Posts by Justin S.

Re: Missing piece...

But it has exposed USB ports. Seriously?

Even air-gapped systems need software updates, as well as data-in/data-out. Different amounts and types of security are used for different systems/classification levels/etc.

This is just another chink in the proverbial armor: those who thought they were sufficiently secure will again (as though they ever [or should have] stopped) reconsider their arrangements and make the necessary adjustments. Or they won't, in which case there's another opportunity for ex-filtration.

Also, it should be noted that while a system may be secure against this particular attack-- perhaps because they have disabled or epoxied closed their USB ports-- another researcher or villain may use it as a starting point for another attack vector, or adapt it to work with other USB devices (keyboards, perhaps).

Security is not a static thing: the white and black hats both work to reveal the weaknesses of existing (and sometimes future) systems, spurring changes in the relevant industries.

"I squat"

That puts your mouth at the proper level...

Re: Bar none

Many commercial truck (lorry) trailers in the USA are now fitted with "trailer skirts," which improve the aerodynamics of the trailer, and thus improve the fuel economy of the truck. Had the trailer been fitted with skirts, the car's LIDAR would probably have seen them and prevented the collision.

https://en.wikipedia.org/wiki/Trailer_skirt

But I agree with the OP: paying attention to the drive would have done the trick.

Lies, damned lies, and statistics

@Ivan 4

As we have all seen that extradition is only one way - country X to the US NEVER US to country X, for some very strange reason.

According to a FOIA request to the Home Office in 2012, seven people were extradited from the US to the UK (and thirty-three from the UK to the US) from 2004 through 2011.

https://www.whatdotheyknow.com/request/details_of_numbers_of_us_citizen

As for the reason for the imbalance between countries, you may reach whatever conclusion you wish, but I will not presume to know without details of the specific circumstances around each extradition and, importantly, any rejected requests.

Re: Goddam

An admirable summation, thames.

SCOG is the gift, above all others, that just keeps giving-- it's kind of like herpes, in that respect.

Re: Sounds Expensive

I think that's rather unfair on an otherwise good investigative technique. Got any evidence that such abuse has ever happened?

Proving such abuse would be exceptionally difficult, as it would almost certainly require the handler to confess to the abuse; it might be possible to capture such abuse on video, but the cues used might be sufficiently subtle that it would require an examination of multiple true and false alerts to sort out.

However, a study by University of California at Davis showed that dogs do take cues from their handlers-- intentionally or otherwise-- with a recommendation that the study be replicated and expanded to determine what cues were causing the false alerts.

http://www.ucdmc.ucdavis.edu/welcome/features/2010-2011/02/20110223_drug_dogs.html

Re: Seems legit

Joe, while I get where you're coming from, I fear you have a poor grasp of the ratios of income tax versus earned income for America's citizens.

In 2012, the top 1% of earners (people who reported earning more than $434k) paid a tad more than 26.7% of all "individual" (i.e. not corporate) taxes.

In the same year, the top 10% of earners (people who reported earning more than $125k, and including the top 1%) paid 70.2% of all individual taxes.

The bottom 50% of all individual tax returns paid 2.8% of the income taxes collected that year.

http://taxfoundation.org/article/summary-latest-federal-income-tax-data-0

Where to define the break between the "common taxpayers" and the, what, "uncommon taxpayers?" is open for debate. As the data in the link has certain defined breaks, let's use the bottom 75%, which includes anyone who earned less than $73k. The bottom 75% of all personal tax returns filed in 2012 paid 13.6% of the individual income tax collected.

Based on the percentages paid, I would argue that the "uncommon taxpayers," which include the "rich people" you referred to, are overwhelmingly responsible for "prop[ping] up their [own] ventures". Ventures which employ thousands of people directly, and which facilitate the employ of tens or hundreds of thousands indirectly.

I should also point out that the income tax numbers above and in the link are only about half of the taxes collected by the feds for that year. I don't have a link handy for 2012, but 2011's individual income tax income was similar, and was supplemented by about as much from payroll taxes, corporate taxes, and various "other" tax streams, like customs duties and excise taxes.

http://www.npr.org/sections/money/2012/04/13/150441259/what-america-pays-in-taxes

Re: "An artist's rendition of..." @ Michael Hoffmann

It's on the Texas A&M News and Events page, in the right column, under "Blue Light Special."

http://www.science.tamu.edu/articles/1129

Re: dedupe

@Gordan That's one way. The other possibility-- perhaps mentioned in someone else's comment; quite a lot of chaff has been posted with the wheat-- is that deduplication is enabled but effectively applied on a per-user basis.

That is, if we accept that user data is being encrypted with the user's master key, and that only that single instance of the encrypted data is being stored by Mega (e.g. a second copy, encrypted with a Mega-owned key, is not also being stored), then the only *likely* instances of duplication the system will see will come from the user him/herself, either in the form of entire duplicate files or identical data chunks within those files (assuming the data chunks are encrypted independently of each other).

