The AMT has to have the cooperation of the network chipset to access the network. I have crawled through petabytes of netflow from tens of thousands of routers supporting nearly a million computers and have never seen port 623 traffic associated with an IP that did not also have other traffic on other ports. I could have missed this since I wasn't explicitly looking for this though. It did amaze me that the AMT has its own list of servers for services such as NTP (which allows the manufacturer to see the heartbeats of their customer's servers if this is not blocked/NAT-redirected at the firewall). So clearly it is capable of full network stack interaction and could have its own MAC and IP if the network card provided a way to accept the configuration for this. I just haven't seen this and suspect that in general network cards don't provide this service to the AMT. Maybe it would be a good idea to not use motherboard network chips and use network cards from chipsets from a different manufacturer than the CPU chipset.
Are you sure about "own MAC and IP address"? Common network chip set (e.g. Intel 82574 family) external interfaces include: NC-SI or SMBus connection to a Manageability Controller (MC) with IPMI MC pass through; multi-drop NC-SI. This generally results in UDP/TCP port 623 traffic being re-directed to the Management Controller. The way I have seen this manifested is port 623 on all network interfaces is passed through to the management engine. The IP and MAC for the management engine is the same as for any other normal communications through the same interface.
All port 623 traffic should be kept on the inside of the network and not allowed to transit firewalls.
I consider the lack of signing support in JavaScript to be a flaw. Signing allows one to: 1) know that code you are running has not been tampered with. 2) whitelist certificate chains. 3) associate code with an actual author. Are these not good things? A sandbox is not enough, especially when more and more people's entire digital experience occurs within the browser. You are routinely finger printed by JavaScript running on your browser. Tampered JavaScript can allow people to capture your important credentials. The sites you visit don't even know where half of the content that they are adding to the page you are viewing came from because they sold space on the page to an advertising broker who in turn sold the space to someone else based on your profile. A hacker can precisely and relatively cheaply target your demographic with malicious JavaScript by purchasing ad space. And as it is, there is no way to ultimately attribute that code to the hacker.
Spending huge on RnD is a Wall Street requirement for tech companies. If you are not spending huge on RnD your multiplier is slashed and your stock craters. The assumption (which is almost always wrong) is that the RnD will lead to another product from the same geniuses that brought them the current product. In the early 1990's BMC was not getting the respect they thought they deserved from Wall Street and they figured out that all they had to do was spend money to get their stock price to triple. So they did. They set up an entire new office in Austin that pretty much just spent money and they called it RnD and their stock price went up. If Twitter slashes their RnD now, Wall Street will kick them to the curb. Twitter may be over-doing their RnD spending, but the amount they spend is likely driven by communications that they have had with institutional investors.
Not only does WebAssembly not require packages to be signed, it does not even provide a slot in its standard for signatures. When are software engineers going to learn that you don't do these things after the fact? I am sick of browsers being cesspools for executing random, uncontrolled and unattributable code.
Never go to human resources until you have another job offer. Period. If you are not operating from a position of strength you are simply viewed as a problem employee and they will work with your manager to get rid of you. If you have a job offer in hand, then your interactions with HR will be very different, you may even receive a raise and get changes you want. (But don't count on it) Human resources works for the company, they are not there to make you happy.
Completely agree. Adding that the posts likely came from the DCI Group ( https://www.dcigroup.com/ ) and that this was amateur hour on their part for not factoring in how hard they were hitting the FCC server.
Most of these legislators used to beat up geeks in High School. Tech firms lobbying against something is tantamount to support here. Republican attitude will be, "You don't like this, well I'm going to make you eat lots of it!"
I guess the headline sounds better with "no CO2 emissions" so they used that rather than the more correct headline "pure CO2 emissions"? Since it is incredibly easy to remove water vapor from exhaust, this seems like a Rube Goldberg solution to that problem. Sounds like they put of lot work into something and rather than admitting the approach did not pan out, they are pitching their failure as an over-the-top success.
