It winds up being pretty useful for more than just UNIX. I've found it a useful tool for checking out day to day work documents (spreadsheets, etc), because it gives version control, as well as a decent hedge against ransomware (well, until there a variant starts purging Git repos.) It also is useful for syncing with a master server, so regardless if one is on their desktop or laptop, they would have a recent working copy of their files... all they need to do is commit and push the repo when done with an editing session.
Git is too entrenched now for anything but something absolutely revolutionary to replace it. Heck, even Microsoft has it baked into VS and recommends people move to that. OS X also has Git support baked in if one decides to load XCode.
Replacing Git would be like trying to replace tar or bash. It -might- be possible, but in reality, it is virtually impossible for it to happen.
If I were the CEO of BitKeeper, I'd be looking at trying to make something to compete against GHE, GitLab, or Bitbucket, with a web UI that works extremely well, and priced exceedingly well, so it gets picked up and used everywhere.
A few weeks, I installed it to find and move an OS image. It didn't look like the traditional file manager... and instead of the regular Android filesystem, it only supported bouncing between user directories.
If this program is spewing ads, that is even worse, because in the past, I used to trust it with root. I guess I'll use the ancient Root File Explorer utility from now on.
I have debated if it is worth backing a machine up, upgrading to W10, then rolling back, so the BIOS ID is with MS and will auto-activate if I ever want to actually move to W10 for good.
On the other hand, a new copy of W10 Pro is two C-notes, likely less, and if I actually bother to get a VLK + SA, the point is completely moot.
Didn't Audi make a synthetic diesel that could be synthesized from CO2 (although to do so requires a good chunk of energy)?
Battery innovations are quite useful, but if we can pull a usable, energy-dense fuel from the air, this would help with sustainability. As an added bonus, it would be a carbon negative or at worst, carbon neutral.
Backing up isn't straightforward though, especially on Windows. Windows Server editions have a decent backup program (wbadmin), while the client side, the best out there is likely Veeam.
Even then, one needs to consider ransomware blowing away shares, so one needs to either backup the backups, use a WORM style for media, or use a pull based system like WHS. For a home user, arguably the best way to fix this is a NAS appliance that can pop snapshots of the shares, as well as back itself to an external HDD.
Of course, there is the biggest issue... I've seen rigorous backups done... but no restores tested, which lead to disaster down the road. Ideally, people need at least two different backup methods, so if something gets trashed, there is another available. Veeam on a BitLocker protected drive + Mozy might be one way. Time Machine and a cron job which dumps documents to a backup repository is another.
He was lucky to have backups. Not everyone has Time Machine set up and working. Not everyone sets up backups, so this could have been catastrophic, had it been someone less computer savvy.
Apple should expand their HomeKit IoT infrastructure to be farther reaching. Something that guarantees certified device "A" can communicate with device "B", as well as offer whatever functionality is wanted. Sell a hardened hub where devices communicate with that via Bluetooth, and the hub handles Internet communication. This way, individual endpoints are not exposed.
In return, vendors would have to keep devices updated for the lifetime of the item (no thermostats or burglar alarms being orphaned after 2-3 months), and it would be very well know that their certificates will get pulled if the "security has no ROI" philosophy pops up.
This is pretty much the only way we will see security in the IoT sector, similar to how PCI-DSS is pretty much the only real "regulation" with teeth in the financial sector, where a private company decides who gets to play in their playground, and who doesn't... no appeals possible.
Also check your credit record afterwards. Some places will put adverse entries on it once they realize they can't slurp from your account any more.
Oh, and this goes without saying... NEVER give a bank account ID. Even years after the account is closed, someone can draw from it, rendering the account negative, and if not paid in a week, making an entry onto ChexSystems, which ensures banks won't even open a checking account for the victim for seven years.
The thing about Amazon, Apple, Google, and Netflix's services is that they can be cancelled with a mouse click. In fact, it sounds odd, but it helps their customer sat, because if people find it easy to leave, they will be far more likely to come back. This is in stark contract to companies that would require you to call a special number and fight it out with some offshore rep to cancel the card. Having to sit on the telephone for hours on end virtually -guarantees- someone who leaves is not coming back, ever.
The surprise subscription thing is one reason I will buy from a local shop, or Amazon, even if the prices are higher than a no-name site, just because there is less chance of fraud or spurious charges popping up, and any services that repeat that I do buy are easily cancelled.
I'm not sure what "laser walls" is going to accomplish. This technology isn't useful for security applications other than a basic "tripwire" (although movies love it because it looks cool.) All the bad guys have to do is figure out the beam's path, waltz around it, call it done. Or, send some animal to break the beam a few times. Worst case, fly a drone in and out of the beams just to be an annoyance.