Data savings might be large enough to justify this, if we consider that there is a possibility for users to maintain multiple copies of the same music file (for example), either as identical tracks from different albums or as part of playlists. Yes, I know it is much more efficient to maintain playlists as text files pointing to member tracks, but it's often more convenient to copy the playlist tracks to their own directory. Of course, metadata for the tracks will probably be different-- different album names, publish dates, etc-- so deduplication is only likely if independent encryption of data chunks is performed.

Re: Let us centralise all our support into just 2 locations...

> "Except that HP don't have just two production sites. They have dozens which will mostly NOT have local support."

"Production site," in this case, doesn't mean "manufacturing." In the IT world, a "production site" (or "production system") is the one in operation at the time. "DR" is the "disaster recovery" site, which maintains backup copies of all data and services, to be brought online should something happen to the production site.

As for support, it depends how they choose to manage that. Typically, data centers do not house first-tier support. With international companies, it is typically best for tier one to remain near the end-users, so they speak the same language and are familiar with the local processes, and have higher (more advanced) tiers more centrally located; end-users rarely interact with data center personnel.

Re: if by gas you mean petrol...

'Gas' is used as the abbreviated form of "gasoline," formerly "gasolene." Not unlike how "petrol" is an abbreviated derivation of "petroleum." And, while not all "gas" is "gasoline," neither is all "petroleum" "petrol."

Re: In Las Vegas...

Yes, but of course 'what happens in Vegas, stays in Vegas.'

Re: contradiction in terms

Plant no. 1 had diesel backup, but that generator (or generators) was wash away by the tsunami. Given that plant no. 2 is "only" seven miles away, it is possible they planned to use plant no. 1's backup generator(s), or that the plant had its own which was likewise damaged or destroyed.

Re: A tonne of water a year?

The output from the Sabatier Reactor is in addition to existing water reclamation systems, particularly the "Urine Processor Assembly" as noted in the article. It's about stretching the existing resources as far as possible to reduce the amount of replacement materials that need to be shipped up.

Re: Hopelessly addicted to/using too much gas

"Somebody correct me please if I'm wrong, but isn't it more efficient on the whole to burn gas for heat at the point of consumption than it is to generate electricity from that gas and then convert the electricity to heat?"

It is, but that's not the way a Solid Oxide Fuel Cell, like Bloom's "Box," works (or at least not intended to be used).

SOFCs operate at extremely high temperatures, generally in the range of 500-1000 degrees C. This allows them to oxidize fuel without using an expensive catalyst, like the platinum typically used in low-temperature fuel cells. No expensive catalyst means, in theory, that the unit is less expensive to build.

Because the unit operates at such a high temperature, there's a great deal of waste heat. This waste heat can be harnessed to drive building air conditioning (heating and cooling; more on that below) and boiler systems *in addition to* the electricity generated. By reclaiming this waste heat, the total efficiency of the unit is increased. Various numbers get bandied about, mostly because different solutions are capable of differing peak/maximum efficiencies. Bloom reports greater than 50% electrical efficiency, but reclaiming heat can push overall efficiency numbers into the 70+% range.

As for cooling using waste heat, there's a very old technology called "adsorption" cooling, which uses heat to drive a chilling system. It is not very efficiency compared to electrically driven compression-based air conditioners, but when you already have an over-supply of heat that would otherwise go to waste, it makes sense to use it. Whether there's enough waste heat from Bloom's (or any other) SOFC to drive an adsorption chiller, I do not know.

CHP - Combined Heating and Power

CCP - Combined Cooling and Power

CCHP - Combined Cooling, Heating, and Power

Re: Why aren't the authors going direct

Some authors are, but it's a tough business to break into, so (successful) direct publishing is mostly for established authors with an established fan-base. Most book deals with publishers give exclusive publishing rights for books to the publishing house, precluding authors from republishing their works online.

Also keep in mind that writing a book is, generally, a very, very time consuming process. Few authors manage more than two or three books in a year-- and many only manage one book every year or two. The advanced payment from publishers to authors for their books helps finance authors to write more, rather than try to maintain a 'day job' to keep the bills paid. Self-publishing would conceivably bring more income to the author, but at the expense of that up-front payment.

I would also point out that it is not uncommon for an author's up-front payment to exceed the profits for a particular book, especially in the near-term; the publisher might turn a profit years down the road, but at least the author received a "good" sum of money up front. This last shouldn't be turned into a 'well crap books/authors should only get what their books are worth / shouldn't be subsidized by the successful books/authors' statement. While I agree with the sentiment, the fact is not all books (or movies [Soylent Green] or television shows [Firefly]) that do poorly at release remain poor earners; it sometimes takes time for society to warm up to them.