Your ability to get a dollar out of the BTC market today for a dollar put in yesterday depends heavily on the participation of others putting their dollars in today. If you examine the data behind the charts https://blockchain.info/charts... and https://blockchain.info/charts... it is very clear that speculative trading has repeatedly driven BTC values up followed by a market value collapse of BTC. People stop putting their money in and instead pull it out and the amount of time it takes to get their money out goes from minutes to days. If there is no speculation and all BTC coins are used for ephemeral transactions, then the total amount of hard currency backing BTC would be around the daily volume of BTC transactions in a day: $1 Billion dollars. However people are behaving as if all of the BTCs are worth $40 Billion dollars. The speculators are the "long-term" holders of BTC, however only a small fraction of their holdings can actually be converted to hard currency before the entire BTC system collapses... in the 2% range. Everyone is depending on everyone else not to blink, historically not a good bet.
PayPal's media awareness dropped to 5 year lows, the board was afraid that this would affect their stock price. When their geeks didn't have anything to make a splash with they turned to their attorneys. Nothing to see here folks...
You left out a lot: IBM initially contracted Microsoft to create OS/2 due to their recent antitrust issues. IBM insisted on the entire OS, including the UI shell being written in assembler despite Microsoft's advice that the majority of the code be written in C with a small assembler kernel. It is easy to claim superiority over DOS. DOS was not an OS, it was a simple shell for running a single single-threaded process. However, OS/2 was incredibly buggy due to the extensive use of assembler. Key internal APIs and structures such as the kernel memory block structure were still changing within dot releases of Warp until the very end. This meant that other key OS component were always playing catch up. Getting working debugging tools was almost impossible. Every functional debugging tool I ever received for OS/2 came to me through back channels from a guy who knew a sales guy at IBM who knew an engineer who had patched a given tool for a given release. IBM horribly mismanaged later contractors such as those that developed the postscript printer drivers. The project managers at IBM seemed to have no understanding of what a printer driver was and they essentially contracted for the same work over and over resulting in a complete mess in that part of the product.
Windows NT came out a year after OS/2 had a working UI and supported existing hardware. OS/2 only really worked on IBM's PS/2's. Windows NT quickly surpassed OS/2's reliability despite the fact that it ran on a much wider variety of hardware. The big difference between OS/2 and Windows at that point was individual Windows aps did not have a threading API provided by the OS. I implemented this feature for my company because our code was initially developed on OS/2 and was designed from the beginning to use 2 threads. It was easier to add threading to Windows NT than re-write our code for the port. I spent 2 years working at a low level with both OSes and in my opinion OS/2 was doomed from the beginning by its buggy, unstable kernel and lack of tools. I don't think Window's kernel memory structures have changed since NT was released. Microsoft learned a lot from their early work on OS/2.
and read the sign that says "This month's WiFi Password is GOLF". It's a country club. They assume you belong there, unless you don't look like you belong there. What is the point of securing a network that has a publicly available password?
TSA must be counting on their European counter-parts stealing the bomb. Maybe "odds of the theft" >> "odds of detection in the carry-on process". Which would explain why TSA prefers the bomb to head for checked luggage.
In the late 80s and early 90s I consumed 8000 calories a day and swam 40km a day during the summers. It was not easy as in addition to swimming 8 hours a day I also had a job and it takes time to eat that much. I'm pretty sure that if I had spent less time working and more time eating, I could have processed more food. It is a good thing I was the boss, because when I was training like this I was pretty much a food guzzling zombie slacker when not in the pool.
Re: "Why would any business trust them with research when a foreign outsourcing contractor now controls access to those secrets."
California Universities have an open research policy. Their professors will not sign an NDA, so companies like my former employer will already not work with them. I tried to bring one of their professors on as an expert on a project and learned this pretty quickly.
Sources of volatile hydroxils include fermentation and plant respiration. The authors did not say "they have no idea", they said they do yet have a mechanistic explanation. They clearly have some ideas and those ideas are related to the differences between the tropics and the rest of the planet and they are all calling for more studies on specifically this.
"However, the authors do not yet have a mechanistic explanation for the last decade's global changes in hydroxyl concentrations. Future studies are needed to investigate this further, Frankenberg says. The researchers also would like to see the trends they detected verified with a more detailed study of both methane sources and sinks."