Another item that can hang someone is browser fingerprinting. VM 1 from a Linux CD has a certain fingerprint, while the same machine hosts another VM with a different OS or web browser. It wouldn't be too hard to connect the dots, find VM1, find where VM 2 should be, then use a rubber hose to decrypt VM 2.
I don't think Android is going away anytime soon. Android watches are selling decently, and even though the smartphone market is saturated, Android is still a lead OS in that front. Google abandoning the device market would be like Apple walking away from iOS.
I can see Google putting more money behind agents (a concept that keeps being tried and falling on its face, but it might be with Moore's law, it actually becomes something that sticks.) If they are able to do this, it would mean a market that they would have, that almost nobody else would be in.
Of course, the "agent" idea sticks in my throat. It just seems like another way to slurp more info from users and sell it to whomever is willing to pay for it.
Bingo. I have a Mac where its primary purpose in life is to sync with iDevices and maintain a music stash, copy movies downloaded, and so on. I run Google and Amazon's "music sniffers" on it, so on my Android devices, I can download files from their services onto the device and use a decent player.
I miss the iTunes and how iOS 4.x and earlier synced. When the device was syncing, it wasn't a background task. Everything stopped on the iDevice. This way, it wouldn't hose up and have to start from the beginning, or the sync hangs indefinitely, and to get it working again, it would require a power cycle, like what happens fairly often with newer devices.
Even iTunes on iOS is beginning to smell. My music library is relegated to one small corner of the app, and oftentimes, I'm in rural areas, where attempting to stream Apple's music service will be an exercise in frustration.
Other than Square games, which tend to be worth the cash, I've found that after Apple introduced IAP, it entirely destroyed game quality on iOS, with Android quickly following when Google introduced their IAP API. Tower defense games went from decent to impossibly hard, expecting people to pay a few bucks for powerups every game. Virtually every game out there changed to F2P/P2W.
Sorry, I'm not buying $100 in smurfberries/brains to actually play a game to its conclusion. I'd rather just not bother playing a game on my mobile device, and just buy a game from GOG or Steam, which will be well worth the price of admission with gameplay.
One big issue with hidden containers is leakage. For example, say one uses a hidden container for a VM. If the tier 2 hypervisor program (VirtualBox, VMWare Workstation, etc.) keeps a history of what machines are in use, then a forensics person will start to wonder why there is a pointer to a VM, but no VM present, and depending on country, either tell the judge to get a search warrant and a contempt of court order started, or ask Bruno to do his warmup stretches for a session with his $5 wrench and rubber hose.
Similar with tossing Word documents into the container. Word keeps a recently used history, that can easily blow plausible deniability threads.
Of course, the answer would be hidden operating systems, but that functionality (AFAIK) has been dead and gone since the move from BIOS to UEFI.
Or a law gets passed that makes attacks on a robo-patrolling unit be able to be treated the same as if done to a human, with deadly force able to be used. This is already being proposed with K-9 units, so that someone who dispatches a dog would get capital murder.
This looks a lot like a Knightscope robot which is used to patrol Microsoft and Apple campuses. The robots in themselves at worst make a siren noise when toppled over, but are a good way to corner and take pictures of trespassers or would-be vandals.
Of course, the same concerns happen... what keeps someone from donning a hoodie and sky mask, shoving the thing over just as an act of vandalism? It will make noise, but by the time actual humans with weapons get there, the perps will be long gone.
This sounds like a 24 Hour Fitness in Austin. It has a track that flips directions on different days, with a fairly obvious sign pointing this out. Oddly enough, there is always that one person that just likes going the wrong way on the track even though they have to dodge everyone else.
Maybe it is practice for the hike and bike trails here.
In the past, it was legitimate. Don't copy media, sell it as theirs (as counterfeiting is truly theft.) However, as time has gone on, the bar for IP infringement has gone so low, that with the TTIP, some guy dressing up as Spiderman for a local comic convention can be hit with a six digit fine or prison term. Couple this with the Draconian technological enforcement (more than four people in front of an XBox, movie shuts off), and the spirit of the law has been destroyed. In the past, it was a copyright monopoly for "x" time, then it becomes public domain, for all to use.
The problem is that with extreme punishments (hundreds of millions of dollars for a few MP3 files), people start to have less respect for laws in general, and this not just affects IP law, but law and order as a gestalt.
In the early 2000s, had the RIAA not used heavy handed tactics, but went with tactics that MADD has used to sway public opinion, making the concept of copying MP3s for someone as odious as hitting the road after seven longnecks, things likely would be a lot different.
