What version of iTunes doesn't run on a personal computer?
68 posts • joined 12 May 2010
No choice, really
It might be hard to transfer a domain to an entity that won't participate in the transfer. If he contacted RCL and asked them to do their part to take control of the domains (which would be easy to prove), then he should be in the clear. He simply released the asset after being warned it might be a liability.
This is why Boards get Directors and Officers insurance: if your name is there (or on an asset), you can be individually liable on behalf of the organization. If he were no longer shielded by the company, he really had to get his name off the list.
Bah. I want to be able to recommend a smartphone to people who just want, you know, a smartphone. That will work until it doesn't or they replace it.
I really thought that Google (brand) phones were a good answer. Seems they are not.
In this context, my iPhone is a better investment than I realized.
Re: Am I the only one?
Gift codes are indeed easier to trace than cash / cryptocash. They are also easy to sell on to unsuspecting people before the codes are traced and cancelled.
Before I buy a gift card second-hand, I verify the balance, then spend it all immediately after I pay for it.
Exactly this. If someone could click on email and run software that alters legal evidence, that same person already had the ability to alter that legal evidence.
Malware wasn't the real problem here.
Re: "More secure than PC? Ha!"
Ah, I remember when PC stood for Personal Computer. (What does it stand for now?)
I'm unconvinced that Macs transcend personal computing.
But yeah, seems like standard userland malware.
Ahaha. I remember the Bigfoots. Cheap and cheerful.
Nothing can replace my old full height ST423451W. I keep it around to scare kids and win arguments.
I've had a few experiences getting Seagate to RMA a drive that failed in hardware RAID but passed their SeaTools diagnostics. This new drive would have to be pretty cheap for me to consider it.
Re: Recurrent theme?
From the report, the aircraft was intact and fully operational until the autopilot balled it up. The autopilot responded to a normal situation — high on approach — by commanding control surfaces to deflect beyond that which was structurally safe for the airframe. (Va or such)
Yeah, I'd blame the autopilot as the proximal cause of this accident. Root cause would be something like "we put our best Python programmers on this project but forgot to include an aircraft engineer," but that's outside the scope of the FAA investigation.
"you are using an app, paying with a credit card and giving your GPS to the driver to find you... when and on what planet did anyone think that information was going to treated well and respected?"
When you put it like that, it's pretty dire. I do think though, that when I install an app, it shouldn't report my location unless and until it needs to locate me. When I use a credit card, I expect it to be processed through a normal credit card processor and that information like my CVV won't be stored with the merchant. Of course I want the driver to know where to pick me up, but that's a very limited audience (2 people) and I don't expect unknown others to be able to not only listen to that "conversation" but also to then track me across multiple transactions that involve different people.
Uber and Lyft have really opened opportunities for some friends who cannot drive. I don't rail against the services. I do, however, wonder if they're really doing all they should do to protect their customers (and by "should" I mean acting as they claim to and as they are required by law).
Is this all about moving customers to a subscription (rental) model and off of perpetual licenses?
Quaker Oats became popular because they offered a consistent product in reliable measures. In other words, customers learned to trust their product quality.
This is important in computing too. Providers model expected demand and then build to it (with varying overcapacity). Customers buy a service as if it were guaranteed. If the provider fails to reliably meet expectations, they lose the trust of customers.
"Predictable quality of service" is a big deal. I'm interested to see how this works.
Re: How about community service instead
"Hey, remember that idiot who popped kernel.org a few years ago and put a trojan into Linux systems?" "Yeah, what of him?" "He's working for the city now, in lieu of prison." "Oh, that's nice. What's he doing?" "Installing Linux on thousands of computers that don't belong to him."
No backups, no testing, ad-supported childcare service, and their domain is in Somalia.
I wonder if Orbit was trying for Sketchy Outfit Of The Year.
Re: This is why Windows is no longer viable.
Businesses operate with imperfect tools in imperfect situations every day. The point is to find "good enough" and make money at it.
I think you raise some good points, but your dire predictions are not yet supported by either reality or common sense. If you propose viable and attractive alternatives to Windows, your opinions would have greater value.
Meanwhile, I can't recommend that businesses who rely on Quickbooks or Exchange/Outlook stop using Windows. I can't recommend that photographers change to Linux and leave Lightroom and Photoshop and all those plugins.
Re: Missing option in survey @alain williams
"How does the screen narration work in your superior OS?"
