Re: Um
Yes, like your data...
5659 publicly visible posts • joined 15 Mar 2007
In the USA Dell sell the "XPS Developer Edition" that comes with Ubuntu installed and a previous commentard said Linus uses one, so I guess they do check their chips & drivers all play nicely. In the UK they don't sell this specific version.
However Dell UK do offer various models with Ubuntu pre-installed from a cheap Inspiron to the XPS range.
HP 2xx is the entry level stuff with very plastic-y feel
Is very true, but then I was looking for an almost disposable laptop for friends who kept trashing their own both logically (viruses, etc) and physically ("Oh, the screen is broken after I stood on it. Last two times I stood on it the screen was OK"). So a low cost model and Linux was one route. The other being a Chromebook but then you are ALWAYS slurped by Google.
Indeed, either look for something liker one of the Linux friendly lot like Entroware, System76, Purism, etc, or others like Dell that dabble a bit. Or even a cheap HP and wipe the supplied OS.
Edited to add - search for "HP 255 G6 Laptop 3KX70ES" comes with FreeDOS and can be had for £210 (not very fancy hardware spec through).
This is all about convincing the firmware in the disk itself that you are an authorized user to see the decrypted content of the data on the drive.
Basically this. In fact it is another example of a system storing the "password" in plain text. Really the SSD sector encryption key should never be stored in non-volatile memory, hence it should not be possible to simply bypass it by a firmware change. It should be generated on demand from the stored part and the user-supplied pass phrase.
If you need to change your pass-phrase then you decrypt using the old one, check its OK (e.g. CRC as part of the stored 'key') and then re-encrypt using the new pass phrase.
That is the usual argument for most data-at-rest encryption where you have a fixed random encryption value and your password simply protects that so a change of key is simple and fast as you don't have to decrypt and re-encrypt all of the data using the past and new keys.
But who would have assumed the same of a disk? I always assumed that your PC (e.g. BitLocker mentioned) would present some high entropy key to the disk and if you changed password that key would be unchanged, as would a software implementation of disk encryption. After all you don't really expect to have the SATA bus, etc, snooped upon during operations. If you do its kind of game over anyway...
Its a real-world (or real-space) test doing what it is supposed to do, in the sort of sequence it is supposed to follow.
You would not drive a new design of car around the bock a couple of and then declare it fit to compete in a rally, would you?
To some degree the main difference is a "larger" organisation will typically have some or all IT support in-house and as a result typically will have policies for networking, patching, backups, etc, that are planned around good practice.
I say "typically" as we regularly see the big boys being shafted and often due to lax practices...
But the SME lot usually have no real IT support internally, maybe some bod whose job it is to arrange support/purchase, etc. And as already pointed out, you get many differing categories of user and business with the vast majority being based around folk with no real computing expertise. And no, being able to use an excel macro is not computer expertise! Hence solutions of using differing software, OS, network segmentation, etc, that would be argued about by the legions of commentards means absolutely nothing to them.
Most of what is needed to get SME in to a safer area therefore requires such expertise and that means paying folk to help set up stuff, train staff, deal with incidents, etc. Sadly that is seen as a pointless expense by many until they get shafted.
What am I missing?
That post-Brexit we will be in a different legal position. Not just the loss of the "national security" get-out on slurping, but also that we might change our laws or interpretations as part of the Henry VIII bill being pushed through, and that we[*] have already stated we won't be bound by the European Court of Justice decisions.
So those on the other side will need to assess what we are actually doing when the laws have settled.
You did not think that simple logic and common sense would prevail? It hasn’t so far...
* = The government. Not necessary an indication of the people's views
The thing about the em-drive is that the photons/EM waves are internal, so if (and its a big 'if') it works then it is defying the normal requirement for momentum transfer outside of the spacecraft, etc.
But you can use a light/heat source or radio to act as a (very weak) drive since the emission of radiation has a momentum transfer effect as it propagates away.
Edited to add: Seems the commentards further down the page have already answered as such!
Many moons ago I was in a Stormfront store in the UK looking at the Apple macbook pro and I almost bought one, But shortly after they had a new model and it lacked the things I needed: RJ45 networking, USB-2 peripherals, built-in DVD drive, etc.
So I decided to buy a mid range Linux laptop From Entroware instead. Yes, it lacks some key features I might like, but it is mine. it does what I tell it to. And it cost a lot less, the remaining money which I spent on loose meals and nice women.
No, it is never that simple and re-entry predictions are still not accurate for various reason (early on the difference in drag from differing atomic species along with the variation in solar atmospheric heating as sun spot activity, etc, changes, in the final orbit or two due to tumbling satellite orientation and bits coming off changing the drag characteristics).
But if you increase the area/mass ratio it falls in faster under all condition, so in a sense it is easy to see how to make it decay quicker.
Page 56 of this PDF has an approximate answer to the expected lifetime question:
https://www.ofcom.org.uk/__data/assets/pdf_file/0025/107557/Satellite-regulation-teach-in-event.pdf
Precise answer depends on the mass/area ratio (i.e. drag coefficient of sorts) along with the Sun's activity in driving the upper atmosphere.
