They'll use an excuse that keeps on giving
12862 posts • joined 12 Feb 2011
When I worked for a state university back in the 90s they didn't have a pension, they had a 403b (same thing as a 401k but for public institutions) You had a mandatory contribution of 5% of your salary, and they doubled it for a 10% match.
The salary might not have been at the level you'd get for the same job in the private sector, but they made up a lot of ground between that and 24 days of vacation (not including a half dozen standard holidays) plus 18 days of sick time that if unused could be converted at a 3:1 ratio to add up to another 6 days of vacation if you didn't get sick!
We should take a decade or two to make our roads work for self driving cars?
The reason cars need to operate on our roads with our insufficient and confusing signage, lack of lane markers in many cases, and so forth is because those are the roads we have. Sure, we can modernize expressways to work well for self driving cars, but once you leave them the meatbag in the front seat (that's you) will need to take over if they can only handle dumbed down driving tasks in areas with sensors on the road or QRcodes on the signage.
If the goal is to have autonomous cars that can drive everywhere - i.e. a car without a steering wheel or pedals - it will have to learn to handle the roads as we have them. And handle places that aren't roads, if for example I want to drive into my backyard to unload something heavy instead of walking it around the house from the driveway.
I don't know if they're guilty or not, but I hope they stick around. They've never stolen $3 billion from me[*] so I'll continue buying from them as long as they're around and have good prices and rebate deals.
[*] Disclaimer: I haven't checked my bank balance today
Will hijack your browser or Outlook or some other whitelisted application and use it to encrypt your folders. It isn't as if those applications don't always have a lengthy list of patches every month, finding such an attack will be pretty easy.
I don't see this as a long term solution, it is fixing last year's problem while the malware guys are already working on next year's nasties.
Facebook, Google, and Apple are (presumably) lobbying for stuff that favors their business (i.e. net neutrality, not making some crazy anti-encryption laws, etc.) not trying to get the government to give them more money / protect the money the government is currently giving them like Oracle.
Just did a major merger, like when they bought Compaq? Time for some layoffs. Just did a big split, like when they spun off DXC? Time for some layoffs.
Inevitably some of those they layoff (or scare away) will have been generating a lot of value for the company, so the layoffs will cause a revenue drop. Then it will be - you guessed it - time for some layoffs!
Every LCD monitor I've owned (and every CRT monitor before it) has shown at least a little image retention, like being able to notice the faint outline of the status bar on the bottom of the screen. Not like I was getting cheap ones either - the last CRT was a high end 21" Trinitron made for HP workstations.
I've got a bunch of plasma TVs, and a few are more susceptible to burn-in and I need to run a color pattern on them regularly to clear it up. Others seem pretty resistant - all Panasonic panels so I'm not sure why some have a problem and others don't. Maybe it is just the luck of the panel lottery.
I haven't ever seen even a hint of image retention on any of my iPhones, but I have seen a few friends with a pretty bad case on their Androids (can't remember brands, but I know they weren't Samsungs and it was a few years ago so very likely LCD not OLED)
Apologies are worthless unless behavior changes. It is one thing if someone was accused of doing stuff 20 years ago and there no recent reports - apologizing for past conduct carries some weight as you could say you were wrong then, realized it, and changed for the better.
But these people who are called out for stuff they've been doing up until it becomes public apologizing rings kind of hollow. They're not apologizing for their behavior, they're apologizing for people finding out about it.
Of course it can, but that doesn't change the point that the offer to show code is meaningless. I still think using Microsoft's AV is the best solution - they already control the OS code so if you can't trust them you're already screwed.
Does other AV software really work better enough that it is worth trusting another company with that type of extremely low level access? Despite all their bullshit about having "AI" capability to detect threats before they become known, in practice if the signature isn't in their database yet when the malware arrives it'll get you. Unless other companies are significantly faster in updating the signatures I don't see why you'd want to go with a third party for AV software.
At least Microsoft is less likely to detect a system file as malware and quarantine it, which occasionally happens with the others.
Even when body cameras have shown cops at fault they often face no consequences. Why should cops alter their bad behavior if all their going to get is "administrative leave" (i.e. paid vacation) and then be absolved of guilt because "he feared for his life", i.e. "he couldn't have known the guy wasn't going for a gun when he told him to produce identification and then shot him when he put his hand in his pocket".