I know a few blind people. They all use iPhones because VoiceOver is wonderful. Personal computers are usually Macs, work computers are sometimes Windows. (Macs are actually cheaper than Windows after you add the cost of JAWS or Window-Eyes.)
Apple has been integrating accessibility into their products for years. They are very good at it.
Re: What's the fucking point?
I don't know particulars of BT, but you hit some good points there.
"Millions, if not indeed billions, are spent on (advertising) network resilience yet still server centres and other installations fall over, go "off grid", suffer "outages" or "unplanned downtime"." Indeed. Advertising brings in revenue. Infrastructure is just an expense. It's not uncommon to increase spending on the services (like advertising) while cutting expenses on the infrastructure that supports those revenue services. Years ago at a small chain retailer, the manager explained to me that because we were all paid on commission, "we polish the displays but nobody fixes the roof."
"Is it simply impossible to prevent these occurrences?" Not impossible, but it requires awareness and also decision-makers must be rewarded for solid planning over short-term results. "Is all the advertising about resilience etc complete dishonest bollocks?" Not exactly. I've seen very resilient designs get crippled by small decisions like using the redundant link to handle load spikes instead of renting a metered link. As so often in this world, people prefer data that supports their message and may not even be aware of how the facts have changed.
"And what about all these certificates they display so proudly on their websites? Are these all lies as well?" Yeah, sometimes. :) The certificates have very specific definitions. "Certified Malware Free" is much easier than "Scanned Every Hour According To OpSec 15(a) Which Is Has Been Due For Review For Two Years And Meanwhile We Changed Vendors And Our Tech Lead Left To Join A Startup So Nobody Really Understands It Any More But It Seems To Work Fine And We Are In Compliance With Our Accreditation." Again, not unique to IT. We probably all know someone who bought a very expensive car and then "saved money" by deferring maintenance. Or bought insurance but neglected to raise the limit after some major purchase.
Okay, you nailed the big ones. I just spent too much time in Operations!
Big John wrote: "the author implies that acceptance of gay marriage is a prerequisite for acceptance of gays period. They are different issues"
Sometimes big words can be confusing, so I'll break this down. "Gay" - this part is about gay people. "Marriage" - this is about marriage, which is a legal and social (and possibly political) contract between two people. A contract must be accepted to be valid. Thus, "gay marriage" is about accepting that a marriage contract between two gay people is valid.
Big John wrote: "It is possible to accept gays, and still consider the ancient institution of Marriage to be intended for the raising of children and not just a societal label that all have rights to."
Gay people can and do raise children, so that's clearly not quite the issue. Create new children, that makes sense. I defer to John's obviously greater understanding about the ancient origins of marriage. In recent centuries, though, marriage is about much more than pure reproduction. For example, it's deeply tied to property and inheritance law. Although failure to consummate and failure to conceive have been used in English law to annul marriages, I'm not aware of recent cases where a marriage license was refused or revoked because a couple was unable or unwilling to bear biological children together. (Again, it could result in a divorce, but by its nature a divorce recognizes the validity of the original marriage contract, and an annulment is a retroactive challenge to the previously recognized validity of a marriage contract.) (Note that religious entities might refuse to perform a marriage ceremony for any number of reasons, including failure to promise children.)
I haven't yet found Big John's sources, but here are two that I used:
"Or is this some New Millenia term?"
glames looks like a typo. Millenia looks like someone thought that Millennia is singular, and then forgot how to spell.
Unfortunately, while the article has a link to quietly submit corrections without being snarky, comments do not.
And yes, firefighters get my deepest respect. I used to know a retired smokejumper. Her stories were larger than anything I'm likely to see in this life.
Re: What about gear shift recall?
Indeed. I trust that Fiat Chrysler Automobiles knows their problems better than we consumers do — and I'm sure they remember the debacle from their remote-control Jeeps. They certainly spend a lot of money managing product quality. It's easy for us to see that electronic security is important, but they are prioritizing vastly larger and more expensive problems that we didn't hear about yet.
Sky is not falling
When I read the article, I got the mistaken impression that the major Linux distros are dropping support for all 32-bit architectures including ARM.
It was quite a relief to read the referenced post and learn that it's only Ubuntu dropping the i386 architecture.
Ubuntu desktop seems largely to target Windows converts, so I suspect this is really not a big deal.
The headline certainly caught my attention, though. And that's the purpose of a headline, right?
P.S. Of course there's RPi and CentOS and Gentoo and the BSDs, but those don't have qute the same...culture...as Ubuntu.