Florida's governor Jeb Bush embarrassed a number of counties into cleaning up road graft by simply requiring each county to report metrics such as cost-per-road-mile which ultimately were aggregated in this table: http://www.fdot.gov/programman... . Counties having the same soil conditions had widely different costs before they were forced to publish comparable metrics. Rather than focus directly on numbers, if distributed role costs such as ratio of HR salaries to total salaries were identified for each agency some discrepancies could be identified. Technology expenses per employee, travel expenses per executive, etc.
Section 241 of Title 18 is the civil rights conspiracy statute. Section 241 makes it unlawful for two or more persons to agree together to injure, threaten, or intimidate a person in any state, territory or district in the free exercise or enjoyment of any right or privilege secured to him/her by the Constitution or the laws of the Unites States, (or because of his/her having exercised the same). Unlike most conspiracy statutes, Section 241 does not require that one of the conspirators commit an overt act prior to the conspiracy becoming a crime.
https://www.justice.gov/crt/co...
Netflix is also buying Indie films at festivals and... gasp... showing them. I never understood the studios' predilection for buying up these movies and then never distributing most of them.
In economics your statement "everyone pays their rightful share, each individual can pay less" is not necessarily true. Look at it this way: The half life of your money is how many times a dollar can change hands before taxation reduces its value to half or less. With Australia's 10% GAT, this number is 7. If one third of the transactions are cash based, the half-life becomes 10. In this light, the initial holder's relative value of their dollar is 20% greater when 1/3 of the transactions are cash based. If the initial value of your money is hit harder than the amount of tax you pay, then you can come out behind, not ahead when everyone pays their fair share. I personally think 10% is a fair number and that in Australia's case you are largely correct. However the bigger the taxation percentage, the worse the devaluation is under "fairness". "Obvious truths" are not always obvious in economics, the worst offenders that I know of in this regard are the U.S.'s Congressmen. One pertinent question: will a government lower the rate when compliance increases to equalize value of the money? Regardless, professor Richard Holden deserves an "F" in Economics for his simplistic statements.
Slashdot Mirror
At least we know who to thank: http://straticsnetworks.com/ri...
The AMT has to have the cooperation of the network chipset to access the network. I have crawled through petabytes of netflow from tens of thousands of routers supporting nearly a million computers and have never seen port 623 traffic associated with an IP that did not also have other traffic on other ports. I could have missed this since I wasn't explicitly looking for this though. It did amaze me that the AMT has its own list of servers for services such as NTP (which allows the manufacturer to see the heartbeats of their customer's servers if this is not blocked/NAT-redirected at the firewall). So clearly it is capable of full network stack interaction and could have its own MAC and IP if the network card provided a way to accept the configuration for this. I just haven't seen this and suspect that in general network cards don't provide this service to the AMT. Maybe it would be a good idea to not use motherboard network chips and use network cards from chipsets from a different manufacturer than the CPU chipset.
Are you sure about "own MAC and IP address"? Common network chip set (e.g. Intel 82574 family) external interfaces include: NC-SI or SMBus connection to a Manageability Controller (MC) with IPMI MC pass through; multi-drop NC-SI. This generally results in UDP/TCP port 623 traffic being re-directed to the Management Controller. The way I have seen this manifested is port 623 on all network interfaces is passed through to the management engine. The IP and MAC for the management engine is the same as for any other normal communications through the same interface.
All port 623 traffic should be kept on the inside of the network and not allowed to transit firewalls.
I consider the lack of signing support in JavaScript to be a flaw. Signing allows one to: 1) know that code you are running has not been tampered with. 2) whitelist certificate chains. 3) associate code with an actual author. Are these not good things? A sandbox is not enough, especially when more and more people's entire digital experience occurs within the browser. You are routinely finger printed by JavaScript running on your browser. Tampered JavaScript can allow people to capture your important credentials. The sites you visit don't even know where half of the content that they are adding to the page you are viewing came from because they sold space on the page to an advertising broker who in turn sold the space to someone else based on your profile. A hacker can precisely and relatively cheaply target your demographic with malicious JavaScript by purchasing ad space. And as it is, there is no way to ultimately attribute that code to the hacker.