In many of these cases the affected party will win millions in damages. The cop doesn't pay, the police union doesn't pay. The citizens pay, since the city pays the judgements. Cops should be required to carry liability insurance for such judgments against them for their actions. Doctors do, why shouldn't cops? They can either pay it out of their own pockets, which would be a powerful incentive to not do things that result in judgments against them, or their union can pay for it, which would be a powerful incentive for the unions to stop protecting bad cops.
Until cops face the consequences of their actions, you could have a 24x7 reality show follow them around and it wouldn't change their behavior.
The iPhone keeps the encryption keys in the secure element, and the encryption is NOT based solely on your password or PIN, but is entangled with a key unique to the secure element. Also the OS doesn't even get the encryption key for the flash, there's an AES unit on the SoC between the NAND and the OS that does the actual decryption. But since the key will be unique to any iPhone even if both use the same password/PIN, even if you get hold of the encryption key, it would do you no good.
Apple has a very detailed writeup of how they handle all this stuff available. Maybe you should read it before you spout off a bunch of nonsense.
Let's say some black hat makes an SD card that is marked as 64GB and shows 64GB in size but is actually 128GB divided into two hard partitions. One password unlocks one half, a second password unlocks the other half. One half you fill with a bunch of innocuous stuff (or slightly incriminating stuff but not enough to bother the prosecutor with if you want police to believe it isn't a plant) The other is your real stuff.
When asked for the password, you give them the password to the innocuous stuff, and they don't even know the real stuff is there.
That won't work for iPhones, the operator can't force any OS upgrades or have any control whatsoever of the OS you're running. All they can do is push a carrier settings update, but that won't help unlock the phone or anything like that since it doesn't interface with the phone's security at all.
Not sure it would work on some Androids either. Do OS upgrades for the Pixel go through the carrier or do those come directly from Google?
Well assuming you are refusing to give up your password because you're guilty of the crimes you are accused of, rather than standing on principle, none of those things sound bad. If you go to prison you will also lose your job, be determined not be of good character, be unable to work for government / unemployable, and if you're foreign be deported. The difference is, those things would happen after you spent many years or decades in prison, rather than a maximum of two years if you refuse to give up your password.
So tell me again what the downside is...
I had to google this because I didn't believe there was such an offense, but apparently there is. I'm just not clear on what it is - does it mean just working the pedals at an insane speed totally out of control - like 'reckless driving' in the US? Or does it mean just not watching where you are going and not following the rules of the road but possibly at a quite reasonable pace, like one of the dicks who gives cyclists a bad name by running red lights and ignoring pedestrian crosswalks and the like?
When the early post big bang universe cooled enough for protons and antiprotons to form, maybe there was an equal chance of each, but that doesn't mean it would be a 50/50 split down to the last decimal point. One flavor would be more numerous than the other, and even if most annihilated each other one or the other would have a surplus at the end of it all.
Nice that Purism is using it to disable the ME, but a flaw like that could also be used for a lot of bad things. If they follow through with the disclosure in December, or it otherwise is released into the wild (maybe by someone carefully examining how Purism does it) I suspect 2018 will bring a lot more Reg articles about hack attacks perpetuated with the Management Engine now that it can be made to run unsigned code!
You can see that as an endorsement, or you can see it as "I had a copy of Kaspersky laying around so I used it". Just because he's an expert doesn't mean all his decisions are made with due deliberation and care. Maybe he was the sort of expert who thinks he's so smart he's immune to being hacked and simply was careless.
Isn't that the price of electronics I buy is a few cents higher per capacitor or whatever. It is that despite fixing prices high, they didn't bother to make capacitors that fucking last. Instead we got treated to the bulging capacitors of the early 2000s, and even though that issue was fixed they are still one of the more failure prone items in modern electronic devices.
Had they invested a bit of that windfall into making better products so that capacitor failures were rare I wouldn't begrudge them a little profit padding.
Given that apple do the same harvesting
Your proof? Apple doesn't care about stealing all your personal information, because they make money off you when you buy the phone. Google gives Android away for free, as a way to push more eyeballs to the ads they sell. Totally different ways of making money, each very successful in their own way, but don't confuse the two.
Apple even shut down the ad network they ran (iAd) so if they did collect your personal information they literally don't have a way of making money off it - so what would be the point?
I think your title was right, there have been several instances of software company's build systems getting hacked. This sounds like more of the same.