Re: it's a backdoor, not a bug
Little Mouse wrote: "Someone else has installed a backdoor on Lenovo PC's? I think that's called Getting A Taste Of Your Own Medicine."
I have a poor memory. Remind me why I deserve a backdoor on this ThinkPad.
BebopWeBop wrote "Passenger photographs???????"
"We may share your information:
With Drivers to enable them to provide the Services you request. For example, we share your name, photo (if you provide one), "
Safety or profits?
As I understand it, an effective advertisement captures the viewer's attention long enough and strongly enough to change purchasing decisions.
Pushing these ads to drivers sounds like a genius way to cause road accidents.
Read the complaints, not just TeamViewer's pressie
TeamViewer is trying to focus our attention on the idea that passwords shouldn't be re-used, and let the reports of attacks with 2FA die in a corner. Before following TeamViewer's advice to blame users, read the actual user reports. Reddit has quite a few.
For example: https://www.reddit.com/r/homelab/comments/4m5gn7/psa_teamviewer_compromised_by_possible/?ref=search_posts
Yay for alternatives
Great article. Microsoft has a bit of cheek.
Fortunately, as noted, there are plenty of other tools to convert. On Unixy servers, I like qemu-img
qemu-img convert WindowsX.vhdx -O WindowsX.qcow2
Re: A holdout explains
"you could probably sign as M.Mouse with a crayon gripped between your toes and a picture of your arse on your ID, and the average cashier would accept it without a second glance."
Certainly. This is why I mentioned "Sure, someone can steal the card and make some charges, but unless they also thought to obtain my signature, it shouldn't be too hard to show that the purchase was not made by me." This is distinct from a PIN, which is easy to record and reproduce.
I am willing to accept higher risk of fraud, as long as that comes with lower risk that I'll actually have to pay for it.
I'm still curious what I'm missing. Or was your point that if someone signs as M. Mouse, that my credit card issuer will use that as proof that I was the purchaser?
A holdout explains
I haven't yet been convinced that PIN is better for me than a signature (and yes, my cards are now Chip + Signature).
How difficult is it to obtain someone's PIN? With debit cards, a mirror or tiny camera or keypad overlay or just a nice viewing angle are enough.
My credit cards are signed "See ID" on the back. Sure, someone can steal the card and make some charges, but unless they also thought to obtain my signature, it shouldn't be too hard to show that the purchase was not made by me. And that assumes the clerk didn't ask for ID.
Given the choice between "less fraud, but I assume the risk" and "greater fraud but I am less liable" I prefer the lower liability.
What am I missing?
As noted above, the nasty part of this image tagging is that it does not require participation or consent of the people who are tagged. Nor is there a mechanism to notify those people.
Thus, you can be at a party and people take photos. Some of them post to Facebook and tag you (put a name to your face) in it. Facebook has time, location, social context, and your face.
Facebook also uses facial recognition software to identify people in photos.
 If you create a Facebook account (and agree to all their T&C), you can be notified when someone tags you in a photo. You can also opt out of being tagged. I'm not clear whether this actually removes your data from Facebook's facial recognition database, or just from being named in posts. I opted out and am still occasionally tagged in Facebook photos.
Adam, I completely agree that 123-reg could be blamed. I also think that customers could be blamed. My point is that blame doesn't help.
"The script was run by them for them with no customer benefit." Do you suggest that hosting companies should not do this?
"in a production environment without any fallback plan" I suspect most companies run scripts in prod. The lack of a sufficient fallback plan was indeed a serious mistake.
"without giving notice to their customers" Do you suggest that hosting companies should notify their customers any time a script is run that touches their service?
"inadequate precautions were taken." Hindsight is wonderful. Is your point that in the future, be sure that all precautions are adequate?
"Blame is the right response here." It's a valid response. I just don't see how it improves things for the future.
I used to work with a large financial services company that was known for blaming people (and firing them.) It made the staff wonderfully careful, right up the point where things began to break. At that critical point, the clever folks ran like hell, leaving the less gifted people, junior staff, and contractors to solve the problem while dealing with managers on a witch-hunt. It was in nobody's interest to understand the real causes of a problem (either you were safe, or already fired.)
While I understand the anger, I'm not sure it does any good to assign blame for this.
I am not familiar with 123-reg, but they sound like a low-cost operation. As long as they were transparent about what they sold, and delivered what was sold, they're an honest business. Backups aren't free -- if they were, then every customer would have their own backups anyway, right? Yes, they screwed up and should fix their mistake, but mistakes do happen, and it's not clear that this was more than a very unfortunate mistake.