Depends on the attacks. Done right, with forward secrecy [1], the best an attacker could do is block communication. If an attacker gains control of an endpoint, it becomes much harder to ensure integrity.
However, protecting endpoints is a solved problem... Apple TV, and present gen consoles show that one can make a device extremely secure. Endpoint-wise, the application could be placed in the secure "world" of an ARM CPU with its keys, perhaps run on the equivalent of a "secure desktop" where no applications normally running on the OS can interfere with the messaging app or intercept the display or tapes.
I do agree, it would take more than just installing signal. At the minimum, it would take a custom ROM, ideally hardware that is vetted (and not made in a country where the chip masks get extra "features" added on that the maker didn't desire.)
I'd say Signal is almost perfect for this task. Some other items that would be useful:
1: Forward secrecy implemented in a fairly easy to use package. 2: To handle self-destructing items, have a private key that needs to be gone by a certain time encrypted by a second key. Have this second key split amongst x out of y nodes, via Shamir's Secret Sharing algorithm. Each node, once the expiration date passes, destroys the second key, so even if there are some nodes that are hacked to retain it, unless the system is so compromised that most of them keep the key and not expire it, the private key will be not recoverable. 3: Maybe consider going independent of the messaging system, and modify OpenPGP, perhaps with Saltpack's extensions. This way, secure messages can be sent via E-mail, SMS, WoW/whispers, FB PMs, carrier pigeons, or any other transport method. 4: Use blinding factors, similar to Chaum's eCash, so that entries can be made on the blockchain, but the identity of the transaction is protected.
There is always rolls of flexible solar panels, which is fairly inexpensive to deploy and can cover a large area. Toss some of those on a roof, add a PWM charger, have it charge a 12 volt AGM deep cycle battery or two, add an inverter, and one has a nice little circuit to handle the parasitic current draws like chargers.
We have built things faster, taller, stronger, than we are, by far. I think eventually an ASI (artificial superintelligence) isn't too far-fetched.
Can we do it with the current model of computers (Harvard architecture, von Neumann architecture)? Probably not, but the basic computer model can always be changed to make it better for having an AI, perhaps a more distributed architecture, along the lines of nerves and ganglia.
Slashdot Mirror
It winds up being pretty useful for more than just UNIX. I've found it a useful tool for checking out day to day work documents (spreadsheets, etc), because it gives version control, as well as a decent hedge against ransomware (well, until there a variant starts purging Git repos.) It also is useful for syncing with a master server, so regardless if one is on their desktop or laptop, they would have a recent working copy of their files... all they need to do is commit and push the repo when done with an editing session.
Git is too entrenched now for anything but something absolutely revolutionary to replace it. Heck, even Microsoft has it baked into VS and recommends people move to that. OS X also has Git support baked in if one decides to load XCode.
Replacing Git would be like trying to replace tar or bash. It -might- be possible, but in reality, it is virtually impossible for it to happen.
If I were the CEO of BitKeeper, I'd be looking at trying to make something to compete against GHE, GitLab, or Bitbucket, with a web UI that works extremely well, and priced exceedingly well, so it gets picked up and used everywhere.
A few weeks, I installed it to find and move an OS image. It didn't look like the traditional file manager... and instead of the regular Android filesystem, it only supported bouncing between user directories.
If this program is spewing ads, that is even worse, because in the past, I used to trust it with root. I guess I'll use the ancient Root File Explorer utility from now on.
I have debated if it is worth backing a machine up, upgrading to W10, then rolling back, so the BIOS ID is with MS and will auto-activate if I ever want to actually move to W10 for good.
On the other hand, a new copy of W10 Pro is two C-notes, likely less, and if I actually bother to get a VLK + SA, the point is completely moot.
Didn't Audi make a synthetic diesel that could be synthesized from CO2 (although to do so requires a good chunk of energy)?
Battery innovations are quite useful, but if we can pull a usable, energy-dense fuel from the air, this would help with sustainability. As an added bonus, it would be a carbon negative or at worst, carbon neutral.
Backing up isn't straightforward though, especially on Windows. Windows Server editions have a decent backup program (wbadmin), while the client side, the best out there is likely Veeam.
Even then, one needs to consider ransomware blowing away shares, so one needs to either backup the backups, use a WORM style for media, or use a pull based system like WHS. For a home user, arguably the best way to fix this is a NAS appliance that can pop snapshots of the shares, as well as back itself to an external HDD.