The reason is probably because this is the easiest way to infect a lot of people. Compile your infection into software that either automatically updates itself or is updated regularly by users, and you get a lot more people than if you did it the old fashioned way and needed to find a remote root exploit or trick them into downloading something they shouldn't.
Not much you can do as an end user about this except hope that as that keeps happening software companies will pay more attention to the security of their build environment and maybe consider taking it offline (I know, why would they do that when it is less convenient...)
The bad news is that it doesn't seem to have affected annoying insects like flies, they seem to be as numerous as every as far as I can tell.
The good news is that insects breed very quickly, so if we can figure out why (overuse of pesticides in agriculture no doubt plays a major role) and correct it, the insect population should rebound fairly fast. A lot faster than the several decades it took for bald eagle populations in the US to rebound after DDT was banned, at least.
When I was a kid I remember seeing a bald eagle was a huge deal. Now the area is lousy with them, if I go a few miles to one of their favorite spots along the river that cuts through town right now I can see 30 or 40 at once.
I consulted for them on an SAP migration in 2000. We had a small team of a half dozen guys, and we'd regularly run up over $100/person for dinner, submitting receipts for our little group of $500 or so was pretty normal. On our last night the project leader took us out to a very expensive place for dinner and bought a few very expensive bottles of wine, and we topped $7000 (Canadian, or $5000 US back then)
How times have changed.
Isn't pretty much everything accessible from Google HQ? Everything their spiders index all over the world is fair game for the Feds, for a start. Then consider what Google could hack into if they were "properly" motivated, by say a $10 million/day fine rather than that puny $10K/day fine.
I continue to be amazed that Apple hasn't done anything like this yet. When they surprised everyone with the first 64 bit ARM SoC four years ago, I figured this was coming soon. All they'd have to do is add an app to the iPhone that has the OS X GUI, make the missing API features (iOS is basically a cut down OS X) available to those programs, and have the OS X build tools generate a fat binary with 64 bit x86 and 64 bit ARMv8.
Connect a monitor via Lighting/HDMI adapter, and a keyboard/mouse via bluetooth or a USB breakout that goes with that Lightning/HDMI adapter and you're good to go. Access to thousands of professional programs before long, as I'm sure developers would quickly fall in line to develop fat binaries to gain access to a huge new customer base.
Are they worried it would hurt Mac sales? Personally I think it would make the platform more attractive and might actually increase them, but either way there would be a lot more OS X users. They might need to introduce an iPhone 'Pro' model with more RAM for people who are going to want to run stuff that needs a lot of RAM, but this wouldn't be something for power users more for the occasional user like students and road warriors that don't want to lug a laptop with them. Any of the recent models with 2-3 GB would be fine for them, and the SoC is fast enough and has built in compression support they could use compressed memory pages and double its effective size.
Like I said, I've been expecting it for four years now, and have been wrong for four years. I guess Apple knows something i don't, or they are waiting on something else to fall in place before they release it?
Telcos charged for SMS per message, or offered plans of X messages per month that could not keep up with chatty millennials. Apple solved the problem for its customers with iMessage, but strangely Google chose not to bundle something similar with Android. I'll bet they're kicking themselves daily they didn't, since WhatsApp ended up filling that void for Android users.
Of course now telcos (at least in the US) compete on data, and all but the most bargain basement plans start with unlimited calls and SMS/MMS. If iMessage and WhatsApp went away tomorrow most people wouldn't care, they'd just go back to texting now that it doesn't cost them anything extra.
Sure, the apps are more secure but the average person doesn't know or care about that.
Seems to me an easy way around the "if you aren't radio silent the enemy can triangulate your position without radar" problem is to communicate with a satellite. Use beam steering to send messages UP.
Unless something is above you (maybe a network of enemy weather balloons?) they won't be able to receive your transmission and you remain stealthy. It won't work with enemies who have their own satellite network, but foes at that level have much better radars able to see the small radar cross section the F35 presents anyway.
They knew how to beat chess grandmasters from the very first chess program that did a tree search to rate different moves, they just lacked computing power at that point. The first computer to beat a human in a tournament (not grandmaster level I'm sure, but still if a person is going to enter a tournament you figure they are halfway decent) was in the late 60s.