Likewise, customers often don't understand the relevant differences between different products. I see this a lot in consulting. Someone can hire a larger firm for a lower hourly rate to do the same work. If that's all you see, the choice is pretty simple. Even if they have a comparison list of the differences in what they're buying, that's usually in some form that makes sense to the seller, not the customer. I don't like to pay extra for "magic beans" either.
Yes, this sucks. Yes, it makes 123-reg look unreliable. Yes, it makes some of their customers look naïve. Learn how to prevent this in the future. That responsibility falls on all parties, not just 123-reg.
Oh, and I do plan to use this as an example of what can go wrong when you don't understand a product.
Ah! Monster Cloud's decision makes more sense in that context.
Such a price increase (upon contract renewal) would normally be a very brave thing: you'll burn shedloads of goodwill and risk being uncompetitive, so you're relying on your competition to become similarly unappealing.
Here, it seems like Monster Cloud simply panicked. If they're obviously breaching contract (and perhaps threatening to deny access to property, I don't know how this is seen under UK law), that is a direct line to Trading Standards and probably not a few civil court cases. That's not a course you choose unless your business model already collapsed.
Before I signed up with CrashPlan, I asked what my exit options were. For a fee, they'll put all my data onto a hard drive and ship it to me. Several years on, I couldn't be happier with CrashPlan, but then I read a story like this and remember my ticket out.
I wish the best to all: customers, employees, and investors.
Not a bad idea
I'll be "That Person" who suggests it might benefit drivers to have law enforcement tracking us, with the right transparency.
First, I think that many traffic laws are not enforced. Some of those would probably be impossible to enforce (in an honest way. There are, of course, speed traps and the like.) A tool that catches literally all infractions would force traffic laws and traffic behavior to meet. We would probably see rationalization in both.
Second, traffic laws are not enforced consistently. It's not always the fastest driver who gets pulled over for speeding, nor the most reckless driver who gets pulled over for doing something stupid. Some argue there are other factors at work, like personal appearance (race, dress, gender), type of car, neighborhood, and whether the officer had Wheaties that morning. If there's a full-scale surveillance of driving behavior, defendants could ask "why was I cited for a violation when your data shows that I was driving at typical traffic speeds, while other drivers were grossly exceeding the norm?" "Your department prosecutes dark-skinned drivers at a much higher rate than light-skinned drivers. Please provide data to show you are applying the law fairly."
This reminds me of when the US adopted a 55mph speed limit. Protesters drove down the highways across all lanes, at precisely the speed limit, destroying traffic flows.
Re: Since users too often click through those warnings.
My home router uses a self-signed SSL certificate. I think Dell DRAC (lights-out module) does too.
Well, I'm sure Adobe executives will listen to this echo chamber and realize the error of their ways....
I'd love to see a site which lists each of these tracking programs with links to their policies and how to opt-out. Even better would be a service that lets people declare their wish to opt-out of all such tracking methods, and then regularly notifies each such scheme (including any new ones that appear) that these users opt-out of that tracking.
I couldn't begin to figure out the business plan for such a service, other than "non-profit" with "donated legal assistance."
Re: No! No! No!
I describe it as not a "backup system" but a "deferred restore system."
I chose my car insurer not because they are so good at taking my payments, but because their service is great when I have a problem.
Re: Android only?
If your Lumia 635 runs an unpatched Android kernel as part of Windows 8.1, then you have a problem.
Re: Want to scare yourself?
I used to manage private Stratum 1 NTP servers. They did indeed use GPS as Stratum 0.
Proper NTP (as opposed to, say, Simple NTP) corrects for clock differences by accelerating or decelerating the local clock to gradually bring it back into harmony with the reference time.
I'm not sure that even El Reg's blind suicidal harbor pilot would notice a few ms drift over 12 hours.
I have an interesting story about NTP. Suppose you have redundant pairs of NTP servers, and hosts are configured to use both, in case one is offline. Now suppose that one of your NTP servers doesn't go offline, but just throws a wobbly and gets "stuck" at the wrong time. Many NTP clients (at least, those running the standard ISC code) will exit if the difference between local clock and the reference clock is too implausibly great. In this hypothetical case, there would be just a minor hiccup on your (redundant) NTP infrastructure with no downstream effects...until that threshold is reached, at which point thousands of systems would start to unrecoverably fail their NTP clients as they randomly hit the wobbly NTP server. Sometimes redundancy introduces new and exciting failure modes!