Spending huge on RnD is a Wall Street requirement for tech companies. If you are not spending huge on RnD your multiplier is slashed and your stock craters. The assumption (which is almost always wrong) is that the RnD will lead to another product from the same geniuses that brought them the current product. In the early 1990's BMC was not getting the respect they thought they deserved from Wall Street and they figured out that all they had to do was spend money to get their stock price to triple. So they did. They set up an entire new office in Austin that pretty much just spent money and they called it RnD and their stock price went up. If Twitter slashes their RnD now, Wall Street will kick them to the curb. Twitter may be over-doing their RnD spending, but the amount they spend is likely driven by communications that they have had with institutional investors.
There are many flow chart based Business Process Execution Language (BPEL) coding environments, including multiple open source options: http://orchestra.ow2.org/xwiki... , https://eclipse.org/bpel/ .
Not only does WebAssembly not require packages to be signed, it does not even provide a slot in its standard for signatures. When are software engineers going to learn that you don't do these things after the fact? I am sick of browsers being cesspools for executing random, uncontrolled and unattributable code.
Never go to human resources until you have another job offer. Period. If you are not operating from a position of strength you are simply viewed as a problem employee and they will work with your manager to get rid of you. If you have a job offer in hand, then your interactions with HR will be very different, you may even receive a raise and get changes you want. (But don't count on it) Human resources works for the company, they are not there to make you happy.
Completely agree. Adding that the posts likely came from the DCI Group ( https://www.dcigroup.com/ ) and that this was amateur hour on their part for not factoring in how hard they were hitting the FCC server.
Most of these legislators used to beat up geeks in High School. Tech firms lobbying against something is tantamount to support here. Republican attitude will be, "You don't like this, well I'm going to make you eat lots of it!"
The bot-driven fake submissions are in support of ENDING Net Neutrality. This was not a false-flag operation. These posts likely came from the DCI Group ( https://www.dcigroup.com/ ) which was hired by the National Cable and Telecom Association via Broadband for America see: http://www.zdnet.com/article/a... and https://news.vice.com/article/... .
I guess the headline sounds better with "no CO2 emissions" so they used that rather than the more correct headline "pure CO2 emissions"? Since it is incredibly easy to remove water vapor from exhaust, this seems like a Rube Goldberg solution to that problem. Sounds like they put of lot work into something and rather than admitting the approach did not pan out, they are pitching their failure as an over-the-top success.
Your ability to get a dollar out of the BTC market today for a dollar put in yesterday depends heavily on the participation of others putting their dollars in today. If you examine the data behind the charts https://blockchain.info/charts... and https://blockchain.info/charts... it is very clear that speculative trading has repeatedly driven BTC values up followed by a market value collapse of BTC. People stop putting their money in and instead pull it out and the amount of time it takes to get their money out goes from minutes to days. If there is no speculation and all BTC coins are used for ephemeral transactions, then the total amount of hard currency backing BTC would be around the daily volume of BTC transactions in a day: $1 Billion dollars. However people are behaving as if all of the BTCs are worth $40 Billion dollars. The speculators are the "long-term" holders of BTC, however only a small fraction of their holdings can actually be converted to hard currency before the entire BTC system collapses ... in the 2% range. Everyone is depending on everyone else not to blink, historically not a good bet.
PayPal's media awareness dropped to 5 year lows, the board was afraid that this would affect their stock price. When their geeks didn't have anything to make a splash with they turned to their attorneys. Nothing to see here folks ...
You left out a lot: IBM initially contracted Microsoft to create OS/2 due to their recent antitrust issues. IBM insisted on the entire OS, including the UI shell being written in assembler despite Microsoft's advice that the majority of the code be written in C with a small assembler kernel. It is easy to claim superiority over DOS. DOS was not an OS, it was a simple shell for running a single single-threaded process. However, OS/2 was incredibly buggy due to the extensive use of assembler. Key internal APIs and structures such as the kernel memory block structure were still changing within dot releases of Warp until the very end. This meant that other key OS component were always playing catch up. Getting working debugging tools was almost impossible. Every functional debugging tool I ever received for OS/2 came to me through back channels from a guy who knew a sales guy at IBM who knew an engineer who had patched a given tool for a given release. IBM horribly mismanaged later contractors such as those that developed the postscript printer drivers. The project managers at IBM seemed to have no understanding of what a printer driver was and they essentially contracted for the same work over and over resulting in a complete mess in that part of the product.