If they had the computing power Google is throwing at Go available to them in the late 60s, that chess playing computer probably could have beat grandmasters. The improvements they made to chess programs since then - aside from the massive increase in computing power available to them - consisted of various improvements to the tree search to prune unproductive paths and do better position evaluation in the endgame. If we had to run it on a 1960s era computer, even with modern techniques a chess program wouldn't be all that much better, and Go would still look impossible.
We haven't got any closer to real AI during all that time, AI researchers have just got better at marketing their work to a credulous public who thinks beating humans in chess or Go gets us closer to that goal. It doesn't, because expert human players don't play those games by evaluating trillions of moves and choosing the best one. We still don't have a clue HOW they do it, in fact.
Yes, it is the usual story hyping something up as a big advance when it isn't. It still had to be programmed with the rules of Go, and probably (though it isn't clear from the article) some way of "valuing" positions as stronger or weaker.
If they can make an AI that is able to read the rules of a game it has never seen before, understand those rules well enough to play against itself to learn, and then beat a human player with equivalent experience to its training (i.e. played the same number of games) then I'll be impressed.
Until it achieves that, it is nothing that couldn't have been done back in the 70s or 80s if they had access to millions of times more computing power and memory back then.
Amazon came along too late, they missed the halcyon days when a /8 would have been theirs for the asking. Figures that Microsoft would ignore the internet for long enough they'd need to buy a /8 instead of grabbing one for free back in the 80s like companies with more foresight such as Apple and HP!
The fact that they're able to get addresses they need from those who don't need/use what they have shows that IPv4 has sufficient capacity in the west. So they cost $10/IP, big deal. It isn't as though Microsoft and Amazon have trouble affording that. If the price gets high enough ($100/IP? $1000/IP? I don't know what "high enough" is exactly) then they'll start pushing IPv6. How to push IPv6? AWS and other hosting services could offer cheaper hosting for servers accessible via IPv6 only, for example. If stuff I want is only accessible via IPv6 then that would incentivize me and other end users to want to use IPv6, and ISPs to provide "full" IPv6 connectivity instead of 6to4 and the like.
We have enough IPv4 addresses, and non-CG NAT leaves plenty of room for expansion as people's homes get more and more IP devices. NAT has some obvious disadvantages, but we've long since worked through them so there's no real benefit to going to IPv6 for the average person.
I could enable IPv6 on my router and PC, but why should I? Is it faster? No. Is it more secure? No. Is it more compatible? No, I'm actually more likely to experience issues in IPv6 than the decades old and well tested IPv4.
I get why Asia and Africa are moving to it, they don't have a choice because we hogged all the IPv4 addresses. That's done and there is a solution for them in the form of IPv6. If I was left with no choice I'd go IPv6, but since I do have a choice why should I and the rest of the US and Europe bother? How would it benefit me, or the internet in general to do so?
Whoever came up with these "civil forfeiture" laws had to have been a dirty cop before, because it has been a huge boon to having mountains of cash sitting around for the taking.
What money isn't stolen ends up buying military style gear the cops have no business owning. My city (population < 100K) owns an armored personnel carrier! Congress ought to pass a law making this illegal nationwide. They won't, of course, because defenders of dirty cops will claim limiting their ability to steal cash and cars and buy surplus Army gear is "weak on crime".
NEVER buy electronic gadgets designed for kids. They will never be secure. Not that things intended for adults are secure, but at least there's generally more known about them.
I mean we know security on Apple Watch and Android Wear isn't perfect, but at least there have never been any exploits found that allow using them as a bug or tracker!
Was the "stone" made of concrete? If it was a real stone, how do you carve a sword sized slit 3' deep into a stone, and how do you keep the sword from being trivially removed after that's done and the sword is inserted? Was it epoxied in or was there a hole in the bottom of it for a bolt to go through?
I'm assuming it came loose due to rust, hopefully the crowdfunding gets enough for a stainless steel sword this time!
Does GPLv3 allow this sort of self-serving lawsuit on the behalf of your tiny fraction of code? Maybe someone needs to update the license Linux uses for future submissions so it has the following characteristics:
1) compatible with GPLv2, so it can be used for new code but existing submissions remain GPLv2
2) does not allow this sort of thing - any copyright lawsuits on the code can't benefit the author financially, beyond reasonable legal costs and cost for his time (i.e. no partnering with your brother the lawyer who charges $5000/hr, or claiming your time is worth that much) Everything left over goes to one or more Linux/free software related non-profits.
Biting the hand that feeds IT © 1998–2019