This can't be the first time that this medical council has had to redact names when publishing medical information. They should have a standard process for doing so -- including tools and review before publication.
As already noted, this is a schoolboy error, not a malicious act. Either the people assigned to publish this information were not trained, were not provided correct tools, or were not following a process.
Plus ça change, plus c'est la même chose.
Re: Well, Ain't that dandy!
Article: "Security researcher @dfirblog has discovered what he calls a devastating flaw in Windows' Kerberos authentication system."
oldcoder: "Who knew? Practically everyone that actually worked with Kerberos. Kerberos was never intended to be an authorization service."
That's untrue, but oldcoder played the "everyone knows this" card and then switched terminology, so I'm going to explain.
First, this exploit is with authentication. Kerberos tickets are used to authenticate. The Kerberos Ticket Granting Ticket (tgt) is a function of the Kerberos Authentication Server. Authentication means "are you really that person you claim to be?" Authorization means "is this person allowed to do X?" Just because I can authenticate that I'm a city resident, that does not necessarily authorize me to park my car in the middle of City Hall.
Second, Kerberos manages both Authentication and Authorization. You can authenticate as a valid user in that realm. You can request authorization on a certain client computer (maybe to login over ssh, or to sudo). These are all handled by the KDC.
Explanation of Authentication, Authorization, and Auditing (AAA) https://www.pingidentity.com/en/resources/articles/authentication-authorization-audit-logging-account-management.html
Kerberos overview: http://www.kerberos.org/software/tutorial.html
Re: Why bother with security
Innotabs include a "180 degree rotating camera and video recorder" and some apps like VTech Kid Connect let you "Send text and voice messages, animated stickers, drawings, photos and more to your child from your iPhone® to their InnoTab®"
I can imagine why some people might not want to leak personal videos and contact information for family and trusted adults. Also, what happens if someone uses the stored account data to log on to sites as the original child?
I'm also curious about these scalability limitations. The hardware can scale horizontally very well, although I'm not sure about the controller node. Most of the performance problems I've heard about can be traced back to decisions at that specific site: for example, ceph isn't the fastest storage option.
Anyway, it's exciting to read how many companies are getting into OpenStack!
Re: Yet more unsubstantiated clickbait
It doesn't mean much whether the the device is observed to be constantly "transmitting video when switched off." Maybe it transmits only a heartbeat. Maybe it records to some internal storage. Maybe it listens passively for a command, then starts transmitting video without lighting the LED. All we know is that the camera is active when it's supposed to be inactive. That's a real concern.
This reminds me of what Mark Twain wrote about the effect of the Pilots' Benevolent Association on riverboat operations. http://www.gutenberg.org/files/245/245-h/245-h.htm#linkc15
Basically, a small group of riverboat pilots agreed to cooperate with each other, and only each other. Once this Association grew and their service came to be in demand, their cooperation gave them a powerful edge on safe riverboat operations. When an Association pilot stopped in port, he would get the latest news of river conditions ahead; much better information than independent pilots could get. After a while, insurance companies noticed that claims were lower with Association pilots, and they set their rates accordingly. Those insurance rates compelled operators to use Association pilots rather than the independents.
I could imagine a time when some percentage of motor vehicles are "Certified Safe-Driving Vehicles." They communicate with other such vehicles about road conditions (vehicle speeds, visibility and weather, data from anti-lock brakes, obstructions, and any avoidance maneuvers) to prepare for potential emergency situations. Manufacturers demonstrate that such vehicles are much less likely to collide with obstructions, to dent other Certified vehicles, to have single-car accidents, and such. Insurance then starts to factor this into their risk matrices and thus their pricing. Insurers agree to no-fault any collisions between such vehicles. As the percent of Certified vehicles increases, insurance rates put progressively more pressure on drivers to use these Certified vehicles.
This depressing idea allows for automation at any level. It's all just a risk calculation, and therefore a price decision by the driver.
This mess is becoming really interesting.
Now we have multiple governments, which each regulate emissions, whom VW must satisfy when they bring these vehicles into compliance. Will VW use the same solution for all vehicles, or will the (presumably software) change vary by regulator?
Any fix will probably lower combustion temperatures and enrich the fuel/air mixture. This would not only lower fuel efficiency, but could also raise other emissions. If the exhaust system is carefully designed to the original requirements, that could require secondary changes to the vehicle too. Tightly-coupled systems and all that....