Of course, there is the biggest issue... I've seen rigorous backups done... but no restores tested, which lead to disaster down the road. Ideally, people need at least two different backup methods, so if something gets trashed, there is another available. Veeam on a BitLocker protected drive + Mozy might be one way. Time Machine and a cron job which dumps documents to a backup repository is another.
He was lucky to have backups. Not everyone has Time Machine set up and working. Not everyone sets up backups, so this could have been catastrophic, had it been someone less computer savvy.
Apple should expand their HomeKit IoT infrastructure to be farther reaching. Something that guarantees certified device "A" can communicate with device "B", as well as offer whatever functionality is wanted. Sell a hardened hub where devices communicate with that via Bluetooth, and the hub handles Internet communication. This way, individual endpoints are not exposed.
In return, vendors would have to keep devices updated for the lifetime of the item (no thermostats or burglar alarms being orphaned after 2-3 months), and it would be very well know that their certificates will get pulled if the "security has no ROI" philosophy pops up.
This is pretty much the only way we will see security in the IoT sector, similar to how PCI-DSS is pretty much the only real "regulation" with teeth in the financial sector, where a private company decides who gets to play in their playground, and who doesn't... no appeals possible.
Also check your credit record afterwards. Some places will put adverse entries on it once they realize they can't slurp from your account any more.
Oh, and this goes without saying... NEVER give a bank account ID. Even years after the account is closed, someone can draw from it, rendering the account negative, and if not paid in a week, making an entry onto ChexSystems, which ensures banks won't even open a checking account for the victim for seven years.
The thing about Amazon, Apple, Google, and Netflix's services is that they can be cancelled with a mouse click. In fact, it sounds odd, but it helps their customer sat, because if people find it easy to leave, they will be far more likely to come back. This is in stark contract to companies that would require you to call a special number and fight it out with some offshore rep to cancel the card. Having to sit on the telephone for hours on end virtually -guarantees- someone who leaves is not coming back, ever.
The surprise subscription thing is one reason I will buy from a local shop, or Amazon, even if the prices are higher than a no-name site, just because there is less chance of fraud or spurious charges popping up, and any services that repeat that I do buy are easily cancelled.
I'm not sure what "laser walls" is going to accomplish. This technology isn't useful for security applications other than a basic "tripwire" (although movies love it because it looks cool.) All the bad guys have to do is figure out the beam's path, waltz around it, call it done. Or, send some animal to break the beam a few times. Worst case, fly a drone in and out of the beams just to be an annoyance.
Another item that can hang someone is browser fingerprinting. VM 1 from a Linux CD has a certain fingerprint, while the same machine hosts another VM with a different OS or web browser. It wouldn't be too hard to connect the dots, find VM1, find where VM 2 should be, then use a rubber hose to decrypt VM 2.
I don't think Android is going away anytime soon. Android watches are selling decently, and even though the smartphone market is saturated, Android is still a lead OS in that front. Google abandoning the device market would be like Apple walking away from iOS.
I can see Google putting more money behind agents (a concept that keeps being tried and falling on its face, but it might be with Moore's law, it actually becomes something that sticks.) If they are able to do this, it would mean a market that they would have, that almost nobody else would be in.
Of course, the "agent" idea sticks in my throat. It just seems like another way to slurp more info from users and sell it to whomever is willing to pay for it.
Bingo. I have a Mac where its primary purpose in life is to sync with iDevices and maintain a music stash, copy movies downloaded, and so on. I run Google and Amazon's "music sniffers" on it, so on my Android devices, I can download files from their services onto the device and use a decent player.
I miss the iTunes and how iOS 4.x and earlier synced. When the device was syncing, it wasn't a background task. Everything stopped on the iDevice. This way, it wouldn't hose up and have to start from the beginning, or the sync hangs indefinitely, and to get it working again, it would require a power cycle, like what happens fairly often with newer devices.
Even iTunes on iOS is beginning to smell. My music library is relegated to one small corner of the app, and oftentimes, I'm in rural areas, where attempting to stream Apple's music service will be an exercise in frustration.
Already done... Cuphead comes to mind, although it isn't exactly B&W, it does have that 1930s mystique to it.
Other than Square games, which tend to be worth the cash, I've found that after Apple introduced IAP, it entirely destroyed game quality on iOS, with Android quickly following when Google introduced their IAP API. Tower defense games went from decent to impossibly hard, expecting people to pay a few bucks for powerups every game. Virtually every game out there changed to F2P/P2W.
Sorry, I'm not buying $100 in smurfberries/brains to actually play a game to its conclusion. I'd rather just not bother playing a game on my mobile device, and just buy a game from GOG or Steam, which will be well worth the price of admission with gameplay.
