution for a reasonable price. It has been promised many times, but somehow never achieved.
There is a lot of guff talked about with the Swordfish. Yes it had some early successes, but they were only in situations where there was little or no air cover. In situations where they came up against ships covered by an air force, they were pretty well decimated as seen by the Channel dash in 1942.
Those early successes and the fact that Germany had no maritime aviation of their own hid the major deficiencies we came apparent later. The truth was the Fleet Arm was poorly equipped with poor aircraft, until basically the end of the war when they started buying US kit like the Corsair.
This is often the way with British forces, who like to pretend that any equipment deficiencies and shortages can be made up with enough supposedly superior training and 'British' grit, when in fact that will only get you so far, and eventually will find you out.
Have you tried contacting and working with STEM (Learning) or, to a lesser extent, Engineering UK? Both have a lot of involvement and experience in getting schools and businesses together in STEM subjects.
Yes. Quite a lot actually. I am a STEM ambassador and spend a lot of time trying to get schools involved in running Barefoot sessions.
Which is why i know the issues. My company is very good about it, but at the end of the day, my time volunteering hits their bottom line. Unless your company is socially motivated, you will noy get a lot of support
Schools can range from "yes please help us" to "Why are you telling us how to do our job". Sometimes in the same school.
Volunteering is nice, but what actually needed is coordination of both industry and education level and encouragement to provide and make use of resources
Well you need something to keep yourself occupied as the Manchester to Sheffield train crawls through the hills.
There is one sure way to get improved services. Pretend you are a suburb of London
"OBR figures - they have a 100% record, of being wrong."
True. They tend to be too optimistic
I do a lot of STEM work and I am quite passionate about improving STEM education in school, especially in CS.
So increasing the number of CS teachers sounds great, but there are caveats. Firstly where are they to come from. Not from industry, who are struggling to recruit themselves and why would a CS grad want to to take a job with long hours, bureaucratic pressure and poor pay. The desire to make a difference to the next generation only goes so far.
The truth is announcing 8000 new teachers seems akin to the Soviet Union announcing tractor production targets
Then there are the schools themselves. STEM subjects are expensive to teach. They need extra resources that have to be bought out of schools stretched budgets. Therefore while many schools pay lip service to teaching STEM, most do the bare minimum. It does not matter how many STEM teachers there are, if the resources are not there to teach them effectively. While some schools have the resources to do an effective job, this is uneven and most rural or inner city schools just won't be able to do it
So here are my solutions.
Stop mucking about with ideological led programs such as free schools and the return of grammar schools and put the resources into existing schools instead.
Provide extra funds for basic STEM resources. including improve STEM teacher pay and reduce paperwork. This will increase retention
Encourage and incentivize business to form partnership with schools. I know many of my colleagues who would be happy to do joint programs with schools, but barriers at both the buisness and school level make this very hard
Make sure you have a long term strategy in place and keep to it. The Micro:Bit debacle shows what happens if you don't do that
Finally and most importantly, stop some of your government ministers undermining scientists from undermining science and scientists by playing to the post-factual crowd. It erodes the public's respect of science and make it harder to encourage kids to take it up as a subject
If you have a compromised Kernel, it needs to die, the moment you allow potentially suspicious code to run at the kernel level it is already game over.
If you look at most security specifications, for example IEC62243, the statement is that security of the system overrides everything, EXCEPT when security affects or overrides the safety of the system.
So there are some situations when killing the kernel is a no no. for example if the linux kernel was controlling a turbine.
In fact by allowing detection of malicious code to kill the kernel you are introducing another security flaw where someone could potentially bring down your system just by attempting to inject code into the kernel, even if y=the code did nothing
Now it is possible to just say fix all the buggy software and then you'll never need to validate arguments but I've never heard a competent programmer advocate that.
Ever heard of design by contract?
The questions is why?
You have the following choices.
Run something like a cheap Chromebook running efficiently on native ARM,
a wintel machine running native x86 apps relatively efficiently
or a arm box running windows native on a x86 emulator slowly
The last one seems to be the worst of both worlds
When Munich decided to go Linux only it seemed a big deal and the day of the Linux desktop had arrived...
The irony is that it was about the same time that the old fashioned traditional desktop became less important as the world moved to 1st mobile and then clod based systems.
If you look at these you will find Linux at the heart of them, while Microsoft, still king of the desktop , has slowly become less relevant in the real world.
To be honest, Munich moving its desktop is as important as choosing my next film camera. the world has moved on, Linux has won and the world no longer cares
Please, Please do not take it on camping trips.
The rest of us go camping to get away from the hi-tech world for a little while and the last thing we want is some oik playing music videos outside the tent at some ungodly hour.
They weren't relatives of the Foreign Secretary were they ?
That sir is a scurrilous slur on the Simians bloodline
Looks like The Anointed One is going down. Not before time.
Look I agree Elon can and does act like an asshole sometimes, but so was Steve Jobs, and like him he generally achieves what he sets out to do.
In every industry he has been involved in, he has been a disruptor to the status quo, but in a good way. He setup his own rocket company and showed NASA and the cozy relationship big industry players taht you could launch satellites cheaper. He forced big car companies to take electric vehicles seriously by exploring the givens and pushing the technology limits. You could also argue that without him electronic commerce would still be stuck in the dark ages and transferring money would take days, not seconds.
So all in all wishing for his demise, is a bit short sighted
I know we said we wanted an 'agile' aircraft, but in this case we did actually expect some documents too
1. It is only a local attack. i.e. someone has to within range of your wifi. This is is a lot more effort than a remote attack
2. A lot of your devices may already of been updated
3. Routers are only affected if they are being used to bridge to other routers
4. The attack is a proof of concept, and in the wild is harder to pull off
5. If you send your traffic via VPN or HTTPS, it greatly reduces your risk
6. Considering the effort required, do you really think your traffic is worth the cost and trouble? If yes then it is likely this attack is the least of your problems
To summarise. Keep calm and carry on
One point missed (and it is rather important) is that routers are only really affected if they operate in bridge mode, which is relatively rare.
So if you have a windows PC running a reasonable modern OS (7 or higher ), installed the latest patches and your home router is not in bridge mode, you are probably pretty safe
Biting the hand that feeds IT © 1998–2018