The problem with brake and steer is you only get up to 1g acceleration in any direction, so by changing direction (i.e. sideways acceleration) you have to give up some along-track acceleration (i.e. braking).
In almost every case you really want to lose that forward momentum as that is what causes the damage ultimately, hence the priority to brake. Of course there are some situations where a swerve could avoid a collision with a small object (human, animal) that appears suddenly and within the minimum braking distance, hence this discussion of what to do if the consequences of such a swerve would be another collision (e.g. mounting the pavement, hitting another "class" of small objects, or hitting a vehicle coming the other way).
To some extent I agree with various commentards who say the AI should always stick to the road and no doubt would not get bought if it did not preserve its passengers. So basically the swerve-to-avoid should only be done if it is moving to another lane of the road that will not apparently cause a collision, otherwise those who walked out without attention have to face the best-case braking (which for an automated car is likely to be better than a human in terms of reaction times and willingness to reach anti-lock operation).
Ultimately this sort of morality debate is not what I worry about, it is the reliability of AI to actually drive correctly in the first place!
There is more to the internet than web browsers, but here we seem to be seeing a split where the web browser will get https for DNS (adding even more code bloat) and quite probably see a different world to anything else (such as VPN client, SSH, BitTorrent clients, etc) that rely on conventional DNS for name resolution. Bad.
But equally why has the DNS world not addressed this privacy problem?
To be fair here I have of agree with the "threads are evil" thing. Trying to debug code that lacks repeatability due to some thread interaction that is not deterministic (due to variable run-time timing, or due to an asynchronous event) is definitely the Devil's work. Yes, there are synchronisation primitives to (hopefully) work around it, but then you get in to the OS war zone.
Stick to multiple single-thread processes where possible...at least such a process can be expected to behave the same for the same inputs, and if not that alone is a bug.
I think many (but not all) of the commentards are happy with the ideal of a CoC to stop abusive behaviour. The issue really comes down to what is "abusive" and what is simply getting stuff done in the face of those with an over-inflated opinion of their own status.
In the case of Linus has has not, to my knowledge, ever attacked someone using racially, sexually or personally derogatory means. What he often does is point out in rather uncompromising terms when people have done something wrong and refused to acknowledge or correct the issue.
Actually you forget the zeroth rule - don't connect stuff in the first place.
If this is a network stack fault it could be exploitable before any IP style firewall/filter. Its more of a wakeup call, for those sleeping for a 100 years after eating the poison apple, that if you have connectivity you need an active patching/update system and some focus on security to make it happen without users having to do anything, As another commentard pointed out, that alone is also a risk.
+1 for the VM suggestion. That is what I do: Linux host and a few VMs for w2k, XP and win7 for all Windows-only software. Added advantages are you can choose how many CPU cores a VM gets, how much host memory, etc. Also many of the nastiest malware will notice you are running on a VM and refuse to act in case you are a security researcher.
What it won't work well for is games, but increasingly they are available on Steam for Linux or folk simply buy an Xbox or similar for the single task of gaming. Also you should be looking at at least 8GB of host memory for a good experience (keep at least 2GB for host, rest can be given to VMs). But hey, that is what web browsers seem to need these days anyway...
That book on liquid rocket fuel is a fantastic read, even for people with very little grasp of chemistry. It conveys the paranoia of the time (and thus lack of concern for the toxic nature of some candidates) along with a great insight to the complex issues around rocket fuel choice.
And yes, several people have been killed due to monopropelent failures during development and deployment. Such as the unfortunate sailors on the Kursk.
Trying to get others (like the ISPs) involved will not end well.
Simpler it to make the manufacturer and/or importer liable for GDPR-like fines for insecurity for the expected life of the product, which should be something like at least 5 years after last sold. With no exceptions.
Security costs and marketer-driven additions are all more liabilities to the end user, make sure those implementing IoT are held responsible for that.
Realistically if security and privacy matters then you must keep stuff on-premises.
Of course if all you are looking for is cloud backup (not live data or VMs) then you could encrypt the data before it leaves your network, but I would not trust any cloud provider's own mechanism given the various oppressive "national security" laws in most countries that could be used to force them to add a backdoor. Which they are then legally obliged to lie about its non-existence.
Very much so, but it is much the same in many UK businesses where a good engineer gets promoted to being a poor manager in order to get a pay rise.
The army, etc, should keep its general rank structure based on experience and progression but have some pay "bonus" for having cyber qualifications / job role / etc to bring the salary in to alignment with the job market.
At one point I was thinking about buying a Macbook Pro because they looked like welll engineered devices in spite of the hefty price tag. But then they dropped useful stuff for "pro" use like DVD drive, USB-2, RJ-45 network sockets, etc.
Now they seem to be complete arsholes when it comes to repair or upgrading the device and I have been spending my money with the like of Entroware instead.