One big issue with hidden containers is leakage. For example, say one uses a hidden container for a VM. If the tier 2 hypervisor program (VirtualBox, VMWare Workstation, etc.) keeps a history of what machines are in use, then a forensics person will start to wonder why there is a pointer to a VM, but no VM present, and depending on country, either tell the judge to get a search warrant and a contempt of court order started, or ask Bruno to do his warmup stretches for a session with his $5 wrench and rubber hose.
Similar with tossing Word documents into the container. Word keeps a recently used history, that can easily blow plausible deniability threads.
Of course, the answer would be hidden operating systems, but that functionality (AFAIK) has been dead and gone since the move from BIOS to UEFI.
Or a law gets passed that makes attacks on a robo-patrolling unit be able to be treated the same as if done to a human, with deadly force able to be used. This is already being proposed with K-9 units, so that someone who dispatches a dog would get capital murder.
This looks a lot like a Knightscope robot which is used to patrol Microsoft and Apple campuses. The robots in themselves at worst make a siren noise when toppled over, but are a good way to corner and take pictures of trespassers or would-be vandals.
Of course, the same concerns happen... what keeps someone from donning a hoodie and sky mask, shoving the thing over just as an act of vandalism? It will make noise, but by the time actual humans with weapons get there, the perps will be long gone.
This sounds like a 24 Hour Fitness in Austin. It has a track that flips directions on different days, with a fairly obvious sign pointing this out. Oddly enough, there is always that one person that just likes going the wrong way on the track even though they have to dodge everyone else.
Maybe it is practice for the hike and bike trails here.
In the past, it was legitimate. Don't copy media, sell it as theirs (as counterfeiting is truly theft.) However, as time has gone on, the bar for IP infringement has gone so low, that with the TTIP, some guy dressing up as Spiderman for a local comic convention can be hit with a six digit fine or prison term. Couple this with the Draconian technological enforcement (more than four people in front of an XBox, movie shuts off), and the spirit of the law has been destroyed. In the past, it was a copyright monopoly for "x" time, then it becomes public domain, for all to use.
The problem is that with extreme punishments (hundreds of millions of dollars for a few MP3 files), people start to have less respect for laws in general, and this not just affects IP law, but law and order as a gestalt.
In the early 2000s, had the RIAA not used heavy handed tactics, but went with tactics that MADD has used to sway public opinion, making the concept of copying MP3s for someone as odious as hitting the road after seven longnecks, things likely would be a lot different.
Depends on the attacks. Done right, with forward secrecy [1], the best an attacker could do is block communication. If an attacker gains control of an endpoint, it becomes much harder to ensure integrity.
However, protecting endpoints is a solved problem... Apple TV, and present gen consoles show that one can make a device extremely secure. Endpoint-wise, the application could be placed in the secure "world" of an ARM CPU with its keys, perhaps run on the equivalent of a "secure desktop" where no applications normally running on the OS can interfere with the messaging app or intercept the display or tapes.
I do agree, it would take more than just installing signal. At the minimum, it would take a custom ROM, ideally hardware that is vetted (and not made in a country where the chip masks get extra "features" added on that the maker didn't desire.)
I'd say Signal is almost perfect for this task. Some other items that would be useful:
1: Forward secrecy implemented in a fairly easy to use package. /whispers, FB PMs, carrier pigeons, or any other transport method.
2: To handle self-destructing items, have a private key that needs to be gone by a certain time encrypted by a second key. Have this second key split amongst x out of y nodes, via Shamir's Secret Sharing algorithm. Each node, once the expiration date passes, destroys the second key, so even if there are some nodes that are hacked to retain it, unless the system is so compromised that most of them keep the key and not expire it, the private key will be not recoverable.
3: Maybe consider going independent of the messaging system, and modify OpenPGP, perhaps with Saltpack's extensions. This way, secure messages can be sent via E-mail, SMS, WoW
4: Use blinding factors, similar to Chaum's eCash, so that entries can be made on the blockchain, but the identity of the transaction is protected.
There is always rolls of flexible solar panels, which is fairly inexpensive to deploy and can cover a large area. Toss some of those on a roof, add a PWM charger, have it charge a 12 volt AGM deep cycle battery or two, add an inverter, and one has a nice little circuit to handle the parasitic current draws like chargers.
We have built things faster, taller, stronger, than we are, by far. I think eventually an ASI (artificial superintelligence) isn't too far-fetched.
Can we do it with the current model of computers (Harvard architecture, von Neumann architecture)? Probably not, but the basic computer model can always be changed to make it better for having an AI, perhaps a more distributed architecture, along the lines of nerves and ganglia.