Windows NT came out a year after OS/2 had a working UI and supported existing hardware. OS/2 only really worked on IBM's PS/2's. Windows NT quickly surpassed OS/2's reliability despite the fact that it ran on a much wider variety of hardware. The big difference between OS/2 and Windows at that point was individual Windows aps did not have a threading API provided by the OS. I implemented this feature for my company because our code was initially developed on OS/2 and was designed from the beginning to use 2 threads. It was easier to add threading to Windows NT than re-write our code for the port. I spent 2 years working at a low level with both OSes and in my opinion OS/2 was doomed from the beginning by its buggy, unstable kernel and lack of tools. I don't think Window's kernel memory structures have changed since NT was released. Microsoft learned a lot from their early work on OS/2.
and read the sign that says "This month's WiFi Password is GOLF". It's a country club. They assume you belong there, unless you don't look like you belong there. What is the point of securing a network that has a publicly available password?
TSA must be counting on their European counter-parts stealing the bomb. Maybe "odds of the theft" >> "odds of detection in the carry-on process". Which would explain why TSA prefers the bomb to head for checked luggage.
In the late 80s and early 90s I consumed 8000 calories a day and swam 40km a day during the summers. It was not easy as in addition to swimming 8 hours a day I also had a job and it takes time to eat that much. I'm pretty sure that if I had spent less time working and more time eating, I could have processed more food. It is a good thing I was the boss, because when I was training like this I was pretty much a food guzzling zombie slacker when not in the pool.
Re: "Why would any business trust them with research when a foreign outsourcing contractor now controls access to those secrets."
California Universities have an open research policy. Their professors will not sign an NDA, so companies like my former employer will already not work with them. I tried to bring one of their professors on as an expert on a project and learned this pretty quickly.
They haven't had the best track record with their employees recently ...
Sources of volatile hydroxils include fermentation and plant respiration. The authors did not say "they have no idea", they said they do yet have a mechanistic explanation. They clearly have some ideas and those ideas are related to the differences between the tropics and the rest of the planet and they are all calling for more studies on specifically this.
"However, the authors do not yet have a mechanistic explanation for the last decade's global changes in hydroxyl concentrations. Future studies are needed to investigate this further, Frankenberg says. The researchers also would like to see the trends they detected verified with a more detailed study of both methane sources and sinks."
Florida's governor Jeb Bush embarrassed a number of counties into cleaning up road graft by simply requiring each county to report metrics such as cost-per-road-mile which ultimately were aggregated in this table: http://www.fdot.gov/programman... . Counties having the same soil conditions had widely different costs before they were forced to publish comparable metrics. Rather than focus directly on numbers, if distributed role costs such as ratio of HR salaries to total salaries were identified for each agency some discrepancies could be identified. Technology expenses per employee, travel expenses per executive, etc.
Section 241 of Title 18 is the civil rights conspiracy statute. Section 241 makes it unlawful for two or more persons to agree together to injure, threaten, or intimidate a person in any state, territory or district in the free exercise or enjoyment of any right or privilege secured to him/her by the Constitution or the laws of the Unites States, (or because of his/her having exercised the same). Unlike most conspiracy statutes, Section 241 does not require that one of the conspirators commit an overt act prior to the conspiracy becoming a crime. https://www.justice.gov/crt/co...
Netflix is also buying Indie films at festivals and ... gasp ... showing them. I never understood the studios' predilection for buying up these movies and then never distributing most of them.
In economics your statement "everyone pays their rightful share, each individual can pay less" is not necessarily true. Look at it this way: The half life of your money is how many times a dollar can change hands before taxation reduces its value to half or less. With Australia's 10% GAT, this number is 7. If one third of the transactions are cash based, the half-life becomes 10. In this light, the initial holder's relative value of their dollar is 20% greater when 1/3 of the transactions are cash based. If the initial value of your money is hit harder than the amount of tax you pay, then you can come out behind, not ahead when everyone pays their fair share. I personally think 10% is a fair number and that in Australia's case you are largely correct. However the bigger the taxation percentage, the worse the devaluation is under "fairness". "Obvious truths" are not always obvious in economics, the worst offenders that I know of in this regard are the U.S.'s Congressmen. One pertinent question: will a government lower the rate when compliance increases to equalize value of the money? Regardless, professor Richard Holden deserves an "F" in Economics for his simplistic statements.