Here's a nice explanation of how Nitrogen oxides are created by exhaust. http://www.smogtips.com/failed-high-no-nitrous-oxide.cfm
More specifically, Nitrogen Dioxide (NO2) is what regulators are concerned about (at least the US EPA). That's generated at high combustion temperatures, but also with a lean fuel/air mixture (more Oxygen from the air, less Nitrogen from the fuel). https://www.dieselnet.com/tech/emi_gas.php
Re: Lovely marketing
Hmm, let me see. Microsoft Research. Funded by Microsoft. Windows. Made by Microsoft, shoved down the throat of many through misinformation, monopoly abuse and pretty much every trick in the same book that Google is now using, which generates the money to do that research.
Someone famously said that conspiracy theorists are skeptics who lack critical thinking skills.
Microsoft did all the right things here, and we can all benefit. The source code is published (under a very permissive Open Source licence) for review and improvement by independent security experts -- and even by Internet trolls.
Disconnect between MS and IT depts
The story I read here is about a gap between what Microsoft delivers and what IT departments must deliver.
If an organization finds a particular problem, they have to find a way to continue operating until the problem can be solved. This is true in Sales, in Design, in Production, in IT....
For example, if users become unable to properly preview documents before printing them, that's a problem. IT has to respond. Maybe we say "if you are using X software, please save the file to PDF and view in PDF reader to preview it. We're sorry for the trouble, and we'll tell you when this is fixed."
In the past, we could look through patch notes and get an idea when the vendor fixed the bug. When the vendor doesn't say what they fixed, it's much harder for IT to know whether or when to promise users that specific problems were fixed.
In other words, IT still has to answer to the organization, regardless of what support they get from the vendor. In this case, it seems that Microsoft has decided to hang IT staff out to dry.
Microsoft has chosen not to respond to conspiracy fears about Windows 10. Maybe conspiracy theorists are not their target market. We'll see how much pain this causes medium-to-large organizations, and how Microsoft responds to that pain.
Not just social information
As written, if you agree to Spotify's new contract, you give permission for Spotify to "collect information stored on your mobile device, such as [but not exclusively]...."
"3.3 Information Stored on Your Mobile Device
With your permission, we may collect information stored on your mobile device, such as contacts, photos, or media files."
Okay, but what can they do with the data they might snaffle off your device? "YOU EXPRESSLY AUTHORISE SPOTIFY TO USE AND SHARE WITH OTHER COMPANIES IN THE SPOTIFY GROUP, AS WELL AS CERTAIN TRUSTED BUSINESS PARTNERS AND SERVICE PROVIDERS...." Also to law enforcement, to protect Spotify, for academic use, for information about the service, or as an asset to be sold. (Section 5.2.5)
That's pretty much whatever they want, then.
Spotify can finally tell us what songs are most popular during Uber's Rides Of Glory http://rideofglory.blogspot.com/
Release Cycle vs Workflow
I use Firefox for many hours a day. To me, it's a tool. And a tool has a workflow.
If Mozilla wants to be agile and release variegated updates every few minutes or whatever, that's fine. I'm just a user. I don't look at the code and I don't care.
However, I do care about my workflow. I care that I can open a new tab without stopping to think how to do that. I care that I can switch to "that tab over there" without having to figure out what the key combination is this week. I care that I can think "gee, didn't I bookmark that?" and before the thought is complete, I already clicked to raise the bookmark menu and my mouse is over the search box.
I hope that Mozilla's idea of "agile" is about their code and not about my workflow.
Re: ZoneAlarm advert?
An embedded device doesn't need to do deep packet inspection, it just needs to only respond to what it's supposed to handle and to safely reject everything else...the application should correctly parse it and throw out anything that doesn't make sense.
Certainly. I agree with everything you say. Sadly, many potentially vulnerable devices are no longer supported. We can't look to CheckPoint to solve that. That's all I mean.
Re: ZoneAlarm advert?
"So how do I install ZoneAlarm PRO on all the non-PC devices on my LAN?"
Good point. Personal computers are not the only networked devices. I suppose that tablets and phones are just about as vulnerable at other untrusted locations as they are on your home LAN, so that horse is already long gone. There are also appliances like surveillance cameras.
To be fair, I don't know how many embedded devices have the hardware to do deep packet inspection. My Drobo doesn't. And it would probably murder battery life on a mobile. CheckPoint can't fix that.